Lørdag 30 juni 2007 17:56, skrev Andreas Schockenhoff: > Hi, > > Am Donnerstag, den 28.06.2007, 20:25 +0200 schrieb Holger Levsen: > > Ergo: testet und benutzt lwat (das Default-LDAP-Admintool von > > Debian-edu etch), meldet Probleme/Missing Features, damit lwat noch > > besser zu benutzen ist. > > Momentan ist etch-test wohl kaputt. > > Kein login in lwat möglich. Wahrscheinlich weil slapd.conf geändert > wurde. Kann ich momentan nicht nachvollziehen weil ich keine alte > slapd.conf mehr habe. > > Kann mir einer eine von RC3 zusenden? Dann kann ich mal schauen ob > die Vermutung stimmt. > > -- > bye Andreas This slapd.conf is from RC3. -- Klaus Ade 67E61D18B2C44F8A3DA35C6D849F9F5F 26FA477D
# Allow LDAPv2 binds allow bind_v2 # The skolelinux slapd configuration file # # $Id: slapd-skolelinux.conf,v 1.7 2003/06/27 14:47:20 pere Exp $ # Schema and objectClass definitions include /etc/ldap/schema/core.schema include /etc/ldap/schema/cosine.schema include /etc/ldap/schema/nis.schema include /etc/ldap/schema/courier.schema include /etc/ldap/schema/automount.schema include /etc/ldap/schema/inetorgperson.schema include /etc/ldap/schema/samba.schema include /etc/ldap/schema/lis.schema # Schema check allows for forcing entries to # match schemas for their objectClasses's schemacheck on # Where the pid file is put. The init.d script # will not stop the server if you change this. pidfile /var/run/slapd/slapd.pid # Read slapd.conf(5) for possible values #loglevel 65535 loglevel 0 # TLS/SSL TLSCipherSuite HIGH:MEDIUM:SSLv2 TLSCACertificateFile /etc/ldap/ssl/slapd.pem TLSCertificateKeyFile /etc/ldap/ssl/slapd.pem TLSCertificateFile /etc/ldap/ssl/slapd.pem #TLSCACertificateFile /var/lib/pyca/Root/cacert.pem #TLSCertificateKeyFile /var/lib/pyca/ServerCerts/private/cakey.pem #TLSCertificateFile /var/lib/pyca/ServerCerts/cacert.pem modulepath /usr/lib/ldap moduleload back_bdb moduleload back_monitor defaultsearchbase "dc=skole,dc=skolelinux,dc=no" security update_ssf=128 simple_bind=128 backend bdb backend monitor ####################################################################### # ldbm database definitions ####################################################################### # The backend type, ldbm, is the default standard database bdb # Set the database in memory cache size. # cachesize 4000 dbnosync sizelimit 4000 # First database suffix "dc=skole,dc=skolelinux,dc=no" rootdn "cn=admin,ou=People,dc=skole,dc=skolelinux,dc=no" # Where the database file are physically stored directory "/var/lib/ldap" # Indices to maintain index objectClass pres,eq index cn,sn,ou pres,eq,sub index uid pres,eq,sub index groupType eq index uidNumber eq index gidNumber eq index memberUid eq index default eq #for some clients, even if not used index givenname eq index displayName eq index telephoneNumber eq # Save the time that the entry gets modified lastmod on # Webmin-ldap-skolelinux use TLS, and PAM authentication use SSL # The ssf=128 option is to be used when SL bug 213 and 404 are closed. # access to dn.base="cn=admin,ou=People,dc=skole,dc=skolelinux,dc=no" by dn.exact="cn=admin,ou=People,dc=skole,dc=skolelinux,dc=no" ssf=128 =wx by * none break access to * by group/lisAclGroup/member="cn=admins,ou=Group,dc=skole,dc=skolelinux,dc=no" ssf=128 =w by dn.exact="cn=admin,ou=People,dc=skole,dc=skolelinux,dc=no" ssf=128 =w by * none break access to dn.base="cn=nextID,ou=Variables,dc=skole,dc=skolelinux,dc=no" attrs=gidNumber by dn.exact="cn=smbadmin,ou=People,dc=skole,dc=skolelinux,dc=no" ssf=128 write by * read access to attrs=userPassword by self ssf=128 =wx by anonymous ssf=128 auth by group/lisAclGroup/member="cn=jradmins,ou=Group,dc=skole,dc=skolelinux,dc=no" ssf=128 =w by * none access to attrs=shadowLastChange by self ssf=128 =w by group/lisAclGroup/member="cn=jradmins,ou=Group,dc=skole,dc=skolelinux,dc=no" ssf=128 =w by * none # # Ensure samba password hashes. # # Restricted access to some samba attributes # (allow access for admin to don't break old installations) access to attrs=sambaLMPassword,sambaNTPassword by self ssf=128 =w by dn.exact="cn=smbadmin,ou=People,dc=skole,dc=skolelinux,dc=no" ssf=128 =wr by group/lisAclGroup/member="cn=jradmins,ou=Group,dc=skole,dc=skolelinux,dc=no" ssf=128 =w by * none access to attrs=sambaPwdLastSet,sambaPwdCanChange by self ssf=128 =wr by dn.exact="cn=smbadmin,ou=People,dc=skole,dc=skolelinux,dc=no" ssf=128 =wr by group/lisAclGroup/member="cn=jradmins,ou=Group,dc=skole,dc=skolelinux,dc=no" ssf=128 =w by * read # Access to samba attributs access to attrs=objectClass,sambaSID,sambaPrimaryGroupSID,displayName,sambaPwdMustChange,sambaAcctFlags,sambaGroupType,sambaPasswordHistory,sambaNextRid by dn.exact="cn=smbadmin,ou=People,dc=skole,dc=skolelinux,dc=no" ssf=128 =wsr by * read # We store machine-accounts for samba in a private ou access to dn.sub="ou=Machines,ou=People,dc=skole,dc=skolelinux,dc=no" by dn.exact="cn=smbadmin,ou=People,dc=skole,dc=skolelinux,dc=no" ssf=128 =wsr by * read # Defaultaccess access to * by * read # Last database.. back-monitor is nice to have. Use 'cn=monitor' as base database monitor # End of ldapd configuration file
Attachment:
pgpz7Tx64QwsY.pgp
Description: PGP signature