Skip to content
Snippets Groups Projects
Commit 3742cdd7 authored by Quanah Gibson-Mount's avatar Quanah Gibson-Mount
Browse files

Update with: 

starttls
tls keywords
logbase
logfilter
syncdata

parameters that are now available.  Add the relevant documentation from
slapd.conf(5) about these parameters.
parent e05fdb41
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
doc/guide/admin/slapdconf2.sdf
+ 30
0
View file @ 3742cdd7
......@@ -629,6 +629,17 @@ H4: olcSyncrepl
> [credentials=<passwd>]
> [realm=<realm>]
> [secprops=<properties>]
> [starttls=yes|critical]
> [tls_cert=<file>]
> [tls_key=<file>]
> [tls_cacert=<file>]
> [tls_cacertdir=<path>]
> [tls_reqcert=never|allow|try|demand]
> [tls_ciphersuite=<ciphers>]
> [tls_crlcheck=none|peer|all]
> [logbase=<base DN>]
> [logfilter=<filter str>]
> [syncdata=default|accesslog|changelog]
This directive specifies the current database as a replica of the
......@@ -727,6 +738,25 @@ The {{EX:realm}} parameter specifies a realm which a certain
mechanisms authenticate the identity within. The {{EX:secprops}}
parameter specifies Cyrus SASL security properties.
The {{EX:starttls}} parameter specifies use of the StartTLS extended
operation to establish a TLS session before Binding to the provider.
If the {{EX:critical}} argument is supplied, the session will be aborted
if the StartTLS request fails. Otherwise the syncrepl session continues
without TLS. Note that the main slapd TLS settings are not used by the
syncrepl engine; by default the TLS parameters from {{EX:ldap.conf}}
will be used. TLS settings may be specified here, in which case the
{{EX:ldap.conf}} settings will be completely ignored.
Rather than replicating whole entries, the consumer can query logs of
data modifications. This mode of operation is referred to as
{{EX:delta syncrepl}}. In addition to the above parameters, the
{{EX:logbase}} and {{EX:logfilter}} parameters must be set appropriately
for the log that will be used. The {{EX:syncdata}} parameter must be set
to either "accesslog" if the log conforms to the {{EX:slapo-accesslog (5)}}
log format, or "changelog" if the log conforms to the obsolete
{{EX:changelog}} format. If the {{EX:syncdata}} parameter is omitted or set
to "default" then the log parameters are ignored.
The syncrepl replication mechanism is supported by the
two native backends: back-bdb and back-hdb.
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment