# Load this file with
#
#   ldapadd -Y EXTERNAL -H ldapi:/// -f authz.ldif
#
# That will allow the SASL-authenticated user (service) to be
# reformatted into a proper DN under our services directory.
# 
# SASL authentication can be checked with:
#
#   ldapwhoami -W -Y PLAIN -U FPanel -H ldapi://
#   ldapwhoami -W -Y PLAIN -U FPanel -H ldapi:// -X "dn:fvu=user1,fvd=fripost.org,ou=virtual,o=mailHosting,dc=fripost,dc=dev"
#
# References:
# - http://www.openldap.org/doc/admin24/sasl.html#Direct%20Mapping
# - man 5 slapd-config


dn: cn=config
changetype: modify
replace: olcAuthzRegexp
olcAuthzRegexp: uid=([^,]+),cn=[^,]+,cn=auth cn=$1,ou=services,o=mailHosting,dc=fripost,dc=dev
-
replace: olcAuthzPolicy
olcAuthzPolicy: to