## Root Entry

dn: dc=example,dc=com
dc: example
objectClass: top
objectClass: domain
aci: (targetattr != "userPassword || passwordHistory || passwordExpirationTime || passwordExpWarned || passwordRetryCount || retryCountResetTime || accountUnlockTime || passwordAllowChangeTime ") (version 3.0; acl "Anonymous access"; allow (read, search, compare)userdn = "ldap:///anyone";)
aci: (targetattr != "nsroledn || aci || nsLookThroughLimit || nsSizeLimit || nsTimeLimit || nsIdleTimeout || passwordPolicySubentry || passwordExpirationTime || passwordExpWarned || passwordRetryCount || retryCountResetTime || accountUnlockTime || passwordHistory || passwordAllowChangeTime")(version 3.0; acl "Allow self entry modification except for nsroledn, aci, resource limit attributes, passwordPolicySubentry and password policy state attributes"; allow (write)userdn ="ldap:///self";)

## OUs

dn: ou=Groups, dc=example,dc=com
objectClass: top
objectClass: organizationalunit
ou: Groups

dn: ou=People, dc=example,dc=com
objectClass: top
objectClass: organizationalunit
ou: People
aci: (targetattr ="userpassword || telephonenumber || facsimiletelephonenumber")(version 3.0;acl "Allow self entry modification";allow (write)(userdn = "ldap:///self");)

## Objectclasses


## Groups

dn:cn=StaticGroup,ou=groups,dc=example,dc=com
objectClass: top
objectClass: groupofuniquenames
uniqueMember: uid=lulrich, ou=People, dc=example,dc=com
uniqueMember: uid=alutz, ou=People, dc=example,dc=com

dn:cn=DynGroup,ou=groups,dc=example,dc=com
objectClass: top
objectClass: groupOfUrls
memberURL: ldap:///ou=people,dc=example,dc=com??sub?(l=Santa Clara)

# Users

dn: uid=alutz, ou=People, dc=example,dc=com
givenName: Alexander
telephoneNumber: +1 408 555 6505
sn: Lutz
ou: Product Development
l: Santa Clara
roomNumber: 1327
mail: alutz@example.com
facsimileTelephoneNumber: +1 408 555 4774
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
uid: alutz
cn: Alexander Lutz
userPassword: Welcome1

dn: uid=btalbo2, ou=People, dc=example,dc=com
givenName: Bjorn
telephoneNumber: +1 408 555 4234
sn: Talbot
ou: Product Development
l: Santa Clara
roomNumber: 1205
mail: btalbo2@example.com
facsimileTelephoneNumber: +1 408 555 9332
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
uid: btalbo2
cn: Bjorn Talbot
userPassword: Welcome1

dn: uid=achassin, ou=People, dc=example,dc=com
givenName: Ashley
telephoneNumber: +1 408 555 9972
sn: Chassin
ou: Payroll
l: Santa Clara
manager: uid=bhall,ou=people,dc=example,dc=com
roomNumber: 0466
mail: achassin@example.com
facsimileTelephoneNumber: +1 408 555 3372
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
uid: achassin
cn: Ashley Chassin
userPassword: Welcome1

dn: uid=hmiller, ou=People, dc=example,dc=com
givenName: Harry
telephoneNumber: +1 408 555 9804
sn: Miller
ou: Human Resources
l: Santa Clara
roomNumber: 4304
mail: hmiller@example.com
facsimileTelephoneNumber: +1 408 555 9332
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
uid: hmiller
cn: Harry Miller
userPassword: Welcome1