net-ldap 0.12.0 → 0.17.0

data/script/install-openldap

@@ -1,112 +0,0 @@
-#!/usr/bin/env sh
-set -e
-set -x
-
-BASE_PATH="$( cd `dirname $0`/../test/fixtures/openldap && pwd )"
-SEED_PATH="$( cd `dirname $0`/../test/fixtures          && pwd )"
-
-dpkg -s slapd time ldap-utils gnutls-bin ssl-cert > /dev/null ||\
-  DEBIAN_FRONTEND=noninteractive apt-get update  -y --force-yes && \
-  DEBIAN_FRONTEND=noninteractive apt-get install -y --force-yes slapd time ldap-utils gnutls-bin ssl-cert
-
-/etc/init.d/slapd stop
-
-TMPDIR=$(mktemp -d)
-cd $TMPDIR
-
-# Delete data and reconfigure.
-cp -v /var/lib/ldap/DB_CONFIG ./DB_CONFIG
-rm -rf /etc/ldap/slapd.d/*
-rm -rf /var/lib/ldap/*
-cp -v ./DB_CONFIG /var/lib/ldap/DB_CONFIG
-slapadd -F /etc/ldap/slapd.d -b "cn=config" -l $BASE_PATH/slapd.conf.ldif
-# Load memberof and ref-int overlays and configure them.
-slapadd -F /etc/ldap/slapd.d -b "cn=config" -l $BASE_PATH/memberof.ldif
-# Load retcode overlay and configure
-slapadd -F /etc/ldap/slapd.d -b "cn=config" -l $BASE_PATH/retcode.ldif
-
-# Add base domain.
-slapadd -F /etc/ldap/slapd.d <<EOM
-dn: dc=rubyldap,dc=com
-objectClass: top
-objectClass: domain
-dc: rubyldap
-EOM
-
-chown -R openldap.openldap /etc/ldap/slapd.d
-chown -R openldap.openldap /var/lib/ldap
-
-/etc/init.d/slapd start
-
-# Import seed data.
-# NOTE: use ldapadd in order for memberOf and refint to apply, instead of:
-# cat $SEED_PATH/seed.ldif | slapadd -F /etc/ldap/slapd.d
-/usr/bin/time ldapadd -x -D "cn=admin,dc=rubyldap,dc=com" -w passworD1 \
-             -h localhost -p 389 \
-             -f $SEED_PATH/seed.ldif
-
-rm -rf $TMPDIR
-
-# SSL
-
-sh -c "certtool --generate-privkey > /etc/ssl/private/cakey.pem"
-
-sh -c "cat > /etc/ssl/ca.info <<EOF
-cn = rubyldap
-ca
-cert_signing_key
-EOF"
-
-# Create the self-signed CA certificate:
-certtool --generate-self-signed \
---load-privkey /etc/ssl/private/cakey.pem \
---template /etc/ssl/ca.info \
---outfile /etc/ssl/certs/cacert.pem
-
-# Make a private key for the server:
-certtool --generate-privkey \
---bits 1024 \
---outfile /etc/ssl/private/ldap01_slapd_key.pem
-
-sh -c "cat > /etc/ssl/ldap01.info <<EOF
-organization = Example Company
-cn = ldap01.example.com
-tls_www_server
-encryption_key
-signing_key
-expiration_days = 3650
-EOF"
-
-# Create the server certificate
-certtool --generate-certificate \
-  --load-privkey /etc/ssl/private/ldap01_slapd_key.pem \
-  --load-ca-certificate /etc/ssl/certs/cacert.pem \
-  --load-ca-privkey /etc/ssl/private/cakey.pem \
-  --template /etc/ssl/ldap01.info \
-  --outfile /etc/ssl/certs/ldap01_slapd_cert.pem
-
-ldapmodify -Y EXTERNAL -H ldapi:/// <<EOF | true
-dn: cn=config
-add: olcTLSCACertificateFile
-olcTLSCACertificateFile: /etc/ssl/certs/cacert.pem
--
-add: olcTLSCertificateFile
-olcTLSCertificateFile: /etc/ssl/certs/ldap01_slapd_cert.pem
--
-add: olcTLSCertificateKeyFile
-olcTLSCertificateKeyFile: /etc/ssl/private/ldap01_slapd_key.pem
-EOF
-
-# LDAP over TLS/SSL (ldaps://) is deprecated in favour of StartTLS. The latter
-# refers to an existing LDAP session (listening on TCP port 389) becoming
-# protected by TLS/SSL whereas LDAPS, like HTTPS, is a distinct
-# encrypted-from-the-start protocol that operates over TCP port 636. But we
-# enable it for testing here.
-sed -i -e 's|^SLAPD_SERVICES="\(.*\)"|SLAPD_SERVICES="ldap:/// ldapi:/// ldaps:///"|' /etc/default/slapd
-
-adduser openldap ssl-cert
-chgrp ssl-cert /etc/ssl/private/ldap01_slapd_key.pem
-chmod g+r /etc/ssl/private/ldap01_slapd_key.pem
-chmod o-r /etc/ssl/private/ldap01_slapd_key.pem
-
-service slapd restart

