aboutsummaryrefslogtreecommitdiffstats
path: root/modules/openldap
diff options
context:
space:
mode:
Diffstat (limited to 'modules/openldap')
-rw-r--r--modules/openldap/templates/slapd.conf24
1 files changed, 13 insertions, 11 deletions
diff --git a/modules/openldap/templates/slapd.conf b/modules/openldap/templates/slapd.conf
index ab97aacd..faf46dba 100644
--- a/modules/openldap/templates/slapd.conf
+++ b/modules/openldap/templates/slapd.conf
@@ -1,3 +1,9 @@
+<%
+dc_suffix = 'dc=' + domain.gsub('.',',dc=')
+path_module_directory = "/usr/lib" + ( architecture == "x86_64" ? '64' : '') + "/openldap"
+
+%>
+
# slapd.conf template
include /usr/share/openldap/schema/core.schema
include /usr/share/openldap/schema/cosine.schema
@@ -26,10 +32,6 @@ include /usr/share/openldap/schema/openssh-lpk_openldap.schema
pidfile /var/run/ldap/slapd.pid
argsfile /var/run/ldap/slapd.args
-<%
-path_module_directory = "/usr/lib" + ( architecture == "x86_64" ? '64' : '') + "/openldap"
-%>
-
modulepath <%= path_module_directory %>
moduleload back_monitor.la
moduleload syncprov.la
@@ -51,9 +53,9 @@ security ssf=56
loglevel 256
database bdb
-suffix "dc=mageia,dc=org"
+suffix "<%= dc_suffix %>"
directory /var/lib/ldap
-rootdn "cn=manager,dc=mageia,dc=org"
+rootdn "cn=manager,<%= dc_suffix %>"
checkpoint 256 5
# 32Mbytes, can hold about 10k posixAccount entries
@@ -81,7 +83,7 @@ syncprov-checkpoint 100 10
syncprov-sessionlog 100
overlay ppolicy
-ppolicy_default "cn=default,ou=Password Policies,dc=mageia,dc=org"
+ppolicy_default "cn=default,ou=Password Policies,<%= dc_suffix %>"
ppolicy_hash_cleartext yes
ppolicy_use_lockout yes
@@ -94,15 +96,15 @@ ppolicy_use_lockout yes
#refint_nothing "uid=LDAP Admin,ou=System Accounts,dc=example,dc=com"
authz-regexp "gidNumber=0\\\+uidNumber=0,cn=peercred,cn=external,cn=auth"
- "uid=Account Admin,ou=System Accounts,dc=mageia,dc=org"
-authz-regexp ^uid=([^,]+),cn=[^,]+,cn=auth$ uid=$1,ou=People,dc=mageia,dc=org
+ "uid=Account Admin,ou=System Accounts,<%= dc_suffix %>"
+authz-regexp ^uid=([^,]+),cn=[^,]+,cn=auth$ uid=$1,ou=People,<%= dc_suffix %>
include /etc/openldap/mandriva-dit-access.conf
database monitor
access to dn.subtree="cn=Monitor"
- by group.exact="cn=LDAP Monitors,ou=System Groups,dc=mageia,dc=org" read
- by group.exact="cn=LDAP Admins,ou=System Groups,dc=mageia,dc=org" read
+ by group.exact="cn=LDAP Monitors,ou=System Groups,<%= dc_suffix %>" read
+ by group.exact="cn=LDAP Admins,ou=System Groups,<%= dc_suffix %>" read
by * none