From 976a994a0c5ebcbdcaaa13aed0ef11ada93c6be2 Mon Sep 17 00:00:00 2001
From: Quanah Gibson-Mount <quanah@openldap.org>
Date: Sat, 12 Jul 2008 07:53:45 +0000
Subject: [PATCH] overlay retcode section and spell check specific section for
manpage names
---
doc/guide/admin/aspell.en.pws | 88 ++++++++++----------
doc/guide/admin/overlays.sdf | 146 ++++++++++++++++++++++++++++++++--
2 files changed, 186 insertions(+), 48 deletions(-)
diff --git a/doc/guide/admin/aspell.en.pws b/doc/guide/admin/aspell.en.pws
index d05d6a5909..4253d89d3d 100644
--- a/doc/guide/admin/aspell.en.pws
+++ b/doc/guide/admin/aspell.en.pws
@@ -1,4 +1,4 @@
-personal_ws-1.1 en 1642
+personal_ws-1.1 en 1644
commonName
bla
Masarati
@@ -6,8 +6,8 @@ subjectAltName
api
usnCreated
BhY
-olcSyncRepl
olcSyncrepl
+olcSyncRepl
adamsom
adamson
CER
@@ -39,8 +39,8 @@ DIB
dev
reqNewSuperior
librewrite
-memberof
memberOf
+memberof
BSI
updateref
buf
@@ -89,8 +89,8 @@ dlopen
eng
AttributeValue
attributevalue
-DUA
EOF
+DUA
inputfile
DSP
refreshDone
@@ -125,10 +125,10 @@ iff
contextCSN
auditModify
auditSearch
-OpenLDAP
openldap
-resultcode
+OpenLDAP
resultCode
+resultcode
sysconfig
indices
blen
@@ -164,13 +164,13 @@ argv
kdz
notAllowedOnRDN
hostport
-StartTLS
starttls
+StartTLS
ldb
servercredp
ldd
-IPv
ipv
+IPv
hyc
joe
bindmethods
@@ -202,8 +202,8 @@ libpath
acknowledgements
jts
createTimestamp
-MIB
LLL
+MIB
OpenSSL
openssl
LOF
@@ -243,10 +243,10 @@ Subbarao
aeeiib
oidlen
submatches
-PEM
olc
-OLF
+PEM
PDU
+OLF
LDAPSchemaExtensionItem
auth
Pierangelo
@@ -262,8 +262,8 @@ cleartext
numattrsets
requestDN
caseExactSubstringsMatch
-NSS
PKI
+NSS
olcSyncProvConfig
ple
NTP
@@ -286,9 +286,9 @@ rdn
wZFQrDD
OTP
olcSizeLimit
-PRD
-sbi
pos
+sbi
+PRD
pre
sudoadm
stringal
@@ -308,8 +308,8 @@ bvec
HtZhZS
TBC
stringbv
-SHA
Sep
+SHA
ptr
conn
pwd
@@ -326,8 +326,8 @@ myOID
supportedSASLMechanism
supportedSASLmechanism
realnamingcontext
-UCD
SMD
+UCD
keytab
portnumber
uncached
@@ -340,8 +340,8 @@ sasldb
UCS
searchDN
keytbl
-UDP
tgz
+UDP
freemods
prepend
nssov
@@ -359,22 +359,22 @@ crit
objectClassViolation
ssf
ldapfilter
-vec
-TOC
rwm
+TOC
+vec
pwdChangedTime
tls
peernamestyle
xpasswd
-SRP
tmp
+SRP
SSL
dupbv
CPUs
SRV
entrymods
-sss
rwx
+sss
reqNewRDN
nopresent
rebindproc
@@ -435,8 +435,8 @@ pseudorootdn
MezRroT
GDBM
LIBRELEASE
-DSA's
DSAs
+DSA's
realloc
booleanMatch
compareTrue
@@ -495,8 +495,8 @@ pwdMinLength
iZ
ldapdelete
xyz
-rdbms
RDBMs
+rdbms
extparam
mk
ng
@@ -560,8 +560,8 @@ ZZ
LDVERSION
testAttr
backend
-backends
backend's
+backends
BerValues
Solaris
structs
@@ -573,9 +573,9 @@ ostring
policyDN
testObject
pwdMaxAge
-binddn
-bindDN
bindDn
+bindDN
+binddn
distributedOperation
schemachecking
strvals
@@ -618,14 +618,14 @@ IEEE
regex
SIGINT
slappasswd
-errABsObject
errAbsObject
+errABsObject
ldapexop
-objectIdentifier
objectidentifier
+objectIdentifier
deallocators
-mirrormode
MirrorMode
+mirrormode
loopDetect
