quanah/mmr1-config.ldif

## mmr1-config.ldif
dn: cn=config
objectClass: olcGlobal
cn: config
olcConfigFile: slapd-m1.conf
olcConfigDir: /tmp/slapd.d
olcArgsFile: /var/run/openldap/slapd.args
olcAttributeOptions: lang-
olcAuthzPolicy: none
olcConcurrency: 0
olcConnMaxPending: 100
olcConnMaxPendingAuth: 1000
olcGentleHUP: FALSE
olcIdleTimeout: 0
olcIndexSubstrIfMaxLen: 4
olcIndexSubstrIfMinLen: 2
olcIndexSubstrAnyLen: 4
olcIndexSubstrAnyStep: 2
olcIndexIntLen: 4
olcListenerThreads: 1
olcLocalSSF: 71
olcLogLevel: Stats
olcLogLevel: Sync
olcPidFile: /var/run/openldap/slapd.pid
olcReadOnly: FALSE
olcReverseLookup: FALSE
olcSaslSecProps: noplain,noanonymous
olcServerID: 1
olcSockbufMaxIncoming: 262143
olcSockbufMaxIncomingAuth: 16777215
olcThreads: 8
olcTLSCACertificatePath: /etc/openldap/certs
olcTLSCertificateFile: "OpenLDAP Server"
olcTLSCertificateKeyFile: /etc/openldap/certs/password
olcTLSCRLCheck: none
olcTLSVerifyClient: never
olcTLSProtocolMin: 0.0
olcToolThreads: 2
olcWriteTimeout: 0

dn: cn=module{0},cn=config
objectClass: olcModuleList
cn: module{0}
olcModulePath: /usr/lib64/openldap
olcModuleLoad: {0}back_mdb.la
olcModuleLoad: {1}syncprov.la
olcModuleLoad: {2}accesslog.la

dn: cn=schema,cn=config
objectClass: olcSchemaConfig
cn: schema

include: file:///etc/openldap/schema/core.ldif
include: file:///etc/openldap/schema/cosine.ldif
include: file:///etc/openldap/schema/inetorgperson.ldif

dn: olcDatabase={-1}frontend,cn=config
objectClass: olcDatabaseConfig
objectClass: olcFrontendConfig
olcDatabase: {-1}frontend
olcAccess: {0}to dn.base=""  by * read
olcAccess: {1}to dn.base="cn=subschema"  by * read
olcAddContentAcl: FALSE
olcLastMod: TRUE
olcMaxDerefDepth: 0
olcReadOnly: FALSE
olcSchemaDN: cn=Subschema
olcSyncUseSubentry: FALSE
olcMonitoring: FALSE

dn: olcDatabase={0}config,cn=config
objectClass: olcDatabaseConfig
olcDatabase: {0}config
olcAccess: {0}to *  by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=exter
 nal,cn=auth" manage  by * none
olcAddContentAcl: TRUE
olcLastMod: TRUE
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcRootDN: cn=config
olcRootPW:: c2VjcmV0
olcSyncUseSubentry: FALSE
olcMonitoring: FALSE

dn: olcDatabase={1}monitor,cn=config
objectClass: olcDatabaseConfig
olcDatabase: {1}monitor
olcAccess: {0}to *  by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=exter
 nal,cn=auth" read  by * none
olcAddContentAcl: FALSE
olcLastMod: TRUE
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcSyncUseSubentry: FALSE
olcMonitoring: FALSE

