##
# Global Directives
##

# Schema and objectClass definitions
include         /etc/ldap/schema/core.schema
include         /etc/ldap/schema/cosine.schema
include         /etc/ldap/schema/nis.schema
include         /etc/ldap/schema/inetorgperson.schema

moduleload back_hdb

disallow bind_anon

##
# Test DB
##

database hdb

suffix "dc=example,dc=com"

rootdn "cn=Manager,dc=example,dc=com"
rootpw insecure

# The database directory MUST exist prior to running slapd AND
# change path as necessary
directory       /tmp/ldap_db/

##
# ACL
##

# The userPassword by default can be changed
# by the entry owning it if they are authenticated.
# Others should not be able to see it, except the
# admin entry below
# These access lines apply to database #1 only
access to attrs=userPassword,shadowLastChange
        by anonymous auth
        by self write
        by * none