.TH SLAPD-META 5 "RELEASEDATE" "OpenLDAP LDVERSION"
-.\" Copyright 1998-2015 The OpenLDAP Foundation, All Rights Reserved.
+.\" Copyright 1998-2017 The OpenLDAP Foundation, All Rights Reserved.
.\" Copying restrictions apply. See the COPYRIGHT file.
.\" Copyright 2001, Pierangelo Masarati, All rights reserved. <ando@sys-net.it>
.\" $OpenLDAP$
.TP
.B onerr {CONTINUE|report|stop}
-This directive allows to select the behavior in case an error is returned
+This directive allows one to select the behavior in case an error is returned
by one target during a search.
The default, \fBcontinue\fP, consists in continuing the operation,
trying to return as much data as possible.
If the value is set to \fBstop\fP, the search is terminated as soon
as an error is returned by one target, and the error is immediately
propagated to the client.
-If the value is set to \fBreport\fP, the search is continuated to the end
+If the value is set to \fBreport\fP, the search is continued to the end
but, in case at least one target returned an error code, the first
non-success error code is returned.
.TP
.B client\-pr {accept-unsolicited|DISABLE|<size>}
-This feature allows to use RFC 2696 Paged Results control when performing
+This feature allows one to use RFC 2696 Paged Results control when performing
search operations with a specific target,
irrespective of the client's request.
When set to a numeric value, Paged Results control is always
.B [tls_protocol_min=<major>[.<minor>]]
.B [tls_crlcheck=none|peer|all]
.RS
-Allows to define the parameters of the authentication method that is
+Allows one to define the parameters of the authentication method that is
internally used by the proxy to authorize connections that are
authenticated by other databases.
The identity defined by this directive, according to the properties
.TP
.B subtree\-{exclude|include} "<rule>"
-This directive allows to indicate what subtrees are actually served
+This directive allows one to indicate what subtrees are actually served
by a target.
The syntax of the supported rules is
.TP
.B timeout [<op>=]<val> [...]
-This directive allows to set per-operation timeouts.
+This directive allows one to set per-operation timeouts.
Operations can be
\fB<op> ::= bind, add, delete, modrdn, modify, compare, search\fP
above scenarios.
.SH ACLs
Note on ACLs: at present you may add whatever ACL rule you desire
-to to the Meta (and LDAP) backends.
+to the Meta (and LDAP) backends.
However, the meaning of an ACL on a proxy may require some
considerations.
Two philosophies may be considered:
Rules are made of a regex match pattern, a substitution pattern
and a set of actions, described by a set of flags.
In case of match a string rewriting is performed according to the
-substitution pattern that allows to refer to substrings matched in the
+substitution pattern that allows one to refer to substrings matched in the
incoming string.
The actions, if any, are finally performed.
The substitution pattern allows map resolution of substrings.
.SH "Additional configuration syntax:"
.TP
.B rewriteMap "<map type>" "<map name>" "[ <map attrs> ]"
-Allows to define a map that transforms substring rewriting into
+Allows one to define a map that transforms substring rewriting into
something else.
The map is referenced inside the substitution pattern of a rule.
.TP