source: trunk/server/doc/389-ds-enable-ssl-and-kerberos.diff @ 1482

--- o-f.config.ldif     2008-07-05 06:24:48.000000000 -0400
+++ b-m.config.ldif     2008-07-05 06:25:34.000000000 -0400
@@ -123,7 +123,7 @@
 passwordMaxFailure: 3
 nsslapd-accesslog: /var/log/dirsrv/slapd-scripts/access
 nsslapd-lastmod: on
-nsslapd-security: off
+nsslapd-security: on
 passwordMaxAge: 8640000
 nsslapd-auditlog-logrotationtimeunit: day
 passwordResetFailureCount: 600
@@ -180,7 +180,7 @@
 nsslapd-referralmode:
 nsslapd-maxdescriptors: 1024
 nsslapd-conntablesize: 1024
-nsslapd-sslclientauth: off
+nsslapd-sslclientauth: allowed
 nsslapd-config: cn=config
 nsslapd-instancedir:
 nsslapd-schemadir: /etc/dirsrv/slapd-scripts/schema
@@ -217,7 +217,8 @@
 nsSSLSessionTimeout: 0
 nsSSLClientAuth: allowed
 nsSSL2: off
-nsSSL3: off
+nsSSL3: on
+nsSSL3Ciphers: +rsa_rc4_128_md5
 nsSSLSupportedCiphers: SSL3::rc4::RC4::MD5::128
 nsSSLSupportedCiphers: SSL3::rc4export::RC4::MD5::128
 nsSSLSupportedCiphers: SSL3::rc2::RC2::MD5::128
@@ -315,6 +316,15 @@
 objectClass: extensibleObject
 cn: uniqueid generator
 
+# RSA, encryption, config
+dn: cn=RSA,cn=encryption,cn=config
+objectClass: top
+objectClass: nsEncryptionModule
+cn: RSA
+nsSSLPersonalitySSL: ldap/better-mousetrap
+nsSSLToken: internal (software)
+nsSSLActivation: on
+
 # options, features, config
 dn: cn=options,cn=features,cn=config
 objectClass: top
@@ -1264,3 +1274,12 @@
 nsslapd-pluginVendor: Fedora Project
 nsslapd-pluginDescription: Salted Secure Hashing Algorithm (SSHA512)
 
+# mapname, mapping, sasl, config
+dn: cn=mapname,cn=mapping,cn=sasl,cn=config
+objectClass: top
+objectClass: nsSaslMapping
+cn: mapname
+nsSaslMapRegexString: \(.*\)
+nsSaslMapBaseDNTemplate: uid=\1,ou=People,dc=scripts,dc=mit,dc=edu
+nsSaslMapFilterTemplate: (objectClass=posixAccount)
+