--- /dev/null
+[/]\r
+* = rw\r
/config/additional_environment.rb
-/config/database.yml
/config/email.yml
/config/initializers/session_store.rb
/coverage
--- /dev/null
+production:\r
+ adapter: sqlite3\r
+ database: db/redmine.db\r
+\r
+development:\r
+ adapter: sqlite3\r
+ database: db/redmine.db\r
+\r
--- /dev/null
+= le\r
+\r
+Description goes here\r
--- /dev/null
+class LdapUsersController < ApplicationController\r
+ unloadable\r
+ before_filter :require_admin, :setup_auth_source\r
+\r
+ def index\r
+ @ldap_users = LdapUser.find(:all)\r
+ end\r
+\r
+ def new\r
+ @ldap_user = LdapUser.new\r
+ render :action => "edit"\r
+ end\r
+\r
+ def create\r
+ @user = User.new(:language => Setting.default_language)\r
+ @ldap_user = LdapUser.new\r
+ @user.login = @ldap_user.login = params[:ldap_user][:login]\r
+\r
+ if assign_params_and_save\r
+ flash[:notice] = l(:notice_successful_create)\r
+\r
+ if @user.save_without_validation\r
+ @user.auth_source = nil # dummy\r
+ Mailer.deliver_account_information(@user, @ldap_user.password) if params[:send_information]\r
+ else\r
+ flash[:error] = l(:error_failed_to_create_redmine_user)\r
+ end\r
+\r
+ redirect_to :action => 'edit', :id => @ldap_user.login\r
+ else\r
+ render :action => 'edit'\r
+ end\r
+ end\r
+\r
+ def edit\r
+ @ldap_user = LdapUser.find(params[:id])\r
+ end\r
+\r
+ def update\r
+ @user = User.find_by_login(params[:id]) || User.new(:login => params[:id])\r
+ @ldap_user = LdapUser.find(params[:id])\r
+\r
+ if assign_params_and_save\r
+ flash[:notice] = l(:notice_successful_update)\r
+ if @ldap_user.admin? && !params[:ldap_user][:password].blank?\r
+ flash[:warning] = l(:warning_need_to_restart)\r
+ end\r
+ \r
+ if @user.save_without_validation\r
+ @user.auth_source = nil # dummy\r
+ Mailer.deliver_account_information(@user, @ldap_user.password) if params[:send_information] && !@ldap_user.password.blank?\r
+ else\r
+ flash[:error] = l(:error_failed_to_update_redmine_user)\r
+ end\r
+\r
+ redirect_to :action => 'edit', :id => @ldap_user.login\r
+ else\r
+ render :action => 'edit'\r
+ end\r
+ end\r
+\r
+ def destroy\r
+ #@ldap_user = LdapUser.find(params[:id])\r
+ end\r
+\r
+ private\r
+ def setup_auth_source\r
+ setting = RedmineLeSetting.instance\r
+ return render_403 if setting.use_external_ldap\r
+ return render_404 unless @auth_source = LdapUser.auth_source = setting.auth_source\r
+ end\r
+\r
+ def assign_params_and_save\r
+ h = params[:ldap_user]\r
+ attrs = %w[firstname lastname mail]\r
+ attrs.each {|attr|\r
+ @user.send(attr+"=", @ldap_user.send(attr+"=", h[attr]))\r
+ }\r
+ @ldap_user.password = h[:password]\r
+ @ldap_user.password_confirmation = h[:password_confirmation]\r
+\r
+ unless @user.valid?\r
+ @user.errors.each_error {|attr, error|\r
+ if attrs.include?(attr) && @user.send(attr+"_changed?")\r
+ @ldap_user.errors.add_to_base(error.full_message)\r
+ end\r
+ }\r
+ end\r
+ @user.auth_source ||= @auth_source\r
+\r
+ RedmineLeSetting.transaction do\r
+ @ldap_user.errors.empty? && @ldap_user.save\r
+ end\r
+\r
+ @ldap_user.errors.empty?\r
+ end\r
+end\r
--- /dev/null
+class RedmineLeSettingsController < ApplicationController\r
+ unloadable\r
+ before_filter :require_admin\r
+\r
+ def index\r
+ @setting = RedmineLeSetting.instance\r
+ end\r
+\r
+ def update\r
+ @setting = RedmineLeSetting.instance\r
+ @setting.update_attributes(params[:redmine_le_setting])\r
+ if @setting.save\r
+ flash[:notice] = l(:notice_successful_update)\r
+ flash[:warning] = l(:warning_need_to_restart)\r
+ redirect_to :action => 'index'\r
+ else\r
+ render :action => 'index'\r
+ end\r
+ end\r
+end\r
--- /dev/null
+class LdapUser < ActiveLdap::Base\r
+ unloadable\r
+ ldap_mapping :prefix => "", :dn_attribute => "uid",\r
+ :classes => %w[person inetOrgPerson organizationalPerson top]\r
+\r
+ validates_confirmation_of :password, :allow_nil => true\r
+\r
+ attr_accessor :password, :password_confirmation\r
+\r
+ def self.auth_source\r
+ @auth_source\r
+ end\r
+\r
+ def self.auth_source=(source)\r
+ setup_connection(\r
+ :host => source.host,\r
+ :port => source.port,\r
+ :base => source.base_dn,\r
+ :bind_dn => source.account,\r
+ :password => source.account_password\r
+ )\r
+\r
+ @auth_source = source\r
+ end\r
+\r
+ def admin?\r
+ login == RedmineLeSetting.admin_account\r
+ end\r
+\r
+ def auth_source\r
+ self.class.auth_source\r
+ end\r
+ \r
+ def login\r
+ self[self.auth_source.attr_login]\r
+ end\r
+\r
+ def login=(value)\r
+ self[auth_source.attr_login] = value\r
+ end\r
+\r
+ def firstname\r
+ self[auth_source.attr_firstname]\r
+ end\r
+\r
+ def firstname=(value)\r
+ self[auth_source.attr_firstname] = value\r
+ end\r
+\r
+ def lastname\r
+ self[auth_source.attr_lastname]\r
+ end\r
+\r
+ def lastname=(value)\r
+ self[:cn] ||= value\r
+ self[auth_source.attr_lastname] = value\r
+ end\r
+\r
+ def mail\r
+ self[auth_source.attr_mail]\r
+ end\r
+\r
+ def mail=(value)\r
+ self[auth_source.attr_mail] = value\r
+ end\r
+\r
+ protected\r
+ def validate\r
+ if !password.blank? && password.size < l=Setting.password_min_length.to_i\r
+ add_error_message(:password, :too_short, :count => l)\r
+ end\r
+ end\r
+\r
+ def validate_on_create\r
+ add_error_message(:password, :blank) if password.blank?\r
+ add_error_message(:login, :taken) if User.find_by_login(login)\r
+ end\r
+\r
+ def before_save\r
+ unless password.blank?\r
+ self[:userPassword] = password\r
+ if admin?\r
+ setting = RedmineLeSetting.instance\r
+ setting.admin_password = password\r
+ setting.save\r
+ end\r
+ end\r
+ end\r
+\r
+ private\r
+ def add_error_message(attr, msg, options = {})\r
+ @dummy_user ||= User.new\r
+ self.errors.add_to_base(ActiveRecord::Error.new(@dummy_user, attr, msg, options).full_message)\r
+ end\r
+end\r
--- /dev/null
+class RedmineLeSetting < ActiveRecord::Base\r
+ unloadable\r
+\r
+ @@skip_callbacks = false\r
+ EMAIL_YAML = RAILS_ROOT + "/config/email.yml"\r
+\r
+ belongs_to :auth_source\r
+\r
+ validates_presence_of :auth_source_id, :admin_account, :admin_password\r
+ \r
+ def self.instance\r
+ @instance ||= (first || new)\r
+ end\r
+\r
+ def self.[](name)\r
+ instance[name]\r
+ end\r
+\r
+ def self.[]=(name, value)\r
+ instance[name] = value\r
+ end\r
+\r
+ def self.method_missing(name, *args)\r
+ instance.send(name, *args)\r
+ end\r
+\r
+ def self.transaction(&block)\r
+ @xml_changes = {}\r
+ @text_changes = {}\r
+ @file_changes = {}\r
+ @error_list = {}\r
+ super(&block)\r
+ rescue => err\r
+ @xml_changes.dup.each {|filename, xpath_values|\r
+ replace_xml(filename, *xpath_values)\r
+ }\r
+ @xml_changes = {}\r
+ @text_changes.dup.each {|filename, regexp_values|\r
+ replace_text(filename, *regexp_values)\r
+ }\r
+ @text_changes = {}\r
+ @file_changes.each {|filename, content|\r
+ File.open(filename, "w") {|f| f.write(content)}\r
+ }\r
+ @file_changes = {}\r
+ raise err\r
+ end\r
+\r
+ def self.skip_callbacks(&block)\r
+ @@skip_callbacks = true\r
+ result = yield\r
+ @@skip_callbacks = false\r
+ result\r
+ end\r
+\r
+ def search_ldap_user(username = nil)\r
+ username ||= admin_account\r
+ source = LdapUser.auth_source = RedmineLeSetting.auth_source\r
+ LdapUser.find(:filter => [source.attr_login, username])\r
+ end\r
+\r
+ def search_dn(username = nil)\r
+ user = search_ldap_user(username)\r
+ user && user.dn.to_s\r
+ end\r
+\r
+ def base64_admin_password\r
+ admin_password && Base64.encode64(admin_password).chomp\r
+ end\r
+\r
+ def smtp_settings\r
+ @email_config ||= File.file?(EMAIL_YAML) ? YAML.load_file(EMAIL_YAML) : {}\r
+ conf = @email_config[RAILS_ENV] ||= {}\r
+ conf["delivery_method"] ||= :smtp\r
+ conf["smtp_settings"] ||= {}\r
+ end\r
+\r
+ def smtp_settings_changed?\r
+ !!@smtp_settings_changed\r
+ end\r
+\r
+ def smtp_server\r
+ smtp_settings["address"]\r
+ end\r
+\r
+ def smtp_server=(value)\r
+ set_smtp_setting("address", value)\r
+ end\r
+\r
+ def smtp_port\r
+ smtp_settings["port"] ||= 25\r
+ end\r
+\r
+ def smtp_port=(value)\r
+ set_smtp_setting("port", value.to_i)\r
+ end\r
+\r
+ def smtp_user\r
+ smtp_settings["user_name"]\r
+ end\r
+\r
+ def smtp_user=(value)\r
+ set_smtp_setting("user_name", value)\r
+ end\r
+\r
+ def smtp_password\r
+ smtp_settings["password"]\r
+ end\r
+\r
+ def smtp_password=(value)\r
+ set_smtp_setting("password", value)\r
+ end\r
+\r
+ def smtp_sender\r
+ Setting.mail_from\r
+ end\r
+\r
+ def smtp_sender=(value)\r
+ @smtp_settings_changed = true if smtp_sender != value\r
+ @smtp_sender = value\r
+ end\r
+\r
+ protected\r
+ def validate_on_update\r
+ return unless use_external_ldap\r
+ return unless admin_account_changed? || admin_password_changed?\r
+ user = search_ldap_user\r
+ valid = user && begin\r
+ user.bind(admin_password)\r
+ rescue ActiveLdap::AuthenticationError, ActiveLdap::LdapError::UnwillingToPerform\r
+ false\r
+ end\r
+ errors.add_to_base(l(:notice_account_invalid_creditentials)) unless valid\r
+ end\r
+\r
+ def before_save\r
+ return if @@skip_callbacks\r
+ change_smtp_settings if smtp_settings_changed?\r
+ change_admin_account if admin_account_changed? || admin_password_changed?\r
+ end\r
+\r
+ private\r
+ def change_smtp_settings\r
+ if @smtp_sender && @smtp_sender != smtp_sender\r
+ Setting.mail_from = @smtp_sender\r
+ end\r
+\r
+ smtp_settings["domain"] ||= "localhost"\r
+ if smtp_user.blank? || smtp_password.blank?\r
+ %w[authentication user_name password].each {|key|\r
+ smtp_settings.delete(key)\r
+ }\r
+ else\r
+ smtp_settings["authentication"] = :login\r
+ end\r
+\r
+ self.class.replace_xml(\r
+ RedmineLe::HOME + "/hudson/home/hudson.tasks.Mailer.xml",\r
+ ["//smtpHost", smtp_server],\r
+ ["//adminAddress", smtp_sender],\r
+ ["//smtpAuthUsername", smtp_user],\r
+ ["//smtpAuthPassword", smtp_password]\r
+ )\r
+ self.class.write_file(EMAIL_YAML, YAML.dump(@email_config))\r
+ @smtp_settings_changed = nil\r
+ end\r
+\r
+ def change_admin_account\r
+ dn = use_external_ldap ? search_dn : auth_source.account\r
+\r
+ Repository::Subversion.all(:conditions => [\r
+ "url LIKE ? AND login = ?", 'http%://localhost%/svn/%', admin_account_was\r
+ ]).each {|repos|\r
+ repos.login = admin_account\r
+ repos.password = admin_password\r
+ repos.save!\r
+ }\r
+\r
+ auth_source.account = dn\r
+ auth_source.account_password = admin_password\r
+ auth_source.save!\r
+\r
+ base = "//credentials/entry/string[contains(., '//localhost:#{RedmineLe::HTTP_PORT}')]/.."\r
+ self.class.replace_xml(\r
+ RedmineLe::HOME + "/hudson/home/hudson.scm.SubversionSCM.xml",\r
+ [base + "//userName", admin_account],\r
+ [base + "//password", base64_admin_password]\r
+ )\r
+\r
+ self.class.replace_xml(\r
+ RedmineLe::HOME + "/hudson/home/config.xml",\r
+ ["//securityRealm/managerDN", dn],\r
+ ["//securityRealm/managerPassword", base64_admin_password]\r
+ )\r
+\r
+ self.class.replace_text(\r
+ RedmineLe::HOME + "/apache/conf/conf.d/subversion.conf",\r
+ [/AuthLDAPBindDN\s+(.*)$/, dn],\r
+ [/AuthLDAPBindPassword\s+(.*)$/, admin_password]\r
+ )\r
+ end\r
+\r
+ def self.replace_xml(filename, *xpath_values)\r
+ doc = REXML::Document.new(File.new(filename))\r
+\r
+ xpath_values.each {|xpath, value|\r
+ unless elem = doc.elements[xpath]\r
+ (@error_list[filename] ||= []) << xpath if @error_list\r
+ next\r
+ end\r
+ oldvalue = elem.text\r
+ elem.text = value\r
+ (@xml_changes[filename] ||= []) << [xpath, oldvalue] if @xml_changes\r
+ }\r
+\r
+ File.open(filename, "w") {|f| doc.write(f)}\r
+ end\r
+\r
+ def self.replace_text(filename, *regexp_values)\r
+ content = File.read(filename)\r
+\r
+ regexp_values.each {|regexp, value|\r
+ begin\r
+ content[regexp, 1] = value\r
+ (@text_changes[filename] ||= []) << [regexp, $1] if @text_changes\r
+ rescue IndexError\r
+ (@error_list[filename] ||= []) << regexp.inspect if @error_list\r
+ end\r
+ }\r
+\r
+ File.open(filename, "w") {|f| f.write(content)}\r
+ end\r
+\r
+ def self.write_file(filename, content)\r
+ if @file_changes\r
+ @file_changes[filename] = File.file?(filename) ? File.read(filename) : ""\r
+ end\r
+ File.open(filename, "w") {|f| f.write(content)}\r
+ end\r
+\r
+ def set_smtp_setting(key, value)\r
+ v = "@smtp_#{key}_was"\r
+ v = instance_variable_get(v) || instance_variable_set(v, smtp_settings[key])\r
+ @smtp_settings_changed = true if v != value\r
+ smtp_settings[key] = value\r
+ end\r
+end\r
--- /dev/null
+<h2><%= link_to l(:label_ldap_user_plural), :action => 'index' %> » <%= @ldap_user.new_record? ? l(:label_user_new) : h(@ldap_user.login) %></h2>\r
+\r
+<%\r
+ args = {:url => {:action => @ldap_user.new_record? ? "create" : "update"}}\r
+ args[:html] = {:method => :put} unless @ldap_user.new_record?\r
+%>\r
+<% labelled_tabular_form_for :ldap_user, @ldap_user, args do |f| %>\r
+<%= f.error_messages %>\r
+<div class="box">\r
+<% if @ldap_user.new_record? %>\r
+ <p><%= f.text_field :login, :required => true, :size => 25 %></p>\r
+<% end %>\r
+ <p><%= f.password_field :password, :required => true, :size => 25 %></p>\r
+ <p><%= f.password_field :password_confirmation, :required => true, :size => 25 %></p>\r
+ <p><%= f.text_field :firstname, :required => true %></p>\r
+ <p><%= f.text_field :lastname, :required => true %></p>\r
+ <p><%= f.text_field :mail, :required => true %></p>\r
+</div>\r
+<%= f.submit l(@ldap_user.new_record? ? :button_create : :button_save) %>\r
+<%= check_box_tag 'send_information', 1, true %> <%= l(:label_send_information) %>\r
+<% end %>\r
--- /dev/null
+<% html_title(l(:label_ldap_user_plural)) %>\r
+\r
+<div class="contextual">\r
+<%= link_to l(:label_user_new), {:action => 'new'}, :class => 'icon icon-add' %>\r
+</div>\r
+\r
+<h2><%= l(:label_ldap_user_plural) %></h2>\r
+\r
+<table class="list"> \r
+ <thead>\r
+ <tr>\r
+ <th><%= l(:field_login) %></th>\r
+ <th><%= l(:field_firstname) %></th>\r
+ <th><%= l(:field_lastname) %></th>\r
+ <th><%= l(:field_mail) %></th>\r
+ </tr>\r
+ </thead>\r
+ <tbody>\r
+ <% @ldap_users.each do |user| %>\r
+ <tr class="<%= cycle("odd", "even") %>">\r
+ <td><%= link_to(h(user.login), :action => 'edit', :id => user.login) %></td>\r
+ <td><%= h(user.firstname) %></td>\r
+ <td><%= h(user.lastname) %></td>\r
+ <td><%= h(user.mail) %></td>\r
+ </tr>\r
+ <% end %>\r
+ </tbody>\r
+</table>\r
--- /dev/null
+<h2>RedmineLE</h2>\r
+\r
+<% unless RedmineLeSetting.use_external_ldap %>\r
+ <p><%= link_to l(:label_ldap_user_administration), :controller => "ldap_users", :action => "index" %></p>\r
+<% end %>\r
+\r
+<% labelled_tabular_form_for :redmine_le_setting, @setting, :url => {:action => 'update'}, :html => {:method => :put} do |f| %>\r
+ <%= f.error_messages %>\r
+\r
+<% if RedmineLeSetting.use_external_ldap %>\r
+ <h3><%= l(:label_change_admin_account) %></h3>\r
+ <div class="box">\r
+ <p><%= f.text_field :admin_account, :required => true, :size => 25 %></p>\r
+ <p><%= f.password_field :admin_password, :required => true, :size => 25 %></p>\r
+ </div>\r
+<% end %>\r
+\r
+ <h3><%= l(:label_smtp_setting) %></h3>\r
+ <div class="box">\r
+ <p><%= f.text_field :smtp_server, :size => 25 %></p>\r
+ <p><%= f.text_field :smtp_port, :size => 25, :label => l(:field_port) %></p>\r
+ <p><%= f.text_field :smtp_sender, :size => 25, :label => l(:setting_mail_from) %></p>\r
+ <p><%= f.text_field :smtp_user, :size => 25 %></p>\r
+ <p><%= f.password_field :smtp_password, :size => 25, :label => l(:field_password) %></p>\r
+ </div>\r
+\r
+ <%= f.submit l(:button_save) %>\r
+<% end %>\r
+\r
+<% html_title "RedmineLE" %>\r
--- /dev/null
+.icon22-redmine_le {\r
+ background-image: url(../images/redmine_le.png);\r
+}\r
--- /dev/null
+en:
+ label_ldap_user: "LDAP User"
+ label_ldap_user_plural: "LDAP Users"
+ label_ldap_user_administration: "LDAP User Administration"
+ label_change_admin_account: "Change administrator account"
+ label_smtp_setting: "SMTP setting"
+
+ warning_need_to_restart: "Please restart services to enable configuration changes."
+ error_failed_to_create_redmine_user: "Failed to create Redmine user"
+ error_failed_to_update_redmine_user: "Failed to update Redmine user"
+
+ field_admin_account: "Administrator account"
+ field_admin_password: "Administrator password"
+ field_smtp_server: "SMTP Server"
+ field_smtp_user: "Username"
--- /dev/null
+ja:
+ label_ldap_user: "LDAPユーザ"
+ label_ldap_user_plural: "LDAPユーザ"
+ label_ldap_user_administration: "LDAPユーザ管理"
+ label_change_admin_account: "管理者アカウントの変更"
+ label_smtp_setting: "SMTP設定"
+
+ warning_need_to_restart: "変更を反映するためサービスを再起動してください"
+ error_failed_to_create_redmine_user: "Redmineユーザの作成に失敗しました"
+ error_failed_to_update_redmine_user: "Redmineユーザの更新に失敗しました"
+
+ field_admin_account: "管理者アカウント"
+ field_admin_password: "管理者パスワード"
+ field_smtp_server: "SMTPサーバ"
+ field_smtp_user: "ユーザ名"
--- /dev/null
+ActionController::Routing::Routes.draw do |map|\r
+ map.resources :ldap_users\r
+end\r
--- /dev/null
+class CreateRedmineLeSettings < ActiveRecord::Migration\r
+ def self.up\r
+ create_table :redmine_le_settings do |t|\r
+ t.boolean :use_external_ldap, :null => false\r
+ t.integer :auth_source_id\r
+ t.string :admin_account\r
+ t.string :admin_password\r
+ end\r
+ end\r
+\r
+ def self.down\r
+ drop_table :redmine_le_settings\r
+ end\r
+end\r
--- /dev/null
+require 'redmine'\r
+require 'active_ldap'\r
+require 'redmine_le'\r
+\r
+require 'dispatcher'\r
+Dispatcher.to_prepare do\r
+ RedmineLe.apply_patch\r
+end\r
+\r
+Redmine::Plugin.register :redmine_le do\r
+ name 'RedmineLE plugin'\r
+ author 'Akihiro Ono'\r
+ description 'Extensions for RedmineLE'\r
+ version '0.0.1'\r
+\r
+ menu :admin_menu, :redmine_le, {\r
+ :controller => 'redmine_le_settings', :action => 'index'\r
+ }, :caption => 'RedmineLE'\r
+end\r
--- /dev/null
+require 'redmine_le/hooks'\r
+require 'redmine_le/project_patch'\r
+\r
+module RedmineLe\r
+ HOME = File.dirname(RAILS_ROOT)\r
+ HTTP_PORT = YAML.load_file(HOME + "/config/service.yml")["apache"]["port"]\r
+ TEMPLATE_DIR = File.dirname(File.dirname(__FILE__)) + "/template"\r
+\r
+ def self.apply_patch\r
+ Project.send(:include, ProjectPatch)\r
+ end\r
+end\r
--- /dev/null
+module RedmineLe\r
+ class Hooks < Redmine::Hook::ViewListener\r
+ def view_layouts_base_html_head(context)\r
+ # Engines doesn't support relative_url_root \r
+ #stylesheet_link_tag 'redmine_le', :plugin => 'redmine_le'\r
+ stylesheet_link_tag(context[:controller].relative_url_root.to_s +\r
+ '/plugin_assets/redmine_le/stylesheets/redmine_le.css'\r
+ )\r
+ end\r
+ end\r
+end\r
--- /dev/null
+require_dependency 'project'\r
+\r
+module RedmineLe\r
+ module ProjectPatch\r
+ def self.included(base)\r
+ base.extend(ClassMethods)\r
+ base.send(:include, InstanceMethods)\r
+\r
+ base.class_eval do\r
+ unloadable\r
+ after_create :setup_integration\r
+ after_destroy :cleanup_integration\r
+ end\r
+ end\r
+\r
+ module ClassMethods\r
+ end\r
+\r
+ module InstanceMethods\r
+ def repository_path\r
+ @repository_path ||=\r
+ File.join(RedmineLe::HOME, "subversion/repos", identifier)\r
+ end\r
+\r
+ def setup_integration\r
+ return unless module_enabled?(:repository)\r
+\r
+ unless File.exist?(repository_path)\r
+ unless system(%Q[svnadmin create "#{repository_path}"])\r
+ raise "Cannot create repository"\r
+ end\r
+ \r
+ root = "file:///" + repository_path.sub(/^\//, "")\r
+ system(%Q[svn mkdir "#{root}/trunk" "#{root}/branches" "#{root}/tags" -m "Initial repository layout"])\r
+ end\r
+\r
+ url = "http://localhost:#{RedmineLe::HTTP_PORT}/svn/#{identifier}"\r
+ ldap = AuthSourceLdap.first\r
+ self.repository = Repository::Subversion.new(\r
+ :url => url,\r
+ :root_url => url,\r
+ :login => RedmineLeSetting.admin_account,\r
+ :password => RedmineLeSetting.admin_password\r
+ )\r
+\r
+ auth_token = RedmineLe::Utils.random_string(20)\r
+ data = ERB.new(File.read(RedmineLe::TEMPLATE_DIR + "/hudson_job_config.xml.erb")).result(binding)\r
+\r
+ Net::HTTP.start("localhost", RedmineLe::HTTP_PORT) {|http|\r
+ response = http.post("/hudson/createItem?name=#{identifier}", data, {\r
+ "Content-Type" => "application/xml"\r
+ })\r
+ raise "Cannot create Hudson job" unless response.code == "200"\r
+ }\r
+\r
+ File.open(repository_path + "/hooks/post-commit.bat", "w") {|f|\r
+ f.print <<-EOT\r
+call "#{RedmineLe::HOME}/script/setenv.bat"\r
+set RAILS_ENV=production\r
+start /B ruby "#{RAILS_ROOT}/script/runner" "Repository.fetch_changesets"\r
+start /B ruby -e "require 'net/http'; Net::HTTP.get('localhost', '/hudson/job/#{identifier}/build?token=#{auth_token}', #{RedmineLe::HTTP_PORT})"\r
+ EOT\r
+ }\r
+ end\r
+\r
+ def cleanup_integration\r
+ FileUtils.rm_rf(repository_path)\r
+ Net::HTTP.start("localhost", RedmineLe::HTTP_PORT) {|http|\r
+ http.post("/hudson/job/#{identifier}/doDelete", nil)\r
+ }\r
+ end\r
+ end\r
+ end\r
+end\r
--- /dev/null
+module RedmineLe\r
+ module Utils\r
+ CHARSET = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"\r
+\r
+ def self.random_string(length)\r
+ length.times.map{CHARSET[rand(CHARSET.length), 1]}.join\r
+ end\r
+ end\r
+end\r
--- /dev/null
+<?xml version='1.0' encoding='UTF-8'?>
+<project>
+ <actions/>
+ <description></description>
+ <keepDependencies>false</keepDependencies>
+ <properties/>
+ <scm class="hudson.scm.SubversionSCM">
+ <locations>
+ <hudson.scm.SubversionSCM_-ModuleLocation>
+ <remote><%= url %>/trunk</remote>
+ </hudson.scm.SubversionSCM_-ModuleLocation>
+ </locations>
+ <useUpdate>true</useUpdate>
+ <excludedRegions></excludedRegions>
+ <excludedUsers></excludedUsers>
+ <excludedRevprop></excludedRevprop>
+ </scm>
+ <canRoam>true</canRoam>
+ <disabled>false</disabled>
+ <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
+ <authToken><%= auth_token %></authToken>
+ <triggers class="vector"/>
+ <concurrentBuild>false</concurrentBuild>
+ <builders/>
+ <publishers/>
+ <buildWrappers/>
+</project>
--- /dev/null
+# Load the normal Rails helper\r
+require File.expand_path(File.dirname(__FILE__) + '/../../../../test/test_helper')\r
+\r
+# Ensure that we are using the temporary fixture path\r
+Engines::Testing.set_fixture_path\r
--- /dev/null
+#!/usr/bin/env ruby\r
+\r
+require 'optparse'\r
+require 'socket'\r
+require 'base64'\r
+\r
+ScriptDir = File.dirname(__FILE__)\r
+Dir.glob(ScriptDir + "/lib/*.rb").each {|rb|\r
+ require rb\r
+}\r
+\r
+home = File.expand_path(ENV["PACKAGE_HOME"])\r
+host = Socket.gethostbyname(Socket.gethostname).first\r
+options = {\r
+ :interact => true,\r
+ :home => home,\r
+ :fqdn_or_ipaddr => host.include?(".") ? host : IPSocket.getaddress(host),\r
+ :apache_root => File.join(home, "apache"),\r
+ :redmine_root => File.join(home, "redmine"),\r
+ :opends_root => File.join(home, "opends"),\r
+ :opends_manager_dn => "cn=Directory Manager",\r
+ :opends_manager_password => Account.random_password(10)\r
+}\r
+options[:apache_host] = options[:fqdn_or_ipaddr]\r
+\r
+config = [\r
+ {:name => :apache_name, :default => "Apache"},\r
+ {:name => :apache_port, :type => :int, :default => 80},\r
+ {:name => :redmine_name, :default => "Redmine"},\r
+ {:name => :redmine_port, :type => :int, :default => 8000},\r
+ {:name => :hudson_name, :default => "Hudson"},\r
+ {:name => :hudson_port, :type => :int, :default => 8001},\r
+\r
+ {:name => :ldap_setting, :type => :bool,\r
+ :message => "Use external LDAP server? (y/n): "},\r
+ {:name => :opends_name, :default => "OpenDS", :parent => :ldap_setting, :if => false},\r
+ {:name => :opends_port, :type => :int, :default => 389, :parent => :ldap_setting, :if => false},\r
+ {:name => :opends_admin_port, :type => :int, :default => 8002, :parent => :ldap_setting, :if => false},\r
+ {:name => :opends_base_dn, :default => "dc=redminele,dc=local", :parent => :ldap_setting, :if => false},\r
+\r
+ {:name => :ldap_host, :default => "localhost", :parent => :ldap_setting, :if => true},\r
+ {:name => :ldap_port, :type => :int, :default => 389, :parent => :ldap_setting, :if => true},\r
+ {:name => :ldap_base_dn, :parent => :ldap_setting, :if => true, :message => "Enter LDAP Base DN (ex. ou=users, dc=local): "},\r
+ {:name => :ldap_anonymous, :type => :bool, :message => "LDAP server permits anonymous bind? ([y]/n): ", :default => true, :parent => :ldap_setting, :if => true},\r
+ {:name => :ldap_bind_dn, :message => "Enter LDAP bind DN (ex. uid=xxx,ou=users,dc=local): ", :parent => :ldap_anonymous, :if => false},\r
+ {:name => :ldap_bind_password, :message => "Enter LDAP bind password: ", :parent => :ldap_anonymous, :if => false},\r
+ {:name => :ldap_user_attribute, :default => "uid", :parent => :ldap_setting, :if => true},\r
+ {:name => :ldap_first_name_attribute, :default => "givenName", :parent => :ldap_setting, :if => true},\r
+ {:name => :ldap_last_name_attribute, :default => "sn", :parent => :ldap_setting, :if => true},\r
+ {:name => :ldap_mail_attribute, :default => "mail", :parent => :ldap_setting, :if => true},\r
+\r
+ {:name => :admin_account},\r
+ {:name => :admin_password},\r
+ {:name => :admin_mail},\r
+ {:name => :admin_first_name},\r
+ {:name => :admin_last_name},\r
+\r
+ {:name => :smtp_setting, :type => :bool,\r
+ :message => "Use redmine email notification? (y/n): "},\r
+ {:name => :mail_sender_address, :parent => :smtp_setting, :if => true},\r
+ {:name => :smtp_host, :parent => :smtp_setting, :if => true},\r
+ {:name => :smtp_port, :parent => :smtp_setting,:type => :int, :default => 25, :if => true},\r
+ {:name => :smtp_domain, :parent => :smtp_setting, :if => true,\r
+ :default => options[:fqdn_or_ipaddr]},\r
+ {:name => :smtp_auth, :parent => :smtp_setting, :if => true, :type => :bool,\r
+ :default => false, :message => "Use smtp auth? (y/[n]): "},\r
+ {:name => :smtp_user, :parent => :smtp_auth, :if => true},\r
+ {:name => :smtp_password, :parent => :smtp_auth, :if => true}\r
+]\r
+\r
+option_keys = []\r
+config_hash = {}\r
+config.each {|h|\r
+ option_keys.push(key = h[:name])\r
+ name = key.to_s\r
+\r
+ if h[:message].nil?\r
+ default = h[:default]\r
+ default = default.nil? ? "" : " (default: #{default})"\r
+ h[:message] = "Enter #{name.gsub('_', ' ')}#{default}: "\r
+ end\r
+\r
+ optname = name.gsub('_', '-')\r
+ h[:option_name] = (h[:type] == :bool) ?\r
+ "--[no-]" + optname : "--#{optname}=VAL"\r
+ h[:class] = Integer if h[:type] == :int\r
+ \r
+ config_hash[key] = h\r
+}\r
+\r
+OptionParser.new {|opt|\r
+ opt.banner = "Usage: install [options] [file|-]"\r
+ opt.on('--[no-]interact') {|v| options[:interact] = v}\r
+\r
+ option_keys.each {|key|\r
+ conf = config_hash[key]\r
+ args = conf[:option_name].to_a\r
+ args.push conf[:class] if conf[:class]\r
+ opt.on(*args) {|v| options[key] = v.toutf8}\r
+ }\r
+ opt.parse!\r
+}\r
+\r
+if config_file = ARGV.first\r
+ hash = if config_file == "-"\r
+ YAML.load(STDIN.read.toutf8)\r
+ else\r
+ YAML.load_file(config_file)\r
+ end || {}\r
+ hash.each {|key, val| options[key.to_sym] = val} if hash.is_a?(Hash)\r
+ options[:interact] = false\r
+end\r
+\r
+def bind_check(options)\r
+ LDAP.setup_connection(options)\r
+ unless LDAP.check_connection\r
+ %w[ldap_host ldap_port ldap_anonymous ldap_bind_dn ldap_bind_password\r
+ ].each {|key| options.delete(key.to_sym)}\r
+ return false\r
+ end\r
+ true\r
+end\r
