From c8cc77c49bd309d335d09223ec1870386654be18 Mon Sep 17 00:00:00 2001 From: ajacoutot <> Date: Thu, 7 Jul 2011 02:22:11 +0000 Subject: [PATCH] Install a default ypldap.conf(5) based on the one from the man page (which we remove now) with a couple of tweaks; use the same base DN and admin user as our default ldap.conf(5). --- src/etc/Makefile | 3 ++- src/etc/ypldap.conf | 38 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 40 insertions(+), 1 deletion(-) create mode 100644 src/etc/ypldap.conf diff --git a/src/etc/Makefile b/src/etc/Makefile index 1c0ed87e..7bea3d53 100644 --- a/src/etc/Makefile +++ b/src/etc/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.298 2011/07/07 01:52:57 robert Exp $ +# $OpenBSD: Makefile,v 1.299 2011/07/07 02:22:11 ajacoutot Exp $ TZDIR= /usr/share/zoneinfo LOCALTIME= Canada/Mountain @@ -109,6 +109,7 @@ distribution-etc-root-var: distrib-dirs ${INSTALL} -c -o root -g wheel -m 600 sasyncd.conf ${DESTDIR}/etc ${INSTALL} -c -o root -g wheel -m 600 snmpd.conf ${DESTDIR}/etc ${INSTALL} -c -o root -g wheel -m 600 ldapd.conf ${DESTDIR}/etc + ${INSTALL} -c -o root -g wheel -m 600 ypldap.conf ${DESTDIR}/etc ${INSTALL} -c -o root -g _nsd -m 640 nsd.conf ${DESTDIR}/etc ${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 555 \ etc.${MACHINE}/MAKEDEV ${DESTDIR}/dev diff --git a/src/etc/ypldap.conf b/src/etc/ypldap.conf new file mode 100644 index 00000000..20283f44 --- /dev/null +++ b/src/etc/ypldap.conf @@ -0,0 +1,38 @@ +# $OpenBSD: ypldap.conf,v 1.1 2011/07/07 02:22:11 ajacoutot Exp $ + +domain "example.com" +interval 60 +provide map "passwd.byname" +provide map "passwd.byuid" +provide map "group.byname" +provide map "group.bygid" + +directory "127.0.0.1" { + # directory options + binddn "cn=admin,dc=example,dc=com" + bindcred "secret" + basedn "ou=People,dc=example,dc=com" + + # passwd maps configuration (RFC 2307 posixAccount object class) + passwd filter "(objectClass=posixAccount)" + + attribute name maps to "uid" + fixed attribute passwd "*" + attribute uid maps to "uidNumber" + attribute gid maps to "gidNumber" + attribute gecos maps to "cn" + attribute home maps to "homeDirectory" + attribute shell maps to "loginShell" + fixed attribute change "0" + fixed attribute expire "0" + fixed attribute class "" + + # group maps configuration (RFC 2307 posixGroup object class) + group filter "(objectClass=posixGroup)" + + attribute groupname maps to "cn" + fixed attribute grouppasswd "*" + attribute groupgid maps to "gidNumber" + # memberUid returns multiple group members + list groupmembers maps to "memberUid" +}