Commit a5897b04 authored by Quanah Gibson-Mount's avatar Quanah Gibson-Mount
Browse files

ITS#8444 - Add regression test

parent 11f22832
#! /bin/sh
# $OpenLDAP$
## This work is part of OpenLDAP Software <http://www.openldap.org/>.
##
## Copyright 1998-2016 The OpenLDAP Foundation.
## All rights reserved.
##
## Redistribution and use in source and binary forms, with or without
## modification, are permitted only as authorized by the OpenLDAP
## Public License.
##
## A copy of this license is available in the file LICENSE in the
## top-level directory of the distribution or, alternatively, at
## <http://www.OpenLDAP.org/license.html>.
echo "running defines.sh"
. $SRCDIR/scripts/defines.sh
if test $SYNCPROV = syncprovno; then
echo "Syncrepl provider overlay not available, test skipped"
exit 0
fi
if test $ACCESSLOG = accesslogno; then
echo "Accesslog overlay not available, test skipped"
exit 0
fi
if test $DYNLIST = dynlistno; then
echo "Accesslog overlay not available, test skipped"
exit 0
fi
if test $MEMBEROF = memberofno; then
echo "Memberof overlay not available, test skipped"
exit 0
fi
if test $BACKEND = ldif ; then
# Onelevel search does not return entries in order of creation or CSN.
echo "$BACKEND backend unsuitable for syncprov logdb, test skipped"
exit 0
fi
echo "This test tracks a case where changes are incorrectly skipped"
echo "See http://www.openldap.org/its/index.cgi/?findid=8444 for more information."
MMR=4
XDIR=$TESTDIR/srv
mkdir -p $TESTDIR
$SLAPPASSWD -g -n >$CONFIGPWF
ITS=8444
ITSDIR=$DATADIR/regressions/its$ITS
echo "Initializing server configurations..."
n=1
while [ $n -le $MMR ]; do
DBDIR=${XDIR}$n/db
CFDIR=${XDIR}$n/slapd.d
mkdir -p ${XDIR}$n $DBDIR.1 $DBDIR.2 $CFDIR
. $CONFFILTER $BACKEND $MONITORDB < $ITSDIR/slapd-provider${n}.ldif > $CONFLDIF
$SLAPADD -F $CFDIR -n 0 -l $CONFLDIF
n=`expr $n + 1`
done
KILLPIDS=
n=1
while [ $n -le $MMR ]; do
MYURI=`eval echo '$URI'$n`
MYLOG=`eval echo '$LOG'$n`
CFDIR=${XDIR}$n/slapd.d
echo "Starting provider slapd on TCP/IP URI $MYURI"
$SLAPD -F $CFDIR -h $MYURI -d $LVL $TIMING > $MYLOG 2>&1 &
PID=$!
if test $WAIT != 0 ; then
echo PID $PID
read foo
fi
KILLPIDS="$PID $KILLPIDS"
sleep 1
echo "Using ldapsearch to check that provider slapd is running..."
for i in 0 1 2 3 4 5; do
$LDAPSEARCH -s base -b "" -H $MYURI \
'objectclass=*' > /dev/null 2>&1
RC=$?
if test $RC = 0 ; then
break
fi
echo "Waiting 5 seconds for slapd to start..."
sleep 5
done
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
n=`expr $n + 1`
done
echo "Populating database on first provider..."
$LDAPADD -D $MANAGERDN -H $URI1 -w $PASSWD << EOMODS >> $TESTOUT 2>&1
dn: $BASEDN
objectClass: organization
objectClass: dcObject
o: Example, Inc.