+\r
+def admin_check(options)\r
+ LDAP.setup_connection(options)\r
+ unless LDAP.check_bind(options[:admin_account], options[:admin_password])\r
+ %w[ldap_base_dn ldap_user_attribute admin_account admin_password\r
+ ].each {|key| options.delete(key.to_sym)}\r
+ return false\r
+ end\r
+\r
+ attrs = LDAP.search_attributes(options[:admin_account])\r
+ %w[first_name last_name mail].each {|v|\r
+ if value = attrs[options[:"ldap_#{v}_attribute"]]\r
+ options[:"admin_#{v}"] = value\r
+ end\r
+ }\r
+ true\r
+end\r
+\r
+if options[:interact]\r
+ option_keys.each {|key|\r
+ if options[:ldap_setting]\r
+ if key == :ldap_user_attribute && !bind_check(options)\r
+ warn "Failed to bind to LDAP server"\r
+ retry\r
+ end\r
+ if key == :admin_mail && !admin_check(options)\r
+ warn "Failed to bind as admin account"\r
+ retry\r
+ end\r
+ end\r
+ next unless options[key].nil?\r
+\r
+ conf = config_hash[key]\r
+ p_key = conf[:parent]\r
+ if p_key && options[p_key] != conf[:if]\r
+ options[key] = conf[:default] unless conf[:default].nil?\r
+ options[key] = nil if conf[:type] == :bool\r
+ next\r
+ end\r
+\r
+ print conf[:message]\r
+ input = gets.chomp.toutf8\r
+ default = conf[:default]\r
+ if conf[:type] == :bool\r
+ c = input[0..0].downcase\r
+ if c.empty?\r
+ redo if default.nil?\r
+ options[key] = default\r
+ else\r
+ redo unless c.match(/y|n/)\r
+ options[key] = c == "y"\r
+ end\r
+ else\r
+ if input.empty?\r
+ redo if default.nil?\r
+ input = default\r
+ end\r
+ options[key] = input\r
+ end\r
+ }\r
+else\r
+ config_hash.each {|key, conf|\r
+ if options[:ldap_setting]\r
+ raise "Failed to bind to LDAP server" if key == :ldap_user_attribute && !bind_check(options)\r
+ raise "Failed to bind as admin account" if key == :admin_mail && !admin_check(options)\r
+ end\r
+\r
+ next unless options[key].nil?\r
+ p_key = conf[:parent]\r
+ next if p_key && options[p_key].nil?\r
+ raise "#{key.to_s} is not specified" if conf[:default].nil? && p_key.nil?\r
+ options[key] = conf[:default]\r
+ }\r
+end\r
+options[:apache_host] += ":#{options[:apache_port]}" unless options[:apache_port].to_s == "80"\r
+\r
+options.each {|key, value|\r
+ next unless value.is_a?(String)\r
+ next if key.to_s.index("password")\r
+ options[key].strip!\r
+}\r
+\r
+unless options[:ldap_setting]\r
+ options[:ldap_host] = "localhost"\r
+ options[:ldap_port] = options[:opends_port]\r
+ options[:ldap_base_dn] = options[:opends_base_dn]\r
+ options[:ldap_anonymous] = false\r
+ options[:ldap_bind_dn] = "uid=#{options[:admin_account]},ou=users,#{options[:ldap_base_dn]}"\r
+ options[:ldap_bind_password] = options[:admin_password]\r
+ options[:ldap_user_attribute] = "uid"\r
+ options[:ldap_first_name_attribute] = "givenName"\r
+ options[:ldap_last_name_attribute] = "sn"\r
+ options[:ldap_mail_attribute] = "mail"\r
+end\r
+\r
+Template.install(options)\r
+OpenDS.install(options) unless options[:ldap_setting]\r
+Redmine.install(options)\r
+system(%Q["#{ScriptDir}/service.bat" install])\r
+Shortcut.install(options)\r
--- /dev/null
+@echo off\r
+setlocal\r
+call "%~dp0setenv.bat"\r
+ruby "%~dp0install" %*\r
--- /dev/null
+module Account\r
+ CHARSET = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"\r
+\r
+ def self.random_password(length)\r
+ length.times.map{CHARSET[rand(CHARSET.length), 1]}.join\r
+ end\r
+end\r
--- /dev/null
+require 'timeout'\r
+require 'socket'\r
+require 'net/ldap'\r
+\r
+module LDAP\r
+ def self.setup_connection(options)\r
+ h = {\r
+ :host => options[:ldap_host],\r
+ :port => options[:ldap_port],\r
+ :base => options[:ldap_base_dn]\r
+ }\r
+\r
+ if (user = options[:ldap_bind_dn]) && (pass = options[:ldap_bind_password])\r
+ h[:auth] = {:method => :simple, :username => user, :password => pass}\r
+ end\r
+\r
+ @attr_name = {\r
+ :user => options[:ldap_user_attribute],\r
+ :first_name => options[:ldap_first_name_attribute],\r
+ :last_name => options[:ldap_last_name_attribute],\r
+ :mail => options[:ldap_mail_attribute]\r
+ }\r
+ @connection = Net::LDAP.new(h)\r
+ end\r
+\r
+ def self.check_connection\r
+ return false unless @connection\r
+ timeout(0.5) { TCPSocket.new(@connection.host, @connection.port).close }\r
+ @connection.bind\r
+ rescue Timeout::Error\r
+ false\r
+ end\r
+\r
+ def self.check_bind(username, password)\r
+ return false unless check_connection\r
+\r
+ filter = Net::LDAP::Filter.eq(@attr_name[:user], username)\r
+ !!@connection.bind_as(:filter => filter, :password => password)\r
+ end\r
+\r
+ def self.search_attributes(username)\r
+ return {} unless @connection\r
+\r
+ filter = Net::LDAP::Filter.eq(@attr_name[:user], username)\r
+ attrs = [:mail, :first_name, :last_name].map {|key|\r
+ name = @attr_name[key]\r
+ name.nil? || name.empty? ? nil : name\r
+ }.compact\r
+ h = {}\r
+ @connection.search(:filter => filter, :attributes => attrs) {|entry|\r
+ attrs.each {|attr| h[attr] = entry[attr].first}\r
+ }\r
+ h\r
+ end\r
+end\r
--- /dev/null
+module OpenDS\r
+ def self.install(options)\r
+ Dir.chdir(options[:opends_root]) {\r
+ unless system("setup.bat -i -n -O --propertiesFilePath setup.properties")\r
+ raise "OpenDS setup failed"\r
+ end\r
+ File.delete("import.ldif", "setup.properties")\r
+ }\r
+ end\r
+end\r
--- /dev/null
+module Redmine\r
+ def self.install(options)\r
+ ENV["RAILS_ENV"] = "production"\r
+ lang = (ENV["REDMINE_LANG"] ||= "ja")\r
+\r
+ Dir.chdir(options[:redmine_root]) {\r
+ system_or_raise("rake config/initializers/session_store.rb")\r
+ system_or_raise("rake db:migrate")\r
+ system_or_raise("rake redmine:load_default_data")\r
+ system_or_raise("rake db:migrate_plugins")\r
+\r
+ require 'config/boot'\r
+ require 'config/environment'\r
+\r
+ # create or update LDAP settings\r
+ opt = {\r
+ :host => options[:ldap_host],\r
+ :port => options[:ldap_port],\r
+ :base_dn => options[:ldap_base_dn]\r
+ }\r
+ ldap = AuthSourceLdap.find(:first, :conditions => opt) || AuthSourceLdap.new(opt)\r
+ ldap.name = options[:apache_host] if ldap.name.blank?\r
+ ldap.account = options[:ldap_bind_dn]\r
+ ldap.account_password = options[:ldap_bind_password]\r
+ ldap.attr_login = options[:ldap_user_attribute]\r
+ ldap.attr_firstname = options[:ldap_first_name_attribute]\r
+ ldap.attr_lastname = options[:ldap_last_name_attribute]\r
+ ldap.attr_mail = options[:ldap_mail_attribute]\r
+ ldap.onthefly_register = true\r
+ ldap.tls = false\r
+ ldap.save!\r
+\r
+ # delete default admin user\r
+ User.destroy(1) rescue nil\r
+\r
+ # create or update admin user\r
+ admin = User.find_by_login(options[:admin_account]) || User.new\r
+ admin.login = options[:admin_account]\r
+ admin.firstname = options[:admin_first_name]\r
+ admin.lastname = options[:admin_last_name]\r
+ admin.mail = options[:admin_mail]\r
+ admin.admin = true\r
+ admin.language = lang\r
+ admin.auth_source = ldap\r
+ admin.status = 1\r
+ # ignore required user custom fields\r
+ admin.save_without_validation! \r
+\r
+ setting = RedmineLeSetting.instance\r
+ setting.use_external_ldap = options[:ldap_setting]\r
+ setting.auth_source = ldap\r
+ setting.admin_account = options[:admin_account]\r
+ setting.admin_password = options[:admin_password]\r
+ RedmineLeSetting.skip_callbacks do\r
+ setting.save_without_validation!\r
+ end\r
+\r
+ host_name = Setting[:host_name] = "#{options[:apache_host]}/redmine"\r
+ Setting[:emails_footer] = Setting[:emails_footer].gsub(\r
+ /http\S+/, "http://#{host_name}/my/account"\r
+ )\r
+\r
+ Setting[:autofetch_changesets] = "0"\r
+ Setting[:commit_fix_status_id] = "5"\r
+\r
+ if (Setting[:default_language] = lang) == "ja"\r
+ Setting[:user_format] = "lastname_firstname"\r
+ Setting[:repositories_encodings] = "utf-8,shift-jis,euc-jp"\r
+ end\r
+\r
+ if options[:smtp_setting]\r
+ Setting[:mail_from] = options[:mail_sender_address]\r
+ end\r
+ }\r
+ end\r
+\r
+ def self.system_or_raise(command)\r
+ raise "\"#{command}\" failed" unless system command\r
+ end\r
+end\r
--- /dev/null
+require 'win32ole'\r
+require 'win32/shortcut'\r
+\r
+module Shortcut\r
+ MENU_DIR = File.join(WIN32OLE.new("WScript.Shell").SpecialFolders("AllUsersPrograms"), "RedmineLE")\r
+\r
+ def self.install(options)\r
+ service_dir = File.join(MENU_DIR, "service")\r
+ Dir.mkdir(MENU_DIR) unless File.directory?(MENU_DIR)\r
+ Dir.mkdir(service_dir) unless File.directory?(service_dir)\r
+\r
+ Win32::Shortcut.new(File.join(MENU_DIR, "home.url")) {|s|\r
+ port = options[:apache_port]\r
+ port = port.to_s == "80" ? "" : ":#{port}"\r
+ s.path = "http://localhost#{port}/"\r
+ }\r
+ Win32::Shortcut.new(File.join(MENU_DIR, "uninstall.lnk")) {|s|\r
+ s.path = "javaw"\r
+ s.arguments = %Q[-jar "#{File.join(options[:home], "Uninstaller/uninstaller.jar")}"]\r
+ }\r
+\r
+ %w[start stop restart status install uninstall].each {|command|\r
+ Win32::Shortcut.new(File.join(service_dir, "#{command}.lnk")) {|s|\r
+ s.path = File.join(options[:home], "script/service.bat")\r
+ s.arguments = "#{command} & pause"\r
+ }\r
+ }\r
+ end\r
+\r
+ def self.uninstall\r
+ FileUtils.rm_rf(MENU_DIR)\r
+ end\r
+end\r
--- /dev/null
+require 'erb'\r
+require 'find'\r
+require 'uri'\r
+\r
+module Template\r
+ class Env\r
+ def initialize(options)\r
+ @env = options\r
+ end\r
+\r
+ def _binding\r
+ binding\r
+ end\r
+\r
+ def method_missing(name, *args)\r
+ @env[name] || @env[name.to_s]\r
+ end\r
+ end\r
+\r
+ def self.install(options={})\r
+ options[:package_home] ||= File.expand_path(ENV["PACKAGE_HOME"])\r
+ env = Env.new(options)\r
+ home = env.package_home\r
+ template_dir = File.join(home, "template")\r
+ skip_email = !options[:smtp_setting]\r
+ skip_opends = options[:ldap_setting]\r
+\r
+ Dir.chdir(template_dir) {\r
+ Find.find(".") {|input|\r
+ Find.prune if skip_opends && File.basename(input) == "opends"\r
+ next if File.directory?(input) || File.extname(input) != ".erb"\r
+ next if skip_email && input == "./redmine/config/email.yml.erb"\r
+ output = File.expand_path(File.join(home, input[0..-5]))\r
+\r
+ puts output\r
+ File.open(output, "w") {|f|\r
+ f.print ERB.new(File.read(input)).result(env._binding)\r
+ }\r
+ }\r
+ }\r
+ end\r
+end\r
--- /dev/null
+home = File.dirname(Dir.pwd)\r
+ENV['PATH'] = "#{home}/imagemagick;#{home}/subversion/bin;#{home}/sqlite;" + ENV['PATH']\r
+ENV['MAGICK_CODER_MODULE_PATH'] = "#{home}/imagemagick/modules/coders"\r
--- /dev/null
+@echo off\r
+setlocal\r
+call "%~dp0setenv.bat"\r
+ruby -x "%~f0" %*\r
+goto :end\r
+\r
+#!ruby\r
+require 'yaml'\r
+require 'win32/service'\r
+\r
+PACKAGE_HOME = File.expand_path(ENV["PACKAGE_HOME"])\r
+\r
+module Command\r
+ def install\r
+ service_names.each {|name|\r
+ if (Win32::Service.status(name) rescue nil)\r
+ warn "Error: service #{name} already exists"\r
+ exit 1\r
+ end\r
+ }\r
+\r
+ wrapper = File.join(PACKAGE_HOME, "script/wrapper.bat")\r
+\r
+ config.each {|key, conf|\r
+ name = conf["service_name"]\r
+ port = conf["port"]\r
+\r
+ begin\r
+ case key.to_sym\r
+ when :apache\r
+ httpd = File.join(PACKAGE_HOME, "apache/bin/httpd.exe")\r
+ raise unless system(%Q["#{httpd}" -k install -n "#{name}"])\r
+ raise unless system(%Q[sc config "#{name}" binpath= "\\"#{wrapper}\\" httpd -k runservice"])\r
+ next\r
+ when :redmine\r
+ redmine = File.join(PACKAGE_HOME, "redmine")\r
+ script = File.join(PACKAGE_HOME, "script/mongrel_rails_env")\r
+ raise unless system(%Q[mongrel_rails service::install -N "#{name}" -c "#{redmine}" -p #{port} -e production --prefix /redmine -S "#{script}"])\r
+ system(%Q[sc config "#{name}" start= auto])\r
+ when :hudson\r
+ exe = File.join(PACKAGE_HOME, "hudson/hudson.exe")\r
+ raise unless system(%Q[sc create #{name} binpath= "\\"#{wrapper}\\" \\"#{exe}\\"" start= auto])\r
+ when :opends\r
+ opends = File.join(PACKAGE_HOME, "opends")\r
+ exe = File.join(opends, "lib/opends_service.exe")\r
+ raise unless system(%Q["#{exe}" create "#{opends}" "#{name}" "OpenDS"])\r
+ else\r
+ raise\r
+ end\r
+\r
+ #warn "service #{name} installed"\r
+ rescue\r
+ warn "Error: failed to install service #{name}"\r
+ exit 1\r
+ end\r
+ }\r
+ start\r
+ end\r
+\r
+ def uninstall\r
+ stop(false)\r
+ service_names.each {|name|\r
+ next unless status(name)\r
+\r
+ begin\r
+ Win32::Service.delete(name)\r
+ warn "service #{name} uninstalled"\r
+ rescue\r
+ warn "Error: failed to uninstall service #{name}"\r
+ exit 1\r
+ end\r
+ }\r
+ end\r
+\r
+ def start(verbose=true)\r
+ service_names.each {|name|\r
+ next unless s = status(name, verbose)\r
+ if s == "running"\r
+ warn "service #{name} is already running" if verbose\r
+ next\r
+ end\r
+\r
+ begin\r
+ Win32::Service.start(name)\r
+ sleep 0.1 while status(name, false) == "start pending"\r
+ raise if status(name, false) != "running"\r
+ warn "service #{name} started"\r
+ rescue\r
+ warn "Error: failed to start service #{name}"\r
+ exit 1\r
+ end\r
+ }\r
+ end\r
+\r
+ def stop(verbose=true)\r
+ service_names.each {|name|\r
+ next unless s = status(name, verbose)\r
+ if s == "stopped"\r
+ warn "service #{name} has already been stopped" if verbose\r
+ next\r
+ end\r
+\r
+ begin\r
+ Win32::Service.stop(name)\r
+ sleep 0.1 while status(name, false) != "stopped"\r
+ warn "service #{name} stopped"\r
+ rescue\r
+ warn "Error: failed to stop service #{name}"\r
+ exit 1\r
+ end\r
+ }\r
+ end\r
+\r
+ def restart\r
+ stop\r
+ start\r
+ end\r
+\r
+ def status(name=nil, verbose=true)\r
+ if name\r
+ service = Win32::Service.status(name) rescue nil\r
+ warn "service #{name} is not installed" if verbose && service.nil?\r
+ return service && service.current_state\r
+ end\r
+\r
+ service_names.each {|name|\r
+ begin\r
+ status = Win32::Service.status(name).current_state\r
+ warn "#{name}: #{status}"\r
+ rescue\r
+ warn "#{name}: not installed"\r
+ end\r
+ }\r
+ nil\r
+ end\r
+end\r
+\r
+class Service\r
+ extend Command\r
+\r
+ class << self\r
+ def config\r
+ @config ||= YAML.load_file(File.join(PACKAGE_HOME, "config/service.yml"))\r
+ end\r
+\r
+ def service_names\r
+ @service_names ||= config.values.map {|h| h["service_name"]}\r
+ end\r
+\r
+ def usage\r
+ warn <<EOT\r
+Usage: service <command>\r
+\r
+Commands:\r
+ #{Command.instance_methods.sort.join("\n ")}\r
+EOT\r
+ exit 1\r
+ end\r
+\r
+ def method_missing(name, *args)\r
+ warn "Unknown command #{name}"\r
+ usage\r
+ end\r
+ end\r
+end\r
+\r
+Service.usage unless command = ARGV.shift\r
+Service.send(command)\r
+\r
+__END__\r
+:end\r
--- /dev/null
+@echo off\r
+set PACKAGE_HOME=%~dp0..\\r
+set ANT_HOME=%PACKAGE_HOME%installer\ant\r
+set PATH=%PACKAGE_HOME%apache\bin;%PACKAGE_HOME%ruby\bin;%PACKAGE_HOME%sqlite;%PACKAGE_HOME%subversion\bin;%PACKAGE_HOME%imagemagick;%PACKAGE_HOME%opends\bat;%ANT_HOME%\bin;%PATH%\r
+set APR_ICONV_PATH=%PACKAGE_HOME%apache\bin\iconv\r
+\r
+set RUBYOPT=rubygems\r
--- /dev/null
+#!/usr/bin/env ruby\r
+\r
+ScriptDir = File.dirname(__FILE__)\r
+require ScriptDir + "/lib/shortcut.rb"\r
+\r
+system(%Q["#{ScriptDir}/service.bat" uninstall])\r
+Shortcut.uninstall\r
--- /dev/null
+@echo off\r
+setlocal\r
+call "%~dp0setenv.bat"\r
+ruby "%~dp0uninstall" %*\r
--- /dev/null
+@echo off\r
+setlocal\r
+call "%~dp0setenv.bat"\r
+%*\r
--- /dev/null
+ProxyPass /redmine http://localhost:<%= redmine_port %>/redmine\r
+ProxyPassReverse /redmine http://localhost:<%= redmine_port %>/redmine\r
+ProxyPass /hudson http://localhost:<%= hudson_port %>/hudson\r
+ProxyPassReverse /hudson http://localhost:<%= hudson_port %>/hudson\r
--- /dev/null
+LoadModule dav_svn_module modules/mod_dav_svn.so\r
+LoadModule authz_svn_module modules/mod_authz_svn.so\r
+\r
+<Location /svn/>\r
+ DAV svn\r
+ SVNParentPath "<%= home %>/subversion/repos"\r
+ SVNListParentPath on\r
+ AuthType Basic\r
+ AuthName "Authorization"\r
+ AuthBasicProvider ldap\r
+ AuthzLDAPAuthoritative off\r
+ <% unless ldap_anonymous %>\r
+ AuthLDAPBindDN <%= ldap_bind_dn %>\r
+ AuthLDAPBindPassword <%= ldap_bind_password %>\r
+ <% end %>\r
+ AuthLDAPURL ldap://<%= ldap_host %>:<%= ldap_port %>/<%= URI.escape(ldap_base_dn) %>?<%= ldap_user_attribute %>?sub?\r
+ AuthzSVNAccessFile "<%= home %>/config/svn_authz.conf"\r
+ Require valid-user\r
+</Location>\r
--- /dev/null
+#\r
+# Directives controlling the display of server-generated directory listings.\r
+#\r
+# Required modules: mod_autoindex, mod_alias\r
+#\r
+# To see the listing of a directory, the Options directive for the\r
+# directory must include "Indexes", and the directory must not contain\r
+# a file matching those listed in the DirectoryIndex directive.\r
+#\r
+\r
+#\r
+# IndexOptions: Controls the appearance of server-generated directory\r
+# listings.\r
+#\r
+IndexOptions FancyIndexing HTMLTable VersionSort\r
+\r
+# We include the /icons/ alias for FancyIndexed directory listings. If\r
+# you do not use FancyIndexing, you may comment this out.\r
+#\r
+Alias /icons/ "<%= apache_root %>/icons/"\r
+\r
+<Directory "<%= apache_root %>/icons">\r
+ Options Indexes MultiViews\r
+ AllowOverride None\r
+ Order allow,deny\r
+ Allow from all\r
+</Directory>\r
+\r
+#\r
+# AddIcon* directives tell the server which icon to show for different\r
+# files or filename extensions. These are only displayed for\r
+# FancyIndexed directories.\r
+#\r
+AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip\r
+\r
+AddIconByType (TXT,/icons/text.gif) text/*\r
+AddIconByType (IMG,/icons/image2.gif) image/*\r
+AddIconByType (SND,/icons/sound2.gif) audio/*\r
+AddIconByType (VID,/icons/movie.gif) video/*\r
+\r
+AddIcon /icons/binary.gif .bin .exe\r
+AddIcon /icons/binhex.gif .hqx\r
+AddIcon /icons/tar.gif .tar\r
+AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv\r
+AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip\r
+AddIcon /icons/a.gif .ps .ai .eps\r
+AddIcon /icons/layout.gif .html .shtml .htm .pdf\r
+AddIcon /icons/text.gif .txt\r
+AddIcon /icons/c.gif .c\r
+AddIcon /icons/p.gif .pl .py\r
+AddIcon /icons/f.gif .for\r
+AddIcon /icons/dvi.gif .dvi\r
+AddIcon /icons/uuencoded.gif .uu\r
+AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl\r
+AddIcon /icons/tex.gif .tex\r
+AddIcon /icons/bomb.gif core\r
+\r
+AddIcon /icons/back.gif ..\r
+AddIcon /icons/hand.right.gif README\r
+AddIcon /icons/folder.gif ^^DIRECTORY^^\r
+AddIcon /icons/blank.gif ^^BLANKICON^^\r
+\r
+#\r
+# DefaultIcon is which icon to show for files which do not have an icon\r
+# explicitly set.\r
+#\r
+DefaultIcon /icons/unknown.gif\r
+\r
+#\r
+# AddDescription allows you to place a short description after a file in\r
+# server-generated indexes. These are only displayed for FancyIndexed\r
+# directories.\r
+# Format: AddDescription "description" filename\r
+#\r
+#AddDescription "GZIP compressed document" .gz\r
+#AddDescription "tar archive" .tar\r
+#AddDescription "GZIP compressed tar archive" .tgz\r
+\r
+#\r
+# ReadmeName is the name of the README file the server will look for by\r
+# default, and append to directory listings.\r
+#\r
+# HeaderName is the name of a file which should be prepended to\r
+# directory indexes. \r
+ReadmeName README.html\r
+HeaderName HEADER.html\r
+\r
+#\r
+# IndexIgnore is a set of filenames which directory indexing should ignore\r
+# and not include in the listing. Shell-style wildcarding is permitted.\r
+#\r
+IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t\r
+\r
--- /dev/null
+#\r
+# Distributed authoring and versioning (WebDAV)\r
+#\r
+# Required modules: mod_dav, mod_dav_fs, mod_setenvif, mod_alias\r
+# mod_auth_digest, mod_authn_file\r
+#\r
+\r
+# The following example gives DAV write access to a directory called\r
+# "uploads" under the ServerRoot directory.\r
+#\r
+# The User/Group specified in httpd.conf needs to have write permissions\r
+# on the directory where the DavLockDB is placed and on any directory where\r
+# "Dav On" is specified.\r
+\r
+DavLockDB "<%= apache_root %>/var/DavLock"\r
+\r
+Alias /uploads "<%= apache_root %>/uploads"\r
+\r
+<Directory "<%= apache_root %>/uploads">\r
+ Dav On\r
+\r
+ Order Allow,Deny\r
+ Allow from all\r
+\r
+ AuthType Digest\r
+ AuthName DAV-upload\r
+\r
+ # You can use the htdigest program to create the password database:\r
+ # htdigest -c "<%= apache_root %>/user.passwd" DAV-upload admin\r
+ AuthUserFile "<%= apache_root %>/user.passwd"\r
+ AuthDigestProvider file\r
+\r
+ # Allow universal read-access, but writes are restricted\r
+ # to the admin user.\r
+ <LimitExcept GET OPTIONS>\r
+ require user admin\r
+ </LimitExcept>\r
+</Directory>\r
+\r
+#\r
+# The following directives disable redirects on non-GET requests for\r
+# a directory that does not include the trailing slash. This fixes a \r
+# problem with several clients that do not appropriately handle \r
+# redirects for folders with DAV methods.\r
+#\r
+BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully\r
+BrowserMatch "MS FrontPage" redirect-carefully\r
+BrowserMatch "^WebDrive" redirect-carefully\r
+BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully\r
+BrowserMatch "^gnome-vfs/1.0" redirect-carefully\r
+BrowserMatch "^XML Spy" redirect-carefully\r
+BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully\r
--- /dev/null
+#\r
+# Provide access to the documentation on your server as\r
+# http://yourserver.localhost/manual/\r
+# The documentation is always available at\r
+# http://httpd.apache.org/docs/2.2/\r
+#\r
+# Required modules: mod_alias, mod_setenvif, mod_negotiation\r
+#\r
+\r
+AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br|ru|tr))?(/.*)?$ "<%= apache_root %>/manual$1"\r
+\r
+<Directory "<%= apache_root %>/manual">\r
+ Options Indexes\r
+ AllowOverride None\r
+ Order allow,deny\r
+ Allow from all\r
+\r
+ <Files *.html>\r
+ SetHandler type-map\r
+ </Files>\r
+ # .tr is text/troff in mime.types!\r
+ <Files *.html.tr.utf8>\r
+ ForceType text/html\r
+ </Files>\r
+\r
+ SetEnvIf Request_URI ^/manual/(de|en|es|fr|ja|ko|pt-br|ru|tr)/ prefer-language=$1\r
+ RedirectMatch 301 ^/manual(?:/(de|en|es|fr|ja|ko|pt-br|ru|tr)){2,}(/.*)?$ /manual/$1$2\r
+\r
+ LanguagePriority en de es fr ja ko pt-br ru tr\r
+ ForceLanguagePriority Prefer Fallback\r
+</Directory>\r
--- /dev/null
+#\r
+# The configuration below implements multi-language error documents through\r
+# content-negotiation.\r
+#\r
+# Required modules: mod_alias, mod_include, mod_negotiation\r
+#\r
+# We use Alias to redirect any /error/HTTP_<error>.html.var response to\r
+# our collection of by-error message multi-language collections. We use \r
+# includes to substitute the appropriate text.\r
+#\r
+# You can modify the messages' appearance without changing any of the\r
+# default HTTP_<error>.html.var files by adding the line:\r
+#\r
+# Alias /error/include/ "/your/include/path/"\r
+#\r
+# which allows you to create your own set of files by starting with the\r
+# <%= apache_root %>/error/include/ files and copying them to /your/include/path/, \r
+# even on a per-VirtualHost basis. The default include files will display\r
+# your Apache version number and your ServerAdmin email address regardless\r
+# of the setting of ServerSignature.\r
+\r
+Alias /error/ "<%= apache_root %>/error/"\r
+\r
+<Directory "<%= apache_root %>/error">\r
+ AllowOverride None\r
+ Options IncludesNoExec\r
+ AddOutputFilter Includes html\r
+ AddHandler type-map var\r
+ Order allow,deny\r
+ Allow from all\r
+ LanguagePriority en cs de es fr it ja ko nl pl pt-br ro sv tr\r
+ ForceLanguagePriority Prefer Fallback\r
+</Directory>\r
+\r
+ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var\r
+ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var\r
+ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var\r
+ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var\r
+ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var\r
+ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var\r
+ErrorDocument 410 /error/HTTP_GONE.html.var\r
+ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var\r
+ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var\r
+ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var\r
+ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var\r
+ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var\r
+ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var\r
+ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var\r
+ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var\r
+ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var\r
+ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var\r
+\r
--- /dev/null
+#\r
+# This is the Apache server configuration file providing SSL support.\r
+# It contains the configuration directives to instruct the server how to\r
+# serve pages over an https connection. For detailing information about these \r
+# directives see <URL:http://httpd.apache.org/docs/2.2/mod/mod_ssl.html>\r
+# \r
+# Do NOT simply read the instructions in here without understanding\r
+# what they do. They're here only as hints or reminders. If you are unsure\r
+# consult the online docs. You have been warned. \r
+#\r
+\r
+#\r
+# Pseudo Random Number Generator (PRNG):\r
+# Configure one or more sources to seed the PRNG of the SSL library.\r
+# The seed data should be of good random quality.\r
+# WARNING! On some platforms /dev/random blocks if not enough entropy\r
+# is available. This means you then cannot use the /dev/random device\r
+# because it would lead to very long connection times (as long as\r
+# it requires to make more entropy available). But usually those\r
+# platforms additionally provide a /dev/urandom device which doesn't\r
+# block. So, if available, use this one instead. Read the mod_ssl User\r
+# Manual for more details.\r
+#\r
+#SSLRandomSeed startup file:/dev/random 512\r
+#SSLRandomSeed startup file:/dev/urandom 512\r
+#SSLRandomSeed connect file:/dev/random 512\r
+#SSLRandomSeed connect file:/dev/urandom 512\r
+\r
+\r
+#\r
+# When we also provide SSL we have to listen to the \r
+# standard HTTP port (see above) and to the HTTPS port\r
+#\r
+# Note: Configurations that use IPv6 but not IPv4-mapped addresses need two\r
+# Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443"\r
+#\r
+Listen 443\r
+\r
+##\r
+## SSL Global Context\r
+##\r
+## All SSL configuration in this context applies both to\r
+## the main server and all SSL-enabled virtual hosts.\r
+##\r
+\r
+#\r
+# Some MIME-types for downloading Certificates and CRLs\r
+#\r
+AddType application/x-x509-ca-cert .crt\r
+AddType application/x-pkcs7-crl .crl\r
+\r
+# Pass Phrase Dialog:\r
+# Configure the pass phrase gathering process.\r
+# The filtering dialog program (`builtin' is a internal\r
+# terminal dialog) has to provide the pass phrase on stdout.\r
+SSLPassPhraseDialog builtin\r
+\r
+# Inter-Process Session Cache:\r
+# Configure the SSL Session Cache: First the mechanism \r
+# to use and second the expiring timeout (in seconds).\r
+#SSLSessionCache "dbm:<%= apache_root %>/logs/ssl_scache"\r
+SSLSessionCache "shmcb:<%= apache_root %>/logs/ssl_scache(512000)"\r
+SSLSessionCacheTimeout 300\r
+\r
+# Semaphore:\r
+# Configure the path to the mutual exclusion semaphore the\r
+# SSL engine uses internally for inter-process synchronization. \r
+SSLMutex default\r
+\r
