Most of the configuration of the ldap server has to do with getting correct
access controls to keep the data safe. Here is a sample:
+
+# only allow plain text auth when we do crypto
+security simple_bind=128
+
+# and the database definition
+database bdb
+
# Turn on automatic last modification time
lastmod on
by dn="uid=admin,ou=users,dc=debian,dc=org" write
by group="uid=admin,ou=users,dc=debian,dc=org" write
+# Overlays are useful to enforce constraints:
+
+moduleload /usr/lib/ldap/unique.so
+overlay unique
+unique_uri ldap:///ou=users,dc=debian,dc=org?uidNumber,uid,keyFingerPrint?sub
+unique_uri ldap:///ou=groups,dc=debian,dc=org?gidNumber,cn?sub
+
# End----------
Note that in more modern versions of slapd, the "by addr" and "by domain"
projects / mirror / userdir-ldap.git / blobdiff