overlay retcode section and spell check

specific section for manpage names

doc/guide/admin/aspell.en.pws

-personal_ws-1.1 en 1642 
+personal_ws-1.1 en 1644 
 commonName
 bla
 Masarati
@@ -6,8 +6,8 @@ subjectAltName
 api
 usnCreated
 BhY
-olcSyncRepl
 olcSyncrepl
+olcSyncRepl
 adamsom
 adamson
 CER
@@ -39,8 +39,8 @@ DIB
 dev
 reqNewSuperior
 librewrite
-memberof
 memberOf
+memberof
 BSI
 updateref
 buf
@@ -89,8 +89,8 @@ dlopen
 eng
 AttributeValue
 attributevalue
-DUA
 EOF
+DUA
 inputfile
 DSP
 refreshDone
@@ -125,10 +125,10 @@ iff
 contextCSN
 auditModify
 auditSearch
-OpenLDAP
 openldap
-resultcode
+OpenLDAP
 resultCode
+resultcode
 sysconfig
 indices
 blen
@@ -164,13 +164,13 @@ argv
 kdz
 notAllowedOnRDN
 hostport
-StartTLS
 starttls
+StartTLS
 ldb
 servercredp
 ldd
-IPv
 ipv
+IPv
 hyc
 joe
 bindmethods
@@ -202,8 +202,8 @@ libpath
 acknowledgements
 jts
 createTimestamp
-MIB
 LLL
+MIB
 OpenSSL
 openssl
 LOF
@@ -243,10 +243,10 @@ Subbarao
 aeeiib
 oidlen
 submatches
-PEM
 olc
-OLF
+PEM
 PDU
+OLF
 LDAPSchemaExtensionItem
 auth
 Pierangelo
@@ -262,8 +262,8 @@ cleartext
 numattrsets
 requestDN
 caseExactSubstringsMatch
-NSS
 PKI
+NSS
 olcSyncProvConfig
 ple
 NTP
@@ -286,9 +286,9 @@ rdn
 wZFQrDD
 OTP
 olcSizeLimit
-PRD
-sbi
 pos
+sbi
+PRD
 pre
 sudoadm
 stringal
@@ -308,8 +308,8 @@ bvec
 HtZhZS
 TBC
 stringbv
-SHA
 Sep
+SHA
 ptr
 conn
 pwd
@@ -326,8 +326,8 @@ myOID
 supportedSASLMechanism
 supportedSASLmechanism
 realnamingcontext
-UCD
 SMD
+UCD
 keytab
 portnumber
 uncached
@@ -340,8 +340,8 @@ sasldb
 UCS
 searchDN
 keytbl
-UDP
 tgz
+UDP
 freemods
 prepend
 nssov
@@ -359,22 +359,22 @@ crit
 objectClassViolation
 ssf
 ldapfilter
-vec
-TOC
 rwm
+TOC
+vec
 pwdChangedTime
 tls
 peernamestyle
 xpasswd
-SRP
 tmp
+SRP
 SSL
 dupbv
 CPUs
 SRV
 entrymods
-sss
 rwx
+sss
 reqNewRDN
 nopresent
 rebindproc
@@ -435,8 +435,8 @@ pseudorootdn
 MezRroT
 GDBM
 LIBRELEASE
-DSA's
 DSAs
+DSA's
 realloc
 booleanMatch
 compareTrue
@@ -495,8 +495,8 @@ pwdMinLength
 iZ
 ldapdelete
 xyz
-rdbms
 RDBMs
+rdbms
 extparam
 mk
 ng
@@ -560,8 +560,8 @@ ZZ
 LDVERSION
 testAttr
 backend
-backends
 backend's
+backends
 BerValues
 Solaris
 structs
@@ -573,9 +573,9 @@ ostring
 policyDN
 testObject
 pwdMaxAge
-binddn
-bindDN
 bindDn
+bindDN
+binddn
 distributedOperation
 schemachecking
 strvals
@@ -618,14 +618,14 @@ IEEE
 regex
 SIGINT
 slappasswd
-errABsObject
 errAbsObject
+errABsObject
 ldapexop
-objectIdentifier
 objectidentifier
+objectIdentifier
 deallocators
-mirrormode
 MirrorMode
+mirrormode
 loopDetect
 SIGHUP
 authMethodNotSupported
@@ -642,8 +642,8 @@ filtercomp
 expr
 syntaxes
 memrealloc
-returncode
 returnCode
+returncode
 OpenLDAP's
 exts
 bitstringa
@@ -667,8 +667,8 @@ lastName
 lldap
 cachesize
 slapauth
-attributeType
 attributetype
+attributeType
 GSER
 olcDbNosync
 typedef
@@ -685,11 +685,11 @@ monitoredObject
 TLSVerifyClient
 noidlen
 LDAPNOINIT
-pwdGraceAuthnLimit
 pwdGraceAuthNLimit
+pwdGraceAuthnLimit
 hnPk
-userpassword
 userPassword
+userpassword
 noanonymous
 LIBVERSION
 symas
@@ -708,9 +708,9 @@ IMAP
 organisations
 rewriteMap
 monitoredInfo
-modrDN
-ModRDN
 modrdn
+ModRDN
+modrDN
 HREF
 DQTxCYEApdUtNXGgdUac
 inline
@@ -723,8 +723,8 @@ reqReferral
 rlookups
 siiiib
 LTSTATIC
-timelimitExceeded
 timeLimitExceeded
+timelimitExceeded
 XKYnrjvGT
 subtrees
 unixODBC
@@ -736,8 +736,8 @@ reqDN
 dnstyle
 inet
 schemas
-pwdPolicySubentry
 pwdPolicySubEntry
+pwdPolicySubentry
 reqId
 scanf
 olcBackend
@@ -1070,8 +1070,8 @@ noop
 errObject
 XXLIBS
 reqAssertion
-nops
 PDUs
+nops
 baseObject
 bvecadd
 perl
@@ -1121,6 +1121,7 @@ logbase
 oMxg
 filterlist
 generalizedTimeMatch
+strongAuthRequired
 Google
 sessionlog
 balancer
@@ -1366,6 +1367,7 @@ SSFs
 octetStringOrderingStringMatch
 auditCompare
 pEntry
+strongAuthNotSupported
 endblock
 LDAPAVA
 startup
@@ -1565,12 +1567,12 @@ jpegPhoto
 supportedSASLMechanisms
 ACLs
 reqMethod
-authzId
-authzid
 authzID
+authzid
+authzId
 hasSubordintes
-proxyCache
 proxycache
+proxyCache
 slaptest
 olcLogLevel
 LDAPDN
@@ -1595,8 +1597,8 @@ wBDARESEhgVG
 multi
 aaa
 ldaprc
-UpdateDN
 updatedn
+UpdateDN
 LDAPBASE
 LDAPAPIFeatureInfo
 authzTo
@@ -1638,6 +1640,6 @@ ali
 attributeoptions
 BfQ
 uidNumber
-CA's
 CAs
+CA's
 namingContext

