ldap-olslapd.xml revision 5909
120N/A<?xml version="1.0"?>
120N/A<!--
120N/A-->
120N/A
120N/A<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
120N/A<!--
120N/A Copyright (c) 2007, 2016, Oracle and/or its affiliates. All rights reserved.
120N/A-->
120N/A
120N/A<service_bundle type='manifest' name='SUNWopenldapr:slapd'>
120N/A
120N/A<service
120N/A name='network/ldap/server'
120N/A type='service'
120N/A version='1'>
120N/A
120N/A <!--
120N/A Because we may have multiple instances of network/http
120N/A provided by different implementations, we keep dependencies
120N/A and methods within the instance.
120N/A -->
120N/A
1392N/A <instance name='openldap' enabled='false'>
120N/A <!--
120N/A Wait for network interfaces to be initialized.
120N/A -->
120N/A <dependency name='network'
120N/A grouping='require_all'
120N/A restart_on='error'
618N/A type='service'>
120N/A <service_fmri value='svc:/milestone/network:default'/>
120N/A </dependency>
844N/A
844N/A <!--
120N/A Wait for all local filesystems to be mounted.
1258N/A -->
120N/A <dependency name='filesystem-local'
120N/A grouping='require_all'
120N/A restart_on='none'
120N/A type='service'>
120N/A <service_fmri
486N/A value='svc:/system/filesystem/local:default'/>
486N/A </dependency>
120N/A
120N/A <exec_method
120N/A type='method'
120N/A name='start'
1392N/A exec='/lib/svc/method/ldap-olslapd start'
1392N/A timeout_seconds='60'>
1392N/A <method_context>
181N/A <method_credential
120N/A user='openldap'
120N/A group='openldap'
181N/A privileges='basic,{net_privaddr}:389/tcp,{net_privaddr}:636/tcp' />
120N/A </method_context>
181N/A </exec_method>
181N/A
181N/A <exec_method
120N/A type='method'
120N/A name='stop'
120N/A exec='/lib/svc/method/ldap-olslapd stop %{restarter/contract}'
120N/A timeout_seconds='60' />
<property_group name='general' type='framework'>
<!-- start and stop "init" instance -->
<propval name='action_authorization' type='astring'
value='solaris.smf.manage.name-service.ldap.server' />
<propval name='value_authorization' type='astring'
value='solaris.smf.value.name-service.ldap.server' />
</property_group>
<property_group name='config' type='application'>
<propval name='value_authorization' type='astring'
value='solaris.smf.value.name-service.ldap.server' />
<property name='urls' type='astring'>
<astring_list>
<value_node value='ldap:///' />
<value_node value='ldaps:///' />
<value_node value='ldapi:///' />
</astring_list>
</property>
</property_group>
<property_group name='cred' type='application'>
<stability value='Evolving'/>
<propval name='read_authorization' type='astring'
value='solaris.smf.read.name-service.ldap.server' />
<propval name='value_authorization' type='astring'
value='solaris.smf.value.name-service.ldap.server' />
<propval name='backend_passwd' type='astring' value=''/>
<propval name='admin_passwd' type='astring' value=''/>
<propval name='proxy_passwd' type='astring' value=''/>
<propval name='backend_cn' type='astring' value='Manager'/>
<propval name='admin_cn' type='astring' value='admin'/>
<propval name='proxy_cn' type='astring' value='proxyagent'/>
</property_group>
<property_group name='profile' type='application'>
<property_group name='default' type='application'>
<propval name='server_list' type='astring' value='' />
<propval name='search_base' type='astring' value='dc=example,dc=com' />
<propval name='search_scope' type='astring' value='one' />
<propval name='credential_level' type='astring' value='proxy' />
<propval name='authentication_method' type='astring' value='tls:simple' />
<property name='service_search_descriptor' type='astring'>
<astring_list>
<value_node value='' />
</astring_list>
</property>
<propval name='value_authorization' type='astring'
value='solaris.smf.value.name-service.ldap.server' />
</property_group>
</property_group>
<template>
<common_name>
<loctext xml:lang='C'>
slapd - OpenLDAP LDAP server
</loctext>
</common_name>
<description>
<loctext xml:lang='C'>
OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol
</loctext>
</description>
<documentation>
<manpage title='slapd' section='8oldap'
manpath='/usr/share/man' />
<doc_link name='openldap.org'
uri='http://www.openldap.org' />
</documentation>
<pg_pattern name='config' type='application'
target='this' required='true'>
<description> <loctext xml:lang='C'>
LDAP Name Service configuration data.
