# defaults for module: srv-ldap
#
[ldap]
  datadir		::path.dbdir::/ldap

  repl_number		0	# >0 is a replica, must be unique

  repl_provider		ldap://::service.ldap_master:::389
  repl_interval		00:00:05:00
  repl_filter		(|(objectClass=posixAccount)(objectClass=posixGroup)(::ldap.admin::))
  repl_attrs		*

  # auth binding
  #
  admin			::auth.ldap.admin_user::
  admin_password	::auth.ldap.admin_password::
  root_bind		::ldap.admin::

  repl_admin_password	::auth.ldap.repl_admin_password::
  repl_user		::auth.ldap.repl_user::
  repl_password		::auth.ldap.repl_password::


  default_perm		read

  # note: auth bindings moved to mnt-ldap module

  indexing_fields_eq	ou cn entryCSN entryUUID \
			memberUid uniqueMember uid uidNumber gidNumber displayName \
			sambaDomainName sambaGroupType sambaSID sambaSIDList
