4.1 A Starting Point

Here is the slapd configuration file developed in Chapter 3. We will change some of the entries in this listing as things progress.

# /usr/local/etc/openldap/slapd.conf
      
# Global section
      
## Include the minimum schema required.
include       /usr/local/etc/openldap/schema/core.schema
      
## Added logging parameters
loglevel      296
pidfile       /usr/local/var/slapd.pid
argsfile      /usr/local/var/slapd.args
      
## TLS options for slapd 
TLSCipherSuite             HIGH
TLSCertificateFile         /etc/local/slapd-cert.pem
TLSCertificateKeyFile      /etc/local/slapd-key.pem
      
## Misc security settings
password-hash         {SSHA}
      
#######################################################
## Define the beginning of example database.
databasebdb
      
## Define the root suffix you serve.
suffix                "dc=plainjoe,dc=org"
      
## Define a root DN for superuser privileges.
rootdn                "cn=Manager,dc=plainjoe,dc=org"
      
## Define the password used with rootdn. This is the base64-encoded MD5 hash of
## "secret."
rootpw                {SSHA}2aksIaicAvwc+DhCrXUFlhgWsbBJPLxy
      
## Directory containing the database files
directory             /var/ldap/plainjoe.org
      
## Files should be created rw for the owner **only**.
mode                  0600
      
## Indexes to maintain
index                 objectClass          eq
index                 cn                   pres,eq
      
## db tuning parameters; cache 2,000 entries in memory
cachesize             2000
      
# Simple ACL granting read access to the world
access to * 
   by * read