On Fri, Oct 29, 2010 at 11:24:14PM +0200, Marco Agostini wrote: > Il 29 ottobre 2010 10:20, Marco Ciampa <ciampix@xxxxxxxxx> ha scritto: > > > > Nessuno che ha commentato. > > Devo intendere che nessuno se ne intende? > > Nessuno può aiutarmi? > > > aspetta.... il tuo post finiva con: > " > Posto (ora devo scappare) stasera/domani un po di file di > configurazione, se c'è qualche buon uomo che mi può dare una mano... > " > > ..aspettavo i tuoi file di configurazione per capire meglio il giro di fumi > ;-) > slapd.conf This is the main slapd configuration file. See slapd.conf(5) for more # info on the configuration options. ####################################################################### # Global Directives: # Features to permit sizelimit 20 timelimit -1 #threads 8 #allow bind_v2 # Schema and objectClass definitions include /etc/ldap/schema/core.schema include /etc/ldap/schema/cosine.schema include /etc/ldap/schema/inetorgperson.schema include /etc/ldap/schema/nis.schema include /etc/ldap/schema/samba.schema TLSCertificateFile /etc/ldap/ssl/servercrt.pem TLSCertificateKeyFile /etc/ldap/ssl/serverkey.pem TLSCACertificateFile /etc/ldap/ssl/cacert.pem sasl-host ldapserver.lsgalilei.org # Where the pid file is put. The init.d script # will not stop the server if you change this. pidfile /var/run/slapd/slapd.pid # List of arguments that were passed to the server argsfile /var/run/slapd/slapd.args # Read slapd.conf(5) for possible values #loglevel none # Where the dynamically loaded modules are stored modulepath<---->/usr/lib/ldap moduleload<---->back_hdb # The maximum number of entries that is returned for a search operation sizelimit 500 # The tool-threads parameter sets the actual amount of cpu's that is used # for indexing. tool-threads 1 ####################################################################### # Specific Backend Directives for hdb: # Backend specific directives apply to this backend until another # 'backend' directive occurs backend><------>hdb ####################################################################### # Specific Backend Directives for 'other': # Backend specific directives apply to this backend until another # 'backend' directive occurs #backend<------><------><other> ####################################################################### # Specific Directives for database #1, of type hdb: # Database specific directives apply to this databasse until another # 'database' directive occurs database hdb # The base of your directory in database #1 suffix "dc=lsgalilei,dc=org" # rootdn directive for specifying a superuser on the database. This is needed # for syncrepl. rootdn "cn=admin,dc=lsgalilei,dc=org" #rootpw><------>xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx rootpw<><------>{MD5}xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx # Where the database file are physically stored for database #1 directory "/var/lib/ldap" # The dbconfig settings are used to generate a DB_CONFIG file the first # time slapd starts. They do NOT override existing an existing DB_CONFIG # file. You should therefore change these settings in DB_CONFIG directly # or remove DB_CONFIG and restart slapd for changes to take effect. # For the Debian package we use 2MB as default but be sure to update this # value if you have plenty of RAM dbconfig set_cachesize 0 2097152 0 # Sven Hartge reported that he had to set this value incredibly high # to get slapd running at all. See http://bugs.debian.org/303057 for more # information. # Number of objects that can be locked at the same time. dbconfig set_lk_max_objects 1500 # Number of locks (both requested and granted) dbconfig set_lk_max_locks 1500 # Number of lockers dbconfig set_lk_max_lockers 1500 # Indexing options for database #1 index<->objectClass<--->eq index<->uid,uidNumber,gidNumber,memberUid <---->eq index<->cn,mail,surname,givenname<----->eq,subinitial index<->sambaSID<------>eq index<->sambaPrimaryGroupSID<-->eq index<->sambaDomainName>eq #index<>sambaSIDList eq #index<>sambaGroupType eq #index<>displayName eq #index<>uniqueMember eq # Save the time that the entry gets modified, for database #1 lastmod on # Checkpoint the BerkeleyDB database periodically in case of system # failure and to speed slapd shutdown. checkpoint 512 30 # Where to store the replica logs for database #1 # replogfile<-->/var/lib/ldap/replog # The userPassword by default can be changed # by the entry owning it if they are authenticated. # Others should not be able to see it, except the # admin entry below # These access lines apply to database #1 only access to attrs=userPassword,sambaNTPassword,sambaLMPassword by dn="cn=admin,dc=lsgalilei,dc=org" write by anonymous auth by self write by * none # Ensure read access to the base for things like # supportedSASLMechanisms. Without this you may # have problems with SASL not knowing what # mechanisms are available and the like. # Note that this is covered by the 'access to *' # ACL below too but if you change that as people # are wont to do you'll still need this if you # want SASL (and possible other things) to work. # happily. access to dn.base="" by * read # The admin dn has full write access, everyone else # can read everything. access to * by dn="cn=admin,dc=lsgalilei,dc=org" write by dn="cn=nss,dc=lsgalilei,dc=org" read by * read # For Netscape Roaming support, each user gets a roaming # profile for which they have write access to #access to dn=".*,ou=Roaming,o=morsnet" # by dn="cn=admin,dc=lsgalilei,dc=org" write # by dnattr=owner write ####################################################################### # Specific Directives for database #2, of type 'other' (can be hdb too): # Database specific directives apply to this databasse until another # 'database' directive occurs #database <other> # The base of your directory for database #2 #suffix><------>"dc=debian,dc=org" spero di aver copiato/incollato bene... -- Marco Ciampa +--------------------+ | Linux User #78271 | | FSFE fellow #364 | +--------------------+ -- Per iscriversi (o disiscriversi), basta spedire un messaggio con OGGETTO "subscribe" (o "unsubscribe") a mailto:linuxtrent-request@xxxxxxxxxxxxx