SIGHUP
authMethodNotSupported
@@ -642,8 +642,8 @@ filtercomp
expr
syntaxes
memrealloc
-returncode
returnCode
+returncode
OpenLDAP's
exts
bitstringa
@@ -667,8 +667,8 @@ lastName
lldap
cachesize
slapauth
-attributeType
attributetype
+attributeType
GSER
olcDbNosync
typedef
@@ -685,11 +685,11 @@ monitoredObject
TLSVerifyClient
noidlen
LDAPNOINIT
-pwdGraceAuthnLimit
pwdGraceAuthNLimit
+pwdGraceAuthnLimit
hnPk
-userpassword
userPassword
+userpassword
noanonymous
LIBVERSION
symas
@@ -708,9 +708,9 @@ IMAP
organisations
rewriteMap
monitoredInfo
-modrDN
-ModRDN
modrdn
+ModRDN
+modrDN
HREF
DQTxCYEApdUtNXGgdUac
inline
@@ -723,8 +723,8 @@ reqReferral
rlookups
siiiib
LTSTATIC
-timelimitExceeded
timeLimitExceeded
+timelimitExceeded
XKYnrjvGT
subtrees
unixODBC
@@ -736,8 +736,8 @@ reqDN
dnstyle
inet
schemas
-pwdPolicySubentry
pwdPolicySubEntry
+pwdPolicySubentry
reqId
scanf
olcBackend
@@ -1070,8 +1070,8 @@ noop
errObject
XXLIBS
reqAssertion
-nops
PDUs
+nops
baseObject
bvecadd
perl
@@ -1121,6 +1121,7 @@ logbase
oMxg
filterlist
generalizedTimeMatch
+strongAuthRequired
Google
sessionlog
balancer
@@ -1366,6 +1367,7 @@ SSFs
octetStringOrderingStringMatch
auditCompare
pEntry
+strongAuthNotSupported
endblock
LDAPAVA
startup
@@ -1565,12 +1567,12 @@ jpegPhoto
supportedSASLMechanisms
ACLs
reqMethod
-authzId
-authzid
authzID
+authzid
+authzId
hasSubordintes
-proxyCache
proxycache
+proxyCache
slaptest
olcLogLevel
LDAPDN
@@ -1595,8 +1597,8 @@ wBDARESEhgVG
multi
aaa
ldaprc
-UpdateDN
updatedn
+UpdateDN
LDAPBASE
LDAPAPIFeatureInfo
authzTo
@@ -1638,6 +1640,6 @@ ali
attributeoptions
BfQ
uidNumber
-CA's
CAs
+CA's
namingContext
diff --git a/doc/guide/admin/overlays.sdf b/doc/guide/admin/overlays.sdf
index 4bd6af05db..0e8f8f85df 100644
--- a/doc/guide/admin/overlays.sdf
+++ b/doc/guide/admin/overlays.sdf
@@ -162,7 +162,10 @@ An example search result against {{B:cn=accesslog}} might look like:
> # numResponses: 3
> # numEntries: 2
-For more information, please see {{slapo-accesslog(5)}} and the {{SECT:delta-syncrepl replication}} section.
+
+H3: Further Information
+
+{{slapo-accesslog(5)}} and the {{SECT:delta-syncrepl replication}} section.
H2: Audit Logging
@@ -189,7 +192,7 @@ in {{B:cn=config}} and set what file the {{TERM:LDIF}} gets logged to (adjust to
In this example for testing, we are logging changes to {{F:/tmp/auditlog.ldif}}
-A typical {{TERM:LDIF}} file created by {{B:slapo-auditlog (5)}} would look like:
+A typical {{TERM:LDIF}} file created by {{B:slapo-auditlog(5)}} would look like:
> # add 1196797576 dc=suretecsystems,dc=com cn=admin,dc=suretecsystems,dc=com
> dn: dc=suretecsystems,dc=com
@@ -224,6 +227,11 @@ A typical {{TERM:LDIF}} file created by {{B:slapo-auditlog (5)}} would look like
> # end add 1196797577
+H3: Further Information
+
+{{:slapo-auditlog(5)}}
+
+
H2: Chaining
@@ -314,6 +322,11 @@ side, the actual error is returned to the client.
