Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
SLAPD.OVERLAYS(5)	      File Formats Manual	     SLAPD.OVERLAYS(5)

       slapd.overlays -	overlays for slapd, the	stand-alone LDAP daemon

       The slapd(8) daemon can use a variety of	different overlays to alter or
       extend the normal behavior of a database	backend.  Overlays may be com-
       piled  statically  into	slapd, or when module support is enabled, they
       may be dynamically loaded. Most of the overlays are only	allowed	to  be
       configured  on  individual  databases,  but some	may also be configured

       Configuration options for each overlay are documented separately	in the
       corresponding slapo-<overlay>(5)	manual pages.

	      Access  Logging.	 This  overlay	can record accesses to a given
	      backend database on another database.

	      Audit Logging.  This overlay records changes on a	given  backend
	      database to an LDIF log file.  By	default	it is not built.

       autoca Automatic	 Certificate Authority overlay.	 This overlay can gen-
	      erate X.509 certificate/key pairs	for entries in	the  directory
	      if slapd is linked to OpenSSL.  By default it is not built.

       chain  Chaining.	 This overlay allows automatic referral	chasing	when a
	      referral would have been returned, either	when configured	by the
	      server or	when requested by the client.

	      Collective Attributes.  This overlay implements RFC 3671 collec-
	      tive attributes; these attributes	share common values  over  all
	      the  members of the collection as	inherited from an ancestor en-

	      Constraint.  This	overlay	enforces  a  regular  expression  con-
	      straint on all values of specified attributes. It	is used	to en-
	      force a more rigorous syntax when	the underlying attribute  syn-
	      tax is too general.

       dds    Dynamic  Directory  Services.  This overlay supports dynamic ob-
	      jects, which have	a limited life after which they	expire and are
	      automatically deleted.

       deref  Dereference Control.  This overlay implements the	draft Derefer-
	      ence control. The	overlay	can be used with any backend or	 glob-
	      ally for all backends.

	      Dynamic Group.  This is a	demo overlay which extends the Compare
	      operation	to detect members of a dynamic group.  It has  no  ef-
	      fect on any other	operations.

	      Dynamic  List.   This overlay allows expansion of	dynamic	groups
	      and more.

	      Home  Directory  Provisioning.   This   overlay	manages	  cre-
	      ation/deletion of	home directories for LDAP-based	Unix accounts.

	      MemberOf.	  This	overlay	maintains automatic reverse group mem-
	      bership values, typically	stored in  an  attribute  called  mem-
	      berOf.  This  overlay  is	deprecated and should be replaced with

       otp    OATH One-Time Password module.  This  module  allows  time-based
	      one-time	password,  AKA	"authenticator-style",	and HMAC-based
	      one-time password	authentication to be used in conjunction  with
	      a	standard LDAP password for two factor authentication.

       pbind  Proxybind.   This	overlay	forwards simple	bind requests on a lo-
	      cal database to a	remote LDAP server.

       pcache Proxycache.  This	overlay	allows caching of LDAP search requests
	      in   a   local  database.	  It  is  most	often  used  with  the
	      slapd-ldap(5) or slapd-meta(5) backends.

	      Password Policy.	This overlay provides a	 variety  of  password
	      control  mechanisms, e.g.	password aging,	password reuse and du-
	      plication	control, mandatory password resets, etc.

       refint Referential Integrity.  This overlay can be used with a  backend
	      database	such as	slapd-mdb(5) to	maintain the cohesiveness of a
	      schema which utilizes reference attributes.

	      Remote Authentication.  This  overlay  delegates	authentication
	      requests to remote directories.

	      Return  Code.   This  overlay  is	useful to test the behavior of
	      clients when server-generated erroneous and/or unusual responses

       rwm    Rewrite/remap.  This overlay is experimental.  It	performs basic
	      DN/data rewrite and objectClass/attributeType mapping.

       sssvlv Server Side Sorting and Virtual List Views.  This	overlay	imple-
	      ments  the  RFC2891 server-side sorting control and virtual list
	      view controls, and replaces the RFC2696 paged-results  implemen-
	      tation to	ensure it works	with the sorting technique.

	      Syncrepl	Provider.   This  overlay implements the provider-side
	      support for syncrepl replication,	 including  persistent	search

	      Translucent  Proxy.   This  overlay  can	be used	with a backend
	      database such as slapd-mdb(5) to create a	 "translucent  proxy".
	      Content  of  entries  retrieved from a remote LDAP server	can be
	      partially	overridden by the database.

       unique Attribute	Uniqueness.  This overlay can be used with  a  backend
	      database	such as	slapd-mdb(5) to	enforce	the uniqueness of some
	      or all attributes	within a subtree.

	      Value Sorting.  This overlay can be used to enforce  a  specific
	      order  for  the  values of an attribute when it is returned in a

	      default slapd configuration file

	      default slapd configuration directory

       ldap(3),	  slapo-accesslog(5),	slapo-auditlog(5),    slapo-autoca(5),
       slapo-chain(5),	slapo-collect(5),  slapo-constraint(5),	 slapo-dds(5),
       slapo-deref(5), slapo-dyngroup(5), slapo-dynlist(5), slapo-memberof(5),
       slapo-pbind(5),	 slapo-pcache(5),  slapo-ppolicy(5),  slapo-refint(5),
       slapo-remoteauth(5), slapo-retcode(5),  slapo-rwm(5),  slapo-sssvlv(5),
       slapo-syncprov(5),  slapo-translucent(5),  slapo-unique(5).  slapo-val-
       sort(5).	 slapd-config(5), slapd.conf(5), slapd.backends(5),  slapd(8).
       "OpenLDAP Administrator's Guide"	(

       OpenLDAP	 Software  is developed	and maintained by The OpenLDAP Project
       <>.  OpenLDAP Software is derived from the Uni-
       versity of Michigan LDAP	3.3 Release.

OpenLDAP 2.6.1			  2022/01/20		     SLAPD.OVERLAYS(5)


Want to link to this manual page? Use this URL:

home | help