ba...@work-isp:~$ sudo sh -c ls -l /etc/ldap/slapd.d/cn=config/olcDatabase*
ls: cannot access /etc/ldap/slapd.d/cn=config/olcDatabase*: No such file or
directory
ba...@work-isp:~$ sudo sh -c grep olcSuffix:
/etc/ldap/slapd.d/cn=config/olcDatabase*
grep: /etc/ldap/slapd.d/cn=config/olcDatabase*: No such file or directory
ba...@work-isp:~$ sudo sh -c grep olcDbDirectory:
/etc/ldap/slapd.d/cn=config/olcDatabase*
grep: /etc/ldap/slapd.d/cn=config/olcDatabase*: No such file or directory
ba...@work-isp:~$ ls /etc/ldap
data ldap.conf ldap.doc sasl2 schema slapd.conf
ba...@work-isp:~$ ls -R /etc/ldap
/etc/ldap:
data ldap.conf ldap.doc sasl2 schema slapd.conf
/etc/ldap/data:
aa data.ldif.try1 data.ldif.try3 intervivaz.ldif
data.ldif data.ldif.try2 data.ldif.try4 reload
/etc/ldap/sasl2:
/etc/ldap/schema:
amavis.schema core.schema inetorgperson.schema nis.schema
authldap.schema cosine.ldif java.schema openldap.ldif
authldap.schema.orig cosine.schema misc.ldif openldap.schema
collective.schema duaconf.schema misc.schema pmi.schema
corba.schema dyngroup.schema nadf.schema ppolicy.schema
core.ldif inetorgperson.ldif nis.ldif README
ldap.conf:
#
# LDAP Defaults
#
# See ldap.conf(5) for details
# This file should be world readable but not world writable.
#BASE dc=example,dc=com
#URIldap://ldap.example.com ldap://ldap-master.example.com:666
#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never
slapd.conf:
include /etc/ldap/schema/core.schema
##include /etc/ldap/schema/collective.schema
##include /etc/ldap/schema/corba.schema
include /etc/ldap/schema/cosine.schema
##include /etc/ldap/schema/duaconf.schema
##include /etc/ldap/schema/dyngroup.schema
include /etc/ldap/schema/inetorgperson.schema
##include /etc/ldap/schema/java.schema
#include /etc/ldap/schema/misc.schema
include /etc/ldap/schema/nis.schema
##include /etc/ldap/schema/openldap.schema
##include /etc/ldap/schema/ppolicy.schema
##include /etc/ldap/schema/pmi.schema
#include /usr/local/etc/ldap/samba.schema
#include /usr/local/etc/ldap/sq_prefs.schema
#include /usr/local/etc/ldap/squirrelmail.schema.OpenLDAP-2.1.x
include /etc/ldap/schema/authldap.schema
# Where the pid file is put. The init.d script
# will not stop the server if you change this.
pidfile /var/run/slapd/slapd.pid
# List of arguments that were passed to the server
argsfile/var/run/slapd/slapd.args
# Read slapd.conf(5) for possible values
#loglevelnone
#loglevel filter stats
loglevel stats
#loglevel 32767
# Where the dynamically loaded modules are stored
modulepath /usr/lib/ldap
moduleload back_hdb
moduleload syncprov
# The maximum number of entries that is returned for a search operation
sizelimit 5000
# The tool-threads parameter sets the actual amount of cpu's that is used
# for indexing.
tool-threads 1
# specific Backend Directives for hdb:
# Backend specific directives apply to this backend until another
# 'backend' directive occurs
databasehdb
suffix dc=domain
rootdn cn=admin,dc=domain
rootpw {SSHA}some text for a password
directory /var/lib/ldap
#add to indexes to the below list
#/etc/init.d/slapd stop
#slapindex -f /etc/ldap/slapd.conf
#cd /var/lib/ldap; chown openldap:openldap *
#/etc/init.d/slapd start
index objectClass,mail,mailbox,associatedDomain eq
index uid eq
index uidNumber eq
index gidNumber eq
dbconfig set_cachesize 0 2097152 0
dbconfig set_lk_max_objects 1500
dbconfig set_lk_max_locks 1500
dbconfig set_lk_max_lockers 1500
lastmod on
# 1) user confirm this is their record
# 2) pam to validate a password for this dn
# 3) pam to change a password for this dn
#we do a start - end match so this is for xxx.ltcd.com style
access to
dn.regex=^uid=([^,]+),ou=people,dc=([^,]+),dc=([^,]+).dc=([^,]+),dc=domain$
attrs=userPassword,shadowLastChange
by anonymous auth
by dn.exact=cn=dovecot,dc=global,dc=domain read
by dn.exact,expand=cn=admin,dc=$2,dc=$3,dc=$4,dc=domain write
by self write
by * none
#this is start - end need for those .com style
access to dn.regex=^uid=([^,]+),ou=people,dc=([^,]+),dc=([^,]+),dc=domain$
attrs=userPassword,shadowLastChange
by anonymous auth
by dn.exact=cn=dovecot,dc=global,dc=domain read
by dn.exact,expand=cn=admin,dc=$2,dc=$3,dc=$4,dc=domain write
by self write
by * none
#this is start - end need for those .com style
access to dn.regex=^uid=([^,]+),ou=people,dc=([^,]+),dc=([^,]+),dc=domain$
attrs=userPassword,shadowLastChange
by anonymous auth
by dn.exact=cn=dovecot,dc=global,dc=domain read
by dn.exact,expand=cn=admin,dc=$2,dc=$3,dc=domain write
by self write
by * none
# Ensure read access to the base for things like
# supportedSASLMechanisms. Without