</loctext> </description>
<prop_pattern name='urls' type='astring'
required='true'>
<description> <loctext xml:lang='C'>
Hostname and Port
</loctext> </description>
<cardinality min='1'/>
</prop_pattern>
</pg_pattern>
<pg_pattern name='cred' type='application'
target='this' required='true'>
<description> <loctext xml:lang='C'>
LDAP Name Service credential data.
</loctext> </description>
<prop_pattern name='backend_passwd' type='astring'
required='true'>
<description> <loctext xml:lang='C'>
Backend Password
</loctext> </description>
<cardinality min='1' max='1'/>
</prop_pattern>
<prop_pattern name='admin_passwd' type='astring'
required='true'>
<description> <loctext xml:lang='C'>
Admin Password
</loctext> </description>
<cardinality min='1' max='1'/>
</prop_pattern>
<prop_pattern name='proxy_passwd' type='astring'
required='true'>
<description> <loctext xml:lang='C'>
Proxy Password
</loctext> </description>
<cardinality min='1' max='1'/>
</prop_pattern>
<prop_pattern name='backend_cn' type='astring'
required='true'>
<description> <loctext xml:lang='C'>
Backend Common Name
</loctext> </description>
<cardinality min='1' max='1'/>
</prop_pattern>
<prop_pattern name='admin_cn' type='astring'
required='true'>
<description> <loctext xml:lang='C'>
Admin Common Name
</loctext> </description>
<cardinality min='1' max='1'/>
</prop_pattern>
<prop_pattern name='proxy_cn' type='astring'
required='true'>
<description> <loctext xml:lang='C'>
Proxy Common Name
</loctext> </description>
<cardinality min='1' max='1'/>
</prop_pattern>
</pg_pattern>
<pg_pattern name='profile' type='application'
target='this' required='true'>
<description> <loctext xml:lang='C'>
LDAP Name Service profile data.
</loctext> </description>
</pg_pattern>
<pg_pattern name='default' type='application'
target='this' required='false'>
<description> <loctext xml:lang='C'>
LDAP Name Service default profile data.
</loctext> </description>
<prop_pattern name='server_list' type='astring'
required='false'>
<description> <loctext xml:lang='C'>
Server List
</loctext> </description>
<cardinality min='1'/>
</prop_pattern>
<prop_pattern name='search_base' type='astring'
required='true'>
<description> <loctext xml:lang='C'>
Search Base
</loctext> </description>
<cardinality min='1' max='1'/>
</prop_pattern>
<prop_pattern name='search_scope' type='astring'
required='false'>
<description> <loctext xml:lang='C'>
Search Scope
</loctext> </description>
<cardinality min='1' max='1'/>
<constraints>
<value name='base'>
<description> <loctext xml:lang='C'>
Search base DN
</loctext> </description>
</value>
<value name='one'>
<description> <loctext xml:lang='C'>
Search one-level
</loctext> </description>
</value>
<value name='sub'>
<description> <loctext xml:lang='C'>
Search Subtree
</loctext> </description>
</value>
</constraints>
<choices>
<value name='base'/>
<value name='one'/>
<value name='sub'/>
</choices>
</prop_pattern>
<prop_pattern name='credential_level' type='astring'
required='false'>
<description> <loctext xml:lang='C'>
Credential Level(s)
</loctext> </description>
<cardinality min='1'/>
<constraints>
<value name='anonymous'>
<description> <loctext xml:lang='C'>
Anonymous - No bind
</loctext> </description>
</value>
<value name='proxy'>
<description> <loctext xml:lang='C'>
Proxy - Bind with auth method and credentials
</loctext> </description>
</value>
<value name='self'>
<description> <loctext xml:lang='C'>
