Приложение E: OpenLDAP config.ldif

Эта оптимизированная (в основном) для просмотра (ну хорошо, она будет оптимизирована уже совсем скоро (Real Soon Now™)) и откомментированная (ну хорошо, она обязательно будет откомментирована) версия LDIF-файла, используемого для загрузки схемы данных для OLC cn=config (конфигурации времени исполнения или онлайн-конфигурации) OpenLDAP 2.3+, а также для некоторых других вещей. Он находится в /etc/openldap/slapd.d/cn=config/cn=schema.ldif (или [bsd] /usr/local/etc/openldap/slapd.d/cn=config/cn=schema.ldif). Вы можете получить его из записи DIT cn=schema,cn=config с помощью ldapsearch или LDAP-браузера. В нём представлен набор объектных классов — контейнеров атрибутов cn=config, которые в основном соответствуют названиям директив slapd.conf с префиксом olc, то есть директива slapd.conf access становится olcAccess. Ряд важных объектных классов, используемых в OLC (cn=config) (смотрите описание макета/организации записей в OLC (cn=config) здесь):

  1. olcGlobal — содержит все атрибуты, которые можно использовать в записи глобальных настроек.
  2. olcSchemaConfig — содержит все атрибуты, которые можно использовать в записи схемы данных.
  3. olcBackendConfig — содержит все атрибуты, которые можно использовать в записях механизмов манипуляции данными.
  4. olcDatabaseConfig — содержит все атрибуты, которые можно использовать в записях баз данных.
  5. olcOverlayConfig — содержит все атрибуты, которые можно использовать в записях наложений.

Дополнительная информация по cn=config.

Представленный ниже файл снабжён комментариями и гиперссылками — исходную версию, поставляемую с OpenLDAP 2.4, можно взять здесь (сохраните как .ldif, используя функцию "сохранить как" Вашего браузера).

dn: cn=schema
objectClass: olcSchemaConfig
cn: schema
olcObjectIdentifier: OLcfg 1.3.6.1.4.1.4203.666.11.1
olcObjectIdentifier: OLcfgAt OLcfg:3
olcObjectIdentifier: OLcfgGlAt OLcfgAt:0
olcObjectIdentifier: OLcfgBkAt OLcfgAt:1
olcObjectIdentifier: OLcfgDbAt OLcfgAt:2
olcObjectIdentifier: OLcfgOvAt OLcfgAt:3
olcObjectIdentifier: OLcfgCtAt OLcfgAt:4
olcObjectIdentifier: OLcfgOc OLcfg:4
olcObjectIdentifier: OLcfgGlOc OLcfgOc:0
olcObjectIdentifier: OLcfgBkOc OLcfgOc:1
olcObjectIdentifier: OLcfgDbOc OLcfgOc:2
olcObjectIdentifier: OLcfgOvOc OLcfgOc:3
olcObjectIdentifier: OLcfgCtOc OLcfgOc:4
olcObjectIdentifier: OMsyn 1.3.6.1.4.1.1466.115.121.1
olcObjectIdentifier: OMsBoolean OMsyn:7
olcObjectIdentifier: OMsDN OMsyn:12
olcObjectIdentifier: OMsDirectoryString OMsyn:15
olcObjectIdentifier: OMsIA5String OMsyn:26
olcObjectIdentifier: OMsInteger OMsyn:27
olcObjectIdentifier: OMsOID OMsyn:38
olcObjectIdentifier: OMsOctetString OMsyn:40

olcAttributeTypes: ( 2.5.4.0 NAME 'objectClass' 
 DESC 'RFC4512": object classes of the entity' EQUALITY objectIdentifierMatch 
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )

olcAttributeTypes: ( 2.5.21.9 NAME 'structuralObjectClass' 
 DESC 'RFC4512": structural object class of entry' EQUALITY objectIdentifierMatch 
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 SINGLE-VALUE NO-USER-MODIFICATION 
 USAGE directoryOperation )

olcAttributeTypes: ( 2.5.18.1 NAME 'createTimestamp' 
 DESC 'RFC4512": time which object was created' EQUALITY generalizedTimeMatch 
 ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 
 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )

olcAttributeTypes: ( 2.5.18.2 NAME 'modifyTimestamp' 
 DESC 'RFC4512": time which object was last modified' EQUALITY generalizedTimeMatch
 ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )

olcAttributeTypes: ( 2.5.18.3 NAME 'creatorsName' 
 DESC 'RFC4512": name of creator' EQUALITY distinguishedNameMatch 
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE NO-USER-MODIFICATION 
 USAGE directoryOperation )

olcAttributeTypes: ( 2.5.18.4 NAME 'modifiersName' 
 DESC 'RFC4512": name of last modifier' EQUALITY distinguishedNameMatch 
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE NO-USER-MODIFICATION
 USAGE directoryOperation )

olcAttributeTypes: ( 2.5.18.9 NAME 'hasSubordinates' 
 DESC 'X.501: entry has children' EQUALITY booleanMatch 
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE NO-USER-MODIFICATION
 USAGE directoryOperation )

olcAttributeTypes: ( 2.5.18.10 NAME 'subschemaSubentry' 
 DESC 'RFC4512": name of controlling subschema entry' EQUALITY distinguishedNameMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE NO-USER-MODIFICATION
 USAGE directoryOperation )

olcAttributeTypes: ( 1.3.6.1.1.20 NAME 'entryDN' 
 DESC 'DN of the entry' EQUALITY distinguishedNameMatch 
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE NO-USER-MODIFICATION
 USAGE directoryOperation )

olcAttributeTypes: ( 1.3.6.1.1.16.4 NAME 'entryUUID'
 DESC 'UUID of the entry' EQUALITY UUIDMatch ORDERING UUIDOrderingMatch
 SYNTAX 1.3.6.1.1.16.1 SINGLE-VALUE NO-USER-MODIFICATION 
 USAGE directoryOperation )

olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.7 
 NAME 'entryCSN' DESC 'change sequence number of the entry content'
 EQUALITY CSNMatch ORDERING CSNOrderingMatch 
 SYNTAX 1.3.6.1.4.1.4203.666.11.2.1{64} SINGLE-VALUE NO-USER-MODIFICATION
 USAGE directoryOperation )

olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.13 NAME 'namingCSN' 
 DESC 'change sequence number of the entry naming (RDN)' 
 EQUALITY CSNMatch ORDERING CSNOrderingMatch
 SYNTAX 1.3.6.1.4.1.4203.666.11.2.1{64} SINGLE-VALUE NO-USER-MODIFICATION
 USAGE directoryOperation )

olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.23 NAME 'syncreplCookie' 
 DESC 'syncrepl Cookie for shadow copy' EQUALITY octetStringMatch 
 ORDERING octetStringOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )

olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.25 NAME 'contextCSN' 
 DESC 'the largest committed CSN of a context' EQUALITY CSNMatch 
 ORDERING CSNOrderingMatch SYNTAX 1.3.6.1.4.1.4203.666.11.2.1{64}
 NO-USER-MODIFICATION USAGE dSAOperation )

olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.6 NAME 'altServer' 
 DESC 'RFC4512": alternative servers' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
 USAGE dSAOperation )

olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.5 NAME 'namingContexts'
 DESC 'RFC4512": naming contexts' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
 USAGE dSAOperation )

olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.13 NAME 'supportedControl'
 DESC 'RFC4512": supported controls' SYNTAX 1.3.6.1.4.1.1466.115.121.1.38
 USAGE dSAOperation )
 
olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.7 NAME 'supportedExtension'
 DESC 'RFC4512": supported extended operations'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation )
 
olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.15 NAME 'supportedLDAPVersion'
 DESC 'RFC4512": supported LDAP versions' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
 USAGE dSAOperation )

olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.14 NAME 'supportedSASLMechanisms'
 DESC 'RFC4512": supported SASL mechanisms' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
 USAGE dSAOperation )

olcAttributeTypes: ( 1.3.6.1.4.1.4203.1.3.5 NAME 'supportedFeatures'
 DESC 'RFC4512": features supported by the server'
 EQUALITY objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.38
 USAGE dSAOperation )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.10 NAME 'monitorContext'
 DESC 'monitor context' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE 
 NO-USER-MODIFICATION USAGE dSAOperation )

olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.1.1 NAME 'configContext'
 DESC 'config context' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE 
 NO-USER-MODIFICATION USAGE dSAOperation )
 
olcAttributeTypes: ( 1.3.6.1.1.4 NAME 'vendorName' 
 DESC 'RFC3045: name of implementation vendor' EQUALITY caseExactMatch 
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE NO-USER-MODIFICATION
 USAGE dSAOperation )

olcAttributeTypes: ( 1.3.6.1.1.5 NAME 'vendorVersion' 
 DESC 'RFC3045: version of implementation' EQUALITY caseExactMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE NO-USER-MODIFICATION
 USAGE dSAOperation )

olcAttributeTypes: ( 2.5.18.5 NAME 'administrativeRole' 
 DESC 'RFC3672: administrative role' EQUALITY objectIdentifierMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE directoryOperation )
 
olcAttributeTypes: ( 2.5.18.6 NAME 'subtreeSpecification'
 DESC 'RFC3672: subtree specification' SYNTAX 1.3.6.1.4.1.1466.115.121.1.45
 SINGLE-VALUE USAGE directoryOperation )
 
olcAttributeTypes: ( 2.5.21.1 NAME 'dITStructureRules'
 DESC 'RFC4512": DIT structure rules' EQUALITY integerFirstComponentMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.17 USAGE directoryOperation )

olcAttributeTypes: ( 2.5.21.2 NAME 'dITContentRules' 
 DESC 'RFC4512": DIT content rules' EQUALITY objectIdentifierFirstComponentMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.16 USAGE directoryOperation )
 
olcAttributeTypes: ( 2.5.21.4 NAME 'matchingRules' 
 DESC 'RFC4512": matching rules' EQUALITY objectIdentifierFirstComponentMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.30 USAGE directoryOperation )
 
olcAttributeTypes: ( 2.5.21.5 NAME 'attributeTypes' 
 DESC 'RFC4512": attribute types' EQUALITY objectIdentifierFirstComponentMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.3 USAGE directoryOperation )

olcAttributeTypes: ( 2.5.21.6 NAME 'objectClasses' 
 DESC 'RFC4512": object classes' EQUALITY objectIdentifierFirstComponentMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.37 USAGE directoryOperation )
 
olcAttributeTypes: ( 2.5.21.7 NAME 'nameForms' 
 DESC 'RFC4512": name forms ' EQUALITY objectIdentifierFirstComponentMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.35 USAGE directoryOperation )
 
olcAttributeTypes: ( 2.5.21.8 NAME 'matchingRuleUse' 
 DESC 'RFC4512": matching rule uses' EQUALITY objectIdentifierFirstComponentMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.31 USAGE directoryOperation )
 
olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.16 NAME 'ldapSyntaxes'
 DESC 'RFC4512": LDAP syntaxes' EQUALITY objectIdentifierFirstComponentMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.54 USAGE directoryOperation )
 
olcAttributeTypes: ( 2.5.4.1 NAME ( 'aliasedObjectName' 'aliasedEntryName' )
 DESC 'RFC4512": name of aliased object' EQUALITY distinguishedNameMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
 
olcAttributeTypes: ( 2.16.840.1.113730.3.1.34 NAME 'ref' 
 DESC 'RFC3296: subordinate referral URL' EQUALITY caseExactMatch 
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 USAGE distributedOperation )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.1.3.1 NAME 'entry'
 DESC 'OpenLDAP ACL entry pseudo-attribute' SYNTAX 1.3.6.1.4.1.4203.1.1.1
 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.1.3.2 NAME 'children' 
 DESC 'OpenLDAP ACL children pseudo-attribute' SYNTAX 1.3.6.1.4.1.4203.1.1.1
 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )

olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.8 NAME ( 'authzTo' 'saslAuthzTo' )
 DESC 'proxy authorization targets' EQUALITY authzMatch 
 SYNTAX 1.3.6.1.4.1.4203.666.2.7 USAGE distributedOperation X-ORDERED 'VALUES' )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.9 
 NAME ( 'authzFrom' 'saslAuthzFrom' ) 
 DESC 'proxy authorization sources' EQUALITY authzMatch
 SYNTAX 1.3.6.1.4.1.4203.666.2.7 USAGE distributedOperation X-ORDERED 'VALUES' )

olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.119.3 NAME 'entryTtl' 
 DESC 'RFC2589: entry time-to-live' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )

olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.119.4 NAME 'dynamicSubtrees'
 DESC 'RFC2589: dynamic subtrees' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
 NO-USER-MODIFICATION USAGE dSAOperation )
 
olcAttributeTypes: ( 2.5.4.49 NAME 'distinguishedName' 
 DESC 'RFC4519: common supertype of DN attributes' 
 EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
 
olcAttributeTypes: ( 2.5.4.41 NAME 'name' 
 DESC 'RFC4519: common supertype of name attributes' EQUALITY caseIgnoreMatch 
 SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )

olcAttributeTypes: ( 2.5.4.3 NAME ( 'cn' 'commonName' ) 
 DESC 'RFC4519: common name(s) for which the entity is known by' SUP name )

olcAttributeTypes: ( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' )
 DESC 'RFC4519: user identifier' EQUALITY caseIgnoreMatch 
 SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )

olcAttributeTypes: ( 1.3.6.1.1.1.1.0 NAME 'uidNumber'
 DESC 'RFC2307: An integer uniquely identifying a user in an administrative domain'
 EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
 
olcAttributeTypes: ( 1.3.6.1.1.1.1.1 NAME 'gidNumber' 
 DESC 'RFC2307: An integer uniquely identifying a group in an administrative domain' 
 EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

olcAttributeTypes: ( 2.5.4.35 NAME 'userPassword'
 DESC 'RFC4519/2307: password of user' EQUALITY octetStringMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
 
olcAttributeTypes: ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI'
 DESC 'RFC2079: Uniform Resource Identifier with optional label'
 EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
 
olcAttributeTypes: ( 2.5.4.13 NAME 'description'
 DESC 'RFC4519: descriptive information' EQUALITY caseIgnoreMatch
 SUBSTR caseIgnoreSubstringsMatch 
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} )
 
olcAttributeTypes: ( 2.5.4.34 NAME 'seeAlso' 
 DESC 'RFC4519: DN of related object' SUP distinguishedName )
 
#############################################################################
#                                                                           #
# Start of config directives olc + slapd.conf directive name                #
#                                                                           #
#############################################################################
olcAttributeTypes: ( OLcfgGlAt:78 NAME 'olcConfigFile' 
 DESC 'File for slapd configuration directives' EQUALITY caseIgnoreMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:79 NAME 'olcConfigDir'
 DESC 'Directory for slapd configuration backend' EQUALITY caseIgnoreMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )

olcAttributeTypes: ( OLcfgGlAt:1 NAME 'olcAccess' 
 DESC 'Access Control List' EQUALITY caseIgnoreMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORDERED 'VALUES' )

olcAttributeTypes: ( OLcfgGlAt:2 NAME 'olcAllows'
 DESC 'Allowed set of deprecated features' EQUALITY caseIgnoreMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
 
olcAttributeTypes: ( OLcfgGlAt:3 NAME 'olcArgsFile'
 DESC 'File for slapd command line options' EQUALITY caseIgnoreMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:5 NAME 'olcAttributeOptions'
 EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
 
olcAttributeTypes: ( OLcfgGlAt:4 NAME 'olcAttributeTypes' 
 DESC 'OpenLDAP attributeTypes' EQUALITY caseIgnoreMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORDERED 'VALUES' )
 
