##
## configuration file for openldap backups 
##
## If the method is set to "slapcat", the LDIFs generated are
## suitable for use with slapadd. As the entries are in database
## order, not superior first order, they cannot be loaded with
## ldapadd without being reordered.
##

## backupdir (default /var/backups/ldap): the destination for the backups
# backupdir = /var/backups/ldap

## conf (default /etc/ldap/slapd.conf): the location of the slapd.conf file.
# conf = /etc/ldap/slapd.conf

## databases (default all): either a space separated list of database
## numbers or prefixes, or the keyword 'all'.
# databases = all

## compress (default yes): if set to yes, ldif exports are gzipped.
# compress = yes

## restart (default no): if set to yes, slapd is stopped before backups are
## performed, and then started again after they have finished, this is necessary
## if your backend is ldbm and your method is slapcat, but unnecessary otherwise.
# restart = no

## method (default ldapsearch): either 'ldapsearch' or 'slapcat' 
## ldapsearch is the safer method to do backups, but is slow, slapcat
## is much faster, but should not be done on an ldbm backend unless you have
## restart set to yes
## NOTE: with the ldapsearch method passwordfile and binddn need to be set
# method = ldapsearch

## passwordfile (no default): this should be set to the file that contains 
## your ldap password, this is required for ldapsearch and not needed for slapcat
## this file should have no newlines in it, echo -n "password" > passfile works.
## NOTE: be sure to set the permissions on your password file appropriately
## (hint: world readable is not appropriate)
# passwordfile = 

## binddn (no default): set this to the DN of the user that the ldapsearch binds
## to, not needed for slapcat
# binddn =

## ldaphost (no default): set this to your ldap host if it is not local
# ldaphost =

## tls (default yes): if set to 'yes' then TLS connection will be
## attempted to your ldaphost by using the URI base ldaps: otherwise ldap: will be used
# tls = yes