#
# Global Directives
#
#
access to dn.base="" by * read
access to dn.base="dc=purdue,dc=edu"
by * read
#######################################################################
# Meta directory rules for cn=users,dc=purdue,dc=edu
#######################################################################
database meta
lastmod off
suffix "dc=purdue,dc=edu"
#
# Rewrite rules for user authentication against I2A2
#
uri "ldaps://dbm.i2a2.purdue.edu:636/cn=users,dc=purdue,dc=edu"
suffixmassage "cn=users,dc=purdue,dc=edu" "ou=authenticate,dc=purdue,dc=edu"
map objectclass * *
map attribute employeeNumber puid
#
# Local Access Rules
#
access to dn.subtree="cn=users,dc=purdue,dc=edu"
by * read
by anonymous auth