LDAP.CONF
/etc/ldap.conf client configuration.
host synrc.com
base dc=synrc,dc=com
uri ldap://127.0.0.1/
uri ldaps://127.0.0.1/
uri ldapi:///ldap.synrc.com
uri ldaps:///ldap.synrc.com
ldap_version 3
binddn cn=admin,dc=synrc,dc=com
bindpw secret
rootbinddn cn=admin,dc=synrc,dc=com
pam_password md5
ssl start_tls
ssl on
tls_checkpeer yes
TLS_CACERT /usr/local/etc/openldap/sasl2/caroot.pem
TLS_REQCERT allow
LINUX
SLAPD server configuration.
# /etc/ldap/ldap.conf
BASE dc=synrc,dc=com
URI ldap://ldap.synrc.com
#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never
TLS_CACERT /etc/ssl/certs/ca-certificates.crt
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/inetorgperson.schema
#referral ldap://root.openldap.org
pidfile /usr/local/var/run/slapd.pid
argsfile /usr/local/var/run/slapd.args
modulepath /usr/local/opt/openldap/libexec/openldap
moduleload back_mdb.la
# moduleload back_ldap.la
access to dn.base="" by * read
access to *
by self write
by users read
by dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" write
database config
rootdn "cn=admin,cn=config"
rootpw {SSHA}5RDUd7LmFwT4w7Ezqyzel0doq/iuvrSa
database mdb
maxsize 1073741824
suffix "dc=synrc,dc=com"
rootdn "cn=admin,dc=synrc,dc=com"
rootpw {SSHA}5RDUd7LmFwT4w7Ezqyzel0doq/iuvrSa
directory /usr/local/var/ldap
index objectClass eq
database monitor MAC
## /etc/ldap/slapd.conf
include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/inetorgperson.schema
#referral ldap://root.openldap.org
pidfile /usr/local/var/run/slapd.pid
argsfile /usr/local/var/run/slapd.args
modulepath /usr/local/opt/openldap/libexec/openldap
moduleload back_mdb.la
# moduleload back_ldap.la
database config
rootdn "cn=admin,cn=config"
rootpw secret
database mdb
maxsize 1073741824
suffix "dc=synrc,dc=com"
rootdn "cn=admin,dc=synrc,dc=com"
rootpw secret
directory /usr/local/var/openldap-data
index objectClass eq
database monitor