data/script/package

@@ -1,7 +0,0 @@
-#!/usr/bin/env bash
-# Usage: script/package
-# Updates the gemspec and builds a new gem in the pkg directory.
-
-mkdir -p pkg
-gem build *.gemspec
-mv *.gem pkg

data/script/release

@@ -1,16 +0,0 @@
-#!/usr/bin/env bash
-# Usage: script/release
-# Build the package, tag a commit, push it to origin, and then release the
-# package publicly.
-
-set -e
-
-version="$(script/package | grep Version: | awk '{print $2}')"
-[ -n "$version" ] || exit 1
-
-echo $version
-git commit --allow-empty -a -m "Release $version"
-git tag "v$version"
-git push origin
-git push origin "v$version"
-gem push pkg/*-${version}.gem

data/test/ber/core_ext/test_array.rb

@@ -1,22 +0,0 @@
-require_relative '../../test_helper'
-
-class TestBERArrayExtension < Test::Unit::TestCase
-  def test_control_code_array
-    control_codes = []
-    control_codes << ['1.2.3'.to_ber, true.to_ber].to_ber_sequence
-    control_codes << ['1.7.9'.to_ber, false.to_ber].to_ber_sequence
-    control_codes = control_codes.to_ber_sequence
-    res = [['1.2.3', true],['1.7.9',false]].to_ber_control
-    assert_equal control_codes, res
-  end
-
-  def test_wrap_array_if_not_nested
-    result1 = ['1.2.3', true].to_ber_control
-    result2 = [['1.2.3', true]].to_ber_control
-    assert_equal result2, result1
-  end
-
-  def test_empty_string_if_empty_array
-    assert_equal "", [].to_ber_control
-  end
-end

data/test/ber/core_ext/test_string.rb

@@ -1,25 +0,0 @@
-require_relative '../../test_helper'
-
-class TestBERStringExtension < Test::Unit::TestCase
-  def setup
-    @bind_request = "0$\002\001\001`\037\002\001\003\004\rAdministrator\200\vad_is_bogus UNCONSUMED".b
-    @result = @bind_request.read_ber!(Net::LDAP::AsnSyntax)
-  end
-
-  def test_parse_ber
-    assert_equal [1, [3, "Administrator", "ad_is_bogus"]], @result
-  end
-
-  def test_unconsumed_message
-    assert_equal " UNCONSUMED", @bind_request
-  end
-
-  def test_exception_does_not_modify_string
-    original = "0$\002\001\001`\037\002\001\003\004\rAdministrator\200\vad_is_bogus".b
-    duplicate = original.dup
-    flexmock(StringIO).new_instances.should_receive(:read_ber).and_raise(Net::BER::BerError)
-    duplicate.read_ber!(Net::LDAP::AsnSyntax) rescue Net::BER::BerError
-
-    assert_equal original, duplicate
-  end
-end

