# Calculate path=/etc/openldap format=ldap chmod=0640 chown=root:ldap append=replace merge(net-nds/openldap)!=
include		/etc/openldap/schema/core.schema
include		/etc/openldap/schema/cosine.schema
include		/etc/openldap/schema/nis.schema
include		/etc/openldap/schema/inetorgperson.schema
include		/etc/openldap/schema/misc.schema

pidfile		/var/run/openldap/slapd.pid
argsfile	/var/run/openldap/slapd.arg

# Уровень отладочных сообщений
loglevel	0
allow		bind_v2
#?os_install_arch_machine==i686#
modulepath	/usr/lib/openldap/openldap
#os_install_arch_machine#
#?os_install_arch_machine==x86_64#
modulepath	/usr/lib64/openldap/openldap
#os_install_arch_machine#

database	bdb
suffix		"#-ld_base_dn-#"
#?cl_ldap_preconfigure_set==on#
rootdn		"#-ld_temp_dn-#"
rootpw		#-ld_temp_hash-#
#cl_ldap_preconfigure_set#
checkpoint	1024	5
cachesize	10000
# Размер ответа на запрос
sizelimit	unlimited
directory	/var/lib/openldap-data

index	objectClass	eq
index	cn		pres,sub,eq
index	sn		pres,sub,eq
index	uid		pres,sub,eq
index	uidNumber	eq
index	gidNumber	eq
index	default		sub

# Доступ к аттрибуту userPassword
access to attrs=userPassword
    by dn="#-ld_admin_dn-#" write

# Доступ к администратору сервера LDAP
access to dn.base="#-ld_admin_dn-#"
    by dn="#-ld_admin_dn-#" write
    by * none

# Доступ пользователю только для просмотра
access to dn.base="#-ld_bind_dn-#"
    by dn="#-ld_admin_dn-#" write
    by dn="#-ld_bind_dn-#" read
    by * none