Hallo zusammen,
am Samstag, 9. Oktober 2010 schrieb Gordon Messmer:
> At a minimum, we'd need all of the ACLs from your configuration file.
> It'd be best to post the whole thing, minus any passwords that appear
> therein.
Thanks for helping. Here is my slapd.conf. Configuration is as I said quite
standard. I did not change very much from the default:
include /etc/openldap/schema/corba.schema
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/duaconf.schema
include /etc/openldap/schema/dyngroup.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/java.schema
include /etc/openldap/schema/misc.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/openldap.schema
include /etc/openldap/schema/ppolicy.schema
include /etc/openldap/schema/collective.schema
allow bind_v2
pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args
TLSCACertificateFile /etc/pki/tls/certs/ca-bundle.crt
TLSCertificateFile /etc/pki/tls/certs/slapd.pem
TLSCertificateKeyFile /etc/pki/tls/certs/slapd.pem
database bdb
suffix "dc=teraphim,dc=de"
checkpoint 1024 15
rootdn "cn=Manager,dc=teraphim,dc=de"
rootpw {SSHA}xxx
directory /var/lib/ldap
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
database monitor
access to *
by dn.exact="cn=root,dc=teraphim,dc=de" read
by * none
access to attrs=userPassword
by dn.base="cn=Manager,dc=teraphim,dc=de" write
by anonymous auth
by self write
by * none
access to attrs=shadowLastChange
by self write
by * read
access to *
by self write
by * read
---
Hope it helps.
Cheers
Volker
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