+##\r
+## SSL Virtual Host Context\r
+##\r
+\r
+<VirtualHost _default_:443>\r
+\r
+# General setup for the virtual host\r
+DocumentRoot "<%= apache_root %>/htdocs"\r
+ServerName localhost:443\r
+ServerAdmin webmaster@somenet.com\r
+ErrorLog "<%= apache_root %>/logs/error.log"\r
+TransferLog "<%= apache_root %>/logs/access.log"\r
+\r
+# SSL Engine Switch:\r
+# Enable/Disable SSL for this virtual host.\r
+SSLEngine on\r
+\r
+# SSL Cipher Suite:\r
+# List the ciphers that the client is permitted to negotiate.\r
+# See the mod_ssl documentation for a complete list.\r
+SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL\r
+\r
+# Server Certificate:\r
+# Point SSLCertificateFile at a PEM encoded certificate. If\r
+# the certificate is encrypted, then you will be prompted for a\r
+# pass phrase. Note that a kill -HUP will prompt again. Keep\r
+# in mind that if you have both an RSA and a DSA certificate you\r
+# can configure both in parallel (to also allow the use of DSA\r
+# ciphers, etc.)\r
+SSLCertificateFile "<%= apache_root %>/conf/server.crt"\r
+#SSLCertificateFile "<%= apache_root %>/conf/server-dsa.crt"\r
+\r
+# Server Private Key:\r
+# If the key is not combined with the certificate, use this\r
+# directive to point at the key file. Keep in mind that if\r
+# you've both a RSA and a DSA private key you can configure\r
+# both in parallel (to also allow the use of DSA ciphers, etc.)\r
+SSLCertificateKeyFile "<%= apache_root %>/conf/server.key"\r
+#SSLCertificateKeyFile "<%= apache_root %>/conf/server-dsa.key"\r
+\r
+# Server Certificate Chain:\r
+# Point SSLCertificateChainFile at a file containing the\r
+# concatenation of PEM encoded CA certificates which form the\r
+# certificate chain for the server certificate. Alternatively\r
+# the referenced file can be the same as SSLCertificateFile\r
+# when the CA certificates are directly appended to the server\r
+# certificate for convinience.\r
+#SSLCertificateChainFile "<%= apache_root %>/conf/server-ca.crt"\r
+\r
+# Certificate Authority (CA):\r
+# Set the CA certificate verification path where to find CA\r
+# certificates for client authentication or alternatively one\r
+# huge file containing all of them (file must be PEM encoded)\r
+# Note: Inside SSLCACertificatePath you need hash symlinks\r
+# to point to the certificate files. Use the provided\r
+# Makefile to update the hash symlinks after changes.\r
+#SSLCACertificatePath "<%= apache_root %>/conf/ssl.crt"\r
+#SSLCACertificateFile "<%= apache_root %>/conf/ssl.crt/ca-bundle.crt"\r
+\r
+# Certificate Revocation Lists (CRL):\r
+# Set the CA revocation path where to find CA CRLs for client\r
+# authentication or alternatively one huge file containing all\r
+# of them (file must be PEM encoded)\r
+# Note: Inside SSLCARevocationPath you need hash symlinks\r
+# to point to the certificate files. Use the provided\r
+# Makefile to update the hash symlinks after changes.\r
+#SSLCARevocationPath "<%= apache_root %>/conf/ssl.crl"\r
+#SSLCARevocationFile "<%= apache_root %>/conf/ssl.crl/ca-bundle.crl"\r
+\r
+# Client Authentication (Type):\r
+# Client certificate verification type and depth. Types are\r
+# none, optional, require and optional_no_ca. Depth is a\r
+# number which specifies how deeply to verify the certificate\r
+# issuer chain before deciding the certificate is not valid.\r
+#SSLVerifyClient require\r
+#SSLVerifyDepth 10\r
+\r
+# Access Control:\r
+# With SSLRequire you can do per-directory access control based\r
+# on arbitrary complex boolean expressions containing server\r
+# variable checks and other lookup directives. The syntax is a\r
+# mixture between C and Perl. See the mod_ssl documentation\r
+# for more details.\r
+#<Location />\r
+#SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \\r
+# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \\r
+# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \\r
+# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \\r
+# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \\r
+# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/\r
+#</Location>\r
+\r
+# SSL Engine Options:\r
+# Set various options for the SSL engine.\r
+# o FakeBasicAuth:\r
+# Translate the client X.509 into a Basic Authorisation. This means that\r
+# the standard Auth/DBMAuth methods can be used for access control. The\r
+# user name is the `one line' version of the client's X.509 certificate.\r
+# Note that no password is obtained from the user. Every entry in the user\r
+# file needs this password: `xxj31ZMTZzkVA'.\r
+# o ExportCertData:\r
+# This exports two additional environment variables: SSL_CLIENT_CERT and\r
+# SSL_SERVER_CERT. These contain the PEM-encoded certificates of the\r
+# server (always existing) and the client (only existing when client\r
+# authentication is used). This can be used to import the certificates\r
+# into CGI scripts.\r
+# o StdEnvVars:\r
+# This exports the standard SSL/TLS related `SSL_*' environment variables.\r
+# Per default this exportation is switched off for performance reasons,\r
+# because the extraction step is an expensive operation and is usually\r
+# useless for serving static content. So one usually enables the\r
+# exportation for CGI and SSI requests only.\r
+# o StrictRequire:\r
+# This denies access when "SSLRequireSSL" or "SSLRequire" applied even\r
+# under a "Satisfy any" situation, i.e. when it applies access is denied\r
+# and no other module can change it.\r
+# o OptRenegotiate:\r
+# This enables optimized SSL connection renegotiation handling when SSL\r
+# directives are used in per-directory context. \r
+#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire\r
+<FilesMatch "\.(cgi|shtml|phtml|php)$">\r
+ SSLOptions +StdEnvVars\r
+</FilesMatch>\r
+<Directory "<%= apache_root %>/cgi-bin">\r
+ SSLOptions +StdEnvVars\r
+</Directory>\r
+\r
+# SSL Protocol Adjustments:\r
+# The safe and default but still SSL/TLS standard compliant shutdown\r
+# approach is that mod_ssl sends the close notify alert but doesn't wait for\r
+# the close notify alert from client. When you need a different shutdown\r
+# approach you can use one of the following variables:\r
+# o ssl-unclean-shutdown:\r
+# This forces an unclean shutdown when the connection is closed, i.e. no\r
+# SSL close notify alert is send or allowed to received. This violates\r
+# the SSL/TLS standard but is needed for some brain-dead browsers. Use\r
+# this when you receive I/O errors because of the standard approach where\r
+# mod_ssl sends the close notify alert.\r
+# o ssl-accurate-shutdown:\r
+# This forces an accurate shutdown when the connection is closed, i.e. a\r
+# SSL close notify alert is send and mod_ssl waits for the close notify\r
+# alert of the client. This is 100% SSL/TLS standard compliant, but in\r
+# practice often causes hanging connections with brain-dead browsers. Use\r
+# this only for browsers where you know that their SSL implementation\r
+# works correctly. \r
+# Notice: Most problems of broken clients are also related to the HTTP\r
+# keep-alive facility, so you usually additionally want to disable\r
+# keep-alive for those clients, too. Use variable "nokeepalive" for this.\r
+# Similarly, one has to force some clients to use HTTP/1.0 to workaround\r
+# their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and\r
+# "force-response-1.0" for this.\r
+BrowserMatch ".*MSIE.*" \\r
+ nokeepalive ssl-unclean-shutdown \\r
+ downgrade-1.0 force-response-1.0\r
+\r
+# Per-Server Logging:\r
+# The home of a custom SSL log file. Use this when you want a\r
+# compact non-error SSL logfile on a virtual host basis.\r
+CustomLog "<%= apache_root %>/logs/ssl_request.log" \\r
+ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"\r
+\r
+</VirtualHost> \r
--- /dev/null
+#\r
+# Virtual Hosts\r
+#\r
+# If you want to maintain multiple domains/hostnames on your\r
+# machine you can setup VirtualHost containers for them. Most configurations\r
+# use only name-based virtual hosts so the server doesn't need to worry about\r
+# IP addresses. This is indicated by the asterisks in the directives below.\r
+#\r
+# Please see the documentation at \r
+# <URL:http://httpd.apache.org/docs/2.2/vhosts/>\r
+# for further details before you try to setup virtual hosts.\r
+#\r
+# You may use the command line option '-S' to verify your virtual host\r
+# configuration.\r
+\r
+#\r
+# Use name-based virtual hosting.\r
+#\r
+NameVirtualHost *:80\r
+\r
+#\r
+# VirtualHost example:\r
+# Almost any Apache directive may go into a VirtualHost container.\r
+# The first VirtualHost section is used for all requests that do not\r
+# match a ServerName or ServerAlias in any <VirtualHost> block.\r
+#\r
+<VirtualHost *:80>\r
+ ServerAdmin webmaster@dummy-host.localhost\r
+ DocumentRoot "<%= apache_root %>/docs/dummy-host.localhost"\r
+ ServerName dummy-host.localhost\r
+ ServerAlias www.dummy-host.localhost\r
+ ErrorLog "logs/dummy-host.localhost-error.log"\r
+ CustomLog "logs/dummy-host.localhost-access.log" common\r
+</VirtualHost>\r
+\r
+<VirtualHost *:80>\r
+ ServerAdmin webmaster@dummy-host2.localhost\r
+ DocumentRoot "<%= apache_root %>/docs/dummy-host2.localhost"\r
+ ServerName dummy-host2.localhost\r
+ ErrorLog "logs/dummy-host2.localhost-error.log"\r
+ CustomLog "logs/dummy-host2.localhost-access.log" common\r
+</VirtualHost>\r
+\r
+\r
+\r
--- /dev/null
+#\r
+# This is the main Apache HTTP server configuration file. It contains the\r
+# configuration directives that give the server its instructions.\r
+# See <URL:http://httpd.apache.org/docs/2.2> for detailed information.\r
+# In particular, see \r
+# <URL:http://httpd.apache.org/docs/2.2/mod/directives.html>\r
+# for a discussion of each configuration directive.\r
+#\r
+# Do NOT simply read the instructions in here without understanding\r
+# what they do. They're here only as hints or reminders. If you are unsure\r
+# consult the online docs. You have been warned. \r
+#\r
+# Configuration and logfile names: If the filenames you specify for many\r
+# of the server's control files begin with "/" (or "drive:/" for Win32), the\r
+# server will use that explicit path. If the filenames do *not* begin\r
+# with "/", the value of ServerRoot is prepended -- so "logs/foo.log"\r
+# with ServerRoot set to "<%= apache_root %>" will be interpreted by the\r
+# server as "<%= apache_root %>/logs/foo.log".\r
+#\r
+# NOTE: Where filenames are specified, you must use forward slashes\r
+# instead of backslashes (e.g., "c:/apache" instead of "c:\apache").\r
+# If a drive letter is omitted, the drive on which httpd.exe is located\r
+# will be used by default. It is recommended that you always supply\r
+# an explicit drive letter in absolute paths to avoid confusion.\r
+\r
+#\r
+# ServerRoot: The top of the directory tree under which the server's\r
+# configuration, error, and log files are kept.\r
+#\r
+# Do not add a slash at the end of the directory path. If you point\r
+# ServerRoot at a non-local disk, be sure to point the LockFile directive\r
+# at a local disk. If you wish to share the same ServerRoot for multiple\r
+# httpd daemons, you will need to change at least LockFile and PidFile.\r
+#\r
+ServerRoot "<%= apache_root %>"\r
+\r
+#\r
+# Listen: Allows you to bind Apache to specific IP addresses and/or\r
+# ports, instead of the default. See also the <VirtualHost>\r
+# directive.\r
+#\r
+# Change this to Listen on specific IP addresses as shown below to \r
+# prevent Apache from glomming onto all bound IP addresses.\r
+#\r
+#Listen 12.34.56.78:80\r
+Listen <%= apache_port %>\r
+\r
+#\r
+# Dynamic Shared Object (DSO) Support\r
+#\r
+# To be able to use the functionality of a module which was built as a DSO you\r
+# have to place corresponding `LoadModule' lines at this location so the\r
+# directives contained in it are actually available _before_ they are used.\r
+# Statically compiled modules (those listed by `httpd -l') do not need\r
+# to be loaded here.\r
+#\r
+# Example:\r
+# LoadModule foo_module modules/mod_foo.so\r
+#\r
+LoadModule actions_module modules/mod_actions.so\r
+LoadModule alias_module modules/mod_alias.so\r
+LoadModule asis_module modules/mod_asis.so\r
+LoadModule auth_basic_module modules/mod_auth_basic.so\r
+#LoadModule auth_digest_module modules/mod_auth_digest.so\r
+#LoadModule authn_alias_module modules/mod_authn_alias.so\r
+#LoadModule authn_anon_module modules/mod_authn_anon.so\r
+#LoadModule authn_dbd_module modules/mod_authn_dbd.so\r
+#LoadModule authn_dbm_module modules/mod_authn_dbm.so\r
+LoadModule authn_default_module modules/mod_authn_default.so\r
+LoadModule authn_file_module modules/mod_authn_file.so\r
+LoadModule authnz_ldap_module modules/mod_authnz_ldap.so\r
+#LoadModule authz_dbm_module modules/mod_authz_dbm.so\r
+LoadModule authz_default_module modules/mod_authz_default.so\r
+LoadModule authz_groupfile_module modules/mod_authz_groupfile.so\r
+LoadModule authz_host_module modules/mod_authz_host.so\r
+#LoadModule authz_owner_module modules/mod_authz_owner.so\r
+LoadModule authz_user_module modules/mod_authz_user.so\r
+LoadModule autoindex_module modules/mod_autoindex.so\r
+#LoadModule cache_module modules/mod_cache.so\r
+#LoadModule cern_meta_module modules/mod_cern_meta.so\r
+LoadModule cgi_module modules/mod_cgi.so\r
+#LoadModule charset_lite_module modules/mod_charset_lite.so\r
+LoadModule dav_module modules/mod_dav.so\r
+LoadModule dav_fs_module modules/mod_dav_fs.so\r
+LoadModule dav_lock_module modules/mod_dav_lock.so\r
+#LoadModule dbd_module modules/mod_dbd.so\r
+#LoadModule deflate_module modules/mod_deflate.so\r
+LoadModule dir_module modules/mod_dir.so\r
+#LoadModule disk_cache_module modules/mod_disk_cache.so\r
+#LoadModule dumpio_module modules/mod_dumpio.so\r
+LoadModule env_module modules/mod_env.so\r
+#LoadModule expires_module modules/mod_expires.so\r
+#LoadModule ext_filter_module modules/mod_ext_filter.so\r
+#LoadModule file_cache_module modules/mod_file_cache.so\r
+#LoadModule filter_module modules/mod_filter.so\r
+#LoadModule headers_module modules/mod_headers.so\r
+#LoadModule ident_module modules/mod_ident.so\r
+#LoadModule imagemap_module modules/mod_imagemap.so\r
+LoadModule include_module modules/mod_include.so\r
+#LoadModule info_module modules/mod_info.so\r
+LoadModule isapi_module modules/mod_isapi.so\r
+LoadModule ldap_module modules/mod_ldap.so\r
+#LoadModule logio_module modules/mod_logio.so\r
+LoadModule log_config_module modules/mod_log_config.so\r
+#LoadModule log_forensic_module modules/mod_log_forensic.so\r
+#LoadModule mem_cache_module modules/mod_mem_cache.so\r
+LoadModule mime_module modules/mod_mime.so\r
+#LoadModule mime_magic_module modules/mod_mime_magic.so\r
+LoadModule negotiation_module modules/mod_negotiation.so\r
+LoadModule proxy_module modules/mod_proxy.so\r
+#LoadModule proxy_ajp_module modules/mod_proxy_ajp.so\r
+#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so\r
+#LoadModule proxy_connect_module modules/mod_proxy_connect.so\r
+#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so\r
+LoadModule proxy_http_module modules/mod_proxy_http.so\r
+#LoadModule rewrite_module modules/mod_rewrite.so\r
+LoadModule setenvif_module modules/mod_setenvif.so\r
+#LoadModule speling_module modules/mod_speling.so\r
+#LoadModule ssl_module modules/mod_ssl.so\r
+#LoadModule status_module modules/mod_status.so\r
+#LoadModule substitute_module modules/mod_substitute.so\r
+#LoadModule unique_id_module modules/mod_unique_id.so\r
+#LoadModule userdir_module modules/mod_userdir.so\r
+#LoadModule usertrack_module modules/mod_usertrack.so\r
+#LoadModule version_module modules/mod_version.so\r
+#LoadModule vhost_alias_module modules/mod_vhost_alias.so\r
+\r
+<IfModule !mpm_netware_module>\r
+<IfModule !mpm_winnt_module>\r
+#\r
+# If you wish httpd to run as a different user or group, you must run\r
+# httpd as root initially and it will switch. \r
+#\r
+# User/Group: The name (or #number) of the user/group to run httpd as.\r
+# It is usually good practice to create a dedicated user and group for\r
+# running httpd, as with most system services.\r
+#\r
+User daemon\r
+Group daemon\r
+\r
+</IfModule>\r
+</IfModule>\r
+\r
+# 'Main' server configuration\r
+#\r
+# The directives in this section set up the values used by the 'main'\r
+# server, which responds to any requests that aren't handled by a\r
+# <VirtualHost> definition. These values also provide defaults for\r
+# any <VirtualHost> containers you may define later in the file.\r
+#\r
+# All of these directives may appear inside <VirtualHost> containers,\r
+# in which case these default settings will be overridden for the\r
+# virtual host being defined.\r
+#\r
+\r
+#\r
+# ServerAdmin: Your address, where problems with the server should be\r
+# e-mailed. This address appears on some server-generated pages, such\r
+# as error documents. e.g. admin@your-domain.com\r
+#\r
+ServerAdmin webmaster@somenet.com\r
+\r
+#\r
+# ServerName gives the name and port that the server uses to identify itself.\r
+# This can often be determined automatically, but we recommend you specify\r
+# it explicitly to prevent problems during startup.\r
+#\r
+# If your host doesn't have a registered DNS name, enter its IP address here.\r
+#\r
+ServerName <%= fqdn_or_ipaddr %>:<%= apache_port %>\r
+\r
+#\r
+# DocumentRoot: The directory out of which you will serve your\r
+# documents. By default, all requests are taken from this directory, but\r
+# symbolic links and aliases may be used to point to other locations.\r
+#\r
+DocumentRoot "<%= apache_root %>/htdocs"\r
+\r
+#\r
+# Each directory to which Apache has access can be configured with respect\r
+# to which services and features are allowed and/or disabled in that\r
+# directory (and its subdirectories). \r
+#\r
+# First, we configure the "default" to be a very restrictive set of \r
+# features. \r
+#\r
+<Directory />\r
+ Options FollowSymLinks\r
+ AllowOverride None\r
+ Order deny,allow\r
+ Deny from all\r
+</Directory>\r
+\r
+#\r
+# Note that from this point forward you must specifically allow\r
+# particular features to be enabled - so if something's not working as\r
+# you might expect, make sure that you have specifically enabled it\r
+# below.\r
+#\r
+\r
+#\r
+# This should be changed to whatever you set DocumentRoot to.\r
+#\r
+<Directory "<%= apache_root %>/htdocs">\r
+ #\r
+ # Possible values for the Options directive are "None", "All",\r
+ # or any combination of:\r
+ # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews\r
+ #\r
+ # Note that "MultiViews" must be named *explicitly* --- "Options All"\r
+ # doesn't give it to you.\r
+ #\r
+ # The Options directive is both complicated and important. Please see\r
+ # http://httpd.apache.org/docs/2.2/mod/core.html#options\r
+ # for more information.\r
+ #\r
+ Options Indexes FollowSymLinks\r
+\r
+ #\r
+ # AllowOverride controls what directives may be placed in .htaccess files.\r
+ # It can be "All", "None", or any combination of the keywords:\r
+ # Options FileInfo AuthConfig Limit\r
+ #\r
+ AllowOverride None\r
+\r
+ #\r
+ # Controls who can get stuff from this server.\r
+ #\r
+ Order allow,deny\r
+ Allow from all\r
+\r
+</Directory>\r
+\r
+#\r
+# DirectoryIndex: sets the file that Apache will serve if a directory\r
+# is requested.\r
+#\r
+<IfModule dir_module>\r
+ DirectoryIndex index.html\r
+</IfModule>\r
+\r
+#\r
+# The following lines prevent .htaccess and .htpasswd files from being \r
+# viewed by Web clients. \r
+#\r
+<FilesMatch "^\.ht">\r
+ Order allow,deny\r
+ Deny from all\r
+ Satisfy All\r
+</FilesMatch>\r
+\r
+#\r
+# ErrorLog: The location of the error log file.\r
+# If you do not specify an ErrorLog directive within a <VirtualHost>\r
+# container, error messages relating to that virtual host will be\r
+# logged here. If you *do* define an error logfile for a <VirtualHost>\r
+# container, that host's errors will be logged there and not here.\r
+#\r
+ErrorLog "logs/error.log"\r
+\r
+#\r
+# LogLevel: Control the number of messages logged to the error_log.\r
+# Possible values include: debug, info, notice, warn, error, crit,\r
+# alert, emerg.\r
+#\r
+LogLevel warn\r
+\r
+<IfModule log_config_module>\r
+ #\r
+ # The following directives define some format nicknames for use with\r
+ # a CustomLog directive (see below).\r
+ #\r
+ LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined\r
+ LogFormat "%h %l %u %t \"%r\" %>s %b" common\r
+\r
+ <IfModule logio_module>\r
+ # You need to enable mod_logio.c to use %I and %O\r
+ LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio\r
+ </IfModule>\r
+\r
+ #\r
+ # The location and format of the access logfile (Common Logfile Format).\r
+ # If you do not define any access logfiles within a <VirtualHost>\r
+ # container, they will be logged here. Contrariwise, if you *do*\r
+ # define per-<VirtualHost> access logfiles, transactions will be\r
+ # logged therein and *not* in this file.\r
+ #\r
+ CustomLog "logs/access.log" common\r
+\r
+ #\r
+ # If you prefer a logfile with access, agent, and referer information\r
+ # (Combined Logfile Format) you can use the following directive.\r
+ #\r
+ #CustomLog "logs/access.log" combined\r
+</IfModule>\r
+\r
+<IfModule alias_module>\r
+ #\r
+ # Redirect: Allows you to tell clients about documents that used to \r
+ # exist in your server's namespace, but do not anymore. The client \r
+ # will make a new request for the document at its new location.\r
+ # Example:\r
+ # Redirect permanent /foo http://localhost/bar\r
+\r
+ #\r
+ # Alias: Maps web paths into filesystem paths and is used to\r
+ # access content that does not live under the DocumentRoot.\r
+ # Example:\r
+ # Alias /webpath /full/filesystem/path\r
+ #\r
+ # If you include a trailing / on /webpath then the server will\r
+ # require it to be present in the URL. You will also likely\r
+ # need to provide a <Directory> section to allow access to\r
+ # the filesystem path.\r
+\r
+ #\r
+ # ScriptAlias: This controls which directories contain server scripts. \r
+ # ScriptAliases are essentially the same as Aliases, except that\r
+ # documents in the target directory are treated as applications and\r
+ # run by the server when requested rather than as documents sent to the\r
+ # client. The same rules about trailing "/" apply to ScriptAlias\r
+ # directives as to Alias.\r
+ #\r
+ ScriptAlias /cgi-bin/ "<%= apache_root %>/cgi-bin/"\r
+\r
+</IfModule>\r
+\r
+<IfModule cgid_module>\r
+ #\r
+ # ScriptSock: On threaded servers, designate the path to the UNIX\r
+ # socket used to communicate with the CGI daemon of mod_cgid.\r
+ #\r
+ #Scriptsock logs/cgisock\r
+</IfModule>\r
+\r
+#\r
+# "<%= apache_root %>/cgi-bin" should be changed to whatever your ScriptAliased\r
+# CGI directory exists, if you have that configured.\r
+#\r
+<Directory "<%= apache_root %>/cgi-bin">\r
+ AllowOverride None\r
+ Options None\r
+ Order allow,deny\r
+ Allow from all\r
+</Directory>\r
+\r
+#\r
+# DefaultType: the default MIME type the server will use for a document\r
+# if it cannot otherwise determine one, such as from filename extensions.\r
+# If your server contains mostly text or HTML documents, "text/plain" is\r
+# a good value. If most of your content is binary, such as applications\r
+# or images, you may want to use "application/octet-stream" instead to\r
+# keep browsers from trying to display binary files as though they are\r
+# text.\r
+#\r
+DefaultType text/plain\r
+\r
+<IfModule mime_module>\r
+ #\r
+ # TypesConfig points to the file containing the list of mappings from\r
+ # filename extension to MIME-type.\r
+ #\r
+ TypesConfig conf/mime.types\r
+\r
+ #\r
+ # AddType allows you to add to or override the MIME configuration\r
+ # file specified in TypesConfig for specific file types.\r
+ #\r
+ #AddType application/x-gzip .tgz\r
+ #\r
+ # AddEncoding allows you to have certain browsers uncompress\r
+ # information on the fly. Note: Not all browsers support this.\r
+ #\r
+ #AddEncoding x-compress .Z\r
+ #AddEncoding x-gzip .gz .tgz\r
+ #\r
+ # If the AddEncoding directives above are commented-out, then you\r
+ # probably should define those extensions to indicate media types:\r
+ #\r
+ AddType application/x-compress .Z\r
+ AddType application/x-gzip .gz .tgz\r
+\r
+ #\r
+ # AddHandler allows you to map certain file extensions to "handlers":\r
+ # actions unrelated to filetype. These can be either built into the server\r
+ # or added with the Action directive (see below)\r
+ #\r
+ # To use CGI scripts outside of ScriptAliased directories:\r
+ # (You will also need to add "ExecCGI" to the "Options" directive.)\r
+ #\r
+ #AddHandler cgi-script .cgi\r
+\r
+ # For type maps (negotiated resources):\r
+ #AddHandler type-map var\r
+\r
+ #\r
+ # Filters allow you to process content before it is sent to the client.\r
+ #\r
+ # To parse .shtml files for server-side includes (SSI):\r
+ # (You will also need to add "Includes" to the "Options" directive.)\r
+ #\r
+ #AddType text/html .shtml\r
+ #AddOutputFilter INCLUDES .shtml\r
+</IfModule>\r
+\r
+#\r
+# The mod_mime_magic module allows the server to use various hints from the\r
+# contents of the file itself to determine its type. The MIMEMagicFile\r
+# directive tells the module where the hint definitions are located.\r
+#\r
+#MIMEMagicFile conf/magic\r
+\r
+#\r
+# Customizable error responses come in three flavors:\r
+# 1) plain text 2) local redirects 3) external redirects\r
+#\r
+# Some examples:\r
+#ErrorDocument 500 "The server made a boo boo."\r
+#ErrorDocument 404 /missing.html\r
+#ErrorDocument 404 "/cgi-bin/missing_handler.pl"\r
+#ErrorDocument 402 http://localhost/subscription_info.html\r
+#\r
+\r
+#\r
+# EnableMMAP and EnableSendfile: On systems that support it, \r
+# memory-mapping or the sendfile syscall is used to deliver\r
+# files. This usually improves server performance, but must\r
+# be turned off when serving from networked-mounted \r
+# filesystems or if support for these functions is otherwise\r
+# broken on your system.\r
+#\r
+#EnableMMAP off\r
+#EnableSendfile off\r
+\r
+# Supplemental configuration\r
+#\r
+# The configuration files in the conf/extra/ directory can be \r
+# included to add extra features or to modify the default configuration of \r
+# the server, or you may simply copy their contents here and change as \r
+# necessary.\r
+\r
+# Server-pool management (MPM specific)\r
+#Include conf/extra/httpd-mpm.conf\r
+\r
+# Multi-language error messages\r
+#Include conf/extra/httpd-multilang-errordoc.conf\r
+\r
+# Fancy directory listings\r
+#Include conf/extra/httpd-autoindex.conf\r
+\r
+# Language settings\r
+#Include conf/extra/httpd-languages.conf\r
+\r
+# User home directories\r
+#Include conf/extra/httpd-userdir.conf\r
+\r
+# Real-time info on requests and configuration\r
+#Include conf/extra/httpd-info.conf\r
+\r
+# Virtual hosts\r
+#Include conf/extra/httpd-vhosts.conf\r
+\r
