Documentation< Previous | Contents | Next >
1.6.1. Provider Configuration
Begin by configuring the Provider.
1. Create an LDIF file with the following contents and name it provider_sync.ldif:
# Add indexes to the frontend db. dn: olcDatabase={1}mdb,cn=config changetype: modify
add: olcDbIndex olcDbIndex: entryCSN eq
-
add: olcDbIndex olcDbIndex: entryUUID eq
#Load the syncprov and accesslog modules. dn: cn=module{0},cn=config
changetype: modify add: olcModuleLoad
olcModuleLoad: syncprov
-
add: olcModuleLoad olcModuleLoad: accesslog
# Accesslog database definitions dn: olcDatabase={2}mdb,cn=config objectClass: olcDatabaseConfig objectClass: olcMdbConfig olcDatabase: {2}mdb
olcDbDirectory: /var/lib/ldap/accesslog olcSuffix: cn=accesslog
olcRootDN: cn=admin,dc=example,dc=com olcDbIndex: default eq
olcDbIndex: entryCSN,objectClass,reqEnd,reqResult,reqStart
# Accesslog db syncprov.
dn: olcOverlay=syncprov,olcDatabase={2}mdb,cn=config changetype: add
objectClass: olcOverlayConfig objectClass: olcSyncProvConfig olcOverlay: syncprov olcSpNoPresent: TRUE olcSpReloadHint: TRUE
# syncrepl Provider for primary db
dn: olcOverlay=syncprov,olcDatabase={1}mdb,cn=config changetype: add
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig olcOverlay: syncprov olcSpNoPresent: TRUE
# accesslog overlay definitions for primary db
dn: olcOverlay=accesslog,olcDatabase={1}mdb,cn=config objectClass: olcOverlayConfig
objectClass: olcAccessLogConfig olcOverlay: accesslog olcAccessLogDB: cn=accesslog olcAccessLogOps: writes olcAccessLogSuccess: TRUE
# scan the accesslog DB every day, and purge entries older than 7 days olcAccessLogPurge: 07+00:00 01+00:00
Change the rootDN in the LDIF file to match the one you have for your directory.
2. Create a directory:
sudo -u openldap mkdir /var/lib/ldap/accesslog
3. Add the new content:
sudo ldapadd -Q -Y EXTERNAL -H ldapi:/// -f provider_sync.ldif