From: Howard Chu Date: Sat, 20 Apr 2002 10:06:23 +0000 (+0000) Subject: ITS#1749 added maxderefdepth, suffiaxalias, TLSCACertificatePath, X-Git-Tag: OPENLDAP_REL_ENG_2_MP~155 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=5de276fa255d438907f2163ee610fbcb9ab63239;p=openldap ITS#1749 added maxderefdepth, suffiaxalias, TLSCACertificatePath, ucdata-path, moduleload, modulepath. sasl-external-x509dn-convert has been deleted from the code. --- diff --git a/doc/man/man5/slapd.conf.5 b/doc/man/man5/slapd.conf.5 index 154a2d00c9..827134160f 100644 --- a/doc/man/man5/slapd.conf.5 +++ b/doc/man/man5/slapd.conf.5 @@ -388,6 +388,19 @@ entry parsing .PD .RE .RE +.TP +.B moduleload +Specify the name of a dynamically loadable module to load. The filename +may be an absolute path name or a simple filename. Non-absolute names +are searched for in the directories specified by the +.B modulepath +option. This option and the +.B modulepath +option are only usable if slapd was compiled with --enable-modules. +.TP +.B modulepath +Specify a list of directories to search for loadable modules. Typically +the path is colon-separated but this depends on the operating system. .HP .B objectclass ( [NAME ] [DESC ] [{ ABSTRACT | STRUCTURAL | AUXILIARY }] [MUST ]\ @@ -505,7 +518,7 @@ form .RS .RS .TP -.B uid=[,cn=][,cn=],cn=AUTHZ +.B uid=[,cn=],cn=,cn=auth .RE This SASL name is then compared against the @@ -519,7 +532,7 @@ regular expression that are enclosed in parenthesis, e.g. .RS .RS .TP -.B uid=(.*)\\\\+realm=.* +.B uid=(.*),cn=.* .RE .RE @@ -545,10 +558,10 @@ options can be given in the configuration file to allow for multiple matching and replacement patterns. The matching patterns are checked in the order they appear in the file, stopping at the first successful match. -.B Caution: -Because the plus sign + is a character recognized by the regular expression engine, -and it will appear in SASL names that include a REALM, be careful to escape the -plus sign with a backslash \\+ to remove the character's special meaning. +.\".B Caution: +.\"Because the plus sign + is a character recognized by the regular expression engine, +.\"and it will appear in SASL names that include a REALM, be careful to escape the +.\"plus sign with a backslash \\+ to remove the character's special meaning. .RE .TP .B sasl-secprops @@ -665,6 +678,10 @@ Extra args can be added on the same line. See .BR limits for an explanation of the different flags. +.TP +.B ucdata-path +Specify the path to the directory containing the Unicode character +tables. The default path is LOCALSTATEDIR/ucdata. .SH TLS OPTIONS If .B slapd @@ -687,6 +704,11 @@ Authorities that .B slapd will recognize. .TP +.B TLSCACertificatePath +Specifies the path of a directory that contains Certificate Authority +certificates in separate individual files. Usually only one of this +or the TLSCACertificateFile is used. +.TP .B TLSCertificateFile Specifies the file that contains the .B slapd @@ -792,6 +814,10 @@ will automatically maintain the modifiersName, modifyTimestamp, creatorsName, and createTimestamp attributes for entries. By default, lastmod is on. .TP +.B maxderefdepth +Specifies the maximum number of aliases to dereference when trying to +resolve an entry, used to avoid inifinite alias loops. The default is 1. +.TP .B readonly on | off This option puts the database into "read-only" mode. Any attempts to modify the database will return an "unwilling to perform" error. By @@ -885,6 +911,11 @@ Specify the DN suffix of queries that will be passed to this backend database. Multiple suffix lines can be given and at least one is required for each database definition. .TP +.B suffixalias +Specify an alternate suffix that may be used to reference an already defined +database suffix. Operations specifying DNs residing under the alias +will execute as if they had specified the aliased suffix. +.TP .B subordinate Specify that the current backend database is a subordinate of another backend database. A subordinate database may have only one suffix. This