mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-01-12 10:54:48 +08:00
Code Issues Packages Projects Releases Wiki Activity
13,775 Commits 38 Branches 307 Tags 75 MiB
6d7689b7e3
Commit Graph

468 Commits

Author SHA1 Message Date
Pierangelo Masarati
00f64211e2 cleanup and clarify aspects of the overlay usage 2005-01-23 22:11:46 +00:00
Pierangelo Masarati
9effc2b8f0 cleanup of rewrite code and docs 2005-01-23 21:42:05 +00:00
Pierangelo Masarati
ae0f47b063 improve parsing of acl-authcDN/acl-passwd 2005-01-22 18:48:03 +00:00
Kurt Zeilenga
69fcf8cbd6 Cleanup notices 2005-01-21 19:38:13 +00:00
Howard Chu
6c34a7c3b2 ITS#3330 mention objectClass index 2005-01-19 10:10:51 +00:00
Howard Chu
bb9fe5d7ac Cleanup prev commit 2005-01-19 09:55:03 +00:00
Howard Chu
c804bb3728 ITS#3293 add description of syncrepl starttls keyword 2005-01-19 09:47:46 +00:00
Pierangelo Masarati
2e057821e5 clarify referral usage 2005-01-19 00:28:29 +00:00
Pierangelo Masarati
b4e37e518f fixes for ITS#3480,3485,3489; implementation of DISCLOSE access for all operations (ITS#3472); ITS#3432.4; added value validate/pretty when applicable (see comments and #defines in back-sql.h) 2005-01-16 23:12:36 +00:00
Howard Chu
bf27ba977b Deleted syncrepl updatedn 2005-01-13 18:51:29 +00:00
Pierangelo Masarati
b381e1bcc8 cosmetic changes 2005-01-12 14:25:08 +00:00
Howard Chu
18b5f637de ITS#3478 the rootdn is always needed when using syncrepl 2005-01-12 03:37:58 +00:00
Pierangelo Masarati
90f64bacde more improvements 2005-01-05 16:47:49 +00:00
Pierangelo Masarati
f5936eb7fc minor naming cleanup; improvements to DN mapping layer; major docs update 2005-01-05 16:23:00 +00:00
Kurt Zeilenga
dc0eacd40b Happy New Year! 2005-01-01 20:49:32 +00:00
Pierangelo Masarati
a9ed17a458 fix ITS#3441 2004-12-29 14:03:38 +00:00
Pierangelo Masarati
75c0965cc3 essential description of the chain overlay; please review 2004-12-08 23:47:08 +00:00
Howard Chu
d42d600538 Moved sessionlog description from bdb to syncprov 2004-12-08 04:57:43 +00:00
Howard Chu
553d9f6d66 Initial doc 2004-12-04 20:42:04 +00:00
Howard Chu
2f48a47194 Deleted "subordinate" keyword, added slapo-glue doc 2004-12-04 20:07:06 +00:00
Howard Chu
0560a28893 Add a checkpoint task if time-based checkpointing is configured. 2004-12-03 17:36:38 +00:00
Pierangelo Masarati
af9ce14812 allow undefined schema items to be returned by back-ldap and remapped by the rwm overlay 2004-12-01 22:00:08 +00:00
Howard Chu
8697bcdf7a Pass entry to password_quality check module, not just attrs 2004-12-01 16:02:27 +00:00
Pierangelo Masarati
184fc4878a more on ITS#3396: note that the filter is mandatory, and that the protocol must be ldap:// 2004-11-16 18:57:40 +00:00
Pierangelo Masarati
ca5d5c6fc7 back out previous commit 2004-11-15 22:54:17 +00:00
Pierangelo Masarati
f872ad29ba move special dn patterns to style enum; add creator special dn pattern 2004-11-15 22:21:50 +00:00
Pierangelo Masarati
2cf20312e2 cleanup 2004-11-13 17:59:21 +00:00
Pierangelo Masarati
d7bdb8cb24 disable referral rewrite in default suffix massage 2004-11-13 12:15:40 +00:00
Pierangelo Masarati
1b21fba38c <CONTROL> deserves a separate section 2004-11-12 12:45:10 +00:00
Ralf Haferkamp
5704a2ef6e CRL checking options for ldap.conf and slapd.conf 2004-10-28 18:50:38 +00:00
Pierangelo Masarati
a9f2f12b93 clearly indicate what the default rules are 2004-10-28 17:53:46 +00:00
Jong Hyuk Choi
c7aa0bca3f syncrepl retry feature 2004-10-27 19:43:45 +00:00
Pierangelo Masarati
df745fc44f clarify that the names of the configure statements are case-insensitive, despite style considerations lead to use uppercase for some and lowercase for others 2004-10-27 11:26:27 +00:00
Kurt Zeilenga
3819290f69 NEW_LOGGING 2004-10-19 03:18:03 +00:00
Kurt Zeilenga
54f6cf0b2c Clarify which kinds of regexs are used. 2004-10-17 19:32:13 +00:00
Howard Chu
1df6d76269 Add ppolicy_hash_cleartext config keyword, hash Adds as well as Modifies. 