dc: example
dn: ou=People,$BASEDN
objectClass: organizationalUnit
ou: People
dn: ou=Groups,$BASEDN
objectClass: organizationalUnit
ou: Groups
dn: cn=Roger Rabbit,ou=People,$BASEDN
objectClass: inetOrgPerson
cn: Roger Rabbit
sn: Rabbit
dn: cn=Baby Herman,ou=People,$BASEDN
objectClass: inetOrgPerson
cn: Baby Herman
sn: Herman
dn: cn=Jessica_Rabbit,ou=People,$BASEDN
objectClass: inetOrgPerson
cn: Jessica_Rabbit
sn: Rabbit
dn: cn=Bugs_Bunny,ou=People,$BASEDN
objectClass: inetOrgPerson
cn: Bugs_Bunny
sn: Bunny
dn: cn=Daffy_Duck,ou=People,$BASEDN
objectClass: inetOrgPerson
cn: Daffy_Duck
sn: Duck
dn: cn=Elmer_Fudd,ou=People,$BASEDN
objectClass: inetOrgPerson
cn: Elmer_Fudd
sn: Fudd
dn: cn=Cartoonia,ou=Groups,$BASEDN
objectClass: groupOfNames
cn: Cartoonia
member: cn=Roger Rabbit,ou=People,$BASEDN
member: cn=Baby Herman,ou=People,$BASEDN
EOMODS
RC=$?
if test $RC != 0 ; then
echo "ldapadd failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Sleeping 10 seconds to allow replication to initiate..."
sleep 10
echo "Looping 50 times adding and deleting members to the Cartoonia group..."
modloop=1
while [ $modloop -le 50 ]; do
echo "Adding new members to the group (${modloop}/50)..."
$LDAPMODIFY -H $URI1 \
-D "cn=Manager,$BASEDN" -w $PASSWD \
>> $TESTOUT 2>&1 << EOF
dn: cn=Cartoonia,ou=Groups,$BASEDN
changetype: modify
add: member
member: cn=Jessica_Rabbit,ou=People,$BASEDN
member: cn=Elmer_Fudd,ou=People,$BASEDN
member: cn=Daffy_Duck,ou=People,$BASEDN
member: cn=Bugs_Bunny,ou=People,$BASEDN
EOF
sleep 3
echo "Deleting new members from the group..."
$LDAPMODIFY -H $URI1 \
-D "cn=Manager,$BASEDN" -w $PASSWD \
>> $TESTOUT 2>&1 << EOF
dn: cn=Cartoonia,ou=Groups,$BASEDN
changetype: modify
delete: member
member: cn=Jessica_Rabbit,ou=People,$BASEDN
member: cn=Elmer_Fudd,ou=People,$BASEDN
member: cn=Daffy_Duck,ou=People,$BASEDN
member: cn=Bugs_Bunny,ou=People,$BASEDN
EOF
sleep 3
echo "Searching new members to see if they still have memberOf present..."
TOON1="cn=Jessica_Rabbit,ou=People,$BASEDN"
TOON2="cn=Elmer_Fudd,ou=People,$BASEDN"
TOON3="cn=Daffy_Duck,ou=People,$BASEDN"
TOON4="cn=Bugs_Bunny,ou=People,$BASEDN"
for member in $TOON1 $TOON2 $TOON3 $TOON4; do
n=1
while [ $n -le $MMR ]; do
>$SEARCHOUT
echo "# Searching member $member after removal from Cartoonia group, provider $n" >> $SEARCHOUT
MYURI=`eval echo '$URI'$n`
$LDAPSEARCH -S "" -b "$member" -s base -H $MYURI -D "cn=manager,$BASEDN" -w $PASSWD \
'(objectClass=*)' 'memberOf' >> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
grep "memberOf:" $SEARCHOUT >/dev/null 2>&1
RC=$?
if test $RC != 1 ; then
echo "User delete failed on one or more consumer."
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
n=`expr $n + 1`
done
done
modloop=`expr $modloop + 1`
done
echo "Looping 50 times deleting and adding Cartoonia group..."
modloop=1
while [ $modloop -le 50 ]; do
>$SEARCHOUT
echo "Running ldapdelete to remove a group (${modloop}/50)..."
$LDAPMODIFY -H $URI1 \
-D "cn=Manager,$BASEDN" -w $PASSWD \
>> $TESTOUT 2>&1 << EOF
dn: cn=Cartoonia,ou=Groups,$BASEDN
changetype: delete
EOF
sleep 3
echo "Searching entire database on each provider after deleting Cartoonia group"
n=1
while [ $n -le $MMR ]; do
echo "# Searching the entire database after deleting Cartoonia, provider $n" >> $SEARCHOUT
MYURI=`eval echo '$URI'$n`
$LDAPSEARCH -S "" -b "$BASEDN" -H $MYURI -D "cn=manager,$BASEDN" -w $PASSWD \
'(objectClass=*)' '*' >> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
n=`expr $n + 1`
done
grep "cn=Cartoonia" $SEARCHOUT >/dev/null 2>&1
RC=$?
if test $RC != 1 ; then
echo "Group delete failed on one or more consumer."
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Running ldapmodify to add the group back..."
$LDAPMODIFY -H $URI1 \
-D "cn=Manager,$BASEDN" -w $PASSWD \
>> $TESTOUT 2>&1 <<EOF
dn: cn=Cartoonia,ou=Groups,$BASEDN
changetype: add
objectClass: groupOfNames
cn: Cartoonia
member: cn=Roger Rabbit,ou=People,$BASEDN
member: cn=Baby Herman,ou=People,$BASEDN
EOF
sleep 3
echo "Searching entire database on each provider after re-adding Cartoonia group"
n=1
while [ $n -le $MMR ]; do
>$SEARCHOUT
echo "# Searching the entire database after re-adding Cartoonia, provider $n" >> $SEARCHOUT
MYURI=`eval echo '$URI'$n`
$LDAPSEARCH -S "" -b "$BASEDN" -H $MYURI -D "cn=manager,$BASEDN" -w $PASSWD \
'(objectClass=*)' '*' memberOf>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
grep "memberOf:" $SEARCHOUT >/dev/null 2>&1
RC=$?
if test $RC != 0 ; then
echo "Group add failed on one or more consumer."
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
n=`expr $n + 1`
done
modloop=`expr $modloop + 1`
done
test $KILLSERVERS != no && kill -HUP $KILLPIDS
echo ">>>>> Test succeeded"
test $KILLSERVERS != no && wait
exit 0
dn: cn=config
objectClass: olcGlobal
cn: config
olcLogLevel: Sync
olcLogLevel: Stats
olcPidFile: @TESTDIR@/slapd.1.pid
olcArgsFile: @TESTDIR@/slapd.1.args
olcServerID: 1
dn: cn=schema,cn=config
objectClass: olcSchemaConfig
cn: schema
include: file://@TESTWD@/@SCHEMADIR@/core.ldif
include: file://@TESTWD@/@SCHEMADIR@/cosine.ldif
include: file://@TESTWD@/@SCHEMADIR@/inetorgperson.ldif
include: file://@TESTWD@/@SCHEMADIR@/misc.ldif
include: file://@TESTWD@/@SCHEMADIR@/nis.ldif
include: file://@TESTWD@/@SCHEMADIR@/dyngroup.ldif
#mod#dn: cn=module{0},cn=config
#mod#objectClass: olcModuleList
#mod#cn: module{0}
#mod#olcModulePath: @TESTWD@/../servers/slapd/back-@BACKEND@/
#mod#olcModuleLoad: {0}back_@BACKEND@.la
#monitormod#dn: cn=module{1},cn=config
#monitormod#objectClass: olcModuleList
#monitormod#cn: module{1}
#monitormod#olcModulePath: @TESTWD@/../servers/slapd/back-monitor/
#monitormod#olcModuleLoad: {0}back_monitor.la
#memberofmod#dn: cn=module{2},cn=config
#memberofmod#objectClass: olcModuleList
#memberofmod#cn: module{2}
#memberofmod#olcModulePath: @TESTWD@/../servers/slapd/overlays/
#memberofmod#olcModuleLoad: {0}memberof.la
#dynlistmod#olcModuleLoad: {1}dynlist.la
#syncprovmod#olcModuleLoad: {2}syncprov.la
#accesslogmod#olcModuleLoad: {3}accesslog.la
dn: olcDatabase={-1}frontend,cn=config
objectClass: olcDatabaseConfig
objectClass: olcFrontendConfig
olcDatabase: {-1}frontend
olcAccess: {0}to dn="" by * read
olcAccess: {1}to * by self write by users read by anonymous auth
dn: olcDatabase={0}config,cn=config
objectClass: olcDatabaseConfig
olcDatabase: {0}config
olcAccess: {0}to * by * none
olcRootPW:< file://@TESTDIR@/configpw
dn: olcDatabase={1}@BACKEND@,cn=config
objectClass: olcDatabaseConfig
objectClass: olc@BACKEND@Config
olcDatabase: {1}@BACKEND@
olcSuffix: dc=example,dc=com
