mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
opendj-server2x-adapter/src/test/resources/config/config.ldif
@@ -20,8 +20,8 @@ # CDDL HEADER END # # Copyright 2006-2010 Sun Microsystems, Inc. # Portions Copyright 2010-2012 ForgeRock AS. # Portions Copyright 2012 Manuel Gaupp # Portions Copyright 2010-2013 ForgeRock AS. # Portions Copyright 2012-2014 Manuel Gaupp # # # This file contains the primary Directory Server configuration. It must not @@ -74,14 +74,14 @@ objectClass: ds-cfg-access-control-handler objectClass: ds-cfg-dsee-compat-access-control-handler ds-cfg-global-aci: (extop="1.3.6.1.4.1.26027.1.6.1 || 1.3.6.1.4.1.26027.1.6.3 || 1.3.6.1.4.1.4203.1.11.1 || 1.3.6.1.4.1.1466.20037 || 1.3.6.1.4.1.4203.1.11.3") (version 3.0; acl "Anonymous extended operation access"; allow(read) userdn="ldap:///anyone";) ds-cfg-global-aci: (targetcontrol="2.16.840.1.113730.3.4.2 || 2.16.840.1.113730.3.4.17 || 2.16.840.1.113730.3.4.19 || 1.3.6.1.4.1.4203.1.10.2 || 1.3.6.1.4.1.42.2.27.8.5.1 || 2.16.840.1.113730.3.4.16") (version 3.0; acl "Anonymous control access"; allow(read) userdn="ldap:///anyone";) ds-cfg-global-aci: (targetcontrol="2.16.840.1.113730.3.4.2 || 2.16.840.1.113730.3.4.17 || 2.16.840.1.113730.3.4.19 || 1.3.6.1.4.1.4203.1.10.2 || 1.3.6.1.4.1.42.2.27.8.5.1 || 2.16.840.1.113730.3.4.16 || 1.2.840.113556.1.4.1413") (version 3.0; acl "Anonymous control access"; allow(read) userdn="ldap:///anyone";) ds-cfg-global-aci: (targetcontrol="1.3.6.1.1.12 || 1.3.6.1.1.13.1 || 1.3.6.1.1.13.2 || 1.2.840.113556.1.4.319 || 1.2.826.0.1.3344810.2.3 || 2.16.840.1.113730.3.4.18 || 2.16.840.1.113730.3.4.9 || 1.2.840.113556.1.4.473 || 1.3.6.1.4.1.42.2.27.9.5.9") (version 3.0; acl "Authenticated users control access"; allow(read) userdn="ldap:///all";) ds-cfg-global-aci: (targetattr!="userPassword||authPassword||changes||changeNumber||changeType||changeTime||targetDN||newRDN||newSuperior||deleteOldRDN||targetEntryUUID||changeInitiatorsName||changeLogCookie||includedAttributes")(version 3.0; acl "Anonymous read access"; allow (read,search,compare) userdn="ldap:///anyone";) ds-cfg-global-aci: (targetattr!="userPassword||authPassword||debugsearchindex||changes||changeNumber||changeType||changeTime||targetDN||newRDN||newSuperior||deleteOldRDN")(version 3.0; acl "Anonymous read access"; allow (read,search,compare) userdn="ldap:///anyone";) ds-cfg-global-aci: (targetattr="audio||authPassword||description||displayName||givenName||homePhone||homePostalAddress||initials||jpegPhoto||labeledURI||mobile||pager||postalAddress||postalCode||preferredLanguage||telephoneNumber||userPassword")(version 3.0; acl "Self entry modification"; allow (write) userdn="ldap:///self";) ds-cfg-global-aci: (targetattr="userPassword||authPassword")(version 3.0; acl "Self entry read"; allow (read,search,compare) userdn="ldap:///self";) ds-cfg-global-aci: (target="ldap:///cn=schema")(targetscope="base")(targetattr="objectClass||attributeTypes||dITContentRules||dITStructureRules||ldapSyntaxes||matchingRules||matchingRuleUse||nameForms||objectClasses")(version 3.0; acl "User-Visible Schema Operational Attributes"; allow (read,search,compare) userdn="ldap:///anyone";) ds-cfg-global-aci: (target="ldap:///")(targetscope="base")(targetattr="objectClass||namingContexts||supportedAuthPasswordSchemes||supportedControl||supportedExtension||supportedFeatures||supportedLDAPVersion||supportedSASLMechanisms||vendorName||vendorVersion")(version 3.0; acl "User-Visible