Provided by: slapd_2.5.18+dfsg-0ubuntu0.22.04.2_amd64 bug

NAME

       slapd.overlays - overlays for slapd, the stand-alone LDAP daemon

DESCRIPTION

       The  slapd(8) daemon can use a variety of different overlays to alter or extend the normal
       behavior of a database backend.  Overlays may be compiled statically into slapd,  or  when
       module  support  is enabled, they may be dynamically loaded. Most of the overlays are only
       allowed to be configured  on  individual  databases,  but  some  may  also  be  configured
       globally.

       Configuration  options  for  each  overlay  are documented separately in the corresponding
       slapo-<overlay>(5) manual pages.

       accesslog
              Access Logging.  This overlay can record accesses to a given  backend  database  on
              another database.

       auditlog
              Audit Logging.  This overlay records changes on a given backend database to an LDIF
              log file.  By default it is not built.

       autoca Automatic  Certificate  Authority  overlay.   This  overlay  can   generate   X.509
              certificate/key  pairs  for entries in the directory if slapd is linked to OpenSSL.
              By default it is not built.

       chain  Chaining.  This overlay allows automatic referral chasing  when  a  referral  would
              have  been  returned, either when configured by the server or when requested by the
              client.

       collect
              Collective Attributes.  This overlay implements  RFC  3671  collective  attributes;
              these  attributes  share  common  values  over all the members of the collection as
              inherited from an ancestor entry.

       constraint
              Constraint.  This overlay enforces a regular expression constraint on all values of
              specified  attributes.  It  is  used  to  enforce  a  more rigorous syntax when the
              underlying attribute syntax is too general.

       dds    Dynamic Directory Services.  This overlay supports dynamic objects,  which  have  a
              limited life after which they expire and are automatically deleted.

       deref  Dereference  Control.   This  overlay implements the draft Dereference control. The
              overlay can be used with any backend or globally for all backends.

       dyngroup
              Dynamic Group.  This is a demo overlay  which  extends  the  Compare  operation  to
              detect members of a dynamic group.  It has no effect on any other operations.

       dynlist
              Dynamic List.  This overlay allows expansion of dynamic groups and more.

       homedir
              Home  Directory  Provisioning.   This  overlay  manages  creation/deletion  of home
              directories for LDAP-based Unix accounts.

       memberof
              MemberOf.  This  overlay  maintains  automatic  reverse  group  membership  values,
              typically  stored  in  an attribute called memberOf. This overlay is deprecated and
              should be replaced with dynlist.

       otp    OATH One-Time Password module.  This module allows  time-based  one-time  password,
              AKA  "authenticator-style",  and  HMAC-based one-time password authentication to be
              used in conjunction with a standard LDAP password for two factor authentication.

       pbind  Proxybind.  This overlay forwards simple bind requests on a  local  database  to  a
              remote LDAP server.

       pcache Proxycache.   This  overlay  allows  caching  of  LDAP  search  requests in a local
              database.  It is most often used with the slapd-ldap(5) or slapd-meta(5) backends.

       ppolicy
              Password Policy.  This overlay provides a variety of password  control  mechanisms,
              e.g.  password  aging,  password  reuse and duplication control, mandatory password
              resets, etc.

       refint Referential Integrity.  This overlay can be used with a backend  database  such  as
              slapd-mdb(5)  to  maintain  the  cohesiveness  of a schema which utilizes reference
              attributes.

       remoteauth
              Remote Authentication.  This overlay delegates authentication  requests  to  remote
              directories.

       retcode
              Return  Code.   This overlay is useful to test the behavior of clients when server-
              generated erroneous and/or unusual responses occur.

       rwm    Rewrite/remap.  This overlay is experimental.  It performs  basic  DN/data  rewrite
              and objectClass/attributeType mapping.

       sssvlv Server  Side  Sorting  and Virtual List Views.  This overlay implements the RFC2891
              server-side sorting control and  virtual  list  view  controls,  and  replaces  the
              RFC2696 paged-results implementation to ensure it works with the sorting technique.

       syncprov
              Syncrepl  Provider.  This overlay implements the provider-side support for syncrepl
              replication, including persistent search functionality.

       translucent
              Translucent Proxy.  This overlay can be  used  with  a  backend  database  such  as
              slapd-mdb(5)  to create a "translucent proxy".  Content of entries retrieved from a
              remote LDAP server can be partially overridden by the database.

       unique Attribute Uniqueness.  This overlay can be used with a  backend  database  such  as
              slapd-mdb(5) to enforce the uniqueness of some or all attributes within a subtree.

       valsort
              Value Sorting.  This overlay can be used to enforce a specific order for the values
              of an attribute when it is returned in a search.

FILES

       /etc/ldap/slapd.conf
              default slapd configuration file

       /etc/ldap/slapd.d
              default slapd configuration directory

SEE ALSO

       ldap(3),   slapo-accesslog(5),   slapo-auditlog(5),    slapo-autoca(5),    slapo-chain(5),
       slapo-collect(5),  slapo-constraint(5),  slapo-dds(5),  slapo-deref(5), slapo-dyngroup(5),
       slapo-dynlist(5), slapo-memberof(5),  slapo-pbind(5),  slapo-pcache(5),  slapo-ppolicy(5),
       slapo-refint(5),  slapo-remoteauth(5),  slapo-retcode(5),  slapo-rwm(5),  slapo-sssvlv(5),
       slapo-syncprov(5),     slapo-translucent(5),      slapo-unique(5).       slapo-valsort(5).
       slapd-config(5),  slapd.conf(5),  slapd.backends(5),  slapd(8).  "OpenLDAP Administrator's
       Guide" (http://www.OpenLDAP.org/doc/admin/)

ACKNOWLEDGEMENTS

       OpenLDAP   Software   is   developed   and   maintained   by    The    OpenLDAP    Project
       <http://www.openldap.org/>.   OpenLDAP Software is derived from the University of Michigan
       LDAP 3.3 Release.