From 61b038ce35b54f868c3e5490a7ad328ac9aaa1c7 Mon Sep 17 00:00:00 2001
From: Pierangelo Masarati <ando@openldap.org>
Date: Wed, 18 Oct 2006 17:29:37 +0000
Subject: [PATCH] further clarify validity of search limits, and "beautify"
 paragraph

---
 doc/man/man5/slapd.conf.5 | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/doc/man/man5/slapd.conf.5 b/doc/man/man5/slapd.conf.5
index 98e7a4e4a1..6ad2e8ae4c 100644
--- a/doc/man/man5/slapd.conf.5
+++ b/doc/man/man5/slapd.conf.5
@@ -1579,15 +1579,19 @@ setting up a replicated
 directory service using the 
 .B syncrepl
 replication engine.
+
 .B rid
 identifies the current
 .B syncrepl
 directive within the replication consumer site.
 It is a non-negative integer having no more than three digits.
+
 .B provider
 specifies the replication provider site containing the master content
 as an LDAP URI. If <port> is not given, the standard LDAP port number
-(389 or 636) is used. The content of the
+(389 or 636) is used.
+
+The content of the
 .B syncrepl
 replica is defined using a search
 specification as its result set. The consumer
@@ -1605,6 +1609,11 @@ The \fBscope\fP defaults to \fBsub\fP, the \fBfilter\fP defaults to
 attributes, and \fBattrsonly\fP is unset by default.
 The \fBsizelimit\fP and \fBtimelimit\fP only
 accept "unlimited" and positive integers, and both default to "unlimited".
+Note, however, that any provider-side limits for the replication identity
+will be enforced by the provider regardless of the limits requested
+by the LDAP Content Synchronization operation, much like for any other
+search operation.
+
 The LDAP Content Synchronization protocol has two operation types.
 In the
 .B refreshOnly
@@ -1620,6 +1629,7 @@ Further updates to the master replica will generate
 .B searchResultEntry
 to the consumer slapd as the search responses to the persistent
 synchronization search.
+
 If an error occurs during replication, the consumer will attempt to
 reconnect according to the
 .B retry
@@ -1628,10 +1638,12 @@ For example, retry="60 10 300 3" lets the consumer retry every 60 seconds
 for the first 10 times and then retry every 300 seconds for the next 3
 times before stop retrying. The `+' in <# of retries> means indefinite
 number of retries until success.
+
 The schema checking can be enforced at the LDAP Sync
 consumer site by turning on the
 .B schemachecking
 parameter. The default is off.
+
 A
 .B bindmethod
 of 
@@ -1663,7 +1675,6 @@ keyword above) for a SASL bind can be set with the
 option. A non default SASL realm can be set with the
 .B realm 
 option.
-
 The provider, other than allow authentication of the syncrepl identity,
 should grant that identity appropriate access privileges to the data 
 that is being replicated (\fBaccess\fP directive), and appropriate time 
-- 
GitLab