From: Quanah Gibson-Mount Date: Fri, 7 Jun 2019 17:24:18 +0000 (+0000) Subject: ITS#9031 - Update documentation for mdb X-Git-Tag: OPENLDAP_REL_ENG_2_4_48~70 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4a322784e4acb24a1c4d821f0b99be0800d3a1f2;p=thirdparty%2Fopenldap.git ITS#9031 - Update documentation for mdb A number of fixes to the admin guide. First, add missing reqDN indexing. Second, convert most references to bdb/hdb to mdb, unless the section was specific to bdb/hdb. Third, use "dc=example,dc=com" consistently throughout the example set --- diff --git a/doc/guide/admin/overlays.sdf b/doc/guide/admin/overlays.sdf index 2143ebdb18..d5af116f44 100644 --- a/doc/guide/admin/overlays.sdf +++ b/doc/guide/admin/overlays.sdf @@ -86,16 +86,18 @@ H3: Access Logging Configuration The following is a basic example that implements Access Logging: -> database bdb +> database mdb > suffix dc=example,dc=com +> maxsize 85899345920 > ... > overlay accesslog > logdb cn=log > logops writes reads > logold (objectclass=person) > -> database bdb +> database mdb > suffix cn=log +> maxsize 85899345920 > ... > index reqStart eq > access to * @@ -103,17 +105,19 @@ The following is a basic example that implements Access Logging: The following is an example used for {{SECT:delta-syncrepl replication}}: -> database hdb +> database mdb > suffix cn=accesslog -> directory /usr/local/var/openldap-accesslog > rootdn cn=accesslog +> maxsize 85899345920 +> directory /usr/local/var/openldap-accesslog > index default eq -> index entryCSN,objectClass,reqEnd,reqResult,reqStart +> index entryCSN,objectClass,reqEnd,reqResult,reqStart,reqDN Accesslog overlay definitions for the primary db -> database bdb +> database mdb > suffix dc=example,dc=com +> maxsize 85899345920 > ... > overlay accesslog > logdb cn=accesslog @@ -619,10 +623,11 @@ specific database. For example, with the following minimal slapd.conf: > > authz-regexp "gidNumber=0\\\+uidNumber=0,cn=peercred,cn=external,cn=auth" > "cn=Manager,dc=example,dc=com" -> database bdb +> database mdb > suffix "dc=example,dc=com" > rootdn "cn=Manager,dc=example,dc=com" > rootpw secret +> maxsize 85899345920 > directory /var/lib/ldap2.4 > checkpoint 256 5 > index objectClass eq @@ -738,9 +743,9 @@ H4: Setting cache parameters This directive enables proxy caching and sets general cache parameters. The parameter specifies which underlying database is to be used to hold cached entries. It should be set to -{{EX:bdb}} or {{EX:hdb}}. The parameter specifies the -total number of entries which may be held in the cache. The - parameter specifies the total number of attribute sets +{{EX:mdb}}, {{EX:hdb}}, or {{EX:bdb}}. The parameter +specifies the total number of entries which may be held in the cache. +The parameter specifies the total number of attribute sets (as specified by the {{EX:pcacheAttrset}} directive) that may be defined. The parameter specifies the maximum number of entries in a cacheable query. The specifies the consistency @@ -777,7 +782,7 @@ at server {{EX:ldap.example.com}}. > rootdn "dc=example,dc=com" > uri ldap://ldap.example.com/ > overlay pcache -> pcache hdb 100000 1 1000 100 +> pcache mdb 100000 1 1000 100 > pcacheAttrset 0 mail postaladdress telephonenumber > pcacheTemplate (sn=) 0 3600 > pcacheTemplate (&(sn=)(givenName=)) 0 3600 @@ -806,7 +811,7 @@ at server {{EX:ldap.example.com}}. > objectClass: olcOverlayConfig > objectClass: olcPcacheConfig > olcOverlay: {0}pcache -> olcPcache: hdb 100000 1 1000 100 +> olcPcache: mdb 100000 1 1000 100 > olcPcacheAttrset: 0 mail postalAddress telephoneNumber > olcPcacheTemplate: "(sn=)" 0 3600 0 0 0 > olcPcacheTemplate: "(&(sn=)(givenName=))" 0 3600 0 0 0 @@ -889,7 +894,7 @@ the ppolicy module being added to the database that handles the naming context "dc=example,dc=com". In this example we are also specifying the DN of a policy object to use if none other is specified in a user's object. -> database bdb +> database mdb > suffix "dc=example,dc=com" > [...additional database configuration directives go here...] > @@ -978,7 +983,7 @@ H2: Referential Integrity H3: Overview -This overlay can be used with a backend database such as slapd-bdb(5) +This overlay can be used with a backend database such as slapd-mdb(5) to maintain the cohesiveness of a schema which utilizes reference attributes. @@ -1173,7 +1178,7 @@ H2: Translucent Proxy H3: Overview -This overlay can be used with a backend database such as {{:slapd-bdb}}(5) +This overlay can be used with a backend database such as {{:slapd-mdb}}(5) to create a "translucent proxy". Entries retrieved from a remote LDAP server may have some or all attributes @@ -1212,10 +1217,11 @@ First we configure the overlay in the normal manner: > pidfile ./slapd.pid > argsfile ./slapd.args > -> database bdb +> database mdb > suffix "dc=suretecsystems,dc=com" > rootdn "cn=trans,dc=suretecsystems,dc=com" > rootpw secret +> maxsize 85899345920 > directory ./openldap-data > > index objectClass eq @@ -1305,7 +1311,7 @@ H2: Attribute Uniqueness H3: Overview -This overlay can be used with a backend database such as {{slapd-bdb(5)}} +This overlay can be used with a backend database such as {{slapd-mdb(5)}} to enforce the uniqueness of some or all attributes within a subtree. @@ -1390,7 +1396,7 @@ Here are a few examples: > loglevel sync stats > -> database hdb +> database mdb > suffix "dc=suretecsystems,dc=com" > directory /usr/local/var/openldap-data > diff --git a/doc/guide/admin/replication.sdf b/doc/guide/admin/replication.sdf index 874ed4c282..e8a5a0d016 100644 --- a/doc/guide/admin/replication.sdf +++ b/doc/guide/admin/replication.sdf @@ -567,9 +567,9 @@ The default is FALSE. A more complete example of the {{slapd.conf}}(5) content is thus: > database mdb -> maxsize 1073741824 -> suffix dc=Example,dc=com -> rootdn dc=Example,dc=com +> maxsize 85899345920 +> suffix dc=example,dc=com +> rootdn dc=example,dc=com > directory /var/ldap/db > index objectclass,entryCSN,entryUUID eq > @@ -586,9 +586,9 @@ is backend independent and the directive can be defined with any database type. > database mdb -> maxsize 1073741824 -> suffix dc=Example,dc=com -> rootdn dc=Example,dc=com +> maxsize 85899345920 +> suffix dc=example,dc=com +> rootdn dc=example,dc=com > directory /var/ldap/db > index objectclass,entryCSN,entryUUID eq > @@ -668,14 +668,14 @@ replica servers: > # of a database. The "by * break" portion causes evaluation of > # subsequent rules. See slapd.access(5) for details. > access to * -> by dn.base="cn=replicator,dc=symas,dc=com" read +> by dn.base="cn=replicator,dc=example,dc=com" read > by * break > > # Set the module path location -> modulepath /opt/symas/lib/openldap +> modulepath /usr/lib/openldap > -> # Load the hdb backend -> moduleload back_hdb.la +> # Load the mdb backend +> moduleload back_mdb.la > > # Load the accesslog overlay > moduleload accesslog.la @@ -684,24 +684,26 @@ replica servers: > moduleload syncprov.la > > # Accesslog database definitions -> database hdb +> database mdb > suffix cn=accesslog -> directory /db/accesslog > rootdn cn=accesslog +> directory /var/lib/db/accesslog +> maxsize 85899345920 > index default eq -> index entryCSN,objectClass,reqEnd,reqResult,reqStart +> index entryCSN,objectClass,reqEnd,reqResult,reqStart,reqDN > > overlay syncprov > syncprov-nopresent TRUE > syncprov-reloadhint TRUE > > # Let the replica DN have limitless searches -> limits dn.exact="cn=replicator,dc=symas,dc=com" time.soft=unlimited time.hard=unlimited size.soft=unlimited size.hard=unlimited +> limits dn.exact="cn=replicator,dc=example,dc=com" time.soft=unlimited time.hard=unlimited size.soft=unlimited size.hard=unlimited > > # Primary database definitions -> database hdb -> suffix "dc=symas,dc=com" -> rootdn "cn=manager,dc=symas,dc=com" +> database mdb +> suffix "dc=example,dc=com" +> rootdn "cn=manager,dc=example,dc=com" +> maxsize 85899345920 > > ## Whatever other configuration options are desired > @@ -722,7 +724,7 @@ replica servers: > logpurge 07+00:00 01+00:00 > > # Let the replica DN have limitless searches -> limits dn.exact="cn=replicator,dc=symas,dc=com" time.soft=unlimited time.hard=unlimited size.soft=unlimited size.hard=unlimited +> limits dn.exact="cn=replicator,dc=example,dc=com" time.soft=unlimited time.hard=unlimited size.soft=unlimited size.hard=unlimited For more information, always consult the relevant man pages ({{slapo-accesslog}}(5) and {{slapd.conf}}(5)) @@ -730,9 +732,10 @@ For more information, always consult the relevant man pages ({{slapo-accesslog}} H4: Delta-syncrepl Consumer configuration > # Replica database configuration -> database hdb -> suffix "dc=symas,dc=com" -> rootdn "cn=manager,dc=symas,dc=com" +> database mdb +> suffix "dc=example,dc=com" +> rootdn "cn=manager,dc=example,dc=com" +> maxsize 85899345920 > > ## Whatever other configuration bits for the replica, like indexing > ## that you want @@ -742,11 +745,11 @@ H4: Delta-syncrepl Consumer configuration > > # syncrepl directives > syncrepl rid=0 -> provider=ldap://ldapmaster.symas.com:389 +> provider=ldap://ldapmaster.example.com:389 > bindmethod=simple -> binddn="cn=replicator,dc=symas,dc=com" +> binddn="cn=replicator,dc=example,dc=com" > credentials=secret -> searchbase="dc=symas,dc=com" +> searchbase="dc=example,dc=com" > logbase="cn=accesslog" > logfilter="(&(objectClass=auditWriteObject)(reqResult=0))" > schemachecking=on @@ -755,7 +758,7 @@ H4: Delta-syncrepl Consumer configuration > syncdata=accesslog > > # Refer updates to the master -> updateref ldap://ldapmaster.symas.com +> updateref ldap://ldapmaster.example.com The above configuration assumes that you have a replicator identity defined @@ -978,7 +981,7 @@ The following example is for a self-contained push-based replication solution: > include /usr/local/etc/openldap/slapd.acl > > modulepath /usr/local/libexec/openldap -> moduleload back_hdb.la +> moduleload back_mdb.la > moduleload syncprov.la > moduleload back_monitor.la > moduleload back_ldap.la @@ -988,13 +991,12 @@ The following example is for a self-contained push-based replication solution: > > loglevel sync stats > -> database hdb +> database mdb > suffix "dc=suretecsystems,dc=com" > directory /usr/local/var/openldap-data +> maxsize 85899345920 > > checkpoint 1024 5 -> cachesize 10000 -> idlcachesize 10000 > > index objectClass eq > # rest of indexes @@ -1064,7 +1066,7 @@ A replica configuration for this type of setup could be: > include /usr/local/etc/openldap/slapd.acl > > modulepath /usr/local/libexec/openldap -> moduleload back_hdb.la +> moduleload back_mdb.la > moduleload syncprov.la > moduleload back_monitor.la > moduleload back_ldap.la @@ -1074,13 +1076,12 @@ A replica configuration for this type of setup could be: > > loglevel sync stats > -> database hdb +> database mdb > suffix "dc=suretecsystems,dc=com" > directory /usr/local/var/openldap-slave/data > +> maxsize 85899345920 > checkpoint 1024 5 -> cachesize 10000 -> idlcachesize 10000 > > index objectClass eq > # rest of indexes diff --git a/doc/guide/admin/slapdconfig.sdf b/doc/guide/admin/slapdconfig.sdf index 3e7e8624fb..93b2863245 100644 --- a/doc/guide/admin/slapdconfig.sdf +++ b/doc/guide/admin/slapdconfig.sdf @@ -279,9 +279,9 @@ sql SQL Programmable backend \Example: -> backend bdb +> backend mdb -This marks the beginning of a new {{TERM:BDB}} backend +This marks the beginning of a new {{TERM:MDB}} backend definition. @@ -299,9 +299,9 @@ supported backend types listed in Table 6.2. \Example: -> database bdb +> database mdb -This marks the beginning of a new {{TERM:BDB}} database instance +This marks the beginning of a new {{TERM:MDB}} database instance declaration.