-TLSCipherSuite HIGH:MEDIUM:+SSLv3
-TLSCertificateFile /etc/ldap/TLS/ldapserver.crt
-TLSCertificateKeyFile /etc/ldap/TLS/ldapserver.key
-TLSCACertificateFile /etc/ldap/TLS/ca.crt
+#TLSCipherSuite HIGH:MEDIUM:+SSLv3
+#TLSCertificateFile /etc/ldap/TLS/ldapserver.crt
+#TLSCertificateKeyFile /etc/ldap/TLS/ldapserver.key
+#TLSCACertificateFile /etc/ldap/TLS/ca.crt
-allow bind_v2
-allow update_anon
+#allow bind_v2
+disallow bind_anon tls_2_anon
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
-include /etc/ldap/schema/dnsdomain2.schema
-include /etc/ldap/schema/sendmail.schema
include /etc/ldap/schema/misc.schema
-include /etc/ldap/schema/ISPEnv2.schema
include /etc/ldap/schema/local.schema
-include /etc/ldap/schema/mod_vhost_ldap.schema
-include /home/pwadas/workspace/mod-vhost-ldap/apache_ext.schema
-#include /etc/ldap/schema/samba.schema
+include /etc/ldap/schema/mod_vhost_ldap.schema
+include /etc/ldap/schema/apache_ext.schema
+include /etc/ldap/schema/apache_alias.schema
pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd.args
backend bdb
schemacheck on
-checkpoint 512 30
+checkpoint 1 5
-#sumuja sie - np. 512+128
+#sum values as ldap level
# 1 trace function calls
# 2 debug packet handling
# 4 heavy trace debugging
# 1024 print communication with shell backends
# 2048 entry parsing
-loglevel 256
-#loglevel 0
+#loglevel 768
+loglevel 0
database bdb
lastmod on
suffix "dc=ROOT"
directory "/var/lib/ldap"
+sizelimit unlimited
+timelimit unlimited
-index default pres,eq,sub
-index uniqueMember,member pres
-index cn,sn,uid,associatedDomain,memberUid,domainUid,commonUid,gecos,businessCategory pres,eq,sub
-index customerName,customerCompanyName,customerDescription,customerCity,customerRegion,customerResponsiblePerson pres,eq,sub
-index objectClass,homeDirectory,loginShell,uidNumber,gidNumber,customerID,authorizedService,customerRole,customerSupportCode,pTRRecord,ipHostNumber pres,eq
-index MXRecord,NSRecord,SOARecord,ARecord,MDRecord,CNAMERecord,DNSTTL,DNSClass,HINFORecord,MINFORecord,TXTRecord,SIGRecord,KEYRecord,AAAARecord pres,eq
-index resellerName,resellerCompanyName,resellerDescription,resellerCity,resellerRegion,resellerResponsiblePerson pres,eq,sub
-index resellerID,resellerRole,resellerSupportCode pres,eq
-index sendmailMTAHost,sendmailMTAAliasGrouping,sendmailMTAKey,sendmailMTAMapName,sendmailMTAMapValue,sendmailMTAClassName,sendmailMTAClassValue pres,eq
-index apacheServerName,apacheServerAlias,apacheDocumentRoot,apacheServerAdmin pres,eq
-index apacheExtConfigUri,apacheExtConfigServerName pres,eq,sub
-index apacheLocationOptionsDn,apacheExtConfigRequireValidUser,apacheExtConfigUserDn,apacheExtConfigUserServerName,apacheExtConfigObjectName pres,eq
-index vacationActive eq
+include /etc/ldap/indexes
+
+rootdn "cn=admin,dc=foo,dc=bar"
+
+access to dn.base=""
+ by * read
access to *
- by * write
+ by dn="cn=admin,dc=foo,dc=bar"
+ by dn="cn=nobody,dc=foo,dc=bar" read
+ by * none