olcRootDN: cn=manager,dc=example,dc=com
olcRootPW: secret
olcSizeLimit: unlimited
olcTimeLimit: unlimited
olcMirrorMode: TRUE
olcSyncrepl: {0}rid=100 provider=@URI2@ binddn="cn=manager,dc=example,dc=com
" credentials=secret bindmethod=simple searchbase="dc=example,dc=com" logba
se="cn=accesslog" logfilter="(&(objectClass=auditWriteObject)(reqResult=0))
" filter="(objectClass=*)" schemachecking=off attrs="*,+" type=refreshAndPe
rsist retry="60 +" tls_reqcert=never timeout=0 keepalive=240:10:30 syncdata
=accesslog network-timeout=0 scope=sub interval=00:00:00:03
olcSyncrepl: {1}rid=101 provider=@URI3@ binddn="cn=manager,dc=example,dc=com
" credentials=secret bindmethod=simple searchbase="dc=example,dc=com" logba
se="cn=accesslog" logfilter="(&(objectClass=auditWriteObject)(reqResult=0))
" filter="(objectClass=*)" schemachecking=off attrs="*,+" type=refreshAndPe
rsist retry="60 +" tls_reqcert=never timeout=0 keepalive=240:10:30 syncdata
=accesslog network-timeout=0 scope=sub interval=00:00:00:03
olcSyncrepl: {2}rid=102 provider=@URI4@ binddn="cn=manager,dc=example,dc=com
" credentials=secret bindmethod=simple searchbase="dc=example,dc=com" logba
se="cn=accesslog" logfilter="(&(objectClass=auditWriteObject)(reqResult=0))
" filter="(objectClass=*)" schemachecking=off attrs="*,+" type=refreshAndPe
rsist retry="60 +" tls_reqcert=never timeout=0 keepalive=240:10:30 syncdata
=accesslog network-timeout=0 scope=sub interval=00:00:00:03
#~null~#olcDbDirectory: @TESTDIR@/srv1/db.1
#indexdb#olcDbIndex: default eq
#indexdb#olcDbIndex: objectClass
#indexdb#olcDbIndex: entryUUID
#indexdb#olcDbIndex: entryCSN
#indexdb#olcDbIndex: cn pres,eq,sub
#indexdb#olcDbIndex: uid pres,eq,sub
#indexdb#olcDbIndex: uidNumber pres,eq
#indexdb#olcDbIndex: gidNumber pres,eq
#indexdb#olcDbIndex: mail pres,eq,sub
#indexdb#olcDbIndex: sn pres,eq,sub
#indexdb#olcDbIndex: memberUid
#indexdb#olcDbIndex: uniqueMember pres,eq
#indexdb#olcDbIndex: description pres,eq,sub
#indexdb#olcDbIndex: title pres,eq,sub
#indexdb#olcDbIndex: givenName pres,eq,sub
#indexdb#olcDbIndex: member
#mdb#olcDbMaxSize: 33554432
dn: olcOverlay={0}dynlist,olcDatabase={1}@BACKEND@,cn=config
objectClass: olcOverlayConfig
objectClass: olcDynamicList
olcOverlay: {0}dynlist
olcDlAttrSet: {0}groupOfURLs memberURL
dn: olcOverlay={1}memberof,olcDatabase={1}@BACKEND@,cn=config
objectClass: olcOverlayConfig
objectClass: olcMemberOf
olcOverlay: {1}memberof
olcMemberOfDangling: ignore
olcMemberOfRefInt: TRUE
olcMemberOfGroupOC: groupOfNames
olcMemberOfMemberAD: member
olcMemberOfMemberOfAD: memberOf
dn: olcOverlay={2}syncprov,olcDatabase={1}@BACKEND@,cn=config
objectClass: olcOverlayConfig
objectClass: olcConfig
objectClass: top
objectClass: olcSyncProvConfig
olcOverlay: {2}syncprov
olcSpCheckpoint: 20 10
olcSpSessionlog: 50
dn: olcOverlay={3}accesslog,olcDatabase={1}@BACKEND@,cn=config
objectClass: olcOverlayConfig
objectClass: olcAccessLogConfig
