X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=doc%2Fman%2Fman5%2Fslapd-ldap.5;h=884d305c24fd179cf390b59041ef9a83f341166e;hb=006745430e494adb5c7e192576dbe783c602172a;hp=9c7274cf60143619e396e66329796b2f8a78250b;hpb=c661a772687ceab766918fd7724af419b4c2bbdc;p=openldap diff --git a/doc/man/man5/slapd-ldap.5 b/doc/man/man5/slapd-ldap.5 index 9c7274cf60..884d305c24 100644 --- a/doc/man/man5/slapd-ldap.5 +++ b/doc/man/man5/slapd-ldap.5 @@ -1,5 +1,5 @@ .TH SLAPD-LDAP 5 "RELEASEDATE" "OpenLDAP LDVERSION" -.\" Copyright 1998-2003 The OpenLDAP Foundation All Rights Reserved. +.\" Copyright 1998-2004 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. .\" $OpenLDAP$ .SH NAME @@ -33,9 +33,13 @@ Other database options are described in the manual page. .LP Note: It is strongly recommended to set +.LP .RS +.nf lastmod off +.fi .RE +.LP for every .B ldap and @@ -68,6 +72,32 @@ check permissions. .B bindpw Password used with the bind DN above. .TP +.B proxyauthzdn "" +DN which is used to propagate the client's identity to the target +by means of the proxyAuthz control when the client does not +belong to the DIT fragment that is being proxyied by back-ldap. +This is useful when operations performed by users bound to another +backend are propagated through back-ldap. +This requires the entry with +.B proxyauthzdn +identity on the remote server to have +.B proxyAuthz +privileges on a wide set of DNs, e.g. +.BR saslAuthzTo=dn.regex:.* , +and the remote server to have +.B sasl-authz-policy +set to +.B to +or +.BR both . +See +.BR slapd.conf (5) +for details on these statements and for remarks and drawbacks about +their usage. +.TP +.B proxyauthzpw +Password used with the proxy authz DN above. +.TP .B proxy-whoami Turns on proxying of the WhoAmI extended operation. If this option is given, back-ldap will replace slapd's original WhoAmI routine with its @@ -139,4 +169,5 @@ default slapd configuration file .BR slapd-meta (5), .BR slapd (8), .BR ldap (3). - +.SH AUTHOR +Howard Chu, with enhancements by Pierangelo Masarati