# provider slapd config -- for testing
# $OpenLDAP$
## This work is part of OpenLDAP Software .
##
## Copyright 1998-2022 The OpenLDAP Foundation.
## All rights reserved.
##
## Redistribution and use in source and binary forms, with or without
## modification, are permitted only as authorized by the OpenLDAP
## Public License.
##
## A copy of this license is available in the file LICENSE in the
## top-level directory of the distribution or, alternatively, at
## .
include @SCHEMADIR@/core.schema
include @SCHEMADIR@/cosine.schema
include @SCHEMADIR@/inetorgperson.schema
include @SCHEMADIR@/openldap.schema
include @SCHEMADIR@/nis.schema
pidfile @TESTDIR@/slapd.m.pid
argsfile @TESTDIR@/slapd.m.args
#######################################################################
# database definitions
#######################################################################
#mod#modulepath ../servers/slapd/back-@BACKEND@/:../servers/slapd/overlays
#mod#moduleload back_@BACKEND@.la
#ldapmod#modulepath ../servers/slapd/back-ldap/
#ldapmod#moduleload back_ldap.la
#monitormod#modulepath ../servers/slapd/back-monitor/
#monitormod#moduleload back_monitor.la
# here the proxy is not only acting as a proxy, but it also has a local database dc=local,dc=com"
database @BACKEND@
suffix "dc=local,dc=com"
rootdn "cn=Manager,dc=local,dc=com"
rootpw "secret"
#~null~#directory @TESTDIR@/db.2.a
# Configure proxy
# - normal user binds to "*,dc=example,dc=com" are proxied through to the remote slapd
# - admin bind to local "cn=Manager,dc=local,dc=com" is overwritten by using idassert-bind
database ldap
uri "@URI1@"
suffix "dc=example,dc=com"
idassert-bind bindmethod=simple binddn="cn=Manager,dc=example,dc=com" credentials="secret"
idassert-authzFrom "dn.exact:cn=Manager,dc=local,dc=com"
rebind-as-user yes
database monitor