doc/guide/admin/overlays.sdf

@@ -162,7 +162,10 @@ An example search result against {{B:cn=accesslog}} might look like:
 >        # numResponses: 3
 >        # numEntries: 2
 
-For more information, please see {{slapo-accesslog(5)}} and the {{SECT:delta-syncrepl replication}} section.
+
+H3: Further Information
+
+{{slapo-accesslog(5)}} and the {{SECT:delta-syncrepl replication}} section.
 
 
 H2: Audit Logging
@@ -189,7 +192,7 @@ in {{B:cn=config}} and set what file the {{TERM:LDIF}} gets logged to (adjust to
 
 In this example for testing, we are logging changes to {{F:/tmp/auditlog.ldif}}
 
-A typical {{TERM:LDIF}} file created by {{B:slapo-auditlog (5)}} would look like:
+A typical {{TERM:LDIF}} file created by {{B:slapo-auditlog(5)}} would look like:
 
 >       # add 1196797576 dc=suretecsystems,dc=com cn=admin,dc=suretecsystems,dc=com
 >       dn: dc=suretecsystems,dc=com
@@ -224,6 +227,11 @@ A typical {{TERM:LDIF}} file created by {{B:slapo-auditlog (5)}} would look like
 >       # end add 1196797577
 
 
+H3: Further Information
+
+{{:slapo-auditlog(5)}}
+
+
 H2: Chaining
 
 
@@ -314,6 +322,11 @@ side, the actual error is returned to the client.
 >        chain-return-error TRUE
 