data/test/ber/test_ber.rb

@@ -1,145 +0,0 @@
-require_relative '../test_helper'
-
-class TestBEREncoding < Test::Unit::TestCase
-  def test_empty_array
-    assert_equal [], [].to_ber.read_ber
-  end
-
-  def test_array
-    ary = [1,2,3]
-    encoded_ary = ary.map { |el| el.to_ber }.to_ber
-
-    assert_equal ary, encoded_ary.read_ber
-  end
-
-  # http://tools.ietf.org/html/rfc4511#section-5.1
-  def test_true
-    assert_equal "\x01\x01\xFF".b, true.to_ber
-  end
-
-  def test_false
-    assert_equal "\x01\x01\x00", false.to_ber
-  end
-
-  # Sample based
-  {
-    0           => "\x02\x01\x00",
-    1           => "\x02\x01\x01",
-    127         => "\x02\x01\x7F",
-    128         => "\x02\x02\x00\x80",
-    255         => "\x02\x02\x00\xFF",
-    256         => "\x02\x02\x01\x00",
-    65535       => "\x02\x03\x00\xFF\xFF",
-    65536       => "\x02\x03\x01\x00\x00",
-    8388607     => "\x02\x03\x7F\xFF\xFF",
-    8388608     => "\x02\x04\x00\x80\x00\x00",
-    16_777_215  => "\x02\x04\x00\xFF\xFF\xFF",
-    0x01000000  => "\x02\x04\x01\x00\x00\x00",
-    0x3FFFFFFF  => "\x02\x04\x3F\xFF\xFF\xFF",
-    0x4FFFFFFF  => "\x02\x04\x4F\xFF\xFF\xFF",
-
-    # Some odd samples...
-    5           => "\x02\x01\x05",
-    500         => "\x02\x02\x01\xf4",
-    50_000      => "\x02\x03\x00\xC3\x50",
-    5_000_000_000 => "\x02\x05\x01\x2a\x05\xF2\x00",
-
-    # negatives
-    -1          => "\x02\x01\xFF",
-    -127        => "\x02\x01\x81",
-    -128        => "\x02\x01\x80",
-    -255        => "\x02\x02\xFF\x01",
-    -256        => "\x02\x02\xFF\x00",
-    -65535      => "\x02\x03\xFF\x00\x01",
-    -65536      => "\x02\x03\xFF\x00\x00",
-    -65537      => "\x02\x03\xFE\xFF\xFF",
-    -8388607    => "\x02\x03\x80\x00\x01",
-    -8388608    => "\x02\x03\x80\x00\x00",
-    -16_777_215 => "\x02\x04\xFF\x00\x00\x01",
-  }.each do |number, expected_encoding|
-    define_method "test_encode_#{number}" do
-      assert_equal expected_encoding.b, number.to_ber
-    end
-
-    define_method "test_decode_encoded_#{number}" do
-      assert_equal number, expected_encoding.b.read_ber
-    end
-  end
-
-  # Round-trip encoding: This is mostly to be sure to cover Bignums well.
-  def test_powers_of_two
-    100.times do |p|
-      n = 2 << p
-
-      assert_equal n, n.to_ber.read_ber
-    end
-  end
-
-  def test_powers_of_ten
-    100.times do |p|
-      n = 5 * 10**p
-
-      assert_equal n, n.to_ber.read_ber
-    end
-  end
-
-  if "Ruby 1.9".respond_to?(:encoding)
-    def test_encode_utf8_strings
-      assert_equal "\x04\x02\xC3\xA5".b, "\u00e5".force_encoding("UTF-8").to_ber
-    end
-
-    def test_utf8_encodable_strings
-      assert_equal "\x04\nteststring", "teststring".encode("US-ASCII").to_ber
-    end
-
-    def test_encode_binary_data
-      # This is used for searching for GUIDs in Active Directory
-      assert_equal "\x04\x10" + "j1\xB4\xA1*\xA2zA\xAC\xA9`?'\xDDQ\x16".b,
-        ["6a31b4a12aa27a41aca9603f27dd5116"].pack("H*").to_ber_bin
-    end
-
-    def test_non_utf8_encodable_strings
-      assert_equal "\x04\x01\x81".b, "\x81".to_ber
-    end
-  end
-end
-
-class TestBERDecoding < Test::Unit::TestCase
-  def test_decode_number
-    assert_equal 6, "\002\001\006".read_ber(Net::LDAP::AsnSyntax)
-  end
-
-  def test_decode_string
-    assert_equal "testing", "\004\007testing".read_ber(Net::LDAP::AsnSyntax)
-  end
-
-  def test_decode_ldap_bind_request
-    assert_equal [1, [3, "Administrator", "ad_is_bogus"]], "0$\002\001\001`\037\002\001\003\004\rAdministrator\200\vad_is_bogus".read_ber(Net::LDAP::AsnSyntax)
-  end
-end
-
-class TestBERIdentifiedString < Test::Unit::TestCase
-  def test_binary_data
-    data = ["6a31b4a12aa27a41aca9603f27dd5116"].pack("H*").force_encoding("ASCII-8BIT")
-    bis = Net::BER::BerIdentifiedString.new(data)
-
-    assert bis.valid_encoding?, "should be a valid encoding"
-    assert_equal "ASCII-8BIT", bis.encoding.name
-  end
-
-  def test_ascii_data_in_utf8
-    data = "some text".force_encoding("UTF-8")
-    bis = Net::BER::BerIdentifiedString.new(data)
-
-    assert bis.valid_encoding?, "should be a valid encoding"
-    assert_equal "UTF-8", bis.encoding.name
-  end
-
-  def test_ut8_data_in_utf8
-    data = ["e4b8ad"].pack("H*").force_encoding("UTF-8")
-    bis = Net::BER::BerIdentifiedString.new(data)
-
-    assert bis.valid_encoding?, "should be a valid encoding"
-    assert_equal "UTF-8", bis.encoding.name
-  end
-end