> chain-return-error TRUE
+H3: Further Information
+
+{{:slapo-chain(5)}}
+
+
H2: Constraints
@@ -350,6 +363,11 @@ An example for use with {{cn=config}}:
> olcConstraintAttribute: mail regex ^[:alnum:]+@mydomain.com$
> olcConstraintAttribute: title uri ldap:///dc=catalog,dc=example,dc=com?title?sub?(objectClass=titleCatalog)
+
+H3: Further Information
+
+{{:slapo-constraint(5)}}
+
H2: Dynamic Directory Services
@@ -436,6 +454,12 @@ refresh the meeting using (basically complete control):
Any user can join the meeting, but not add another attendee, but they can refresh the meeting. The ACLs above are quite straight forward to understand.
+
+H3: Further Information
+
+{{:slapo-dds(5)}}
+
+
H2: Dynamic Groups
@@ -482,6 +506,7 @@ Here is an example which will allow us to have an email alias which automaticall
expands to all user's emails according to our LDAP filter:
In {{slapd.conf}}(5):
+
> overlay dynlist
> dynlist-attrset nisMailAlias labeledURI
@@ -489,6 +514,7 @@ This means that whenever an entry which has the {{F:nisMailAlias}} object class
retrieved, the search specified in the {{F:labeledURI}} attribute is performed.
Let's say we have this entry in our directory:
+
> cn=all,ou=aliases,dc=example,dc=com
> cn: all
> objectClass: nisMailAlias
@@ -510,10 +536,12 @@ automatically populate an {{F:allusers}} group with all the user accounts in the
directory.
In {{F:slapd.conf}}(5):
+
> overlay dynlist
> dynlist-attrset groupOfNames labeledURI member
Let's apply it to the following entry:
+
> cn=allusers,ou=group,dc=example,dc=com
> cn: all
> objectClass: groupOfNames
@@ -536,6 +564,12 @@ distinguished names. The {{F:memberUid}} attribute used in the {{F:posixGroup}}
object class can hold only names, not DNs, and is therefore not suitable for
dynamic groups.
+
+H3: Further Information
+
+{{:slapo-dynlist(5)}}
+
+
H2: Reverse Group Membership Maintenance
H3: Overview
@@ -614,6 +648,11 @@ Note that the {{B:memberOf}} attribute is an operational attribute, so it must b
requested explicitly.
+H3: Further Information
+
+{{:slapo-memberof(5)}}
+
+
H2: The Proxy Cache Engine
{{TERM:LDAP}} servers typically hold one or more subtrees of a
@@ -757,6 +796,11 @@ H5: Examples:
is not cacheable, because the filter does not match the template ( logical
OR "|" condition instead of logical AND "&" )
+
+
+H3: Further Information
+
+{{:slapo-pcache(5)}}
H2: Password Policies
@@ -870,6 +914,10 @@ Please see {{slapo-ppolicy(5)}} for complete explanations of features and discus
"Password Management Issues" at {{URL:http://www.connexitor.com/forums/viewtopic.php?f=6&t=25}}
+H3: Further Information
+
+{{:slapo-ppolicy(5)}}
+
H2: Referential Integrity
@@ -897,6 +945,7 @@ all the groups he/she was a member of. No more scripting for this.
H3: Referential Integrity Configuration
The configuration for this overlay is as follows:
+
> overlay refint
> refint_attributes <attribute [attribute ...]>
> refint_nothing <string>
@@ -917,6 +966,7 @@ to the entry.
To illustrate this overlay, we will use the group membership scenario.
In {{F:slapd.conf}}:
+
> overlay refint
> refint_attributes member
> refint_nothing "cn=admin,dc=example,dc=com"
@@ -941,30 +991,95 @@ If we removed all users from the directory who are a member of this group, then
would be a single member in the group: {{F:cn=admin,dc=example,dc=com}}. This is the
{{F:refint_nothing}} parameter kicking into action so that the schema is not violated.
