diff --git a/bundles/openldap/files/slapd.conf b/bundles/openldap/files/slapd.conf
index 06f8c04..9f8dc28 100644
--- a/bundles/openldap/files/slapd.conf
+++ b/bundles/openldap/files/slapd.conf
@@ -62,26 +62,37 @@ memberof-refint TRUE
 
 overlay ppolicy
 
-#access to dn.one="ou=QZWI,dc=qzwi,dc=de"
-#        attrs=userPassword
-#        by anonymous auth
-#        by * break
+access to dn.one="ou=Users,dc=qzwi,dc=de"
+    attrs=userPassword
+    by anonymous auth
+    by * break
 
-#access to * by group="ou=qzwi-admins,ou=Groups,dc=qzwi,dc=de" manage by * break
+access to *
+    by group="ou=qzwi-admins,ou=Groups,dc=qzwi,dc=de" manage
+    by * break
 
 % for tree, matches in sorted(conf.get('access', {}).items()):
 # ${tree}
 %  for access, user in sorted(matches.items()):
-access to dn.sub="${tree}" by dn.exact="${user}" ${access} by * break
+access to dn.sub="${tree}"
+    by dn.exact="${user}" ${access}
+    by * break
 %  endfor
 # / ${tree}
 
 % endfor
 
 # Grant read access to all applications
-#access to dn.children="ou=Applications,dc=qzwi,dc=de" attrs=userPassword by anonymous auth by * break
-#access to dn.sub="ou=People,dc=qzwi,dc=de" by dn.children="ou=Applications,dc=qzwi,dc=de" read by * break
-#access to dn.sub="ou=Groups,dc=qzwi,dc=de" by dn.children="ou=Applications,dc=qzwi,dc=de" read by * break
+access to dn.children="ou=Applications,dc=qzwi,dc=de"
+    attrs=userPassword
+    by anonymous auth
+    by * break
+access to dn.sub="ou=Users,dc=qzwi,dc=de"
+    by dn.children="ou=Applications,dc=qzwi,dc=de"
+    read by * break
+access to dn.sub="ou=Groups,dc=qzwi,dc=de"
+    by dn.children="ou=Applications,dc=qzwi,dc=de"
+    read by * break
 
 database monitor
 rootDN  "cn=admin,cn=Monitor"