Self - Bind using Kerberos credentials (sasl/GSSAPI)
</loctext> </description>
</value>
</constraints>
<choices>
<value name='anonymous'/>
<value name='proxy'/>
<value name='self'/>
</choices>
</prop_pattern>
<prop_pattern name='authentication_method' type='astring'
required='false'>
<description> <loctext xml:lang='C'>
Authentication Method(s)
</loctext> </description>
<cardinality min='1'/>
<constraints>
<value name='none'>
<description> <loctext xml:lang='C'>
no authentication
</loctext> </description>
</value>
<value name='simple'>
<description> <loctext xml:lang='C'>
simple authentication
</loctext> </description>
</value>
<value name='sasl/CRAM-MD5'>
<description> <loctext xml:lang='C'>
sasl/CRAM-MD5 authentication
</loctext> </description>
</value>
<value name='sasl/DIGEST-MD5'>
<description> <loctext xml:lang='C'>
sasl/DIGEST-MD5 authentication
</loctext> </description>
</value>
<value name='sasl/DIGEST-MD5:auth-int'>
<description> <loctext xml:lang='C'>
sasl/DIGEST-MD5:auth-int authentication
</loctext> </description>
</value>
<value name='sasl/DIGEST-MD5:auth-conf'>
<description> <loctext xml:lang='C'>
sasl/DIGEST-MD5:auth-conf authentication
</loctext> </description>
</value>
<value name='sasl/EXTERNAL'>
<description> <loctext xml:lang='C'>
sasl/EXTERNAL authentication
</loctext> </description>
</value>
<value name='sasl/GSSAPI'>
<description> <loctext xml:lang='C'>
sasl/GSSAPI authentication
</loctext> </description>
</value>
<value name='tls:none'>
<description> <loctext xml:lang='C'>
tls:none authentication
</loctext> </description>
</value>
<value name='tls:simple'>
<description> <loctext xml:lang='C'>
tls:simple authentication
</loctext> </description>
</value>
<value name='tls:sasl/CRAM-MD5'>
<description> <loctext xml:lang='C'>
tls:sasl/CRAM-MD5 authentication
</loctext> </description>
</value>
<value name='tls:sasl/DIGEST-MD5'>
<description> <loctext xml:lang='C'>
tls:sasl/DIGEST-MD5 authentication
</loctext> </description>
</value>
<value name='tls:sasl/DIGEST-MD5:auth-int'>
<description> <loctext xml:lang='C'>
tls:sasl/DIGEST-MD5:auth-int authentication
</loctext> </description>
</value>
<value name='tls:sasl/DIGEST-MD5:auth-conf'>
<description> <loctext xml:lang='C'>
tls:sasl/DIGEST-MD5:auth-conf authentication
</loctext> </description>
</value>
<value name='tls:sasl/EXTERNAL'>
<description> <loctext xml:lang='C'>
tls:sasl/EXTERNAL authentication
</loctext> </description>
</value>
<value name='tls:sasl/GSSAPI'>
<description> <loctext xml:lang='C'>
tls:sasl/GSSAPI authentication
</loctext> </description>
</value>
</constraints>
<choices>
<value name='none'/>
<value name='simple'/>
<value name='sasl/CRAM-MD5'/>
<value name='sasl/DIGEST-MD5'/>
<value name='sasl/DIGEST-MD5:auth-int'/>
<value name='sasl/DIGEST-MD5:auth-conf'/>
<value name='sasl/EXTERNAL'/>
<value name='sasl/GSSAPI'/>
<value name='tls:none'/>
<value name='tls:simple'/>
<value name='tls:sasl/CRAM-MD5'/>
<value name='tls:sasl/DIGEST-MD5'/>
<value name='tls:sasl/DIGEST-MD5:auth-int'/>
<value name='tls:sasl/DIGEST-MD5:auth-conf'/>
<value name='tls:sasl/EXTERNAL'/>
<value name='tls:sasl/GSSAPI'/>
</choices>
</prop_pattern>
<prop_pattern name='service_search_descriptor' type='astring'
required='false'>
<description> <loctext xml:lang='C'>
Service Search Descriptor(s)
</loctext> </description>
<cardinality min='1'/>
</prop_pattern>
</pg_pattern>
</template>
</instance>
<stability value='Evolving' />
</service>
</service_bundle>