From: Gavin Henry Date: Fri, 11 Jul 2008 11:51:42 +0000 (+0000) Subject: overlay retcode section and spell check. X-Git-Tag: LOCKER_IDS~53 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=84f9e76825700389c1de953de4e9bbbf06e9890e;p=openldap overlay retcode section and spell check. --- diff --git a/doc/guide/admin/aspell.en.pws b/doc/guide/admin/aspell.en.pws index d05d6a5909..4253d89d3d 100644 --- a/doc/guide/admin/aspell.en.pws +++ b/doc/guide/admin/aspell.en.pws @@ -1,4 +1,4 @@ -personal_ws-1.1 en 1642 +personal_ws-1.1 en 1644 commonName bla Masarati @@ -6,8 +6,8 @@ subjectAltName api usnCreated BhY -olcSyncRepl olcSyncrepl +olcSyncRepl adamsom adamson CER @@ -39,8 +39,8 @@ DIB dev reqNewSuperior librewrite -memberof memberOf +memberof BSI updateref buf @@ -89,8 +89,8 @@ dlopen eng AttributeValue attributevalue -DUA EOF +DUA inputfile DSP refreshDone @@ -125,10 +125,10 @@ iff contextCSN auditModify auditSearch -OpenLDAP openldap -resultcode +OpenLDAP resultCode +resultcode sysconfig indices blen @@ -164,13 +164,13 @@ argv kdz notAllowedOnRDN hostport -StartTLS starttls +StartTLS ldb servercredp ldd -IPv ipv +IPv hyc joe bindmethods @@ -202,8 +202,8 @@ libpath acknowledgements jts createTimestamp -MIB LLL +MIB OpenSSL openssl LOF @@ -243,10 +243,10 @@ Subbarao aeeiib oidlen submatches -PEM olc -OLF +PEM PDU +OLF LDAPSchemaExtensionItem auth Pierangelo @@ -262,8 +262,8 @@ cleartext numattrsets requestDN caseExactSubstringsMatch -NSS PKI +NSS olcSyncProvConfig ple NTP @@ -286,9 +286,9 @@ rdn wZFQrDD OTP olcSizeLimit -PRD -sbi pos +sbi +PRD pre sudoadm stringal @@ -308,8 +308,8 @@ bvec HtZhZS TBC stringbv -SHA Sep +SHA ptr conn pwd @@ -326,8 +326,8 @@ myOID supportedSASLMechanism supportedSASLmechanism realnamingcontext -UCD SMD +UCD keytab portnumber uncached @@ -340,8 +340,8 @@ sasldb UCS searchDN keytbl -UDP tgz +UDP freemods prepend nssov @@ -359,22 +359,22 @@ crit objectClassViolation ssf ldapfilter -vec -TOC rwm +TOC +vec pwdChangedTime tls peernamestyle xpasswd -SRP tmp +SRP SSL dupbv CPUs SRV entrymods -sss rwx +sss reqNewRDN nopresent rebindproc @@ -435,8 +435,8 @@ pseudorootdn MezRroT GDBM LIBRELEASE -DSA's DSAs +DSA's realloc booleanMatch compareTrue @@ -495,8 +495,8 @@ pwdMinLength iZ ldapdelete xyz -rdbms RDBMs +rdbms extparam mk ng @@ -560,8 +560,8 @@ ZZ LDVERSION testAttr backend -backends backend's +backends BerValues Solaris structs @@ -573,9 +573,9 @@ ostring policyDN testObject pwdMaxAge -binddn -bindDN bindDn +bindDN +binddn distributedOperation schemachecking strvals @@ -618,14 +618,14 @@ IEEE regex SIGINT slappasswd -errABsObject errAbsObject +errABsObject ldapexop -objectIdentifier objectidentifier +objectIdentifier deallocators -mirrormode MirrorMode +mirrormode loopDetect SIGHUP authMethodNotSupported @@ -642,8 +642,8 @@ filtercomp expr syntaxes memrealloc -returncode returnCode +returncode OpenLDAP's exts bitstringa @@ -667,8 +667,8 @@ lastName lldap cachesize slapauth -attributeType attributetype +attributeType GSER olcDbNosync typedef @@ -685,11 +685,11 @@ monitoredObject TLSVerifyClient noidlen LDAPNOINIT -pwdGraceAuthnLimit pwdGraceAuthNLimit +pwdGraceAuthnLimit hnPk -userpassword userPassword +userpassword noanonymous LIBVERSION symas @@ -708,9 +708,9 @@ IMAP organisations rewriteMap monitoredInfo -modrDN -ModRDN modrdn +ModRDN +modrDN HREF DQTxCYEApdUtNXGgdUac inline @@ -723,8 +723,8 @@ reqReferral rlookups siiiib LTSTATIC -timelimitExceeded timeLimitExceeded +timelimitExceeded XKYnrjvGT subtrees unixODBC @@ -736,8 +736,8 @@ reqDN dnstyle inet schemas -pwdPolicySubentry pwdPolicySubEntry +pwdPolicySubentry reqId scanf olcBackend @@ -1070,8 +1070,8 @@ noop errObject XXLIBS reqAssertion -nops PDUs +nops baseObject bvecadd perl @@ -1121,6 +1121,7 @@ logbase oMxg filterlist generalizedTimeMatch +strongAuthRequired Google sessionlog balancer @@ -1366,6 +1367,7 @@ SSFs octetStringOrderingStringMatch auditCompare pEntry +strongAuthNotSupported endblock LDAPAVA startup @@ -1565,12 +1567,12 @@ jpegPhoto supportedSASLMechanisms ACLs reqMethod -authzId -authzid authzID +authzid +authzId hasSubordintes -proxyCache proxycache +proxyCache slaptest olcLogLevel LDAPDN @@ -1595,8 +1597,8 @@ wBDARESEhgVG multi aaa ldaprc -UpdateDN updatedn +UpdateDN LDAPBASE LDAPAPIFeatureInfo authzTo @@ -1638,6 +1640,6 @@ ali attributeoptions BfQ uidNumber -CA's CAs +CA's namingContext diff --git a/doc/guide/admin/overlays.sdf b/doc/guide/admin/overlays.sdf index 4bd6af05db..8828fd7913 100644 --- a/doc/guide/admin/overlays.sdf +++ b/doc/guide/admin/overlays.sdf @@ -482,6 +482,7 @@ Here is an example which will allow us to have an email alias which automaticall expands to all user's emails according to our LDAP filter: In {{slapd.conf}}(5): + > overlay dynlist > dynlist-attrset nisMailAlias labeledURI @@ -489,6 +490,7 @@ This means that whenever an entry which has the {{F:nisMailAlias}} object class retrieved, the search specified in the {{F:labeledURI}} attribute is performed. Let's say we have this entry in our directory: + > cn=all,ou=aliases,dc=example,dc=com > cn: all > objectClass: nisMailAlias @@ -510,10 +512,12 @@ automatically populate an {{F:allusers}} group with all the user accounts in the directory. In {{F:slapd.conf}}(5): + > overlay dynlist > dynlist-attrset groupOfNames labeledURI member Let's apply it to the following entry: + > cn=allusers,ou=group,dc=example,dc=com > cn: all > objectClass: groupOfNames @@ -897,6 +901,7 @@ all the groups he/she was a member of. No more scripting for this. H3: Referential Integrity Configuration The configuration for this overlay is as follows: + > overlay refint > refint_attributes > refint_nothing @@ -917,6 +922,7 @@ to the entry. To illustrate this overlay, we will use the group membership scenario. In {{F:slapd.conf}}: + > overlay refint > refint_attributes member > refint_nothing "cn=admin,dc=example,dc=com" @@ -947,11 +953,55 @@ H2: Return Code H3: Overview This overlay is useful to test the behavior of clients when -server-generated erroneous and/or unusual responses occur. +server-generated erroneous and/or unusual responses occur, +for example; error codes, referrals, excessive response times and so on. + +This would be classed as a debugging tool whilst developing client software +or additional Overlays. + +For detailed information, please see the {{slapo-retcode(5)}} man page. H3: Return Code Configuration +The retcode overlay utilizes the "return code" schema described in the man page. +This schema is specifically designed for use with this overlay and is not intended +to be used otherwise. + +Note: The necessary schema is loaded automatically by the overlay. + +An example configuration might be: + +> overlay retcode +> retcode-parent "ou=RetCodes,dc=example,dc=com" +> include ./retcode.conf +> +> retcode-item "cn=Unsolicited" 0x00 unsolicited="0" +> retcode-item "cn=Notice of Disconnect" 0x00 unsolicited="1.3.6.1.4.1.1466.20036" +> retcode-item "cn=Pre-disconnect" 0x34 flags="pre-disconnect" +> retcode-item "cn=Post-disconnect" 0x34 flags="post-disconnect" + +Note: {{retcode.conf}} can be found in the openldap source at: {{F:tests/data/retcode.conf}} + +An excerpt of a {{F:retcode.conf}} would be something like: + +> retcode-item "cn=success" 0x00 +> +> retcode-item "cn=success w/ delay" 0x00 sleeptime=2 +> +> retcode-item "cn=operationsError" 0x01 +> retcode-item "cn=protocolError" 0x02 +> retcode-item "cn=timeLimitExceeded" 0x03 op=search +> retcode-item "cn=sizeLimitExceeded" 0x04 op=search +> retcode-item "cn=compareFalse" 0x05 op=compare +> retcode-item "cn=compareTrue" 0x06 op=compare +> retcode-item "cn=authMethodNotSupported" 0x07 +> retcode-item "cn=strongAuthNotSupported" 0x07 text="same as authMethodNotSupported" +> retcode-item "cn=strongAuthRequired" 0x08 +> retcode-item "cn=strongerAuthRequired" 0x08 text="same as strongAuthRequired" + +Please see {{F:tests/data/retcode.conf}} for a complete {{F:retcode.conf}} + H2: Rewrite/Remap