[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: RFC: New Admin Guide Layout
I forgot a debugging slapd section in Troubleshooting and a Migration
section for moving from slapd.conf to slapd.d dirs etc.
Gavin.
<quote who="Gavin Henry">
> Dear All,
>
> We all know the docs weaknesses, I've started this to try and
> address them, as more and more people are using our docs as
> an excuse not to use OpenLDAP. We all know that is wrong, but
> my goal is to equal or surpass the quality of the software with
> the docs.
>
> Details:
>
> Changes:
>
> * Deeper TOC
> * When to use LDAP and age old question of LDAP vs RDBMS
> * Incorporated many FAQ-O-MATIC topics (for above also)
> * Answers to Common mailing list topics and IRC #ldap topics
> * Generic TLS Cert Generation Methods
>
> == Maybe create an Advanced section for below? (currently in same heading
> level as the rest) ==
>
> * Included all Overlays and Backends
> * More Replication discussions/strategies, include N-Way MultiMaster and
> MirrorMode (no sublevels yet)
> * Re-ordered layout
> * New sections: Maintainence, Tuning, Troubleshooting and Example
> Configuration Files in the Appendix (light on sub-levels).
>
>
> This is obviously just the start, but a good place to be in I think. It's
> a lot easier to write peices once we have a topic list to tick off.
>
> Feel free to chop and change ordering etc. It's a start.
>
> Now we need to delegate! ;-)
>
>
>
> New version:
>
> Table of Contents
>
> Preface
> 1. Introduction to OpenLDAP Directory Services
> 1.1. What is a directory service?
> 1.2. What is LDAP?
> 1.3. How does LDAP work?
> 1.4. What about X.500?
> 1.5. What is the difference between LDAPv2 and LDAPv3?
> 1.6. When should I use LDAP?
> 1.7. When should I not use LDAP?
> 1.8. LDAP vs RDBMS
> 1.9. What is slapd and what can it do?
> 2. A Quick-Start Guide
> 3. The Big Picture - Configuration Choices
> 3.1. Local Directory Service
> 3.2. Local Directory Service with Referrals
> 3.3. Replicated Directory Service
> 3.4. Distributed Local Directory Service
> 4. Building and Installing OpenLDAP Software
> 4.1. Obtaining and Extracting the Software
> 4.2. Prerequisite software
> 4.2.1. Transport Layer Security
> 4.2.2. Simple Authentication and Security Layer
> 4.2.3. Kerberos Authentication Service
> 4.2.4. Database Software
> 4.2.5. Threads
> 4.2.6. TCP Wrappers
> 4.3. Running configure
> 4.4. Building the Software
> 4.5. Testing the Software
> 4.6. Installing the Software
> 5. Configuring slapd
> 5.1. Configuration Layout
> 5.2. Configuration Directives
> 5.2.1. cn=config
> 5.2.2. cn=include
> 5.2.3. cn=module
> 5.2.4. cn=schema
> 5.2.5. Backend-specific Directives
> 5.2.6. Database-specific Directives
> 5.2.7. BDB and HDB Database Directives
> 5.3. Access Control
> 5.3.1. What to control access to
> 5.3.2. Who to grant access to
> 5.3.3. The access to grant
> 5.3.4. Access Control Evaluation
> 5.3.5. Access Control Examples
> 5.3.6. Access Control Ordering
> 5.4. Configuration Example
> 6. The slapd Configuration File
> 6.1. Configuration File Format
> 6.2. Configuration File Directives
> 6.2.1. Global Directives
> 6.2.2. General Backend Directives
> 6.2.3. General Database Directives
> 6.2.4. BDB and HDB Database Directives
> 6.3. The access Configuration Directive
> 6.3.1. What to control access to
> 6.3.2. Who to grant access to
> 6.3.3. The access to grant
> 6.3.4. Access Control Evaluation
> 6.3.5. Access Control Examples
