> # numResponses: 3
> # numEntries: 2
-For more information, please see {{slapo-accesslog(5)}} and the {{SECT:delta-syncrepl replication}} section.
+
+H3: Further Information
+
+{{slapo-accesslog(5)}} and the {{SECT:delta-syncrepl replication}} section.
H2: Audit Logging
In this example for testing, we are logging changes to {{F:/tmp/auditlog.ldif}}
-A typical {{TERM:LDIF}} file created by {{B:slapo-auditlog (5)}} would look like:
+A typical {{TERM:LDIF}} file created by {{B:slapo-auditlog(5)}} would look like:
> # add 1196797576 dc=suretecsystems,dc=com cn=admin,dc=suretecsystems,dc=com
> dn: dc=suretecsystems,dc=com
> # end add 1196797577
+H3: Further Information
+
+{{:slapo-auditlog(5)}}
+
+
H2: Chaining
> chain-return-error TRUE
+H3: Further Information
+
+{{:slapo-chain(5)}}
+
+
H2: Constraints
> olcConstraintAttribute: mail regex ^[:alnum:]+@mydomain.com$
> olcConstraintAttribute: title uri ldap:///dc=catalog,dc=example,dc=com?title?sub?(objectClass=titleCatalog)
+
+H3: Further Information
+
+{{:slapo-constraint(5)}}
+
H2: Dynamic Directory Services
Any user can join the meeting, but not add another attendee, but they can refresh the meeting. The ACLs above are quite straight forward to understand.
+
+H3: Further Information
+
+{{:slapo-dds(5)}}
+
+
H2: Dynamic Groups
expands to all user's emails according to our LDAP filter:
In {{slapd.conf}}(5):
+
> overlay dynlist
> dynlist-attrset nisMailAlias labeledURI
retrieved, the search specified in the {{F:labeledURI}} attribute is performed.
Let's say we have this entry in our directory:
+
> cn=all,ou=aliases,dc=example,dc=com
> cn: all
> objectClass: nisMailAlias
directory.
In {{F:slapd.conf}}(5):
+
> overlay dynlist
> dynlist-attrset groupOfNames labeledURI member
Let's apply it to the following entry:
+
> cn=allusers,ou=group,dc=example,dc=com
> cn: all
> objectClass: groupOfNames
object class can hold only names, not DNs, and is therefore not suitable for
dynamic groups.
+
+H3: Further Information
+
+{{:slapo-dynlist(5)}}
+
+
H2: Reverse Group Membership Maintenance
H3: Overview
requested explicitly.
+H3: Further Information
+
+{{:slapo-memberof(5)}}
+
+
H2: The Proxy Cache Engine
{{TERM:LDAP}} servers typically hold one or more subtrees of a
is not cacheable, because the filter does not match the template ( logical
OR "|" condition instead of logical AND "&" )
+
+
+H3: Further Information
+
+{{:slapo-pcache(5)}}
H2: Password Policies
"Password Management Issues" at {{URL:http://www.connexitor.com/forums/viewtopic.php?f=6&t=25}}
+H3: Further Information
+
+{{:slapo-ppolicy(5)}}
+
H2: Referential Integrity
H3: Referential Integrity Configuration
The configuration for this overlay is as follows:
+
> overlay refint
> refint_attributes <attribute [attribute ...]>
> refint_nothing <string>
To illustrate this overlay, we will use the group membership scenario.
In {{F:slapd.conf}}:
+
> overlay refint
> refint_attributes member
> refint_nothing "cn=admin,dc=example,dc=com"
would be a single member in the group: {{F:cn=admin,dc=example,dc=com}}. This is the
{{F:refint_nothing}} parameter kicking into action so that the schema is not violated.
+
+H3: Further Information
+
+{{:slapo-refint(5)}}
+
+
H2: Return Code
H3: Overview
This overlay is useful to test the behavior of clients when
-server-generated erroneous and/or unusual responses occur.
+server-generated erroneous and/or unusual responses occur,
+for example; error codes, referrals, excessive response times and so on.
+
+This would be classed as a debugging tool whilst developing client software
+or additional Overlays.
+
+For detailed information, please see the {{slapo-retcode(5)}} man page.
H3: Return Code Configuration
+The retcode overlay utilizes the "return code" schema described in the man page.
+This schema is specifically designed for use with this overlay and is not intended
+to be used otherwise.
+
+Note: The necessary schema is loaded automatically by the overlay.
+
+An example configuration might be:
+
+> overlay retcode
+> retcode-parent "ou=RetCodes,dc=example,dc=com"
+> include ./retcode.conf
+>
+> retcode-item "cn=Unsolicited" 0x00 unsolicited="0"
+> retcode-item "cn=Notice of Disconnect" 0x00 unsolicited="1.3.6.1.4.1.1466.20036"
+> retcode-item "cn=Pre-disconnect" 0x34 flags="pre-disconnect"
+> retcode-item "cn=Post-disconnect" 0x34 flags="post-disconnect"
+
+Note: {{retcode.conf}} can be found in the openldap source at: {{F:tests/data/retcode.conf}}
+
+An excerpt of a {{F:retcode.conf}} would be something like:
+
+> retcode-item "cn=success" 0x00
+>
+> retcode-item "cn=success w/ delay" 0x00 sleeptime=2
+>
+> retcode-item "cn=operationsError" 0x01
+> retcode-item "cn=protocolError" 0x02
+> retcode-item "cn=timeLimitExceeded" 0x03 op=search
+> retcode-item "cn=sizeLimitExceeded" 0x04 op=search
+> retcode-item "cn=compareFalse" 0x05 op=compare
+> retcode-item "cn=compareTrue" 0x06 op=compare
+> retcode-item "cn=authMethodNotSupported" 0x07
+> retcode-item "cn=strongAuthNotSupported" 0x07 text="same as authMethodNotSupported"
+> retcode-item "cn=strongAuthRequired" 0x08
+> retcode-item "cn=strongerAuthRequired" 0x08 text="same as strongAuthRequired"
+
+Please see {{F:tests/data/retcode.conf}} for a complete {{F:retcode.conf}}
+
+
+H3: Further Information
+
+{{:slapo-retcode(5)}}
+
H2: Rewrite/Remap
H3: Overview
-It performs basic DN/data rewrite and
-objectClass/attributeType mapping.
+It performs basic DN/data rewrite and objectClass/attributeType mapping. Its
+usage is mostly intended to provide virtual views of existing data either
+remotely, in conjunction with the proxy backend described in {{slapd-ldap(5)}},
+or locally, in conjunction with the relay backend described in {{slapd-relay(5)}}.
+
+This overlay is extremely configurable and advanced, therefore recommended
+reading is the {{slapo-rwm(5)}} man page.
H3: Rewrite/Remap Configuration
+H3: Further Information
+
+{{:slapo-rwm(5)}}
+
+
H2: Sync Provider
H3: Sync Provider Configuration
+H3: Further Information
+
+{{:slapo-syncprov(5)}}
+
+
H2: Translucent Proxy
H3: Translucent Proxy Configuration
+
+H3: Further Information
+
+{{:slapo-translucent(5)}}
+
+
H2: Attribute Uniqueness
H3: Attribute Uniqueness Configuration
+H3: Further Information
+
+{{:slapo-unique(5)}}
+
+
H2: Value Sorting
H3: Value Sorting Configuration
+H3: Further Information
+
+{{:slapo-valsort(5)}}
+
+
H2: Overlay Stacking