1# slave slapd config -- for testing of replication
2# $OpenLDAP$
3## This work is part of OpenLDAP Software <http://www.openldap.org/>.
4##
5## Copyright 1998-2011 The OpenLDAP Foundation.
6## All rights reserved.
7##
8## Redistribution and use in source and binary forms, with or without
9## modification, are permitted only as authorized by the OpenLDAP
10## Public License.
11##
12## A copy of this license is available in the file LICENSE in the
13## top-level directory of the distribution or, alternatively, at
14## <http://www.OpenLDAP.org/license.html>.
15
16include		@SCHEMADIR@/core.schema
17include		@SCHEMADIR@/cosine.schema
18include		@SCHEMADIR@/inetorgperson.schema
19include		@SCHEMADIR@/openldap.schema
20include		@SCHEMADIR@/nis.schema
21#
22pidfile		@TESTDIR@/slapd.2.pid
23argsfile	@TESTDIR@/slapd.2.args
24
25#mod#modulepath	../servers/slapd/back-@BACKEND@/
26#mod#moduleload	back_@BACKEND@.la
27#monitormod#modulepath ../servers/slapd/back-monitor/
28#monitormod#moduleload back_monitor.la
29#ldapmod#modulepath ../servers/slapd/back-ldap/
30#ldapmod#moduleload back_ldap.la
31
32#ldapyes#overlay		chain
33#ldapyes#chain-uri		@URI1@
34#ldapyes#chain-idassert-bind	bindmethod=simple binddn="cn=Manager,dc=example,dc=com" credentials=secret mode=self
35#ldapmod#overlay		chain
36#ldapmod#chain-uri		@URI1@
37#ldapmod#chain-idassert-bind	bindmethod=simple binddn="cn=Manager,dc=example,dc=com" credentials=secret mode=self
38
39#######################################################################
40# database definitions
41#######################################################################
42
43access to dn.base="" attrs=children
44	by dn.exact="cn=Monitor" write
45	by * break
46
47access to *
48	by * read
49
50database	@BACKEND@
51
52suffix		"dc=example,dc=com"
53rootdn		"cn=Replica,dc=example,dc=com"
54rootpw		secret
55# HACK: use the RootDN of the monitor database as UpdateDN so ACLs apply
56# without the need to write the UpdateDN before starting replication
57updatedn	"cn=Monitor"
58updateref	@URI1@
59#null#bind		on
60#~null~#directory	@TESTDIR@/db.2.a
61#indexdb#index		objectClass	eq
62#indexdb#index		cn,sn,uid	pres,eq,sub
63#indexdb#index		entryUUID	pres,eq
64#ndb#dbname db_2
65#ndb#include @DATADIR@/ndb.conf
66
67# Need to strip hasSubordinates from internal searches otherwise
68# syncrepl will try to delete it, since syncprov is not sending
69# it because it's generated
70access to dn.subtree="dc=example,dc=com" attrs=hasSubordinates
71	by dn.exact="cn=Monitor" none
72	by * read
73
74access to dn.subtree="dc=example,dc=com"
75	by dn.exact="cn=Monitor" write
76	by * read
77
78#monitor#database	monitor
79#monitor#rootdn		"cn=Monitor"
80#monitor#rootpw		monitor
81