Appendix L. Configuration schema object classes and attributes for IBM Tivoli Directory Server version 6.0 and above
These are the configuration object classes and attributes that are included in the IBM® Tivoli® Directory Server Version 6.0 and above. They can be found in the V3config.oc and V3.config.at files in the etc directory. They define the objects that can appear in the ibmslapd.conf file.
Configuration object classes
These are the schema object classes that are shipped with the IBM Tivoli Directory Server Version 6.0 and above.
# File generated at 8:27:12 AM on 8/18/2004 from IBM LDAP schema version 1.5 objectclasses=( 1.3.18.0.2.6.489 NAME 'ibm-slapdAdmin' DESC 'Global configuration settings for IBM Admin Daemon' SUP ( ibm-slapdConfigEntry $ top ) STRUCTURAL MUST ( cn $ ibm-slapdPort ) MAY ( ibm-slapdSecurePort ) ) objectclasses=( 1.3.18.0.2.6.556 NAME 'ibm-slapdAdminGroupMember' DESC 'A User belonging to the IBM Directory Server Administration Group.' SUP ( top $ ibm-slapdConfigEntry ) STRUCTURAL MUST ( ibm-slapdAdminDN $ ibm-slapdAdminPW $ibm-slapdAdminRole ) MAY ( ibm-slapdKrbAdminDN $ ibm-slapdDigestAdminUser ) ) objectclasses=( 1.3.18.0.2.6.490 NAME 'ibm-slapdConfigBackend' DESC 'Config backend configuration for IBM Directory' SUP ( top $ ibm-slapdConfigEntry ) STRUCTURAL MUST ( cn $ ibm-slapdPlugin $ ibm-slapdSuffix ) MAY ( ibm-slapdReadOnly ) ) objectclasses=( 1.3.18.0.2.6.486 NAME 'ibm-slapdConfigEntry' DESC 'ibm slapd config entry' SUP 'top' ABSTRACT MUST ( cn ) MAY ( ibm-slapdInvalidLine $ ibm-slapdMigrationInfo) ) objectclasses=( 1.3.18.0.2.6.629 NAME 'ibm-slapdConfigUlimit' DESC ' Configuration setting for ulimits which server will load at startup ' SUP 'top' STRUCTURAL MUST (ibm-slapdUlimitVirtualMemory $ ibm-slapdUlimitDataSegment $ ibm-slapdUlimitFileSize $ ibm-slapdUlimitNofile $ ibm-slapdUlimitStackSize ) MAY (ibm-slapdUlimitRSS $ ibm-slapdUlimitDescription) ) objectclasses=( 1.3.18.0.2.6.560 NAME 'ibm-slapdConnectionManagement' DESC 'Global connection settings for IBM Directory Server.' SUP ( ibm-slapdConfigEntry $ top ) STRUCTURAL MUST ( cn ) MAY ( ibm-slapdAllowAnon $ ibm-slapdAllReapingThreshold $ ibm-slapdAnonReapingThreshold $ ibm-slapdBoundReapingThreshold $ ibm-slapdESizeThreshold $ ibm-slapdEThreadActivate $ ibm-slapdEThreadEnable $ ibm-slapdETimeThreshold $ ibm-slapdWriteTimeout $ ibm-slapdIdleTimeOut ) ) objectclasses=( 1.3.18.0.2.6.493 NAME 'ibm-slapdCRL' DESC 'Certificate revocation list settings for IBM Directory.' SUP ( top $ ibm-slapdConfigEntry ) STRUCTURAL MUST ( cn $ ibm-slapdLdapCrlHost $ ibm-slapdLdapCrlPort ) MAY ( ibm-slapdLdapCrlPassword $ ibm-slapdLdapCrlUser ) ) objectclasses=( 1.3.18.0.2.6.575 NAME 'ibm-slapdDigest' DESC 'Global configuration entries for the DIGEST-MD5 SASL bind mechanism for IBM Directory.' SUP 'ibm-slapdConfigEntry' STRUCTURAL MUST (ibm-slapdDigestEnabled) MAY ( ibm-slapdDigestAdminUser $ ibm-slapdDigestAttr $ ibm-slapdDigestRealm ) ) objectclasses=( 1.3.18.0.2.6.500 NAME 'ibm-slapdEventNotification' DESC 'Global event notification settings for IBM Directory.' SUP ( top $ ibm-slapdConfigEntry ) STRUCTURAL MUST ( cn $ ibm-slapdEnableEventNotification ) MAY ( ibm-slapdMaxEventsPerConnection $ ibm-slapdMaxEventsTotal ) ) objectclasses=( 1.3.18.0.2.6.501 NAME 'ibm-slapdFrontEnd' DESC 'Global front-end settings which the server will load at startup.' SUP ( top $ ibm-slapdConfigEntry ) STRUCTURAL MUST ( cn ) MAY ( ibm-slapdPlugin $ ibm-slapdSetenv $ ibm-slapdIdleTimeOut $ ibm-slapdACLCache $ ibm-slapdACLCacheSize $ ibm-slapdFilterCacheSize $ ibm-slapdFilterCacheBypassLimit $ $ ibm-slapdDB2CP ) ) objectclasses=( 1.3.18.0.2.6.494 NAME 'ibm-slapdKerberos' DESC 'Global kerberos authentication settings for IBM Directory.' SUP ( top $ ibm-slapdConfigEntry ) STRUCTURAL MUST ( cn $ ibm-slapdKrbAdminDN $ ibm-slapdKrbEnable $ ibm-slapdKrbIdentityMap $ ibm-slapdKrbKeyTab $ ibm-slapdKrbRealm ) ) objectclasses=( 1.3.18.0.2.6.495 NAME 'ibm-slapdLdcfBackend' DESC 'LDCF backend configuration for IBM Directory.' SUP ( top $ ibm-slapdConfigEntry ) STRUCTURAL MUST ( cn ) MAY ( ibm-slapdSuffix $ ibm-slapdPlugin $ ibm-slapdReadOnly ) ) objectclasses=( 1.3.18.0.2.6.588 NAME 'ibm-slapdLogConfig' DESC 'Log management configuration.' SUP ( top $ ibm-slapdConfigEntry ) AUXILIARY MAY ( ibm-slapdLogMaxArchives $ ibm-slapdLogOptions $ ibm-slapdLogSizeThreshold $ ibm-slapdLogArchivePath $ ibm-slapdLog $ ibm-slapdLogMgmtStartTime $ ibm-slapdLogMgmtFrequency $ ibm-slapdLogEventFileEnabled $ ibm-slapdLogEventFilePath $ ibm-slapdLogEventFilePrefix $ ibm-slapdLogEventFileSizeThreshold $ ibm-slapdLogEventFileArchivePath $ ibm-slapdLogEventFileMaxArchives $ ibm-slapdLogEventFileOptions $ ibm-slapdLogCARSEnabled $ ibm-slapdLogCARSServer $ ibm-slapdLogCARSPort $ ibm-slapdLogCARSOptions $ ibm-slapdLogEventFormat $ ibm-slapdLogCachePath $ ibm-slapdAuditOperation ) ) objectclasses=( 1.3.18.0.2.6.526 NAME 'ibm-slapdPendingMigration' DESC 'Indicates that a server component requires migration.' SUP 'top' AUXILIARY MAY ( ibm-slapdMigrationInfo ) ) objectclasses=( 1.3.18.0.2.6.xxxx NAME 'ibm-slapdPersistentSearch' DESC 'Global persistent search settings for IBM Directory.' SUP ( top $ ibm-slapdConfigEntry ) STRUCTURAL MUST ( $ ibm-slapdEnablePersistentSearch $ ibm-slapdMaxPersistentSearches ) ) objectclasses=( 1.3.18.0.2.6.586 NAME 'ibm-slapdProxyBackend' DESC 'Information related to loading the proxy plug-in.' SUP ( top $ ibm-slapdConfigEntry ) STRUCTURAL MUST ( ibm-slapdPlugin $ cn $ ibm-slapdDNPartitionPlugin $ ibm-slapdProxyEnableDistDynamicGroups $ ibm-slapdProxyEnableDistGroups ) MAY ( ibm-slapdSuffix ) ) objectclasses=( 1.3.18.0.2.6.585 NAME 'ibm-slapdProxyBackendServer' DESC 'Contains information necessary for a proxy server to connect to a backend server' SUP ( ibm-slapdConfigEntry $ top ) STRUCTURAL MUST ( cn $ ibm-slapdProxyBindMethod $ ibm-slapdProxyTargetURL ) MAY ( ibm-slapdProxyConnectionPoolSize $ ibm-slapdProxyDigestUserName $ ibm-slapdSslCertificate $ ibm-slapdSSLKeyDatabase $ ibm-slapdSSLKeyDatabasePW $ ibm-slapdSslKeyRingFilePW $ ibm-slapdProxyDn $ ibm-slapdProxyPw $ ibm-slapdProxyDigestRealm $ ibm-slapdReferral $ ibm-slapdSuffix $ ibm-slapdStatusInterval$ ibm-slapdSslPKCS11Enabled ) ) objectclasses=( 1.3.18.0.2.6.594 NAME 'ibm-slapdProxyBackendSplit' DESC 'Contains specific indexes of a split partition and defines which server holds them.' SUP 'top' STRUCTURAL MUST ( ibm-slapdProxyPartitionIndex $ ibm-slapdProxyBackendServerDn $ ibm-slapdProxyServerRole) MAY ( ibm-slapdProxyBackendServerRole $ ibm-slapdProxyTier )) objectclasses=( 1.3.18.0.2.6.593 NAME 'ibm-slapdProxyBackendSplitContainer' DESC 'Objectclass containing attributes that descrie a split container held by 1 or more servers' SUP ( ibm-slapdConfigEntry $ top ) STRUCTURAL MUST ( cn $ ibm-slapdProxyNumPartitions $ ibm-slapdProxyPartitionBase $ ibm-slapdProxySplitName) ) objectclass ( 1.3.18.0.2.6.632 NAME 'ibm-slapdPta' DESC 'Contains subtree specific Pass-through Authentication settings' SUP 'ibm-slapdConfigEntry' STRUCTURAL MUST ( ibm-slapdPtaURL $ ibm-slapdPtaSubtree ) MAY ( ibm-slapdPtaResultTimeout $ ibm-slapdPtaMigratePwd $ ibm-slapdPtaConnectionPoolSize ) ) objectclass ( 1.3.18.0.2.6.633 NAME 'ibm-slapdPtaExt' DESC 'Contains attribute mapping settings for Pass-through Authentication subtree entry.' SUP 'ibm-slapdConfigEntry' AUXILIARY MUST ( ibm-slapdPtaAttrMapping $ ibm-slapdPtaSearchBase $ ibm-slapdPtaBindDN $ ibm-slapdPtaBindPW ) ) objectclass ( 1.3.18.0.2.6.634 NAME 'ibm-PtaReferral' DESC 'Used to configure the PTA linking attribute for Pass-through Authentication in an individual entry' SUP 'top' AUXILIARY MUST ( ibm-PtaLinkAttribute $ ibm-PtaLinkValue ) ) objectclasses=( 1.3.18.0.2.6.592 NAME 'ibm-slapdPwdPolicyAdmin' DESC 'Defines the global configuration for the IBM Administrative Password Policy for IBM Directory Server' SUP 'top' STRUCTURAL MUST ( ibm-slapdConfigPwdPolicyOn ) MAY ( pwdLockout $ pwdLockoutDuration $ pwdAccountLockedTime $ pwdMaxFailure $ pwdFailureCountInterval $ passwordMinAlphaChars $ passwordMinOtherChars $ passwordMinDiffChars $ passwordMaxRepeatedChars $ pwdMinLength ) ) objectclasses=( 1.3.18.0.2.6.497 NAME 'ibm-slapdRdbmBackend' DESC 'DB2 database backend configuration for IBM Directory.' SUP ( top $ ibm-slapdConfigEntry ) STRUCTURAL MUST ( cn $ ibm-slapdDbName $ ibm-slapdDbInstance $ ibm-slapdDbUserID $ ibm-slapdDbUserPW ) MAY ( $ ibm-slapdCachedAttributeAutoAdjust $ ibm-slapdCachedAttributeAutoAdjustTime $ ibm-slapdCachedAttributeAutoAdjustTimeInterval $ ibm-slapdPlugin $ ibm-slapdSuffix $ ibm-slapdReadOnly $ ibm-slapdChangeLogMaxEntries $ ibm-slapdPagedResAllowNonAdmin $ ibm-slapdPagedResLmt $ ibm-slapdSortKeyLimit $ ibm-slapdSortSrchAllowNonAdmin $ ibm-slapdDbConnections $ ibm-slapdDbLocation $ ibm-slapdDB2CP $ ibm-slapdReplDbConns $ ibm-slapdCLIErrors $ ibm-slapdBulkloadErrors $ ibm-slapdDBAlias $ ibm-slapdUseProcessIdPW $ ibm-slapdChangeLogMaxAge $ ibm-slapdCachedAttributeSize $ ibm-slapdCachedAttribute $ ibm-slapdLanguageTagsEnabled $ ibm-slapdEnableRemotePWPExOps $ ibm-slapdDbSchema $ ibm-slapdGroupMembersCacheSize $ ibm-slapdGroupMembersCacheBypassLimit) ) objectclasses=( 1.3.18.0.2.6.485 NAME 'ibm-slapdReferral' DESC 'Global superior referrals for IBM Directory.' SUP ( top $ ibm-slapdConfigEntry ) STRUCTURAL