upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-12-29 02:59:34 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

clarify that slapo-rwm could hide rootDSE and subschema

Browse source
This commit is contained in:
Pierangelo Masarati 2007-05-21 00:01:49 +00:00
parent 101b6b9363
commit fb171a06d4
1 changed files with 14 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
doc/man/man5/slapo-rwm.5
View file

@ -78,6 +78,20 @@ overlay is the capability to perform suffix massaging between a virtual
and a real naming context by means of the
.B rwm-suffixmassage
directive.
This, in conjunction with proxy backends,
.BR slapd-ldap (5)
and
.BR slapd-meta (5),
or with the relay backend,
.BR slapd-relay (5),
allows to create virtual views of databases.
A distinguishing feature of this overlay is that, when instantiated
before any database, it can modify the DN of requests
.I before
database selection.
For this reason, rules that rewrite the empty DN ("")
or the subschemaSubentry DN (usually "cn=subschema"),
would prevent clients from reading the root DSE or the DSA's schema.
.TP
.B rwm-suffixmassage "[<virtual naming context>]" "<real naming context>"
Shortcut to implement naming context rewriting; the trailing part