include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/openldap.schema include /etc/openldap/schema/misc.schema include /etc/openldap/schema/fusiondirectory/rfc2307bis.schema include /etc/openldap/schema/fusiondirectory/samba.schema include /etc/openldap/schema/fusiondirectory/samba-fd-conf.schema include /etc/openldap/schema/fusiondirectory/core-fd-conf.schema include /etc/openldap/schema/fusiondirectory/core-fd.schema include /etc/openldap/schema/fusiondirectory/ldapns.schema include /etc/openldap/schema/fusiondirectory/recovery-fd.schema include /etc/openldap/schema/fusiondirectory/dnszone.schema include /etc/openldap/schema/fusiondirectory/dhcp-fd.schema include /etc/openldap/schema/fusiondirectory/dsa-fd-conf.schema include /etc/openldap/schema/fusiondirectory/mime-fd.schema include /etc/openldap/schema/fusiondirectory/service-fd.schema include /etc/openldap/schema/fusiondirectory/systems-fd-conf.schema include /etc/openldap/schema/fusiondirectory/openssh-lpk.schema include /etc/openldap/schema/fusiondirectory/systems-fd.schema include /etc/openldap/schema/fusiondirectory/mail-fd.schema include /etc/openldap/schema/fusiondirectory/mail-fd-conf.schema include /etc/openldap/schema/fusiondirectory/alias-fd-conf.schema include /etc/openldap/schema/fusiondirectory/alias-fd.schema password-hash {SSHA} pidfile /var/run/openldap/slapd.pid loglevel 256 modulepath /usr/lib64/openldap moduleload back_hdb moduleload memberof database monitor database hdb mode 0600 suffix dc=firewall-services,dc=com rootdn cn=admin,dc=firewall-services,dc=com rootpw __LDAP_SECRET__ directory /var/lib/ldap cachesize 10000 checkpoint 128 15 index uid,mail eq,sub index cn,sn,givenName,ou pres,eq,sub index objectClass pres,eq index uidNumber,gidNumber,memberuid,member eq index gosaSubtreeACL,gosaObject,gosaUser pres,eq index sambaSID eq,sub index sambaPrimaryGroupSID eq index sambaDomainName eq index sambaGroupType eq index sambaSIDList eq index zoneName eq index relativeDomainName eq index dhcpHWAddress eq index dhcpClassData eq index dhcpPrimaryDN eq index dhcpSecondaryDN eq index dhcpServerDN eq index dhcpFailOverPeerDN eq access to attrs=userPassword,sambaLmPassword,sambaNtPassword by dn=cn=samba,ou=DSA,dc=firewall-services,dc=com write by anonymous auth by self write by * none access to attrs=sambaAcctFlags,sambaBadPasswordCount,sambaBadPasswordTime,sambaKickoffTime,sambaLogoffTime,sambaLogonHours,sambaPasswordHistory,sambaSID,sambaPrimaryGroupSID,sambaPwdCanChange,sambaPwdLastSet,sambaPwdMustChange,sambaUserWorkstations,sambaSIDList,sambaGroupType,sambaMungedDial,sambaLogonHours,sambaLogonTime,sambaDomainName,sambaHomePath,sambaHomeDrive by dn=cn=samba,ou=DSA,dc=firewall-services,dc=com write by group.exact="cn=admins,ou=Groups,dc=firewall-services,dc=com" write by self read by * none access to filter=(objectClass=sambaDomain) by dn=cn=samba,ou=DSA,dc=firewall-services,dc=com write by group.exact="cn=admins,ou=Groups,dc=firewall-services,dc=com" write by * none access to dn.subtree=ou=Computers,ou=systems,dc=firewall-services,dc=com by dn=cn=samba,ou=DSA,dc=firewall-services,dc=com write by group.exact="cn=admins,ou=Groups,dc=firewall-services,dc=com" write by * none access to attrs=loginShell,gidNumber,homeDirectory,uidNumber,shadowExpire,shadowFlag,shadowInactive,shadowLastChange,shadowMax,shadowMin,shadowWarning by dn=cn=samba,ou=DSA,dc=firewall-services,dc=com write by self read by dn="cn=unix,ou=DSA,dc=firewall-services,dc=com" read access to dn.subtree=ou=DSA,dc=firewall-services,dc=com by group.exact="cn=admins,ou=Groups,dc=firewall-services,dc=com" write by * none access to dn.base=dc=firewall-services,dc=com by * read access to dn.subtree=ou=systems,dc=firewall-services,dc=com filter=(objectClass=dNSZone) by group.exact="cn=admins,ou=Groups,dc=firewall-services,dc=com" write by dn="cn=dns,ou=DSA,dc=firewall-services,dc=com" read by * none access to dn.regex="^.*,ou=(People|Groups),dc=firewall-services,dc=org" by * read access to * by users read by anonymous auth