-
Notifications
You must be signed in to change notification settings - Fork 10
/
slapd-cli.conf
129 lines (120 loc) · 4.44 KB
/
slapd-cli.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
#====================================================================
# Configuration example of OpenLDAP's init script
#====================================================================
# Networking parameters
IP="*"
PORT="389"
SSLIP="*"
SSLPORT="636"
PIP="*"
PPORT="8389"
PSSLIP="*"
PSSLPORT="8636"
LDAPI_SOCKETDIR="/var/run/slapd"
LDAPI_SOCKETURL="%2Fvar%2Frun%2Fslapd%2Fldapi"
LDAPI_SOCKETMODE=""
LDAPI_SOCKETUSER=""
LDAPI_SOCKETGROUP=""
SLAPD_SERVICES="ldap://$IP:$PORT ldaps://$SSLIP:$SSLPORT ldapi://$LDAPI_SOCKETURL"
# For enabling HAProxy proxy protocol, add pldap and/or pldaps endpoint as below
#SLAPD_SERVICES="ldap://$IP:$PORT ldaps://$SSLIP:$SSLPORT ldapi://$LDAPI_SOCKETURL pldap://$PIP:$PPORT pldaps://$PSSLIP:$PSSLPORT"
# OpenLDAP directories and files
SLAPD_PATH="/usr/local/openldap"
DATA_PATH="auto"
SLAPD_PID_FILE="$SLAPD_PATH/var/run/slapd.pid"
SLAPD_CONF="$SLAPD_PATH/etc/openldap/slapd.conf"
SLAPD_CONF_DIR=""
SLAPD_BIN="$SLAPD_PATH/libexec/slapd"
SLAPD_PARAMS=""
SLAPD_MODULEDIR="$SLAPD_PATH/libexec/openldap"
SLAPADD_BIN="$SLAPD_PATH/sbin/slapadd"
SLAPADD_PARAMS="-q"
SLAPCAT_BIN="$SLAPD_PATH/sbin/slapcat"
SLAPCAT_PARAMS="-o ldif-wrap=no"
SLAPINDEX_BIN="$SLAPD_PATH/sbin/slapindex"
SLAPTEST_BIN="$SLAPD_PATH/sbin/slaptest"
LDAPSEARCH_BIN="${SLAPD_PATH}/bin/ldapsearch"
LDAPSEARCH_PARAMS=""
# Other options for slapd launch
SLAPD_USER=""
SLAPD_GROUP=""
SLAPD_SYSLOG_LOCAL_USER="local4"
TIMEOUT="30" # Max time to stop process
FD_LIMIT="1024" # Max file descriptor
DEBUG_LEVEL="256" # Debug loglevel
TOLERANCE_CSN=1000000 # 1s of tolerance when comparing contextCSN
CONVERT_CONF_AT_STARTUP=""
SLAPD_VERSION="2.5" # OpenLDAP version: major.minor (don't include .patch)
# Backup
BACKUP_AT_SHUTDOWN="0"
BACKUP_PATH="$SLAPD_PATH/var/save"
BACKUP_SUFFIX="`date +%Y%m%d%H%M%S`.ldif"
BACKUP_COMPRESS_EXT="" # gz, bz2, ...
BACKUP_COMPRESS_BIN="" # /bin/gzip, /bin/bzip2, ...
BACKUP_UNCOMPRESS_BIN="" # /bin/gunzip, /bin/bunzip2, ...
