From 9bef3574038a99a2c16ac54dab1ec352fc61c6fe Mon Sep 17 00:00:00 2001 From: Quanah Gibson-Mount Date: Wed, 11 Oct 2017 14:31:01 -0700 Subject: [PATCH] ITS#6475 - Man page updates to slapd.conf/slapd-config for the new olcSaslAuxpropsDontUseCopy and olcSaslAuxpropsDontUseCopyIgnore parameters for use with SASL/OTP --- doc/man/man5/slapd-config.5 | 11 +++++++++++ doc/man/man5/slapd.conf.5 | 11 +++++++++++ 2 files changed, 22 insertions(+) diff --git a/doc/man/man5/slapd-config.5 b/doc/man/man5/slapd-config.5 index 16a90db33d..fa03a418b5 100644 --- a/doc/man/man5/slapd-config.5 +++ b/doc/man/man5/slapd-config.5 @@ -703,6 +703,17 @@ Specify which auxprop plugins to use for authentication lookups. The default is empty, which just uses slapd's internal support. Usually no other auxprop plugins are needed. .TP +.B olcSaslAuxpropsDontUseCopy: [...] +Specify which attribute(s) should be subject to the don't use copy control. This +is necessary for some SASL mechanisms such as OTP to work in a replicated +environment. The attribute "cmusaslsecretOTP" is the default value. +.TP +.B olcSaslAuxpropsDontUseCopyIgnore TRUE | FALSE +Used to disable replication of the attribute(s) defined by +olcSaslAuxpropsDontUseCopy and instead use a local value for the attribute. This +allows the SASL mechanism to continue to work if the master is offline. This can +cause replication inconsistency. Defaults to FALSE. +.TP .B olcSaslHost: Used to specify the fully qualified domain name used for SASL processing. .TP diff --git a/doc/man/man5/slapd.conf.5 b/doc/man/man5/slapd.conf.5 index 87b2b065fb..fd54e8929e 100644 --- a/doc/man/man5/slapd.conf.5 +++ b/doc/man/man5/slapd.conf.5 @@ -853,6 +853,17 @@ Specify which auxprop plugins to use for authentication lookups. The default is empty, which just uses slapd's internal support. Usually no other auxprop plugins are needed. .TP +.B sasl\-auxprops\-dontusecopy [...] +Specify which attribute(s) should be subject to the don't use copy control. This +is necessary for some SASL mechanisms such as OTP to work in a replicated +environment. The attribute "cmusaslsecretOTP" is the default value. +.TP +.B sasl\-auxprops\-dontusecopy\-ignore on | off +Used to disable replication of the attribute(s) defined by +sasl-auxprops-dontusecopy and instead use a local value for the attribute. This +allows the SASL mechanism to continue to work if the master is offline. This can +cause replication inconsistency. Defaults to off. +.TP .B sasl\-host Used to specify the fully qualified domain name used for SASL processing. .TP -- 2.39.2