1# provider slapd config -- for testing 2# $OpenLDAP$ 3## This work is part of OpenLDAP Software <http://www.openldap.org/>. 4## 5## Copyright 1998-2021 The OpenLDAP Foundation. 6## All rights reserved. 7## 8## Redistribution and use in source and binary forms, with or without 9## modification, are permitted only as authorized by the OpenLDAP 10## Public License. 11## 12## A copy of this license is available in the file LICENSE in the 13## top-level directory of the distribution or, alternatively, at 14## <http://www.OpenLDAP.org/license.html>. 15 16include @SCHEMADIR@/core.schema 17include @SCHEMADIR@/cosine.schema 18include @SCHEMADIR@/inetorgperson.schema 19include @SCHEMADIR@/openldap.schema 20include @SCHEMADIR@/nis.schema 21pidfile @TESTDIR@/slapd.m.pid 22argsfile @TESTDIR@/slapd.m.args 23 24####################################################################### 25# database definitions 26####################################################################### 27 28#mod#modulepath ../servers/slapd/back-@BACKEND@/:../servers/slapd/overlays 29#mod#moduleload back_@BACKEND@.la 30#ldapmod#modulepath ../servers/slapd/back-ldap/ 31#ldapmod#moduleload back_ldap.la 32#monitormod#modulepath ../servers/slapd/back-monitor/ 33#monitormod#moduleload back_monitor.la 34 35# here the proxy is not only acting as a proxy, but it also has a local database dc=local,dc=com" 36database @BACKEND@ 37suffix "dc=local,dc=com" 38rootdn "cn=Manager,dc=local,dc=com" 39rootpw "secret" 40#~null~#directory @TESTDIR@/db.2.a 41 42# Configure proxy 43# - normal user binds to "*,dc=example,dc=com" are proxied through to the remote slapd 44# - admin bind to local "cn=Manager,dc=local,dc=com" is overwritten by using idassert-bind 45database ldap 46uri "@URI1@" 47suffix "dc=example,dc=com" 48idassert-bind bindmethod=simple binddn="cn=Manager,dc=example,dc=com" credentials="secret" 49idassert-authzFrom "dn.exact:cn=Manager,dc=local,dc=com" 50rebind-as-user yes 51 52database monitor 53