dn: olcDatabase={2}mdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcMdbConfig
olcDatabase: {2}mdb
olcSuffix: dc=example,dc=com
olcAccess: {0}to attrs=userpassword  by self write  by anonymous auth  by dn
 .base="uid=replicationuser,ou=serviceaccounts,dc=example,dc=com" read  by *
  none
olcAccess: {1}to *  by dn.base="uid=replicationuser,ou=serviceaccounts,dc=ex
 ample,dc=com" read  by self write  by users read  by * none
olcAddContentAcl: FALSE
olcLastMod: TRUE
olcLimits: {0}dn.base="uid=replicationuser,ou=serviceaccounts,dc=example,dc=
 com" size.soft=unlimited  size.hard=unlimited  time.soft=unlimited  time.ha
 rd=unlimited
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcRootDN: dc=example,dc=com
olcRootPW:: c2VjcmV0
olcSyncUseSubentry: FALSE
olcSyncrepl: rid=002 provider=ldap://ldap2.example.com:389 bindmethod=simple
  timeout=0 network-timeout=30 binddn="uid=replicationuser,ou=serviceaccount
 s,dc=example,dc=com" credentials="secret" keepalive=240:10:30 starttls=no f
 ilter="(objectclass=*)" searchbase="dc=example,dc=com" logfilter="(&(object
 Class=auditWriteObject)(reqResult=0))" logbase="cn=accesslog" scope=sub sch
 emachecking=off type=refreshAndPersist retry="5 5 300 +" syncdata=accesslog
olcMirrorMode: TRUE
olcMonitoring: TRUE
olcDbDirectory: /var/lib/ldap
olcDbNoSync: FALSE
olcDbIndex: default eq
olcDbIndex: objectClass pres,eq
olcDbIndex: entryUUID eq
olcDbIndex: entryCSN eq
olcDbIndex: cn pres,eq,sub
olcDbIndex: mail pres,eq,sub
olcDbIndex: ou pres,eq,sub
olcDbIndex: sn pres,eq,sub
olcDbIndex: givenName pres,eq,sub
olcDbMaxReaders: 0
olcDbMaxSize: 85899345920
olcDbMode: 0600
olcDbSearchStack: 16
olcDbRtxnSize: 10000

dn: olcOverlay={0}syncprov,olcDatabase={2}mdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
olcSpCheckpoint: 100 10
olcSpSessionlog: 10000000

dn: olcOverlay={1}accesslog,olcDatabase={2}mdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcAccessLogConfig
olcOverlay: {1}accesslog
olcAccessLogDB: cn=accesslog
olcAccessLogOps: writes
olcAccessLogPurge: 7+00:00 04:00
olcAccessLogSuccess: TRUE

dn: olcDatabase={3}mdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcMdbConfig
olcDatabase: {3}mdb
olcSuffix: cn=accesslog
olcAccess: {0}to *  by dn.base="uid=replicationuser,ou=serviceaccounts,dc=ex
 ample,dc=com" read
olcAddContentAcl: FALSE
olcLastMod: TRUE
olcLimits: {0}dn.base="uid=replicationuser,ou=serviceaccounts,dc=example,dc=
 com" size.soft=unlimited  size.hard=unlimited  time.soft=unlimited  time.ha
 rd=unlimited
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcRootDN: cn=config
olcSyncUseSubentry: FALSE
olcMonitoring: TRUE
olcDbDirectory: /var/lib/ldap/accesslog
olcDbNoSync: FALSE
olcDbIndex: default eq
olcDbIndex: objectClass eq
olcDbIndex: entryCSN eq
olcDbIndex: reqDN eq
olcDbIndex: reqStart eq
olcDbIndex: reqEnd eq
olcDbIndex: reqResult eq
olcDbMaxReaders: 0
olcDbMaxSize: 85899345920
olcDbMode: 0600
olcDbSearchStack: 16
olcDbRtxnSize: 10000

