From ded29bf9eb3fa40c56eb9ace365d13e6348e215c Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem.moulin@fripost.org>
Date: Mon, 20 Aug 2012 01:53:16 +0200
Subject: A little test suite for LDAP ACLs.

---
 ldap/database.ldif | 60 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 60 insertions(+)
 create mode 100644 ldap/database.ldif

(limited to 'ldap/database.ldif')

diff --git a/ldap/database.ldif b/ldap/database.ldif
new file mode 100644
index 0000000..300d933
--- /dev/null
+++ b/ldap/database.ldif
@@ -0,0 +1,60 @@
+# Load this file with
+#
+#   ldapadd -Y EXTERNAL -H ldapi:/// -f database.ldif
+#
+# It will create a new database under `/var/lib/ldap/dev', which has to
+# be an existing directory:
+#
+#   mkdir -m 0700 /var/lib/ldap/dev && chown openldap:openldap /var/lib/ldap/dev
+
+
+dn: olcDatabase=hdb,cn=config
+objectClass: olcDatabaseConfig
+objectClass: olcHdbConfig
+olcDbDirectory: /var/lib/ldap/dev
+olcSuffix: o=mailHosting,dc=fripost,dc=dev
+olcLastMod: TRUE
+olcDbCheckpoint: 512 30
+# Require LDAPv3 protocol and authentication prior to directory
+# operations.
+olcRequires: LDAPv3 authc
+# We don't want to give "canCreate{Alias,ML}" write access to alias/ml
+# attributes.
+olcAddContentAcl: FALSE
+# The root user has all rights on the whole database (when SASL-binding
+# on a UNIX socket).
+olcRootDN: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
+
+
+#
+# Performance considerations
+#
+# References:
+# - https://wiki.zimbra.com/wiki/OpenLDAP_Performance_Tuning_5.0
+# - http://www.openldap.org/doc/admin24/tuning.html
+#
+#
+# 1. On single- and dual-core systems, change the maximum number of
+# threads to 8. (The default, 16, is fine for 4- and 8-core systems.)
+#
+#       dn: cn=config
+#       changetype: modify
+#       add: olcThreads
+#       olcThreads: 8
+#
+#
+# 2. It may be a good idea to modify DB_CONFIG, depending on the output
+# of 
+#   
+#   db4.8_stat -m -h /var/lib/ldap/ | head -16
+#
+# (For optimal performance, the Requested pages found in the cache
+# should be above 95%, and the pages forced from the cache should be 0.)
+#
+# and
+# 
+#   db4.8_stat -m -h /var/lib/ldap/ | head -16
+#
+# (For optimal performance, usage should be within 85% of the configured
+# values.)
+#
-- 
cgit v1.2.3