olcAttributeTypes: ( OLcfgGlAt:6 NAME 'olcAuthIDRewrite'
 EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORDERED 'VALUES' )

olcAttributeTypes: ( OLcfgGlAt:7 NAME 'olcAuthzPolicy'
 EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )

olcAttributeTypes: ( OLcfgGlAt:8 NAME 'olcAuthzRegexp'
 EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORDERED 'VALUES' )

olcAttributeTypes: ( OLcfgGlAt:9 NAME 'olcBackend'
 DESC 'A type of backend' EQUALITY caseIgnoreMatch 
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORDERED 'SIBLINGS' )

olcAttributeTypes: ( OLcfgGlAt:10 NAME 'olcConcurrency'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:11 NAME 'olcConnMaxPending'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

olcAttributeTypes: ( OLcfgGlAt:12 NAME 'olcConnMaxPendingAuth'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

olcAttributeTypes: ( OLcfgGlAt:13 NAME 'olcDatabase'
 DESC 'The backend type for a database instance' SUP olcBackend 
 SINGLE-VALUE X-ORDERED 'SIBLINGS' )

olcAttributeTypes: ( OLcfgGlAt:14 NAME 'olcDefaultSearchBase'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )

olcAttributeTypes: ( OLcfgGlAt:15 NAME 'olcDisallows'
 EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

olcAttributeTypes: ( OLcfgGlAt:16 NAME 'olcDitContentRules'
 DESC 'OpenLDAP DIT content rules' EQUALITY caseIgnoreMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORDERED 'VALUES' )

olcAttributeTypes: ( OLcfgGlAt:17 NAME 'olcGentleHUP'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgDbAt:0.17 NAME 'olcHidden'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )

olcAttributeTypes: ( OLcfgGlAt:18 NAME 'olcIdleTimeout'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:19 NAME 'olcInclude' SUP labeledURI )

olcAttributeTypes: ( OLcfgGlAt:20 NAME 'olcIndexSubstrIfMinLen'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:21 NAME 'olcIndexSubstrIfMaxLen'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:22 NAME 'olcIndexSubstrAnyLen'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:23 NAME 'olcIndexSubstrAnyStep' 
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:84 NAME 'olcIndexIntLen'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgDbAt:0.4 NAME 'olcLastMod'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgDbAt:0.5 NAME 'olcLimits' 
 EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORDERED 'VALUES' )

olcAttributeTypes: ( OLcfgGlAt:26 NAME 'olcLocalSSF' 
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:27 NAME 'olcLogFile'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:28 NAME 'olcLogLevel'
 EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

olcAttributeTypes: ( OLcfgDbAt:0.6 NAME 'olcMaxDerefDepth' 
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

olcAttributeTypes: ( OLcfgDbAt:0.16 NAME 'olcMirrorMode' 
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:30 NAME 'olcModuleLoad' 
 EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORDERED 'VALUES' )

olcAttributeTypes: ( OLcfgGlAt:31 NAME 'olcModulePath'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgDbAt:0.18 NAME 'olcMonitoring'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:32 NAME 'olcObjectClasses'
 DESC 'OpenLDAP object classes' EQUALITY caseIgnoreMatch 
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORDERED 'VALUES' )
 
olcAttributeTypes: ( OLcfgGlAt:33 NAME 'olcObjectIdentifier'
 EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORDERED 'VALUES' )
 
olcAttributeTypes: ( OLcfgGlAt:34 NAME 'olcOverlay' SUP olcDatabase
 SINGLE-VALUE X-ORDERED 'SIBLINGS' )
 
olcAttributeTypes: ( OLcfgGlAt:35 NAME 'olcPasswordCryptSaltFormat'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:36 NAME 'olcPasswordHash'
 EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

olcAttributeTypes: ( OLcfgGlAt:37 NAME 'olcPidFile'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:38 NAME 'olcPlugin' 
 EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
 
olcAttributeTypes: ( OLcfgGlAt:39 NAME 'olcPluginLogFile'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:40 NAME 'olcReadOnly'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:41 NAME 'olcReferral' SUP labeledURI
 SINGLE-VALUE )

olcAttributeTypes: ( OLcfgDbAt:0.7 NAME 'olcReplica' SUP labeledURI
 EQUALITY caseIgnoreMatch X-ORDERED 'VALUES' )
 
olcAttributeTypes: ( OLcfgGlAt:43 NAME 'olcReplicaArgsFile'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:44 NAME 'olcReplicaPidFile'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:45 NAME 'olcReplicationInterval'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:46 NAME 'olcReplogFile'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:47 NAME 'olcRequires' EQUALITY caseIgnoreMatch 
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
 
olcAttributeTypes: ( OLcfgGlAt:48 NAME 'olcRestrict' EQUALITY caseIgnoreMatch 
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
 
olcAttributeTypes: ( OLcfgGlAt:49 NAME 'olcReverseLookup' 
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgDbAt:0.8 NAME 'olcRootDN'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:51 NAME 'olcRootDSE' EQUALITY caseIgnoreMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
 
olcAttributeTypes: ( OLcfgDbAt:0.9 NAME 'olcRootPW'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:53 NAME 'olcSaslHost'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:54 NAME 'olcSaslRealm'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:56 NAME 'olcSaslSecProps'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:58 NAME 'olcSchemaDN'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:59 NAME 'olcSecurity'
 EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
 
olcAttributeTypes: ( OLcfgGlAt:81 NAME 'olcServerID'
 EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
 
olcAttributeTypes: ( OLcfgGlAt:60 NAME 'olcSizeLimit'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:61 NAME 'olcSockbufMaxIncoming'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:62 NAME 'olcSockbufMaxIncomingAuth'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:83 NAME 'olcSortVals'
 DESC 'Attributes whose values will always be sorted' EQUALITY caseIgnoreMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
 
olcAttributeTypes: ( OLcfgDbAt:0.15 NAME 'olcSubordinate'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgDbAt:0.10 NAME 'olcSuffix' 
 EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
 
olcAttributeTypes: ( OLcfgDbAt:0.11 NAME 'olcSyncrepl'
 EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORDERED 'VALUES' )

olcAttributeTypes: ( OLcfgGlAt:66 NAME 'olcThreads'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:67 NAME 'olcTimeLimit'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
 
olcAttributeTypes: ( OLcfgGlAt:68 NAME 'olcTLSCACertificateFile'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
  
olcAttributeTypes: ( OLcfgGlAt:69 NAME 'olcTLSCACertificatePath'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:70 NAME 'olcTLSCertificateFile'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:71 NAME 'olcTLSCertificateKeyFile'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:72 NAME 'olcTLSCipherSuite'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:73 NAME 'olcTLSCRLCheck'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:82 NAME 'olcTLSCRLFile' 
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:74 NAME 'olcTLSRandFile'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:75 NAME 'olcTLSVerifyClient'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:77 NAME 'olcTLSDHParamFile'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgGlAt:80 NAME 'olcToolThreads'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgDbAt:0.12 NAME 'olcUpdateDN'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgDbAt:0.13 NAME 'olcUpdateRef' SUP labeledURI
 EQUALITY caseIgnoreMatch )
 
olcAttributeTypes: ( OLcfgDbAt:0.1 NAME 'olcDbDirectory' 
 DESC 'Directory for database content' EQUALITY caseIgnoreMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

olcAttributeTypes: ( OLcfgDbAt:5.1 NAME 'olcRelay'
 DESC 'Relay DN' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgOvAt:4.1 NAME 'olcAccessLogDB'
 DESC 'Suffix of database for log content' SUP distinguishedName SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgOvAt:4.2 NAME 'olcAccessLogOps' 
 DESC 'Operation types to log' EQUALITY caseIgnoreMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

olcAttributeTypes: ( OLcfgOvAt:4.3 NAME 'olcAccessLogPurge' 
 DESC 'Log cleanup parameters' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )

olcAttributeTypes: ( OLcfgOvAt:4.4 NAME 'olcAccessLogSuccess'
 DESC 'Log successful ops only' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )

olcAttributeTypes: ( OLcfgOvAt:4.5 NAME 'olcAccessLogOld'
 DESC 'Log old values when modifying entries matching the filter'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgOvAt:4.6 NAME 'olcAccessLogOldAttr'
 DESC 'Log old values of these attributes even if unmodified'
 EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
 