Changed check_pw_quality callback to pass entry's Attributes in final arg.
 2004-10-07 04:07:17 +00:00
Pierangelo Masarati
c4123bb613 document submatches provided by non-regex <what> clauses 2004-10-06 23:19:53 +00:00
Pierangelo Masarati
796dce8657 add (and honor) a (configurable) baseObject to workaround ldap_entries view for RDBMSes that do not support UNION in views 2004-10-02 17:33:32 +00:00
Howard Chu
36b0611404 ITS#2588, ITS#2661 docs. 2004-09-28 09:02:31 +00:00
Kurt Zeilenga
424d673a6c Update SSF comments 2004-09-13 20:43:33 +00:00
Pierangelo Masarati
04734610de fix file:/// URI 2004-09-11 15:59:34 +00:00
Kurt Zeilenga
441ff00a06 Add default note 2004-09-10 22:55:59 +00:00
Kurt Zeilenga
3869e3b84d Add localSSF slapd.conf(5) directive to set SSF associated 
with ldapi:// sessions.
 2004-09-10 22:35:24 +00:00
Kurt Zeilenga
5f5d50aeb0 Add TLS cipher suite directive to ldap.conf(5) 2004-09-05 07:21:20 +00:00
Pierangelo Masarati
450b579971 cleanup docs 2004-08-24 09:27:45 +00:00
Pierangelo Masarati
f64de49b9f update and cleanup 2004-08-21 12:28:54 +00:00
Pierangelo Masarati
905c8d580b move proxycache configuration directives into slapo-pcache; add references in related man pages 2004-08-21 12:20:01 +00:00
Pierangelo Masarati
d606635ec1 cleanup 2004-08-21 09:47:50 +00:00
Pierangelo Masarati
7b4a51cc28 further improve loglevel selection 2004-07-29 12:39:51 +00:00
Pierangelo Masarati
f33b51832a allow to use names to set loglevel 2004-07-29 00:10:03 +00:00
Pierangelo Masarati
9f6f5491fe slightly rework user/operational attributes handling (including fixing a bug in the logic of the previous change to backend_operational()); cleanup; more improvements to slapo-rwm and back-relay 2004-07-25 23:16:40 +00:00
Howard Chu
6a00e8b326 More info about linearindex and slapadd 2004-07-22 22:52:47 +00:00
Howard Chu
dd7003cf9f Added linearindex option for slapindex. Improves performance when database 
size exceeds dbcache size by minimizing cache thrashing.
 2004-07-22 22:32:37 +00:00
Howard Chu
f9f22058e7 ITS#3178 add "fasttool" option to disable transaction logging in tool mode 2004-07-22 22:14:35 +00:00
Pierangelo Masarati
52a49e0840 improve manual and make naming contexts uniform; NOTE: backwards compatibility not preserved 2004-07-20 00:46:20 +00:00
Pierangelo Masarati
fa694f0c3c document rwm overlay 2004-07-18 21:45:20 +00:00
Pierangelo Masarati
23c5f4c09f small improvements 2004-07-06 22:37:22 +00:00
Pierangelo Masarati
f64283ccae beautify and clarify <what> clause usage and defaults 2004-06-28 14:33:35 +00:00
Pierangelo Masarati
44e8ffd4fe clarify the use of regex and expand in by dn clauses 2004-06-28 10:22:48 +00:00
Pierangelo Masarati
d8eff4d1b5 use hard limit instead of returning adminLimitExceeded when requested limit exceeds hard; improve (and document) syntax; modify test025 accordingly 2004-06-22 09:43:41 +00:00
Kurt Zeilenga
5238488e60 Replaced MSAD specific stuff 2004-06-22 04:33:18 +00:00
Pierangelo Masarati
ca33242924 manual cleanup 2004-06-20 22:39:43 +00:00
Pierangelo Masarati
b1a1f0b8b6 cleanup limits 2004-06-19 10:01:47 +00:00
Kurt Zeilenga
c521e21946 Okay, fully revert commit before last. 2004-06-17 23:23:15 +00:00
Kurt Zeilenga
28668bfa62 Partial revert of last change. shm_key documentation needed. 2004-06-17 23:01:22 +00:00
Kurt Zeilenga
08c405257b Undocument backend options which overlap DB_CONFIG options. 
