Domovská stránka Prehľadávať Pomoc
Prihlásiť sa
mirrors
/
gogs
zrkadlo https://github.com/gogs/gogs
2
0
Fork 0
Súbory Issues 0 Wiki
Strom: a301c7ed26
Branche Tagy
gogs
/
modules
/
ldap
/
_examples
/
slapd.conf

slapd.conf 2.2 KB
História Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667 
  1. #
    2. 

  2. # See slapd.conf(5) for details on configuration options.
    3. 

  3. # This file should NOT be world readable.
    4. 

  4. #
    5. 

  5. include		/private/etc/openldap/schema/core.schema
    6. 

  6. include 	/private/etc/openldap/schema/cosine.schema
    7. 

  7. include		/private/etc/openldap/schema/inetorgperson.schema
    8. 

  8. 

  9. # Define global ACLs to disable default read access.
    10. 

  10. 

  11. # Do not enable referrals until AFTER you have a working directory
    12. 

  12. # service AND an understanding of referrals.
    13. 

  13. #referral	ldap://root.openldap.org
    14. 

  14. 

  15. pidfile		/private/var/db/openldap/run/slapd.pid
    16. 

  16. argsfile	/private/var/db/openldap/run/slapd.args
    17. 

  17. 

  18. # Load dynamic backend modules:
    19. 

  19. # modulepath	/usr/libexec/openldap
    20. 

  20. # moduleload	back_bdb.la
    21. 

  21. # moduleload	back_hdb.la
    22. 

  22. # moduleload	back_ldap.la
    23. 

  23. 

  24. # Sample security restrictions
    25. 

  25. #	Require integrity protection (prevent hijacking)
    26. 

  26. #	Require 112-bit (3DES or better) encryption for updates
    27. 

  27. #	Require 63-bit encryption for simple bind
    28. 

  28. # security ssf=1 update_ssf=112 simple_bind=64
    29. 

  29. 

  30. # Sample access control policy:
    31. 

  31. #	Root DSE: allow anyone to read it
    32. 

  32. #	Subschema (sub)entry DSE: allow anyone to read it
    33. 

  33. #	Other DSEs:
    34. 

  34. #		Allow self write access
    35. 

  35. #		Allow authenticated users read access
    36. 

  36. #		Allow anonymous users to authenticate
    37. 

  37. #	Directives needed to implement policy:
    38. 

  38. # access to dn.base="" by * read
    39. 

  39. # access to dn.base="cn=Subschema" by * read
    40. 

  40. # access to *
    41. 

  41. #	by self write
    42. 

  42. #	by users read
    43. 

  43. #	by anonymous auth
    44. 

  44. #
    45. 

  45. # if no access controls are present, the default policy
    46. 

  46. # allows anyone and everyone to read anything but restricts
    47. 

  47. # updates to rootdn.  (e.g., "access to * by * read")
    48. 

  48. #
    49. 

  49. # rootdn can always read and write EVERYTHING!
    50. 

  50. 

  51. #######################################################################
    52. 

  52. # BDB database definitions
    53. 

  53. #######################################################################
    54. 

  54. 

  55. database	bdb
    56. 

  56. suffix		"dc=enterprise,dc=org"
    57. 

  57. rootdn		"cn=admin,dc=enterprise,dc=org"
    58. 

  58. # Cleartext passwords, especially for the rootdn, should
    59. 

  59. # be avoid.  See slappasswd(8) and slapd.conf(5) for details.
    60. 

  60. # Use of strong authentication encouraged.
    61. 

  61. rootpw		{SSHA}laO00HsgszhK1O0Z5qR0/i/US69Osfeu
    62. 

  62. # The database directory MUST exist prior to running slapd AND 
    63. 

  63. # should only be accessible by the slapd and slap tools.
    64. 

  64. # Mode 700 recommended.
    65. 

  65. directory	/private/var/db/openldap/openldap-data
    66. 

  66. # Indices to maintain
    67. 

  67. index	objectClass	eq
    68.