> 6.4. Configuration File Example
> 7. Running slapd
> 7.1. Command-Line Options
> 7.2. Starting slapd
> 7.3. Stopping slapd
> 8. Database Creation and Maintenance Tools
> 8.1. Creating a database over LDAP
> 8.2. Creating a database off-line
> 8.2.1. The slapadd program
> 8.2.2. The slapindex program
> 8.2.3. The slapcat program
> 8.3. The LDIF text entry format
> 9. Backends
> 9.1. Berkeley DB backends
> 9.1.1. Overview
> 9.1.2. back-bdb/back-hdb Configuration
> 9.1.2. Further Information
> 9.2. LDAP
> 9.1.1. Overview
> 9.1.2. back-ldap Configuration
> 9.1.2. Further Information
> 9.3. LDIF
> 9.1.1. Overview
> 9.1.2. back-ldif Configuration
> 9.1.2. Further Information
> 9.4. Metadirectory
> 9.1.1. Overview
> 9.1.2. back-meta Configuration
> 9.1.2. Further Information
> 9.5. Monitor
> 9.1.1. Overview
> 9.1.2. back-monitor Configuration
> 9.1.2. Further Information
> 9.6. Relay
> 9.1.1. Overview
> 9.1.2. back-relay Configuration
> 9.1.2. Further Information
> 9.7. Perl/Shell
> 9.1.1. Overview
> 9.1.2. back-perl/back-shell Configuration
> 9.1.2. Further Information
> 9.8. SQL
> 9.1.1. Overview
> 9.1.2. back-sql Configuration
> 9.1.2. Further Information
> 9.9. Senarios
> 10. Overlays
> 10.1. Access Logging
> 10.1.1. Overview
> 10.1.2. Access Logging Configuration
> 10.2. Audit Logging
> 10.2.1. Overview
> 10.2.2. Audit Logging Configuration
> 10.3. Constraints
> 10.3.1. Overview
> 10.3.2. Constraint Configuration
> 10.4. Dynamic Directory Services
> 10.4.1. Overview
> 10.4.2. Dynamic Directory Service Configuration
> 10.5. Dynamic Groups
> 10.5.1. Overview
> 10.5.2. Dynamic Group Configuration
> 10.6. Dynamic Lists
> 10.6.1. Overview
> 10.6.2. Dynamic List Configuration
> 10.7. The Proxy Cache Engine
> 10.7.1. Overview
> 10.7.2. Proxy Cache Configuration
> 10.7.1.1. Setting cache parameters
> 10.7.2.1. Defining attribute sets
> 10.7.3.1. Specifying cacheable templates
> 10.7.4.1. Example
> 10.8. Password Policies
> 10.8.1. Overview
> 10.8.2. Password Policy Configuration
> 10.9. Referential Integrity
> 10.9.1. Overview
> 10.9.2. Referential Integrity Configuration
> 10.10. Return Code
> 10.10.1. Overview
> 10.10.2. Return Code Configuration
> 10.11. Rewrite/Remap
> 10.11.1. Overview
> 10.11.2. Rewrite/Remap Configuration
> 10.12. Sync Provider
> 10.12.1. Overview
> 10.12.2. Sync Provider Configuration
> 10.13. Translucent Proxy
> 10.13.1. Overview
> 10.13.2. Translucent Proxy Configuration
> 10.14. Attribute Uniqueness
> 10.14.1. Overview
> 10.14.2. Attribute Uniqueness Configuration
> 10.15. Value Sorting
> 10.15.1. Overview
> 10.15.2. Value Sorting Configuration
> 10.16. Overlay Stacking
> 10.16.1. Overview
> 10.16.2. Example Senarios
> 11. Schema Specification
> 11.1. Distributed Schema Files
> 11.2. Extending Schema
> 11.2.1. Object Identifiers
> 11.2.2. Naming Elements
> 11.2.3. Local schema file
> 11.2.4. Attribute Type Specification
> 11.2.5. Object Class Specification
> 11.2.6. OID Macros
> 12. Security Considerations
> 12.1. Network Security
> 12.1.1. Selective Listening
> 12.1.2. IP Firewall
> 12.1.3. TCP Wrappers
> 12.2. Data Integrity and Confidentiality Protection
> 11.2.1. Security Strength Factors
> 12.3. Authentication Methods
> 12.3.1. "simple" method
> 12.3.2. SASL method
> 13. Using SASL
> 13.1. SASL Security Considerations
> 13.2. SASL Authentication
> 13.2.1. GSSAPI
> 13.2.2. KERBEROS_V4
> 13.2.3. DIGEST-MD5
> 13.2.4. Mapping Authentication Identities
