For example, the {{SECT: Translucent Proxy}}, which retrieves entries from a
remote LDAP server that can be partially overridden by the defined database, has
only four specific {{translucent-}} directives, but can be configured using any
-of the normal {{slapd-ldap(5)}} options. See {[slapo-translucent(5)}} for details.
+of the normal {{slapd-ldap(5)}} options. See {{slapo-translucent(5)}} for details.
Other {{SECT: Overlays}} allow you to tag directives in front of a normal
{{slapd-ldap(5)}} directive. For example, the {{slapo-chain(5)}} overlay does
subtree. Each object contains information about a particular aspect
of the server. The information is held in a combination of user
applications and operational attributes. This information can be
-access with {{ldapsearch(1)}}, with any general-purpose LDAP browser,
+accessed with {{ldapsearch(1)}}, with any general-purpose LDAP browser,
or with specialized monitoring tools. The {{SECT:Accessing Monitoring
Information}} section provides a brief tutorial on how to use
{{ldapsearch}}(1) to access monitoring information, while the
H3: Backends
-The {{EX:cn=Backends,cn=Monitor}} object, itself, provides a list
-of available backends. The list of available backends all builtin
-backends, as well as backends loaded by modules. For example:
+The {{EX:cn=Backends,cn=Monitor}} object provides a list of available
+backends. The list of available backends includes all builtin backends,
+as well as those backends loaded by modules. For example:
> dn: cn=Backends,cn=Monitor
> monitoredInfo: config
authenticate the LDAP session.
Pass-Through authentication works only with plaintext passwords, as
-used in the "simple bind" and "SASL PLAIN" authentication mechanisms.}}
+used in the "simple bind" and "SASL PLAIN" authentication mechanisms.
Pass-Through authentication is selective: it only affects users whose
{{userPassword}} attribute has a value marked with the "{SASL}"
> [filter=<filter str>]
> [scope=sub|one|base]
> [attrs=<attr list>]
+> [exattrs=<attr list>]
> [attrsonly]
> [sizelimit=<limit>]
> [timelimit=<limit>]
specification as its result set. The consumer slapd will
send search requests to the provider slapd according to the search
specification. The search specification includes {{EX:searchbase}},
-{{EX:scope}}, {{EX:filter}}, {{EX:attrs}}, {{EX:attrsonly}},
+{{EX:scope}}, {{EX:filter}}, {{EX:attrs}}, {{EX:exattrs}}, {{EX:attrsonly}},
{{EX:sizelimit}}, and {{EX:timelimit}} parameters as in the normal
search specification. The {{EX:searchbase}} parameter has no
default value and must always be specified. The {{EX:scope}} defaults
{{EX:attrs}} defaults to {{EX:"*,+"}} to replicate all user and operational
attributes, and {{EX:attrsonly}} is unset by default. Both {{EX:sizelimit}}
and {{EX:timelimit}} default to "unlimited", and only positive integers
-or "unlimited" may be specified.
+or "unlimited" may be specified. The {{EX:exattrs}} option may also be used
+to specify attributes that should be omitted from incoming entries.
The {{TERM[expand]LDAP Sync}} protocol has two operation
types: {{EX:refreshOnly}} and {{EX:refreshAndPersist}}.
projects / thirdparty / openldap.git / commitdiff