data/test/fixtures/cacert.pem

@@ -1,20 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDRzCCAf+gAwIBAgIEVHpbmjANBgkqhkiG9w0BAQsFADATMREwDwYDVQQDEwhy
-dWJ5bGRhcDAeFw0xNDExMjkyMzQ5NDZaFw0xNTExMjkyMzQ5NDZaMBMxETAPBgNV
-BAMTCHJ1YnlsZGFwMIIBUjANBgkqhkiG9w0BAQEFAAOCAT8AMIIBOgKCATEA4pKe
-cDCNuL53fkpO/WSAS+gmMTsOs+oOK71kZlk2QT/MBz8TxC6m358qCADjnXcMVVxa
-ySQbQlVKZMkIvLNciZbiLDgC5II0NbHACNa8rqenoKRjS4J9W3OhA8EmnXn/Me+8
-uMCI9tfnKNRZYdkQZlra4I+Idn+xYfl/5q5b/7ZjPS2zY/585hFEYE+5vfOZVBSU
-3HMNSeuJvTehLv7dD7aQfXNM4cRgHXequkJQ/HLLFAO4AgJ+LJrFWpj7GWz3crgr
-9G5px4T78wJH3NQiOsG6UBXPw8c4T+Z6GAWX2l1zs1gZsaiCVbAraqK3404lL7yp
-+ThbsW3ifzgNPhmjScXBLdbEDrrAKosW7kkTOGzxiMCBmNlj2SKhcztoduAtfF1f
-Fs2Jk8MRTHwO8ThD7wIDAQABo0MwQTAPBgNVHRMBAf8EBTADAQH/MA8GA1UdDwEB
-/wQFAwMHBAAwHQYDVR0OBBYEFJDm67ekyFu4/Z7VcO6Vk/5pinGcMA0GCSqGSIb3
-DQEBCwUAA4IBMQDHeEPzfYRtjynpUKyrtxx/6ZVOfCLuz4eHkBZggz/pJacDCv/a
-I//W03XCk8RWq/fWVVUzvxXgPwnYcw992PLM7XW81zp6ruRUDWooYnjHZZz3bRhe
-kC4QvM2mZhcsMVmhmWWKZn81qXgVdUY1XNRhk87cuXjF/UTpEieFvWAsCUkFZkqB
-AmySCuI/FuPaauT1YAltkIlYAEIGNJGZDMf2BTVUQpXhTXeS9/AZWLNDBwiq+fwo
-YYnsr9MnBXCEmg1gVSR/Ay2AZmbYfiYtb5kU8uq2lSWAUb4LX6HZl82wo3OilrJ2
-WXl6Qf+Fcy4qqkRt4AKHjtzizpEDCOVYuuG0Zoy+QnxNXRsEzpb8ymnJFrcgYfk/
-6Lv2gWAFl5FqCZp7gBWg55eL2coT4C+mbNTF
------END CERTIFICATE-----

