ldap-test-server 0.1.2

Running isolated OpenLDAP servers in integration tests
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89

# Global config:
dn: cn=config
objectClass: olcGlobal
cn: config
# Where the pid file is put. The init.d script
# will not stop the server if you change this.
olcPidFile: @WORKDIR@/slapd.pid
# List of arguments that were passed to the server
olcArgsFile: @WORKDIR@/slapd.args
# Read slapd-config(5) for possible values
olcLogLevel: none
# The tool-threads parameter sets the actual amount of cpu's that is used
# for indexing.
olcToolThreads: 1
olcDisallows: bind_anon
olcRequires: authc
olcTLSCertificateFile: @WORKDIR@/cert.pem
olcTLSCertificateKeyFile: @WORKDIR@/key.pem

# Frontend settings
dn: olcDatabase={-1}frontend,cn=config
objectClass: olcDatabaseConfig
objectClass: olcFrontendConfig
olcDatabase: {-1}frontend
# The maximum number of entries that is returned for a search operation
olcSizeLimit: 500
olcRequires: authc

# Config db settings
dn: olcDatabase=config,cn=config
objectClass: olcDatabaseConfig
olcDatabase: config
olcRootDN: cn=admin,cn=config

# Load schemas
dn: cn=schema,cn=config
objectClass: olcSchemaConfig
cn: schema

include: @SCHEMADIR@/core.ldif
include: @SCHEMADIR@/cosine.ldif
include: @SCHEMADIR@/nis.ldif
include: @SCHEMADIR@/inetorgperson.ldif

# Load module
dn: cn=module{0},cn=config
objectClass: olcModuleList
cn: module{0}
# Where the dynamically loaded modules are stored
olcModulePath: /usr/lib/ldap
olcModuleLoad: back_mdb

# The database definition.
dn: olcDatabase=mdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcMdbConfig
olcDatabase: mdb
olcDbNosync: TRUE
# The base of your directory in database #1
olcSuffix: @BASEDN@
# Where the database file are physically stored for database #1
olcDbDirectory: @WORKDIR@
# Database superuser credentials
olcRootDN: @ROOTDN@
olcRootPW: @ROOTPW@
# Indexing options for database #1
olcDbIndex: objectClass eq
olcDbIndex: cn,uid eq
olcDbIndex: uidNumber,gidNumber eq
olcDbIndex: member,memberUid eq
olcRequires: authc
# The userPassword by default can be changed by the entry owning it if
# they are authenticated. Others should not be able to see it, except
# the admin entry above.
olcAccess: to attrs=userPassword
  by self write
  by anonymous auth
  by * none
# Allow update of authenticated user's shadowLastChange attribute.
# Updating it on password change is implemented at least by libpam-ldap,
# libpam-ldapd, and the slapo-smbk5pwd overlay.
olcAccess: to attrs=shadowLastChange
  by self write
  by * read
# The admin dn (olcRootDN) bypasses ACLs and so has total access,
# everyone else can read everything.
olcAccess: to *
  by * read