dn: olcOverlay={0}syncprov,olcDatabase={3}mdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
olcSpNoPresent: TRUE
olcSpReloadHint: TRUE
	dn: cn=config
	objectClass: olcGlobal
	cn: config
	olcConfigFile: slapd-m1.conf
	olcConfigDir: /tmp/slapd.d
	olcArgsFile: /var/run/openldap/slapd.args
	olcAttributeOptions: lang-
	olcAuthzPolicy: none
	olcConcurrency: 0
	olcConnMaxPending: 100
	olcConnMaxPendingAuth: 1000
	olcGentleHUP: FALSE
	olcIdleTimeout: 0
	olcIndexSubstrIfMaxLen: 4
	olcIndexSubstrIfMinLen: 2
	olcIndexSubstrAnyLen: 4
	olcIndexSubstrAnyStep: 2
	olcIndexIntLen: 4
	olcListenerThreads: 1
	olcLocalSSF: 71
	olcLogLevel: Stats
	olcLogLevel: Sync
	olcPidFile: /var/run/openldap/slapd.pid
	olcReadOnly: FALSE
	olcReverseLookup: FALSE
	olcSaslSecProps: noplain,noanonymous
	olcServerID: 1
	olcSockbufMaxIncoming: 262143
	olcSockbufMaxIncomingAuth: 16777215
	olcThreads: 8
	olcTLSCACertificatePath: /etc/openldap/certs
	olcTLSCertificateFile: "OpenLDAP Server"
	olcTLSCertificateKeyFile: /etc/openldap/certs/password
	olcTLSCRLCheck: none
	olcTLSVerifyClient: never
	olcTLSProtocolMin: 0.0
	olcToolThreads: 2
	olcWriteTimeout: 0

	dn: cn=module{0},cn=config
	objectClass: olcModuleList
	cn: module{0}
	olcModulePath: /usr/lib64/openldap
	olcModuleLoad: {0}back_mdb.la
	olcModuleLoad: {1}syncprov.la
	olcModuleLoad: {2}accesslog.la

	dn: cn=schema,cn=config
	objectClass: olcSchemaConfig
	cn: schema

	include: file:///etc/openldap/schema/core.ldif
	include: file:///etc/openldap/schema/cosine.ldif
	include: file:///etc/openldap/schema/inetorgperson.ldif

	dn: olcDatabase={-1}frontend,cn=config
	objectClass: olcDatabaseConfig
	objectClass: olcFrontendConfig
	olcDatabase: {-1}frontend
	olcAccess: {0}to dn.base="" by * read
	olcAccess: {1}to dn.base="cn=subschema" by * read
	olcAddContentAcl: FALSE
	olcLastMod: TRUE
	olcMaxDerefDepth: 0
	olcReadOnly: FALSE
	olcSchemaDN: cn=Subschema
	olcSyncUseSubentry: FALSE
	olcMonitoring: FALSE

	dn: olcDatabase={0}config,cn=config
	objectClass: olcDatabaseConfig
	olcDatabase: {0}config
	olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=exter
	nal,cn=auth" manage by * none
	olcAddContentAcl: TRUE
	olcLastMod: TRUE
	olcMaxDerefDepth: 15
	olcReadOnly: FALSE
	olcRootDN: cn=config
	olcRootPW:: c2VjcmV0
	olcSyncUseSubentry: FALSE
	olcMonitoring: FALSE

	dn: olcDatabase={1}monitor,cn=config
	objectClass: olcDatabaseConfig
	olcDatabase: {1}monitor
	olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=exter
	nal,cn=auth" read by * none
	olcAddContentAcl: FALSE
	olcLastMod: TRUE
	olcMaxDerefDepth: 15
	olcReadOnly: FALSE
	olcSyncUseSubentry: FALSE
	olcMonitoring: FALSE

