summaryrefslogtreecommitdiffstats
path: root/doc/man/man5/slapd.overlays.5
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 16:35:32 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 16:35:32 +0000
commit5ea77a75dd2d2158401331879f3c8f47940a732c (patch)
treed89dc06e9f4850a900f161e25f84e922c4f86cc8 /doc/man/man5/slapd.overlays.5
parentInitial commit. (diff)
downloadopenldap-5ea77a75dd2d2158401331879f3c8f47940a732c.tar.xz
openldap-5ea77a75dd2d2158401331879f3c8f47940a732c.zip
Adding upstream version 2.5.13+dfsg.upstream/2.5.13+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'doc/man/man5/slapd.overlays.5')
-rw-r--r--doc/man/man5/slapd.overlays.5204
1 files changed, 204 insertions, 0 deletions
diff --git a/doc/man/man5/slapd.overlays.5 b/doc/man/man5/slapd.overlays.5
new file mode 100644
index 0000000..307a28a
--- /dev/null
+++ b/doc/man/man5/slapd.overlays.5
@@ -0,0 +1,204 @@
+.TH SLAPD.OVERLAYS 5 "RELEASEDATE" "OpenLDAP LDVERSION"
+.\" Copyright 2006-2022 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
+.\" $OpenLDAP$
+.SH NAME
+slapd.overlays \- overlays for slapd, the stand-alone LDAP daemon
+.SH DESCRIPTION
+The
+.BR slapd (8)
+daemon can use a variety of different overlays to alter or extend
+the normal behavior of a database backend.
+Overlays may be compiled statically into slapd, or when module support
+is enabled, they may be dynamically loaded. Most of the overlays
+are only allowed to be configured on individual databases, but some
+may also be configured globally.
+
+Configuration options for each overlay are documented separately in the
+corresponding
+.BR slapo\-<overlay> (5)
+manual pages.
+.TP
+.B accesslog
+Access Logging.
+This overlay can record accesses to a given backend database on another
+database.
+.TP
+.B auditlog
+Audit Logging.
+This overlay records changes on a given backend database to an LDIF log
+file.
+By default it is not built.
+.TP
+.B autoca
+Automatic Certificate Authority overlay.
+This overlay can generate X.509 certificate/key pairs for
+entries in the directory if slapd is linked to OpenSSL.
+By default it is not built.
+.TP
+.B chain
+Chaining.
+This overlay allows automatic referral chasing when a referral would
+have been returned, either when configured by the server or when
+requested by the client.
+.TP
+.B collect
+Collective Attributes.
+This overlay implements RFC 3671 collective attributes; these
+attributes share common values over all the members of the collection
+as inherited from an ancestor entry.
+.TP
+.B constraint
+Constraint.
+This overlay enforces a regular expression constraint on all values
+of specified attributes. It is used to enforce a more rigorous
+syntax when the underlying attribute syntax is too general.
+.TP
+.B dds
+Dynamic Directory Services.
+This overlay supports dynamic objects, which have a limited life after
+which they expire and are automatically deleted.
+.TP
+.B deref
+Dereference Control.
+This overlay implements the draft Dereference control. The overlay can be
+used with any backend or globally for all backends.
+.TP
+.B dyngroup
+Dynamic Group.
+This is a demo overlay which extends the Compare operation to detect
+members of a dynamic group.
+It has no effect on any other operations.
+.TP
+.B dynlist
+Dynamic List.
+This overlay allows expansion of dynamic groups and more.
+.TP
+.B homedir
+Home Directory Provisioning.
+This overlay manages creation/deletion of home directories for LDAP-based
+Unix accounts.
+.TP
+.B memberof
+MemberOf.
+This overlay maintains automatic reverse group membership values,
+typically stored in an attribute called memberOf. This overlay
+is deprecated and should be replaced with dynlist.
+.TP
+.B otp
+OATH One-Time Password module.
+This module allows time-based one-time password, AKA "authenticator-style",
+and HMAC-based one-time password authentication to be used in conjunction
+with a standard LDAP password for two factor authentication.
+.TP
+.B pbind
+Proxybind.
+This overlay forwards simple bind requests on a local database to a
+remote LDAP server.
+.TP
+.B pcache
+Proxycache.
+This overlay allows caching of LDAP search requests in a local database.
+It is most often used with the
+.BR slapd\-ldap (5)
+or
+.BR slapd\-meta (5)
+backends.
+.TP
+.B ppolicy
+Password Policy.
+This overlay provides a variety of password control mechanisms,
+e.g. password aging, password reuse and duplication control, mandatory
+password resets, etc.
+.TP
+.B refint
+Referential Integrity.
+This overlay can be used with a backend database such as
+.BR slapd\-mdb (5)
+to maintain the cohesiveness of a schema which utilizes reference
+attributes.
+.TP
+.B remoteauth
+Remote Authentication.
+This overlay delegates authentication requests to remote directories.
+.TP
+.B retcode
+Return Code.
+This overlay is useful to test the behavior of clients when
+server-generated erroneous and/or unusual responses occur.
+.TP
+.B rwm
+Rewrite/remap.
+This overlay is experimental.
+It performs basic DN/data rewrite and
+objectClass/attributeType mapping.
+.TP
+.B sssvlv
+Server Side Sorting and Virtual List Views.
+This overlay implements the RFC2891 server-side sorting control and
+virtual list view controls, and replaces the RFC2696 paged-results
+implementation to ensure it works with the sorting technique.
+.TP
+.B syncprov
+Syncrepl Provider.
+This overlay implements the provider-side support for
+.B syncrepl
+replication, including persistent search functionality.
+.TP
+.B translucent
+Translucent Proxy.
+This overlay can be used with a backend database such as
+.BR slapd\-mdb (5)
+to create a "translucent proxy".
+Content of entries retrieved from a remote LDAP server can be partially
+overridden by the database.
+.TP
+.B unique
+Attribute Uniqueness.
+This overlay can be used with a backend database such as
+.BR slapd\-mdb (5)
+to enforce the uniqueness of some or all attributes within a subtree.
+.TP
+.B valsort
+Value Sorting.
+This overlay can be used to enforce a specific order for the values
+of an attribute when it is returned in a search.
+.SH FILES
+.TP
+ETCDIR/slapd.conf
+default slapd configuration file
+.TP
+ETCDIR/slapd.d
+default slapd configuration directory
+.SH SEE ALSO
+.BR ldap (3),
+.BR slapo\-accesslog (5),
+.BR slapo\-auditlog (5),
+.BR slapo\-autoca (5),
+.BR slapo\-chain (5),
+.BR slapo\-collect (5),
+.BR slapo\-constraint (5),
+.BR slapo\-dds (5),
+.BR slapo\-deref (5),
+.BR slapo\-dyngroup (5),
+.BR slapo\-dynlist (5),
+.BR slapo\-memberof (5),
+.BR slapo\-pbind (5),
+.BR slapo\-pcache (5),
+.BR slapo\-ppolicy (5),
+.BR slapo\-refint (5),
+.BR slapo\-remoteauth (5),
+.BR slapo\-retcode (5),
+.BR slapo\-rwm (5),
+.BR slapo\-sssvlv (5),
+.BR slapo\-syncprov (5),
+.BR slapo\-translucent (5),
+.BR slapo\-unique (5).
+.BR slapo\-valsort (5).
+.BR slapd\-config (5),
+.BR slapd.conf (5),
+.BR slapd.backends (5),
+.BR slapd (8).
+"OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/)
+.SH ACKNOWLEDGEMENTS
+.so ../Project