+
+H3: Further Information
+
+{{:slapo-refint(5)}}
+
+
H2: Return Code
H3: Overview
This overlay is useful to test the behavior of clients when
-server-generated erroneous and/or unusual responses occur.
+server-generated erroneous and/or unusual responses occur,
+for example; error codes, referrals, excessive response times and so on.
+
+This would be classed as a debugging tool whilst developing client software
+or additional Overlays.
+
+For detailed information, please see the {{slapo-retcode(5)}} man page.
H3: Return Code Configuration
+The retcode overlay utilizes the "return code" schema described in the man page.
+This schema is specifically designed for use with this overlay and is not intended
+to be used otherwise.
+
+Note: The necessary schema is loaded automatically by the overlay.
+
+An example configuration might be:
+
+> overlay retcode
+> retcode-parent "ou=RetCodes,dc=example,dc=com"
+> include ./retcode.conf
+>
+> retcode-item "cn=Unsolicited" 0x00 unsolicited="0"
+> retcode-item "cn=Notice of Disconnect" 0x00 unsolicited="1.3.6.1.4.1.1466.20036"
+> retcode-item "cn=Pre-disconnect" 0x34 flags="pre-disconnect"
+> retcode-item "cn=Post-disconnect" 0x34 flags="post-disconnect"
+
+Note: {{retcode.conf}} can be found in the openldap source at: {{F:tests/data/retcode.conf}}
+
+An excerpt of a {{F:retcode.conf}} would be something like:
+
+> retcode-item "cn=success" 0x00
+>
+> retcode-item "cn=success w/ delay" 0x00 sleeptime=2
+>
+> retcode-item "cn=operationsError" 0x01
+> retcode-item "cn=protocolError" 0x02
+> retcode-item "cn=timeLimitExceeded" 0x03 op=search
+> retcode-item "cn=sizeLimitExceeded" 0x04 op=search
+> retcode-item "cn=compareFalse" 0x05 op=compare
+> retcode-item "cn=compareTrue" 0x06 op=compare
+> retcode-item "cn=authMethodNotSupported" 0x07
+> retcode-item "cn=strongAuthNotSupported" 0x07 text="same as authMethodNotSupported"
+> retcode-item "cn=strongAuthRequired" 0x08
+> retcode-item "cn=strongerAuthRequired" 0x08 text="same as strongAuthRequired"
+
+Please see {{F:tests/data/retcode.conf}} for a complete {{F:retcode.conf}}
+
+
+H3: Further Information
+
+{{:slapo-retcode(5)}}
+
H2: Rewrite/Remap
H3: Overview
-It performs basic DN/data rewrite and
-objectClass/attributeType mapping.
+It performs basic DN/data rewrite and objectClass/attributeType mapping. Its
+usage is mostly intended to provide virtual views of existing data either
+remotely, in conjunction with the proxy backend described in {{slapd-ldap(5)}},
+or locally, in conjunction with the relay backend described in {{slapd-relay(5)}}.
+
+This overlay is extremely configurable and advanced, therefore recommended
+reading is the {{slapo-rwm(5)}} man page.
H3: Rewrite/Remap Configuration
+H3: Further Information
+
+{{:slapo-rwm(5)}}
+
+
H2: Sync Provider
@@ -977,6 +1092,11 @@ replication, including persistent search functionality
H3: Sync Provider Configuration
+H3: Further Information
+
+{{:slapo-syncprov(5)}}
+
+
H2: Translucent Proxy
@@ -992,6 +1112,12 @@ overridden by the database.
H3: Translucent Proxy Configuration
+
+H3: Further Information
+
+{{:slapo-translucent(5)}}
+
+
H2: Attribute Uniqueness
@@ -1004,6 +1130,11 @@ to enforce the uniqueness of some or all attributes within a subtree.
H3: Attribute Uniqueness Configuration
+H3: Further Information
+
+{{:slapo-unique(5)}}
+
+
H2: Value Sorting
@@ -1016,6 +1147,11 @@ of an attribute when it is returned in a search.
H3: Value Sorting Configuration
+H3: Further Information
+
+{{:slapo-valsort(5)}}
+
+
H2: Overlay Stacking
--
GitLab