DB_CONFIG should generally be used instead.
 2004-06-17 22:51:27 +00:00
Pierangelo Masarati
05b60e6b1e s/to/by/ 2004-06-17 22:51:03 +00:00
Pierangelo Masarati
f78611bf5e improve documentation of how to specify multiple uris 2004-06-16 15:18:34 +00:00
Pierangelo Masarati
a0dfadceef mention new tools 2004-06-15 22:40:53 +00:00
Pierangelo Masarati
b1718c4f69 mention new tools 2004-06-15 22:39:08 +00:00
Pierangelo Masarati
71142cc7e5 mention new tools 2004-06-15 22:38:31 +00:00
Pierangelo Masarati
a527174bcb fix indent (any man expert to check it?) 2004-06-15 20:57:28 +00:00
Pierangelo Masarati
a18e199e0d more on identity assertion 2004-05-22 17:26:02 +00:00
Howard Chu
725ca08f8d Add note about syncrepl Persist retries 2004-05-21 23:58:26 +00:00
Pierangelo Masarati
46b27edc3b more on idassert 2004-05-15 10:10:09 +00:00
Pierangelo Masarati
8b954144d6 reflect Kurt's comments on ID assertion 2004-05-14 10:01:22 +00:00
Pierangelo Masarati
f035e1f18f document proxyauthz{dn|pw} and idassert-* 2004-05-13 23:35:39 +00:00
Pierangelo Masarati
03c64541d4 add granular op restriction 2004-05-01 17:53:37 +00:00
Pierangelo Masarati
ff0df4b6aa add group authz 2004-04-25 23:59:06 +00:00
Pierangelo Masarati
9c10415919 - clarify when $$ must be used in regex; 
- clarify access privileges of rootdn;
- clarify that auth access is always required when performing authz-regexp,
  not only for proxyAuthz
 2004-04-19 01:19:41 +00:00
Pierangelo Masarati
05a84fb025 typo 2004-04-19 00:08:32 +00:00
Pierangelo Masarati
80c34cf27e typos 2004-04-18 21:36:32 +00:00
Howard Chu
8da6bf194a Added referential integrity and attribute uniqueness overlays 2004-04-17 08:17:43 +00:00
Kurt Zeilenga
349c7834ce Rename config options and attribute names (for 2.3). 2004-04-16 02:29:55 +00:00
Pierangelo Masarati
6624f68725 fix braindead config option (mostly harmless) 2004-04-15 20:27:43 +00:00
Pierangelo Masarati
8ea2f6e157 further clarify size limits 2004-04-15 01:16:53 +00:00
Pierangelo Masarati
6b2347be6a document lastmod overlay 2004-04-14 23:35:17 +00:00
Pierangelo Masarati
8bf68bc796 clarify the use of the fail_if_no_mapping switch and minor cleanup 2004-04-14 13:10:00 +00:00
Pierangelo Masarati
25c672a844 document search disable feature (spin-off of limit on unchecked entries) 2004-04-09 17:57:48 +00:00
Pierangelo Masarati
2e13fbeea1 completion of limits w/ paged results control 2004-04-09 15:54:46 +00:00
Hallvard Furuseth
6b45e32da3 Add NEW_LOGGING note for the commented-out "debug" and "logfile" options. 2004-04-09 05:27:04 +00:00
Pierangelo Masarati
85b078a3cb clarify what rewrite rules suffixmassage corresponds to 2004-04-07 20:55:32 +00:00
Kurt Zeilenga
bd7cd42669 clarify updatedn (again) 2004-04-07 03:32:55 +00:00
Kurt Zeilenga
bd765b849d ITS#2768: configuring slurpd's interval between replog checks 
based upon a patch submitted by Jason Townsend (Apple).
