--- distrib/slapd.conf	2019-06-04 11:18:04.000000000 +0200
+++ modif/slapd.conf	2021-01-12 11:06:19.496162295 +0100
@@ -23,11 +23,19 @@
 %elif %%ldap_schema == 'zephir'
 include        /etc/ldap/schema/openldap.schema
 %end if
+include        /etc/ldap/schema/cadoles.schema

 ## Support du TLS
+%if %%cert_type == "manuel"
+TLSCertificateFile      %%server_cert
+TLSCertificateKeyFile   %%server_key
+TLSCACertificateFile    %%server_pem
+%else
 TLSCertificateFile      /etc/ldap/ssl/certs/openldap.crt
 TLSCertificateKeyFile   /etc/ldap/ssl/private/openldap.key
 TLSCACertificateFile    /etc/ssl/certs/ca.crt
+%end if
+
 TLSVerifyClient         never
 TLSCipherSuite SECURE256:+SIGN-ALL:-VERS-SSL3.0:!AES-128-CBC:!3DES-CBC:!DES-CBC:!ARCFOUR-128:!ARCFOUR-40:!RC2-40:!CAMELLIA-128-CBC:!NULL

@@ -46,6 +54,7 @@
 %if %%ldap_replication == 'oui' or %%ldap_replication_client == 'oui'
 moduleload      syncprov
 %end if
+moduleload      memberof

 # Sample security restrictions
 #    Require integrity protection (prevent hijacking)
@@ -80,6 +89,7 @@

 # compatibilite EAD1 et appli PHP
 allow   bind_v2
+allow   bind_anon_dn

 database    bdb
 # The base of your directory
@@ -216,6 +226,10 @@
 syncprov-sessionlog 100
 %end if

+overlay memberof
+memberof-group-oc cadolesGroup
+memberof-member-ad cadolesMember
+
 %if %%ldap_replication_client == 'oui'
 include /etc/ldap/replication.conf
 %end if