##############################################################################
#                                                                            #
# end of olc/slapd.conf directives                                               #
#                                                                            #
##############################################################################

##############################################################################
#                                                                            #
# req attributes                                                             #
#                                                                            #
##############################################################################
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.1 NAME 'reqDN'
 DESC 'Target DN of request' EQUALITY distinguishedNameMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.2 NAME 'reqStart'
 DESC 'Start time of request' EQUALITY generalizedTimeMatch 
 ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE )

olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.3 NAME 'reqEnd'
 DESC 'End time of request' EQUALITY generalizedTimeMatch 
 ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE )

olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.4 NAME 'reqType'
 DESC 'Type of request' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
 SINGLE-VALUE )

olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.5 NAME 'reqSession'
 DESC 'Session ID of request' EQUALITY caseIgnoreMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.6 NAME 'reqAuthzID'
 DESC 'Authorization ID of requestor' EQUALITY distinguishedNameMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.7 NAME 'reqResult'
 DESC 'Result code of request' EQUALITY integerMatch ORDERING integerOrderingMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.8 NAME 'reqMessage'
 DESC 'Error text of request' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
	
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.9 NAME 'reqReferral'
 DESC 'Referrals returned for request' SUP labeledURI )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.10 NAME 'reqControls'
 DESC 'Request controls' EQUALITY objectIdentifierFirstComponentMatch
 SYNTAX 1.3.6.1.4.1.4203.666.11.5.3.1 X-ORDERED 'VALUES' )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.11 NAME 'reqRespControls'
 DESC 'Response controls of request' EQUALITY objectIdentifierFirstComponentMatch
  SYNTAX 1.3.6.1.4.1.4203.666.11.5.3.1 X-ORDERED 'VALUES' )
	
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.12 NAME 'reqId' 
 DESC 'ID of Request to Abandon' EQUALITY integerMatch ORDERING integerOrderingMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.13 NAME 'reqVersion'
 DESC 'Protocol version of Bind request' EQUALITY integerMatch
 ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.14 NAME 'reqMethod'
 DESC 'Bind method of request' EQUALITY caseIgnoreMatch 
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.15 NAME 'reqAssertion'
 DESC 'Compare Assertion of request' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 
 SINGLE-VALUE )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.16 NAME 'reqMod'
 DESC 'Modifications of request' EQUALITY octetStringMatch
 SUBSTR octetStringSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.17 NAME 'reqOld'
 DESC 'Old values of entry before request completed' EQUALITY octetStringMatch
 SUBSTR octetStringSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.18 NAME 'reqNewRDN'
 DESC 'New RDN of request' EQUALITY distinguishedNameMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.19 NAME 'reqDeleteOldRDN'
 DESC 'Delete old RDN' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 
 SINGLE-VALUE )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.20 NAME 'reqNewSuperior'
 DESC 'New superior DN of request' EQUALITY distinguishedNameMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.21 NAME 'reqScope'
 DESC 'Scope of request' EQUALITY caseIgnoreMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.22 NAME 'reqDerefAliases'
 DESC 'Disposition of Aliases in request' EQUALITY caseIgnoreMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.23 NAME 'reqAttrsOnly'
 DESC 'Attributes and values of request' EQUALITY booleanMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.24 NAME 'reqFilter'
 DESC 'Filter of request' EQUALITY caseIgnoreMatch 
 SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
 SINGLE-VALUE )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.25 NAME 'reqAttr'
 DESC 'Attributes of request' EQUALITY caseIgnoreMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.26 NAME 'reqSizeLimit'
 DESC 'Size limit of request' EQUALITY integerMatch ORDERING integerOrderingMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.27 NAME 'reqTimeLimit'
 DESC 'Time limit of request' EQUALITY integerMatch ORDERING integerOrderingMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.28 NAME 'reqEntries'
 DESC 'Number of entries returned' EQUALITY integerMatch 
 ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.29 NAME 'reqData'
 DESC 'Data of extended request' EQUALITY octetStringMatch 
 SUBSTR octetStringSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
 SINGLE-VALUE )
 
##############################################################################
#                                                                            #
# audit attributes                                                           #
#                                                                            #
##############################################################################
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.30 NAME 'auditContext'
 DESC 'DN of auditContainer' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )
 
olcAttributeTypes: ( OLcfgOvAt:15.1 NAME 'olcAuditlogFile'
 DESC 'Filename for auditlogging' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.57 NAME 'entryExpireTimestamp'
 DESC 'RFC2589 OpenLDAP extension: expire time of a dynamic object, computed as n
 ow + entryTtl' EQUALITY generalizedTimeMatch 
 ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )
 
olcAttributeTypes: ( OLcfgOvAt:9.1 NAME 'olcDDSstate'
 DESC 'RFC2589 Dynamic directory services state'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgOvAt:9.2 NAME 'olcDDSmaxTtl'
 DESC 'RFC2589 Dynamic directory services max TTL'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgOvAt:9.3 NAME 'olcDDSminTtl'
 DESC 'RFC2589 Dynamic directory services min TTL' 
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgOvAt:9.4 NAME 'olcDDSdefaultTtl'
 DESC 'RFC2589 Dynamic directory services default TTL' 
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgOvAt:9.5 NAME 'olcDDSinterval'
 DESC 'RFC2589 Dynamic directory services expiration task run interval'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgOvAt:9.6 NAME 'olcDDStolerance'
 DESC 'RFC2589 Dynamic directory services additional TTL in expiration scheduling'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgOvAt:9.7 NAME 'olcDDSmaxDynamicObjects'
 DESC 'RFC2589 Dynamic directory services max number of dynamic objects'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgOvAt:17.1 NAME 'olcDGAttrPair'
 DESC 'Member and MemberURL attribute pair' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
 
olcAttributeTypes: ( OLcfgOvAt:8.1 NAME 'olcDLattrSet'
 DESC 'Dynamic list: <group objectClass>, <URL attributeDescription>, 
 <member attributeDescription>' 
 EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
 X-ORDERED 'VALUES' )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.9.1.1 NAME 'queryId'
 DESC 'ID of query the entry belongs to, formatted as a UUID' 
 EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{64}
 NO-USER-MODIFICATION USAGE directoryOperation )
 
##############################################################################
#                                                                            #
# ppolicly attributes                                                        #
#                                                                            #
##############################################################################

olcAttributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.16 NAME 'pwdChangedTime'
 DESC 'The time the password was last changed' EQUALITY generalizedTimeMatch ORDERING 
 generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALU
 E NO-USER-MODIFICATION USAGE directoryOperation )
 
olcAttributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.17 NAME 'pwdAccountLockedTime' DE
 SC 'The time an user account was locked' EQUALITY generalizedTimeMatch ORDERI
 NG generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-V
 ALUE USAGE directoryOperation )
 
olcAttributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.19 NAME 'pwdFailureTime' DESC 'Th
 e timestamps of the last consecutive authentication failures' EQUALITY genera
 lizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.
 115.121.1.24 NO-USER-MODIFICATION USAGE directoryOperation )
 
olcAttributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.20 NAME 'pwdHistory' DESC 'The hi
 story of users passwords' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.1
 15.121.1.40 NO-USER-MODIFICATION USAGE directoryOperation )
 
olcAttributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.21 NAME 'pwdGraceUseTime' DESC 'T
 he timestamps of the grace login once the password has expired' EQUALITY gene
 ralizedTimeMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 NO-USER-MODIFICATION US
 AGE directoryOperation )
 
olcAttributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.22 NAME 'pwdReset' DESC 'The indi
 cation that the password has been reset' EQUALITY booleanMatch SYNTAX 1.3.6.1
 .4.1.1466.115.121.1.7 SINGLE-VALUE USAGE directoryOperation )
 
olcAttributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.23 NAME 'pwdPolicySubentry' 
 DESC 'The pwdPolicy subentry in effect for this object' 
 EQUALITY distinguishedNameMatch 
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE 
 USAGE directoryOperation )
 
olcAttributeTypes: ( OLcfgOvAt:12.1 NAME 'olcPPolicyDefault' 
 DESC 'DN of a pwdPolicy object for uncustomized objects' SYNTAX OMsDN SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgOvAt:12.2 NAME 'olcPPolicyHashCleartext'
 DESC 'Hash passwords on add or modify' SYNTAX OMsBoolean SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgOvAt:12.4 NAME 'olcPPolicyForwardUpdates' 
 DESC 'Allow policy state updates to be forwarded via updateref' SYNTAX OMsBoolean 
 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgOvAt:12.3 NAME 'olcPPolicyUseLockout' DESC 'Warn clients with AccountLocked' SYNTAX OMsBoolean SINGLE-VALUE )

