diff --git a/etc/base.ldif b/etc/base.ldif
new file mode 100644
index 0000000..427b507
--- /dev/null
+++ b/etc/base.ldif
@@ -0,0 +1,19 @@
+dn: __DN__
+objectClass: top
+objectClass: dcObject
+objectclass: organization
+o: __PDN__
+dc: __PDN__
+
+dn: cn=Manager,__DN__
+objectClass: organizationalRole
+cn: Manager
+description: Directory Manager
+
+dn: ou=People,__DN__
+objectClass: organizationalUnit
+ou: People
+
+dn: ou=Group,__DN__
+objectClass: organizationalUnit
+ou: Group
diff --git a/etc/changes.ldif b/etc/changes.ldif
new file mode 100644
index 0000000..347537e
--- /dev/null
+++ b/etc/changes.ldif
@@ -0,0 +1,42 @@
+dn: olcDatabase={2}hdb,cn=config
+changetype: modify
+replace: olcSuffix
+olcSuffix: __DN__
+
+dn: olcDatabase={2}hdb,cn=config
+changetype: modify
+replace: olcRootDN
+olcRootDN: cn=Manager,__DN__
+
+dn: olcDatabase={2}hdb,cn=config
+changetype: modify
+replace: olcRootPW
+olcRootPW: __SLAP__
+
+dn: cn=config
+changetype: modify
+replace: olcTLSCACertificateFile
+olcTLSCACertificateFile: /etc/openldap/certs/ca.crt
+-
+replace: olcTLSCertificateFile
+olcTLSCertificateFile: /etc/openldap/certs/ldap.crt
+-
+replace: olcTLSCertificateKeyFile
+olcTLSCertificateKeyFile: /etc/openldap/certs/ldap.key
+
+dn: cn=config
+changetype: modify
+replace: olcTLSCipherSuite
+olcTLSCipherSuite: HIGH:MEDIUM:-SSLv2
+
+dn: cn=config
+changetype: modify
+replace: olcTLSVerifyClient
+olcTLSVerifyClient: allow
+
+dn: olcDatabase={2}hdb,cn=config
+changetype: modify
+replace: olcAccess
+olcAccess: {0}to attrs=userPassword,shadowLastChange by dn="cn=Manager,__DN__" write by anonymous auth by self write by * none
+olcAccess: {1}to dn.base="" by * read
+olcAccess: {2}to * by dn="cn=Manager,__DN__" by self write by * read