Commit 976a994a authored by Quanah Gibson-Mount's avatar Quanah Gibson-Mount
Browse files

overlay retcode section and spell check

specific section for manpage names
parent 2f317006
personal_ws-1.1 en 1642
personal_ws-1.1 en 1644
commonName
bla
Masarati
......@@ -6,8 +6,8 @@ subjectAltName
api
usnCreated
BhY
olcSyncRepl
olcSyncrepl
olcSyncRepl
adamsom
adamson
CER
......@@ -39,8 +39,8 @@ DIB
dev
reqNewSuperior
librewrite
memberof
memberOf
memberof
BSI
updateref
buf
......@@ -89,8 +89,8 @@ dlopen
eng
AttributeValue
attributevalue
DUA
EOF
DUA
inputfile
DSP
refreshDone
......@@ -125,10 +125,10 @@ iff
contextCSN
auditModify
auditSearch
OpenLDAP
openldap
resultcode
OpenLDAP
resultCode
resultcode
sysconfig
indices
blen
......@@ -164,13 +164,13 @@ argv
kdz
notAllowedOnRDN
hostport
StartTLS
starttls
StartTLS
ldb
servercredp
ldd
IPv
ipv
IPv
hyc
joe
bindmethods
......@@ -202,8 +202,8 @@ libpath
acknowledgements
jts
createTimestamp
MIB
LLL
MIB
OpenSSL
openssl
LOF
......@@ -243,10 +243,10 @@ Subbarao
aeeiib
oidlen
submatches
PEM
olc
OLF
PEM
PDU
OLF
LDAPSchemaExtensionItem
auth
Pierangelo
......@@ -262,8 +262,8 @@ cleartext
numattrsets
requestDN
caseExactSubstringsMatch
NSS
PKI
NSS
olcSyncProvConfig
ple
NTP
......@@ -286,9 +286,9 @@ rdn
wZFQrDD
OTP
olcSizeLimit
PRD
sbi
pos
sbi
PRD
pre
sudoadm
stringal
......@@ -308,8 +308,8 @@ bvec
HtZhZS
TBC
stringbv
SHA
Sep
SHA
ptr
conn
pwd
......@@ -326,8 +326,8 @@ myOID
supportedSASLMechanism
supportedSASLmechanism
realnamingcontext
UCD
SMD
UCD
keytab
portnumber
uncached
......@@ -340,8 +340,8 @@ sasldb
UCS
searchDN
keytbl
UDP
tgz
UDP
freemods
prepend
nssov
......@@ -359,22 +359,22 @@ crit
objectClassViolation
ssf
ldapfilter
vec
TOC
rwm
TOC
vec
pwdChangedTime
tls
peernamestyle
xpasswd
SRP
tmp
SRP
SSL
dupbv
CPUs
SRV
entrymods
sss
rwx
sss
reqNewRDN
nopresent
rebindproc
......@@ -435,8 +435,8 @@ pseudorootdn
MezRroT
GDBM
LIBRELEASE
DSA's
DSAs
DSA's
realloc
booleanMatch
compareTrue
......@@ -495,8 +495,8 @@ pwdMinLength
iZ
ldapdelete
xyz
rdbms
RDBMs
rdbms
extparam
mk
ng
......@@ -560,8 +560,8 @@ ZZ
LDVERSION
testAttr
backend
backends
backend's
backends
BerValues
Solaris
structs
......@@ -573,9 +573,9 @@ ostring
policyDN
testObject
pwdMaxAge
binddn
bindDN
bindDn
bindDN
binddn
distributedOperation
schemachecking
strvals
......@@ -618,14 +618,14 @@ IEEE
regex
SIGINT
slappasswd
errABsObject
errAbsObject
errABsObject
ldapexop
objectIdentifier
objectidentifier
objectIdentifier
deallocators
mirrormode
MirrorMode
mirrormode
loopDetect
SIGHUP
authMethodNotSupported
......@@ -642,8 +642,8 @@ filtercomp
expr
syntaxes
memrealloc
returncode
returnCode
returncode
OpenLDAP's
exts
bitstringa
......@@ -667,8 +667,8 @@ lastName
lldap
cachesize
slapauth
attributeType
attributetype
attributeType
GSER
olcDbNosync
typedef
......@@ -685,11 +685,11 @@ monitoredObject
TLSVerifyClient
noidlen
LDAPNOINIT
pwdGraceAuthnLimit
pwdGraceAuthNLimit
pwdGraceAuthnLimit
hnPk
userpassword
userPassword
userpassword
noanonymous
LIBVERSION
symas
......@@ -708,9 +708,9 @@ IMAP
organisations
rewriteMap
monitoredInfo
modrDN
ModRDN
modrdn
ModRDN
modrDN
HREF
DQTxCYEApdUtNXGgdUac
inline
......@@ -723,8 +723,8 @@ reqReferral
rlookups
siiiib
LTSTATIC
timelimitExceeded
timeLimitExceeded
timelimitExceeded
XKYnrjvGT
subtrees
unixODBC
......@@ -736,8 +736,8 @@ reqDN
dnstyle
inet
schemas
pwdPolicySubentry
pwdPolicySubEntry
pwdPolicySubentry
reqId
scanf
olcBackend
......@@ -1070,8 +1070,8 @@ noop
errObject
XXLIBS
reqAssertion
nops
PDUs
nops
baseObject
bvecadd
perl
......@@ -1121,6 +1121,7 @@ logbase
oMxg
filterlist
generalizedTimeMatch
strongAuthRequired
Google
sessionlog
balancer
