include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/nis.schema
include         /etc/openldap/schema/samba.schema
# Allow LDAPv2 client connections.  This is NOT the default.
allow bind_v2
pidfile         /var/run/slapd.pid
argsfile        /var/run/slapd.args
#For BDC
#reqlogfile /var/lib/ldap/relogfile

access to
attrs=userPassword,sambaLMPassword,sambaNTPassword,shadowLastChange
       by dn.children="ou=admin,dc=example,dc=com" write
       by self write
       by anonymous auth
       by * none
access to *
       by dn.children="ou=admin,dc=example,dc=com" write
       by * read

database        bdb
suffix          "dc=example,dc=com"
rootdn          "cn=Manager,dc=example,dc=com"
rootpw       {SSHA}abcdefghijklmnopqrstuvwxyz
directory       /var/lib/ldap

# Indices to maintain for this database
index objectClass                       eq,pres
index ou,cn,mail,surname,givenname      eq,pres,sub
index uidNumber,gidNumber,loginShell    eq,pres
index uid,memberUid                     eq,pres,sub
index nisMapName,nisMapEntry            eq,pres,sub
Index sambaSID,sambaPrimaryGroupSID,sambaDomainName  eq

# For PDC
#replica host=BDC1.example.com binddn="cn=manager,dc=example,dc=com"
#    bindmethod=simple credentials=geheim tls=no
# For BDC
#updatedn "cn=bdc1-replikator,ou=admin,dc=example,dc=com"
# updateref ldap://PDC.example.dc