Home Man
Today's Posts

Linux & Unix Commands - Search Man Pages

OpenDarwin 7.2.1 - man page for slapd-ldap (opendarwin section 5)

SLAPD-LDAP(5)			       File Formats Manual			    SLAPD-LDAP(5)

       slapd-ldap - LDAP backend to slapd


       The LDAP backend to slapd(8) is not an actual database; instead it acts as a proxy to for-
       ward incoming requests to another LDAP server. While  processing  requests  it  will  also
       chase  referrals,  so  that referrals are fully processed instead of being returned to the
       slapd client.

       These slapd.conf options apply to the LDAP backend database.  That is, they must follow	a
       "database  ldap" line and come before any subsequent "backend" or "database" lines.  Other
       database options are described in the slapd.conf(5) manual page.

       Note: It is strongly recommended to set
	      lastmod  off
       for every ldap and meta database.  This is because operational attributes related to entry
       creation  and  modification  should  not  be  used,  as they could be passed to the target
       servers, generating an error.

       uri <ldapurl>
	      LDAP server to use.  Multiple URIs can be set in	in  a  single  ldapurl	argument,
	      resulting in the underlying library automatically call the first server of the list
	      that responds, e.g.

	      uri "ldap://host/ ldap://backup-host"

	      The URI list is space- or comma-separated.

       server <hostport>
	      Obsolete option; same as `uri ldap://<hostport>/'.

       binddn <administrative DN for access control purposes>
	      DN which is used to query the target server for acl checking; it should  have  read
	      access  on  the  target  server  to  attributes used on the proxy for acl checking.
	      There is no risk of giving away such values; they are only used  to  check  permis-

       bindpw <password>
	      Password used with the bind DN above.

	      If  this	option is given, the client's bind credentials are remembered for rebinds
	      when chasing referrals.

       suffixmassage <suffix> <massaged (remote) suffix>
	      DNs ending with <suffix> in a request are  changed  to  end  with  <remote  suffix>
	      before sending the request to the remote server, and <remote suffix> in the results
	      are changed back to <suffix> before returning them to  the  client.   The  <suffix>
	      field must be defined as a valid suffix for the current database.

       map {attribute | objectclass} [<local name> | *] {<foreign name> | *}
	      Map  attribute names and object classes from the foreign server to different values
	      on the local slapd.  The reason is that some attributes might not be  part  of  the
	      local  slapd's  schema,  some attribute names might be different but serve the same
	      purpose, etc.  If local or foreign name is `*', the name is  preserved.	If  local
	      name  is omitted, the foreign name is removed.  Unmapped names are preseved if both
	      local and foreign name are `*', and removed if local name is  omitted  and  foreign
	      name is `*'.

	      The  rewrite  options are described in the "REWRITING" section of the slapd-meta(5)
	      manual page.

       This maps the OpenLDAP objectclass `groupOfNames'  to  the  Active  Directory  objectclass

	      map objectclass groupOfNames group

       This presents a limited attribute set from the foreign server:

	      map attribute cn *
	      map attribute sn *
	      map attribute manager *
	      map attribute description *
	      map attribute *

       These  lines  map  cn, sn, manager, and description to themselves, and any other attribute
       gets "removed" from the object before it is sent to the client (or sent	up  to	the  LDAP
       server).  This is obviously a simplistic example, but you get the point.

	      default slapd configuration file

       slapd.conf(5), slapd-meta(5), slapd(8), ldap(3).

OpenLDAP 2.1.X				   RELEASEDATE				    SLAPD-LDAP(5)

All times are GMT -4. The time now is 12:14 PM.

Unix & Linux Forums Content Copyrightę1993-2018. All Rights Reserved.
Show Password