openldap/doc/man/man5/slapo-translucent.5

.TH SLAPO-TRANSLUCENT 5 "RELEASEDATE" "OpenLDAP LDVERSION"
.\" Copyright 2004-2007 The OpenLDAP Foundation All Rights Reserved.
.\" Copying restrictions apply.  See COPYRIGHT/LICENSE.
.\" $OpenLDAP$
.SH NAME
slapo-translucent \- Translucent Proxy overlay
.SH SYNOPSIS
ETCDIR/slapd.conf
.SH DESCRIPTION
The Translucent Proxy overlay can be used with a backend database such as
.BR slapd-bdb (5)
to create a "translucent proxy".  Entries retrieved from a remote LDAP
server may have some or all attributes overridden, or new attributes
added, by entries in the local database before being presented to the
client.
.LP
A
.BR search
operation is first populated with entries from the remote LDAP server, the
attributes of which are then overridden with any attributes defined in the
local database. Local overrides may be populated with the
.BR add ,
.B modify ,
and
.B modrdn
operations, the use of which is restricted to the root user.
.LP
A
.BR compare
operation will perform a comparison with attributes defined in the local
database record (if any) before any comparison is made with data in the
remote database.
.SH CONFIGURATION
The Translucent Proxy overlay uses a remote LDAP server which is configured
with the options shown in
.BR slapd-ldap (5).
These
.B slapd.conf
options are specific to the Translucent Proxy overlay; they should appear 
after the
.B overlay
directive.
.TP
.B translucent_strict
By default, attempts to delete attributes in either the local or remote
databases will be silently ignored. The
.B translucent_strict
directive causes these modifications to fail with a Constraint Violation.
.TP
.B translucent_no_glue
This configuration option disables the automatic creation of "glue" records
for an
.B add
or
.B modrdn
operation, such that all parents of an entry added to the local database
must be created by hand. Glue records are always created for a
.B modify
operation.
.SH CAVEATS
.LP
The Translucent Proxy overlay will disable schema checking in the local database,
so that an entry consisting of overlay attributes need not adhere to the
complete schema.
.LP
Because the translucent overlay does not perform any DN rewrites,  the local
and remote database instances must have the same suffix.  Other configurations
will probably fail with No Such Object and other errors.
.SH FILES
.TP
ETCDIR/slapd.conf
default slapd configuration file
.SH SEE ALSO
.BR slapd.conf (5),
.BR slapd-ldap (5).
Added translucent overlay (sponsored by HP) 2005-03-10 11:13:24 +08:00			`.TH SLAPO-TRANSLUCENT 5 "RELEASEDATE" "OpenLDAP LDVERSION"`
happy new year 2007-01-03 04:00:42 +08:00			`.\" Copyright 2004-2007 The OpenLDAP Foundation All Rights Reserved.`
Added translucent overlay (sponsored by HP) 2005-03-10 11:13:24 +08:00			`.\" Copying restrictions apply. See COPYRIGHT/LICENSE.`
			`.\" $OpenLDAP$`
			`.SH NAME`
More for translucent 2005-03-10 12:35:57 +08:00			`slapo-translucent \- Translucent Proxy overlay`
Added translucent overlay (sponsored by HP) 2005-03-10 11:13:24 +08:00			`.SH SYNOPSIS`
			`ETCDIR/slapd.conf`
			`.SH DESCRIPTION`
More for translucent 2005-03-10 12:35:57 +08:00			`The Translucent Proxy overlay can be used with a backend database such as`
Added translucent overlay (sponsored by HP) 2005-03-10 11:13:24 +08:00			`.BR slapd-bdb (5)`
			`to create a "translucent proxy". Entries retrieved from a remote LDAP`
			`server may have some or all attributes overridden, or new attributes`
			`added, by entries in the local database before being presented to the`
			`client.`
			`.LP`
			`A`
			`.BR search`
			`operation is first populated with entries from the remote LDAP server, the`
			`attributes of which are then overridden with any attributes defined in the`
			`local database. Local overrides may be populated with the`
			`.BR add ,`
			`.B modify ,`
			`and`
			`.B modrdn`
			`operations, the use of which is restricted to the root user.`
			`.LP`
			`A`
			`.BR compare`
			`operation will perform a comparison with attributes defined in the local`
			`database record (if any) before any comparison is made with data in the`
			`remote database.`
			`.SH CONFIGURATION`
More for translucent 2005-03-10 12:35:57 +08:00			`The Translucent Proxy overlay uses a remote LDAP server which is configured`
Added translucent overlay (sponsored by HP) 2005-03-10 11:13:24 +08:00			`with the options shown in`
			`.BR slapd-ldap (5).`
			`These`
			`.B slapd.conf`
ITS#4397 delete misleading "subsequent database" config note. 2006-02-12 02:35:32 +08:00			`options are specific to the Translucent Proxy overlay; they should appear`
Added translucent overlay (sponsored by HP) 2005-03-10 11:13:24 +08:00			`after the`
			`.B overlay`
			`directive.`
			`.TP`
			`.B translucent_strict`
			`By default, attempts to delete attributes in either the local or remote`
			`databases will be silently ignored. The`
			`.B translucent_strict`
			`directive causes these modifications to fail with a Constraint Violation.`
			`.TP`
			`.B translucent_no_glue`
			`This configuration option disables the automatic creation of "glue" records`
			`for an`
			`.B add`
			`or`
			`.B modrdn`
			`operation, such that all parents of an entry added to the local database`
			`must be created by hand. Glue records are always created for a`
			`.B modify`
			`operation.`
			`.SH CAVEATS`
			`.LP`
More for translucent 2005-03-10 12:35:57 +08:00			`The Translucent Proxy overlay will disable schema checking in the local database,`
Added translucent overlay (sponsored by HP) 2005-03-10 11:13:24 +08:00			`so that an entry consisting of overlay attributes need not adhere to the`
			`complete schema.`
			`.LP`
			`Because the translucent overlay does not perform any DN rewrites, the local`
			`and remote database instances must have the same suffix. Other configurations`
			`will probably fail with No Such Object and other errors.`
			`.SH FILES`
			`.TP`
			`ETCDIR/slapd.conf`
			`default slapd configuration file`
			`.SH SEE ALSO`
			`.BR slapd.conf (5),`
			`.BR slapd-ldap (5).`