ITS#6475 - Man page updates to slapd.conf/slapd-config for the new olcSaslAuxpropsDon...

[openldap] / doc / man / man5 / slapd.conf.5

diff --git a/doc/man/man5/slapd.conf.5 b/doc/man/man5/slapd.conf.5
index 74929ffcbdcc3c88f404810767916adf5d2ad608..fd54e8929e5c3b0ae910be35e45535b1847d9e17 100644 (file)
--- a/doc/man/man5/slapd.conf.5
+++ b/doc/man/man5/slapd.conf.5
@@ -675,7 +675,7 @@ only messages that get logged whatever log level is set
 The desired log level can be input as a single integer that combines 
 the (ORed) desired levels, both in decimal or in hexadecimal notation,
 as a list of integers (that are ORed internally),
-or as a list of the names that are shown between brackets, such that
+or as a list of the names that are shown between parentheses, such that
 .LP
 .nf
     loglevel 129
@@ -853,6 +853,17 @@ Specify which auxprop plugins to use for authentication lookups. The
 default is empty, which just uses slapd's internal support. Usually
 no other auxprop plugins are needed.
 .TP
+.B sasl\-auxprops\-dontusecopy <attr> [...]
+Specify which attribute(s) should be subject to the don't use copy control. This
+is necessary for some SASL mechanisms such as OTP to work in a replicated
+environment. The attribute "cmusaslsecretOTP" is the default value.
+.TP
+.B sasl\-auxprops\-dontusecopy\-ignore on | off
+Used to disable replication of the attribute(s) defined by
+sasl-auxprops-dontusecopy and instead use a local value for the attribute. This
+allows the SASL mechanism to continue to work if the master is offline. This can
+cause replication inconsistency. Defaults to off.
+.TP
 .B sasl\-host <fqdn>
 Used to specify the fully qualified domain name used for SASL processing.
 .TP