Root DSE Operational Attributes"; allow (read,search,compare) userdn="ldap:///anyone";) ds-cfg-global-aci: (targetattr="createTimestamp||creatorsName||modifiersName||modifyTimestamp||entryDN||entryUUID||subschemaSubentry")(version 3.0; acl "User-Visible Operational Attributes"; allow (read,search,compare) userdn="ldap:///anyone";) ds-cfg-global-aci: (target="ldap:///")(targetscope="base")(targetattr="objectClass||namingContexts||supportedAuthPasswordSchemes||supportedControl||supportedExtension||supportedFeatures||supportedLDAPVersion||supportedSASLMechanisms||supportedTLSCiphers||supportedTLSProtocols||vendorName||vendorVersion")(version 3.0; acl "User-Visible Root DSE Operational Attributes"; allow (read,search,compare) userdn="ldap:///anyone";) ds-cfg-global-aci: (targetattr="createTimestamp||creatorsName||modifiersName||modifyTimestamp||entryDN||entryUUID||subschemaSubentry||etag||governingStructureRule||structuralObjectClass||hasSubordinates||numSubordinates")(version 3.0; acl "User-Visible Operational Attributes"; allow (read,search,compare) userdn="ldap:///anyone";) ds-cfg-global-aci: (target="ldap:///dc=replicationchanges")(targetattr="*")(version 3.0; acl "Replication backend access"; deny (all) userdn="ldap:///anyone";) cn: Access Control Handler ds-cfg-java-class: org.opends.server.authorization.dseecompat.AciHandler @@ -172,6 +172,134 @@ objectClass: ds-cfg-branch cn: Backends dn: ds-cfg-backend-id=userRoot,cn=Backends,cn=config objectClass: top objectClass: ds-cfg-backend objectClass: ds-cfg-local-db-backend ds-cfg-enabled: true ds-cfg-java-class: org.opends.server.backends.jeb.BackendImpl ds-cfg-backend-id: userRoot ds-cfg-writability-mode: enabled ds-cfg-base-dn: dc=example,dc=com ds-cfg-db-directory: db ds-cfg-db-directory-permissions: 700 ds-cfg-index-entry-limit: 4000 ds-cfg-preload-time-limit: 0 seconds ds-cfg-entries-compressed: false ds-cfg-compact-encoding: true ds-cfg-db-cache-percent: 50 ds-cfg-db-cache-size: 0 megabytes ds-cfg-db-txn-no-sync: false ds-cfg-db-txn-write-no-sync: true ds-cfg-db-run-cleaner: true ds-cfg-db-cleaner-min-utilization: 50 ds-cfg-db-evictor-lru-only: true ds-cfg-db-evictor-nodes-per-scan: 10 ds-cfg-db-evictor-core-threads: 1 ds-cfg-db-evictor-max-threads: 10 ds-cfg-db-evictor-keep-alive: 600 seconds ds-cfg-db-log-file-max: 10 megabytes ds-cfg-db-log-filecache-size: 100 ds-cfg-db-logging-file-handler-on: true ds-cfg-db-logging-level: CONFIG ds-cfg-db-checkpointer-bytes-interval: 20 megabytes ds-cfg-db-checkpointer-wakeup-interval: 30 seconds ds-cfg-disk-full-threshold: 20 megabytes ds-cfg-disk-low-threshold: 100 megabytes dn: cn=Index,ds-cfg-backend-id=userRoot,cn=Backends,cn=config objectClass: top objectClass: ds-cfg-branch cn: Index dn: ds-cfg-attribute=aci,cn=Index,ds-cfg-backend-id=userRoot,cn=Backends,cn=config objectClass: top objectClass: ds-cfg-local-db-index ds-cfg-attribute: aci ds-cfg-index-type: presence dn: ds-cfg-attribute=cn,cn=Index,ds-cfg-backend-id=userRoot,cn=Backends,cn=config objectClass: top objectClass: ds-cfg-local-db-index ds-cfg-attribute: cn ds-cfg-index-type: equality ds-cfg-index-type: substring dn: ds-cfg-attribute=ds-sync-hist,cn=Index,ds-cfg-backend-id=userRoot,cn=Backends,cn=config objectClass: top objectClass: ds-cfg-local-db-index ds-cfg-attribute: ds-sync-hist ds-cfg-index-type: ordering dn: ds-cfg-attribute=ds-sync-conflict,cn=Index,ds-cfg-backend-id=userRoot,cn=Backends,cn=config objectClass: top objectClass: