include     /opt/local/etc/openldap/schema/core.schema
include     /opt/local/etc/openldap/schema/cosine.schema
include     /opt/local/etc/openldap/schema/inetorgperson.schema
include     /opt/local/etc/openldap/schema/ppolicy.schema


pidfile		./target/slapd.pid
argsfile	./target/slapd.args

# Load dynamic backend modules:
modulepath	/usr/lib/openldap/modules
# moduleload	back_ldap.la
# moduleload	back_meta.la
# moduleload	back_monitor.la
# moduleload	back_perl.la

disallow bind_anon
require authc

access to dn.base=""
    by * read

database        bdb
suffix          "dc=springsource,dc=com"
checkpoint      1024    5
cachesize       10000
rootdn          "cn=admin,dc=springsource,dc=com"

rootpw          password

directory       ./target/openldap

index   uid     eq
index   cn      eq
index objectClass eq

access to attrs=userpassword
  by self       =wx
  by anonymous  =x
  by *          none
  
access to dn.subtree="ou=users,dc=qbe,dc=com"
  by self     write
  by *        read


overlay ppolicy
ppolicy_default "cn=default,ou=policies,dc=springsource,dc=com"
ppolicy_use_lockout
ppolicy_hash_cleartext