#
################################################
### Managed by someone's ansible provisioner ###
################################################
# Part of: https://git.somenet.org/root/pub/somesible.git
# 2017-2025 by someone <someone@somenet.org>
#
# /etc/ldap/slapd.d is deleted by ansible
#

pidfile  /var/run/openldap/slapd.pid
#loglevel stats
loglevel none

moduleload back_mdb
moduleload memberof

include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/nis.schema


# will this ever be usable?
database config
#access to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=extern al,cn=auth" manage by * none
#rootdn cn=root,cn=config
#rootpw CHANGEME


database mdb
suffix dc=CHANGEME
directory /var/lib/ldap/

access to attrs=userPassword by self write by anonymous auth by * none
access to attrs=shadowLastChange by self write by * read
access to * by * read

index objectClass eq
index cn,uid eq
index uidNumber,gidNumber eq
index member,memberUid eq

rootdn cn=root,dc=CHANGEME
rootpw CHANGEME

overlay memberof