-.TH SLAPD 8C "22 September 1998" "OpenLDAP LDVERSION"
+.TH SLAPD 8C "19 September 1999" "OpenLDAP LDVERSION"
+.\" $OpenLDAP$
+.\" Copyright 1998-2000 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
.SH NAME
slapd \- Stand-alone LDAP Daemon
.SH SYNOPSIS
-.B LIBEXECDIR/slapd [\-d debug\-level]
-.B [\-f slapd\-config\-file] [\-p port\-number]
-.B [\-s syslog\-level] [\-l syslog\-local\-user] [\-i]
+.B LIBEXECDIR/slapd
+.B [\-f slapd\-config\-file]
+.B [\-h URLs]
+.B [\-d debug\-level]
+.B [\-s syslog\-level] [\-l syslog\-local\-user]
+.B [\-u user] [\-g group]
.B
.SH DESCRIPTION
.LP
.B Slapd
is the stand-alone LDAP daemon. It listens for LDAP connections on
-port 389, responding
+any number of ports (default 389), responding
to the LDAP operations it receives over these connections.
.B slapd
is typically invoked at boot time, usually out of
Upon startup,
.B slapd
normally forks and disassociates itself from the invoking tty.
-In this case, the
+If configured in
+.BR ETCDIR/slapd.conf ,
+the
.B slapd
-process will print its process ID to a
-.B .pid
-file ( see
+process will print its process ID ( see
.BR getpid (2)
-), as well as the command line options during invocation to an
+) to a
+.B .pid
+file, as well as the command line options during invocation to an
.B .args
-file. By default, these files are located in the directory
-.B LOCALSTATEDIR.
-The files' base names are derived from the
-.B slapd
-binary name, making it possible to run several
-.B slapd
-servers with differet names on the same machine, with each having
-its own
-.B .pid/.args
-files. (Those
-.B slapd
-names might be obtained via symbolic links to one binary file.)
+file ( see
+.BR slapd.conf (5)
+).
If the
.B \-d
-flag is given and debugging is set to some non-zero
-value,
+flag is given, even with a zero argument,
.B slapd
will not fork and disassociate from the invoking tty.
.LP
.BI \-d " debug\-level"
Turn on debugging as defined by
.I debug\-level.
-If this option is specified,
+If this option is specified, even with a zero argument,
.B slapd
will not fork or disassociate from the invoking terminal. Some general
operation and status messages are printed for any value of \fIdebug\-level\fP.
Specifies the slapd configuration file. The default is
.BR ETCDIR/slapd.conf .
.TP
-.BI \-p " port\-number"
+.BI \-h " URLlist"
.B slapd
-will listen on the default LDAP port (389) unless this option is given
-to override the default.
+will serve
+.B ldap:///
+(LDAP over TCP on all interfaces on default LDAP port). As such,
+it will bind to INADDR_ANY, port 389.
+The
+.B \-h
+option may be used to specify LDAP (and LDAPS) URLs to serve.
+For example, if slapd is given
+.B \-h " ldap://127.0.0.1:9009/ ldaps:///",
+It will bind 127.0.0.1:9009 for LDAP and INADDR_ANY:636 for LDAP over TLS.
+A space separated list of URLs is expected. The URLS should be of
+LDAP (ldap://) or, if supported, LDAP over TLS (ldaps://) type without
+a DN or other optional parameters. Hosts may be specified in either
+Internet '.' format (preferred) or by name. Ports, if specfied,
+must be numeric.
.TP
-.B \-i
-This option tells
+.BI \-u " user"
+.B slapd
+will run slapd with the specified user name or id, and that user's
+supplementary group access list as set with initgroups(3). The group ID
+is also changed to this user's gid, unless the -g option is used to
+override.
+.TP
+.BI \-g " group"
.B slapd
-that it is being run from
-.BR inetd(8) ,
-the Internet protocol daemon.
+will run with the specified group name or id.
+.LP
+Note that on some systems, running as a non-privileged user will prevent
+passwd back-ends from accessing the encrypted passwords. Note also that
+any shell back-ends will run as the specified non-privileged user.
.SH EXAMPLES
To start
.I slapd
.LP
"The SLAPD and SLURPD Administrator's Guide"
.SH BUGS
-When using the LDBM database backend, the Modify RDN operation does not
-update the attribute values in the entry that are affected by the change.
+See http://www.openldap.org/its/
.SH ACKNOWLEDGEMENTS
.B OpenLDAP
is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).