data/test/fixtures/openldap/memberof.ldif

@@ -1,33 +0,0 @@
-dn: cn=module,cn=config
-cn: module
-objectClass: olcModuleList
-objectClass: top
-olcModulePath: /usr/lib/ldap
-olcModuleLoad: memberof.la
-
-dn: olcOverlay={0}memberof,olcDatabase={1}hdb,cn=config
-objectClass: olcConfig
-objectClass: olcMemberOf
-objectClass: olcOverlayConfig
-objectClass: top
-olcOverlay: memberof
-olcMemberOfDangling: ignore
-olcMemberOfRefInt: TRUE
-olcMemberOfGroupOC: groupOfNames
-olcMemberOfMemberAD: member
-olcMemberOfMemberOfAD: memberOf
-
-dn: cn=module,cn=config
-cn: module
-objectclass: olcModuleList
-objectclass: top
-olcmoduleload: refint.la
-olcmodulepath: /usr/lib/ldap
-
-dn: olcOverlay={1}refint,olcDatabase={1}hdb,cn=config
-objectClass: olcConfig
-objectClass: olcOverlayConfig
-objectClass: olcRefintConfig
-objectClass: top
-olcOverlay: {1}refint
-olcRefintAttribute: memberof member manager owner

data/test/fixtures/openldap/retcode.ldif

@@ -1,76 +0,0 @@
-dn: cn=module,cn=config
-cn: module
-objectClass: olcModuleList
-objectClass: top
-olcModulePath: /usr/lib/ldap
-olcModuleLoad: retcode.la
-
-# source: http://www.opensource.apple.com/source/OpenLDAP/OpenLDAP-186/OpenLDAP/tests/data/retcode.conf?txt
-
-dn: olcOverlay={2}retcode,olcDatabase={1}hdb,cn=config
-objectClass: olcConfig
-objectClass: olcRetcodeConfig
-objectClass: olcOverlayConfig
-objectClass: top
-olcOverlay: retcode
-olcRetcodeParent: ou=Retcodes,dc=rubyldap,dc=com
-olcRetcodeInDir: TRUE
-olcRetcodeSleep: 0
-olcRetcodeItem: "cn=success" 0x00
-olcRetcodeItem: "cn=success w/ delay" 0x00 sleeptime=2
-olcRetcodeItem: "cn=operationsError" 0x01
-olcRetcodeItem: "cn=protocolError" 0x02
-olcRetcodeItem: "cn=timeLimitExceeded" 0x03 op=search
-olcRetcodeItem: "cn=sizeLimitExceeded" 0x04 op=search
-olcRetcodeItem: "cn=compareFalse" 0x05 op=compare
-olcRetcodeItem: "cn=compareTrue" 0x06 op=compare
-olcRetcodeItem: "cn=authMethodNotSupported" 0x07
-olcRetcodeItem: "cn=strongAuthNotSupported" 0x07 text="same as authMethodNotSupported"
-olcRetcodeItem: "cn=strongAuthRequired" 0x08
-olcRetcodeItem: "cn=strongerAuthRequired" 0x08 text="same as strongAuthRequired"
-olcRetcodeItem: "cn=referral" 0x0a text="LDAPv3" ref="ldap://:9019"
-olcRetcodeItem: "cn=adminLimitExceeded" 0x0b text="LDAPv3"
-olcRetcodeItem: "cn=unavailableCriticalExtension" 0x0c text="LDAPv3"
-olcRetcodeItem: "cn=confidentialityRequired" 0x0d text="LDAPv3"
-olcRetcodeItem: "cn=saslBindInProgress" 0x0e text="LDAPv3"
-olcRetcodeItem: "cn=noSuchAttribute" 0x10
-olcRetcodeItem: "cn=undefinedAttributeType" 0x11
-olcRetcodeItem: "cn=inappropriateMatching" 0x12
-olcRetcodeItem: "cn=constraintViolation" 0x13
-olcRetcodeItem: "cn=attributeOrValueExists" 0x14
-olcRetcodeItem: "cn=invalidAttributeSyntax" 0x15
-olcRetcodeItem: "cn=noSuchObject" 0x20
-olcRetcodeItem: "cn=aliasProblem" 0x21
-olcRetcodeItem: "cn=invalidDNSyntax" 0x22
-olcRetcodeItem: "cn=aliasDereferencingProblem" 0x24
-olcRetcodeItem: "cn=proxyAuthzFailure" 0x2F text="LDAPv3 proxy authorization"
-olcRetcodeItem: "cn=inappropriateAuthentication" 0x30
-olcRetcodeItem: "cn=invalidCredentials" 0x31
-olcRetcodeItem: "cn=insufficientAccessRights" 0x32
-olcRetcodeItem: "cn=busy" 0x33
-olcRetcodeItem: "cn=unavailable" 0x34
-olcRetcodeItem: "cn=unwillingToPerform" 0x35
-olcRetcodeItem: "cn=loopDetect" 0x36
-olcRetcodeItem: "cn=namingViolation" 0x40
-olcRetcodeItem: "cn=objectClassViolation" 0x41
-olcRetcodeItem: "cn=notAllowedOnNonleaf" 0x42
-olcRetcodeItem: "cn=notAllowedOnRDN" 0x43
-olcRetcodeItem: "cn=entryAlreadyExists" 0x44
-olcRetcodeItem: "cn=objectClassModsProhibited" 0x45
-olcRetcodeItem: "cn=resultsTooLarge" 0x46 text="CLDAP"
-olcRetcodeItem: "cn=affectsMultipleDSAs" 0x47 text="LDAPv3"
-olcRetcodeItem: "cn=other" 0x50
-olcRetcodeItem: "cn=cupResourcesExhausted" 0x71
-olcRetcodeItem: "cn=cupSecurityViolation" 0x72
-olcRetcodeItem: "cn=cupInvalidData" 0x73
-olcRetcodeItem: "cn=cupUnsupportedScheme" 0x74
-olcRetcodeItem: "cn=cupReloadRequired" 0x75
-olcRetcodeItem: "cn=cancelled" 0x76
-olcRetcodeItem: "cn=noSuchOperation" 0x77
-olcRetcodeItem: "cn=tooLate" 0x78
-olcRetcodeItem: "cn=cannotCancel" 0x79
-olcRetcodeItem: "cn=syncRefreshRequired" 0x4100
-olcRetcodeItem: "cn=noOperation" 0x410e
-olcRetcodeItem: "cn=assertionFailed" 0x410f
-olcRetcodeItem: "cn=noReferralsFound" 0x4110
-olcRetcodeItem: "cn=cannotChain" 0x4111