......@@ -1366,6 +1367,7 @@ SSFs
octetStringOrderingStringMatch
auditCompare
pEntry
strongAuthNotSupported
endblock
LDAPAVA
startup
......@@ -1565,12 +1567,12 @@ jpegPhoto
supportedSASLMechanisms
ACLs
reqMethod
authzId
authzid
authzID
authzid
authzId
hasSubordintes
proxyCache
proxycache
proxyCache
slaptest
olcLogLevel
LDAPDN
......@@ -1595,8 +1597,8 @@ wBDARESEhgVG
multi
aaa
ldaprc
UpdateDN
updatedn
UpdateDN
LDAPBASE
LDAPAPIFeatureInfo
authzTo
......@@ -1638,6 +1640,6 @@ ali
attributeoptions
BfQ
uidNumber
CA's
CAs
CA's
namingContext
......@@ -162,7 +162,10 @@ An example search result against {{B:cn=accesslog}} might look like:
> # numResponses: 3
> # numEntries: 2
For more information, please see {{slapo-accesslog(5)}} and the {{SECT:delta-syncrepl replication}} section.
H3: Further Information
{{slapo-accesslog(5)}} and the {{SECT:delta-syncrepl replication}} section.
H2: Audit Logging
......@@ -189,7 +192,7 @@ in {{B:cn=config}} and set what file the {{TERM:LDIF}} gets logged to (adjust to
In this example for testing, we are logging changes to {{F:/tmp/auditlog.ldif}}
A typical {{TERM:LDIF}} file created by {{B:slapo-auditlog (5)}} would look like:
A typical {{TERM:LDIF}} file created by {{B:slapo-auditlog(5)}} would look like:
> # add 1196797576 dc=suretecsystems,dc=com cn=admin,dc=suretecsystems,dc=com
> dn: dc=suretecsystems,dc=com
......@@ -224,6 +227,11 @@ A typical {{TERM:LDIF}} file created by {{B:slapo-auditlog (5)}} would look like
> # end add 1196797577
H3: Further Information
{{:slapo-auditlog(5)}}
H2: Chaining
......@@ -314,6 +322,11 @@ side, the actual error is returned to the client.
> chain-return-error TRUE
H3: Further Information
{{:slapo-chain(5)}}
H2: Constraints
......@@ -350,6 +363,11 @@ An example for use with {{cn=config}}:
> olcConstraintAttribute: mail regex ^[:alnum:]+@mydomain.com$
> olcConstraintAttribute: title uri ldap:///dc=catalog,dc=example,dc=com?title?sub?(objectClass=titleCatalog)
H3: Further Information
{{:slapo-constraint(5)}}
H2: Dynamic Directory Services
......@@ -436,6 +454,12 @@ refresh the meeting using (basically complete control):
Any user can join the meeting, but not add another attendee, but they can refresh the meeting. The ACLs above are quite straight forward to understand.
H3: Further Information
{{:slapo-dds(5)}}
H2: Dynamic Groups
......@@ -482,6 +506,7 @@ Here is an example which will allow us to have an email alias which automaticall
expands to all user's emails according to our LDAP filter:
In {{slapd.conf}}(5):
> overlay dynlist
> dynlist-attrset nisMailAlias labeledURI
......@@ -489,6 +514,7 @@ This means that whenever an entry which has the {{F:nisMailAlias}} object class
retrieved, the search specified in the {{F:labeledURI}} attribute is performed.
Let's say we have this entry in our directory:
> cn=all,ou=aliases,dc=example,dc=com
> cn: all
> objectClass: nisMailAlias
......@@ -510,10 +536,12 @@ automatically populate an {{F:allusers}} group with all the user accounts in the
directory.
In {{F:slapd.conf}}(5):
> overlay dynlist
> dynlist-attrset groupOfNames labeledURI member
Let's apply it to the following entry:
> cn=allusers,ou=group,dc=example,dc=com
> cn: all
> objectClass: groupOfNames
......@@ -536,6 +564,12 @@ distinguished names. The {{F:memberUid}} attribute used in the {{F:posixGroup}}
object class can hold only names, not DNs, and is therefore not suitable for
dynamic groups.
H3: Further Information
{{:slapo-dynlist(5)}}
H2: Reverse Group Membership Maintenance
H3: Overview
......@@ -614,6 +648,11 @@ Note that the {{B:memberOf}} attribute is an operational attribute, so it must b
requested explicitly.