+# Local access to the Apache HTTP Server Manual\r
+#Include conf/extra/httpd-manual.conf\r
+\r
+# Distributed authoring and versioning (WebDAV)\r
+#Include conf/extra/httpd-dav.conf\r
+\r
+# Various default settings\r
+#Include conf/extra/httpd-default.conf\r
+\r
+# Secure (SSL/TLS) connections\r
+#Include conf/extra/httpd-ssl.conf\r
+#\r
+# Note: The following must must be present to support\r
+# starting without SSL on platforms with no /dev/random equivalent\r
+# but a statically compiled-in mod_ssl.\r
+#\r
+<IfModule ssl_module>\r
+SSLRandomSeed startup builtin\r
+SSLRandomSeed connect builtin\r
+</IfModule>\r
+\r
+Include conf/conf.d/*.conf\r
--- /dev/null
+#\r
+# Directives controlling the display of server-generated directory listings.\r
+#\r
+# Required modules: mod_autoindex, mod_alias\r
+#\r
+# To see the listing of a directory, the Options directive for the\r
+# directory must include "Indexes", and the directory must not contain\r
+# a file matching those listed in the DirectoryIndex directive.\r
+#\r
+\r
+#\r
+# IndexOptions: Controls the appearance of server-generated directory\r
+# listings.\r
+#\r
+IndexOptions FancyIndexing HTMLTable VersionSort\r
+\r
+# We include the /icons/ alias for FancyIndexed directory listings. If\r
+# you do not use FancyIndexing, you may comment this out.\r
+#\r
+Alias /icons/ "<%= apache_root %>/icons/"\r
+\r
+<Directory "<%= apache_root %>/icons">\r
+ Options Indexes MultiViews\r
+ AllowOverride None\r
+ Order allow,deny\r
+ Allow from all\r
+</Directory>\r
+\r
+#\r
+# AddIcon* directives tell the server which icon to show for different\r
+# files or filename extensions. These are only displayed for\r
+# FancyIndexed directories.\r
+#\r
+AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip\r
+\r
+AddIconByType (TXT,/icons/text.gif) text/*\r
+AddIconByType (IMG,/icons/image2.gif) image/*\r
+AddIconByType (SND,/icons/sound2.gif) audio/*\r
+AddIconByType (VID,/icons/movie.gif) video/*\r
+\r
+AddIcon /icons/binary.gif .bin .exe\r
+AddIcon /icons/binhex.gif .hqx\r
+AddIcon /icons/tar.gif .tar\r
+AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv\r
+AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip\r
+AddIcon /icons/a.gif .ps .ai .eps\r
+AddIcon /icons/layout.gif .html .shtml .htm .pdf\r
+AddIcon /icons/text.gif .txt\r
+AddIcon /icons/c.gif .c\r
+AddIcon /icons/p.gif .pl .py\r
+AddIcon /icons/f.gif .for\r
+AddIcon /icons/dvi.gif .dvi\r
+AddIcon /icons/uuencoded.gif .uu\r
+AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl\r
+AddIcon /icons/tex.gif .tex\r
+AddIcon /icons/bomb.gif core\r
+\r
+AddIcon /icons/back.gif ..\r
+AddIcon /icons/hand.right.gif README\r
+AddIcon /icons/folder.gif ^^DIRECTORY^^\r
+AddIcon /icons/blank.gif ^^BLANKICON^^\r
+\r
+#\r
+# DefaultIcon is which icon to show for files which do not have an icon\r
+# explicitly set.\r
+#\r
+DefaultIcon /icons/unknown.gif\r
+\r
+#\r
+# AddDescription allows you to place a short description after a file in\r
+# server-generated indexes. These are only displayed for FancyIndexed\r
+# directories.\r
+# Format: AddDescription "description" filename\r
+#\r
+#AddDescription "GZIP compressed document" .gz\r
+#AddDescription "tar archive" .tar\r
+#AddDescription "GZIP compressed tar archive" .tgz\r
+\r
+#\r
+# ReadmeName is the name of the README file the server will look for by\r
+# default, and append to directory listings.\r
+#\r
+# HeaderName is the name of a file which should be prepended to\r
+# directory indexes. \r
+ReadmeName README.html\r
+HeaderName HEADER.html\r
+\r
+#\r
+# IndexIgnore is a set of filenames which directory indexing should ignore\r
+# and not include in the listing. Shell-style wildcarding is permitted.\r
+#\r
+IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t\r
+\r
--- /dev/null
+#\r
+# Distributed authoring and versioning (WebDAV)\r
+#\r
+# Required modules: mod_dav, mod_dav_fs, mod_setenvif, mod_alias\r
+# mod_auth_digest, mod_authn_file\r
+#\r
+\r
+# The following example gives DAV write access to a directory called\r
+# "uploads" under the ServerRoot directory.\r
+#\r
+# The User/Group specified in httpd.conf needs to have write permissions\r
+# on the directory where the DavLockDB is placed and on any directory where\r
+# "Dav On" is specified.\r
+\r
+DavLockDB "<%= apache_root %>/var/DavLock"\r
+\r
+Alias /uploads "<%= apache_root %>/uploads"\r
+\r
+<Directory "<%= apache_root %>/uploads">\r
+ Dav On\r
+\r
+ Order Allow,Deny\r
+ Allow from all\r
+\r
+ AuthType Digest\r
+ AuthName DAV-upload\r
+\r
+ # You can use the htdigest program to create the password database:\r
+ # htdigest -c "<%= apache_root %>/user.passwd" DAV-upload admin\r
+ AuthUserFile "<%= apache_root %>/user.passwd"\r
+ AuthDigestProvider file\r
+\r
+ # Allow universal read-access, but writes are restricted\r
+ # to the admin user.\r
+ <LimitExcept GET OPTIONS>\r
+ require user admin\r
+ </LimitExcept>\r
+</Directory>\r
+\r
+#\r
+# The following directives disable redirects on non-GET requests for\r
+# a directory that does not include the trailing slash. This fixes a \r
+# problem with several clients that do not appropriately handle \r
+# redirects for folders with DAV methods.\r
+#\r
+BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully\r
+BrowserMatch "MS FrontPage" redirect-carefully\r
+BrowserMatch "^WebDrive" redirect-carefully\r
+BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully\r
+BrowserMatch "^gnome-vfs/1.0" redirect-carefully\r
+BrowserMatch "^XML Spy" redirect-carefully\r
+BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully\r
--- /dev/null
+#\r
+# Provide access to the documentation on your server as\r
+# http://yourserver.localhost/manual/\r
+# The documentation is always available at\r
+# http://httpd.apache.org/docs/2.2/\r
+#\r
+# Required modules: mod_alias, mod_setenvif, mod_negotiation\r
+#\r
+\r
+AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br|ru|tr))?(/.*)?$ "<%= apache_root %>/manual$1"\r
+\r
+<Directory "<%= apache_root %>/manual">\r
+ Options Indexes\r
+ AllowOverride None\r
+ Order allow,deny\r
+ Allow from all\r
+\r
+ <Files *.html>\r
+ SetHandler type-map\r
+ </Files>\r
+ # .tr is text/troff in mime.types!\r
+ <Files *.html.tr.utf8>\r
+ ForceType text/html\r
+ </Files>\r
+\r
+ SetEnvIf Request_URI ^/manual/(de|en|es|fr|ja|ko|pt-br|ru|tr)/ prefer-language=$1\r
+ RedirectMatch 301 ^/manual(?:/(de|en|es|fr|ja|ko|pt-br|ru|tr)){2,}(/.*)?$ /manual/$1$2\r
+\r
+ LanguagePriority en de es fr ja ko pt-br ru tr\r
+ ForceLanguagePriority Prefer Fallback\r
+</Directory>\r
--- /dev/null
+#\r
+# The configuration below implements multi-language error documents through\r
+# content-negotiation.\r
+#\r
+# Required modules: mod_alias, mod_include, mod_negotiation\r
+#\r
+# We use Alias to redirect any /error/HTTP_<error>.html.var response to\r
+# our collection of by-error message multi-language collections. We use \r
+# includes to substitute the appropriate text.\r
+#\r
+# You can modify the messages' appearance without changing any of the\r
+# default HTTP_<error>.html.var files by adding the line:\r
+#\r
+# Alias /error/include/ "/your/include/path/"\r
+#\r
+# which allows you to create your own set of files by starting with the\r
+# <%= apache_root %>/error/include/ files and copying them to /your/include/path/, \r
+# even on a per-VirtualHost basis. The default include files will display\r
+# your Apache version number and your ServerAdmin email address regardless\r
+# of the setting of ServerSignature.\r
+\r
+Alias /error/ "<%= apache_root %>/error/"\r
+\r
+<Directory "<%= apache_root %>/error">\r
+ AllowOverride None\r
+ Options IncludesNoExec\r
+ AddOutputFilter Includes html\r
+ AddHandler type-map var\r
+ Order allow,deny\r
+ Allow from all\r
+ LanguagePriority en cs de es fr it ja ko nl pl pt-br ro sv tr\r
+ ForceLanguagePriority Prefer Fallback\r
+</Directory>\r
+\r
+ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var\r
+ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var\r
+ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var\r
+ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var\r
+ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var\r
+ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var\r
+ErrorDocument 410 /error/HTTP_GONE.html.var\r
+ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var\r
+ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var\r
+ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var\r
+ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var\r
+ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var\r
+ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var\r
+ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var\r
+ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var\r
+ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var\r
+ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var\r
+\r
--- /dev/null
+#\r
+# This is the Apache server configuration file providing SSL support.\r
+# It contains the configuration directives to instruct the server how to\r
+# serve pages over an https connection. For detailing information about these \r
+# directives see <URL:http://httpd.apache.org/docs/2.2/mod/mod_ssl.html>\r
+# \r
+# Do NOT simply read the instructions in here without understanding\r
+# what they do. They're here only as hints or reminders. If you are unsure\r
+# consult the online docs. You have been warned. \r
+#\r
+\r
+#\r
+# Pseudo Random Number Generator (PRNG):\r
+# Configure one or more sources to seed the PRNG of the SSL library.\r
+# The seed data should be of good random quality.\r
+# WARNING! On some platforms /dev/random blocks if not enough entropy\r
+# is available. This means you then cannot use the /dev/random device\r
+# because it would lead to very long connection times (as long as\r
+# it requires to make more entropy available). But usually those\r
+# platforms additionally provide a /dev/urandom device which doesn't\r
+# block. So, if available, use this one instead. Read the mod_ssl User\r
+# Manual for more details.\r
+#\r
+#SSLRandomSeed startup file:/dev/random 512\r
+#SSLRandomSeed startup file:/dev/urandom 512\r
+#SSLRandomSeed connect file:/dev/random 512\r
+#SSLRandomSeed connect file:/dev/urandom 512\r
+\r
+\r
+#\r
+# When we also provide SSL we have to listen to the \r
+# standard HTTP port (see above) and to the HTTPS port\r
+#\r
+# Note: Configurations that use IPv6 but not IPv4-mapped addresses need two\r
+# Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443"\r
+#\r
+Listen 443\r
+\r
+##\r
+## SSL Global Context\r
+##\r
+## All SSL configuration in this context applies both to\r
+## the main server and all SSL-enabled virtual hosts.\r
+##\r
+\r
+#\r
+# Some MIME-types for downloading Certificates and CRLs\r
+#\r
+AddType application/x-x509-ca-cert .crt\r
+AddType application/x-pkcs7-crl .crl\r
+\r
+# Pass Phrase Dialog:\r
+# Configure the pass phrase gathering process.\r
+# The filtering dialog program (`builtin' is a internal\r
+# terminal dialog) has to provide the pass phrase on stdout.\r
+SSLPassPhraseDialog builtin\r
+\r
+# Inter-Process Session Cache:\r
+# Configure the SSL Session Cache: First the mechanism \r
+# to use and second the expiring timeout (in seconds).\r
+#SSLSessionCache "dbm:<%= apache_root %>/logs/ssl_scache"\r
+SSLSessionCache "shmcb:<%= apache_root %>/logs/ssl_scache(512000)"\r
+SSLSessionCacheTimeout 300\r
+\r
+# Semaphore:\r
+# Configure the path to the mutual exclusion semaphore the\r
+# SSL engine uses internally for inter-process synchronization. \r
+SSLMutex default\r
+\r
+##\r
+## SSL Virtual Host Context\r
+##\r
+\r
+<VirtualHost _default_:443>\r
+\r
+# General setup for the virtual host\r
+DocumentRoot "<%= apache_root %>/htdocs"\r
+ServerName localhost:443\r
+ServerAdmin webmaster@somenet.com\r
+ErrorLog "<%= apache_root %>/logs/error.log"\r
+TransferLog "<%= apache_root %>/logs/access.log"\r
+\r
+# SSL Engine Switch:\r
+# Enable/Disable SSL for this virtual host.\r
+SSLEngine on\r
+\r
+# SSL Cipher Suite:\r
+# List the ciphers that the client is permitted to negotiate.\r
+# See the mod_ssl documentation for a complete list.\r
+SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL\r
+\r
+# Server Certificate:\r
+# Point SSLCertificateFile at a PEM encoded certificate. If\r
+# the certificate is encrypted, then you will be prompted for a\r
+# pass phrase. Note that a kill -HUP will prompt again. Keep\r
+# in mind that if you have both an RSA and a DSA certificate you\r
+# can configure both in parallel (to also allow the use of DSA\r
+# ciphers, etc.)\r
+SSLCertificateFile "<%= apache_root %>/conf/server.crt"\r
+#SSLCertificateFile "<%= apache_root %>/conf/server-dsa.crt"\r
+\r
+# Server Private Key:\r
+# If the key is not combined with the certificate, use this\r
+# directive to point at the key file. Keep in mind that if\r
+# you've both a RSA and a DSA private key you can configure\r
+# both in parallel (to also allow the use of DSA ciphers, etc.)\r
+SSLCertificateKeyFile "<%= apache_root %>/conf/server.key"\r
+#SSLCertificateKeyFile "<%= apache_root %>/conf/server-dsa.key"\r
+\r
+# Server Certificate Chain:\r
+# Point SSLCertificateChainFile at a file containing the\r
+# concatenation of PEM encoded CA certificates which form the\r
+# certificate chain for the server certificate. Alternatively\r
+# the referenced file can be the same as SSLCertificateFile\r
+# when the CA certificates are directly appended to the server\r
+# certificate for convinience.\r
+#SSLCertificateChainFile "<%= apache_root %>/conf/server-ca.crt"\r
+\r
+# Certificate Authority (CA):\r
+# Set the CA certificate verification path where to find CA\r
+# certificates for client authentication or alternatively one\r
+# huge file containing all of them (file must be PEM encoded)\r
+# Note: Inside SSLCACertificatePath you need hash symlinks\r
+# to point to the certificate files. Use the provided\r
+# Makefile to update the hash symlinks after changes.\r
+#SSLCACertificatePath "<%= apache_root %>/conf/ssl.crt"\r
+#SSLCACertificateFile "<%= apache_root %>/conf/ssl.crt/ca-bundle.crt"\r
+\r
+# Certificate Revocation Lists (CRL):\r
+# Set the CA revocation path where to find CA CRLs for client\r
+# authentication or alternatively one huge file containing all\r
+# of them (file must be PEM encoded)\r
+# Note: Inside SSLCARevocationPath you need hash symlinks\r
+# to point to the certificate files. Use the provided\r
+# Makefile to update the hash symlinks after changes.\r
+#SSLCARevocationPath "<%= apache_root %>/conf/ssl.crl"\r
+#SSLCARevocationFile "<%= apache_root %>/conf/ssl.crl/ca-bundle.crl"\r
+\r
+# Client Authentication (Type):\r
+# Client certificate verification type and depth. Types are\r
+# none, optional, require and optional_no_ca. Depth is a\r
+# number which specifies how deeply to verify the certificate\r
+# issuer chain before deciding the certificate is not valid.\r
+#SSLVerifyClient require\r
+#SSLVerifyDepth 10\r
+\r
+# Access Control:\r
+# With SSLRequire you can do per-directory access control based\r
+# on arbitrary complex boolean expressions containing server\r
+# variable checks and other lookup directives. The syntax is a\r
+# mixture between C and Perl. See the mod_ssl documentation\r
+# for more details.\r
+#<Location />\r
+#SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \\r
+# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \\r
+# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \\r
+# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \\r
+# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \\r
+# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/\r
+#</Location>\r
+\r
+# SSL Engine Options:\r
+# Set various options for the SSL engine.\r
+# o FakeBasicAuth:\r
+# Translate the client X.509 into a Basic Authorisation. This means that\r
+# the standard Auth/DBMAuth methods can be used for access control. The\r
+# user name is the `one line' version of the client's X.509 certificate.\r
+# Note that no password is obtained from the user. Every entry in the user\r
+# file needs this password: `xxj31ZMTZzkVA'.\r
+# o ExportCertData:\r
+# This exports two additional environment variables: SSL_CLIENT_CERT and\r
+# SSL_SERVER_CERT. These contain the PEM-encoded certificates of the\r
+# server (always existing) and the client (only existing when client\r
+# authentication is used). This can be used to import the certificates\r
+# into CGI scripts.\r
+# o StdEnvVars:\r
+# This exports the standard SSL/TLS related `SSL_*' environment variables.\r
+# Per default this exportation is switched off for performance reasons,\r
+# because the extraction step is an expensive operation and is usually\r
+# useless for serving static content. So one usually enables the\r
+# exportation for CGI and SSI requests only.\r
+# o StrictRequire:\r
+# This denies access when "SSLRequireSSL" or "SSLRequire" applied even\r
+# under a "Satisfy any" situation, i.e. when it applies access is denied\r
+# and no other module can change it.\r
+# o OptRenegotiate:\r
+# This enables optimized SSL connection renegotiation handling when SSL\r
+# directives are used in per-directory context. \r
+#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire\r
+<FilesMatch "\.(cgi|shtml|phtml|php)$">\r
+ SSLOptions +StdEnvVars\r
+</FilesMatch>\r
+<Directory "<%= apache_root %>/cgi-bin">\r
+ SSLOptions +StdEnvVars\r
+</Directory>\r
+\r
+# SSL Protocol Adjustments:\r
+# The safe and default but still SSL/TLS standard compliant shutdown\r
+# approach is that mod_ssl sends the close notify alert but doesn't wait for\r
+# the close notify alert from client. When you need a different shutdown\r
+# approach you can use one of the following variables:\r
+# o ssl-unclean-shutdown:\r
+# This forces an unclean shutdown when the connection is closed, i.e. no\r
+# SSL close notify alert is send or allowed to received. This violates\r
+# the SSL/TLS standard but is needed for some brain-dead browsers. Use\r
+# this when you receive I/O errors because of the standard approach where\r
+# mod_ssl sends the close notify alert.\r
+# o ssl-accurate-shutdown:\r
+# This forces an accurate shutdown when the connection is closed, i.e. a\r
+# SSL close notify alert is send and mod_ssl waits for the close notify\r
+# alert of the client. This is 100% SSL/TLS standard compliant, but in\r
+# practice often causes hanging connections with brain-dead browsers. Use\r
+# this only for browsers where you know that their SSL implementation\r
+# works correctly. \r
+# Notice: Most problems of broken clients are also related to the HTTP\r
+# keep-alive facility, so you usually additionally want to disable\r
+# keep-alive for those clients, too. Use variable "nokeepalive" for this.\r
+# Similarly, one has to force some clients to use HTTP/1.0 to workaround\r
+# their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and\r
+# "force-response-1.0" for this.\r
+BrowserMatch ".*MSIE.*" \\r
+ nokeepalive ssl-unclean-shutdown \\r
+ downgrade-1.0 force-response-1.0\r
+\r
+# Per-Server Logging:\r
+# The home of a custom SSL log file. Use this when you want a\r
+# compact non-error SSL logfile on a virtual host basis.\r
+CustomLog "<%= apache_root %>/logs/ssl_request.log" \\r
+ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"\r
+\r
+</VirtualHost> \r
--- /dev/null
+#\r
+# Virtual Hosts\r
+#\r
+# If you want to maintain multiple domains/hostnames on your\r
+# machine you can setup VirtualHost containers for them. Most configurations\r
+# use only name-based virtual hosts so the server doesn't need to worry about\r
+# IP addresses. This is indicated by the asterisks in the directives below.\r
+#\r
+# Please see the documentation at \r
+# <URL:http://httpd.apache.org/docs/2.2/vhosts/>\r
+# for further details before you try to setup virtual hosts.\r
+#\r
+# You may use the command line option '-S' to verify your virtual host\r
+# configuration.\r
+\r
+#\r
+# Use name-based virtual hosting.\r
+#\r
+NameVirtualHost *:80\r
+\r
+#\r
+# VirtualHost example:\r
+# Almost any Apache directive may go into a VirtualHost container.\r
+# The first VirtualHost section is used for all requests that do not\r
+# match a ServerName or ServerAlias in any <VirtualHost> block.\r
+#\r
+<VirtualHost *:80>\r
+ ServerAdmin webmaster@dummy-host.localhost\r
+ DocumentRoot "<%= apache_root %>/docs/dummy-host.localhost"\r
+ ServerName dummy-host.localhost\r
+ ServerAlias www.dummy-host.localhost\r
+ ErrorLog "logs/dummy-host.localhost-error.log"\r
+ CustomLog "logs/dummy-host.localhost-access.log" common\r
+</VirtualHost>\r
+\r
+<VirtualHost *:80>\r
+ ServerAdmin webmaster@dummy-host2.localhost\r
+ DocumentRoot "<%= apache_root %>/docs/dummy-host2.localhost"\r
+ ServerName dummy-host2.localhost\r
+ ErrorLog "logs/dummy-host2.localhost-error.log"\r
+ CustomLog "logs/dummy-host2.localhost-access.log" common\r
+</VirtualHost>\r
+\r
+\r
+\r
--- /dev/null
+#\r
+# This is the main Apache HTTP server configuration file. It contains the\r
+# configuration directives that give the server its instructions.\r
+# See <URL:http://httpd.apache.org/docs/2.2> for detailed information.\r
+# In particular, see \r
+# <URL:http://httpd.apache.org/docs/2.2/mod/directives.html>\r
+# for a discussion of each configuration directive.\r
+#\r
+# Do NOT simply read the instructions in here without understanding\r
+# what they do. They're here only as hints or reminders. If you are unsure\r
+# consult the online docs. You have been warned. \r
+#\r
+# Configuration and logfile names: If the filenames you specify for many\r
+# of the server's control files begin with "/" (or "drive:/" for Win32), the\r
+# server will use that explicit path. If the filenames do *not* begin\r
+# with "/", the value of ServerRoot is prepended -- so "logs/foo.log"\r
+# with ServerRoot set to "<%= apache_root %>" will be interpreted by the\r
+# server as "<%= apache_root %>/logs/foo.log".\r
+#\r
+# NOTE: Where filenames are specified, you must use forward slashes\r
+# instead of backslashes (e.g., "c:/apache" instead of "c:\apache").\r
+# If a drive letter is omitted, the drive on which httpd.exe is located\r
+# will be used by default. It is recommended that you always supply\r
+# an explicit drive letter in absolute paths to avoid confusion.\r
+\r
+#\r
+# ServerRoot: The top of the directory tree under which the server's\r
+# configuration, error, and log files are kept.\r
+#\r
+# Do not add a slash at the end of the directory path. If you point\r
+# ServerRoot at a non-local disk, be sure to point the LockFile directive\r
+# at a local disk. If you wish to share the same ServerRoot for multiple\r
+# httpd daemons, you will need to change at least LockFile and PidFile.\r
+#\r
+ServerRoot "<%= apache_root %>"\r
+\r
+#\r
+# Listen: Allows you to bind Apache to specific IP addresses and/or\r
+# ports, instead of the default. See also the <VirtualHost>\r
+# directive.\r
+#\r
+# Change this to Listen on specific IP addresses as shown below to \r
+# prevent Apache from glomming onto all bound IP addresses.\r
+#\r
+#Listen 12.34.56.78:80\r
+Listen <%= apache_port %>\r
+\r
+#\r
+# Dynamic Shared Object (DSO) Support\r
+#\r
+# To be able to use the functionality of a module which was built as a DSO you\r
+# have to place corresponding `LoadModule' lines at this location so the\r
+# directives contained in it are actually available _before_ they are used.\r
+# Statically compiled modules (those listed by `httpd -l') do not need\r
+# to be loaded here.\r
+#\r
+# Example:\r
+# LoadModule foo_module modules/mod_foo.so\r
+#\r
+LoadModule actions_module modules/mod_actions.so\r
+LoadModule alias_module modules/mod_alias.so\r
+LoadModule asis_module modules/mod_asis.so\r
+LoadModule auth_basic_module modules/mod_auth_basic.so\r
+#LoadModule auth_digest_module modules/mod_auth_digest.so\r
+#LoadModule authn_alias_module modules/mod_authn_alias.so\r
+#LoadModule authn_anon_module modules/mod_authn_anon.so\r
+#LoadModule authn_dbd_module modules/mod_authn_dbd.so\r
+#LoadModule authn_dbm_module modules/mod_authn_dbm.so\r
+LoadModule authn_default_module modules/mod_authn_default.so\r
+LoadModule authn_file_module modules/mod_authn_file.so\r
+#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so\r
+#LoadModule authz_dbm_module modules/mod_authz_dbm.so\r
+LoadModule authz_default_module modules/mod_authz_default.so\r
+LoadModule authz_groupfile_module modules/mod_authz_groupfile.so\r
+LoadModule authz_host_module modules/mod_authz_host.so\r
+#LoadModule authz_owner_module modules/mod_authz_owner.so\r
+LoadModule authz_user_module modules/mod_authz_user.so\r
+LoadModule autoindex_module modules/mod_autoindex.so\r
+#LoadModule cache_module modules/mod_cache.so\r
+#LoadModule cern_meta_module modules/mod_cern_meta.so\r
+LoadModule cgi_module modules/mod_cgi.so\r
+#LoadModule charset_lite_module modules/mod_charset_lite.so\r
+#LoadModule dav_module modules/mod_dav.so\r
+#LoadModule dav_fs_module modules/mod_dav_fs.so\r
+#LoadModule dav_lock_module modules/mod_dav_lock.so\r
+#LoadModule dbd_module modules/mod_dbd.so\r
+#LoadModule deflate_module modules/mod_deflate.so\r
+LoadModule dir_module modules/mod_dir.so\r
+#LoadModule disk_cache_module modules/mod_disk_cache.so\r
+#LoadModule dumpio_module modules/mod_dumpio.so\r
+LoadModule env_module modules/mod_env.so\r
+#LoadModule expires_module modules/mod_expires.so\r
+#LoadModule ext_filter_module modules/mod_ext_filter.so\r
+#LoadModule file_cache_module modules/mod_file_cache.so\r
+#LoadModule filter_module modules/mod_filter.so\r
+#LoadModule headers_module modules/mod_headers.so\r
+#LoadModule ident_module modules/mod_ident.so\r
+#LoadModule imagemap_module modules/mod_imagemap.so\r
+LoadModule include_module modules/mod_include.so\r
+#LoadModule info_module modules/mod_info.so\r
+LoadModule isapi_module modules/mod_isapi.so\r
+#LoadModule ldap_module modules/mod_ldap.so\r
+#LoadModule logio_module modules/mod_logio.so\r
+LoadModule log_config_module modules/mod_log_config.so\r
+#LoadModule log_forensic_module modules/mod_log_forensic.so\r
+#LoadModule mem_cache_module modules/mod_mem_cache.so\r
+LoadModule mime_module modules/mod_mime.so\r
+#LoadModule mime_magic_module modules/mod_mime_magic.so\r
+LoadModule negotiation_module modules/mod_negotiation.so\r
+#LoadModule proxy_module modules/mod_proxy.so\r
+#LoadModule proxy_ajp_module modules/mod_proxy_ajp.so\r
+#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so\r
+#LoadModule proxy_connect_module modules/mod_proxy_connect.so\r
+#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so\r
+#LoadModule proxy_http_module modules/mod_proxy_http.so\r
+#LoadModule rewrite_module modules/mod_rewrite.so\r
+LoadModule setenvif_module modules/mod_setenvif.so\r
+#LoadModule speling_module modules/mod_speling.so\r
+#LoadModule ssl_module modules/mod_ssl.so\r
