Last active
December 17, 2020 23:41
-
-
Save SimonHoenscheid/edd7e82a42c373cbc313e09359485ffd to your computer and use it in GitHub Desktop.
Suse openldap sysconfig
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Path: Network/LDAP | |
| ## Description: Basic Configuration of the OpenLDAP Directory Server | |
| ## Type: yesno | |
| ## Default: yes | |
| ## ServiceRestart: ldap | |
| # | |
| # If set to "no" the LDAP server will not accept any "normal" LDAP connections | |
| # but just connections over "ldaps" or "ldapi". Setting this to "no" does only | |
| # make sense when either OPENLDAP_START_LDAPS or OPENLDAP_START_LDAPI is set | |
| # "yes". | |
| # | |
| OPENLDAP_START_LDAP="yes" | |
| ## Type: yesno | |
| ## Default: no | |
| ## ServiceRestart: ldap | |
| # | |
| # If set to "yes" the "ldap over ssl" feature of slapd will be enabled. Don't | |
| # forget to add the "TLSCertificateFile" and "TLSCertificateKeyFile" options | |
| # to the /etc/openldap/slapd.conf (man slapd.conf). | |
| # Note: Don't confuse this with "START_TLS", the preferred method for | |
| # making encrypted LDAP connections, which is enabled as soon as You | |
| # specify "TLSCertificateFile" and "TLSCertificateKeyFile" in your config | |
| # file | |
| # | |
| OPENLDAP_START_LDAPS="no" | |
| ## Type: yesno | |
| ## Default: no | |
| ## ServiceRestart: ldap | |
| # | |
| # If set to "yes", "ldap over IPC" feature of slapd will be enabled. | |
| # The ldap server creates a Unix domain socket as /var/run/slapd/ldapi. | |
| # Default: no | |
| # | |
| OPENLDAP_START_LDAPI="yes" | |
| ## Type: string | |
| ## Default: "" | |
| ## ServiceRestart: ldap | |
| # | |
| # If not empty, additional parameters for slapd daemon. | |
| # Default: "" | |
| # | |
| OPENLDAP_SLAPD_PARAMS="" | |
| ## Type: string | |
| ## Default: ldap | |
| ## ServiceRestart: ldap | |
| # | |
| # specifies a user, as which the openldap server should be executed | |
| # Default: ldap | |
| # | |
| OPENLDAP_USER="ldap" | |
| ## Type: string | |
| ## Default: ldap | |
| ## ServiceRestart: ldap | |
| # | |
| # specifies a group, as which the openldap server should be executed | |
| # Default: ldap | |
| # | |
| OPENLDAP_GROUP="ldap" | |
| ## Type: yesno | |
| ## Default: yes | |
| ## ServiceRestart: ldap | |
| # | |
| # If set to "yes" the init scripts will change the owner/group of the | |
| # different backend database directories (e.g. /var/lib/ldap) to the | |
| # user/group specified above | |
| # | |
| OPENLDAP_CHOWN_DIRS="yes" | |
| ## Type: string | |
| ## Default: "" | |
| ## ServiceRestart: ldap | |
| # | |
| # Use this to specify the interfaces that the server such accept | |
| # LDAP connections from. The values are specified in the format | |
| # <address>:<port>, where address is an IP address and port is the | |
| # portnumber, the daemon should listen to (defaulting to 389). If this | |
| # parameter is empty the server will attach to all interfaces. This | |
| # parameter is only evaluated if "OPENLDAP_START_LDAP" is set to | |
| # "yes" | |
| # Default: "" | |
| # | |
| OPENLDAP_LDAP_INTERFACES="" | |
| ## Type: string | |
| ## Default: "" | |
| ## ServiceRestart: ldap | |
| # | |
| # Use this to specify the interfaces that the server such accept | |
| # LDAPS connections from. The values are specified in the format | |
| # <address>:<port>, where address is an IP address and port is the | |
| # portnumber, the daemon should listen to (defaulting to 636). If this | |
| # parameter is empty the server will attach to all interfaces. This | |
| # parameter is only evaluated if "OPENLDAP_START_LDAPS" is set to | |
| # "yes" | |
| # Default: "" | |
| # | |
| OPENLDAP_LDAPS_INTERFACES="" | |
| ## Type: string | |
| ## Default: "" | |
| ## ServiceRestart: ldap | |
| # | |
| # Use this to specify the paths of the Unix Domain Sockets that | |
| # the server should create an accept incoming LDAPI connections | |
| # on. This parameter is only evaluated if "OPENLDAP_START_LDAPI" | |
| # is set to "yes". | |
| # Default: "" | |
| # | |
| OPENLDAP_LDAPI_INTERFACES="" | |
| ## Type: yesno | |
| ## Default: "yes" | |
| ## ServiceRestart: ldap | |
| # | |
| # If set to "no" the LDAP server will not try itself at a running SLP | |
| # daemon. | |
| # Default: "yes" | |
| # | |
| OPENLDAP_REGISTER_SLP="no" | |
| ## Type: string | |
| ## Default: "" | |
| ## ServiceRestart: ldap | |
| # | |
| # Set this to the name of the keytab, if you want to use a non-default | |
| # Kerberos Keytab. If OPENLDAP_CHOWN_DIRS is set to "yes" the permissions of | |
| # this file will be changed so that the group OPENLDAP_GROUP has read | |
| # access to the file. | |
| # Example: OPENLDAP_KRB5_KEYTAB="FILE:/etc/openldap/krb5.keytab | |
| # Default: "" | |
| # | |
| OPENLDAP_KRB5_KEYTAB="" | |
| ## Type: string | |
| ## Default: "files" | |
| ## ServiceRestart: ldap | |
| # | |
| # Here you can configure which of the configuration backends you want to | |
| # use. Possible values are "files" for slapd.conf(5) styleconfiguration or | |
| # "ldap" for the slapd-config(5) LDAP based configuration backend. | |
| # | |
| OPENLDAP_CONFIG_BACKEND="files" | |
| ## Type: yesno | |
| ## Default: "yes" | |
| ## ServiceRestart: ldap | |
| # | |
| # Here you can configure if the slapd shall start with or without memory limit. | |
| # | |
| OPENLDAP_MEMORY_LIMIT="yes" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment