Updates for syncprov overlay

[openldap] / doc / guide / admin / slapdconfig.sdf

diff --git a/doc/guide/admin/slapdconfig.sdf b/doc/guide/admin/slapdconfig.sdf
index 0ea54b908920b46d1fdde7f6457357af558f6f4a..27316af998babce05478a1d8128b7903aa1d6b01 100644 (file)
--- a/doc/guide/admin/slapdconfig.sdf
+++ b/doc/guide/admin/slapdconfig.sdf
@@ -421,6 +421,7 @@ H4: syncrepl
 >              provider=ldap[s]://<hostname>[:port]
 >              [type=refreshOnly|refreshAndPersist]
 >              [interval=dd:hh:mm:ss]
+>              [retry=[<retry interval> <# of retries>]+]
 >              [searchbase=<base DN>]
 >              [filter=<filter str>]
 >              [scope=sub|one|base]
@@ -490,6 +491,13 @@ remains persistent in the provider slapd. Further updates to the
 master replica will generate {{EX:searchResultEntry}} to the consumer slapd
 as the search responses to the persistent synchronization search.
 
+If an error occurs during replication, the consumer will attempt to reconnect
+according to the retry parameter which is a list of the <retry interval>
+and <# of retries> pairs. For example, retry="60 5 300 3" lets the consumer
+retry every 60 seconds for the first 10 times and then retry every 300 seconds
+for the next three times before stop retrying. + in <#  of retries> means
+indefinite number of retries until success.
+
 The schema checking can be enforced at the LDAP Sync consumer site
 by turning on the {{EX:schemachecking}} parameter.
 If it is turned on, every replicated entry will be checked for its
@@ -927,9 +935,10 @@ help make this clear.
 
 H3: Access Control Examples
 
-The access control facility described above is quite powerful.
-This section shows some examples of its use. First, some
-simple examples:
+The access control facility described above is quite powerful.  This
+section shows some examples of its use for descriptive purposes.
+
+A simple example:
 
 >      access to * by * read
 
@@ -963,9 +972,9 @@ when 64 or better security protections have been established.  If
 client has not establish sufficient security protections, the
 implicit {{EX:by * none}} clause would be applied.
 
-The following example shows the use of a style specifiers
-to select the entries by DN in two access directives where
-ordering is significant.
+The following example shows the use of a style specifiers to select
+the entries by DN in two access directives where ordering is
+significant.
 
 >      access to dn.children="dc=example,dc=com"
 >              by * search
@@ -994,7 +1003,7 @@ attribute and various {{EX:<who>}} selectors.
 >      access to dn.subtree="dc=example,dc=com" attr=homePhone
 >              by self write
 >              by dn.children=dc=example,dc=com" search
->              by peername=IP:10\..+ read
+>              by peername.regex=IP:10\..+ read
 >      access to dn.subtree="dc=example,dc=com"
 >              by self write
 >              by dn.children="dc=example,dc=com" search