 
+H3: Further Information
+
+{{:slapo-chain(5)}}
+
+
 H2: Constraints
 
 
@@ -350,6 +363,11 @@ An example for use with {{cn=config}}:
 >       olcConstraintAttribute: mail regex ^[:alnum:]+@mydomain.com$
 >       olcConstraintAttribute: title uri ldap:///dc=catalog,dc=example,dc=com?title?sub?(objectClass=titleCatalog)
 
+
+H3: Further Information
+
+{{:slapo-constraint(5)}}
+
    
 H2: Dynamic Directory Services
 
@@ -436,6 +454,12 @@ refresh the meeting using (basically complete control):
 
 Any user can join the meeting, but not add another attendee, but they can refresh the meeting. The ACLs above are quite straight forward to understand.
 
+
+H3: Further Information
+
+{{:slapo-dds(5)}}
+
+
 H2: Dynamic Groups
 
 
@@ -482,6 +506,7 @@ Here is an example which will allow us to have an email alias which automaticall
 expands to all user's emails according to our LDAP filter:
 
 In {{slapd.conf}}(5):
+
 >       overlay dynlist
 >       dynlist-attrset nisMailAlias labeledURI
 
@@ -489,6 +514,7 @@ This means that whenever an entry which has the {{F:nisMailAlias}} object class
 retrieved, the search specified in the {{F:labeledURI}} attribute is performed.
 
 Let's say we have this entry in our directory:
+
 >       cn=all,ou=aliases,dc=example,dc=com
 >       cn: all
 >       objectClass: nisMailAlias
@@ -510,10 +536,12 @@ automatically populate an {{F:allusers}} group with all the user accounts in the
 directory.
 
 In {{F:slapd.conf}}(5):
+
 >       overlay dynlist
 >       dynlist-attrset groupOfNames labeledURI member
 
 Let's apply it to the following entry:
+
 >       cn=allusers,ou=group,dc=example,dc=com
 >       cn: all
 >       objectClass: groupOfNames
@@ -536,6 +564,12 @@ distinguished names. The {{F:memberUid}} attribute used in the {{F:posixGroup}}
 object class can hold only names, not DNs, and is therefore not suitable for
 dynamic groups.
 
+
+H3: Further Information
+
+{{:slapo-dynlist(5)}}
+
+
 H2: Reverse Group Membership Maintenance
 
 H3: Overview
@@ -614,6 +648,11 @@ Note that the {{B:memberOf}} attribute is an operational attribute, so it must b
 requested explicitly.
 
 
+H3: Further Information
+
+{{:slapo-memberof(5)}}
+
+
 H2: The Proxy Cache Engine
 
 {{TERM:LDAP}} servers typically hold one or more subtrees of a
@@ -757,6 +796,11 @@ H5: Examples:
 
     is not cacheable, because the filter does not match the template ( logical
     OR "|" condition instead of logical AND "&" )
+
+
+H3: Further Information
+
+{{:slapo-pcache(5)}}
                            
                            
 H2: Password Policies
@@ -870,6 +914,10 @@ Please see {{slapo-ppolicy(5)}} for complete explanations of features and discus
  "Password Management Issues" at {{URL:http://www.connexitor.com/forums/viewtopic.php?f=6&t=25}}
 
 
+H3: Further Information
+
+{{:slapo-ppolicy(5)}}
+
 
 H2: Referential Integrity
 
@@ -897,6 +945,7 @@ all the groups he/she was a member of. No more scripting for this.
 H3: Referential Integrity Configuration
 
 The configuration for this overlay is as follows:
+
 >       overlay refint
 >       refint_attributes <attribute [attribute ...]>
 >       refint_nothing <string>
@@ -917,6 +966,7 @@ to the entry.
 To illustrate this overlay, we will use the group membership scenario.
 
 In {{F:slapd.conf}}:
+
 >       overlay refint
 >       refint_attributes member
 >       refint_nothing "cn=admin,dc=example,dc=com"
@@ -941,30 +991,95 @@ If we removed all users from the directory who are a member of this group, then
 would be a single member in the group: {{F:cn=admin,dc=example,dc=com}}. This is the
 {{F:refint_nothing}} parameter kicking into action so that the schema is not violated.
 