 2004-03-23 01:12:11 +00:00
Howard Chu
d4d5e253d9 Fix header 2004-03-19 20:23:26 +00:00
Howard Chu
057a385346 Rename slapd-ppolicy.5 to slapo-ppolicy.5 2004-03-19 20:18:46 +00:00
Pierangelo Masarati
9e159e2382 remove outdated comment 2004-03-18 21:48:21 +00:00
Pierangelo Masarati
fa3baaeae9 overlays reworking 2004-03-18 18:59:46 +00:00
Howard Chu
d1292c1b14 Added ppolicy_use_lockout keyword; Default behavior is not to issue the 
PP_accountLocked error for locked accounts. (Gives too much information
to attackers.)
 2004-03-18 10:35:54 +00:00
Pierangelo Masarati
cd105fab4e man page 2004-03-18 00:36:50 +00:00
Howard Chu
e5ec72c2b9 Add note about overlay directive 2004-03-16 22:25:08 +00:00
Howard Chu
9e39c5e0b6 Docs for ppolicy overlay 2004-03-16 22:00:30 +00:00
Pierangelo Masarati
65b49dd312 add "searchFilterAttrDN" rewrite context, and allow filterstring rewrite 2004-03-10 21:11:14 +00:00
Pierangelo Masarati
006745430e allow "expand" style in peername, sockname, sockurl as well; more sanity checks 2004-03-09 19:44:14 +00:00
Pierangelo Masarati
042869366d use "expand" instead of "regex" for group ACLs that allow substring expansion, preserving backwards compatibility; add sanity checks 2004-03-09 16:33:05 +00:00
Pierangelo Masarati
4645eeb5ec cleanup DN style in limits 2004-03-08 13:13:30 +00:00
Pierangelo Masarati
5716b7f1b2 document saslAuthzTo/saslAuthzFrom new syntax; add onelevel style to DN type 2004-03-06 11:00:49 +00:00
Howard Chu
5f9a87c041 password-hash now takes a list of mechanisms 2004-03-02 22:17:20 +00:00
Kurt Zeilenga
b927f86e3f Clarify updatedn 2004-02-25 17:37:59 +00:00
Pierangelo Masarati
4e57108991 allow search limits based on groups (ITS#2967) 2004-02-18 16:40:36 +00:00
Pierangelo Masarati
cf5e2496f7 map type/name were swapped 2004-02-05 18:17:27 +00:00
Pierangelo Masarati
f5a9f62578 clarify that's useless to give write privileges to the roodn of a database... 2004-01-14 23:11:48 +00:00
Kurt Zeilenga
3c598e89fb Happy new year 2004-01-01 19:15:16 +00:00
Pierangelo Masarati
3994dc645a allow to set max passes per rule 2003-12-29 18:02:49 +00:00
Pierangelo Masarati
9e86d9ffe2 clarify field description in rewriteRule statement 2003-12-29 17:12:29 +00:00
Pierangelo Masarati
c860ba6a23 fix, clarify and document previous commit 2003-12-29 17:06:43 +00:00
Pierangelo Masarati
3ddfddb1a7 typo 2003-12-29 15:22:10 +00:00
Jong Hyuk Choi
cd16a93244 update syncrepl and session log info 2003-12-21 16:32:00 +00:00
Pierangelo Masarati
8e89944abc for consistency, always allow 'onelevel' as an alias for 'one' in dnstyle 2003-12-20 15:29:05 +00:00
Kurt Zeilenga
aabcce3e58 Document +0 2003-12-19 05:06:51 +00:00
Pierangelo Masarati
113727ba53 allow 'all' vs. 'any' sasl-authz-policy 2003-12-18 18:28:43 +00:00
Pierangelo Masarati
ca52621c1b some notes on access required by proxyAuthz control; 
note that other controls may need different access
privileges via, e.g., backend_attribute() (syncrepl?)
