Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
SLAPD.OVERLAYS(5)	      File Formats Manual	     SLAPD.OVERLAYS(5)

NAME
       slapd.overlays -	overlays for slapd, the	stand-alone LDAP daemon

DESCRIPTION
       The slapd(8) daemon can use a variety of	different overlays to alter or
       extend the normal behavior of a database	backend.  Overlays may be com-
       piled  statically  into	slapd, or when module support is enabled, they
       may be dynamically loaded. Most of the overlays are only	allowed	to  be
       configured  on  individual  databases,  but some	may also be configured
       globally.

       Configuration options for each overlay are documented separately	in the
       corresponding slapo-<overlay>(5)	manual pages.

       accesslog
	      Access  Logging.	 This  overlay	can record accesses to a given
	      backend database on another database.

       auditlog
	      Audit Logging.  This overlay records changes on a	given  backend
	      database to an LDIF log file.  By	default	it is not built.

       autoca Automatic	 Certificate Authority overlay.	 This overlay can gen-
	      erate X.509 certificate/key pairs	for entries in	the  directory
	      if slapd is linked to OpenSSL.  By default it is not built.

       chain  Chaining.	 This overlay allows automatic referral	chasing	when a
	      referral would have been returned, either	when configured	by the
	      server or	when requested by the client.

       collect
	      Collective Attributes.  This overlay implements RFC 3671 collec-
	      tive attributes; these attributes	share common values  over  all
	      the  members of the collection as	inherited from an ancestor en-
	      try.

       constraint
	      Constraint.  This	overlay	enforces  a  regular  expression  con-
	      straint on all values of specified attributes. It	is used	to en-
	      force a more rigorous syntax when	the underlying attribute  syn-
	      tax is too general.

       dds    Dynamic  Directory  Services.  This overlay supports dynamic ob-
	      jects, which have	a limited life after which they	expire and are
	      automatically deleted.

       deref  Dereference Control.  This overlay implements the	draft Derefer-
	      ence control. The	overlay	can be used with any backend or	 glob-
	      ally for all backends.

       dyngroup
	      Dynamic Group.  This is a	demo overlay which extends the Compare
	      operation	to detect members of a dynamic group.  It has  no  ef-
	      fect on any other	operations.

       dynlist
	      Dynamic  List.   This overlay allows expansion of	dynamic	groups
	      and more.

       homedir
	      Home  Directory  Provisioning.   This   overlay	manages	  cre-
	      ation/deletion of	home directories for LDAP-based	Unix accounts.

       memberof
	      MemberOf.	  This	overlay	maintains automatic reverse group mem-
	      bership values, typically	stored in  an  attribute  called  mem-
	      berOf.  This  overlay  is	deprecated and should be replaced with
	      dynlist.

       otp    OATH One-Time Password module.  This  module  allows  time-based
	      one-time	password,  AKA	"authenticator-style",	and HMAC-based
	      one-time password	authentication to be used in conjunction  with
	      a	standard LDAP password for two factor authentication.

       pbind  Proxybind.   This	overlay	forwards simple	bind requests on a lo-
	      cal database to a	remote LDAP server.

       pcache Proxycache.  This	overlay	allows caching of LDAP search requests
	      in   a   local  database.	  It  is  most	often  used  with  the
	      slapd-ldap(5) or slapd-meta(5) backends.

       ppolicy
	      Password Policy.	This overlay provides a	 variety  of  password
	      control  mechanisms, e.g.	password aging,	password reuse and du-
	      plication	control, mandatory password resets, etc.

       refint Referential Integrity.  This overlay can be used with a  backend
	      database	such as	slapd-mdb(5) to	maintain the cohesiveness of a
	      schema which utilizes reference attributes.

       remoteauth
	      Remote Authentication.  This  overlay  delegates	authentication
	      requests to remote directories.

       retcode
	      Return  Code.   This  overlay  is	useful to test the behavior of
	      clients when server-generated erroneous and/or unusual responses
	      occur.

       rwm    Rewrite/remap.  This overlay is experimental.  It	performs basic
	      DN/data rewrite and objectClass/attributeType mapping.

       sssvlv Server Side Sorting and Virtual List Views.  This	overlay	imple-
	      ments  the  RFC2891 server-side sorting control and virtual list
	      view controls, and replaces the RFC2696 paged-results  implemen-
	      tation to	ensure it works	with the sorting technique.

       syncprov
	      Syncrepl	Provider.   This  overlay implements the provider-side
	      support for syncrepl replication,	 including  persistent	search
	      functionality.

       translucent
	      Translucent  Proxy.   This  overlay  can	be used	with a backend
	      database such as slapd-mdb(5) to create a	 "translucent  proxy".
	      Content  of  entries  retrieved from a remote LDAP server	can be
	      partially	overridden by the database.

       unique Attribute	Uniqueness.  This overlay can be used with  a  backend
	      database	such as	slapd-mdb(5) to	enforce	the uniqueness of some
	      or all attributes	within a subtree.

       valsort
	      Value Sorting.  This overlay can be used to enforce  a  specific
	      order  for  the  values of an attribute when it is returned in a
	      search.

FILES
       /usr/local/etc/openldap/slapd.conf
	      default slapd configuration file

       /usr/local/etc/openldap/slapd.d
	      default slapd configuration directory

SEE ALSO
       ldap(3),	  slapo-accesslog(5),	slapo-auditlog(5),    slapo-autoca(5),
       slapo-chain(5),	slapo-collect(5),  slapo-constraint(5),	 slapo-dds(5),
       slapo-deref(5), slapo-dyngroup(5), slapo-dynlist(5), slapo-memberof(5),
       slapo-pbind(5),	 slapo-pcache(5),  slapo-ppolicy(5),  slapo-refint(5),
       slapo-remoteauth(5), slapo-retcode(5),  slapo-rwm(5),  slapo-sssvlv(5),
       slapo-syncprov(5),  slapo-translucent(5),  slapo-unique(5).  slapo-val-
       sort(5).	 slapd-config(5), slapd.conf(5), slapd.backends(5),  slapd(8).
       "OpenLDAP Administrator's Guide"	(http://www.OpenLDAP.org/doc/admin/)

ACKNOWLEDGEMENTS
       OpenLDAP	 Software  is developed	and maintained by The OpenLDAP Project
       <http://www.openldap.org/>.  OpenLDAP Software is derived from the Uni-
       versity of Michigan LDAP	3.3 Release.

OpenLDAP 2.6.1			  2022/01/20		     SLAPD.OVERLAYS(5)

NAME | DESCRIPTION | FILES | SEE ALSO | ACKNOWLEDGEMENTS

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=slapd.overlays&sektion=5&manpath=FreeBSD+13.1-RELEASE+and+Ports>

home | help