X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;ds=sidebyside;f=doc%2Fman%2Fman5%2Fslapd-sql.5;h=e614f36f8baf953d9def8e7aab3d50633aafbbe2;hb=6624f68725d97180f89d5481f50e99727d9772bc;hp=3ca8a186780d466bfb88c3577d77fbd0481d5293;hpb=d2bb1b56918bf958fd0559ac39b74c56bd00092d;p=openldap diff --git a/doc/man/man5/slapd-sql.5 b/doc/man/man5/slapd-sql.5 index 3ca8a18678..e614f36f8b 100644 --- a/doc/man/man5/slapd-sql.5 +++ b/doc/man/man5/slapd-sql.5 @@ -97,8 +97,7 @@ The default is .B "DELETE FROM ldap_entries WHERE id=?" These four options specify SQL query templates for loading schema mapping -metainformation, -adding and deleting entries to ldap_entries, etc. +metainformation, adding and deleting entries to ldap_entries, etc. All these and subtree_cond should have the given default values. For the current value it is recommended to look at the sources, or in the log output when slapd starts with "-d 5" or greater. @@ -114,7 +113,7 @@ Set this directive to if .B upper_func needs an explicit cast when applied to literal strings. The form -.B cast ( as varchar()) +.B CAST ( AS VARCHAR()) is used, where .B is builtin. @@ -130,11 +129,11 @@ to be used to concatenate strings. The MUST contain two question marks, '?', that will be replaced by the two strings that must be concatenated. The default value is .BR "CONCAT(?,?)"; -a form that is known to be highly portable is +a form that is known to be highly portable (IBM db2, PostgreSQL) is .BR "?||?", but an explicit cast may be required when operating on literal strings: -.BR "cast(?||? as varchar())". -On some RDBMSes the form +.BR "CAST(?||? AS VARCHAR())". +On some RDBMSes (IBM db2, MSSQL) the form .B "?+?" is known to work. Carefully check the documentation of your RDBMS or stay with the examples @@ -164,9 +163,20 @@ and may change in future releases. .B fail_if_no_mapping { yes | no } When set to .B yes -it forces write operations to fail if no appropriate mapping between LDAP -attributes and SQL data is available. The default behavior is to ignore -those changes that cannot be mapped correctly. +it forces +.I attribute +write operations to fail if no appropriate mapping between LDAP attributes +and SQL data is available. +The default behavior is to ignore those changes that cannot be mapped +correctly. +It has no impact on objectClass mapping, i.e. if the +.I structuralObjectClass +of an entry cannot be mapped to SQL by looking up its name +in ldap_oc_mappings, an +.I add +operation will fail regardless of the +.B fail_if_no_mapping +switch; see section "METAINFORMATION USED" for details. This is .B experimental and may change in future releases. @@ -183,7 +193,7 @@ generating sample database for Oracle, MS SQL Server, mySQL and more The first thing that one must arrange is what set of LDAP object classes can present your RDBMS information. .LP -The easiest way is to create an objectclass for each entity you had in +The easiest way is to create an objectClass for each entity you had in ER-diagram when designing your relational schema. Any relational schema, no matter how normalized it is, was designed after some model of your application's domain (for instance, accounts, @@ -407,7 +417,7 @@ SYNTAX of corresponding LDAP schema attribute, we translate the filter into the most relaxed SQL condition to filter candidates), and send it to the user. .LP -ADD, DELETE, MODIFY operations are also performed on per-attribute +ADD, DELETE, MODIFY and MODRDN operations are also performed on per-attribute metainformation (add_proc etc.). In those fields one can specify an SQL statement or stored procedure call which can add, or delete given values of a given attribute, using @@ -421,7 +431,7 @@ Please see samples to find out what are the parameters passed, and other information on this matter - they are self-explanatory for those familiar with concept expressed above. .LP -.SH common techniques (referrals, multiclassing etc.) +.SH Common techniques (referrals, multiclassing etc.) First of all, let's remember that among other major differences to the complete LDAP data model, the concept above does not directly support such things as multiple objectclasses per entry, and referrals. @@ -446,6 +456,21 @@ more tuples in ldap_referrals for this entry (they will be seen as values of "ref" attribute), you will have slapd return a referral, as described in the Administrators Guide. .LP +.SH Caveats +As previously stated, this backend should not be considered +a replacement of other data storage backends, but rather a gateway +to existing RDBMS storages that need to be published in LDAP form. +.LP +The hasSubordintes operational attribute is honored by back-sql +in search results and in compare operations; it is partially honored +also in filtering. Owing to design limitations, a (braindead) filter +of the form +\fB(!(hasSubordinates=TRUE))\fP +will give no results instead of returning all the leaf entries. +If you need to find all the leaf entries, please use +\fB(hasSubordinates=FALSE)\fP +instead. +.LP .SH EXAMPLES There are example SQL modules in the slapd/back-sql/rdbms_depend/ directory in the OpenLDAP source tree.