##############################################################################
#                                                                            #
# pcache attributes                                                          #
#                                                                            #
##############################################################################

olcAttributeTypes: ( PCacheAttributes:1 NAME 'pcacheQueryID' DESC 'ID of query
  the entry belongs to, formatted as a UUID' EQUALITY octetStringMatch SYNTAX 
 1.3.6.1.4.1.1466.115.121.1.40{64} NO-USER-MODIFICATION USAGE directoryOperati
 on )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.9.1.2 NAME 'cachedQueryURL'
 DESC 'URI describing a cached query' EQUALITY caseExactMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 NO-USER-MODIFICATION USAGE directoryOperation )
 
olcAttributeTypes: ( OLcfgOvAt:2.1 NAME 'olcProxyCache'
 DESC 'ProxyCache basicparameters' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )

olcAttributeTypes: ( OLcfgOvAt:2.2 NAME 'olcProxyAttrset'
 DESC 'A set of attributes to cache' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
 
olcAttributeTypes: ( OLcfgOvAt:2.3 NAME 'olcProxyTemplate'
 DESC 'Filter template, attrset, cache TTL, optional negative TTL, optional sizelimit TTL'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
 
olcAttributeTypes: ( OLcfgOvAt:2.4 NAME 'olcProxyResponseCB'
 DESC 'Response callback position in overlay stack' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

olcAttributeTypes: ( OLcfgOvAt:2.5 NAME 'olcProxyCacheQueries'
 DESC 'Maximum number of queries to cache' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )

olcAttributeTypes: ( OLcfgOvAt:2.6 NAME 'olcProxySaveQueries'
 DESC 'Save cached queries for hot restart' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )

olcAttributeTypes: ( OLcfgOvAt:11.1 NAME 'olcRefintAttribute'
 DESC 'Attributes for referential integrity' EQUALITY caseIgnoreMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
 
olcAttributeTypes: ( OLcfgOvAt:11.2 NAME 'olcRefintNothing'
 DESC 'Replacement DN to supply when needed' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
 SINGLE-VALUE )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.4.1.1 NAME 'errCode'
 DESC 'LDAP error code' EQUALITY integerMatch ORDERING integerOrderingMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.4.1.2 NAME 'errOp'
 DESC 'Operations the errObject applies to' EQUALITY caseIgnoreMatch
 SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.4.1.3 NAME 'errText'
 DESC 'LDAP error textual description' EQUALITY caseIgnoreMatch
 SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.4.1.4 NAME 'errSleepTime'
 DESC 'Time to wait before returning the error' EQUALITY integerMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.4.1.5 NAME 'errMatchedDN'
 DESC 'Value to be returned as matched DN' EQUALITY distinguishedNameMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.4.1.6 NAME 'errUnsolicitedOID'
 DESC 'OID to be returned within unsolicited response' 
 EQUALITY objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 SINGLE-VALUE )

olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.4.1.7 NAME 'errUnsolicitedData'
 DESC 'Data to be returned within unsolicited response'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE )
 
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.4.1.8 NAME 'errDisconnect'
 DESC 'Disconnect without notice' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgOvAt:16.1 NAME 'olcRwmRewrite'
 DESC 'Rewrites strings' EQUALITY caseIgnoreMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORDERED 'VALUES' )
 
olcAttributeTypes: ( OLcfgOvAt:16.2 NAME 'olcRwmTFSupport'
 DESC 'Absolute filters support' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgOvAt:16.3 NAME 'olcRwmMap'
 DESC 'maps attributes/objectClasses' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
 X-ORDERED 'VALUES' )
 
olcAttributeTypes: ( OLcfgOvAt:16.4 NAME 'olcRwmNormalizeMapped'
 DESC 'Normalize mapped attributes/objectClasses' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
 SINGLE-VALUE )

##############################################################################
#                                                                            #
# syncprov  attributes                                                       #
#                                                                            #
##############################################################################

olcAttributeTypes: ( OLcfgOvAt:1.1 NAME 'olcSpCheckpoint'
 DESC 'ContextCSN checkpoint interval in ops and minutes'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgOvAt:1.2 NAME 'olcSpSessionlog'
 DESC 'Session log size in ops' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgOvAt:1.3 NAME 'olcSpNoPresent'
 DESC 'Omit Present phase processing' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgOvAt:1.4 NAME 'olcSpReloadHint'
 DESC 'Observe Reload Hint in Request control' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
 SINGLE-VALUE )
 
##############################################################################
#                                                                            #
# translucent attributes                                                     #
#                                                                            #
##############################################################################

olcAttributeTypes: ( OLcfgOvAt:14.1 NAME 'olcTranslucentStrict'
 DESC 'Reveal a ttribute deletion constraint violations'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 
 SINGLE-VALUE )

olcAttributeTypes: ( OLcfgOvAt:14.2 NAME 'olcTranslucentNoGlue'
 DESC 'Disable automatic glue records for ADD and MODRDN' 
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgOvAt:10.1 NAME 'olcUniqueBase'
 DESC 'Subtree for uniqueness searches' EQUALITY distinguishedNameMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgOvAt:10.2 NAME 'olcUniqueIgnore'
 DESC 'Attributes for which uniqueness shall not be enforced'
 EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch
 SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

olcAttributeTypes: ( OLcfgOvAt:10.3 NAME 'olcUniqueAttribute'
 DESC 'Attributes for which uniqueness shall be enforced'
 EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch
 SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
 
olcAttributeTypes: ( OLcfgOvAt:10.4 NAME 'olcUniqueStrict'
 DESC 'Enforce uniqueness of null values' EQUALITY booleanMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgOvAt:10.5 NAME 'olcUniqueURI'
 DESC 'List of keywords and LDAP URIs for a uniqueness domain'
 EQUALITY caseExactMatch ORDERING caseExactOrderingMatch
 SUBSTR caseExactSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
 
olcAttributeTypes: ( OLcfgOvAt:5.1 NAME 'olcValSortAttr'
 DESC 'Sorting rule for attribute under given DN' EQUALITY caseIgnoreMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