> 13.2.5. Direct Mapping
> 13.2.6. Search-based mappings
> 13.3. SASL Proxy Authorization
> 13.3.1. Uses of Proxy Authorization
> 13.3.2. SASL Authorization Identities
> 13.3.3. Proxy Authorization Rules
> 14. Using TLS
> 14.1. TLS Certificates
> 14.1.1. Generic Certificate Generation Methods
> 14.1.2. Server Certificates
> 14.1.3. Client Certificates
> 14.2. TLS Configuration
> 14.2.1. Server Configuration
> 14.2.2. Client Configuration
> 15. Constructing a Distributed Directory Service
> 15.1. Subordinate Knowledge Information
> 15.2. Superior Knowledge Information
> 15.3. The ManageDsaIT Control
> 16. Replication
> 16.1. Replication Strategies
> 16.2. Replication types
> 16.2.1. slurpd replication
> 16.2.2. syncrepl replication
> 16.2.3. delta-syncrepl replication
> 16.2.4. N-Way Multi-Master
> 16.2.5. MirrorMode
> 16.3. Replication with Slurpd
> 16.3.1. Overview
> 16.3.2. Replication Logs
> 16.3.3. Command-Line Options
> 16.3.4. Configuring slurpd and a slave slapd instance
> 16.3.4.1. Set up the master slapd
> 16.3.4.2. Set up the slave slapd
> 16.3.4.3. Shut down the master server
> 16.3.4.4. Copy the master slapd's database to the
> slave
> 16.3.4.5. Configure the master slapd for replication
> 16.3.4.6. Restart the master slapd and start the
> slave slapd
> 16.3.4.7. Start slurpd
> 16.3.5. Advanced slurpd Operation
> 16.3.5.1. Replication errors
> 16.3.5.2. One-shot mode and reject files
> 16.4. LDAP Sync Replication
> 16.4.1. The LDAP Content Synchronization Protocol
> 16.4.2. Syncrepl Details
> 16.4.3. Configuring Syncrepl
> 16.4.3.1. Set up the provider slapd
> 16.4.3.2. Set up the consumer slapd
> 16.4.3.3. Start the provider and the consumer
> slapd
> 16.4.3.4. Delta SyncRepl Replication Configuration
> 16.5. N-Way Multi-Master
> 16.6. MirrorMode
> 17. Maintenance
> 17.1. Directory Backups
> 17.2. Berkeley DB Logs
> 17.3. Checkpointing
> 18. Monitoring
> 18.1. Monitor configuration via cn=config(5)
> 18.2. Monitor configuration via slapd.conf(5)
> 18.3. Accessing Monitoring Information
> 18.4. Monitor Information
> 18.4.1. Backends
> 18.4.2. Connections
> 18.4.3. Databases
> 18.4.4. Listener
> 18.4.5. Log
> 18.4.6. Operations
> 18.4.7. Overlays
> 18.4.8. SASL
> 18.4.9. Statistics
> 18.4.10. Threads
> 18.4.11. Time
> 18.4.12. TLS
> 18.4.13. Waiters
> 19. Tuning
> 19.1. Performance Factors
> 19.1.1. Memory
> 19.1.2. Disks
> 19.1.3. Network Topology
> 19.1.4. Directory Layout Design
> 19.1.5. Expected Usage
> 19.2. Indexes
> 19.3. Tuning Logging
> 19.4. BDB/HDB database cache size
> 20. Troubleshooting
> 20.1. Checklist
> 20.2. User or Software errors?
> 20.3. How to contact the OpenLDAP project
> 20.4. How to present your problem
> 20.5. Commercial Support
> A. Configuration File Examples
> A.1. slapd.conf
> A.2. ldap.conf
> A.3. a-n-other
> B. Glossary
> A.1. Terms
> A.2. Related Organizations
> A.3. Related Products
> A.4. References
> C. Generic configure Instructions
> D. OpenLDAP Software Copyright Notices
> C.1. OpenLDAP Copyright Notice
> C.2. Additional Copyright Notice
> C.3. University of Michigan Copyright Notice
> R. OpenLDAP Public License
>
>
>
> Thanks,
>
> Gavin.
>
> --
> Kind Regards,
>
> Gavin Henry.
> Managing Director.
>
> T +44 (0) 1224 279484
> M +44 (0) 7930 323266
> F +44 (0) 1224 824887
> E ghenry@suretecsystems.com
>
> Open Source. Open Solutions(tm).
>
> http://www.suretecsystems.com/
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>