BACKUP_CONFIG_DELETE_AFTER_DAYS=""
BACKUP_DATA_DELETE_AFTER_DAYS=""
UMASK="umask"
MASK="0027"
SYSTEMD_SERVICE_NAME=slapd-ltb
SYSTEMD_LLOAD_SERVICE_NAME=lload-ltb
# Data provisioning
DATA_TEMPLATE_FILE="data-template-${SLAPD_VERSION}.ldif"
DATA_SUFFIX="dc=my-domain,dc=com"
DATA_ORGANIZATION="My Organization"
DATA_SERVICEACCOUNT_DN="cn=my-account,ou=accounts,ou=infrastructure,${DATA_SUFFIX}"
DATA_SERVICEACCOUNT_PW="secret"
# Add automatically any number of admins and users
# syntax for admins: DATA_ADMIN_<USER>_<ATTR>
# syntax for users: DATA_USER_<USER>_<ATTR>
# where <ATTR> is one of DN, PW, UID, SN, GN or MAIL
# and <USER> is any unique value (not used for provisionning)
DATA_ADMIN_DJACKSON_DN="uid=daniel.jackson,ou=people,${DATA_SUFFIX}"
DATA_ADMIN_DJACKSON_PW="secret"
DATA_ADMIN_DJACKSON_UID="daniel.jackson"
DATA_ADMIN_DJACKSON_SN="Jackson"
DATA_ADMIN_DJACKSON_GN="Daniel"
DATA_ADMIN_DJACKSON_MAIL="[email protected]"
DATA_USER_JONEILL_DN="uid=jack.oneill,ou=people,${DATA_SUFFIX}"
DATA_USER_JONEILL_PW="secret"
DATA_USER_JONEILL_UID="jack.oneill"
DATA_USER_JONEILL_SN="O Neill"
DATA_USER_JONEILL_GN="Jack"
DATA_USER_JONEILL_MAIL="[email protected]"
DATA_USER_SCARTER_DN="uid=samantha.carter,ou=people,${DATA_SUFFIX}"
DATA_USER_SCARTER_PW="secret"
DATA_USER_SCARTER_UID="samantha.carter"
DATA_USER_SCARTER_SN="Carter"
DATA_USER_SCARTER_GN="Samantha"
DATA_USER_SCARTER_MAIL="[email protected]"
DATA_USER_TEALC_DN="uid=tealc,ou=people,${DATA_SUFFIX}"
DATA_USER_TEALC_PW="secret"
DATA_USER_TEALC_UID="tealc"
DATA_USER_TEALC_SN="Jaffa"
DATA_USER_TEALC_GN="TealC"
DATA_USER_TEALC_MAIL="[email protected]"
DATA_ORGANIZATIONS="SG1,SG2"
# Config provisioning
CONFIG_FLAT_TEMPLATE_FILE="config-template-${SLAPD_VERSION}.conf"
CONFIG_LDIF_TEMPLATE_FILE="config-template-${SLAPD_VERSION}.ldif"
CONFIG_SUFFIX="dc=my-domain,dc=com"
CONFIG_FQDN="ldap.my-domain.com"
CONFIG_LOGLEVEL="256"
CONFIG_LOGFILE="/var/log/slapd-ltb/slapd.log"
CONFIG_MANAGERROOTDN="cn=Manager,dc=my-domain,dc=com"
CONFIG_MANAGERROOTPW="secret"
CONFIG_CONFIGROOTDN="cn=config"
CONFIG_CONFIGROOTPW="secret"
CONFIG_MONITORROOTDN="cn=monitor"
CONFIG_MONITORROOTPW="secret"
CONFIG_DATADIR="${SLAPD_PATH}/var/openldap-data"
# lload
LLOAD_IP="*"
LLOAD_PORT="3389"
LLOAD_SSLIP="*"
LLOAD_SSLPORT="6636"
LLOAD_SOCKETURL="%2Fvar%2Frun%2Fslapd%2Flload"
LLOAD_SERVICES="ldap://${LLOAD_IP}:${LLOAD_PORT} ldaps://${LLOAD_SSLIP}:${LLOAD_SSLPORT} ldapi://$LLOAD_SOCKETURL"
LLOAD_PID_FILE="$SLAPD_PATH/var/run/lload.pid"
LLOAD_CONF="$SLAPD_PATH/etc/openldap/lload.conf"
LLOAD_CONF_DIR=""