Fix typo

[openldap] / doc / guide / admin / slapdconfig.sdf

diff --git a/doc/guide/admin/slapdconfig.sdf b/doc/guide/admin/slapdconfig.sdf
index 637215fe5fefe937d76bbe52801143bd028b6814..7d1a6c1a3fd908f06b182ac2ed1411ff5bfa070f 100644 (file)
--- a/doc/guide/admin/slapdconfig.sdf
+++ b/doc/guide/admin/slapdconfig.sdf
@@ -450,10 +450,10 @@ Synchronization protocol. See {{EX:draft-zeilenga-ldup-sync-xx.txt}}
 ({{a work in progress}}) for more information on the protocol.
 
 The {{EX:rid}} parameter is used for identification of the current
-{{EX:syncrepl}} directive within the replication consumer site,
+{{EX:syncrepl}} directive within the replication consumer server,
 where {{EX:<replica ID>}} uniquely identifies the syncrepl specification
 described by the current {{EX:syncrepl}} directive. {{EX:<replica ID>}}
-is non-negative and is no more than three digits in length.
+is non-negative and is no more than three decimal digits in length.
 
 The {{EX:provider}} parameter specifies the replication provider site
 containing the master content as an LDAP URI. The {{EX:provider}}
@@ -592,31 +592,28 @@ containing the database and associated indices live.
 H4: sessionlog <sid> <limit>
 
 This directive specifies a session log store in the syncrepl 
-replication provider site which contains information on
-the entries that have been scoped out of the content of the
-replication session identified by {{EX:<sid>}}.
-The first syncrepl search request having the same sid value in the
-cookie establishes the session log store in the provider site.
+replication provider server which contains information on
+the entries that have been scoped out of the replication
+content identified by {{EX:<sid>}}.
+The first syncrepl search request having the same {{EX:<sid>}} value
+in the cookie establishes the session log store in the provider server.
 The number of the entries in the session log store is limited
 by {{EX:<limit>}}. Excessive entries are removed from the store
 in the FIFO order. Both {{EX:<sid>}} and {{EX:<limit>}} are
-non-negative integers. {{EX:<sid>}} has no more than three digits.
+non-negative integers. {{EX:<sid>}} has no more than three decimal digits.
 
 The LDAP Content Synchronization operation that falls into a pre-existing
-session uses the session log store in order to reduce the amount
+session can use the session log store in order to reduce the amount
 of synchronization traffic. If the replica is not so outdated that
 it can be made up-to-date by the information in the session store,
 the provider slapd will send the consumer slapd the identities of the
 scoped-out entries together with the in-scope entries added to or
 modified within the replication content. If the replica status is
-beyond the coverage of the history store, then the provider slapd will
-send the identities of the unchanged in-scope entries along with the
-changed in-scope entries. The consumer slapd will then remove those
-entries in the replica which are not identified as present in the
-master content.
-
-An access control mechanism is to be further provided to
-make the session joining controllable.
+outdated too much and beyond the coverage of the history store,
+then the provider slapd will send the identities of the unchanged
+in-scope entries along with the changed in-scope entries.
+The consumer slapd will then remove those entries in the replica
+which are not identified as present in the provider content.
 
 
 H3: LDBM Database Directives
@@ -739,7 +736,7 @@ access line is:
 >              [aci=<attrname>]
 >      <access> ::= [self]{<level>|<priv>}
 >      <level> ::= none | auth | compare | search | read | write
->      <priv> ::= {=|+|-}{w|r|s|c|x}+
+>      <priv> ::= {=|+|-}{w|r|s|c|x|0}+
 >      <control> ::= [stop | continue | break]
 
 where the <what> part selects the entries and/or attributes to which
@@ -879,7 +876,7 @@ The kind of <access> granted can be one of the following:
 !block table; colaligns="LRL"; coltags="EX,EX,N"; align=Center; \
        title="Table 5.4: Access Levels"
 Level  Privileges      Description
-none                   no access
+none   =0              no access
 auth   =x              needed to bind
 compare        =cx             needed to compare
 search =scx            needed to apply search filters
@@ -930,9 +927,10 @@ help make this clear.
 
 H3: Access Control Examples
 
-The access control facility described above is quite powerful.
-This section shows some examples of its use. First, some
-simple examples:
+The access control facility described above is quite powerful.  This
+section shows some examples of its use for descriptive purposes.
+
+A simple example:
 
 >      access to * by * read
 
@@ -966,9 +964,9 @@ when 64 or better security protections have been established.  If
 client has not establish sufficient security protections, the
 implicit {{EX:by * none}} clause would be applied.
 
-The following example shows the use of a style specifiers
-to select the entries by DN in two access directives where
-ordering is significant.
+The following example shows the use of a style specifiers to select
+the entries by DN in two access directives where ordering is
+significant.
 
 >      access to dn.children="dc=example,dc=com"
 >              by * search
@@ -997,7 +995,7 @@ attribute and various {{EX:<who>}} selectors.
 >      access to dn.subtree="dc=example,dc=com" attr=homePhone
 >              by self write
 >              by dn.children=dc=example,dc=com" search
->              by peername=IP:10\..+ read
+>              by peername.regex=IP:10\..+ read
 >      access to dn.subtree="dc=example,dc=com"
 >              by self write
 >              by dn.children="dc=example,dc=com" search