+#LoadModule status_module modules/mod_status.so\r
+#LoadModule substitute_module modules/mod_substitute.so\r
+#LoadModule unique_id_module modules/mod_unique_id.so\r
+#LoadModule userdir_module modules/mod_userdir.so\r
+#LoadModule usertrack_module modules/mod_usertrack.so\r
+#LoadModule version_module modules/mod_version.so\r
+#LoadModule vhost_alias_module modules/mod_vhost_alias.so\r
+\r
+<IfModule !mpm_netware_module>\r
+<IfModule !mpm_winnt_module>\r
+#\r
+# If you wish httpd to run as a different user or group, you must run\r
+# httpd as root initially and it will switch. \r
+#\r
+# User/Group: The name (or #number) of the user/group to run httpd as.\r
+# It is usually good practice to create a dedicated user and group for\r
+# running httpd, as with most system services.\r
+#\r
+User daemon\r
+Group daemon\r
+\r
+</IfModule>\r
+</IfModule>\r
+\r
+# 'Main' server configuration\r
+#\r
+# The directives in this section set up the values used by the 'main'\r
+# server, which responds to any requests that aren't handled by a\r
+# <VirtualHost> definition. These values also provide defaults for\r
+# any <VirtualHost> containers you may define later in the file.\r
+#\r
+# All of these directives may appear inside <VirtualHost> containers,\r
+# in which case these default settings will be overridden for the\r
+# virtual host being defined.\r
+#\r
+\r
+#\r
+# ServerAdmin: Your address, where problems with the server should be\r
+# e-mailed. This address appears on some server-generated pages, such\r
+# as error documents. e.g. admin@your-domain.com\r
+#\r
+ServerAdmin webmaster@somenet.com\r
+\r
+#\r
+# ServerName gives the name and port that the server uses to identify itself.\r
+# This can often be determined automatically, but we recommend you specify\r
+# it explicitly to prevent problems during startup.\r
+#\r
+# If your host doesn't have a registered DNS name, enter its IP address here.\r
+#\r
+#ServerName localhost:80\r
+\r
+#\r
+# DocumentRoot: The directory out of which you will serve your\r
+# documents. By default, all requests are taken from this directory, but\r
+# symbolic links and aliases may be used to point to other locations.\r
+#\r
+DocumentRoot "<%= apache_root %>/htdocs"\r
+\r
+#\r
+# Each directory to which Apache has access can be configured with respect\r
+# to which services and features are allowed and/or disabled in that\r
+# directory (and its subdirectories). \r
+#\r
+# First, we configure the "default" to be a very restrictive set of \r
+# features. \r
+#\r
+<Directory />\r
+ Options FollowSymLinks\r
+ AllowOverride None\r
+ Order deny,allow\r
+ Deny from all\r
+</Directory>\r
+\r
+#\r
+# Note that from this point forward you must specifically allow\r
+# particular features to be enabled - so if something's not working as\r
+# you might expect, make sure that you have specifically enabled it\r
+# below.\r
+#\r
+\r
+#\r
+# This should be changed to whatever you set DocumentRoot to.\r
+#\r
+<Directory "<%= apache_root %>/htdocs">\r
+ #\r
+ # Possible values for the Options directive are "None", "All",\r
+ # or any combination of:\r
+ # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews\r
+ #\r
+ # Note that "MultiViews" must be named *explicitly* --- "Options All"\r
+ # doesn't give it to you.\r
+ #\r
+ # The Options directive is both complicated and important. Please see\r
+ # http://httpd.apache.org/docs/2.2/mod/core.html#options\r
+ # for more information.\r
+ #\r
+ Options Indexes FollowSymLinks\r
+\r
+ #\r
+ # AllowOverride controls what directives may be placed in .htaccess files.\r
+ # It can be "All", "None", or any combination of the keywords:\r
+ # Options FileInfo AuthConfig Limit\r
+ #\r
+ AllowOverride None\r
+\r
+ #\r
+ # Controls who can get stuff from this server.\r
+ #\r
+ Order allow,deny\r
+ Allow from all\r
+\r
+</Directory>\r
+\r
+#\r
+# DirectoryIndex: sets the file that Apache will serve if a directory\r
+# is requested.\r
+#\r
+<IfModule dir_module>\r
+ DirectoryIndex index.html\r
+</IfModule>\r
+\r
+#\r
+# The following lines prevent .htaccess and .htpasswd files from being \r
+# viewed by Web clients. \r
+#\r
+<FilesMatch "^\.ht">\r
+ Order allow,deny\r
+ Deny from all\r
+ Satisfy All\r
+</FilesMatch>\r
+\r
+#\r
+# ErrorLog: The location of the error log file.\r
+# If you do not specify an ErrorLog directive within a <VirtualHost>\r
+# container, error messages relating to that virtual host will be\r
+# logged here. If you *do* define an error logfile for a <VirtualHost>\r
+# container, that host's errors will be logged there and not here.\r
+#\r
+ErrorLog "logs/error.log"\r
+\r
+#\r
+# LogLevel: Control the number of messages logged to the error_log.\r
+# Possible values include: debug, info, notice, warn, error, crit,\r
+# alert, emerg.\r
+#\r
+LogLevel warn\r
+\r
+<IfModule log_config_module>\r
+ #\r
+ # The following directives define some format nicknames for use with\r
+ # a CustomLog directive (see below).\r
+ #\r
+ LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined\r
+ LogFormat "%h %l %u %t \"%r\" %>s %b" common\r
+\r
+ <IfModule logio_module>\r
+ # You need to enable mod_logio.c to use %I and %O\r
+ LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio\r
+ </IfModule>\r
+\r
+ #\r
+ # The location and format of the access logfile (Common Logfile Format).\r
+ # If you do not define any access logfiles within a <VirtualHost>\r
+ # container, they will be logged here. Contrariwise, if you *do*\r
+ # define per-<VirtualHost> access logfiles, transactions will be\r
+ # logged therein and *not* in this file.\r
+ #\r
+ CustomLog "logs/access.log" common\r
+\r
+ #\r
+ # If you prefer a logfile with access, agent, and referer information\r
+ # (Combined Logfile Format) you can use the following directive.\r
+ #\r
+ #CustomLog "logs/access.log" combined\r
+</IfModule>\r
+\r
+<IfModule alias_module>\r
+ #\r
+ # Redirect: Allows you to tell clients about documents that used to \r
+ # exist in your server's namespace, but do not anymore. The client \r
+ # will make a new request for the document at its new location.\r
+ # Example:\r
+ # Redirect permanent /foo http://localhost/bar\r
+\r
+ #\r
+ # Alias: Maps web paths into filesystem paths and is used to\r
+ # access content that does not live under the DocumentRoot.\r
+ # Example:\r
+ # Alias /webpath /full/filesystem/path\r
+ #\r
+ # If you include a trailing / on /webpath then the server will\r
+ # require it to be present in the URL. You will also likely\r
+ # need to provide a <Directory> section to allow access to\r
+ # the filesystem path.\r
+\r
+ #\r
+ # ScriptAlias: This controls which directories contain server scripts. \r
+ # ScriptAliases are essentially the same as Aliases, except that\r
+ # documents in the target directory are treated as applications and\r
+ # run by the server when requested rather than as documents sent to the\r
+ # client. The same rules about trailing "/" apply to ScriptAlias\r
+ # directives as to Alias.\r
+ #\r
+ ScriptAlias /cgi-bin/ "<%= apache_root %>/cgi-bin/"\r
+\r
+</IfModule>\r
+\r
+<IfModule cgid_module>\r
+ #\r
+ # ScriptSock: On threaded servers, designate the path to the UNIX\r
+ # socket used to communicate with the CGI daemon of mod_cgid.\r
+ #\r
+ #Scriptsock logs/cgisock\r
+</IfModule>\r
+\r
+#\r
+# "<%= apache_root %>/cgi-bin" should be changed to whatever your ScriptAliased\r
+# CGI directory exists, if you have that configured.\r
+#\r
+<Directory "<%= apache_root %>/cgi-bin">\r
+ AllowOverride None\r
+ Options None\r
+ Order allow,deny\r
+ Allow from all\r
+</Directory>\r
+\r
+#\r
+# DefaultType: the default MIME type the server will use for a document\r
+# if it cannot otherwise determine one, such as from filename extensions.\r
+# If your server contains mostly text or HTML documents, "text/plain" is\r
+# a good value. If most of your content is binary, such as applications\r
+# or images, you may want to use "application/octet-stream" instead to\r
+# keep browsers from trying to display binary files as though they are\r
+# text.\r
+#\r
+DefaultType text/plain\r
+\r
+<IfModule mime_module>\r
+ #\r
+ # TypesConfig points to the file containing the list of mappings from\r
+ # filename extension to MIME-type.\r
+ #\r
+ TypesConfig conf/mime.types\r
+\r
+ #\r
+ # AddType allows you to add to or override the MIME configuration\r
+ # file specified in TypesConfig for specific file types.\r
+ #\r
+ #AddType application/x-gzip .tgz\r
+ #\r
+ # AddEncoding allows you to have certain browsers uncompress\r
+ # information on the fly. Note: Not all browsers support this.\r
+ #\r
+ #AddEncoding x-compress .Z\r
+ #AddEncoding x-gzip .gz .tgz\r
+ #\r
+ # If the AddEncoding directives above are commented-out, then you\r
+ # probably should define those extensions to indicate media types:\r
+ #\r
+ AddType application/x-compress .Z\r
+ AddType application/x-gzip .gz .tgz\r
+\r
+ #\r
+ # AddHandler allows you to map certain file extensions to "handlers":\r
+ # actions unrelated to filetype. These can be either built into the server\r
+ # or added with the Action directive (see below)\r
+ #\r
+ # To use CGI scripts outside of ScriptAliased directories:\r
+ # (You will also need to add "ExecCGI" to the "Options" directive.)\r
+ #\r
+ #AddHandler cgi-script .cgi\r
+\r
+ # For type maps (negotiated resources):\r
+ #AddHandler type-map var\r
+\r
+ #\r
+ # Filters allow you to process content before it is sent to the client.\r
+ #\r
+ # To parse .shtml files for server-side includes (SSI):\r
+ # (You will also need to add "Includes" to the "Options" directive.)\r
+ #\r
+ #AddType text/html .shtml\r
+ #AddOutputFilter INCLUDES .shtml\r
+</IfModule>\r
+\r
+#\r
+# The mod_mime_magic module allows the server to use various hints from the\r
+# contents of the file itself to determine its type. The MIMEMagicFile\r
+# directive tells the module where the hint definitions are located.\r
+#\r
+#MIMEMagicFile conf/magic\r
+\r
+#\r
+# Customizable error responses come in three flavors:\r
+# 1) plain text 2) local redirects 3) external redirects\r
+#\r
+# Some examples:\r
+#ErrorDocument 500 "The server made a boo boo."\r
+#ErrorDocument 404 /missing.html\r
+#ErrorDocument 404 "/cgi-bin/missing_handler.pl"\r
+#ErrorDocument 402 http://localhost/subscription_info.html\r
+#\r
+\r
+#\r
+# EnableMMAP and EnableSendfile: On systems that support it, \r
+# memory-mapping or the sendfile syscall is used to deliver\r
+# files. This usually improves server performance, but must\r
+# be turned off when serving from networked-mounted \r
+# filesystems or if support for these functions is otherwise\r
+# broken on your system.\r
+#\r
+#EnableMMAP off\r
+#EnableSendfile off\r
+\r
+# Supplemental configuration\r
+#\r
+# The configuration files in the conf/extra/ directory can be \r
+# included to add extra features or to modify the default configuration of \r
+# the server, or you may simply copy their contents here and change as \r
+# necessary.\r
+\r
+# Server-pool management (MPM specific)\r
+#Include conf/extra/httpd-mpm.conf\r
+\r
+# Multi-language error messages\r
+#Include conf/extra/httpd-multilang-errordoc.conf\r
+\r
+# Fancy directory listings\r
+#Include conf/extra/httpd-autoindex.conf\r
+\r
+# Language settings\r
+#Include conf/extra/httpd-languages.conf\r
+\r
+# User home directories\r
+#Include conf/extra/httpd-userdir.conf\r
+\r
+# Real-time info on requests and configuration\r
+#Include conf/extra/httpd-info.conf\r
+\r
+# Virtual hosts\r
+#Include conf/extra/httpd-vhosts.conf\r
+\r
+# Local access to the Apache HTTP Server Manual\r
+#Include conf/extra/httpd-manual.conf\r
+\r
+# Distributed authoring and versioning (WebDAV)\r
+#Include conf/extra/httpd-dav.conf\r
+\r
+# Various default settings\r
+#Include conf/extra/httpd-default.conf\r
+\r
+# Secure (SSL/TLS) connections\r
+#Include conf/extra/httpd-ssl.conf\r
+#\r
+# Note: The following must must be present to support\r
+# starting without SSL on platforms with no /dev/random equivalent\r
+# but a statically compiled-in mod_ssl.\r
+#\r
+<IfModule ssl_module>\r
+SSLRandomSeed startup builtin\r
+SSLRandomSeed connect builtin\r
+</IfModule>\r
--- /dev/null
+apache:\r
+ service_name: <%= apache_name %>\r
+ port: <%= apache_port %>\r
+redmine:\r
+ service_name: <%= redmine_name %>\r
+ port: <%= redmine_port %>\r
+hudson:\r
+ service_name: <%= hudson_name %>\r
+ port: <%= hudson_port %>\r
+<% unless ldap_setting %>\r
+opends:\r
+ service_name: <%= opends_name %>\r
+ port: <%= opends_port %>\r
+ admin_port: <%= opends_admin_port %>\r
+<% end %>\r
--- /dev/null
+<?xml version='1.0' encoding='UTF-8'?>
+<hudson>
+ <version>1.334</version>
+ <numExecutors>2</numExecutors>
+ <mode>NORMAL</mode>
+ <useSecurity>true</useSecurity>
+ <authorizationStrategy class="hudson.security.AuthorizationStrategy$Unsecured"/>
+ <securityRealm class="hudson.security.LDAPSecurityRealm">
+ <server><%= ldap_host %>:<%= ldap_port %></server>
+ <rootDN><%= ldap_base_dn %></rootDN>
+ <userSearchBase></userSearchBase>
+ <userSearch><%= ldap_user_attribute %>={0}</userSearch>
+ <% unless ldap_anonymous %>
+ <managerDN><%= ldap_bind_dn %></managerDN>
+ <managerPassword><%= Base64.encode64(ldap_bind_password).chomp %></managerPassword>
+ <% end %>
+ </securityRealm>
+ <jdks/>
+ <clouds/>
+ <slaves/>
+ <quietPeriod>5</quietPeriod>
+ <scmCheckoutRetryCount>0</scmCheckoutRetryCount>
+ <views>
+ <hudson.model.AllView>
+ <owner class="hudson" reference="../../.."/>
+ <name>すべて</name>
+ </hudson.model.AllView>
+ </views>
+ <primaryView>すべて</primaryView>
+ <slaveAgentPort>0</slaveAgentPort>
+ <label></label>
+ <nodeProperties/>
+ <globalNodeProperties/>
+ <disabledAdministrativeMonitors/>
+</hudson>
--- /dev/null
+<?xml version='1.0' encoding='UTF-8'?>
+<hudson.scm.SubversionSCM_-DescriptorImpl>
+ <repositoryBrowser>hudson.scm.SubversionRepositoryBrowser</repositoryBrowser>
+ <generation>1</generation>
+ <credentials class="hashtable">
+ <entry>
+ <string><http://localhost:80> Authorization</string>
+ <hudson.scm.SubversionSCM_-DescriptorImpl_-PasswordCredential>
+ <userName><%= admin_account %></userName>
+ <password><%= Base64.encode64(admin_password).chomp %></password>
+ </hudson.scm.SubversionSCM_-DescriptorImpl_-PasswordCredential>
+ </entry>
+ </credentials>
+ <revPropSupport class="hashtable"/>
+</hudson.scm.SubversionSCM_-DescriptorImpl>
--- /dev/null
+<?xml version='1.0' encoding='UTF-8'?>
+<hudson.tasks.Mailer_-DescriptorImpl>
+<% if smtp_setting %>
+ <hudsonUrl>http://<%= apache_host %>/hudson/</hudsonUrl>
+ <% if smtp_auth %>
+ <smtpAuthUsername><%= smtp_user %></smtpAuthUsername>
+ <smtpAuthPassword><%= smtp_password %></smtpAuthPassword>
+ <% end %>
+ <adminAddress><%= mail_sender_address %></adminAddress>
+ <smtpHost><%= smtp_host %></smtpHost>
+ <useSsl>false</useSsl>
+<% end %>
+</hudson.tasks.Mailer_-DescriptorImpl>
--- /dev/null
+<!--\r
+The MIT License\r
+\r
+Copyright (c) 2004-2009, Sun Microsystems, Inc., Kohsuke Kawaguchi\r
+\r
+Permission is hereby granted, free of charge, to any person obtaining a copy\r
+of this software and associated documentation files (the "Software"), to deal\r
+in the Software without restriction, including without limitation the rights\r
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell\r
+copies of the Software, and to permit persons to whom the Software is\r
+furnished to do so, subject to the following conditions:\r
+\r
+The above copyright notice and this permission notice shall be included in\r
+all copies or substantial portions of the Software.\r
+\r
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\r
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\r
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\r
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\r
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\r
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN\r
+THE SOFTWARE.\r
+-->\r
+\r
+<!--\r
+ Windows service definition for Hudson\r
+\r
+ To uninstall, run "hudson.exe stop" to stop the service, then "hudson.exe uninstall" to uninstall the service.\r
+ Both commands don't produce any output if the execution is successful. \r
+-->\r
+<service>\r
+ <id><%= hudson_name %></id>\r
+ <name><%= hudson_name %></name>\r
+ <description>This service runs Hudson continous integration system.</description>\r
+ <env name="HUDSON_HOME" value="%BASE%\home"/>\r
+ <!--\r
+ if you'd like to run Hudson with a specific version of Java, specify a full path to java.exe.\r
+ The following value assumes that you have java in your PATH.\r
+ -->\r
+ <executable>java</executable>\r
+ <arguments>-Xrs -Xmx256m -Dhudson.lifecycle=hudson.lifecycle.WindowsServiceLifecycle -jar "%BASE%\hudson.war" --prefix=/hudson --httpPort=<%= hudson_port %></arguments>\r
+ <!--\r
+ interactive flag causes the empty black Java window to be displayed.\r
+ I'm still debugging this.\r
+ <interactive />\r
+ -->\r
+ <logmode>rotate</logmode>\r
+ <logpath><%= File.join(home, "hudson/log") %></logpath>\r
+</service>\r
--- /dev/null
+dn: cn=admin data
+objectClass: ds-cfg-branch
+objectClass: top
+cn: admin data
+
+dn: cn=instance keys,cn=admin data
+objectClass: ds-cfg-branch
+objectClass: top
+cn: instance keys
+
+dn: cn=secret keys,cn=admin data
+objectClass: ds-cfg-branch
+objectClass: top
+cn: secret keys
+
+dn: cn=Administrators,cn=admin data
+objectClass: top
+objectClass: groupofurls
+memberURL: ldap:///cn=Administrators,cn=admin data??one?(objectclass=*)
+description: Group of identities which have full access.
+cn: Administrators
+
+dn: cn=Server Groups,cn=admin data
+objectClass: ds-cfg-branch
+objectClass: top
+cn: Server Groups
+
+dn: cn=all-servers,cn=Server Groups,cn=admin data
+objectClass: groupOfUniqueNames
+objectClass: top
+cn: all-servers
+
--- /dev/null
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Copyright 2006-2009 Sun Microsystems, Inc.
+#
+#
+# This file contains the primary Directory Server configuration. It must not
+# be directly edited while the server is online. The server configuration
+# should only be managed using the administration utilities provided with the
+# Directory Server.
+
+dn: cn=config
+objectClass: top
+objectClass: ds-cfg-root-config
+cn: config
+ds-cfg-check-schema: true
+ds-cfg-add-missing-rdn-attributes: true
+ds-cfg-allow-attribute-name-exceptions: false
+ds-cfg-invalid-attribute-syntax-behavior: reject
+ds-cfg-single-structural-objectclass-behavior: reject
+ds-cfg-notify-abandoned-operations: false
+ds-cfg-proxied-authorization-identity-mapper: cn=Exact Match,cn=Identity Mappers,cn=config
+ds-cfg-size-limit: 1000
+ds-cfg-time-limit: 60 seconds
+ds-cfg-lookthrough-limit: 5000
+ds-cfg-writability-mode: enabled
+ds-cfg-bind-with-dn-requires-password: true
+ds-cfg-reject-unauthenticated-requests: false
+ds-cfg-default-password-policy: cn=Default Password Policy,cn=Password Policies,cn=config
+ds-cfg-return-bind-error-messages: false
+ds-cfg-idle-time-limit: 0 seconds
+ds-cfg-save-config-on-successful-startup: true
+ds-cfg-etime-resolution: milliseconds
+ds-cfg-entry-cache-preload: false
+ds-cfg-max-allowed-client-connections: 0
+ds-cfg-allowed-task: org.opends.server.tasks.AddSchemaFileTask
+ds-cfg-allowed-task: org.opends.server.tasks.BackupTask
+ds-cfg-allowed-task: org.opends.server.tasks.DisconnectClientTask
+ds-cfg-allowed-task: org.opends.server.tasks.EnterLockdownModeTask
+ds-cfg-allowed-task: org.opends.server.tasks.ExportTask
+ds-cfg-allowed-task: org.opends.server.tasks.ImportTask
+ds-cfg-allowed-task: org.opends.server.tasks.InitializeTargetTask
+ds-cfg-allowed-task: org.opends.server.tasks.InitializeTask
+ds-cfg-allowed-task: org.opends.server.tasks.SetGenerationIdTask
+ds-cfg-allowed-task: org.opends.server.tasks.LeaveLockdownModeTask
+ds-cfg-allowed-task: org.opends.server.tasks.RebuildTask
+ds-cfg-allowed-task: org.opends.server.tasks.RestoreTask
+ds-cfg-allowed-task: org.opends.server.tasks.ShutdownTask
+
+dn: cn=Access Control Handler,cn=config
+objectClass: top
+objectClass: ds-cfg-access-control-handler
+objectClass: ds-cfg-dsee-compat-access-control-handler
+ds-cfg-global-aci: (extop="1.3.6.1.4.1.26027.1.6.1 || 1.3.6.1.4.1.26027.1.6.3 || 1.3.6.1.4.1.4203.1.11.1 || 1.3.6.1.4.1.1466.20037 || 1.3.6.1.4.1.4203.1.11.3") (version 3.0; acl "Anonymous extended operation access"; allow(read) userdn="ldap:///anyone";)
+ds-cfg-global-aci: (targetcontrol="2.16.840.1.113730.3.4.2 || 2.16.840.1.113730.3.4.17 || 2.16.840.1.113730.3.4.19 || 1.3.6.1.4.1.4203.1.10.2 || 1.3.6.1.4.1.42.2.27.8.5.1 || 2.16.840.1.113730.3.4.16") (version 3.0; acl "Anonymous control access"; allow(read) userdn="ldap:///anyone";)
+ds-cfg-global-aci: (targetattr!="userPassword||authPassword")(version 3.0; acl "Anonymous read access"; allow (read,search,compare) userdn="ldap:///anyone";)
+ds-cfg-global-aci: (targetattr="*")(version 3.0; acl "Self entry modification"; allow (write) userdn="ldap:///self";)
+ds-cfg-global-aci: (target="ldap:///cn=schema")(targetscope="base")(targetattr="objectClass||attributeTypes||dITContentRules||dITStructureRules||ldapSyntaxes||matchingRules||matchingRuleUse||nameForms||objectClasses")(version 3.0; acl "User-Visible Schema Operational Attributes"; allow (read,search,compare) userdn="ldap:///anyone";)
+ds-cfg-global-aci: (target="ldap:///")(targetscope="base")(targetattr="objectClass||namingContexts||supportedAuthPasswordSchemes||supportedControl||supportedExtension||supportedFeatures||supportedLDAPVersion||supportedSASLMechanisms||vendorName||vendorVersion")(version 3.0; acl "User-Visible Root DSE Operational Attributes"; allow (read,search,compare) userdn="ldap:///anyone";)
+ds-cfg-global-aci: (targetattr="createTimestamp||creatorsName||modifiersName||modifyTimestamp||entryDN||entryUUID||subschemaSubentry")(version 3.0; acl "User-Visible Operational Attributes"; allow (read,search,compare) userdn="ldap:///anyone";)
+ds-cfg-global-aci: (target="ldap:///dc=replicationchanges")(targetattr="*")(version 3.0; acl "Replication backend access"; deny (all) userdn="ldap:///anyone";)
+cn: Access Control Handler
+ds-cfg-java-class: org.opends.server.authorization.dseecompat.AciHandler
+ds-cfg-enabled: true
+
+dn: cn=Crypto Manager,cn=config
+objectClass: top
+objectClass: ds-cfg-crypto-manager
+cn: Crypto Manager
+ds-cfg-ssl-cert-nickname: ads-certificate
+ds-cfg-ssl-encryption: false
+
+dn: cn=Account Status Notification Handlers,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: Account Status Notification Handlers
+
+dn: cn=Error Log Handler,cn=Account Status Notification Handlers,cn=config
+objectClass: top
+objectClass: ds-cfg-account-status-notification-handler
+objectClass: ds-cfg-error-log-account-status-notification-handler
+cn: Error Log Handler
+ds-cfg-java-class: org.opends.server.extensions.ErrorLogAccountStatusNotificationHandler
+ds-cfg-enabled: true
+ds-cfg-account-status-notification-type: account-temporarily-locked
+ds-cfg-account-status-notification-type: account-permanently-locked
+ds-cfg-account-status-notification-type: account-unlocked
+ds-cfg-account-status-notification-type: account-idle-locked
+ds-cfg-account-status-notification-type: account-reset-locked
+ds-cfg-account-status-notification-type: account-disabled
+ds-cfg-account-status-notification-type: account-enabled
+ds-cfg-account-status-notification-type: account-expired
+ds-cfg-account-status-notification-type: password-expired
+ds-cfg-account-status-notification-type: password-expiring
+ds-cfg-account-status-notification-type: password-reset
+ds-cfg-account-status-notification-type: password-changed
+
+dn: cn=SMTP Handler,cn=Account Status Notification Handlers,cn=config
+objectClass: top
+objectClass: ds-cfg-account-status-notification-handler
+objectClass: ds-cfg-smtp-account-status-notification-handler
+cn: SMTP Handler
+ds-cfg-java-class: org.opends.server.extensions.SMTPAccountStatusNotificationHandler
+ds-cfg-enabled: false
+ds-cfg-sender-address: opends-notifications@example.com
+ds-cfg-email-address-attribute-type: mail
+ds-cfg-send-message-without-end-user-address: false
+ds-cfg-message-template-file: account-temporarily-locked:config/messages/account-temporarily-locked.template
+ds-cfg-message-template-file: account-permanently-locked:config/messages/account-permanently-locked.template
+ds-cfg-message-template-file: account-unlocked:config/messages/account-unlocked.template
+ds-cfg-message-template-file: account-idle-locked:config/messages/account-idle-locked.template
+ds-cfg-message-template-file: account-reset-locked:config/messages/account-reset-locked.template
+ds-cfg-message-template-file: account-disabled:config/messages/account-disabled.template
+ds-cfg-message-template-file: account-enabled:config/messages/account-enabled.template
+ds-cfg-message-template-file: account-expired:config/messages/account-expired.template
+ds-cfg-message-template-file: password-expired:config/messages/password-expired.template
+ds-cfg-message-template-file: password-expiring:config/messages/password-expiring.template
+ds-cfg-message-template-file: password-reset:config/messages/password-reset.template
+ds-cfg-message-template-file: password-changed:config/messages/password-changed.template
+ds-cfg-message-subject: account-temporarily-locked:Your directory account has been locked
+ds-cfg-message-subject: account-permanently-locked:Your directory account has been locked
+ds-cfg-message-subject: account-unlocked:Your directory account has been unlocked
+ds-cfg-message-subject: account-idle-locked:Your directory account has been locked
+ds-cfg-message-subject: account-reset-locked:Your directory account has been locked
+ds-cfg-message-subject: account-disabled:Your directory account has been disabled
+ds-cfg-message-subject: account-enabled:Your directory account has been re-enabled
+ds-cfg-message-subject: account-expired:Your directory account has expired
+ds-cfg-message-subject: password-expired:Your directory password has expired
+ds-cfg-message-subject: password-expiring:Your directory password is going to expire
+ds-cfg-message-subject: password-reset:Your directory password has been reset
+ds-cfg-message-subject: password-changed:Your directory password has been changed
+
+dn: cn=Alert Handlers,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: Alert Handlers
+
+dn: cn=JMX Alert Handler,cn=Alert Handlers,cn=config
+objectClass: top
+objectClass: ds-cfg-alert-handler
+objectClass: ds-cfg-jmx-alert-handler
+cn: JMX Alert Handler
+ds-cfg-java-class: org.opends.server.extensions.JMXAlertHandler
+ds-cfg-enabled: false
+
+dn: cn=Backends,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: Backends
+
+dn: ds-cfg-backend-id=userRoot,cn=Backends,cn=config
+objectClass: top
+objectClass: ds-cfg-backend
+objectClass: ds-cfg-local-db-backend
+ds-cfg-enabled: true
+ds-cfg-java-class: org.opends.server.backends.jeb.BackendImpl
+ds-cfg-backend-id: userRoot
