LDAP Server Configuration

This is not a complete listing of slapd.conf, only the parts that i have modified, or think are really important.

Global Options

disallow bind_krb4
require bind
security tls=112
password-hash {MD5}
TLSCACertificateFile /path/to/ca.crt
TLSCertificateFile /path/to/server.crt
TLSCertificateKeyFile /path/to/server.key
TLSCipherSuite HIGH:MEDIUM

Schemas Used

  • core.schema
  • cosine.schema
  • nis.schema
  • inetorgperson.schema

Database directives

database        bdb
suffix          "dc=nerdcircus,dc=org"
rootdn "cn=Manager,dc=nerdcircus,dc=org"
rootpw <omitted>

index           objectClass eq
index           cn,mail,uid eq,sub,approx
index           uidNumber,gidNumber,memberUid eq

Unless otherwise noted, all content is copyright Marc Dougherty and is subject to a Creative Commons license.