include         /etc/openldap/schema/uidpool.schema

TLSCACertificateFile	/etc/openldap/pla/ca-bundle.crt
TLSCertificateFile	/etc/openldap/pla/slapd.crt
TLSCertificateKeyFile	/etc/openldap/pla/slapd.key

access to dn.regex="o=Simpsons$" attrs=userpassword
	by anonymous auth
	by self write
	by * none

access to dn.base="" by * read
access to dn.regex="dc=example.com$"
	by * write
access to dn.regex="dc=example,dc=com$"
	by * write
access to dn.regex="o=Simpsons$"
	by self write
	by dn.regex="cn=.*,ou=Pets,o=Simpsons" write
	by * read
access to *
	by * read

authz-policy any

database	bdb
suffix		"dc=example.com"
rootdn		"cn=Manager,dc=example.com"
rootpw		NotAllowed
directory	/var/lib/ldap/pla-1
dirtyread
cachesize	2000
checkpoint	32 1
# Indices to maintain for this database
index objectClass			eq,pres
index ou,cn,mail,surname,givenname	eq,pres,sub
index uidNumber,gidNumber,loginShell	eq,pres
index uid,memberUid			eq,pres,sub
index nisMapName,nisMapEntry		eq,pres,sub

database	bdb
suffix		"dc=example,dc=com"
rootdn		"cn=Manager,dc=example,dc=com"
rootpw		NotAllowed
directory	/var/lib/ldap/pla-2
dirtyread
cachesize	2000
checkpoint	32 1
# Indices to maintain for this database
index objectClass			eq,pres
index ou,cn,mail,surname,givenname	eq,pres,sub
index uidNumber,gidNumber,loginShell	eq,pres
index uid,memberUid			eq,pres,sub
index nisMapName,nisMapEntry		eq,pres,sub

database	bdb
suffix		"o=Simpsons"
rootdn		"cn=Manager,o=Simpsons"
rootpw		NotAllowed
directory	/var/lib/ldap/pla-3
dirtyread
cachesize	2000
checkpoint	32 1
# Indices to maintain for this database
index objectClass			eq,pres
index ou,cn,mail,surname,givenname	eq,pres,sub
index uidNumber,gidNumber,loginShell	eq,pres
index uid,memberUid			eq,pres,sub
index nisMapName,nisMapEntry		eq,pres,sub

database                   monitor
access to * by * read

database                   config
access to * by * read
rootdn cn=admin,cn=config
rootpw password