#jinja2: lstrip_blocks: True {{ ansible_managed | comment }} ### Schema includes ########################################################### include /etc/openldap/schema/corba.schema include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/duaconf.schema include /etc/openldap/schema/dyngroup.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/java.schema include /etc/openldap/schema/misc.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/openldap.schema include /etc/openldap/schema/ppolicy.schema include /etc/openldap/schema/collective.schema {% for schema in ldap_proxy_custom_schemas %} include /etc/openldap/schema/{{ schema | basename }} {% endfor %} ## Module paths ############################################################## modulepath /usr/lib64/openldap/ modulepath /usr/lib64/openldap moduleload back_ldap moduleload rwm moduleload memberof.la # Main settings ############################################################### pidfile /var/run/openldap/slapd.pid argsfile /var/run/openldap/slapd.args TLSCertificateFile {{ ldap_proxy_tls_cert_path }} TLSCertificateKeyFile {{ ldap_proxy_tls_key_path }} TLSCACertificateFile {{ ldap_proxy_tls_ca_path }} TLSCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!RC4 TLSProtocolMin 3.1 ### Database definition (Proxy to AD) ######################################### database ldap {% if ldap_proxy_readonly_enabled %} readonly yes {% endif %} lastmod off rebind-as-user uri "{{ ldap_proxy_server }}" suffix "{{ ldap_proxy_server_suffix }}" overlay memberof ### ACL definition ############################################################ include "{{ ldap_proxy_acl_file }}" ### Logging ################################################################### loglevel {{ ldap_proxy_loglevel }}