H3: Further Information
{{:slapo-memberof(5)}}
H2: The Proxy Cache Engine
{{TERM:LDAP}} servers typically hold one or more subtrees of a
......@@ -757,6 +796,11 @@ H5: Examples:
is not cacheable, because the filter does not match the template ( logical
OR "|" condition instead of logical AND "&" )
H3: Further Information
{{:slapo-pcache(5)}}
H2: Password Policies
......@@ -870,6 +914,10 @@ Please see {{slapo-ppolicy(5)}} for complete explanations of features and discus
"Password Management Issues" at {{URL:http://www.connexitor.com/forums/viewtopic.php?f=6&t=25}}
H3: Further Information
{{:slapo-ppolicy(5)}}
H2: Referential Integrity
......@@ -897,6 +945,7 @@ all the groups he/she was a member of. No more scripting for this.
H3: Referential Integrity Configuration
The configuration for this overlay is as follows:
> overlay refint
> refint_attributes <attribute [attribute ...]>
> refint_nothing <string>
......@@ -917,6 +966,7 @@ to the entry.
To illustrate this overlay, we will use the group membership scenario.
In {{F:slapd.conf}}:
> overlay refint
> refint_attributes member
> refint_nothing "cn=admin,dc=example,dc=com"
......@@ -941,30 +991,95 @@ If we removed all users from the directory who are a member of this group, then
would be a single member in the group: {{F:cn=admin,dc=example,dc=com}}. This is the
{{F:refint_nothing}} parameter kicking into action so that the schema is not violated.
H3: Further Information
{{:slapo-refint(5)}}
H2: Return Code
H3: Overview
This overlay is useful to test the behavior of clients when
server-generated erroneous and/or unusual responses occur.
server-generated erroneous and/or unusual responses occur,
for example; error codes, referrals, excessive response times and so on.
This would be classed as a debugging tool whilst developing client software
or additional Overlays.
For detailed information, please see the {{slapo-retcode(5)}} man page.
H3: Return Code Configuration
The retcode overlay utilizes the "return code" schema described in the man page.
This schema is specifically designed for use with this overlay and is not intended
to be used otherwise.
Note: The necessary schema is loaded automatically by the overlay.
An example configuration might be:
> overlay retcode
> retcode-parent "ou=RetCodes,dc=example,dc=com"
> include ./retcode.conf
>
> retcode-item "cn=Unsolicited" 0x00 unsolicited="0"
> retcode-item "cn=Notice of Disconnect" 0x00 unsolicited="1.3.6.1.4.1.1466.20036"
> retcode-item "cn=Pre-disconnect" 0x34 flags="pre-disconnect"
> retcode-item "cn=Post-disconnect" 0x34 flags="post-disconnect"
Note: {{retcode.conf}} can be found in the openldap source at: {{F:tests/data/retcode.conf}}
An excerpt of a {{F:retcode.conf}} would be something like:
> retcode-item "cn=success" 0x00
>
> retcode-item "cn=success w/ delay" 0x00 sleeptime=2
>
> retcode-item "cn=operationsError" 0x01
> retcode-item "cn=protocolError" 0x02
> retcode-item "cn=timeLimitExceeded" 0x03 op=search
> retcode-item "cn=sizeLimitExceeded" 0x04 op=search
> retcode-item "cn=compareFalse" 0x05 op=compare
> retcode-item "cn=compareTrue" 0x06 op=compare
> retcode-item "cn=authMethodNotSupported" 0x07
> retcode-item "cn=strongAuthNotSupported" 0x07 text="same as authMethodNotSupported"
> retcode-item "cn=strongAuthRequired" 0x08
> retcode-item "cn=strongerAuthRequired" 0x08 text="same as strongAuthRequired"
Please see {{F:tests/data/retcode.conf}} for a complete {{F:retcode.conf}}
H3: Further Information
{{:slapo-retcode(5)}}
H2: Rewrite/Remap
H3: Overview
It performs basic DN/data rewrite and
objectClass/attributeType mapping.
It performs basic DN/data rewrite and objectClass/attributeType mapping. Its
usage is mostly intended to provide virtual views of existing data either
remotely, in conjunction with the proxy backend described in {{slapd-ldap(5)}},
or locally, in conjunction with the relay backend described in {{slapd-relay(5)}}.
This overlay is extremely configurable and advanced, therefore recommended
reading is the {{slapo-rwm(5)}} man page.
H3: Rewrite/Remap Configuration
H3: Further Information
{{:slapo-rwm(5)}}
H2: Sync Provider
......@@ -977,6 +1092,11 @@ replication, including persistent search functionality
H3: Sync Provider Configuration
H3: Further Information
{{:slapo-syncprov(5)}}
H2: Translucent Proxy
......@@ -992,6 +1112,12 @@ overridden by the database.
H3: Translucent Proxy Configuration
H3: Further Information
{{:slapo-translucent(5)}}
H2: Attribute Uniqueness
......@@ -1004,6 +1130,11 @@ to enforce the uniqueness of some or all attributes within a subtree.
H3: Attribute Uniqueness Configuration
H3: Further Information
{{:slapo-unique(5)}}
H2: Value Sorting
......@@ -1016,6 +1147,11 @@ of an attribute when it is returned in a search.
H3: Value Sorting Configuration
H3: Further Information
{{:slapo-valsort(5)}}
H2: Overlay Stacking
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment