diff --git a/openldap-config/debian/deb_folder/openldap-config.install b/openldap-config/debian/deb_folder/openldap-config.install index 4af9868..2879ab5 100644 --- a/openldap-config/debian/deb_folder/openldap-config.install +++ b/openldap-config/debian/deb_folder/openldap-config.install @@ -5,3 +5,4 @@ slapd.syslog-ng.conf /usr/share/starlingx/openldap slapd.sysconfig /usr/share/starlingx/openldap slapd.service /etc/systemd/system sudo.schema /etc/ldap/schema +certs.ldif /etc/ldap diff --git a/openldap-config/source-debian/certs.ldif b/openldap-config/source-debian/certs.ldif new file mode 100644 index 0000000..3011d0c --- /dev/null +++ b/openldap-config/source-debian/certs.ldif @@ -0,0 +1,10 @@ +dn: cn=config +changetype: modify +replace: olcTLSCertificateKeyFile +olcTLSCertificateKeyFile: /etc/ldap/certs/openldap-cert.key + +dn: cn=config +changetype: modify +replace: olcTLSCertificateFile +olcTLSCertificateFile: /etc/ldap/certs/openldap-cert.crt + diff --git a/openldap-config/source-debian/initscript b/openldap-config/source-debian/initscript index 48a0a01..de53a53 100755 --- a/openldap-config/source-debian/initscript +++ b/openldap-config/source-debian/initscript @@ -45,7 +45,7 @@ case "$1" in ulimit -n 4096 if [ -f /etc/ldap/schema/cn=config.ldif ]; then start-stop-daemon --start --oknodo --quiet --exec $slapd \ - -- -F /etc/ldap/schema/ + -- -h "ldap:/// ldaps:///" -F /etc/ldap/schema/ RETVAL=$? else start-stop-daemon --start --oknodo --quiet --exec $slapd diff --git a/openldap-config/source-debian/slapd.conf b/openldap-config/source-debian/slapd.conf index a2221bd..3caea41 100644 --- a/openldap-config/source-debian/slapd.conf +++ b/openldap-config/source-debian/slapd.conf @@ -58,6 +58,13 @@ moduleload syncprov.la # BDB database definitions ####################################################################### +# olcDatabase={0}config +database config +rootdn "cn=config" +rootpw _LDAPADMIN_PW_ + + +# olcDatabase={1}mdb database mdb suffix "dc=cgcs,dc=local" rootdn "cn=ldapadmin,dc=cgcs,dc=local"