+ds-cfg-writability-mode: enabled
+ds-cfg-base-dn: dc=example,dc=com
+ds-cfg-db-directory: db
+ds-cfg-db-directory-permissions: 700
+ds-cfg-index-entry-limit: 4000
+ds-cfg-preload-time-limit: 0 seconds
+ds-cfg-import-queue-size: 100
+ds-cfg-import-thread-count: 8
+ds-cfg-entries-compressed: false
+ds-cfg-compact-encoding: true
+ds-cfg-db-cache-percent: 10
+ds-cfg-db-cache-size: 0 megabytes
+ds-cfg-db-txn-no-sync: false
+ds-cfg-db-txn-write-no-sync: true
+ds-cfg-db-run-cleaner: true
+ds-cfg-db-cleaner-min-utilization: 50
+ds-cfg-db-evictor-lru-only: true
+ds-cfg-db-evictor-nodes-per-scan: 10
+ds-cfg-db-log-file-max: 10 megabytes
+ds-cfg-db-logging-file-handler-on: true
+ds-cfg-db-logging-level: CONFIG
+ds-cfg-db-checkpointer-bytes-interval: 20 megabytes
+ds-cfg-db-checkpointer-wakeup-interval: 30 seconds
+
+dn: cn=Index,ds-cfg-backend-id=userRoot,cn=Backends,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: Index
+
+dn: ds-cfg-attribute=aci,cn=Index,ds-cfg-backend-id=userRoot,cn=Backends,cn=config
+objectClass: top
+objectClass: ds-cfg-local-db-index
+ds-cfg-attribute: aci
+ds-cfg-index-type: presence
+
+dn: ds-cfg-attribute=cn,cn=Index,ds-cfg-backend-id=userRoot,cn=Backends,cn=config
+objectClass: top
+objectClass: ds-cfg-local-db-index
+ds-cfg-attribute: cn
+ds-cfg-index-type: equality
+ds-cfg-index-type: substring
+
+dn: ds-cfg-attribute=ds-sync-hist,cn=Index,ds-cfg-backend-id=userRoot,cn=Backends,cn=config
+objectClass: top
+objectClass: ds-cfg-local-db-index
+ds-cfg-attribute: ds-sync-hist
+ds-cfg-index-type: ordering
+
+dn: ds-cfg-attribute=entryUUID,cn=Index,ds-cfg-backend-id=userRoot,cn=Backends,cn=config
+objectClass: top
+objectClass: ds-cfg-local-db-index
+ds-cfg-attribute: entryUUID
+ds-cfg-index-type: equality
+
+dn: ds-cfg-attribute=givenName,cn=Index,ds-cfg-backend-id=userRoot,cn=Backends,cn=config
+objectClass: top
+objectClass: ds-cfg-local-db-index
+ds-cfg-attribute: givenName
+ds-cfg-index-type: equality
+ds-cfg-index-type: substring
+
+dn: ds-cfg-attribute=mail,cn=Index,ds-cfg-backend-id=userRoot,cn=Backends,cn=config
+objectClass: top
+objectClass: ds-cfg-local-db-index
+ds-cfg-attribute: mail
+ds-cfg-index-type: equality
+ds-cfg-index-type: substring
+
+dn: ds-cfg-attribute=member,cn=Index,ds-cfg-backend-id=userRoot,cn=Backends,cn=config
+objectClass: top
+objectClass: ds-cfg-local-db-index
+ds-cfg-attribute: member
+ds-cfg-index-type: equality
+
+dn: ds-cfg-attribute=objectClass,cn=Index,ds-cfg-backend-id=userRoot,cn=Backends,cn=config
+objectClass: top
+objectClass: ds-cfg-local-db-index
+ds-cfg-attribute: objectClass
+ds-cfg-index-type: equality
+
+dn: ds-cfg-attribute=sn,cn=Index,ds-cfg-backend-id=userRoot,cn=Backends,cn=config
+objectClass: top
+objectClass: ds-cfg-local-db-index
+ds-cfg-attribute: sn
+ds-cfg-index-type: equality
+ds-cfg-index-type: substring
+
+dn: ds-cfg-attribute=telephoneNumber,cn=Index,ds-cfg-backend-id=userRoot,cn=Backends,cn=config
+objectClass: top
+objectClass: ds-cfg-local-db-index
+ds-cfg-attribute: telephoneNumber
+ds-cfg-index-type: equality
+ds-cfg-index-type: substring
+
+dn: ds-cfg-attribute=uid,cn=Index,ds-cfg-backend-id=userRoot,cn=Backends,cn=config
+objectClass: top
+objectClass: ds-cfg-local-db-index
+ds-cfg-attribute: uid
+ds-cfg-index-type: equality
+
+dn: ds-cfg-attribute=uniqueMember,cn=Index,ds-cfg-backend-id=userRoot,cn=Backends,cn=config
+objectClass: top
+objectClass: ds-cfg-local-db-index
+ds-cfg-attribute: uniqueMember
+ds-cfg-index-type: equality
+
+dn: cn=VLV Index,ds-cfg-backend-id=userRoot,cn=Backends,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: VLV Index
+
+dn: ds-cfg-backend-id=backup,cn=Backends,cn=config
+objectClass: top
+objectClass: ds-cfg-backend
+objectClass: ds-cfg-backup-backend
+ds-cfg-enabled: true
+ds-cfg-java-class: org.opends.server.backends.BackupBackend
+ds-cfg-backend-id: backup
+ds-cfg-writability-mode: disabled
+ds-cfg-base-dn: cn=backups
+ds-cfg-backup-directory: bak
+
+dn: ds-cfg-backend-id=config,cn=Backends,cn=config
+objectClass: top
+objectClass: ds-cfg-backend
+objectClass: ds-cfg-config-file-handler-backend
+ds-cfg-enabled: true
+ds-cfg-java-class: org.opends.server.extensions.ConfigFileHandler
+ds-cfg-backend-id: config
+ds-cfg-writability-mode: enabled
+ds-cfg-base-dn: cn=config
+
+dn: ds-cfg-backend-id=ads-truststore,cn=Backends,cn=config
+objectClass: top
+objectClass: ds-cfg-backend
+objectClass: ds-cfg-trust-store-backend
+ds-cfg-backend-id: ads-truststore
+ds-cfg-enabled: true
+ds-cfg-java-class: org.opends.server.backends.TrustStoreBackend
+ds-cfg-writability-mode: enabled
+ds-cfg-base-dn: cn=ads-truststore
+ds-cfg-trust-store-type: JKS
+ds-cfg-trust-store-file: config/ads-truststore
+ds-cfg-trust-store-pin-file: config/ads-truststore.pin
+
+dn: ds-cfg-backend-id=monitor,cn=Backends,cn=config
+objectClass: top
+objectClass: ds-cfg-backend
+objectClass: ds-cfg-monitor-backend
+ds-cfg-enabled: true
+ds-cfg-java-class: org.opends.server.backends.MonitorBackend
+ds-cfg-backend-id: monitor
+ds-cfg-writability-mode: disabled
+ds-cfg-base-dn: cn=monitor
+
+dn: ds-cfg-backend-id=schema,cn=Backends,cn=config
+objectClass: top
+objectClass: ds-cfg-backend
+objectClass: ds-cfg-schema-backend
+ds-cfg-enabled: true
+ds-cfg-java-class: org.opends.server.backends.SchemaBackend
+ds-cfg-backend-id: schema
+ds-cfg-writability-mode: enabled
+ds-cfg-base-dn: cn=schema
+ds-cfg-show-all-attributes: false
+
+dn: ds-cfg-backend-id=tasks,cn=Backends,cn=config
+objectClass: top
+objectClass: ds-cfg-backend
+objectClass: ds-cfg-task-backend
+ds-cfg-enabled: true
+ds-cfg-java-class: org.opends.server.backends.task.TaskBackend
+ds-cfg-backend-id: tasks
+ds-cfg-writability-mode: enabled
+ds-cfg-base-dn: cn=tasks
+ds-cfg-task-backing-file: config/tasks.ldif
+ds-cfg-task-retention-time: 24 hours
+
+dn: ds-cfg-backend-id=adminRoot,cn=Backends,cn=config
+objectClass: top
+objectClass: ds-cfg-backend
+objectClass: ds-cfg-ldif-backend
+ds-cfg-backend-id: adminRoot
+ds-cfg-enabled: true
+ds-cfg-java-class: org.opends.server.backends.LDIFBackend
+ds-cfg-writability-mode: enabled
+ds-cfg-base-dn: cn=admin data
+ds-cfg-ldif-file: config/admin-backend.ldif
+ds-cfg-is-private-backend: true
+
+dn: cn=Certificate Mappers,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: Certificate Mappers
+
+dn: cn=Subject Equals DN,cn=Certificate Mappers,cn=config
+objectClass: top
+objectClass: ds-cfg-certificate-mapper
+objectClass: ds-cfg-subject-equals-dn-certificate-mapper
+cn: Subject Equals DN
+ds-cfg-java-class: org.opends.server.extensions.SubjectEqualsDNCertificateMapper
+ds-cfg-enabled: true
+
+dn: cn=Subject DN to User Attribute,cn=Certificate Mappers,cn=config
+objectClass: top
+objectClass: ds-cfg-certificate-mapper
+objectClass: ds-cfg-subject-dn-to-user-attribute-certificate-mapper
+cn: Subject DN to User Attribute
+ds-cfg-java-class: org.opends.server.extensions.SubjectDNToUserAttributeCertificateMapper
+ds-cfg-enabled: true
+ds-cfg-subject-attribute: ds-certificate-subject-dn
+
+dn: cn=Subject Attribute to User Attribute,cn=Certificate Mappers,cn=config
+objectClass: top
+objectClass: ds-cfg-certificate-mapper
+objectClass: ds-cfg-subject-attribute-to-user-attribute-certificate-mapper
+cn: Subject Attribute to User Attribute
+ds-cfg-java-class: org.opends.server.extensions.SubjectAttributeToUserAttributeCertificateMapper
+ds-cfg-enabled: true
+ds-cfg-subject-attribute-mapping: cn:cn
+ds-cfg-subject-attribute-mapping: e:mail
+
+dn: cn=Fingerprint Mapper,cn=Certificate Mappers,cn=config
+objectClass: top
+objectClass: ds-cfg-certificate-mapper
+objectClass: ds-cfg-fingerprint-certificate-mapper
+cn: Fingerprint Mapper
+ds-cfg-java-class: org.opends.server.extensions.FingerprintCertificateMapper
+ds-cfg-enabled: true
+ds-cfg-fingerprint-attribute: ds-certificate-fingerprint
+ds-cfg-fingerprint-algorithm: MD5
+
+dn: cn=Connection Handlers,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: Connection Handlers
+
+dn: cn=LDAP Connection Handler,cn=Connection Handlers,cn=config
+objectClass: top
+objectClass: ds-cfg-connection-handler
+objectClass: ds-cfg-ldap-connection-handler
+cn: LDAP Connection Handler
+ds-cfg-java-class: org.opends.server.protocols.ldap.LDAPConnectionHandler
+ds-cfg-enabled: true
+ds-cfg-listen-address: 0.0.0.0
+ds-cfg-listen-port: 389
+ds-cfg-accept-backlog: 128
+ds-cfg-allow-ldap-v2: true
+ds-cfg-keep-stats: true
+ds-cfg-use-tcp-keep-alive: true
+ds-cfg-use-tcp-no-delay: true
+ds-cfg-allow-tcp-reuse-address: true
+ds-cfg-send-rejection-notice: true
+ds-cfg-max-request-size: 5 megabytes
+ds-cfg-max-blocked-write-time-limit: 2 minutes
+ds-cfg-num-request-handlers: 2
+ds-cfg-allow-start-tls: false
+ds-cfg-use-ssl: false
+ds-cfg-ssl-client-auth-policy: optional
+ds-cfg-ssl-cert-nickname: server-cert
+
+dn: cn=LDAPS Connection Handler,cn=Connection Handlers,cn=config
+objectClass: top
+objectClass: ds-cfg-connection-handler
+objectClass: ds-cfg-ldap-connection-handler
+cn: LDAPS Connection Handler
+ds-cfg-java-class: org.opends.server.protocols.ldap.LDAPConnectionHandler
+ds-cfg-enabled: false
+ds-cfg-listen-address: 0.0.0.0
+ds-cfg-listen-port: 636
+ds-cfg-accept-backlog: 128
+ds-cfg-allow-ldap-v2: true
+ds-cfg-keep-stats: true
+ds-cfg-use-tcp-keep-alive: true
+ds-cfg-use-tcp-no-delay: true
+ds-cfg-allow-tcp-reuse-address: true
+ds-cfg-send-rejection-notice: true
+ds-cfg-max-request-size: 5 megabytes
+ds-cfg-max-blocked-write-time-limit: 2 minutes
+ds-cfg-num-request-handlers: 2
+ds-cfg-allow-start-tls: false
+ds-cfg-use-ssl: true
+ds-cfg-ssl-client-auth-policy: optional
+ds-cfg-ssl-cert-nickname: server-cert
+ds-cfg-key-manager-provider: cn=JKS,cn=Key Manager Providers,cn=config
+ds-cfg-trust-manager-provider: cn=JKS,cn=Trust Manager Providers,cn=config
+
+dn: cn=LDIF Connection Handler,cn=Connection Handlers,cn=config
+objectClass: top
+objectClass: ds-cfg-connection-handler
+objectClass: ds-cfg-ldif-connection-handler
+cn: LDIF Connection Handler
+ds-cfg-java-class: org.opends.server.protocols.LDIFConnectionHandler
+ds-cfg-enabled: false
+ds-cfg-ldif-directory: config/auto-process-ldif
+ds-cfg-poll-interval: 5 seconds
+
+dn: cn=JMX Connection Handler,cn=Connection Handlers,cn=config
+objectClass: top
+objectClass: ds-cfg-connection-handler
+objectClass: ds-cfg-jmx-connection-handler
+cn: JMX Connection Handler
+ds-cfg-java-class: org.opends.server.protocols.jmx.JmxConnectionHandler
+ds-cfg-enabled: false
+ds-cfg-use-ssl: false
+ds-cfg-listen-port: 1689
+ds-cfg-ssl-cert-nickname: server-cert
+
+dn: cn=Entry Caches,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: Entry Caches
+
+dn: cn=FIFO,cn=Entry Caches,cn=config
+objectClass: top
+objectClass: ds-cfg-entry-cache
+objectClass: ds-cfg-fifo-entry-cache
+cn: FIFO
+ds-cfg-enabled: false
+ds-cfg-cache-level: 1
+ds-cfg-java-class: org.opends.server.extensions.FIFOEntryCache
+
+dn: cn=Soft Reference,cn=Entry Caches,cn=config
+objectClass: top
+objectClass: ds-cfg-entry-cache
+objectClass: ds-cfg-soft-reference-entry-cache
+cn: Soft Reference
+ds-cfg-enabled: false
+ds-cfg-cache-level: 2
+ds-cfg-java-class: org.opends.server.extensions.SoftReferenceEntryCache
+
+dn: cn=File System,cn=Entry Caches,cn=config
+objectClass: top
+objectClass: ds-cfg-entry-cache
+objectClass: ds-cfg-file-system-entry-cache
+cn: File System
+ds-cfg-enabled: false
+ds-cfg-cache-level: 3
+ds-cfg-java-class: org.opends.server.extensions.FileSystemEntryCache
+
+dn: cn=Extended Operations,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: Extended Operations
+
+dn: cn=Cancel,cn=Extended Operations,cn=config
+objectClass: top
+objectClass: ds-cfg-extended-operation-handler
+objectClass: ds-cfg-cancel-extended-operation-handler
+cn: Cancel
+ds-cfg-java-class: org.opends.server.extensions.CancelExtendedOperation
+ds-cfg-enabled: true
+
+dn: cn=Get Connection ID,cn=Extended Operations,cn=config
+objectClass: top
+objectClass: ds-cfg-extended-operation-handler
+objectClass: ds-cfg-get-connection-id-extended-operation-handler
+cn: Get Connection ID
+ds-cfg-java-class: org.opends.server.extensions.GetConnectionIDExtendedOperation
+ds-cfg-enabled: true
+
+dn: cn=Password Modify,cn=Extended Operations,cn=config
+objectClass: top
+objectClass: ds-cfg-extended-operation-handler
+objectClass: ds-cfg-password-modify-extended-operation-handler
+cn: Password Modify
+ds-cfg-java-class: org.opends.server.extensions.PasswordModifyExtendedOperation
+ds-cfg-enabled: true
+ds-cfg-identity-mapper: cn=Exact Match,cn=Identity Mappers,cn=config
+
+dn: cn=Password Policy State,cn=Extended Operations,cn=config
+objectClass: top
+objectClass: ds-cfg-extended-operation-handler
+objectClass: ds-cfg-password-policy-state-extended-operation-handler
+cn: Password Policy State
+ds-cfg-java-class: org.opends.server.extensions.PasswordPolicyStateExtendedOperation
+ds-cfg-enabled: true
+
+dn: cn=StartTLS,cn=Extended Operations,cn=config
+objectClass: top
+objectClass: ds-cfg-extended-operation-handler
+objectClass: ds-cfg-start-tls-extended-operation-handler
+cn: StartTLS
+ds-cfg-java-class: org.opends.server.extensions.StartTLSExtendedOperation
+ds-cfg-enabled: true
+
+dn: cn=Get Symmetric Key,cn=Extended Operations,cn=config
+objectClass: top
+objectClass: ds-cfg-extended-operation-handler
+objectClass: ds-cfg-get-symmetric-key-extended-operation-handler
+cn: Get Symmetric Key
+ds-cfg-java-class: org.opends.server.crypto.GetSymmetricKeyExtendedOperation
+ds-cfg-enabled: true
+
+dn: cn=Who Am I,cn=Extended Operations,cn=config
+objectClass: top
+objectClass: ds-cfg-extended-operation-handler
+objectClass: ds-cfg-who-am-i-extended-operation-handler
+cn: Who Am I
+ds-cfg-java-class: org.opends.server.extensions.WhoAmIExtendedOperation
+ds-cfg-enabled: true
+
+dn: cn=Group Implementations,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: Group Implementations
+
+dn: cn=Dynamic,cn=Group Implementations,cn=config
+objectClass: top
+objectClass: ds-cfg-group-implementation
+objectClass: ds-cfg-dynamic-group-implementation
+cn: Dynamic
+ds-cfg-java-class: org.opends.server.extensions.DynamicGroup
+ds-cfg-enabled: true
+
+dn: cn=Static,cn=Group Implementations,cn=config
+objectClass: top
+objectClass: ds-cfg-group-implementation
+objectClass: ds-cfg-static-group-implementation
+cn: Static
+ds-cfg-java-class: org.opends.server.extensions.StaticGroup
+ds-cfg-enabled: true
+
+dn: cn=Virtual Static,cn=Group Implementations,cn=config
+objectClass: top
+objectClass: ds-cfg-group-implementation
+objectClass: ds-cfg-virtual-static-group-implementation
+cn: Virtual Static
+ds-cfg-java-class: org.opends.server.extensions.VirtualStaticGroup
+ds-cfg-enabled: true
+
+dn: cn=Identity Mappers,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: Identity Mappers
+
+dn: cn=Exact Match,cn=Identity Mappers,cn=config
+objectClass: top
+objectClass: ds-cfg-identity-mapper
+objectClass: ds-cfg-exact-match-identity-mapper
+cn: Exact Match
+ds-cfg-java-class: org.opends.server.extensions.ExactMatchIdentityMapper
+ds-cfg-enabled: true
+ds-cfg-match-attribute: uid
+
+dn: cn=Regular Expression,cn=Identity Mappers,cn=config
+objectClass: top
+objectClass: ds-cfg-identity-mapper
+objectClass: ds-cfg-regular-expression-identity-mapper
+cn: Regular Expression
+ds-cfg-java-class: org.opends.server.extensions.RegularExpressionIdentityMapper
+ds-cfg-enabled: true
+ds-cfg-match-attribute: uid
+ds-cfg-match-pattern: ^([^@]+)@.+$
+ds-cfg-replace-pattern: $1
+
+dn: cn=Key Manager Providers,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: Key Manager Providers
+
+dn: cn=JKS,cn=Key Manager Providers,cn=config
+objectClass: top
+objectClass: ds-cfg-key-manager-provider
+objectClass: ds-cfg-file-based-key-manager-provider
+cn: JKS
+ds-cfg-java-class: org.opends.server.extensions.FileBasedKeyManagerProvider
+ds-cfg-enabled: false
+ds-cfg-key-store-type: JKS
+ds-cfg-key-store-file: config/keystore
+ds-cfg-key-store-pin-file: config/keystore.pin
+
+dn: cn=PKCS12,cn=Key Manager Providers,cn=config
+objectClass: top
+objectClass: ds-cfg-key-manager-provider
+objectClass: ds-cfg-file-based-key-manager-provider
+cn: PKCS12
+ds-cfg-java-class: org.opends.server.extensions.FileBasedKeyManagerProvider
+ds-cfg-enabled: false
+ds-cfg-key-store-type: PKCS12
+ds-cfg-key-store-file: config/keystore.p12
+ds-cfg-key-store-pin-file: config/keystore.pin
+
+dn: cn=PKCS11,cn=Key Manager Providers,cn=config
+objectClass: top
+objectClass: ds-cfg-key-manager-provider
+objectClass: ds-cfg-pkcs11-key-manager-provider
+cn: PKCS11
+ds-cfg-java-class: org.opends.server.extensions.PKCS11KeyManagerProvider
+ds-cfg-enabled: false
+ds-cfg-key-store-pin-file: config/keystore.pin
+
+dn: cn=Loggers,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: Loggers
+
+dn: cn=File-Based Access Logger,cn=Loggers,cn=config
+objectClass: top
+objectClass: ds-cfg-log-publisher
+objectClass: ds-cfg-access-log-publisher
+objectClass: ds-cfg-file-based-access-log-publisher
+cn: File-Based Access Logger
+ds-cfg-java-class: org.opends.server.loggers.TextAccessLogPublisher
+ds-cfg-enabled: true
+ds-cfg-log-file: logs/access
+ds-cfg-log-file-permissions: 640
+ds-cfg-suppress-internal-operations: true
+ds-cfg-suppress-synchronization-operations: false
+ds-cfg-asynchronous: true
+ds-cfg-rotation-policy: cn=24 Hours Time Limit Rotation Policy,cn=Log Rotation Policies,cn=config
+ds-cfg-rotation-policy: cn=Size Limit Rotation Policy,cn=Log Rotation Policies,cn=config
+ds-cfg-retention-policy: cn=File Count Retention Policy,cn=Log Retention Policies,cn=config
+
+dn: cn=File-Based Audit Logger,cn=Loggers,cn=config
+objectClass: top
+objectClass: ds-cfg-log-publisher
+objectClass: ds-cfg-access-log-publisher
+objectClass: ds-cfg-file-based-access-log-publisher
+cn: File-Based Audit Logger
+ds-cfg-java-class: org.opends.server.loggers.TextAuditLogPublisher
+ds-cfg-enabled: false
+ds-cfg-log-file: logs/audit
+ds-cfg-log-file-permissions: 640
+ds-cfg-suppress-internal-operations: true
+ds-cfg-suppress-synchronization-operations: false
+ds-cfg-asynchronous: true
+ds-cfg-rotation-policy: cn=24 Hours Time Limit Rotation Policy,cn=Log Rotation Policies,cn=config
+ds-cfg-rotation-policy: cn=Size Limit Rotation Policy,cn=Log Rotation Policies,cn=config
+ds-cfg-retention-policy: cn=File Count Retention Policy,cn=Log Retention Policies,cn=config
+
+dn: cn=File-Based Error Logger,cn=Loggers,cn=config
+objectClass: top
+objectClass: ds-cfg-log-publisher
+objectClass: ds-cfg-error-log-publisher
+objectClass: ds-cfg-file-based-error-log-publisher
+cn: File-Based Error Logger
+ds-cfg-java-class: org.opends.server.loggers.TextErrorLogPublisher
+ds-cfg-enabled: true
+ds-cfg-log-file: logs/errors
+ds-cfg-log-file-permissions: 640
+ds-cfg-default-severity: severe-warning
+ds-cfg-default-severity: severe-error
+ds-cfg-default-severity: fatal-error
+ds-cfg-default-severity: notice
+ds-cfg-asynchronous: false
+ds-cfg-rotation-policy: cn=7 Days Time Limit Rotation Policy,cn=Log Rotation Policies,cn=config
+ds-cfg-rotation-policy: cn=Size Limit Rotation Policy,cn=Log Rotation Policies,cn=config
+ds-cfg-retention-policy: cn=File Count Retention Policy,cn=Log Retention Policies,cn=config
+
+dn: cn=Replication Repair Logger,cn=Loggers,cn=config
+objectClass: top
+objectClass: ds-cfg-log-publisher
+objectClass: ds-cfg-error-log-publisher
+objectClass: ds-cfg-file-based-error-log-publisher
+cn: Replication Repair Logger
+ds-cfg-java-class: org.opends.server.loggers.TextErrorLogPublisher
+ds-cfg-enabled: true
+ds-cfg-log-file: logs/replication
+ds-cfg-log-file-permissions: 640
+ds-cfg-default-severity: none
+ds-cfg-override-severity: SYNC=INFO,MILD_ERROR,MILD_WARNING,NOTICE
+ds-cfg-asynchronous: false
+ds-cfg-rotation-policy: cn=7 Days Time Limit Rotation Policy,cn=Log Rotation Policies,cn=config
+ds-cfg-rotation-policy: cn=Size Limit Rotation Policy,cn=Log Rotation Policies,cn=config
+ds-cfg-retention-policy: cn=File Count Retention Policy,cn=Log Retention Policies,cn=config
+
+dn: cn=File-Based Debug Logger,cn=Loggers,cn=config
+objectClass: top
+objectClass: ds-cfg-log-publisher
+objectClass: ds-cfg-debug-log-publisher
+objectClass: ds-cfg-file-based-debug-log-publisher
+cn: File-Based Debug Logger
+ds-cfg-java-class: org.opends.server.loggers.debug.TextDebugLogPublisher
+ds-cfg-enabled: false
+ds-cfg-log-file: logs/debug
+ds-cfg-log-file-permissions: 640
+ds-cfg-default-debug-level: error
+ds-cfg-asynchronous: false
+
+dn: cn=Log Rotation Policies,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: Log Rotation Policies
+
+dn: cn=24 Hours Time Limit Rotation Policy,cn=Log Rotation Policies,cn=config
+objectClass: top
+objectClass: ds-cfg-log-rotation-policy
+objectClass: ds-cfg-time-limit-log-rotation-policy
+cn: Time Limit Rotation Policy
+ds-cfg-java-class: org.opends.server.loggers.TimeLimitRotationPolicy
+ds-cfg-rotation-interval: 24 hours
+
+dn: cn=7 Days Time Limit Rotation Policy,cn=Log Rotation Policies,cn=config
+objectClass: top
+objectClass: ds-cfg-log-rotation-policy
+objectClass: ds-cfg-time-limit-log-rotation-policy
+cn: Time Limit Rotation Policy
+ds-cfg-java-class: org.opends.server.loggers.TimeLimitRotationPolicy
+ds-cfg-rotation-interval: 7 days
+
+dn: cn=Size Limit Rotation Policy,cn=Log Rotation Policies,cn=config
+objectClass: top
+objectClass: ds-cfg-log-rotation-policy
+objectClass: ds-cfg-size-limit-log-rotation-policy
+cn: Size Limit Rotation Policy
+ds-cfg-java-class: org.opends.server.loggers.SizeBasedRotationPolicy
+ds-cfg-file-size-limit: 100 megabytes
+
+dn: cn=Fixed Time Rotation Policy,cn=Log Rotation Policies,cn=config
+objectClass: top
+objectClass: ds-cfg-log-rotation-policy
+objectClass: ds-cfg-fixed-time-log-rotation-policy
+cn: Fixed Time Rotation Policy
+ds-cfg-java-class: org.opends.server.loggers.FixedTimeRotationPolicy
+ds-cfg-time-of-day: 2359
+
+dn: cn=Log Retention Policies,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: Log Retention Policies
+
+dn: cn=File Count Retention Policy,cn=Log Retention Policies,cn=config
+objectClass: top
+objectClass: ds-cfg-log-retention-policy
+objectClass: ds-cfg-file-count-log-retention-policy
+cn: File Count Retention Policy
+ds-cfg-java-class: org.opends.server.loggers.FileNumberRetentionPolicy
+ds-cfg-number-of-files: 10
+
+dn: cn=Free Disk Space Retention Policy,cn=Log Retention Policies,cn=config
+objectClass: top
+objectClass: ds-cfg-log-retention-policy
+objectClass: ds-cfg-free-disk-space-log-retention-policy
+cn: Free Disk Space Retention Policy
+ds-cfg-java-class: org.opends.server.loggers.FreeDiskSpaceRetentionPolicy
+ds-cfg-free-disk-space: 500 megabytes
+
+dn: cn=Size Limit Retention Policy,cn=Log Retention Policies,cn=config
+objectClass: top
+objectClass: ds-cfg-log-retention-policy
+objectClass: ds-cfg-size-limit-log-retention-policy
+cn: Size Limit Retention Policy
+ds-cfg-java-class: org.opends.server.loggers.SizeBasedRetentionPolicy
+ds-cfg-disk-space-used: 500 megabytes
+
+dn: cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: Matching Rules
+
+dn: cn=Auth Password Equality Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-equality-matching-rule
+cn: Auth Password Equality Matching Rule
+ds-cfg-java-class: org.opends.server.schema.AuthPasswordEqualityMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Auth Password Exact Equality Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-equality-matching-rule
+cn: Auth Password Exact Equality Matching Rule
+ds-cfg-java-class: org.opends.server.schema.AuthPasswordExactEqualityMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Bit String Equality Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-equality-matching-rule
+cn: Bit String Equality Matching Rule
+ds-cfg-java-class: org.opends.server.schema.BitStringEqualityMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Boolean Equality Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-equality-matching-rule
+cn: Boolean Equality Matching Rule
+ds-cfg-java-class: org.opends.server.schema.BooleanEqualityMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Case Exact Equality Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-equality-matching-rule
+cn: Case Exact Equality Matching Rule
+ds-cfg-java-class: org.opends.server.schema.CaseExactEqualityMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Case Exact Ordering Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-ordering-matching-rule
+cn: Case Exact Ordering Matching Rule
+ds-cfg-java-class: org.opends.server.schema.CaseExactOrderingMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Case Exact Substring Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-substring-matching-rule
+cn: Case Exact Substring Matching Rule
+ds-cfg-java-class: org.opends.server.schema.CaseExactSubstringMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Case Exact IA5 Equality Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-equality-matching-rule
+cn: Case Exact IA5 Equality Matching Rule
+ds-cfg-java-class: org.opends.server.schema.CaseExactIA5EqualityMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Case Exact IA5 Substring Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-substring-matching-rule
+cn: Case Exact IA5 Substring Matching Rule
+ds-cfg-java-class: org.opends.server.schema.CaseExactIA5SubstringMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Case Ignore Equality Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-equality-matching-rule
+cn: Case Ignore Equality Matching Rule
+ds-cfg-java-class: org.opends.server.schema.CaseIgnoreEqualityMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Case Ignore Ordering Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-ordering-matching-rule
+cn: Case Ignore Ordering Matching Rule
+ds-cfg-java-class: org.opends.server.schema.CaseIgnoreOrderingMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Case Ignore Substring Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-substring-matching-rule
+cn: Case Ignore Substring Matching Rule
+ds-cfg-java-class: org.opends.server.schema.CaseIgnoreSubstringMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Case Ignore IA5 Equality Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-equality-matching-rule
+cn: Case Ignore IA5 Equality Matching Rule
+ds-cfg-java-class: org.opends.server.schema.CaseIgnoreIA5EqualityMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Case Ignore IA5 Substring Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-substring-matching-rule
+cn: Case Ignore IA5 Substring Matching Rule
+ds-cfg-java-class: org.opends.server.schema.CaseIgnoreIA5SubstringMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Case Ignore List Equality Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-equality-matching-rule
+cn: Case Ignore List Equality Matching Rule
+ds-cfg-java-class: org.opends.server.schema.CaseIgnoreListEqualityMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Case Ignore List Substring Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-substring-matching-rule
