.TH SLAPD.CONF 5 "5 August 1999" "OpenLDAP LDVERSION"
+.\" $OpenLDAP$
+.\" Copyright 1998-2000 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
.SH NAME
slapd.conf \- configuration file for slapd, the stand-alone LDAP daemon
.SH SYNOPSIS
actual text are shown in brackets <>.
.TP
.B
-access to <what> [ by <who> <accesslevel> ]+
-Grant access (specified by <accesslevel>) to a set of entries and/or
+access to <what> [ by <who> <access> <control> ]+
+Grant access (specified by <access>) to a set of entries and/or
attributes (specified by <what>) by one or more requestors (specified
-by <who>). Refer to "The SLAPD and SLURPD Administrator's Guide" for
-information on using the
-.B slapd
-access-control mechanisms.
+by <who>).
+See Developer's FAQ (http://www.openldap.org/faq/) for details.
.TP
.B
-attribute ( <oid> [NAME <name>] [DESC <description>] [OBSOLETE] \
+attributetype ( <oid> [NAME <name>] [DESC <description>] [OBSOLETE] \
[SUP <oid>] [EQUALITY <oid>] [ORDERING <oid>] [SUBSTR <oid>] \
[SYNTAX <oidlen>] [SINGLE-VALUE] [COLLECTIVE] [NO-USER-MODIFICATION] \
[USAGE <attributeUsage>] )
parser extends the RFC 2252 definition by allowing string forms as well
as numeric OIDs to be used for the attribute OID and attribute syntax OID.
(See the
-.B
-objectidentifier
+.B objectidentifier
description.) Currently the syntax name parser is case-sensitive.
The known syntax names are:
.RS
.RE
.TP
.B
-attribute <name> [<name2>] { bin | ces | cis | tel | dn }
+attribute[type] <name> [<name2>] { bin | ces | cis | tel | dn }
Associate a syntax with an attribute name. This directive is deprecated
in favor of the one above. By default, an
attribute is assumed to have syntax
.RE
.TP
.B
-defaultaccess [self]{ none | compare | search | read | write }
-Specify the default access to grant requestors not matched by
-any other access line. The default behavior is to grant read access.
+defaultaccess { none | auth | compare | search | read | write }
+Specify the default access level to grant requestors when
+no access directives were provided for the database.
+The default behavior is to grant 'read' access. It is
+recommended that
+.B access
+directives be used instead.
.TP
.B idletimeout <integer>
Specify the number of seconds to wait before forcibly closing
.TP
.B rootpw <password>
Specify a password (or hash of the password) for the rootdn.
-This option accepts all password formats known to the server
-including \fB{SHA}\fP, \fB{MD5}\fP, \fB{CRYPT}\fP, and cleartext.
-Cleartext passwords are not recommended.
+This option accepts all RFC 2307 userPassword formats known to
+the server including \fB{SSHA}\fP, \fB{SHA}\fP, \fB{SMD5}\fP,
+\fB{MD5}\fP, \fB{CRYPT}\fP, and cleartext schemes. Cleartext
+passwords are not recommended.
.TP
.B suffix <dn suffix>
Specify the DN suffix of queries that will be passed to this
with each open index file. If not supported by the underlying database
method, this option is ignored without comment. The default is 100000 bytes.
.TP
-.B dbcachenowsync
-Specify that database writes should not be immediately synchronized
-with in memory changes. Enabling this option may improve performance
-at the expense of data security.
+.B dbnolocking
+Specify that no database locking should be performed.
+Enabling this option may improve performance at the expense of data security.
+.B dbnosync
+Specify that on-disk database contents should not be immediately
+synchronized with in memory changes. Enabling this option may improve
+performance at the expense of data security.
.TP
.B directory <directory>
-Specify the directory where the LDBM files containing the database and
-associated indexes live. The default is
-.B /usr/tmp.
+Specify the directory where the LDBM files containing this database and
+associated indexes live. A separate directory must be specified for
+each database. The default is
+.BR LOCALSTATEDIR/openldap-ldbm .
.TP
.B
index { <attrlist> | default } [ pres,eq,approx,sub,none ]
projects / openldap / blobdiff