 2003-12-18 00:27:01 +00:00
Kurt Zeilenga
c4c6a38a0b Dont mention bare oc in list. 2003-12-17 17:48:56 +00:00
Kurt Zeilenga
30a1ff596d s/+/@/ in OC attr lists 2003-12-17 17:36:41 +00:00
Pierangelo Masarati
947f41832e more clarifications on dnstyle usage 2003-12-16 11:20:59 +00:00
Pierangelo Masarati
ee34f3fb64 add to 'val[.<style>=<value>' ACLs special match styles for DN-valued attributes; add negated objectClass to attribute name lists for ACLs and partial replication 2003-12-16 00:49:10 +00:00
Kurt Zeilenga
75b9f8acdc Make a few OPERATIONAL REQUIREMENT clarifications 
Clean up formating
 2003-12-15 18:41:23 +00:00
Pierangelo Masarati
7444352358 describe detailed access levels required for each operation 2003-12-15 17:55:55 +00:00
Kurt Zeilenga
eec0f83fd7 Fix typos 2003-12-14 21:00:52 +00:00
Pierangelo Masarati
529a03df53 use dedicated admin identity to proxyAuthz 2003-12-13 10:57:42 +00:00
Howard Chu
2f06437348 Updated for proxycache overlay. Probably belongs on its own now... 2003-12-07 04:30:39 +00:00
Kurt Zeilenga
17939ccdca Clarify that the updatedn should not be same as the rootdn. 2003-12-02 21:18:19 +00:00
Pierangelo Masarati
f0ea4161ba add administrative bind and proxyAuthz control to enable bound operations in distributed directories (need to manually #define LDAP_BACK_PROXY_AUTHZ and patches from ITS#2851 and ITS#2852) 2003-12-01 08:29:06 +00:00
Jong Hyuk Choi
4ae382fd79 misc updates 
- syncrepl : id -> rid
 - man page update
 2003-11-26 21:37:44 +00:00
Jong Hyuk Choi
1fdda703e6 Support multiple sync replication at the consumer : 
1) simultaneous operation of multiple active sync replication threads
2) cookie management for individual sync replication thread
   (include rid=%3d to the slapd cookie command line option (-c))
 2003-11-26 19:49:47 +00:00
Kurt Zeilenga
e3a4c4ec9c Notice/Acknowledge updates 2003-11-26 02:58:56 +00:00
Jong Hyuk Choi
c204f4061f keeps syncrepl manpage sections current 2003-11-24 23:16:45 +00:00
Pierangelo Masarati
9620cacd34 clarify the usage of the <modifier> field in 'dn' and 'domain' clauses of <who> access directive 2003-11-01 14:14:09 +00:00
Kurt Zeilenga
d0c05e814d Add a basic DIT content rule test. 
Fix DIT rules to allow extensibleObject in AUX
unifdef -DSLAP_EXTENDED_SCHEMA
 2003-10-24 04:40:32 +00:00
Kurt Zeilenga
f6c1163eea clarify that replacement, but not expression evaluation, 
is done on the string in group.regex=string
We really should rename the style, in this case, to "replacement".
 2003-10-15 08:04:25 +00:00
Luke Howard
976f61f0ed Update SLAPI manual page 2003-10-12 06:36:29 +00:00
Kurt Zeilenga
d03c83f077 ITS#2621, reference slapd.plugin 2003-10-12 04:22:26 +00:00
Kurt Zeilenga
fd445970fb document ditcontentrule directive 2003-10-12 04:20:20 +00:00
Howard Chu
878bff913a Added description for idlcachesize, shm_key 2003-09-27 07:06:48 +00:00
Howard Chu
0eca4fa42f More for dynamic groups 2003-09-21 10:52:44 +00:00
Howard Chu
11148522ec ITS#2573 dynamic group support 2003-09-21 10:45:57 +00:00
Howard Chu
b93a0f45d5 ITS#2497 value-level ACLs 2003-09-21 10:34:40 +00:00
Jong Hyuk Choi
7f882daf15 Schema checking option for LDAP Sync replication 2003-09-03 21:42:52 +00:00
Jong Hyuk Choi
8dc1ac85dd manual update for proxy cache (apurva) 2003-09-03 16:26:17 +00:00
Jong Hyuk Choi
372cb876a0 slapd.conf man page update (LDAP Sync replication configuration) 2003-08-28 22:29:55 +00:00