data/test/fixtures/openldap/slapd.conf.ldif

@@ -1,67 +0,0 @@
-dn: cn=config
-objectClass: olcGlobal
-cn: config
-olcPidFile: /var/run/slapd/slapd.pid
-olcArgsFile: /var/run/slapd/slapd.args
-olcLogLevel: none
-olcToolThreads: 1
-
-dn: olcDatabase={-1}frontend,cn=config
-objectClass: olcDatabaseConfig
-objectClass: olcFrontendConfig
-olcDatabase: {-1}frontend
-olcSizeLimit: 500
-olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by * break
-olcAccess: {1}to dn.exact="" by * read
-olcAccess: {2}to dn.base="cn=Subschema" by * read
-
-dn: olcDatabase=config,cn=config
-objectClass: olcDatabaseConfig
-olcDatabase: config
-olcAccess: to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by * break
-
-dn: cn=schema,cn=config
-objectClass: olcSchemaConfig
-cn: schema
-
-include: file:///etc/ldap/schema/core.ldif
-include: file:///etc/ldap/schema/cosine.ldif
-include: file:///etc/ldap/schema/nis.ldif
-include: file:///etc/ldap/schema/inetorgperson.ldif
-
-dn: cn=module{0},cn=config
-objectClass: olcModuleList
-cn: module{0}
-olcModulePath: /usr/lib/ldap
-olcModuleLoad: back_hdb
-
-dn: olcBackend=hdb,cn=config
-objectClass: olcBackendConfig
-olcBackend: hdb
-
-dn: olcDatabase=hdb,cn=config
-objectClass: olcDatabaseConfig
-objectClass: olcHdbConfig
-olcDatabase: hdb
-olcDbCheckpoint: 512 30
-olcDbConfig: set_cachesize 1 0 0
-olcDbConfig: set_lk_max_objects 1500
-olcDbConfig: set_lk_max_locks 1500
-olcDbConfig: set_lk_max_lockers 1500
-olcLastMod: TRUE
-olcSuffix: dc=rubyldap,dc=com
-olcDbDirectory: /var/lib/ldap
-olcRootDN: cn=admin,dc=rubyldap,dc=com
-# admin's password: "passworD1"
-olcRootPW: {SHA}LFSkM9eegU6j3PeGG7UuHrT/KZM=
-olcDbIndex: objectClass eq
-olcAccess: to attrs=userPassword,shadowLastChange
-  by self write
-  by anonymous auth
-  by dn="cn=admin,dc=rubyldap,dc=com" write
-  by * none
-olcAccess: to dn.base="" by * read
-olcAccess: to *
-  by self write
-  by dn="cn=admin,dc=rubyldap,dc=com" write
-  by * read