##############################################################################
#                                                                            #
# bdb attributes                                                             #
#                                                                            #
##############################################################################

olcAttributeTypes: ( OLcfgDbAt:1.11 NAME 'olcDbCacheFree'
 DESC 'Number of extra entries to free when max is reached'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgDbAt:1.1 NAME 'olcDbCacheSize'
 DESC 'Entry cache size in entries' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

olcAttributeTypes: ( OLcfgDbAt:1.2 NAME 'olcDbCheckpoint'
 DESC 'Database checkpoint interval in kbytes and minutes'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgDbAt:1.3 NAME 'olcDbConfig'
 DESC 'BerkeleyDB DB_CONFIG configuration directives'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORDERED 'VALUES' )
 
olcAttributeTypes: ( OLcfgDbAt:1.4 NAME 'olcDbNoSync'
 DESC 'Disable synchronous database writes' 
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgDbAt:1.5 NAME 'olcDbDirtyRead'
 DESC 'Allow reads of uncommitted data' 
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgDbAt:1.12 NAME 'olcDbDNcacheSize'
 DESC 'DN cache size' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgDbAt:1.6 NAME 'olcDbIDLcacheSize'
 DESC 'IDL cache size in IDLs' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgDbAt:0.2 NAME 'olcDbIndex'
 DESC 'Attribute index parameters' EQUALITY caseIgnoreMatch
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

olcAttributeTypes: ( OLcfgDbAt:12.1 NAME 'olcDbMaxReaders' DESC 'Maximum numbe
 r of threads that may access the DB concurrently' SYNTAX OMsInteger SINGLE-VA
 LUE )
 
olcAttributeTypes: ( OLcfgDbAt:12.2 NAME 'olcDbMaxSize' DESC 'Maximum size of 
 DB in bytes' SYNTAX OMsInteger SINGLE-VALUE )
 
olcAttributeTypes: ( OLcfgDbAt:1.7 NAME 'olcDbLinearIndex'
 DESC 'Index attributes one at a time'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )

olcAttributeTypes: ( OLcfgDbAt:1.8 NAME 'olcDbLockDetect'
 DESC 'Deadlock detection algorithm'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )

olcAttributeTypes: ( OLcfgDbAt:0.3 NAME 'olcDbMode'
 DESC 'Unix permissions of database files'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

olcAttributeTypes: ( OLcfgDbAt:1.9 NAME 'olcDbSearchStack'
 DESC 'Depth of search stack in IDLs'
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:1.10 NAME 'olcDbShmKey'
 DESC 'Key for shared memory region' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

##############################################################################
#                                                                            #
# objectClasses                                                              #
#                                                                            #
##############################################################################
olcObjectClasses: ( 2.5.6.0 NAME 'top' DESC 'top of the superclass chain' 
 ABSTRACT MUST objectClass )

olcObjectClasses: ( 1.3.6.1.4.1.1466.101.120.111 NAME 'extensibleObject' 
 DESC 'RFC4512": extensible object' SUP top AUXILIARY )

olcObjectClasses: ( 2.5.6.1 NAME 'alias' 
 DESC 'RFC4512": an alias' SUP top STRUCTURAL MUST aliasedObjectName )

olcObjectClasses: ( 2.16.840.1.113730.3.2.6 NAME 'referral' 
 DESC 'namedref: named subordinate referral' SUP top STRUCTURAL MUST ref )

olcObjectClasses: ( 1.3.6.1.4.1.4203.1.4.1 
 NAME ( 'OpenLDAProotDSE' 'LDAProotDSE' ) 
 DESC 'OpenLDAP Root DSE object' SUP top STRUCTURAL MAY cn )

olcObjectClasses: ( 2.5.17.0 NAME 'subentry' 
 DESC 'RFC3672: subentry' SUP top STRUCTURAL MUST ( cn $ subtreeSpecification ) )

olcObjectClasses: ( 2.5.20.1 NAME 'subschema' 
 DESC 'RFC4512": controlling subschema (sub)entry' AUXILIARY 
 MAY ( dITStructureRules $ nameForms $ dITContentRules $ objectClasses 
 $ attributeTypes $ matchingRules $ matchingRuleUse ) )

olcObjectClasses: ( 1.3.6.1.4.1.1466.101.119.2 NAME 'dynamicObject' 
 DESC 'RFC2589: Dynamic Object' SUP top AUXILIARY )

olcObjectClasses: ( 1.3.6.1.4.1.4203.666.3.4 NAME 'glue' 
 DESC 'Glue Entry' SUP top STRUCTURAL )

olcObjectClasses: ( OLcfgGlOc:0 NAME 'olcConfig' 
 DESC 'OpenLDAP configuration object' SUP top ABSTRACT )

##############################################################################
#                                                                            #
# olcGlobal objectClass - lists the available global directives supported    #
#                                                                            #
# defines all attributes that can be used in the global section              #
# equivalent to the old directives in the slapd.conf global section          #
# NOTE: no mandatory attributes                                              #
#                                                                            #
##############################################################################

olcObjectClasses: ( OLcfgGlOc:1 NAME 'olcGlobal' DESC 'OpenLDAP Global configu
 ration options' SUP olcConfig STRUCTURAL 
 MAY ( cn $ olcConfigFile $ olcConfigDir $ olcAllows $ olcArgsFile $ olcAttributeOptions
 $ olcAuthIDRewrite $ olcAuthzPolicy $ olcAuthzRegexp $ olcConcurrency 
 $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcDisallows $ olcGentleHUP 
 $ olcIdleTimeout $ olcIndexSubstrIfMaxLen $ olcIndexSubstrIfMinLen 
 $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcIndexIntLen $ olcLocalSSF 
 $ olcLogFile $ olcLogLevel $ olcPasswordCryptSaltFormat $ olcPasswordHash $ olcPidFile 
 $ olcPluginLogFile $ olcReadOnly $ olcReferral $ olcReplogFile $ olcRequires 
 $ olcRestrict $ olcReverseLookup $ olcRootDSE $ olcSaslHost $ olcSaslRealm 
 $ olcSaslSecProps $ olcSecurity $ olcServerID $ olcSizeLimit 
 $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads 
 $ olcTimeLimit $ olcTLSCACertificateFile $ olcTLSCACertificatePath 
 $ olcTLSCertificateFile $ olcTLSCertificateKeyFile $ olcTLSCipherSuite 
 $ olcTLSCRLCheck $ olcTLSRandFile $ olcTLSVerifyClient $ olcTLSDHParamFile 
 $ olcTLSCRLFile $ olcToolThreads $ olcObjectIdentifier $ olcAttributeTypes 
 $ olcObjectClasses $ olcDitContentRules ) )

olcObjectClasses: ( OLcfgGlOc:2 NAME 'olcSchemaConfig' 
 DESC 'OpenLDAP schema object' SUP olcConfig STRUCTURAL 
 MAY ( cn $ olcObjectIdentifier $ olcAttributeTypes $ olcObjectClasses $ olcDitContentRules ) )

olcObjectClasses: ( OLcfgGlOc:3 NAME 'olcBackendConfig' 
 DESC 'OpenLDAP Backend-specific options' SUP olcConfig STRUCTURAL 
 MUST olcBackend )

##############################################################################
#                                                                            #
# olcDatabaseConfig objectClass - generic database definition                #
#                                                                            #
# always has a type specific database objectclass as a child                 #
#                                                                            #
##############################################################################
olcObjectClasses: ( OLcfgGlOc:4 NAME 'olcDatabaseConfig' 
 DESC 'OpenLDAP Database-specific options' SUP olcConfig STRUCTURAL 
 MUST olcDatabase 
 MAY ( olcHidden $ olcSuffix $ olcSubordinate $ olcAccess $ olcLastMod $ olcLimits 
 $ olcMaxDerefDepth $ olcPlugin $ olcReadOnly $ olcReplica $ olcReplicaArgsFile 
 $ olcReplicaPidFile $ olcReplicationInterval $ olcReplogFile $ olcRequires 
 $ olcRestrict $ olcRootDN $ olcRootPW $ olcSchemaDN $ olcSecurity $ olcSizeLimit 
 $ olcSyncrepl $ olcTimeLimit $ olcUpdateDN $ olcUpdateRef $ olcMirrorMode 
 $ olcMonitoring ) )
 
olcObjectClasses: ( OLcfgGlOc:6 NAME 'olcIncludeFile' 
 DESC 'OpenLDAP configuration include file' SUP olcConfig STRUCTURAL 
 MUST olcInclude MAY ( cn $ olcRootDSE ) )

