]> git.sur5r.net Git - openldap/blobdiff - doc/man/man5/slapd-dnssrv.5
projects / openldap / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
further fulfilment of ITS#3639
[openldap] / doc / man / man5 / slapd-dnssrv.5
diff --git a/doc/man/man5/slapd-dnssrv.5 b/doc/man/man5/slapd-dnssrv.5
index c4afb8590878520bc6f316f7baad8be7c0bbda7e..ad00bac2d6a760da640b651e88a5e11b55a67efe 100644 (file)
--- a/doc/man/man5/slapd-dnssrv.5
+++ b/doc/man/man5/slapd-dnssrv.5
@@ -17,6 +17,21 @@ This backend is experimental.
 The DNSSRV backend has no backend nor database specific options.
 It is configured simply by "database dnssrv" followed a suffix
 directive, e.g. suffix "".
+.SH ACCESS CONTROL
+The
+.B dnssrv
+backend does not honor all ACL semantics as described in
+.BR slapd.access (5).
+In fact, this backend only implements the
+.B search
+operation when the
+.B manageDSAit
+control (RFC3296) is used, otherwise for every operation a referral,
+whenever appropriate, or an error is returned.
+Currently, there is no means to condition the returning of the referral
+by means of ACLs; no access control is implemented, except for 
+.B read (=r)
+access to the returned entries, which is actually provided by the frontend.
 .SH FILES
 .TP
 ETCDIR/slapd.conf
Cloned from git://git.openldap.org/openldap.git