1# consumer slapd config -- for testing of replication 2# $OpenLDAP$ 3## This work is part of OpenLDAP Software <http://www.openldap.org/>. 4## 5## Copyright 1998-2021 The OpenLDAP Foundation. 6## All rights reserved. 7## 8## Redistribution and use in source and binary forms, with or without 9## modification, are permitted only as authorized by the OpenLDAP 10## Public License. 11## 12## A copy of this license is available in the file LICENSE in the 13## top-level directory of the distribution or, alternatively, at 14## <http://www.OpenLDAP.org/license.html>. 15 16include @SCHEMADIR@/core.schema 17include @SCHEMADIR@/cosine.schema 18include @SCHEMADIR@/inetorgperson.schema 19include @SCHEMADIR@/openldap.schema 20include @SCHEMADIR@/nis.schema 21# 22pidfile @TESTDIR@/slapd.2.pid 23argsfile @TESTDIR@/slapd.2.args 24 25#mod#modulepath ../servers/slapd/back-@BACKEND@/ 26#mod#moduleload back_@BACKEND@.la 27#ldapmod#modulepath ../servers/slapd/back-ldap/ 28#ldapmod#moduleload back_ldap.la 29 30#ldapyes#overlay chain 31#ldapyes#chain-uri @URI1@ 32#ldapyes#chain-idassert-bind bindmethod=simple binddn="cn=Manager,dc=example,dc=com" credentials=secret mode=self 33#ldapmod#overlay chain 34#ldapmod#chain-uri @URI1@ 35#ldapmod#chain-idassert-bind bindmethod=simple binddn="cn=Manager,dc=example,dc=com" credentials=secret mode=self 36 37####################################################################### 38# database definitions 39####################################################################### 40 41access to dn.base="" attrs=children 42 by dn.exact="cn=Monitor" write 43 by * break 44 45access to * 46 by * read 47 48database @BACKEND@ 49 50suffix "dc=example,dc=com" 51rootdn "cn=consumer,dc=example,dc=com" 52rootpw secret 53# HACK: use the RootDN of the monitor database as UpdateDN so ACLs apply 54# without the need to write the UpdateDN before starting replication 55updatedn "cn=Monitor" 56updateref @URI1@ 57#null#bind on 58#~null~#directory @TESTDIR@/db.2.a 59#indexdb#index objectClass eq 60#indexdb#index cn,sn,uid pres,eq,sub 61#indexdb#index entryUUID pres,eq 62#ndb#dbname db_2 63#ndb#include @DATADIR@/ndb.conf 64 65# Need to strip hasSubordinates from internal searches otherwise 66# syncrepl will try to delete it, since syncprov is not sending 67# it because it's generated 68access to dn.subtree="dc=example,dc=com" attrs=hasSubordinates 69 by dn.exact="cn=Monitor" none 70 by * read 71 72access to dn.subtree="dc=example,dc=com" 73 by dn.exact="cn=Monitor" write 74 by * read 75 76database monitor 77rootdn "cn=Monitor" 78rootpw monitor 79