olcObjectClasses: ( OLcfgGlOc:7 NAME 'olcFrontendConfig' 
 DESC 'OpenLDAP frontend configuration' AUXILIARY MAY 
 ( olcDefaultSearchBase $ olcPasswordHash $ olcSortVals ) )

olcObjectClasses: ( OLcfgGlOc:8 NAME 'olcModuleList' 
 DESC 'OpenLDAP dynamic module info' SUP olcConfig STRUCTURAL 
 MAY ( cn $ olcModulePath $ olcModuleLoad ) )

olcObjectClasses: ( OLcfgDbOc:2.1 NAME 'olcLdifConfig' 
 DESC 'LDIF backend configuration' SUP olcDatabaseConfig STRUCTURAL MUST olcDbDirectory )

olcObjectClasses: ( OLcfgDbOc:12.1 NAME 'olcMdbConfig' 
 DESC 'MDB backend configuration' SUP olcDatabaseConfig STRUCTURAL MUST olcDbDirectory 
 MAY ( olcDbCheckpoint $ olcDbNoSync $ olcDbIndex $ olcDbMaxReaders $ olcDbMaxsize $ 
 olcDbMode $ olcDbSearchStack ) )

olcObjectClasses: ( OLcfgDbOc:5.1 NAME 'olcRelayConfig' 
 DESC 'Relay backend configuration' SUP olcDatabaseConfig STRUCTURAL MAY olcRelay )
##############################################################################
#                                                                            #
# olcOverlayConfig objectClass - generic objectclass                         #
#                                                                            #
# always has an overlay specific objectclass as a child                      #
#                                                                            #
##############################################################################
olcObjectClasses: ( OLcfgGlOc:5 NAME 'olcOverlayConfig' 
 DESC 'OpenLDAP Overlay-specific options' SUP olcConfig STRUCTURAL 
 MUST olcOverlay )

##############################################################################
#                                                                            #
# AccessLog objectClass                                                      #
#                                                                            #
##############################################################################
olcObjectClasses: ( OLcfgOvOc:4.1 NAME 'olcAccessLogConfig' 
 DESC 'Access log configuration' SUP olcOverlayConfig STRUCTURAL 
 MUST olcAccessLogDB 
 MAY ( olcAccessLogOps $ olcAccessLogPurge $ olcAccessLogSuccess $ olcAccessLogOld 
 $ olcAccessLogOldAttr ) )

##############################################################################
#                                                                            #
# Audit objectClasses                                                        #
#                                                                            #
##############################################################################
olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.0 NAME 'auditContainer' 
 DESC 'AuditLog container' SUP top STRUCTURAL MAY ( cn $ reqStart $ reqEnd ) )
 
olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.1 NAME 'auditObject' 
 DESC 'OpenLDAP request auditing' SUP top STRUCTURAL 
 MUST ( reqStart $ reqType $ reqSession ) 
 MAY ( reqID $ reqAuthzID $ reqControls $ reqRespControls $ reqEnd 
 $ reqResult $ reqMessage $ reqReferral ) )
 
olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.2 
 NAME 'auditReadObject' 
 DESC 'OpenLDAP read request record' SUP auditObject STRUCTURAL )

olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.3 NAME 'auditWriteObject' 
 DESC 'OpenLDAP write request record' SUP auditObject STRUCTURAL )

olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.4 NAME 'auditAbandon' 
 DESC 'Abandon operation' SUP auditObject STRUCTURAL MUST reqId )

olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.5 NAME 'auditAdd' 
 DESC 'Add operation' SUP auditWriteObject STRUCTURAL MUST reqMod )

olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.6 NAME 'auditBind' 
 DESC 'Bind operation' SUP auditObject STRUCTURAL MUST ( reqVersion $ reqMethod ) )

olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.7 NAME 'auditCompare' 
 DESC 'Compare operation' SUP auditReadObject STRUCTURAL MUST reqAssertion )

olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.8 NAME 'auditDelete' 
 DESC 'Delete operation' SUP auditWriteObject STRUCTURAL MAY reqOld )

olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.9 NAME 'auditModify' 
 DESC 'Modify operation' SUP auditWriteObject STRUCTURAL MUST reqMod MAY reqOld )

olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.10 NAME 'auditModRDN' 
 DESC 'ModRDN operation' SUP auditWriteObject STRUCTURAL 
 MUST ( reqNewRDN $ reqDeleteOldRDN )
 MAY ( reqNewSuperior $ reqMod $ reqOld ) )

olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.11 NAME 'auditSearch' 
 DESC 'Search operation' SUP auditreadObject STRUCTURAL 
 MUST ( reqScope $ reqDerefAliases $ reqAttrsonly ) 
 MAY ( reqFilter $ reqAttr $ reqEntries $ reqSizeLimit $ reqTimeLimit ) )

olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.12 NAME 'auditExtended' 
 DESC 'Extended operation' SUP auditObject STRUCTURAL MAY reqData )

olcObjectClasses: ( OLcfgOvOc:15.1 NAME 'olcAuditlogConfig' 
 DESC 'Auditlog configuration' SUP olcOverlayConfig STRUCTURAL MAY olcAuditlogFile )

olcObjectClasses: ( OLcfgOvOc:9.1 NAME 'olcDDSConfig' 
 DESC 'RFC2589 Dynamic directory services configuration' SUP olcOverlayConfig
 STRUCTURAL MAY ( olcDDSstate $ olcDDSmaxTtl $ olcDDSminTtl $ olcDDSdefaultTtl 
 $ olcDDSinterval $ olcDDStolerance $ olcDDSmaxDynamicObjects ) )

olcObjectClasses: ( OLcfgOvOc:17.1 NAME 'olcDGConfig' 
 DESC 'Dynamic Group configuration' SUP olcOverlayConfig STRUCTURAL MAY olcDGAttrPair )

olcObjectClasses: ( OLcfgOvOc:8.1 NAME 'olcDynamicList' 
 DESC 'Dynamic list configuration' SUP olcOverlayConfig STRUCTURAL MAY olcDLattrSet )

olcObjectClasses: ( OLcfgOvOc:18.1 NAME 'olcMemberOf' DESC 'Member-of configuration' SUP olcOverlayConfig STRUCTURAL MAY ( olcMemberOfDN $ olcMemberOfDangl
 ing $ olcMemberOfDanglingError $ olcMemberOfRefInt $ olcMemberOfGroupOC $ olc
 MemberOfMemberAD $ olcMemberOfMemberOfAD ) )

##############################################################################
#                                                                            #
# olcPPolicyConfig objectClass                                               #
#                                                                            #
##############################################################################
olcObjectClasses: ( OLcfgOvOc:12.1 NAME 'olcPPolicyConfig'
 DESC 'Password Policy configuration' SUP olcOverlayConfig STRUCTURAL 
 MAY ( olcPPolicyDefault $ olcPPolicyHashCleartext $ olcPPolicyUseLockout 
 $ olcPPolicyForwardUpdates ) )
 
##############################################################################
#                                                                            #
# olcPcache objectClasses                                                    #
#                                                                            #
##############################################################################
olcObjectClasses: ( OLcfgOvOc:2.1 NAME 'olcPcacheConfig' 
 DESC 'ProxyCache configuration' SUP olcOverlayConfig STRUCTURAL 
 MUST ( olcProxyCache $ olcProxyAttrset $ olcProxyTemplate ) 
 MAY ( olcProxyResponseCB $ olcProxyCacheQueries $ olcProxySaveQueries ) )

olcObjectClasses: ( OLcfgOvOc:2.2 NAME 'olcPcacheDatabase' 
 DESC 'Cache database configuration' AUXILIARY )

olcObjectClasses: ( OLcfgOvOc:11.1 NAME 'olcRefintConfig' 
 DESC 'Referential integrity configuration' SUP olcOverlayConfig STRUCTURAL 
 MAY ( olcRefintAttribute $ olcRefintNothing ) )

olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.4.3.0 NAME 'errAbsObject' 
 SUP top ABSTRACT MUST errCode 
 MAY ( cn $ description $ errOp $ errText $ errSleepTime $ errMatchedDN 
 $ errUnsolicitedOID $ errUnsolicitedData $ errDisconnect ) )

olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.4.3.1 NAME 'errObject' 
 SUP errAbsObject STRUCTURAL )

olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.4.3.2 NAME 'errAuxObject' 
 SUP errAbsObject AUXILIARY )

olcObjectClasses: ( OLcfgOvOc:16.1 NAME 'olcRwmConfig' 
 DESC 'Rewrite/remap configuration' SUP olcOverlayConfig STRUCTURAL 
 MAY ( olcRwmRewrite $ olcRwmTFSupport $ olcRwmMap $ olcRwmNormalizeMapped ) )