	dn: olcDatabase={2}mdb,cn=config
	objectClass: olcDatabaseConfig
	objectClass: olcMdbConfig
	olcDatabase: {2}mdb
	olcSuffix: dc=example,dc=com
	olcAccess: {0}to attrs=userpassword by self write by anonymous auth by dn
	.base="uid=replicationuser,ou=serviceaccounts,dc=example,dc=com" read by *
	none
	olcAccess: {1}to * by dn.base="uid=replicationuser,ou=serviceaccounts,dc=ex
	ample,dc=com" read by self write by users read by * none
	olcAddContentAcl: FALSE
	olcLastMod: TRUE
	olcLimits: {0}dn.base="uid=replicationuser,ou=serviceaccounts,dc=example,dc=
	com" size.soft=unlimited size.hard=unlimited time.soft=unlimited time.ha
	rd=unlimited
	olcMaxDerefDepth: 15
	olcReadOnly: FALSE
	olcRootDN: dc=example,dc=com
	olcRootPW:: c2VjcmV0
	olcSyncUseSubentry: FALSE
	olcSyncrepl: rid=002 provider=ldap://ldap2.example.com:389 bindmethod=simple
	timeout=0 network-timeout=30 binddn="uid=replicationuser,ou=serviceaccount
	s,dc=example,dc=com" credentials="secret" keepalive=240:10:30 starttls=no f
	ilter="(objectclass=*)" searchbase="dc=example,dc=com" logfilter="(&(object
	Class=auditWriteObject)(reqResult=0))" logbase="cn=accesslog" scope=sub sch
	emachecking=off type=refreshAndPersist retry="5 5 300 +" syncdata=accesslog
	olcMirrorMode: TRUE
	olcMonitoring: TRUE
	olcDbDirectory: /var/lib/ldap
	olcDbNoSync: FALSE
	olcDbIndex: default eq
	olcDbIndex: objectClass pres,eq
	olcDbIndex: entryUUID eq
	olcDbIndex: entryCSN eq
	olcDbIndex: cn pres,eq,sub
	olcDbIndex: mail pres,eq,sub
	olcDbIndex: ou pres,eq,sub
	olcDbIndex: sn pres,eq,sub
	olcDbIndex: givenName pres,eq,sub
	olcDbMaxReaders: 0
	olcDbMaxSize: 85899345920
	olcDbMode: 0600
	olcDbSearchStack: 16
	olcDbRtxnSize: 10000

	dn: olcOverlay={0}syncprov,olcDatabase={2}mdb,cn=config
	objectClass: olcOverlayConfig
	objectClass: olcSyncProvConfig
	olcOverlay: {0}syncprov
	olcSpCheckpoint: 100 10
	olcSpSessionlog: 10000000

	dn: olcOverlay={1}accesslog,olcDatabase={2}mdb,cn=config
	objectClass: olcOverlayConfig
	objectClass: olcAccessLogConfig
	olcOverlay: {1}accesslog
	olcAccessLogDB: cn=accesslog
	olcAccessLogOps: writes
	olcAccessLogPurge: 7+00:00 04:00
	olcAccessLogSuccess: TRUE

	dn: olcDatabase={3}mdb,cn=config
	objectClass: olcDatabaseConfig
	objectClass: olcMdbConfig
	olcDatabase: {3}mdb
	olcSuffix: cn=accesslog
	olcAccess: {0}to * by dn.base="uid=replicationuser,ou=serviceaccounts,dc=ex
	ample,dc=com" read
	olcAddContentAcl: FALSE
	olcLastMod: TRUE
	olcLimits: {0}dn.base="uid=replicationuser,ou=serviceaccounts,dc=example,dc=
	com" size.soft=unlimited size.hard=unlimited time.soft=unlimited time.ha
	rd=unlimited
	olcMaxDerefDepth: 15
	olcReadOnly: FALSE
	olcRootDN: cn=config
	olcSyncUseSubentry: FALSE
	olcMonitoring: TRUE
	olcDbDirectory: /var/lib/ldap/accesslog
	olcDbNoSync: FALSE
	olcDbIndex: default eq
	olcDbIndex: objectClass eq
	olcDbIndex: entryCSN eq
	olcDbIndex: reqDN eq
	olcDbIndex: reqStart eq
	olcDbIndex: reqEnd eq
	olcDbIndex: reqResult eq
	olcDbMaxReaders: 0
	olcDbMaxSize: 85899345920
	olcDbMode: 0600
	olcDbSearchStack: 16
	olcDbRtxnSize: 10000

	dn: olcOverlay={0}syncprov,olcDatabase={3}mdb,cn=config
	objectClass: olcOverlayConfig
	objectClass: olcSyncProvConfig
	olcOverlay: {0}syncprov
	olcSpNoPresent: TRUE
	olcSpReloadHint: TRUE