diff options
-rw-r--r-- | fripost-docs.org | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/fripost-docs.org b/fripost-docs.org index b872817..ce7ebb7 100644 --- a/fripost-docs.org +++ b/fripost-docs.org @@ -778,10 +778,14 @@ be looking for e.g., the `uid' attribute. olcDbIndex: objectClass eq - :: /etc/ldap/fripost/index.ldif + :: /etc/ldap/fripost/indexes.ldif dn: olcDatabase={1}hdb,cn=config changetype: modify + # Needed for the replicates. + add: olcDbIndex + olcDbIndex: entryUUID eq + - delete: olcDbIndex olcDbIndex: objectClass eq - @@ -801,7 +805,7 @@ be looking for e.g., the `uid' attribute. olcDbIndex: uid eq,sub - add: olcDbIndex - olcDbIndex: mailLocalAddress eq + olcDbIndex: mailTarget,mailLocalAddress eq - add: olcDbIndex olcDbIndex: isActive eq @@ -809,20 +813,28 @@ be looking for e.g., the `uid' attribute. add: olcDbIndex olcDbIndex: owner eq -ldapmodify -QY EXTERNAL -H ldapi:/// -f /etc/ldap/fripost/index.ldif +ldapmodify -QY EXTERNAL -H ldapi:/// -f /etc/ldap/fripost/indexes.ldif :: ldapsearch -LLLQY EXTERNAL -H ldapi:/// -b cn=config "(olcDatabase={1}hdb)" [...] + olcDbIndex: entryUUID eq olcDbIndex: objectClass pres,eq olcDbIndex: cn eq olcDbIndex: ou eq olcDbIndex: dc eq,sub olcDbIndex: uid eq,sub - olcDbIndex: mailLocalAddress eq + olcDbIndex: mailTarget,mailLocalAddress eq olcDbIndex: isActive eq olcDbIndex: owner eq + +Note: We can add indexes on a populated database, but then we need to reindex the tree: + + sudo /etc/init.d/slapd stop + sudo -u openldap slapindex + sudo /etc/init.d/slapd start + ***** Restrict the access The default ACL is not restrictive enough for our purpose. |