Root.cz  »  Manuálové stránky  »  skupina Souborové formáty a konvence  »  slapo-chain

slapo-chain

NAME

slapo-chain - chain overlay

SYNOPSIS

/etc/ldap/slapd.conf

DESCRIPTION

The chain overlay to slapd(8) allows automatic referral chasing. Any time a referral is returned (except for bind operations), it chased by using an instance of the ldap backend. If operations are performed with an identity (i.e. after a bind), that identity can be asserted while chasing the referrals by means of the identity assertion feature of back-ldap (see slapd-ldap(5) for details), which is essentially based on the proxyAuthz control (see draft-weltman-ldapv3-proxy for details.) Referral chasing can be controlled by the client by issuing the chaining control (see draft-sermersheim-ldap-chaining for details.)
The config directives that are specific to the chain overlay are prefixed by R chain- , to avoid potential conflicts with directives specific to the underlying database or to other stacked overlays.
There are very few chain overlay specific directives; however, directives related to the instances of the ldap backend that may be implicitly instantiated by the overlay may assume a special meaning when used in conjunction with this overlay. They are described in slapd-ldap(5), and they also need be prefixed by R chain- .
overlay chain
This directive adds the chain overlay to the current backend. The chain overlay may be used with any backend, but it is mainly intended for use with local storage backends that may return referrals. It is useless in conjunction with the slapd-ldap and slapd-meta backends because they already exploit the libldap specific referral chase feature. [Note: this may change in the future, as the ldap(5) and meta(5) backends might no longer chase referrals on their own.]
chain-chaining [resolve=<r>] [continuation=<c>] [critical]
This directive enables the chaining control (see draft-sermersheim-ldap-chaining for details) with the desired resolve and continuation behaviors and criticality. The resolve parameter refers to the behavior while discovering a resource, namely when accessing the object indicated by the request DN; the continuation parameter refers to the behavior while handling intermediate responses, which is mostly significant for the search operation, but may affect extended operations that return intermediate responses. The values r and c can be any of R chainingPreferred , R chainingRequired , R referralsPreferred , R referralsRequired . If the critical flag affects the control criticality if provided. [This control is experimental and its support may change in the future.]
chain-cache-uri {FALSE|true}
This directive instructs the chain overlay to cache connections to URIs parsed out of referrals that are not predefined, to be reused for later chaining. These URIs inherit the properties configured for the underlying slapd-ldap(5) before any occurrence of the chain-uri directive; in detail, they are essentially chained anonymously.
chain-uri <ldapuri>
This directive instantiates a new underlying ldap database and instructs it about which URI to contact to chase referrals. As opposed to what stated in slapd-ldap(5), only one URI can appear after this directive; all subsequent slapd-ldap(5) directives prefixed by chain- refer to this specific instance of a remote server.
Directives for configuring the underlying ldap database may also be required, as shown in this example: 
overlay                 chain
chain-rebind-as-user    FALSE

chain-uri               "ldap://ldap1.example.com"
chain-rebind-as-user    TRUE
chain-idassert-bind     bindmethod="simple"
                        binddn="cn=Auth,dc=example,dc=com"
                        credentials="secret"
                        mode="self"

chain-uri               "ldap://ldap2.example.com"
chain-idassert-bind     bindmethod="simple"
                        binddn="cn=Auth,dc=example,dc=com"
                        credentials="secret"
                        mode="none"
Any valid directives for the ldap database may be used; see slapd-ldap(5) for details. Multiple occurrences of the chain-uri directive may appear, to define multiple "trusted" URIs where operations with identity assertion are chained. All URIs not listed in the configuration are chained anonymously. All slapd-ldap(5) directives appearing before the first occurrence of chain-uri are inherited by all URIs, unless specifically overridden inside each URI configuration.

FILES

/etc/ldap/slapd.conf
default slapd configuration file

SEE ALSO

slapd.conf(5), slapd\-ldap(5), slapd(8).

AUTHOR

Originally implemented by Howard Chu; extended by Pierangelo Masarati.

Zprávičky

Další zprávičky
Napište zprávičku

Dále u nás najdete

Eskapismus táhne, jste připraveni na smíšenou realitu?

50 000 Kč jen pro vás na školení v odborných kurzech

Nvidia jede na vlně AI. Do startupů sype miliardy

AI Overviews je tady. Jde o soumrak vyhledávání?

E-shop pomalý jak pondělí ráno? Pak nečekejte úterní tržby

Stárnu a křičím na mraky, že web je rozbitý

Letní dvojčíslo Computertrends je tady

Lékař na telefonu zdarma vysvětlí zprávu od doktora a lázně

Jste lepší než Kluci z Prahy?

Vtip, emoce a trochu bizáru. Jak na reklamu na sociálních sítích?

Bití dětí může poškodit jejich paměť či imunitu

AI vyhledávání likviduje weby, které ho živí

Česko kývlo na zaměstnanecké akcie

Live streaming sportů trhá rekordy, internetové sítě čelí náporu

Pro psy to nejlepší: Jak vznikla značka, která myslí na zdraví psů?

Souhrn pololetních mzdových novinek

Nejste doma? PPL doručí balík na vaše oblíbené výdejní místo

Nakoupit se slevou můžete, i když nemáte telefon ani věrnostní kartu

Aukce domén: 152 tisíc za jednu adresu a stovky zájemců měsíčně

Lukáš Konečný je v čele Y Soft Ventures, vystřídal Miloše Sochora

Chcete se proškolit Linux za zlomek ceny? Využijte dotaci 82 % z ceny!
TO CHCI