##############################################################################
#                                                                            #
# olcSyncProvConfig objectClasses                                            #
#                                                                            #
##############################################################################
olcObjectClasses: ( OLcfgOvOc:1.1 NAME 'olcSyncProvConfig' 
 DESC 'SyncRepl Provider configuration' SUP olcOverlayConfig STRUCTURAL 
 MAY ( olcSpCheckpoint $ olcSpSessionlog $ olcSpNoPresent  $ olcSpReloadHint) )

olcObjectClasses: ( 1.3.6.1.4.1.4203.666.3.5 NAME 'syncConsumerSubentry' 
 DESC 'Persistent Info for SyncRepl Consumer' AUXILIARY MAY syncreplCookie )

olcObjectClasses: ( 1.3.6.1.4.1.4203.666.3.6 NAME 'syncProviderSubentry' 
 DESC 'Persistent Info for SyncRepl Producer' AUXILIARY MAY contextCSN )

olcObjectClasses: ( OLcfgOvOc:14.1 NAME 'olcTranslucentConfig' 
 DESC 'Translucent configuration' SUP olcOverlayConfig STRUCTURAL 
 MAY ( olcTranslucentStrict $ olcTranslucentNoGlue ) )

olcObjectClasses: ( OLcfgOvOc:14.2 NAME 'olcTranslucentDatabase' 
 DESC 'Translucent target database configuration' AUXILIARY )

olcObjectClasses: ( OLcfgOvOc:10.1 NAME 'olcUniqueConfig' 
 DESC 'Attribute value uniqueness configuration' SUP olcOverlayConfig STRUCTURAL
 MAY ( olcUniqueBase $ olcUniqueIgnore $ olcUniqueAttribute $ olcUniqueStrict 
 $ olcUniqueURI ) )

olcObjectClasses: ( OLcfgOvOc:5.1 NAME 'olcValSortConfig' 
 DESC 'Value Sorting configuration' SUP olcOverlayConfig STRUCTURAL 
 MUST olcValSortAttr )

olcObjectClasses: ( OLcfgDbOc:1.1 NAME 'olcBdbConfig' 
 DESC 'BDB backend configuration' SUP olcDatabaseConfig STRUCTURAL 
 MUST olcDbDirectory 
 MAY ( olcDbCacheSize $ olcDbCheckpoint $ olcDbConfig 
 $ olcDbNoSync $ olcDbDirtyRead $ olcDbIDLcacheSize $ olcDbIndex 
 $ olcDbLinearIndex $ olcDbLockDetect $ olcDbMode $ olcDbSearchStack 
 $ olcDbShmKey $ olcDbCacheFree $ olcDbDNcacheSize ) )

olcObjectClasses: ( 1.3.6.1.4.1.4203.666.3.16.1 NAME 'monitor' DESC 'OpenLDAP 
 system monitoring' SUP top STRUCTURAL MUST cn MAY ( description $ seeAlso $ l
 abeledURI $ monitoredInfo $ managedInfo $ monitorOverlay ) )
 
olcObjectClasses: ( 1.3.6.1.4.1.4203.666.3.16.2 NAME 'monitorServer' DESC 'Ser
 ver monitoring root entry' SUP monitor STRUCTURAL )
 
olcObjectClasses: ( 1.3.6.1.4.1.4203.666.3.16.3 NAME 'monitorContainer' DESC '
 monitor container class' SUP monitor STRUCTURAL )
 
olcObjectClasses: ( 1.3.6.1.4.1.4203.666.3.16.4 NAME 'monitorCounterObject' DE
 SC 'monitor counter class' SUP monitor STRUCTURAL )
 
olcObjectClasses: ( 1.3.6.1.4.1.4203.666.3.16.5 NAME 'monitorOperation' DESC '
 monitor operation class' SUP monitor STRUCTURAL )
 
olcObjectClasses: ( 1.3.6.1.4.1.4203.666.3.16.6 NAME 'monitorConnection' DESC 
 'monitor connection class' SUP monitor STRUCTURAL )
 
olcObjectClasses: ( 1.3.6.1.4.1.4203.666.3.16.7 NAME 'managedObject' DESC 'mon
 itor managed entity class' SUP monitor STRUCTURAL )
 
olcObjectClasses: ( 1.3.6.1.4.1.4203.666.3.16.8 NAME 'monitoredObject' DESC 'm
 onitor monitored entity class' SUP monitor STRUCTURAL )
 
olcObjectClasses: ( OLcfgDbOc:4.1 NAME 'olcMonitorConfig' DESC 'Monitor backen
 d configuration' SUP olcDatabaseConfig STRUCTURAL )
 
olcObjectClasses: ( olmBDBObjectClasses:1 NAME 'olmBDBDatabase' SUP top AUXILI
 ARY MAY ( olmBDBEntryCache $ olmBDBDNCache $ olmBDBIDLCache $ olmDbDirectory 
 ) )



Проблемы, комментарии, предположения, исправления (включая битые ссылки) или есть что добавить? Пожалуйста, выкроите время в потоке занятой жизни, чтобы написать нам, вебмастеру или в службу поддержки. Оставшийся день Вы проведёте с чувством удовлетворения.

Нашли ошибку в переводе? Сообщите переводчикам!

Copyright © 1994-2017 ZyTrax, Inc. Все права защищены. Последнее изменение страницы: 21 октября 2015 г.
Переведено участниками проекта Pro-LDAP.ru в 2012 г.

Эта страница

Содержание

Приложение E: OpenLDAP config.ldif
OpenLDAP 2.4 Руководство

Содержание

Введение в службы каталогов OpenLDAPБыстрое развёртывание и начало работыОбщая картина - варианты конфигурацииСборка и установка OpenLDAPНастройка slapd

 

Конфигурационный файл slapdЗапуск slapdКонтроль доступаОграниченияИнструментыМеханизмы манипуляции даннымиНаложенияСпецификация схемы

 

БезопасностьSASLTLSРаспределённая служба каталоговРепликацияОбслуживаниеМониторингПроизводительностьУстранение неполадок
Перевод официального руководства OpenLDAP 2.4 Admin Guide
Полное содержание здесь
LDAP для учёных-ракетчиков

Содержание

О книгеКонцепции LDAPОбъекты LDAPУстановка LDAPПримерыНастройкаРепликация и отсылкиLDIF и DSMLПротоколLDAP API

 

HOWTOНеполадкиПроизводительностьИнструменты LDAPБезопасностьЗаметкиРесурсы LDAPRFC и X.500ГлоссарийОбъекты
Перевод "LDAP for Rocket Scientists"
Полное содержание здесь
Ресурсы

Книги

Руководство OpenLDAP 2.4LDAP для учёных-ракетчиков

Другие

СтатьиТермины LDAPman-страницы OpenLDAP 2.4Список RFCКлиенты LDAPФайлы наборов схемы
Полезные ресурсы
Форум

 

Разделы форумаНепрочитанные сообщенияПоследние сообщения
Форум проекта
Главная

Pro-LDAP.ru

О проектеНовости проектаУчастникиСтаньте участником!Сообщите об ошибке!Об авторских правахСоглашения проекта
Присоединяйсь!