[pkg-kolab] r130 - trunk/kolabd/debian
Noel Koethe
noel at costa.debian.org
Fri Jan 13 09:16:13 UTC 2006
Author: noel
Date: 2006-01-13 09:16:13 +0000 (Fri, 13 Jan 2006)
New Revision: 130
Modified:
trunk/kolabd/debian/README.Debian
Log:
added slapd.conf
Modified: trunk/kolabd/debian/README.Debian
===================================================================
--- trunk/kolabd/debian/README.Debian 2006-01-11 18:43:28 UTC (rev 129)
+++ trunk/kolabd/debian/README.Debian 2006-01-13 09:16:13 UTC (rev 130)
@@ -1,10 +1,177 @@
Documentation to install Kolab on Debian
1. Install this kolabd package with all dependencies
+----------------------------------------------------
-2. use /usr/share/kolabd/kolab_bootstrap to create basic LDAP
- data and certificates
+2. Configure LDAP
+-----------------
+2.1 /etc/ldap/slapd.conf (file mode 0640)
+-------------------------------------------------------------------------------------
+# Loading of backend modules
+
+modulepath /usr/lib/ldap
+moduleload back_bdb
+
+# manual additions are lost unless made to the template in the Kolab config directory
+# the template is /etc/kolab/slapd.conf.template
+
+include /etc/ldap/schema/core.schema
+include /etc/ldap/schema/cosine.schema
+include /etc/ldap/schema/inetorgperson.schema
+include /usr/share/kolabd/schema/rfc2739.schema
+include /usr/share/kolabd/schema/kolab2.schema
+
+pidfile /var/lib/ldap/run/slapd.pid
+replica-pidfile /var/lib/ldap/run/slurpd.pid
+argsfile /var/lib/ldap/slapd.args
+replogfile /var/lib/ldap/replog
+replicationinterval 5
+
+schemacheck on
+
+#TLSCertificateFile /etc/kolab/cert.pem
+#TLSCertificateKeyFile /etc/kolab/key.pem
+
+rootDSE /etc/kolab/rootDSE.ldif
+
+defaultsearchbase "dc=kolab"
+
+require none
+#allow bind_v2
+
+
+
+glevel 256
+
+#database monitor
+
+database bdb
+cachesize 2000
+checkpoint 512 10
+idlcachesize 10000
+idletimeout 10 # The value can be increased if some clients develop problems.
+ # Please report to kolab-devel at kolab.org if you encounter such a client.
+
+suffix "dc=kolab"
+directory /var/lib/ldap/
+
+rootdn "cn=manager,cn=internal,dc=kolab"
+rootpw "credativ"
+
+replica uri=ldap://127.0.0.1:9999
+ binddn="cn=replicator"
+ bindmethod=simple
+ credentials=secret
+
+index objectClass pres,eq
+index uid approx,sub,pres,eq
+index mail approx,sub,pres,eq
+index alias approx,sub,pres,eq
+index cn approx,sub,pres,eq
+index sn approx,sub,pres,eq
+index givenName approx,sub,pres,eq
+index kolabHomeServer pres,eq
+index member pres,eq
+
+access to dn.subtree="cn=Monitor"
+ by group/kolabGroupOfNames="cn=admin,cn=internal,dc=kolab" write
+ by * none stop
+
+access to attr=userPassword
+ by group/kolabGroupOfNames="cn=admin,cn=internal,dc=kolab" =wx
+ by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=kolab" =wx
+ by self =wx
+ by anonymous =x
+ by * none stop
+
+access to attr=mail
+ by group/kolabGroupOfNames="cn=admin,cn=internal,dc=kolab" write
+ by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=kolab" write
+ by * read stop
+
+access to attr=alias
+ by group/kolabGroupOfNames="cn=admin,cn=internal,dc=kolab" write
+ by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=kolab" write
+ by * read stop
+
+access to attr=uid
+ by group/kolabGroupOfNames="cn=admin,cn=internal,dc=kolab" write
+ by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=kolab" write
+ by * read stop
+
+access to attr=cyrus-userquota
+ by group/kolabGroupOfNames="cn=admin,cn=internal,dc=kolab" write
+ by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=kolab" write
+ by self read stop
+
+access to attr=kolabHomeServer
+ by group/kolabGroupOfNames="cn=admin,cn=internal,dc=kolab" write
+ by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=kolab" write
+ by * read stop
+
+access to attr=kolabHomeMTA
+ by group/kolabGroupOfNames="cn=admin,cn=internal,dc=kolab" write
+ by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=kolab" write
+ by * read stop
+
+access to dn="cn=nobody,dc=kolab"
+ by anonymous auth stop
+
+access to dn="cn=manager,cn=internal,dc=kolab"
+ by dn="cn=nobody,cn=internal,dc=kolab" read
+ by self write
+ by anonymous auth stop
+
+access to dn="cn=admin,cn=internal,dc=kolab"
+ by group/kolabGroupOfNames="cn=admin,cn=internal,dc=kolab" write
+ by dn="cn=nobody,cn=internal,dc=kolab" read
+ by self write
+ by anonymous auth stop
+
+access to dn="cn=maintainer,cn=internal,dc=kolab"
+ by group/kolabGroupOfNames="cn=admin,cn=internal,dc=kolab" write
+ by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=kolab" read
+ by dn="cn=nobody,cn=internal,dc=kolab" read
+ by self write
+ by anonymous auth stop
+
+access to dn.regex="(.*,)?cn=internal,dc=kolab"
+ by group/kolabGroupOfNames="cn=admin,cn=internal,dc=kolab" write
+ by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=kolab" write
+ by self write
+ by dn="cn=nobody,cn=internal,dc=kolab" read
+ by anonymous auth stop
+
+access to dn.regex="(.*,)?cn=external,dc=kolab"
+ by group/kolabGroupOfNames="cn=admin,cn=internal,dc=kolab" write
+ by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=kolab" write
+ by * read stop
+
+access to dn="cn=external,dc=kolab"
+ by dn="cn=nobody,cn=internal,dc=kolab" read
+ by * search stop
+
+access to dn="cn=internal,dc=kolab"
+ by dn="cn=nobody,cn=internal,dc=kolab" read
+ by * search stop
+
+access to dn="k=kolab,dc=kolab"
+ by group/kolabGroupOfNames="cn=admin,cn=internal,dc=kolab" write
+ by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=kolab" read
+ by dn="cn=nobody,cn=internal,dc=kolab" read
+ by * none stop
+
+access to *
+ by self write
+ by group/kolabGroupOfNames="cn=admin,cn=internal,dc=kolab" write
+ by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=kolab" write
+ by * read stop
+
+include /etc/ldap/slapd.replicas
+
+---------------------------------------------------------------------------------------------
+
3. Configure SASL:
More information about the pkg-kolab-devel
mailing list