olcOverlay: {3}accesslog
olcAccessLogDB: cn=accesslog
olcAccessLogOps: writes
olcAccessLogPurge: 07+00:00 01+00:00
olcAccessLogSuccess: TRUE
dn: olcDatabase={2}@BACKEND@,cn=config
objectClass: olcDatabaseConfig
objectClass: olc@BACKEND@Config
olcDatabase: {2}@BACKEND@
olcSuffix: cn=accesslog
olcSizeLimit: unlimited
olcTimeLimit: unlimited
olcDbIndex: default eq
olcDbIndex: entryCSN,objectClass,reqEnd,reqResult,reqStart,reqDN
#~null~#olcDbDirectory: @TESTDIR@/srv1/db.2
#mdb#olcDbMaxSize: 33554432
dn: olcOverlay={0}syncprov,olcDatabase={2}@BACKEND@,cn=config
objectClass: olcOverlayConfig
objectClass: olcConfig
objectClass: top
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
olcSpNoPresent: TRUE
olcSpReloadHint: TRUE
dn: olcDatabase={3}monitor,cn=config
objectClass: olcDatabaseConfig
olcDatabase: {3}monitor
olcAccess: {0}to dn.subtree="cn=monitor" by * read
dn: cn=config
objectClass: olcGlobal
cn: config
olcLogLevel: Sync
olcLogLevel: Stats
olcPidFile: @TESTDIR@/slapd.2.pid
olcArgsFile: @TESTDIR@/slapd.2.args
olcServerID: 2
dn: cn=schema,cn=config
objectClass: olcSchemaConfig
cn: schema
include: file://@TESTWD@/@SCHEMADIR@/core.ldif
include: file://@TESTWD@/@SCHEMADIR@/cosine.ldif
include: file://@TESTWD@/@SCHEMADIR@/inetorgperson.ldif
include: file://@TESTWD@/@SCHEMADIR@/misc.ldif
include: file://@TESTWD@/@SCHEMADIR@/nis.ldif
include: file://@TESTWD@/@SCHEMADIR@/dyngroup.ldif
#mod#dn: cn=module{0},cn=config
#mod#objectClass: olcModuleList
#mod#cn: module{0}
#mod#olcModulePath: @TESTWD@/../servers/slapd/back-@BACKEND@/
#mod#olcModuleLoad: {0}back_@BACKEND@.la
#monitormod#dn: cn=module{1},cn=config
#monitormod#objectClass: olcModuleList
#monitormod#cn: module{1}
#monitormod#olcModulePath: @TESTWD@/../servers/slapd/back-monitor/
#monitormod#olcModuleLoad: {0}back_monitor.la
#memberofmod#dn: cn=module{2},cn=config
#memberofmod#objectClass: olcModuleList
#memberofmod#cn: module{2}
#memberofmod#olcModulePath: @TESTWD@/../servers/slapd/overlays/
#memberofmod#olcModuleLoad: {0}memberof.la
#dynlistmod#olcModuleLoad: {1}dynlist.la
#syncprovmod#olcModuleLoad: {2}syncprov.la
#accesslogmod#olcModuleLoad: {3}accesslog.la
dn: olcDatabase={-1}frontend,cn=config
objectClass: olcDatabaseConfig
objectClass: olcFrontendConfig
olcDatabase: {-1}frontend
olcAccess: {0}to dn="" by * read
olcAccess: {1}to * by self write by users read by anonymous auth
dn: olcDatabase={0}config,cn=config
objectClass: olcDatabaseConfig
olcDatabase: {0}config
olcAccess: {0}to * by * none
olcRootPW:< file://@TESTDIR@/configpw
dn: olcDatabase={1}@BACKEND@,cn=config
objectClass: olcDatabaseConfig
objectClass: olc@BACKEND@Config
olcDatabase: {1}@BACKEND@
olcSuffix: dc=example,dc=com
olcRootDN: cn=manager,dc=example,dc=com
olcRootPW: secret
olcSizeLimit: unlimited
olcTimeLimit: unlimited
olcMirrorMode: TRUE
olcSyncrepl: {0}rid=100 provider=@URI1@ binddn="cn=manager,dc=example,dc=com
" credentials=secret bindmethod=simple searchbase="dc=example,dc=com" logba
