-.TH LDAP_FIRST_ATTRIBUTE 3 "22 September 1998" "OpenLDAP LDVERSION"
+.TH LDAP_FIRST_ATTRIBUTE 3 "4 October 2000" "OpenLDAP LDVERSION"
.\" $OpenLDAP$
.\" Copyright 1998-2000 The OpenLDAP Foundation All Rights Reserved.
.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
.BR ldap_first_entry (3)
or
.BR ldap_next_entry (3)
-and returns a pointer to a per-connection buffer
-containing the first attribute type in the entry. The return value
-should be treated as if it is a pointer to a static area (i.e.,
-.BR strdup (3)
-it if you want to save it).
+and returns a pointer to character string
+containing the first attribute description in the entry.
+.B ldap_next_attribute()
+returns the next attribute description in the entry.
.LP
It also returns, in \fIberptr\fP, a pointer to a BerElement it has
allocated to keep track of its current position. This pointer should
The
.B ldap_first_attribute()
routine dyanamically allocated memory that must be freed by the caller via
-.BR ber_free (3).
+.BR ldap_memfree (3).
.SH SEE ALSO
.BR ldap(3),
.BR ldap_first_entry(3),
name can also be used with a suffix of the form ":xx" in which case the
value "oid.xx" will be used.
.TP
-.B pidfile <filename>
-The ( absolute ) name of a file that will hold the
-.B slapd
-server's process ID ( see
-.BR getpid (2)
-) if started without the debugging command line option.
-.TP
.B password-hash <hash>
The <hash> to use for userPassword generation. One of
.BR {SSHA} ,
The default is
.BR {SSHA} .
.TP
+.B pidfile <filename>
+The ( absolute ) name of a file that will hold the
+.B slapd
+server's process ID ( see
+.BR getpid (2)
+) if started without the debugging command line option.
+.TP
.B referral <url>
Specify the referral to pass back when
.BR slapd (8)
.B sasl-host <fqdn>
Used to specify the fully qualified domain name used for SASL processing.
.TP
-.B sasl-realm <string>
-Used to specify Cyrus SASL realm.
+.B sasl-realm <realm>
+Specify SASL realm. Default is empty.
.TP
.B sasl-secprops <properties>
Used to specify Cyrus SASL security properties.
The
.B none
flag (without any other properities) causes the flag properites
-defaults ("noanonymous,noplain") to be cleared.
+default, "noanonymous,noplain", to be cleared.
The
.B noplain
flag disables mechanisms susceptible to simple passive attacks.
.I security strength factor
as an integer (see minssf description). The default is INT_MAX.
The
-.B maxbufsize=<factor>
+.B maxbufsize=<size>
property specifies the maximum security layer receive buffer
size allowed. 0 disables security layers. The default is 65536.
.TP
Specify the maximum number of entries to return from a search operation.
The default size limit is 500.
.TP
-.B sasl-realm <realm>
-Specify SASL realm. Default is empty.
-.TP
-.B sasl-secprops <props>
-Cyrus SASL security properties. Default is "noanonymous,noplain".
-.TP
.B srvtab <filename>
Specify the srvtab file in which the kerberos keys necessary for
authenticating clients using kerberos can be found. This option is only
This DN may or may not be associated with an entry. An empty root
DN (the default) specifies no root access is to be granted. It is
recommended that the rootdn only be specified when needed (such as
-when initially populating a database).
+when initially populating a database). If the rootdn is within
+a namingContext (suffix) of the database, a simple bind password
+may also be provided using the
+.B rootpw
+directive.
.TP
.B rootpw <password>
-Specify a password (or hash of the password) for the rootdn.
+Specify a password (or hash of the password) for the rootdn. If
+the rootdn is not within the namingContext of the database, the
+provided password is ignored.
This option accepts all RFC 2307 userPassword formats known to
the server (see
.B password-hash
projects / thirdparty / openldap.git / commitdiff
