# $OpenLDAP$
-# Copyright 1999-2013 The OpenLDAP Foundation, All Rights Reserved.
+# Copyright 1999-2016 The OpenLDAP Foundation, All Rights Reserved.
# COPYING RESTRICTIONS APPLY, see COPYRIGHT.
H1: The slapd Configuration File
!block table; align=Center; coltags="EX,N"; \
title="Table 6.2: Database Backends"
Types Description
-bdb Berkeley DB transactional backend
+bdb Berkeley DB transactional backend (deprecated)
dnssrv DNS SRV backend
-hdb Hierarchical variant of bdb backend
+hdb Hierarchical variant of bdb backend (deprecated)
ldap Lightweight Directory Access Protocol (Proxy) backend
+mdb Memory-Mapped DB backend
meta Meta Directory backend
monitor Monitor backend
passwd Provides read-only access to {{passwd}}(5)
This directive puts the database into "read-only" mode. Any
attempts to modify the database will return an "unwilling to
-perform" error.
+perform" error. If set on a consumer, modifications sent by
+syncrepl will still occur.
\Default:
> [tls_cacert=<file>]
> [tls_cacertdir=<path>]
> [tls_reqcert=never|allow|try|demand]
-> [tls_ciphersuite=<ciphers>]
+> [tls_cipher_suite=<ciphers>]
> [tls_crlcheck=none|peer|all]
> [logbase=<base DN>]
> [logfilter=<filter str>]
operation to establish a TLS session before authenticating to the provider.
If the {{EX:critical}} argument is supplied, the session will be aborted
if the StartTLS request fails. Otherwise the syncrepl session continues
-without TLS. Note that the main slapd TLS settings are not used by the
-syncrepl engine; by default the TLS parameters from a {{ldap.conf}}(5)
-configuration file will be used. TLS settings may be specified here,
-in which case any {{ldap.conf}}(5) settings will be completely ignored.
+without TLS. The tls_reqcert setting defaults to {{EX:"demand"}} and the
+other TLS settings default to the same as the main slapd TLS settings.
Rather than replicating whole entries, the consumer can query logs
of data modifications. This mode of operation is referred to as