se="cn=accesslog" logfilter="(&(objectClass=auditWriteObject)(reqResult=0))
" filter="(objectClass=*)" schemachecking=off attrs="*,+" type=refreshAndPe
rsist retry="60 +" tls_reqcert=never timeout=0 keepalive=240:10:30 syncdata
=accesslog network-timeout=0 scope=sub interval=00:00:00:03
olcSyncrepl: {1}rid=101 provider=@URI3@ binddn="cn=manager,dc=example,dc=com
" credentials=secret bindmethod=simple searchbase="dc=example,dc=com" logba
se="cn=accesslog" logfilter="(&(objectClass=auditWriteObject)(reqResult=0))
" filter="(objectClass=*)" schemachecking=off attrs="*,+" type=refreshAndPe
rsist retry="60 +" tls_reqcert=never timeout=0 keepalive=240:10:30 syncdata
=accesslog network-timeout=0 scope=sub interval=00:00:00:03
olcSyncrepl: {2}rid=102 provider=@URI4@ binddn="cn=manager,dc=example,dc=com
" credentials=secret bindmethod=simple searchbase="dc=example,dc=com" logba
se="cn=accesslog" logfilter="(&(objectClass=auditWriteObject)(reqResult=0))
" filter="(objectClass=*)" schemachecking=off attrs="*,+" type=refreshAndPe
rsist retry="60 +" tls_reqcert=never timeout=0 keepalive=240:10:30 syncdata
=accesslog network-timeout=0 scope=sub interval=00:00:00:03
#~null~#olcDbDirectory: @TESTDIR@/srv2/db.1
#indexdb#olcDbIndex: default eq
#indexdb#olcDbIndex: objectClass
#indexdb#olcDbIndex: entryUUID
#indexdb#olcDbIndex: entryCSN
#indexdb#olcDbIndex: cn pres,eq,sub
#indexdb#olcDbIndex: uid pres,eq,sub
#indexdb#olcDbIndex: uidNumber pres,eq
#indexdb#olcDbIndex: gidNumber pres,eq
#indexdb#olcDbIndex: mail pres,eq,sub
#indexdb#olcDbIndex: sn pres,eq,sub
#indexdb#olcDbIndex: memberUid
#indexdb#olcDbIndex: uniqueMember pres,eq
#indexdb#olcDbIndex: description pres,eq,sub
#indexdb#olcDbIndex: title pres,eq,sub
#indexdb#olcDbIndex: givenName pres,eq,sub
#indexdb#olcDbIndex: member
#mdb#olcDbMaxSize: 33554432
dn: olcOverlay={0}dynlist,olcDatabase={1}@BACKEND@,cn=config
objectClass: olcOverlayConfig
objectClass: olcDynamicList
olcOverlay: {0}dynlist
olcDlAttrSet: {0}groupOfURLs memberURL
dn: olcOverlay={1}memberof,olcDatabase={1}@BACKEND@,cn=config
objectClass: olcOverlayConfig
objectClass: olcMemberOf
olcOverlay: {1}memberof
olcMemberOfDangling: ignore
olcMemberOfRefInt: TRUE
olcMemberOfGroupOC: groupOfNames
olcMemberOfMemberAD: member
olcMemberOfMemberOfAD: memberOf
dn: olcOverlay={2}syncprov,olcDatabase={1}@BACKEND@,cn=config
objectClass: olcOverlayConfig
objectClass: olcConfig
objectClass: top
objectClass: olcSyncProvConfig
olcOverlay: {2}syncprov
olcSpCheckpoint: 20 10
olcSpSessionlog: 50
dn: olcOverlay={3}accesslog,olcDatabase={1}@BACKEND@,cn=config
objectClass: olcOverlayConfig
objectClass: olcAccessLogConfig
olcOverlay: {3}accesslog
olcAccessLogDB: cn=accesslog
olcAccessLogOps: writes
olcAccessLogPurge: 07+00:00 01+00:00
olcAccessLogSuccess: TRUE
dn: olcDatabase={2}@BACKEND@,cn=config
objectClass: olcDatabaseConfig
objectClass: olc@BACKEND@Config
olcDatabase: {2}@BACKEND@