+cn: Case Ignore List Substring Matching Rule
+ds-cfg-java-class: org.opends.server.schema.CaseIgnoreListSubstringMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Collation Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-collation-matching-rule
+cn: Collation Matching Rule
+ds-cfg-java-class: org.opends.server.schema.CollationMatchingRuleFactory
+ds-cfg-enabled: true
+ds-cfg-matching-rule-type: equality
+ds-cfg-matching-rule-type: less-than
+ds-cfg-matching-rule-type: less-than-or-equal-to
+ds-cfg-matching-rule-type: greater-than
+ds-cfg-matching-rule-type: greater-than-or-equal-to
+ds-cfg-matching-rule-type: substring
+#ds-cfg-collation: af:1.3.6.1.4.1.42.2.27.9.4.1.1
+#ds-cfg-collation: am:1.3.6.1.4.1.42.2.27.9.4.2.1
+ds-cfg-collation: ar:1.3.6.1.4.1.42.2.27.9.4.3.1
+ds-cfg-collation: ar-AE:1.3.6.1.4.1.42.2.27.9.4.4.1
+ds-cfg-collation: ar-BH:1.3.6.1.4.1.42.2.27.9.4.5.1
+ds-cfg-collation: ar-DZ:1.3.6.1.4.1.42.2.27.9.4.6.1
+ds-cfg-collation: ar-EG:1.3.6.1.4.1.42.2.27.9.4.7.1
+#ds-cfg-collation: ar-IN:1.3.6.1.4.1.42.2.27.9.4.8.1
+ds-cfg-collation: ar-IQ:1.3.6.1.4.1.42.2.27.9.4.9.1
+ds-cfg-collation: ar-JO:1.3.6.1.4.1.42.2.27.9.4.10.1
+ds-cfg-collation: ar-KW:1.3.6.1.4.1.42.2.27.9.4.11.1
+ds-cfg-collation: ar-LB:1.3.6.1.4.1.42.2.27.9.4.12.1
+ds-cfg-collation: ar-LY:1.3.6.1.4.1.42.2.27.9.4.13.1
+ds-cfg-collation: ar-MA:1.3.6.1.4.1.42.2.27.9.4.14.1
+ds-cfg-collation: ar-OM:1.3.6.1.4.1.42.2.27.9.4.15.1
+ds-cfg-collation: ar-QA:1.3.6.1.4.1.42.2.27.9.4.16.1
+ds-cfg-collation: ar-SA:1.3.6.1.4.1.42.2.27.9.4.17.1
+ds-cfg-collation: ar-SD:1.3.6.1.4.1.42.2.27.9.4.18.1
+ds-cfg-collation: ar-SY:1.3.6.1.4.1.42.2.27.9.4.19.1
+ds-cfg-collation: ar-TN:1.3.6.1.4.1.42.2.27.9.4.20.1
+ds-cfg-collation: ar-YE:1.3.6.1.4.1.42.2.27.9.4.21.1
+ds-cfg-collation: be:1.3.6.1.4.1.42.2.27.9.4.22.1
+ds-cfg-collation: bg:1.3.6.1.4.1.42.2.27.9.4.23.1
+#ds-cfg-collation: bn:1.3.6.1.4.1.42.2.27.9.4.24.1
+ds-cfg-collation: ca:1.3.6.1.4.1.42.2.27.9.4.25.1
+ds-cfg-collation: cs:1.3.6.1.4.1.42.2.27.9.4.26.1
+ds-cfg-collation: da:1.3.6.1.4.1.42.2.27.9.4.27.1
+ds-cfg-collation: de:1.3.6.1.4.1.142.2.27.9.4.28.1
+ds-cfg-collation: de-DE:1.3.6.1.4.1.142.2.27.9.4.28.1
+ds-cfg-collation: de-AT:1.3.6.1.4.1.42.2.27.9.4.29.1
+#ds-cfg-collation: de-BE:1.3.6.1.4.1.42.2.27.9.4.30.1
+ds-cfg-collation: de-CH:1.3.6.1.4.1.42.2.27.9.4.31.1
+ds-cfg-collation: de-LU:1.3.6.1.4.1.42.2.27.9.4.32.1
+ds-cfg-collation: el:1.3.6.1.4.1.42.2.27.9.4.33.1
+ds-cfg-collation: en:1.3.6.1.4.1.42.2.27.9.4.34.1
+ds-cfg-collation: en-US:1.3.6.1.4.1.42.2.27.9.4.34.1
+ds-cfg-collation: en-AU:1.3.6.1.4.1.42.2.27.9.4.35.1
+ds-cfg-collation: en-CA:1.3.6.1.4.1.42.2.27.9.4.36.1
+ds-cfg-collation: en-GB:1.3.6.1.4.1.42.2.27.9.4.37.1
+#ds-cfg-collation: en-HK:1.3.6.1.4.1.42.2.27.9.4.38.1
+ds-cfg-collation: en-IE:1.3.6.1.4.1.42.2.27.9.4.39.1
+ds-cfg-collation: en-IN:1.3.6.1.4.1.42.2.27.9.4.40.1
+#ds-cfg-collation: en-MT:1.3.6.1.4.1.42.2.27.9.4.41.1
+ds-cfg-collation: en-NZ:1.3.6.1.4.1.42.2.27.9.4.42.1
+#ds-cfg-collation: en-PH:1.3.6.1.4.1.42.2.27.9.4.43.1
+#ds-cfg-collation: en-SG:1.3.6.1.4.1.42.2.27.9.4.44.1
+#ds-cfg-collation: en-VI:1.3.6.1.4.1.42.2.27.9.4.45.1
+ds-cfg-collation: en-ZA:1.3.6.1.4.1.42.2.27.9.4.46.1
+#ds-cfg-collation: en-ZW:1.3.6.1.4.1.42.2.27.9.4.47.1
+#ds-cfg-collation: eo:1.3.6.1.4.1.42.2.27.9.4.48.1
+ds-cfg-collation: es:1.3.6.1.4.1.42.2.27.9.4.49.1
+ds-cfg-collation: es-ES:1.3.6.1.4.1.42.2.27.9.4.49.1
+ds-cfg-collation: es-AR:1.3.6.1.4.1.42.2.27.9.4.50.1
+ds-cfg-collation: es-BO:1.3.6.1.4.1.42.2.27.9.4.51.1
+ds-cfg-collation: es-CL:1.3.6.1.4.1.42.2.27.9.4.52.1
+ds-cfg-collation: es-CO:1.3.6.1.4.1.42.2.27.9.4.53.1
+ds-cfg-collation: es-CR:1.3.6.1.4.1.42.2.27.9.4.54.1
+ds-cfg-collation: es-DO:1.3.6.1.4.1.42.2.27.9.4.55.1
+ds-cfg-collation: es-EC:1.3.6.1.4.1.42.2.27.9.4.56.1
+ds-cfg-collation: es-GT:1.3.6.1.4.1.42.2.27.9.4.57.1
+ds-cfg-collation: es-HN:1.3.6.1.4.1.42.2.27.9.4.58.1
+ds-cfg-collation: es-MX:1.3.6.1.4.1.42.2.27.9.4.59.1
+ds-cfg-collation: es-NI:1.3.6.1.4.1.42.2.27.9.4.60.1
+ds-cfg-collation: es-PA:1.3.6.1.4.1.42.2.27.9.4.61.1
+ds-cfg-collation: es-PE:1.3.6.1.4.1.42.2.27.9.4.62.1
+ds-cfg-collation: es-PR:1.3.6.1.4.1.42.2.27.9.4.63.1
+ds-cfg-collation: es-PY:1.3.6.1.4.1.42.2.27.9.4.64.1
+ds-cfg-collation: es-SV:1.3.6.1.4.1.42.2.27.9.4.65.1
+#ds-cfg-collation: es-US:1.3.6.1.4.1.42.2.27.9.4.66.1
+ds-cfg-collation: es-UY:1.3.6.1.4.1.42.2.27.9.4.67.1
+ds-cfg-collation: es-VE:1.3.6.1.4.1.42.2.27.9.4.68.1
+ds-cfg-collation: et:1.3.6.1.4.1.42.2.27.9.4.69.1
+#ds-cfg-collation: eu:1.3.6.1.4.1.42.2.27.9.4.70.1
+#ds-cfg-collation: fa:1.3.6.1.4.1.42.2.27.9.4.71.1
+#ds-cfg-collation: fa-IN:1.3.6.1.4.1.42.2.27.9.4.72.1
+#ds-cfg-collation: fa-IR:1.3.6.1.4.1.42.2.27.9.4.73.1
+ds-cfg-collation: fi:1.3.6.1.4.1.42.2.27.9.4.74.1
+#ds-cfg-collation: fo:1.3.6.1.4.1.42.2.27.9.4.75.1
+ds-cfg-collation: fr:1.3.6.1.4.1.42.2.27.9.4.76.1
+ds-cfg-collation: fr-FR:1.3.6.1.4.1.42.2.27.9.4.76.1
+ds-cfg-collation: fr-BE:1.3.6.1.4.1.42.2.27.9.4.77.1
+ds-cfg-collation: fr-CA:1.3.6.1.4.1.42.2.27.9.4.78.1
+ds-cfg-collation: fr-CH:1.3.6.1.4.1.42.2.27.9.4.79.1
+ds-cfg-collation: fr-LU:1.3.6.1.4.1.42.2.27.9.4.80.1
+#ds-cfg-collation: ga:1.3.6.1.4.1.42.2.27.9.4.81.1
+#ds-cfg-collation: gl:1.3.6.1.4.1.42.2.27.9.4.82.1
+#ds-cfg-collation: gu:1.3.6.1.4.1.42.2.27.9.4.83.1
+#ds-cfg-collation: gv:1.3.6.1.4.1.42.2.27.9.4.84.1
+ds-cfg-collation: he:1.3.6.1.4.1.42.2.27.9.4.85.1
+#ds-cfg-collation: hi:1.3.6.1.4.1.42.2.27.9.4.86.1
+ds-cfg-collation: hr:1.3.6.1.4.1.42.2.27.9.4.87.1
+ds-cfg-collation: hu:1.3.6.1.4.1.42.2.27.9.4.88.1
+#ds-cfg-collation: hy:1.3.6.1.4.1.42.2.27.9.4.89.1
+#ds-cfg-collation: id:1.3.6.1.4.1.42.2.27.9.4.90.1
+ds-cfg-collation: is:1.3.6.1.4.1.42.2.27.9.4.91.1
+ds-cfg-collation: it:1.3.6.1.4.1.42.2.27.9.4.92.1
+ds-cfg-collation: it-CH:1.3.6.1.4.1.42.2.27.9.4.93.1
+ds-cfg-collation: ja:1.3.6.1.4.1.42.2.27.9.4.94.1
+#ds-cfg-collation: kl:1.3.6.1.4.1.42.2.27.9.4.95.1
+#ds-cfg-collation: kn:1.3.6.1.4.1.42.2.27.9.4.96.1
+ds-cfg-collation: ko:1.3.6.1.4.1.42.2.27.9.4.97.1
+#ds-cfg-collation: kok:1.3.6.1.4.1.42.2.27.9.4.98.1
+#ds-cfg-collation: kw:1.3.6.1.4.1.42.2.27.9.4.99.1
+ds-cfg-collation: lt:1.3.6.1.4.1.42.2.27.9.4.100.1
+ds-cfg-collation: lv:1.3.6.1.4.1.42.2.27.9.4.101.1
+ds-cfg-collation: mk:1.3.6.1.4.1.42.2.27.9.4.102.1
+#ds-cfg-collation: mr:1.3.6.1.4.1.42.2.27.9.4.103.1
+#ds-cfg-collation: mt:1.3.6.1.4.1.42.2.27.9.4.104.1
+ds-cfg-collation: nl:1.3.6.1.4.1.42.2.27.9.4.105.1
+ds-cfg-collation: nl-NL:1.3.6.1.4.1.42.2.27.9.4.105.1
+ds-cfg-collation: nl-BE:1.3.6.1.4.1.42.2.27.9.4.106.1
+ds-cfg-collation: no:1.3.6.1.4.1.42.2.27.9.4.107.1
+ds-cfg-collation: no-NO:1.3.6.1.4.1.42.2.27.9.4.107.1
+ds-cfg-collation: no-NO-NY:1.3.6.1.4.1.42.2.27.9.4.108.1
+#ds-cfg-collation: nn:1.3.6.1.4.1.42.2.27.9.4.109.1
+#ds-cfg-collation: nb:1.3.6.1.4.1.42.2.27.9.4.110.1
+#ds-cfg-collation: no-NO-B:1.3.6.1.4.1.42.2.27.9.4.110.1
+#ds-cfg-collation: om:1.3.6.1.4.1.42.2.27.9.4.111.1
+#ds-cfg-collation: om-ET:1.3.6.1.4.1.42.2.27.9.4.112.1
+#ds-cfg-collation: om-KE:1.3.6.1.4.1.42.2.27.9.4.113.1
+ds-cfg-collation: pl:1.3.6.1.4.1.42.2.27.9.4.114.1
+ds-cfg-collation: pt:1.3.6.1.4.1.42.2.27.9.4.115.1
+ds-cfg-collation: pt-PT:1.3.6.1.4.1.42.2.27.9.4.115.1
+ds-cfg-collation: pt-BR:1.3.6.1.4.1.42.2.27.9.4.116.1
+ds-cfg-collation: ro:1.3.6.1.4.1.42.2.27.9.4.117.1
+ds-cfg-collation: ru:1.3.6.1.4.1.42.2.27.9.4.118.1
+ds-cfg-collation: ru-RU:1.3.6.1.4.1.42.2.27.9.4.118.1
+#ds-cfg-collation: ru-UA:1.3.6.1.4.1.42.2.27.9.4.119.1
+#ds-cfg-collation: sh:1.3.6.1.4.1.42.2.27.9.4.120.1
+ds-cfg-collation: sk:1.3.6.1.4.1.42.2.27.9.4.121.1
+ds-cfg-collation: sl:1.3.6.1.4.1.42.2.27.9.4.122.1
+#ds-cfg-collation: so:1.3.6.1.4.1.42.2.27.9.4.123.1
+#ds-cfg-collation: so-SO:1.3.6.1.4.1.42.2.27.9.4.123.1
+#ds-cfg-collation: so-DJ:1.3.6.1.4.1.42.2.27.9.4.124.1
+#ds-cfg-collation: so-ET:1.3.6.1.4.1.42.2.27.9.4.125.1
+#ds-cfg-collation: so-KE:1.3.6.1.4.1.42.2.27.9.4.126.1
+ds-cfg-collation: sq:1.3.6.1.4.1.42.2.27.9.4.127.1
+ds-cfg-collation: sr:1.3.6.1.4.1.42.2.27.9.4.128.1
+ds-cfg-collation: sv:1.3.6.1.4.1.42.2.27.9.4.129.1
+ds-cfg-collation: sv-SE:1.3.6.1.4.1.42.2.27.9.4.129.1
+#ds-cfg-collation: sv-FI:1.3.6.1.4.1.42.2.27.9.4.130.1
+#ds-cfg-collation: sw:1.3.6.1.4.1.42.2.27.9.4.131.1
+#ds-cfg-collation: sw-KE:1.3.6.1.4.1.42.2.27.9.4.132.1
+#ds-cfg-collation: sw-TZ:1.3.6.1.4.1.42.2.27.9.4.133.1
+#ds-cfg-collation: ta:1 3 1.3.6.1.4.1.42.2.27.9.4.134.1
+#ds-cfg-collation: te:1.3.6.1.4.1.42.2.27.9.4.135.1
+ds-cfg-collation: th:1.3.6.1.4.1.42.2.27.9.4.136.1
+#ds-cfg-collation: ti:1.3.6.1.4.1.42.2.27.9.4.137.1
+#ds-cfg-collation: ti-ER:1.3.6.1.4.1.42.2.27.9.4.138.1
+#ds-cfg-collation: ti-ET:1.3.6.1.4.1.42.2.27.9.4.139.1
+ds-cfg-collation: tr:1.3.6.1.4.1.42.2.27.9.4.140.1
+ds-cfg-collation: uk:1.3.6.1.4.1.42.2.27.9.4.141.1
+ds-cfg-collation: vi:1.3.6.1.4.1.42.2.27.9.4.142.1
+ds-cfg-collation: zh:1.3.6.1.4.1.42.2.27.9.4.143.1
+ds-cfg-collation: zh-CN:1.3.6.1.4.1.42.2.27.9.4.144.1
+ds-cfg-collation: zh-HK:1.3.6.1.4.1.42.2.27.9.4.145.1
+#ds-cfg-collation: zh-MO:1.3.6.1.4.1.42.2.27.9.4.146.1
+#ds-cfg-collation: zh-SG:1.3.6.1.4.1.42.2.27.9.4.147.1
+ds-cfg-collation: zh-TW:1.3.6.1.4.1.42.2.27.9.4.148.1
+
+dn: cn=Directory String First Component Equality Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-equality-matching-rule
+cn: Directory String First Component Equality Matching Rule
+ds-cfg-java-class: org.opends.server.schema.DirectoryStringFirstComponentEqualityMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Distinguished Name Equality Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-equality-matching-rule
+cn: Distinguished Name Equality Matching Rule
+ds-cfg-java-class: org.opends.server.schema.DistinguishedNameEqualityMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Double Metaphone Approximate Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-approximate-matching-rule
+cn: Double Metaphone Approximate Matching Rule
+ds-cfg-java-class: org.opends.server.schema.DoubleMetaphoneApproximateMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Generalized Time Equality Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-equality-matching-rule
+cn: Generalized Time Equality Matching Rule
+ds-cfg-java-class: org.opends.server.schema.GeneralizedTimeEqualityMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Generalized Time Ordering Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-ordering-matching-rule
+cn: Generalized Time Ordering Matching Rule
+ds-cfg-java-class: org.opends.server.schema.GeneralizedTimeOrderingMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Historical CSN Ordering Matching Rule,cn=Matching Rules,cn=config
+objectClass: ds-cfg-ordering-matching-rule
+objectClass: top
+objectClass: ds-cfg-matching-rule
+ds-cfg-java-class: org.opends.server.replication.plugin.HistoricalCsnOrderingMatchingRuleFactory
+ds-cfg-enabled: true
+cn: Historical CSN Ordering Matching Rule
+
+dn: cn=Integer Equality Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-equality-matching-rule
+cn: Integer Equality Matching Rule
+ds-cfg-java-class: org.opends.server.schema.IntegerEqualityMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Integer Ordering Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-ordering-matching-rule
+cn: Integer Ordering Matching Rule
+ds-cfg-java-class: org.opends.server.schema.IntegerOrderingMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Integer First Component Equality Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-equality-matching-rule
+cn: Integer First Component Equality Matching Rule
+ds-cfg-java-class: org.opends.server.schema.IntegerFirstComponentEqualityMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Keyword Equality Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-equality-matching-rule
+cn: Keyword Equality Matching Rule
+ds-cfg-java-class: org.opends.server.schema.KeywordEqualityMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Numeric String Equality Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-equality-matching-rule
+cn: Numeric String Equality Matching Rule
+ds-cfg-java-class: org.opends.server.schema.NumericStringEqualityMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Numeric String Ordering Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-ordering-matching-rule
+cn: Numeric String Ordering Matching Rule
+ds-cfg-java-class: org.opends.server.schema.NumericStringOrderingMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Numeric String Substring Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-substring-matching-rule
+cn: Numeric String Substring Matching Rule
+ds-cfg-java-class: org.opends.server.schema.NumericStringSubstringMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Object Identifier Equality Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-equality-matching-rule
+cn: Object Identifier Equality Matching Rule
+ds-cfg-java-class: org.opends.server.schema.ObjectIdentifierEqualityMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Object Identifier First Component Equality Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-equality-matching-rule
+cn: Object Identifier First Component Equality Matching Rule
+ds-cfg-java-class: org.opends.server.schema.ObjectIdentifierFirstComponentEqualityMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Octet String Equality Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-equality-matching-rule
+cn: Octet String Equality Matching Rule
+ds-cfg-java-class: org.opends.server.schema.OctetStringEqualityMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Octet String Ordering Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-ordering-matching-rule
+cn: Octet String Ordering Matching Rule
+ds-cfg-java-class: org.opends.server.schema.OctetStringOrderingMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Octet String Substring Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-substring-matching-rule
+cn: Octet String Substring Matching Rule
+ds-cfg-java-class: org.opends.server.schema.OctetStringSubstringMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Presentation Address Equality Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-equality-matching-rule
+cn: Presentation Address Equality Matching Rule
+ds-cfg-java-class: org.opends.server.schema.PresentationAddressEqualityMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Protocol Information Equality Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-equality-matching-rule
+cn: Protocol Information Equality Matching Rule
+ds-cfg-java-class: org.opends.server.schema.ProtocolInformationEqualityMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Telephone Number Equality Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-equality-matching-rule
+cn: Telephone Number Equality Matching Rule
+ds-cfg-java-class: org.opends.server.schema.TelephoneNumberEqualityMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Telephone Number Substring Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-substring-matching-rule
+cn: Telephone Number Substring Matching Rule
+ds-cfg-java-class: org.opends.server.schema.TelephoneNumberSubstringMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Unique Member Equality Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-equality-matching-rule
+cn: Unique Member Equality Matching Rule
+ds-cfg-java-class: org.opends.server.schema.UniqueMemberEqualityMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=User Password Equality Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-equality-matching-rule
+cn: User Password Equality Matching Rule
+ds-cfg-java-class: org.opends.server.schema.UserPasswordEqualityMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=User Password Exact Equality Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-equality-matching-rule
+cn: User Password Exact Equality Matching Rule
+ds-cfg-java-class: org.opends.server.schema.UserPasswordExactEqualityMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=UUID Equality Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-equality-matching-rule
+cn: UUID Equality Matching Rule
+ds-cfg-java-class: org.opends.server.schema.UUIDEqualityMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=UUID Ordering Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-ordering-matching-rule
+cn: UUID Ordering Matching Rule
+ds-cfg-java-class: org.opends.server.schema.UUIDOrderingMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Word Equality Matching Rule,cn=Matching Rules,cn=config
+objectClass: top
+objectClass: ds-cfg-matching-rule
+objectClass: ds-cfg-equality-matching-rule
+cn: Word Equality Matching Rule
+ds-cfg-java-class: org.opends.server.schema.WordEqualityMatchingRuleFactory
+ds-cfg-enabled: true
+
+dn: cn=Monitor Providers,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: Monitor Providers
+
+dn: cn=Client Connections,cn=Monitor Providers,cn=config
+objectClass: top
+objectClass: ds-cfg-monitor-provider
+objectClass: ds-cfg-client-connection-monitor-provider
+cn: Client Connections
+ds-cfg-java-class: org.opends.server.monitors.ClientConnectionMonitorProvider
+ds-cfg-enabled: true
+
+dn: cn=Entry Caches,cn=Monitor Providers,cn=config
+objectClass: top
+objectClass: ds-cfg-monitor-provider
+objectClass: ds-cfg-entry-cache-monitor-provider
+cn: Entry Caches
+ds-cfg-java-class: org.opends.server.monitors.EntryCacheMonitorProvider
+ds-cfg-enabled: true
+
+dn: cn=JVM Memory Usage,cn=Monitor Providers,cn=config
+objectClass: top
+objectClass: ds-cfg-monitor-provider
+objectClass: ds-cfg-memory-usage-monitor-provider
+cn: JVM Memory Usage
+ds-cfg-java-class: org.opends.server.monitors.MemoryUsageMonitorProvider
+ds-cfg-enabled: true
+
+dn: cn=JVM Stack Trace,cn=Monitor Providers,cn=config
+objectClass: top
+objectClass: ds-cfg-monitor-provider
+objectClass: ds-cfg-stack-trace-monitor-provider
+cn: JVM Stack Trace
+ds-cfg-java-class: org.opends.server.monitors.StackTraceMonitorProvider
+ds-cfg-enabled: true
+
+dn: cn=System Info,cn=Monitor Providers,cn=config
+objectClass: top
+objectClass: ds-cfg-monitor-provider
+objectClass: ds-cfg-system-info-monitor-provider
+cn: System Info
+ds-cfg-java-class: org.opends.server.monitors.SystemInfoMonitorProvider
+ds-cfg-enabled: true
+
+dn: cn=Version,cn=Monitor Providers,cn=config
+objectClass: top
+objectClass: ds-cfg-monitor-provider
+objectClass: ds-cfg-version-monitor-provider
+cn: Version
+ds-cfg-java-class: org.opends.server.monitors.VersionMonitorProvider
+ds-cfg-enabled: true
+
+dn: cn=Password Generators,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: Password Generators
+
+dn: cn=Random Password Generator,cn=Password Generators,cn=config
+objectClass: top
+objectClass: ds-cfg-password-generator
+objectClass: ds-cfg-random-password-generator
+cn: Random Password Generator
+ds-cfg-java-class: org.opends.server.extensions.RandomPasswordGenerator
+ds-cfg-enabled: true
+ds-cfg-password-character-set: alpha:abcdefghijklmnopqrstuvwxyz
+ds-cfg-password-character-set: numeric:0123456789
+ds-cfg-password-format: alpha:3,numeric:2,alpha:3
+
+dn: cn=Password Policies,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: Password Policies
+
+dn: cn=Default Password Policy,cn=Password Policies,cn=config
+objectClass: top
+objectClass: ds-cfg-password-policy
+cn: Default Password Policy
+ds-cfg-password-attribute: userPassword
+ds-cfg-default-password-storage-scheme: cn=Salted SHA-1,cn=Password Storage Schemes,cn=config
+ds-cfg-allow-expired-password-changes: false
+ds-cfg-allow-multiple-password-values: false
+ds-cfg-allow-pre-encoded-passwords: false
+ds-cfg-allow-user-password-changes: true
+ds-cfg-expire-passwords-without-warning: false
+ds-cfg-force-change-on-add: false
+ds-cfg-force-change-on-reset: false
+ds-cfg-grace-login-count: 0
+ds-cfg-idle-lockout-interval: 0 seconds
+ds-cfg-lockout-failure-count: 0
+ds-cfg-lockout-duration: 0 seconds
+ds-cfg-lockout-failure-expiration-interval: 0 seconds
+ds-cfg-min-password-age: 0 seconds
+ds-cfg-max-password-age: 0 seconds
+ds-cfg-max-password-reset-age: 0 seconds
+ds-cfg-password-expiration-warning-interval: 5 days
+ds-cfg-password-generator: cn=Random Password Generator,cn=Password Generators,cn=config
+ds-cfg-password-change-requires-current-password: false
+ds-cfg-require-secure-authentication: false
+ds-cfg-require-secure-password-changes: false
+ds-cfg-skip-validation-for-administrators: false
+ds-cfg-state-update-failure-policy: reactive
+ds-cfg-password-history-count: 0
+ds-cfg-password-history-duration: 0 seconds
+
+dn: cn=Root Password Policy,cn=Password Policies,cn=config
+objectClass: top
+objectClass: ds-cfg-password-policy
+cn: Root Password Policy
+ds-cfg-password-attribute: userPassword
+ds-cfg-default-password-storage-scheme: cn=Salted SHA-512,cn=Password Storage Schemes,cn=config
+ds-cfg-allow-expired-password-changes: false
+ds-cfg-allow-multiple-password-values: false
+ds-cfg-allow-pre-encoded-passwords: false
+ds-cfg-allow-user-password-changes: true
+ds-cfg-expire-passwords-without-warning: false
+ds-cfg-force-change-on-add: false
+ds-cfg-force-change-on-reset: false
+ds-cfg-grace-login-count: 0
+ds-cfg-idle-lockout-interval: 0 seconds
+ds-cfg-lockout-failure-count: 0
+ds-cfg-lockout-duration: 0 seconds
+ds-cfg-lockout-failure-expiration-interval: 0 seconds
+ds-cfg-min-password-age: 0 seconds
+ds-cfg-max-password-age: 0 seconds
+ds-cfg-max-password-reset-age: 0 seconds
+ds-cfg-password-expiration-warning-interval: 5 days
+ds-cfg-password-change-requires-current-password: true
+ds-cfg-require-secure-authentication: false
+ds-cfg-require-secure-password-changes: false
+ds-cfg-skip-validation-for-administrators: false
+ds-cfg-state-update-failure-policy: ignore
+ds-cfg-password-history-count: 0
+ds-cfg-password-history-duration: 0 seconds
+
+dn: cn=Password Storage Schemes,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: Password Storage Schemes
+
+dn: cn=Base64,cn=Password Storage Schemes,cn=config
+objectClass: top
+objectClass: ds-cfg-password-storage-scheme
+objectClass: ds-cfg-base64-password-storage-scheme
+cn: Base64
+ds-cfg-java-class: org.opends.server.extensions.Base64PasswordStorageScheme
+ds-cfg-enabled: true
+
+dn: cn=Clear,cn=Password Storage Schemes,cn=config
+objectClass: top
+objectClass: ds-cfg-password-storage-scheme
+objectClass: ds-cfg-clear-password-storage-scheme
+cn: Clear
+ds-cfg-java-class: org.opends.server.extensions.ClearPasswordStorageScheme
+ds-cfg-enabled: true
+
+dn: cn=CRYPT,cn=Password Storage Schemes,cn=config
+objectClass: top
+objectClass: ds-cfg-password-storage-scheme
+objectClass: ds-cfg-crypt-password-storage-scheme
+cn: CRYPT
+ds-cfg-java-class: org.opends.server.extensions.CryptPasswordStorageScheme
+ds-cfg-enabled: true
+
+dn: cn=MD5,cn=Password Storage Schemes,cn=config
+objectClass: top
+objectClass: ds-cfg-password-storage-scheme
+objectClass: ds-cfg-md5-password-storage-scheme
+cn: MD5
+ds-cfg-java-class: org.opends.server.extensions.MD5PasswordStorageScheme
+ds-cfg-enabled: true
+
+dn: cn=Salted MD5,cn=Password Storage Schemes,cn=config
+objectClass: top
+objectClass: ds-cfg-password-storage-scheme
+objectClass: ds-cfg-salted-md5-password-storage-scheme
+cn: Salted MD5
+ds-cfg-java-class: org.opends.server.extensions.SaltedMD5PasswordStorageScheme
+ds-cfg-enabled: true
+
+dn: cn=Salted SHA-1,cn=Password Storage Schemes,cn=config
+objectClass: top
+objectClass: ds-cfg-password-storage-scheme
+objectClass: ds-cfg-salted-sha1-password-storage-scheme
+cn: Salted SHA-1
+ds-cfg-java-class: org.opends.server.extensions.SaltedSHA1PasswordStorageScheme
+ds-cfg-enabled: true
+
+dn: cn=Salted SHA-256,cn=Password Storage Schemes,cn=config
+objectClass: top
+objectClass: ds-cfg-password-storage-scheme
+objectClass: ds-cfg-salted-sha256-password-storage-scheme
+cn: Salted SHA-256
+ds-cfg-java-class: org.opends.server.extensions.SaltedSHA256PasswordStorageScheme
+ds-cfg-enabled: true
+
+dn: cn=Salted SHA-384,cn=Password Storage Schemes,cn=config
+objectClass: top
+objectClass: ds-cfg-password-storage-scheme
+objectClass: ds-cfg-salted-sha384-password-storage-scheme
+cn: Salted SHA-384
+ds-cfg-java-class: org.opends.server.extensions.SaltedSHA384PasswordStorageScheme
+ds-cfg-enabled: true
+
+dn: cn=Salted SHA-512,cn=Password Storage Schemes,cn=config
+objectClass: top
+objectClass: ds-cfg-password-storage-scheme
+objectClass: ds-cfg-salted-sha512-password-storage-scheme
+cn: Salted SHA-512
+ds-cfg-java-class: org.opends.server.extensions.SaltedSHA512PasswordStorageScheme
+ds-cfg-enabled: true
+
+dn: cn=SHA-1,cn=Password Storage Schemes,cn=config
+objectClass: top
+objectClass: ds-cfg-password-storage-scheme
+objectClass: ds-cfg-sha1-password-storage-scheme
+cn: SHA-1
+ds-cfg-java-class: org.opends.server.extensions.SHA1PasswordStorageScheme
+ds-cfg-enabled: true
+
+dn: cn=3DES,cn=Password Storage Schemes,cn=config
+objectClass: top
+objectClass: ds-cfg-password-storage-scheme
+objectClass: ds-cfg-triple-des-password-storage-scheme
+cn: 3DES
+ds-cfg-java-class: org.opends.server.extensions.TripleDESPasswordStorageScheme
+ds-cfg-enabled: true
+
+dn: cn=AES,cn=Password Storage Schemes,cn=config
+objectClass: top
+objectClass: ds-cfg-password-storage-scheme
+objectClass: ds-cfg-aes-password-storage-scheme
+cn: AES
+ds-cfg-java-class: org.opends.server.extensions.AESPasswordStorageScheme
+ds-cfg-enabled: true
+
+dn: cn=Blowfish,cn=Password Storage Schemes,cn=config
+objectClass: top
+objectClass: ds-cfg-password-storage-scheme
+objectClass: ds-cfg-blowfish-password-storage-scheme
+cn: Blowfish
+ds-cfg-java-class: org.opends.server.extensions.BlowfishPasswordStorageScheme
+ds-cfg-enabled: true
+
+dn: cn=RC4,cn=Password Storage Schemes,cn=config
+objectClass: top
+objectClass: ds-cfg-password-storage-scheme
+objectClass: ds-cfg-rc4-password-storage-scheme
+cn: RC4
+ds-cfg-java-class: org.opends.server.extensions.RC4PasswordStorageScheme
+ds-cfg-enabled: true
+
+dn: cn=Password Validators,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: Password Validators
+
+dn: cn=Attribute Value,cn=Password Validators,cn=config
+objectClass: top
+objectClass: ds-cfg-password-validator
+objectClass: ds-cfg-attribute-value-password-validator
+cn: Attribute Value
+ds-cfg-java-class: org.opends.server.extensions.AttributeValuePasswordValidator
+ds-cfg-enabled: true
+ds-cfg-test-reversed-password: true
+
+dn: cn=Character Set,cn=Password Validators,cn=config
+objectClass: top
+objectClass: ds-cfg-password-validator
+objectClass: ds-cfg-character-set-password-validator
+cn: Character Set
+ds-cfg-java-class: org.opends.server.extensions.CharacterSetPasswordValidator
+ds-cfg-enabled: true
+ds-cfg-character-set: 1:abcdefghijklmnopqrstuvwxyz
+ds-cfg-character-set: 1:ABCDEFGHIJKLMNOPQRSTUVWXYZ
+ds-cfg-character-set: 1:0123456789
+ds-cfg-character-set: 1:~!@#$%^&*()-_=+[]{}|;:,.<>/?
