X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=userdir-ldap-slapd.conf.in;h=796420290d2dc6c450fefcdbc7a3b434436d25a8;hb=d355ef6e793853db50849d19a5c53bbb2b7c5871;hp=9cfda02692158c65519b468937d62b4d4b502715;hpb=91e87667ac77b0814130822608305c7c689e815f;p=mirror%2Fuserdir-ldap.git

diff --git a/userdir-ldap-slapd.conf.in b/userdir-ldap-slapd.conf.in
index 9cfda02..7964202 100644
--- a/userdir-ldap-slapd.conf.in
+++ b/userdir-ldap-slapd.conf.in
@@ -1,5 +1,5 @@
 # The backend type, ldbm, is the default standard
-database bdb
+database hdb
 
 # The base of your directory
 suffix          "@@DN@@"
@@ -8,16 +8,9 @@ suffix          "@@DN@@"
 directory       "/var/lib/ldap"
 
 # Indexing options
-index uid eq
-index keyfingerprint eq
-index cn,sn sub,eq
-index dnsZoneEntry eq
-index uidNumber eq
-index gidNumber eq
-index ircNick sub,eq
-index c eq
-index gender eq
-index birthDate eq
+index gecos,cn,sn,uid,ircNick,hostname,emailForward pres,eq,sub,approx
+index keyfingerprint,homeDirectory,objectClass,loginShell,supplementaryGid pres,eq
+index c,gender,dnsZoneEntry,birthDate,gidNumber,uidNumber pres,eq
 
 # Don't limit queries to the default of 500
 sizelimit 10000
@@ -26,12 +19,18 @@ sizelimit 10000
 lastmod on
 
 # owner writeable
-access to attrs=userPassword,sshrsaauthkey
+access to attrs=userPassword,sudoPassword,bATVToken
 	by group="cn=LDAP Administrator,ou=users,@@DN@@" write
 	by dn="uid=sshdist,ou=users,@@DN@@"  write
 	by self write
 	by * compare
 
+access to attrs=sshrsaauthkey
+	by group="cn=LDAP Administrator,ou=users,@@DN@@" write
+	by dn="uid=sshdist,ou=users,@@DN@@"  write
+	by self read
+	by * compare
+
 # debian readable
 access to attrs=activity-pgp,activity-from,dnsZoneEntry
 	by group="cn=LDAP Administrator,ou=users,@@DN@@" write
@@ -43,7 +42,7 @@ access to attrs=activity-pgp,activity-from,dnsZoneEntry
 	by * none
 
 # owner writeable, debian readable, authenticated user readable
-access to attrs=c,l,loginShell,ircNick,labeledURI,icqUIN,jabberJID,onVacation,birthDate,mailDisableMessage,gender,emailforward,mailCallout,mailGreylisting,mailRBL,mailRHSBL,mailWhitelist
+access to attrs=c,l,loginShell,ircNick,labeledURI,icqUIN,jabberJID,onVacation,birthDate,mailDisableMessage,gender,emailforward,mailCallout,mailGreylisting,mailRBL,mailRHSBL,mailWhitelist,mailContentInspectionAction,mailDefaultOptions
 	by group="cn=LDAP Administrator,ou=users,@@DN@@" write
 	by dn="uid=sshdist,ou=users,@@DN@@" write
 	by self write