ds-cfg-local-db-index ds-cfg-attribute: ds-sync-conflict ds-cfg-index-type: equality dn: ds-cfg-attribute=entryUUID,cn=Index,ds-cfg-backend-id=userRoot,cn=Backends,cn=config objectClass: top objectClass: ds-cfg-local-db-index ds-cfg-attribute: entryUUID ds-cfg-index-type: equality dn: ds-cfg-attribute=givenName,cn=Index,ds-cfg-backend-id=userRoot,cn=Backends,cn=config objectClass: top objectClass: ds-cfg-local-db-index ds-cfg-attribute: givenName ds-cfg-index-type: equality ds-cfg-index-type: substring dn: ds-cfg-attribute=mail,cn=Index,ds-cfg-backend-id=userRoot,cn=Backends,cn=config objectClass: top objectClass: ds-cfg-local-db-index ds-cfg-attribute: mail ds-cfg-index-type: equality ds-cfg-index-type: substring dn: ds-cfg-attribute=member,cn=Index,ds-cfg-backend-id=userRoot,cn=Backends,cn=config objectClass: top objectClass: ds-cfg-local-db-index ds-cfg-attribute: member ds-cfg-index-type: equality dn: ds-cfg-attribute=objectClass,cn=Index,ds-cfg-backend-id=userRoot,cn=Backends,cn=config objectClass: top objectClass: ds-cfg-local-db-index ds-cfg-attribute: objectClass ds-cfg-index-type: equality dn: ds-cfg-attribute=sn,cn=Index,ds-cfg-backend-id=userRoot,cn=Backends,cn=config objectClass: top objectClass: ds-cfg-local-db-index ds-cfg-attribute: sn ds-cfg-index-type: equality ds-cfg-index-type: substring dn: ds-cfg-attribute=telephoneNumber,cn=Index,ds-cfg-backend-id=userRoot,cn=Backends,cn=config objectClass: top objectClass: ds-cfg-local-db-index ds-cfg-attribute: telephoneNumber ds-cfg-index-type: equality ds-cfg-index-type: substring dn: ds-cfg-attribute=uid,cn=Index,ds-cfg-backend-id=userRoot,cn=Backends,cn=config objectClass: top objectClass: ds-cfg-local-db-index ds-cfg-attribute: uid ds-cfg-index-type: equality dn: ds-cfg-attribute=uniqueMember,cn=Index,ds-cfg-backend-id=userRoot,cn=Backends,cn=config objectClass: top objectClass: ds-cfg-local-db-index ds-cfg-attribute: uniqueMember ds-cfg-index-type: equality dn: cn=VLV Index,ds-cfg-backend-id=userRoot,cn=Backends,cn=config objectClass: top objectClass: ds-cfg-branch cn: VLV Index dn: ds-cfg-backend-id=backup,cn=Backends,cn=config objectClass: top objectClass: ds-cfg-backend @@ -281,7 +409,7 @@ ds-cfg-java-class: org.opends.server.extensions.SubjectAttributeToUserAttributeCertificateMapper ds-cfg-enabled: true ds-cfg-subject-attribute-mapping: cn:cn ds-cfg-subject-attribute-mapping: e:mail ds-cfg-subject-attribute-mapping: emailAddress:mail dn: cn=Fingerprint Mapper,cn=Certificate Mappers,cn=config objectClass: top @@ -348,6 +476,29 @@ ds-cfg-key-manager-provider: cn=JKS,cn=Key Manager Providers,cn=config ds-cfg-trust-manager-provider: cn=JKS,cn=Trust Manager Providers,cn=config dn: cn=HTTP Connection Handler,cn=Connection Handlers,cn=config objectClass: top objectClass: ds-cfg-connection-handler objectClass: ds-cfg-http-connection-handler cn: HTTP Connection Handler ds-cfg-java-class: org.opends.server.protocols.http.HTTPConnectionHandler ds-cfg-enabled: false ds-cfg-listen-address: 0.0.0.0 ds-cfg-listen-port: 8080 ds-cfg-accept-backlog: 128 ds-cfg-keep-stats: true ds-cfg-use-tcp-keep-alive: true ds-cfg-use-tcp-no-delay: true ds-cfg-allow-tcp-reuse-address: true ds-cfg-max-request-size: 5 megabytes ds-cfg-buffer-size: 4096 bytes ds-cfg-max-blocked-write-time-limit: 2 minutes ds-cfg-use-ssl: false ds-cfg-ssl-client-auth-policy: optional ds-cfg-ssl-cert-nickname: server-cert ds-cfg-config-file: config/http-config.json ds-cfg-authentication-required: true dn: cn=LDIF Connection Handler,cn=Connection Handlers,cn=config objectClass: top objectClass: ds-cfg-connection-handler @@ -575,6 +726,21 @@ ds-cfg-rotation-policy: cn=Size Limit Rotation Policy,cn=Log Rotation Policies,cn=config ds-cfg-retention-policy: cn=File Count Retention Policy,cn=Log Retention Policies,cn=config dn: cn=File-Based HTTP Access Logger,cn=Loggers,cn=config objectClass: top objectClass: ds-cfg-log-publisher objectClass: ds-cfg-http-access-log-publisher objectClass: ds-cfg-file-based-http-access-log-publisher cn: File-Based HTTP Access Logger ds-cfg-java-class: org.opends.server.loggers.TextHTTPAccessLogPublisher ds-cfg-enabled: false ds-cfg-log-file: logs/http-access ds-cfg-log-file-permissions: 640 ds-cfg-asynchronous: true ds-cfg-rotation-policy: cn=24 Hours Time Limit Rotation Policy,cn=Log Rotation Policies,cn=config ds-cfg-rotation-policy: cn=Size Limit Rotation Policy,cn=Log Rotation Policies,cn=config ds-cfg-retention-policy: cn=File Count Retention Policy,cn=Log Retention Policies,cn=config dn: cn=File-Based Audit Logger,cn=Loggers,cn=config objectClass: top objectClass: ds-cfg-log-publisher @@ -840,6 +1006,14 @@ ds-cfg-java-class: org.opends.server.schema.CaseIgnoreListSubstringMatchingRuleFactory ds-cfg-enabled: true dn: cn=Certificate Exact Matching Rule,cn=Matching Rules,cn=config objectClass: top objectClass: ds-cfg-matching-rule objectClass: ds-cfg-equality-matching-rule cn: Certificate Exact Matching Rule ds-cfg-java-class: org.opends.server.schema.CertificateExactMatchingRuleFactory ds-cfg-enabled: true dn: cn=Collation Matching Rule,cn=Matching Rules,cn=config objectClass: top objectClass: ds-cfg-matching-rule @@ -1462,6 +1636,14 @@ ds-cfg-java-class: org.opends.server.extensions.SaltedSHA512PasswordStorageScheme ds-cfg-enabled: true dn: cn=PBKDF2,cn=Password Storage Schemes,cn=config objectClass: top objectClass: ds-cfg-password-storage-scheme objectClass: ds-cfg-pbkdf2-password-storage-scheme cn: PBKDF2 ds-cfg-java-class: org.opends.server.extensions.PBKDF2PasswordStorageScheme ds-cfg-enabled: true dn: cn=SHA-1,cn=Password Storage Schemes,cn=config objectClass: top objectClass: ds-cfg-password-storage-scheme @@ -1507,16 +1689,15 @@ objectClass: ds-cfg-branch cn: Password Validators #dn: cn=Attribute Value,cn=Password Validators,cn=config #objectClass: top #objectClass: ds-cfg-password-validator #objectClass: ds-cfg-attribute-value-password-validator #cn: Attribute Value #ds-cfg-java-class: org.opends.server.extensions.AttributeValuePasswordValidator #ds-cfg-enabled: true #ds-cfg-test-reversed-password: true #ds-cfg-check-substrings: true dn: cn=Attribute Value,cn=Password Validators,cn=config objectClass: top objectClass: ds-cfg-password-validator objectClass: ds-cfg-attribute-value-password-validator cn: Attribute Value ds-cfg-java-class: org.opends.server.extensions.AttributeValuePasswordValidator ds-cfg-enabled: true ds-cfg-test-reversed-password: true ds-cfg-check-substrings: true dn: cn=Character Set,cn=Password Validators,cn=config objectClass: top @@ -2403,7 +2584,7 @@ objectClass: ds-cfg-administration-connector cn: Administration Connector ds-cfg-listen-address: 0.0.0.0 ds-cfg-listen-port: ${admin-listen-port} ds-cfg-listen-port: 4444 ds-cfg-ssl-cert-nickname: admin-cert ds-cfg-key-manager-provider: cn=Administration,cn=Key Manager Providers,cn=config ds-cfg-trust-manager-provider: cn=Administration,cn=Trust Manager Providers,cn=config