+ds-cfg-allow-unclassified-characters: true
+
+dn: cn=Dictionary,cn=Password Validators,cn=config
+objectClass: top
+objectClass: ds-cfg-password-validator
+objectClass: ds-cfg-dictionary-password-validator
+cn: Dictionary
+ds-cfg-java-class: org.opends.server.extensions.DictionaryPasswordValidator
+ds-cfg-enabled: false
+ds-cfg-dictionary-file: config/wordlist.txt
+ds-cfg-case-sensitive-validation: false
+ds-cfg-test-reversed-password: true
+
+dn: cn=Length-Based Password Validator,cn=Password Validators,cn=config
+objectClass: top
+objectClass: ds-cfg-password-validator
+objectClass: ds-cfg-length-based-password-validator
+cn: Length-Based Password Validator
+ds-cfg-java-class: org.opends.server.extensions.LengthBasedPasswordValidator
+ds-cfg-enabled: true
+ds-cfg-min-password-length: 6
+ds-cfg-max-password-length: 0
+
+dn: cn=Repeated Characters,cn=Password Validators,cn=config
+objectClass: top
+objectClass: ds-cfg-password-validator
+objectClass: ds-cfg-repeated-characters-password-validator
+cn: Repeated Characters
+ds-cfg-java-class: org.opends.server.extensions.RepeatedCharactersPasswordValidator
+ds-cfg-enabled: true
+ds-cfg-max-consecutive-length: 2
+ds-cfg-case-sensitive-validation: false
+
+dn: cn=Similarity-Based Password Validator,cn=Password Validators,cn=config
+objectClass: top
+objectClass: ds-cfg-password-validator
+objectClass: ds-cfg-similarity-based-password-validator
+cn: Similarity-Based Password Validator
+ds-cfg-java-class: org.opends.server.extensions.SimilarityBasedPasswordValidator
+ds-cfg-enabled: true
+ds-cfg-min-password-difference: 3
+
+dn: cn=Unique Characters,cn=Password Validators,cn=config
+objectClass: top
+objectClass: ds-cfg-password-validator
+objectClass: ds-cfg-unique-characters-password-validator
+cn: Unique Characters
+ds-cfg-java-class: org.opends.server.extensions.UniqueCharactersPasswordValidator
+ds-cfg-enabled: true
+ds-cfg-min-unique-characters: 5
+ds-cfg-case-sensitive-validation: false
+
+dn: cn=Plugins,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+objectClass: ds-cfg-plugin-root
+cn: Plugins
+
+dn: cn=7-Bit Clean,cn=Plugins,cn=config
+objectClass: top
+objectClass: ds-cfg-plugin
+objectClass: ds-cfg-seven-bit-clean-plugin
+cn: 7-Bit Clean
+ds-cfg-java-class: org.opends.server.plugins.SevenBitCleanPlugin
+ds-cfg-enabled: false
+ds-cfg-plugin-type: ldifImport
+ds-cfg-plugin-type: preParseAdd
+ds-cfg-plugin-type: preParseModify
+ds-cfg-plugin-type: preParseModifyDN
+ds-cfg-attribute-type: uid
+ds-cfg-attribute-type: mail
+ds-cfg-attribute-type: userPassword
+ds-cfg-invoke-for-internal-operations: true
+
+dn: cn=Entry UUID,cn=Plugins,cn=config
+objectClass: top
+objectClass: ds-cfg-plugin
+objectClass: ds-cfg-entry-uuid-plugin
+cn: Entry UUID
+ds-cfg-java-class: org.opends.server.plugins.EntryUUIDPlugin
+ds-cfg-enabled: true
+ds-cfg-plugin-type: ldifImport
+ds-cfg-plugin-type: preOperationAdd
+ds-cfg-invoke-for-internal-operations: true
+
+dn: cn=LastMod,cn=Plugins,cn=config
+objectClass: top
+objectClass: ds-cfg-plugin
+objectClass: ds-cfg-last-mod-plugin
+cn: LastMod
+ds-cfg-java-class: org.opends.server.plugins.LastModPlugin
+ds-cfg-enabled: true
+ds-cfg-plugin-type: preOperationAdd
+ds-cfg-plugin-type: preOperationModify
+ds-cfg-plugin-type: preOperationModifyDN
+ds-cfg-invoke-for-internal-operations: true
+
+dn: cn=LDAP Attribute Description List,cn=Plugins,cn=config
+objectClass: top
+objectClass: ds-cfg-plugin
+objectClass: ds-cfg-ldap-attribute-description-list-plugin
+cn: LDAP Attribute Description List
+ds-cfg-java-class: org.opends.server.plugins.LDAPADListPlugin
+ds-cfg-enabled: true
+ds-cfg-plugin-type: preParseSearch
+ds-cfg-invoke-for-internal-operations: true
+
+dn: cn=Password Policy Import,cn=Plugins,cn=config
+objectClass: top
+objectClass: ds-cfg-plugin
+objectClass: ds-cfg-password-policy-import-plugin
+cn: Password Policy Import
+ds-cfg-java-class: org.opends.server.plugins.PasswordPolicyImportPlugin
+ds-cfg-enabled: true
+ds-cfg-plugin-type: ldifImport
+ds-cfg-default-user-password-storage-scheme: cn=Salted SHA-1,cn=Password Storage Schemes,cn=config
+ds-cfg-default-auth-password-storage-scheme: cn=Salted SHA-1,cn=Password Storage Schemes,cn=config
+ds-cfg-invoke-for-internal-operations: false
+
+dn: cn=Profiler,cn=Plugins,cn=config
+objectClass: top
+objectClass: ds-cfg-plugin
+objectClass: ds-cfg-profiler-plugin
+cn: Profiler
+ds-cfg-enabled: true
+ds-cfg-java-class: org.opends.server.plugins.profiler.ProfilerPlugin
+ds-cfg-plugin-type: startup
+ds-cfg-enable-profiling-on-startup: false
+ds-cfg-profile-directory: logs
+ds-cfg-profile-sample-interval: 10 milliseconds
+ds-cfg-invoke-for-internal-operations: false
+
+dn: cn=Referential Integrity,cn=Plugins,cn=config
+objectClass: top
+objectClass: ds-cfg-plugin
+objectClass: ds-cfg-referential-integrity-plugin
+cn: Referential Integrity
+ds-cfg-java-class: org.opends.server.plugins.ReferentialIntegrityPlugin
+ds-cfg-enabled: false
+ds-cfg-plugin-type: postOperationDelete
+ds-cfg-plugin-type: postOperationModifyDN
+ds-cfg-plugin-type: subordinateModifyDN
+ds-cfg-attribute-type: member
+ds-cfg-attribute-type: uniqueMember
+ds-cfg-invoke-for-internal-operations: true
+
+dn: cn=UID Unique Attribute,cn=Plugins,cn=config
+objectClass: top
+objectClass: ds-cfg-plugin
+objectClass: ds-cfg-unique-attribute-plugin
+cn: UID Unique Attribute
+ds-cfg-java-class: org.opends.server.plugins.UniqueAttributePlugin
+ds-cfg-enabled: false
+ds-cfg-plugin-type: preOperationAdd
+ds-cfg-plugin-type: preOperationModify
+ds-cfg-plugin-type: preOperationModifyDN
+ds-cfg-plugin-type: postOperationAdd
+ds-cfg-plugin-type: postOperationModify
+ds-cfg-plugin-type: postOperationModifyDN
+ds-cfg-plugin-type: postSynchronizationAdd
+ds-cfg-plugin-type: postSynchronizationModify
+ds-cfg-plugin-type: postSynchronizationModifyDN
+ds-cfg-type: uid
+ds-cfg-invoke-for-internal-operations: true
+
+dn: cn=Network Group,cn=Plugins,cn=config
+objectClass: top
+objectClass: ds-cfg-plugin
+objectClass: ds-cfg-network-group-plugin
+cn: Network Group
+ds-cfg-java-class: org.opends.server.core.networkgroups.NetworkGroupPlugin
+ds-cfg-enabled: true
+ds-cfg-invoke-for-internal-operations: false
+ds-cfg-plugin-type: postConnect
+ds-cfg-plugin-type: preParseAdd
+ds-cfg-plugin-type: preParseBind
+ds-cfg-plugin-type: preParseCompare
+ds-cfg-plugin-type: preParseDelete
+ds-cfg-plugin-type: preParseExtended
+ds-cfg-plugin-type: preParseModify
+ds-cfg-plugin-type: preParseModifyDn
+ds-cfg-plugin-type: preParseSearch
+ds-cfg-plugin-type: preParseUnbind
+ds-cfg-plugin-type: postResponseBind
+ds-cfg-plugin-type: postResponseExtended
+
+dn: cn=Change Number Control,cn=Plugins,cn=config
+objectClass: top
+objectClass: ds-cfg-plugin
+objectClass: ds-cfg-change-number-control-plugin
+cn: Change Number Control
+ds-cfg-enabled: true
+ds-cfg-plugin-type: postOperationAdd
+ds-cfg-plugin-type: postOperationDelete
+ds-cfg-plugin-type: postOperationModify
+ds-cfg-plugin-type: postOperationModifyDn
+ds-cfg-java-class: org.opends.server.plugins.ChangeNumberControlPlugin
+
+dn: cn=Root DNs,cn=config
+objectClass: top
+objectClass: ds-cfg-root-dn
+cn: Root DNs
+ds-cfg-default-root-privilege-name: bypass-acl
+ds-cfg-default-root-privilege-name: modify-acl
+ds-cfg-default-root-privilege-name: config-read
+ds-cfg-default-root-privilege-name: config-write
+ds-cfg-default-root-privilege-name: ldif-import
+ds-cfg-default-root-privilege-name: ldif-export
+ds-cfg-default-root-privilege-name: backend-backup
+ds-cfg-default-root-privilege-name: backend-restore
+ds-cfg-default-root-privilege-name: server-shutdown
+ds-cfg-default-root-privilege-name: server-restart
+ds-cfg-default-root-privilege-name: disconnect-client
+ds-cfg-default-root-privilege-name: cancel-request
+ds-cfg-default-root-privilege-name: password-reset
+ds-cfg-default-root-privilege-name: update-schema
+ds-cfg-default-root-privilege-name: privilege-change
+ds-cfg-default-root-privilege-name: unindexed-search
+
+dn: cn=Directory Manager,cn=Root DNs,cn=config
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+objectClass: ds-cfg-root-dn-user
+cn: Directory Manager
+givenName: Directory
+sn: Manager
+userPassword: {SSHA512}l1t43vVl7Uh03PpQ2vCsT0B7Q0HTi+tKJmH7tZTmSGaKrMHWHO1czfwEsjMgfbeQoiYQDGDuxolipR0H6ajMu1YHlTjPNG9Z
+ds-cfg-alternate-bind-dn: cn=Directory Manager
+ds-rlim-size-limit: 0
+ds-rlim-time-limit: 0
+ds-rlim-idle-time-limit: 0
+ds-rlim-lookthrough-limit: 0
+ds-pwp-password-policy-dn: cn=Root Password Policy,cn=Password Policies,cn=config
+
+dn: cn=Root DSE,cn=config
+objectClass: top
+objectClass: ds-cfg-root-dse-backend
+cn: Root DSE
+ds-cfg-show-all-attributes: false
+
+dn: cn=SASL Mechanisms,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: SASL Mechanisms
+
+dn: cn=ANONYMOUS,cn=SASL Mechanisms,cn=config
+objectClass: top
+objectClass: ds-cfg-sasl-mechanism-handler
+objectClass: ds-cfg-anonymous-sasl-mechanism-handler
+cn: ANONYMOUS
+ds-cfg-java-class: org.opends.server.extensions.AnonymousSASLMechanismHandler
+ds-cfg-enabled: false
+
+dn: cn=CRAM-MD5,cn=SASL Mechanisms,cn=config
+objectClass: top
+objectClass: ds-cfg-sasl-mechanism-handler
+objectClass: ds-cfg-cram-md5-sasl-mechanism-handler
+cn: CRAM-MD5
+ds-cfg-java-class: org.opends.server.extensions.CRAMMD5SASLMechanismHandler
+ds-cfg-enabled: true
+ds-cfg-identity-mapper: cn=Exact Match,cn=Identity Mappers,cn=config
+
+dn: cn=DIGEST-MD5,cn=SASL Mechanisms,cn=config
+objectClass: top
+objectClass: ds-cfg-sasl-mechanism-handler
+objectClass: ds-cfg-digest-md5-sasl-mechanism-handler
+cn: DIGEST-MD5
+ds-cfg-java-class: org.opends.server.extensions.DigestMD5SASLMechanismHandler
+ds-cfg-enabled: true
+ds-cfg-identity-mapper: cn=Exact Match,cn=Identity Mappers,cn=config
+
+dn: cn=EXTERNAL,cn=SASL Mechanisms,cn=config
+objectClass: top
+objectClass: ds-cfg-sasl-mechanism-handler
+objectClass: ds-cfg-external-sasl-mechanism-handler
+cn: EXTERNAL
+ds-cfg-java-class: org.opends.server.extensions.ExternalSASLMechanismHandler
+ds-cfg-enabled: true
+ds-cfg-certificate-validation-policy: ifpresent
+ds-cfg-certificate-attribute: userCertificate
+ds-cfg-certificate-mapper: cn=Subject Equals DN,cn=Certificate Mappers,cn=config
+
+dn: cn=GSSAPI,cn=SASL Mechanisms,cn=config
+objectClass: top
+objectClass: ds-cfg-sasl-mechanism-handler
+objectClass: ds-cfg-gssapi-sasl-mechanism-handler
+cn: GSSAPI
+ds-cfg-java-class: org.opends.server.extensions.GSSAPISASLMechanismHandler
+ds-cfg-enabled: false
+ds-cfg-identity-mapper: cn=Regular Expression,cn=Identity Mappers,cn=config
+ds-cfg-keytab: /etc/krb5/krb5.keytab
+
+dn: cn=PLAIN,cn=SASL Mechanisms,cn=config
+objectClass: top
+objectClass: ds-cfg-sasl-mechanism-handler
+objectClass: ds-cfg-plain-sasl-mechanism-handler
+cn: PLAIN
+ds-cfg-java-class: org.opends.server.extensions.PlainSASLMechanismHandler
+ds-cfg-enabled: true
+ds-cfg-identity-mapper: cn=Exact Match,cn=Identity Mappers,cn=config
+
+dn: cn=Synchronization Providers,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: Synchronization Providers
+
+dn: cn=Multimaster Synchronization,cn=Synchronization Providers,cn=config
+objectClass: top
+objectClass: ds-cfg-synchronization-provider
+objectClass: ds-cfg-replication-synchronization-provider
+cn: Multimaster Synchronization
+ds-cfg-enabled: true
+ds-cfg-java-class: org.opends.server.replication.plugin.MultimasterReplication
+
+dn: cn=domains,cn=Multimaster Synchronization,cn=Synchronization Providers,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: domains
+
+dn: cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: Syntaxes
+
+dn: cn=Absolute Subtree Specification,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Absolute Subtree Specification
+ds-cfg-java-class: org.opends.server.schema.AbsoluteSubtreeSpecificationSyntax
+ds-cfg-enabled: true
+
+dn: cn=Sun-defined Access Control Information,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Sun-defined Access Control Information
+ds-cfg-java-class: org.opends.server.schema.AciSyntax
+ds-cfg-enabled: true
+
+dn: cn=Attribute Type Description,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+objectClass: ds-cfg-attribute-type-description-attribute-syntax
+cn: Attribute Type Description
+ds-cfg-java-class: org.opends.server.schema.AttributeTypeSyntax
+ds-cfg-enabled: true
+ds-cfg-strip-syntax-min-upper-bound: false
+
+dn: cn=Authentication Password,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Authentiation Password
+ds-cfg-java-class: org.opends.server.schema.AuthPasswordSyntax
+ds-cfg-enabled: true
+
+dn: cn=Binary,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Binary
+ds-cfg-java-class: org.opends.server.schema.BinarySyntax
+ds-cfg-enabled: true
+
+dn: cn=Bit String,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Bit String
+ds-cfg-java-class: org.opends.server.schema.BitStringSyntax
+ds-cfg-enabled: true
+
+dn: cn=Boolean,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Boolean
+ds-cfg-java-class: org.opends.server.schema.BooleanSyntax
+ds-cfg-enabled: true
+
+dn: cn=Certificate,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Certificate
+ds-cfg-java-class: org.opends.server.schema.CertificateSyntax
+ds-cfg-enabled: true
+
+dn: cn=Certificate List,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Certificate List
+ds-cfg-java-class: org.opends.server.schema.CertificateListSyntax
+ds-cfg-enabled: true
+
+dn: cn=Certificate Pair,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Certificate Pair
+ds-cfg-java-class: org.opends.server.schema.CertificatePairSyntax
+ds-cfg-enabled: true
+
+dn: cn=Country String,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Country String
+ds-cfg-java-class: org.opends.server.schema.CountryStringSyntax
+ds-cfg-enabled: true
+
+dn: cn=Delivery Method,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Delivery Method
+ds-cfg-java-class: org.opends.server.schema.DeliveryMethodSyntax
+ds-cfg-enabled: true
+
+dn: cn=Directory String,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+objectClass: ds-cfg-directory-string-attribute-syntax
+cn: Directory String
+ds-cfg-java-class: org.opends.server.schema.DirectoryStringSyntax
+ds-cfg-enabled: true
+ds-cfg-allow-zero-length-values: false
+
+dn: cn=Distinguished Name,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Distinguished Name
+ds-cfg-java-class: org.opends.server.schema.DistinguishedNameSyntax
+ds-cfg-enabled: true
+
+dn: cn=DIT Content Rule Description,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: DIT Content Rule Description
+ds-cfg-java-class: org.opends.server.schema.DITContentRuleSyntax
+ds-cfg-enabled: true
+
+dn: cn=DIT Structure Rule Description,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: DIT Structure Rule Description
+ds-cfg-java-class: org.opends.server.schema.DITStructureRuleSyntax
+ds-cfg-enabled: true
+
+dn: cn=Enhanced Guide,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Enhanced Guide
+ds-cfg-java-class: org.opends.server.schema.EnhancedGuideSyntax
+ds-cfg-enabled: true
+
+dn: cn=Facsimile Telephone Number,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Facsimile Telephone Number
+ds-cfg-java-class: org.opends.server.schema.FaxNumberSyntax
+ds-cfg-enabled: true
+
+dn: cn=Fax,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Fax
+ds-cfg-java-class: org.opends.server.schema.FaxSyntax
+ds-cfg-enabled: true
+
+dn: cn=Generalized Time,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Generalized Time
+ds-cfg-java-class: org.opends.server.schema.GeneralizedTimeSyntax
+ds-cfg-enabled: true
+
+dn: cn=Guide,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Guide
+ds-cfg-java-class: org.opends.server.schema.GuideSyntax
+ds-cfg-enabled: true
+
+dn: cn=IA5 String,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: IA5 String
+ds-cfg-java-class: org.opends.server.schema.IA5StringSyntax
+ds-cfg-enabled: true
+
+dn: cn=Integer,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Integer
+ds-cfg-java-class: org.opends.server.schema.IntegerSyntax
+ds-cfg-enabled: true
+
+dn: cn=JPEG,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: JPEG
+ds-cfg-java-class: org.opends.server.schema.JPEGSyntax
+ds-cfg-enabled: true
+
+dn: cn=LDAP Syntax Description,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: LDAP Syntax Description
+ds-cfg-java-class: org.opends.server.schema.LDAPSyntaxDescriptionSyntax
+ds-cfg-enabled: true
+
+dn: cn=Matching Rule Description,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Matching Rule Description
+ds-cfg-java-class: org.opends.server.schema.MatchingRuleSyntax
+ds-cfg-enabled: true
+
+dn: cn=Matching Rule Use Description,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Matching Rule Use Description
+ds-cfg-java-class: org.opends.server.schema.MatchingRuleUseSyntax
+ds-cfg-enabled: true
+
+dn: cn=Name and Optional UID,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Name and Optional UID
+ds-cfg-java-class: org.opends.server.schema.NameAndOptionalUIDSyntax
+ds-cfg-enabled: true
+
+dn: cn=Name Form Description,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Name Form Description
+ds-cfg-java-class: org.opends.server.schema.NameFormSyntax
+ds-cfg-enabled: true
+
+dn: cn=Numeric String,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Numeric String
+ds-cfg-java-class: org.opends.server.schema.NumericStringSyntax
+ds-cfg-enabled: true
+
+dn: cn=Object Class Description,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Object Class Description
+ds-cfg-java-class: org.opends.server.schema.ObjectClassSyntax
+ds-cfg-enabled: true
+
+dn: cn=Object Identifier,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Object Identifier
+ds-cfg-java-class: org.opends.server.schema.OIDSyntax
+ds-cfg-enabled: true
+
+dn: cn=Octet String,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Octet String
+ds-cfg-java-class: org.opends.server.schema.OctetStringSyntax
+ds-cfg-enabled: true
+
+dn: cn=Other Mailbox,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Other Mailbox
+ds-cfg-java-class: org.opends.server.schema.OtherMailboxSyntax
+ds-cfg-enabled: true
+
+dn: cn=Postal Address,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Postal Address
+ds-cfg-java-class: org.opends.server.schema.PostalAddressSyntax
+ds-cfg-enabled: true
+
+dn: cn=Presentation Address,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Presentation Address
+ds-cfg-java-class: org.opends.server.schema.PresentationAddressSyntax
+ds-cfg-enabled: true
+
+dn: cn=Printable String,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Printable String
+ds-cfg-java-class: org.opends.server.schema.PrintableStringSyntax
+ds-cfg-enabled: true
+
+dn: cn=Protocol Information,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Protocol Information
+ds-cfg-java-class: org.opends.server.schema.ProtocolInformationSyntax
+ds-cfg-enabled: true
+
+dn: cn=Relative Subtree Specification,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Relative Subtree Specification
+ds-cfg-java-class: org.opends.server.schema.RelativeSubtreeSpecificationSyntax
+ds-cfg-enabled: true
+
+dn: cn=Substring Assertion,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Substring Assertion
+ds-cfg-java-class: org.opends.server.schema.SubstringAssertionSyntax
+ds-cfg-enabled: true
+
+dn: cn=Subtree Specification,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Subtree Specification
+ds-cfg-java-class: org.opends.server.schema.RFC3672SubtreeSpecificationSyntax
+ds-cfg-enabled: true
+
+dn: cn=Supported Algorithm,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Supported Algorithm
+ds-cfg-java-class: org.opends.server.schema.SupportedAlgorithmSyntax
+ds-cfg-enabled: true
+
+dn: cn=Telephone Number,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+objectClass: ds-cfg-telephone-number-attribute-syntax
+cn: Telephone Number
+ds-cfg-java-class: org.opends.server.schema.TelephoneNumberSyntax
+ds-cfg-enabled: true
+ds-cfg-strict-format: false
+
+dn: cn=Teletex Terminal Identifier,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Teletex Terminal Identifier
+ds-cfg-java-class: org.opends.server.schema.TeletexTerminalIdentifierSyntax
+ds-cfg-enabled: true
+
+dn: cn=Telex Number,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: Telex Number
+ds-cfg-java-class: org.opends.server.schema.TelexNumberSyntax
+ds-cfg-enabled: true
+
+dn: cn=UTC Time,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: UTC Time
+ds-cfg-java-class: org.opends.server.schema.UTCTimeSyntax
+ds-cfg-enabled: true
+
+dn: cn=User Password,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: User Password
+ds-cfg-java-class: org.opends.server.schema.UserPasswordSyntax
+ds-cfg-enabled: true
+
+dn: cn=UUID,cn=Syntaxes,cn=config
+objectClass: top
+objectClass: ds-cfg-attribute-syntax
+cn: UUID
+ds-cfg-java-class: org.opends.server.schema.UUIDSyntax
+ds-cfg-enabled: true
+
+dn: cn=Trust Manager Providers,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: Trust Manager Providers
+
+dn: cn=Blind Trust,cn=Trust Manager Providers,cn=config
+objectClass: top
+objectClass: ds-cfg-trust-manager-provider
+objectClass: ds-cfg-blind-trust-manager-provider
+cn: Blind Trust
+ds-cfg-java-class: org.opends.server.extensions.BlindTrustManagerProvider
+ds-cfg-enabled: false
+
+dn: cn=JKS,cn=Trust Manager Providers,cn=config
+objectClass: top
+objectClass: ds-cfg-trust-manager-provider
+objectClass: ds-cfg-file-based-trust-manager-provider
+cn: JKS
+ds-cfg-java-class: org.opends.server.extensions.FileBasedTrustManagerProvider
+ds-cfg-enabled: false
+ds-cfg-trust-store-type: JKS
+ds-cfg-trust-store-file: config/truststore
+
+dn: cn=PKCS12,cn=Trust Manager Providers,cn=config
+objectClass: top
+objectClass: ds-cfg-trust-manager-provider
+objectClass: ds-cfg-file-based-trust-manager-provider
+cn: PKCS12
+ds-cfg-java-class: org.opends.server.extensions.FileBasedTrustManagerProvider
+ds-cfg-enabled: false
+ds-cfg-trust-store-type: PKCS12
+ds-cfg-trust-store-file: config/truststore.p12
+
+dn: cn=Virtual Attributes,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: Virtual Attributes
+
+dn: cn=entryDN,cn=Virtual Attributes,cn=config
+objectClass: top
+objectClass: ds-cfg-virtual-attribute
+objectClass: ds-cfg-entry-dn-virtual-attribute
+cn: entryDN
+ds-cfg-java-class: org.opends.server.extensions.EntryDNVirtualAttributeProvider
+ds-cfg-enabled: true
+ds-cfg-attribute-type: entryDN
+ds-cfg-conflict-behavior: virtual-overrides-real
+
+dn: cn=entryUUID,cn=Virtual Attributes,cn=config
+objectClass: top
+objectClass: ds-cfg-virtual-attribute
+objectClass: ds-cfg-entry-uuid-virtual-attribute
+cn: entryUUIUD
+ds-cfg-java-class: org.opends.server.extensions.EntryUUIDVirtualAttributeProvider
+ds-cfg-enabled: true
+ds-cfg-attribute-type: entryUUID
+ds-cfg-conflict-behavior: real-overrides-virtual
+
+dn: cn=hasSubordinates,cn=Virtual Attributes,cn=config
+objectClass: top
+objectClass: ds-cfg-virtual-attribute
+objectClass: ds-cfg-has-subordinates-virtual-attribute
+cn: hasSubordinates
+ds-cfg-java-class: org.opends.server.extensions.HasSubordinatesVirtualAttributeProvider
+ds-cfg-enabled: true
+ds-cfg-attribute-type: hasSubordinates
+ds-cfg-conflict-behavior: virtual-overrides-real
+
+dn: cn=isMemberOf,cn=Virtual Attributes,cn=config
+objectClass: top
+objectClass: ds-cfg-virtual-attribute
+objectClass: ds-cfg-is-member-of-virtual-attribute
+cn: isMemberOf
+ds-cfg-java-class: org.opends.server.extensions.IsMemberOfVirtualAttributeProvider
+ds-cfg-enabled: true
+ds-cfg-attribute-type: isMemberOf
+ds-cfg-filter: (objectClass=person)
+ds-cfg-conflict-behavior: virtual-overrides-real
+
+dn: cn=numSubordinates,cn=Virtual Attributes,cn=config
+objectClass: top
+objectClass: ds-cfg-virtual-attribute
+objectClass: ds-cfg-num-subordinates-virtual-attribute
+cn: numSubordinates
+ds-cfg-java-class: org.opends.server.extensions.NumSubordinatesVirtualAttributeProvider
+ds-cfg-enabled: true
+ds-cfg-attribute-type: numSubordinates
+ds-cfg-conflict-behavior: virtual-overrides-real
+
+dn: cn=subschemaSubentry,cn=Virtual Attributes,cn=config
+objectClass: top
+objectClass: ds-cfg-virtual-attribute
+objectClass: ds-cfg-subschema-subentry-virtual-attribute
+cn: subschemaSubentry
+ds-cfg-java-class: org.opends.server.extensions.SubschemaSubentryVirtualAttributeProvider
+ds-cfg-enabled: true
+ds-cfg-attribute-type: subschemaSubentry
+ds-cfg-conflict-behavior: virtual-overrides-real
+
+dn: cn=Virtual Static member,cn=Virtual Attributes,cn=config
+objectClass: top
+objectClass: ds-cfg-virtual-attribute
+objectClass: ds-cfg-member-virtual-attribute
+cn: Virtual Static member
+ds-cfg-java-class: org.opends.server.extensions.MemberVirtualAttributeProvider
+ds-cfg-enabled: true
+ds-cfg-attribute-type: member
+ds-cfg-conflict-behavior: virtual-overrides-real
+ds-cfg-filter: (&(objectClass=groupOfNames)(objectClass=ds-virtual-static-group))
+ds-cfg-allow-retrieving-membership: false
+
+dn: cn=Virtual Static uniqueMember,cn=Virtual Attributes,cn=config
+objectClass: top
+objectClass: ds-cfg-virtual-attribute
+objectClass: ds-cfg-member-virtual-attribute
+cn: Virtual Static uniqueMember
+ds-cfg-java-class: org.opends.server.extensions.MemberVirtualAttributeProvider
+ds-cfg-enabled: true
+ds-cfg-attribute-type: uniqueMember
+ds-cfg-conflict-behavior: virtual-overrides-real
+ds-cfg-filter: (&(objectClass=groupOfUniqueNames)(objectClass=ds-virtual-static-group))
+ds-cfg-allow-retrieving-membership: false
+
+dn: cn=Work Queue,cn=config
+objectClass: top
+objectClass: ds-cfg-work-queue
+objectClass: ds-cfg-traditional-work-queue
+cn: Work Queue
+ds-cfg-java-class: org.opends.server.extensions.TraditionalWorkQueue
+ds-cfg-max-work-queue-capacity: 0
+
+dn: cn=Administration Connector,cn=config
+objectClass: top
+objectClass: ds-cfg-administration-connector
+cn: Administration Connector
+ds-cfg-listen-address: 0.0.0.0
+ds-cfg-listen-port: 4444
+ds-cfg-ssl-cert-nickname: admin-cert
+ds-cfg-key-manager-provider: cn=Administration,cn=Key Manager Providers,cn=config
+ds-cfg-trust-manager-provider: cn=Administration,cn=Trust Manager Providers,cn=config
+
+dn: cn=Administration,cn=Key Manager Providers,cn=config
+objectClass: top
+objectClass: ds-cfg-key-manager-provider
+objectClass: ds-cfg-file-based-key-manager-provider
+cn: Administration
+ds-cfg-java-class: org.opends.server.extensions.FileBasedKeyManagerProvider
+ds-cfg-enabled: true
+ds-cfg-key-store-type: JKS
+ds-cfg-key-store-file: config/admin-keystore
+ds-cfg-key-store-pin-file: config/admin-keystore.pin
+
+dn: cn=Administration,cn=Trust Manager Providers,cn=config
+objectClass: top
+objectClass: ds-cfg-trust-manager-provider
+objectClass: ds-cfg-file-based-trust-manager-provider
+cn: Administration
+ds-cfg-java-class: org.opends.server.extensions.FileBasedTrustManagerProvider
+ds-cfg-enabled: true
+ds-cfg-trust-store-type: JKS
+ds-cfg-trust-store-file: config/admin-truststore
+
+dn: cn=Extensions,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: Extensions
+
+dn: cn=Network Groups,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: Network Groups
+
+dn: cn=Workflows,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: Workflows
+
+dn: cn=Workflow Elements,cn=config
+objectClass: top
+objectClass: ds-cfg-branch
+cn: Workflow Elements
+
+
+dn: cn=SNMP Connection Handler,cn=Connection Handlers,cn=config
+objectClass: top
+objectClass: ds-cfg-connection-handler
+objectClass: ds-cfg-snmp-connection-handler
+cn: SNMP Connection Handler
+ds-cfg-java-class: org.opends.server.snmp.SNMPConnectionHandler
+ds-cfg-enabled: false
+ds-cfg-trap-port: 162
+ds-cfg-listen-port: 161
+ds-cfg-listen-address: 0.0.0.0
+
--- /dev/null
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Copyright 2008 Sun Microsystems, Inc.
+#
+#
+
+#
+# This file contains the java properties that the different command lines will
+# use when launched. You can specify the location of the java binaries to be
+# used and the java arguments to be passed to the command line.
+# For instance you can specify to use the -server argument for the start-ds
+# command with an initial heap size of 256 Mb by setting
+# start-ds.java-args=-server -Xms256m
+# (the example assumes that the Java virtual machine supports those options).
+#
+# To set the java virtual machine to be used for a given command-line you must
+# set the property <command-line-name>.java-home and to specify java arguments
+# you must set the property <command-line-name>.java-args.
+#
+# There are certain command-lines (import-ldif, export-ldif, backup, restore)
+# that can work on two modes: online and offline. When they run in online mode
+# (the server is running and the user specifies LDAP parameters to launch the
+# operation) the operation is not actually performed in the Java Virtual Machine
+# of the command-line but on the server side. This is why when launching these
+# command-lines on online-mode it is preferred to use the -client argument for
+# the java virtual machine (and even limit the maximum size of the heap).
+# However when these command-lines are launched in offline mode it is
+# recommended to use the -server argument to launch the command-line.
+# This is the reason why you can specify different java properties for both
+# modes (for instance import-ldif.offline.java-args and
+# import-ldif.online.java-args).
+#
+# IMPORTANT NOTE: Once you have modified this file and set the java properties
+# that you want the command-lines to use you must run the command-line
+# bin/dsjavaproperties for the different scripts to be updated with the
+# specified settings.
+#
+# Examples:
+# Specify to overwrite the content of the environment variable OPENDS_JAVA_HOME
+# (i.e. the contents of this properties file for the java home will be analyzed
+# before checking whether OPENDS_JAVA_HOME is specified in the environment):
+# overwrite-env-java-home=true
+#
+# Specify to overwrite the content of the environment variable OPENDS_JAVA_ARGS
+# (i.e. the contents of this properties file for the java args will be analyzed
+# before checking whether OPENDS_JAVA_ARGS is specified in the environment):
+# overwrite-env-java-args=true
+#
+# Specify to use a particular Java Virtual Machine for the offline import:
+# import-ldif.offline.java-home=/usr/jdk1.7
+#
+# Specify to use -client argument when running dsconfig:
+# dsconfig.java-args=-client
+#
+# Specify to use -server argument when running import-ldif on server mode:
+# import-ldif.offline.java-args=-server
+#
+# Specify to use the java home for all the command-lines that have not
+# an associated property defined:
+# default.java-home=/usr/jdk1.5
+#
+# Specify to use the -client argument for all the command-lines that have not
+# an associated property defined:
+# default.java-args=-client
+
--- /dev/null
+dn: <%= opends_base_dn %>\r
+objectClass: domain\r
+objectClass: top\r
+dc: <%= (opends_base_dn).match(/dc=([^,]+)/).to_a[1] %>\r
+\r
+dn: ou=users,<%= opends_base_dn %>\r
+objectClass: organizationalUnit\r
+objectClass: top\r
+ou: users\r
+\r
+dn: uid=<%= admin_account %>,ou=users,<%= opends_base_dn %>\r
+objectClass: person\r
+objectClass: inetOrgPerson\r
+objectClass: organizationalPerson\r
+objectClass: top\r
+uid: <%= admin_account %>\r
+userPassword: <%= admin_password %>\r
+mail: <%= admin_mail %>\r
+givenName: <%= admin_first_name %>\r
+cn: <%= admin_last_name %>\r
+sn: <%= admin_last_name %>\r
+ds-privilege-name: bypass-acl\r
+ds-privilege-name: modify-acl\r
+ds-privilege-name: config-read\r
+ds-privilege-name: config-write\r
+ds-privilege-name: jmx-read\r
+ds-privilege-name: jmx-write\r
+ds-privilege-name: jmx-notify\r
+ds-privilege-name: ldif-import\r
+ds-privilege-name: ldif-export\r
+ds-privilege-name: backend-backup\r
+ds-privilege-name: backend-restore\r
+ds-privilege-name: server-shutdown\r
+ds-privilege-name: server-restart\r
+ds-privilege-name: proxied-auth\r
+ds-privilege-name: disconnect-client\r
+ds-privilege-name: cancel-request\r
+ds-privilege-name: unindexed-search\r
+ds-privilege-name: password-reset\r
+ds-privilege-name: data-sync\r
+ds-privilege-name: update-schema\r
+ds-privilege-name: privilege-change\r
+\r
--- /dev/null
+setup.baseDN=<%= opends_base_dn %>\r
+setup.ldifFile=<%= opends_root %>/import.ldif\r
+setup.ldapPort=<%= opends_port %>\r
+setup.adminConnectorPort=<%= opends_admin_port %>\r
+setup.rootUserDN=<%= opends_manager_dn %>\r
+setup.rootUserPassword=<%= opends_manager_password %>\r
--- /dev/null
+# Outgoing email settings\r
+\r
+production:\r
+ delivery_method: :smtp\r
+ smtp_settings:\r
+ address: <%= smtp_host %>\r
+ port: <%= smtp_port %>\r
+ domain: <%= smtp_domain %>\r
+<%= "#" unless smtp_auth %> authentication: :login\r
+<%= "#" unless smtp_auth %> user_name: <%= smtp_user %>\r
+<%= "#" unless smtp_auth %> password: <%= smtp_password %>\r
OSDN Git Service
