moduleload	memberof.so
moduleload	syncprov.so

include		/etc/openldap/schema/core.schema
include		/etc/openldap/schema/cosine.schema
include		/etc/openldap/schema/inetorgperson.schema

pidfile		/var/run/openldap/slapd.pid
argsfile	/var/run/openldap/slapd.args

loglevel	256

access to attrs=userPassword
	by self write
	by * auth

access to *
	by * read

defaultsearchbase	dc=COMPANY,dc=de

ServerID	1	ldap://amsrvmgmt.company.de

backend		bdb

#######################################################################
# BDB database definitions
#######################################################################

database	bdb
cachesize	10000
# If this isn't written in CAPS, Windoze isn't able to join this domain
suffix		"dc=COMPANY,dc=DE"
checkpoint	32	5
rootdn		"cn=Manager,dc=company,dc=de"
rootpw		{SSHA}MYSECRETSSHAHASH
directory	/var/lib/openldap-data

index		entryUUID,entryCSN	eq

overlay			memberof
memberof-dangling	drop
memberof-refint		true

overlay			syncprov
syncprov-checkpoint	10 1
syncprov-sessionlog	50

limits dn.exact="cn=replicator,dc=company,dc=de"
	size=unlimited time=unlimited

access to *
	by dn.exact="cn=replicator,dc=company,dc=de" read
	by * break