#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include		/etc/openldap/slapd.at.conf
include		/etc/openldap/slapd.oc.conf
include		/etc/openldap/unix.schema-v2
include		/etc/openldap/sambatng.schema-v2
#schemacheck	off
schemacheck	on
#referral	ldap://root.openldap.org/

pidfile		/var/run/slapd.pid
argsfile	/var/run/slapd.args

#######################################################################
# ldbm database definitions
#######################################################################

database	ldbm
#suffix		"o=My Organization Name, c=US"
#rootdn		"cn=Manager, o=My Organization Name, c=US"
suffix		"dc=sci,dc=univr,dc=it"
rootdn		"uid=root,dc=sci,dc=univr,dc=it"
# cleartext passwords, especially for the rootdn, should
# be avoid.  See slapd.conf(5) for details.
#rootpw		secret
rootpw		{crypt}0xRLguU1Noavo
# database directory
# this directory MUST exist prior to running slapd AND
# should only be accessable by the slapd/tools  Mode 700 recommended.
directory	/var/lib/ldap

# begin importing #
index           cn
index           sn					pres,sub,eq
index           uid,rid,objectclass,ntuid,grouprid	eq
index           default         sub
#
defaultaccess   read
access  to dn="dc=sci,dc=univr,dc=it"
        by dn="uid=root,dc=sci,dc=univr,dc=it"         write
        by self         write
	by *            read
# end importing #

# The userPassword by default can be changed
# by the entry owning it if they are authenticated.
# Others should not be able to see it, except the
# admin entry below
access to attrs=userpassword,lmpassword,ntpassword
        by self write
        by dn="cn=root,dc=sci,dc=univr,dc=it" write
        by * none