+
+H3: Further Information
+
+{{:slapo-refint(5)}}
+
+
 H2: Return Code
 
 
 H3: Overview
 
 This overlay is useful to test the behavior of clients when
-server-generated erroneous and/or unusual responses occur.
+server-generated erroneous and/or unusual responses occur,
+for example; error codes, referrals, excessive response times and so on.
+
+This would be classed as a debugging tool whilst developing client software
+or additional Overlays.
+
+For detailed information, please see the {{slapo-retcode(5)}} man page.
 
 
 H3: Return Code Configuration
 
+The retcode overlay utilizes the "return code" schema described in the man page.  
+This schema is specifically designed for use with this overlay and is not intended 
+to be used otherwise. 
+
+Note: The necessary schema is loaded automatically by the overlay.
+
+An example configuration might be:
+
+>       overlay         retcode
+>       retcode-parent  "ou=RetCodes,dc=example,dc=com"
+>       include         ./retcode.conf
+>       
+>       retcode-item    "cn=Unsolicited"                0x00 unsolicited="0"
+>       retcode-item    "cn=Notice of Disconnect"       0x00 unsolicited="1.3.6.1.4.1.1466.20036"
+>       retcode-item    "cn=Pre-disconnect"             0x34 flags="pre-disconnect"
+>       retcode-item    "cn=Post-disconnect"            0x34 flags="post-disconnect"
+
+Note: {{retcode.conf}} can be found in the openldap source at: {{F:tests/data/retcode.conf}}
+
+An excerpt of a {{F:retcode.conf}} would be something like:
+
+>       retcode-item    "cn=success"                            0x00
+>       
+>       retcode-item    "cn=success w/ delay"                   0x00    sleeptime=2
+>       
+>       retcode-item    "cn=operationsError"                    0x01
+>       retcode-item    "cn=protocolError"                      0x02
+>       retcode-item    "cn=timeLimitExceeded"                  0x03    op=search
+>       retcode-item    "cn=sizeLimitExceeded"                  0x04    op=search
+>       retcode-item    "cn=compareFalse"                       0x05    op=compare
+>       retcode-item    "cn=compareTrue"                        0x06    op=compare
+>       retcode-item    "cn=authMethodNotSupported"             0x07
+>       retcode-item    "cn=strongAuthNotSupported"             0x07    text="same as authMethodNotSupported"
+>       retcode-item    "cn=strongAuthRequired"                 0x08
+>       retcode-item    "cn=strongerAuthRequired"               0x08    text="same as strongAuthRequired"
+
+Please see {{F:tests/data/retcode.conf}} for a complete {{F:retcode.conf}}
+
+
+H3: Further Information
+
+{{:slapo-retcode(5)}}
+
 
 H2: Rewrite/Remap
             
             
 H3: Overview
 
-It performs basic DN/data rewrite and
-objectClass/attributeType mapping.
+It performs basic DN/data rewrite and objectClass/attributeType mapping. Its 
+usage is mostly intended to provide virtual views of existing data either 
+remotely, in conjunction with the proxy backend described in {{slapd-ldap(5)}}, 
+or locally, in conjunction with the relay backend described in {{slapd-relay(5)}}.
+
+This overlay is extremely configurable and advanced, therefore recommended 
+reading is the {{slapo-rwm(5)}} man page.
 
 
 H3: Rewrite/Remap Configuration
 
 
+H3: Further Information
+
+{{:slapo-rwm(5)}}
+
+
 H2: Sync Provider
 
 
@@ -977,6 +1092,11 @@ replication, including persistent search functionality
 H3: Sync Provider Configuration
 
 
+H3: Further Information
+
+{{:slapo-syncprov(5)}}
+
+
 H2: Translucent Proxy
 
 
@@ -992,6 +1112,12 @@ overridden by the database.
 H3: Translucent Proxy Configuration
 
 
+
+H3: Further Information
+
+{{:slapo-translucent(5)}}
+
+
 H2: Attribute Uniqueness
 
 
@@ -1004,6 +1130,11 @@ to enforce the uniqueness of some or all attributes within a subtree.
 H3: Attribute Uniqueness Configuration
 
 
+H3: Further Information
+
+{{:slapo-unique(5)}}
+
+
 H2: Value Sorting
 
 
@@ -1016,6 +1147,11 @@ of an attribute when it is returned in a search.
 H3: Value Sorting Configuration
 
 
+H3: Further Information
+
+{{:slapo-valsort(5)}}
+
+
 H2: Overlay Stacking