MUST ( cn $ ibm-slapdReferral ) ) objectclasses=( 1.3.18.0.2.6.496 NAME 'ibm-slapdReplication' DESC 'Contains the default bind credentials and master server referral URL. This is used when the server contains one or more replication contexts that are replicated to it by other servers. This server may be acting as one of several masters or as a read only replica. If the MasterDN is specified without the Master PW attribute, kerberos authentication is used.' SUP ( top $ ibm-slapdConfigEntry ) STRUCTURAL MUST ( cn ) MAY ( ibm-slapdMasterDN $ ibm-slapdMasterPW $ ibm-slapdMasterReferral $ ibm-slapdNoReplConflictResolution) ) objectclasses=( 1.3.18.0.2.6.596 NAME 'ibm-slapdReplicationConfiguration' DESC 'Used to configure replication for a supplier' SUP 'top' STRUCTURAL MUST ( cn ) MAY ( description $ ibm-slapdMaxPendingChangesDisplayed $ ibm-slapdReplContextCacheSize $ ibm-slapdReplMaxErrors $ ibm-slapdReplConflictMaxEntrySize $ ibm-replicationOnHold $ ibm-slapdReplRestrictedAccess ) ) objectclasses=( 1.3.18.0.2.6.499 NAME 'ibm-slapdSchema' DESC 'Global schema settings for IBM Directory. Multiple schemas are not currently supported, but if they were then there would be one ibm-slapdSchema entry per schema.' SUP ( top $ ibm-slapdConfigEntry ) STRUCTURAL MUST ( cn $ ibm-slapdSchemaCheck $ ibm-slapdIncludeSchema ) MAY ( ibm-slapdSchemaAdditions ) ) objectclasses=( 1.3.18.0.2.6.492 NAME 'ibm-slapdSSL' DESC 'Global SSL connection settings for IBM Directory.' SUP ( top $ ibm-slapdConfigEntry ) STRUCTURAL MUST ( cn $ ibm-slapdSecurity $ ibm-slapdSecurePort $ ibm-slapdSslAuth ) MAY ( ibm-slapdSslCertificate $ ibm-slapdSslCipherSpec $ ibm-slapdSslCipherSpecs $ ibm-slapdSSLKeyDatabase $ ibm-slapdSSLKeyDatabasePW $ ibm-slapdSslKeyRingFilePW $ ibm-slapdSslFIPsModeEnabled $ ibm-slapdSslFIPsProcessingMode $ ibm-slapdSslPKCS11Enabled $ ibm-slapdSslPKCS11Lib $ ibm-slapdSslPKCS11TokenPW $ ibm-slapdSslPKCS11TokenLabel $ ibm-slapdSslPKCS11Keystorage $ ibm-slapdSslPKCS11AcceleratorMode ) ) objectclasses=( 1.3.18.0.2.6.488 NAME 'ibm-slapdSupplier' DESC 'Contains bind credentials used by a replication supplier server to update the specified subtree on this consumer server. Use of this object class overrides the default bind credentials specified in an ibm-slapdReplication object.' SUP ( top $ ibm-slapdConfigEntry ) STRUCTURAL MUST ( cn $ ibm-slapdReplicaSubtree $ ibm-slapdMasterDN ) MAY ( ibm-slapdMasterPW ) ) objectclasses=( 1.3.18.0.2.6.498 NAME 'ibm-slapdTop' DESC 'Global configuration settings for IBM Directory Server.' SUP ( top $ ibm-slapdConfigEntry ) STRUCTURAL MUST ( cn $ ibm-slapdAdminDN $ ibm-slapdAdminPW $ ibm-slapdPort $ ibm-slapdPwEncryption $ ibm-slapdSizeLimit $ ibm-slapdTimeLimit $ ibm-slapdDerefAliases $ ibm-slapdCryptoSync ) MAY ( ibm-slapdServerId $ ibm-slapdVersion $ ibm-slapdMaxPendingChangesDisplayed $ ibm-slapdSupportedWebAdmVersion $ ibm-slapdStartupTraceEnabled $ ibm-slapdTraceMessageLevel $ ibm-slapdTraceMessageLog $ ibm-slapdAdminGroupEnabled $ ibm-slapdIpAddress $ ibm-slapdServerBackend $ ibm-slapdPtaEnabled ) ) objectclasses=( 1.3.18.0.2.6.491 NAME 'ibm-slapdTransaction' DESC 'Global transaction support settings for IBM Directory.' SUP ( top $ ibm-slapdConfigEntry ) STRUCTURAL MUST ( cn $ ibm-slapdMaxNumOfTransactions $ ibm-slapdMaxOpPerTransaction $ ibm-slapdMaxTimeLimitOfTransactions $ ibm-slapdTransactionEnable ) ) objectclasses=( 1.3.18.0.2.6.589 NAME 'ids-instance' DESC 'An entry for a ibm directory server instance in the ibm directory server instance repository.' SUP 'top' STRUCTURAL MUST ( ids-instanceVersion $ ids-instanceLocation ) MAY ( ids-instanceDesc ) )
Configuration attributes
These are the configuration attributes that are shipped with the IBM Tivoli Directory Server Version 6.0 and above. For descriptive names to go with the syntax OIDs, see the V3.ldapsyntaxes file in the etc directory.
# File generated at 8:26:38 AM on 8/18/2004 from IBM LDAP schema version 1.5 attributetypes=( 1.3.18.0.2.4.3056 NAME 'ibm-auditExtOp' DESC 'TRUE or FALSE Indicate whether to log the Extended operation. Default is FALSE.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3056 DBNAME( 'auditExOp' 'auditExOp' ) ACCESS-CLASS normal LENGTH 5 ) attributetypes=( 1.3.18.0.2.4.3322 NAME 'ibm-auditPTABindInfo' DESC 'TRUE or FALSE. Indicate whether to log pass-through authentication information related to bind operations. Default is FALSE.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3322 DBNAME( 'auditPTABind' 'auditPTABind' ) ACCESS-CLASS critical LENGTH 5 ) attributetypes=( 1.3.18.0.2.4.3055 NAME 'ibm-auditVersion' DESC 'Specifies which version of auditing to use.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3055 DBNAME( 'auditVersion' 'auditVersion' ) ACCESS-CLASS normal LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.3309 NAME 'ibm-PtaLinkAttribute' DESC 'Must be either of valid attribute name or _DN_ or _DISABLE_. Specifies the mapped attribute in pass-through server or DN of entry in pass-through server or entry should not be used in pass-through authentication respectively' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes= 1.3.18.0.2.4.3309 DBNAME( 'ptaLinkAttr' 'ptaLinkAtr' ) ACCESS-CLASS critical LENGTH 1000 attributetypes=( 1.3.18.0.2.4.3308 NAME 'ibm-PtaLinkValue' DESC 'Specifies the linking attribute value. ibm-ptaLinkAttribute=ibm-ptaLinkValue search filter will be used to identify the entry DN to bind to on the pass-through server.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3308 DBNAME( 'ptaLinkVal' 'ptaLinkVal' ) ACCESS-CLASS critical LENGTH 1000 attributetypes=( 1.3.18.0.2.4.2485 NAME 'ibm-slapdACLAccess' DESC 'If set to true anyone that can read an entry can also read the entry's ACL attributes. If set to false only the entry owner or the administrator can read ACL attributes.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE userApplications ) IBMAttributetypes=( 1.3.18.0.2.4.2485 DBNAME( 'slapdACLAccess' 'slapdACLAccess' ) ACCESS-CLASS normal LENGTH 5 ) attributetypes=( 1.3.18.0.2.4.2374 NAME 'ibm-slapdACLCache' DESC 'Controls whether or not the server caches ACL information' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2374 DBNAME( 'ACLCache' 'ACLCache' ) ACCESS-CLASS normal LENGTH 5 ) attributetypes=( 1.3.18.0.2.4.2373 NAME 'ibm-slapdACLCacheSize' DESC 'Maximum number of entries to keep in the ACL Cache' EQUALITY 2.5.13.14 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2373 DBNAME( 'slapdACLCacheSize' 'slapdACLCacheSize' ) ACCESS-CLASS normal LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.2428 NAME 'ibm-slapdAdminDN' DESC 'Bind DN for ibmslapd administrator, e.g.: cn=root' EQUALITY 2.5.13.1 ORDERING 1.3.18.0.2.4.405 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2428 DBNAME( 'slapdAdminDN' 'slapdAdminDN' ) ACCESS-CLASS critical LENGTH 1000 EQUALITY ORDERING ) attributetypes=( 1.3.18.0.2.4.3013 NAME 'ibm-slapdAdminGroupEnabled' DESC 'Must be one of { TRUE | FALSE }. Specifies whether the Administrative Group is currently enabled. Defaults to FALSE if unspecified. If set to TRUE, the server will allow users in the administrative group to login.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3013 DBNAME( 'AdmGroupEnabled' 'AdmGroupEnabled' ) ACCESS-CLASS critical LENGTH 5 ) attributetypes=( 1.3.18.0.2.4.2425 NAME 'ibm-slapdAdminPW' DESC 'Bind password for ibmslapd administrator.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2425 DBNAME( 'slapdAdminPW' 'slapdAdminPW' ) ACCESS-CLASS critical ) attributetypes=( 1.3.18.0.2.4.3299 NAME 'ibm-slapdAdminRole' DESC 'Administrative role(s) associated with the user' EQUALITY 2.5.13.2 SUBSTR 2.5.13.4 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 USAGE directoryOperation ) IBMAttributetypes=( ibm-slapdAdminRole-oid DBNAME( 'slapdAdminRole' 'slapdAdminRole' ) ACCESS-CLASS critical ) LENGTH 100 EQUALITY SUBSTR ) attributetypes=( 1.3.18.0.2.4.3021 NAME 'ibm-slapdAllowAnon' DESC 'Specifies if anonymous binds are allowed.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3021 DBNAME( 'slapdAllowAnon' 'slapdAllowAnon' ) ACCESS-CLASS normal LENGTH 5 ) attributetypes=( 1.3.18.0.2.4.3024 NAME 'ibm-slapdAllReapingThreshold' DESC 'Specifies a number of connections to maintain in the server before connection management is activated.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3024 DBNAME( 'slapdAllReapingTh' 'slapdAllReapingTh' ) ACCESS-CLASS normal LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.3022 NAME 'ibm-slapdAnonReapingThreshold' DESC 'Specifies a number of connections to maintain in the server before connection management of anonymous connections is activated.' EQUALITY 2.5.13.14 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3022 DBNAME( 'slapdAnonReapingT' 'slapdAnonReapingT' ) ACCESS-CLASS normal LENGTH 11 ) attributetypes=(1.3.18.0.2.4.3335 NAME 'ibm-slapdAuditOperation' DESC 'The audit operation for which the audit records will be converted to the specified event format. For example, if the attribute is set to BIND, then audit records related only to the bind operation will be converted to specified event format.' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 {30} USAGE userApplications) attributetypes=( 1.3.18.0.2.4.2366 NAME 'ibm-slapdAuthIntegration' DESC 'Specifies integration of LDAP administrator access with local OS users. Legal values are: 0 - do not map local OS users to LDAP administrator, 1 - map local OS users with properauthority to LDAP administrator. This is supported only on i5/OS.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2366 DBNAME( 'slapdAuthIntegrat' 'slapdAuthIntegrat' ) ACCESS-CLASS system LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.3023 NAME 'ibm-slapdBoundReapingThreshold' DESC 'Specifies a number of connections to maintain in the server before connection management of anonymous and bound connections is activated.' EQUALITY 2.5.13.14 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3023 DBNAME( 'slapdBoundReaping' 'slapdBoundReaping' ) ACCESS-CLASS normal LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.2368 NAME 'ibm-slapdBulkloadErrors' DESC 'File path or device on ibmslapd host machine to which bulkload error messages will be written. On Windows, forward slashes are allowed, and a leading slash not preceded by a drive letter is assumed to be rooted at the install directory (i.e.: /tmp/bulkload.errors = D:\Program Files\IBM\ldap\tmp\bulkload.errors).' EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 USAGE userApplications ) IBMAttributetypes=( 1.3.18.0.2.4.2368 DBNAME( 'slapdBulkloadErro' 'slapdBulkloadErro' ) ACCESS-CLASS normal LENGTH 1024 ) attributetypes=( 1.3.18.0.2.4.3069 NAME 'ibm-slapdCachedAttribute' DESC 'Contains the names of the attributes to be cached in the attribute cache, one attribute name per value.' EQUALITY 1.3.6.1.4.1.1466.109.114.2 ORDERING 2.5.13.3 SUBSTR 2.5.13.4 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3069 DBNAME( 'slapdCachedAttr' 'slapdCachedAttr' ) ACCESS-CLASS normal LENGTH 256 ) attributetypes=( 1.3.18.0.2.4.3068 NAME 'ibm-slapdCachedAttributeSize' DESC 'Amount of memory, in bytes, that can be used by the attribute cache. A value of 0 indicates not use an attribute cache.' EQUALITY 2.5.13.14 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3068 DBNAME( 'slapdAttrCacheSz' 'slapdAttrCacheSz' ) ACCESS-CLASS normal LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.3012 NAME 'ibm-slapdChangeLogMaxAge' DESC 'Specifies the maximum age, in hours, of changelog entries allowed in the associated backend. Each changelog backend has its own ibm-slapdChangeLogMaxAge attribute. If the attribute is undefined or out of range (negative), it defaults to 0. Min: 0 (unlimited) Max: 2,147,483,647 (32-bit, signed integer)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE userApplications ) IBMAttributetypes=( 1.3.18.0.2.4.3012 DBNAME( 'chgLogMaxAge' 'chgLogMaxAge' ) ACCESS-CLASS critical LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.2427 NAME 'ibm-slapdChangeLogMaxEntries' DESC 'Specifies the maximum number of changelog entries allowed in the associated backend. Each changelog backend has its own ibm-slapdChangeLogMaxEntries attribute. If the attribute is undefined or out of range (negative), it defaults to 0. Min: 0 (unlimited) Max: 2,147,483,647 (32-bit, signed integer)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE userApplications ) IBMAttributetypes=( 1.3.18.0.2.4.2427 DBNAME( 'chgLogMaxEntries' 'chgLogMaxEntries' ) ACCESS-CLASS critical LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.2432 NAME 'ibm-slapdCLIErrors' DESC 'File path or device on ibmslapd host machine to which DB2 CLI error messages will be written. On Windows, forward slashes are allowed, and a leading slash not preceded by a drive letter is assumed to be rooted at the install directory (i.e.: /tmp/cli.errors = D:\Program Files\IBM\ldap\tmp\cli.errors).' EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2432 DBNAME( 'slapdCLIErrors' 'slapdCLIErrors' ) ACCESS-CLASS normal LENGTH 1024 ) attributetypes=( 1.3.18.0.2.4.3140 NAME 'ibm-slapdConfigPwdPolicyOn' DESC 'TRUE or FALSE. Indicates if the IBM Administrative Password Policy is ON' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3140 DBNAME( 'ConfigPwdPolicyOn' 'ConfigPwdPolicyOn' ) ACCESS-CLASS critical LENGTH 5 ) attributetypes=( 1.3.18.0.2.4.3316 NAME 'ibm-slapdPtaConnectionPoolSize' DESC 'Must be from 2 to 15. Specifies the connection pool size for each of the Pass-through Authentication subtrees.' EQUALITY 2.5.13.14 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3316 DBNAME( 'ptaConnPool' 'ptaConnPool' ) ACCESS-CLASS normal LENGTH 2 ) attributetypes=( 1.3.18.0.2.4.3116 NAME 'ibm-slapdCryptoSync' DESC 'A key stash file consistency marker string. It is queried by the server at start up as part of a verification process to ensure that the key stash files match any data that has been two-way encrypted.' EQUALITY 2.5.13.17 SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3116 DBNAME( 'CryptoSync' 'CryptoSync' ) ACCESS-CLASS system ) attributetypes=( 1.3.18.0.2.4.2369 NAME 'ibm-slapdDB2CP' DESC 'Specifies the Code Page of the directory database. 1208 is the code page for UTF-8 databases.' EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2369 DBNAME( 'slapdDB2CP' 'slapdDB2CP' ) ACCESS-CLASS normal LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.2369 NAME 'ibm-slapdDB2CP' DESC 'Specifies the Code Page of the directory database. 1208 is the code page for UTF-8 databases.' EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2369 DBNAME( 'slapdDB2CP' 'slapdDB2CP' ) ACCESS-CLASS normal LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.3301 NAME 'ibm-slapdDbSchema' DESC 'The name to be used as the schema for the DB2 table names.' EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3301 DBNAME( 'slapdDbSchema' 'slapdDbSchema' ) ACCESS-CLASS critical LENGTH 8 ) attributetypes=( 1.3.18.0.2.4.2417 NAME 'ibm-slapdDbConnections' DESC 'The number of DB2 connections the server will dedicate to the DB2 backend. The value must be 5 or greater. Additional connections may be created for replication and change log.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2417 DBNAME( 'DbConnections' 'DbConnections' ) ACCESS-CLASS critical LENGTH 2 ) attributetypes=( 1.3.18.0.2.4.2418 NAME 'ibm-slapdDbInstance' DESC 'The DB2 database instance for this backend.' EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2418 DBNAME( 'slapdDbInstance' 'slapdDbInstance' ) ACCESS-CLASS critical LENGTH 8 ) attributetypes=( 1.3.18.0.2.4.2382 NAME 'ibm-slapdDbLocation' DESC 'The file system path where the backend database is located. On Unix this is usually the home directory of the DB2INSTANCE owner (e.g.: /home/ldapdb2). On Windows it is just a drive specifier (e.g.: D:)' EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2382 DBNAME( 'slapdDbLocation' 'slapdDbLocation' ) ACCESS-CLASS critical LENGTH 1024 ) attributetypes=( 1.3.18.0.2.4.2426 NAME 'ibm-slapdDbName' DESC 'The DB2 database name for this backend.' EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2426 DBNAME( 'slapdDbName' 'slapdDbName' ) ACCESS-CLASS critical LENGTH 8 ) attributetypes=( 1.3.18.0.2.4.2422 NAME 'ibm-slapdDbUserID' DESC 'The user name with which to connect to the DB2 database for this backend.' EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2422 DBNAME( 'slapdDbUserID' 'slapdDbUserID' ) ACCESS-CLASS critical LENGTH 8 ) attributetypes=( 1.3.18.0.2.4.2423 NAME 'ibm-slapdDbUserPW' DESC 'The user password with which to connect to the DB2 database for this backend.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2423 DBNAME( 'slapdDbUserPW' 'slapdDbUserPW' ) ACCESS-CLASS critical ) attributetypes=( 1.3.18.0.2.4.3054 NAME 'ibm-slapdDerefAliases' DESC 'Maximum alias dereferencing level on search requests, regardless of any derefAliases that may have been specified on the client requests. Allowed values are never, find, search and always.' EQUALITY 2.5.13.2 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3054 DBNAME( 'slapdDerefAliases' 'slapdDerefAliases' ) ACCESS-CLASS normal LENGTH 6 ) attributetypes=( 1.3.18.0.2.4.3032 NAME 'ibm-slapdDigestAdminUser' DESC 'Specifies the Digest MD5 User Name of the LDAP administrator or administrative group member. Used when MD5 Digest authentication is used to authenticate an administrator.' EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3032 DBNAME( 'DigestAdminUser' 'DigestAdminUser' ) ACCESS-CLASS critical LENGTH 512 ) attributetypes=( 1.3.18.0.2.4.3082 NAME 'ibm-slapdDigestAttr' DESC 'Overrides the default DIGEST-MD5 username attribute. The name of the attribute to use for DIGEST-MD5 SASL bind username lookup. If the value is not specified, the server uses uid.' EQUALITY 2.5.13.0 SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3082 DBNAME( 'slapdDigestAttr' 'slapdDigestAttr' ) ACCESS-CLASS critical LENGTH 128 ) attributetypes=( 1.3.18.0.2.4.3304 NAME 'ibm-slapdDigestEnabled' DESC 'Must be one of {TRUE | FALSE}. Specifies whether the Digest-MD5 bind mechanism is enabled.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3304 DBNAME('DigestEnabled' 'DigestEnabled') ACCESS-CLASS critical LENGTH 5 ) attributetypes=( 1.3.18.0.2.4.3083 NAME 'ibm-slapdDigestRealm' DESC 'Overrides the default DIGEST-MD5 realm. A string which can enable users to know which username and password to use, in case they might have different ones for different servers. Conceptually, it is the name of a collection of accounts that might include the users account. This string should contain at least the name of the host performing the authentication and might additionally indicate the collection of users who might have access. An example might be registered_users@gotham.news.example.com. If the attribute is not specified, the server uses the fully qualified hostname of the server.' EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3083 DBNAME( 'slapdDigestRealm' 'slapdDigestRealm' ) ACCESS-CLASS critical LENGTH 1024 ) attributetypes=( 1.3.18.0.2.4.3123 NAME 'ibm-slapdDistributedDynamicGroups' DESC 'Switch that determines whether the proxy allows for dynamic group evaluation (e.g. ibm-allmembers).' EQUALITY 2.5.13.2 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3123 DBNAME( 'slapdDistributedD' 'slapdDistributedD' ) ACCESS-CLASS critical LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.3258 NAME 'ibm-slapdDNPartitionPlugin' DESC 'This attribute specifies to the Proxy Server how to load and initialize a customized DN partitioning plugin. The syntax is: filename init_function {args...]. The syntax will be slightly different for each platform due to library naming conventions.' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 {2048} SINGLE-VALUE USAGE directoryOperation ) attributetypes=( 1.3.18.0.2.4.2421 NAME 'ibm-slapdEnableEventNotification' DESC 'If set to FALSE, the server will reject all extended operation requests to register for event notification with the extended result LDAP_UNWILLING_TO_PERFORM.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2421 DBNAME( 'enableEvntNotify' 'enableEvntNotify' ) ACCESS-CLASS critical LENGTH 5 ) attributetypes=( 1.3.18.0.2.4.2372 NAME '' DESC 'Maximum number of entries to keep in the entry cache' EQUALITY 2.5.13.14 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2372 DBNAME( 'slapdRDBMCacheSiz' 'slapdRDBMCacheSiz' ) ACCESS-CLASS normal LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.2424 NAME 'ibm-slapdErrorLog' DESC 'File path or device on ibmslapd host machine to which error messages will be written. On Windows, forward slashes are allowed, and a leading slash not preceded by a drive letter is assumed to be rooted at the install directory (i.e.: /tmp/slapd.errors = D:\Program Files\IBM\ldap\tmp\slapd.errors).' EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2424 DBNAME( 'slapdErrorLog' 'slapdErrorLog' ) ACCESS-CLASS critical LENGTH 1024 ) attributetypes=( 1.3.18.0.2.4.2371 NAME 'ibm-slapdFilterCacheBypassLimit' DESC 'Search filters that match more than this number of entries will not be added to the Search Filter cache. Because the list of entry ids that matched the filter are included in this cache, this setting helps to limit memory use. A value of 0 indicates no limit.' EQUALITY 2.5.13.14 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2371 DBNAME( 'slapdRDBMCacheByp' 'slapdRDBMCacheByp' ) ACCESS-CLASS normal LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.2370 NAME 'ibm-slapdFilterCacheSize' DESC 'Specifies the maximum number of entries to keep in the Search Filter Cache.' EQUALITY 2.5.13.14 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2370 DBNAME( 'slapdFilterCacheS' 'slapdFilterCacheS' ) ACCESS-CLASS normal LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.2378 NAME 'ibm-slapdIdleTimeOut' DESC 'Reserved for future use.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2378 DBNAME( 'SlapdIdleTimeOut' 'SlapdIdleTimeOut' ) ACCESS-CLASS critical LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.2364 NAME 'ibm-slapdIncludeSchema' DESC 'File path on ibmslapd host machine containing schema definitions used by the LDCF backend. Standard values are: /etc/V3.system.at /etc/V3.system.oc /etc/V3.ibm.at /etc/V3.ibm.oc /etc/V3.user.at /etc/V3.user.oc /etc/V3.ldapsyntaxes /etc/V3.matchingrules /etc/V3.modifiedschema On Windows, forward slashes are allowed, and a leading slash not preceded by a drive letter is assumed to be rooted at the install directory (i.e.: /etc/V3.system.at = D:\Program Files\IBM\ldap\etc\V3.system.at).' EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2364 DBNAME( 'slapdIncldeSchema' 'slapdIncldeSchema' ) A CCESS-CLASS critical LENGTH 1024 ) attributetypes=( 1.3.18.0.2.4.2430 NAME 'ibm-slapdInvalidLine' DESC 'This attribute will be prepended to the beginning of any configuration attribute for which the value is invalid. This allows invalid configuration settings to be identified with a simple search for ibm-slapdInvalidLine=*.' EQUALITY 2.5.13.2 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 USAGE userApplications ) IBMAttributetypes=( 1.3.18.0.2.4.2430 DBNAME( 'slapdInvalidLine' 'slapdInvalidLine' ) ACCESS-CLASS normal LENGTH 1024 ) attributetypes=( 1.3.18.0.2.4.2365 NAME 'ibm-slapdIpAddress' DESC 'Specifies IP addresses the server will listen on. These can be IPv4 or IPv6 addresses. If the attribute is not specified, the server uses all IP addresses assigned to the host machine.' EQUALITY 1.3.6.1.4.1.1466.109.114.1 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2365 DBNAME( 'slapdIpAddress' 'slapdIpAddress' ) ACCESS-CLASS system LENGTH 32 ) attributetypes=( 1.3.18.0.2.4.2420 NAME 'ibm-slapdKrbAdminDN' DESC 'Specifies the kerberos ID of the LDAP administrator (e.g. ibm-kn=name@realm). Used when kerberos authentication is used to authenticate the administrator when logged onto the Web Admin interface. This is specified instead of adminDN and adminPW.' EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2420 DBNAME( 'slapdKrbAdminDN' 'slapdKrbAdminDN' ) ACCESS-CLASS critical LENGTH 512 ) attributetypes=( 1.3.18.0.2.4.2394 NAME 'ibm-slapdKrbEnable' DESC 'Must be one of { TRUE | FALSE }. Specifies whether the server supports kerberos authentication.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2394 DBNAME( 'slapdKrbEnable' 'slapdKrbEnable' ) ACCESS-CLASS critical LENGTH 5 ) attributetypes=( 1.3.18.0.2.4.2419 NAME 'ibm-slapdKrbIdentityMap' DESC 'If set to TRUE, when a client is authenticated with a kerberos ID, the server will search for a local user with matching kerberos credentials, and add that users DN to the connections bind credentials. This allows ACLs based on LDAP user DNs to still be usable with kerberos authentication.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2419 DBNAME( 'KrbIdentityMap' 'KrbIdentityMap' ) ACCESS-CLASS critical LENGTH 5 ) attributetypes=( 1.3.18.0.2.4.2416 NAME 'ibm-slapdKrbKeyTab' DESC 'Specifies the LDAP servers keytab file. This file contains the LDAP servers private key, as associated with its kerberos account. This file should be protected (like the servers SSL key database file). On Windows, forward slashes are allowed, and a leading slash not preceded by a drive letter (D:) is assumed to be rooted at the install directory (i.e.: /tmp/slapd.errors = D:\Program Files\IBM\ldap\tmp\slapd.errors).' EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2416 DBNAME( 'slapdKrbKeyTab' 'slapdKrbKeyTab' ) ACCESS-CLASS critical LENGTH 1024 ) attributetypes=( 1.3.18.0.2.4.2400 NAME 'ibm-slapdKrbRealm' DESC 'Specifies the LDAP servers kerberos realm. Used to publish the ldapservicename attribute in the root DSE. Note that an LDAP server can serve as the repository of account information for multiple KDCs (and realms), but the LDAP server, as a kerberos server, can only be a member of a single realm.' EQUALITY 2.5.13.2 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2400 DBNAME( 'slapdKrbRealm' 'slapdKrbRealm' ) ACCESS-CLASS critical LENGTH 256 ) attributetypes=( 1.3.18.0.2.4.3074 NAME 'ibm-slapdLanguageTagsEnabled' DESC 'Specifies whether or not the directory server will allow Language Tags as part of an attribute description. Possible values include TRUE and FALSE.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3074 DBNAME( 'slapdLanguageTags' 'slapdLanguageTags' ) ACCESS-CLASS critical LENGTH 5 ) attributetypes=( 1.3.18.0.2.4.2415 NAME 'ibm-slapdLdapCrlHost' DESC 'Specify the hostname of the LDAP server that contains the Certificate Revocation Lists (CRLs) for validating client x.509v3 certificates. This parameter is needed when ibm-slapdSslAuth=serverclientauth AND the client certificates have been issued for CRL validation' EQUALITY 2.5.13.2 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2415 DBNAME( 'LdapCrlHost' 'LdapCrlHost' ) ACCESS-CLASS critical LENGTH 256 ) attributetypes=( 1.3.18.0.2.4.2407 NAME 'ibm-slapdLdapCrlPassword' DESC 'Specify the password that server-side SSL will use to bind to the LDAP server that contains the Certificate Revocation Lists (CRLs) for validating client x.509v3 certificates. This parameter may be needed when ibm-slapdSslAuth=serverclientauth AND the client certificates have been issued for CRL validation. Note: If the LDAP server holding the CRLs permits unauthenticated access to the CRLs (i.e. anonymous access), then ibm-slapdLdapCrlPassword is not required.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 S INGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2407 DBNAME( 'CrlPassword' 'CrlPassword' ) ACCESS-CLASS critical ) attributetypes=( 1.3.18.0.2.4.2404 NAME 'ibm-slapdLdapCrlPort' DESC 'Specify the LDAP ibm-slapdPort used by the LDAP server that contains the Certificate Revocation Lists (CRLs) for validating client x.509v3 certificates. This parameter is needed when ibm-slapdSslAuth=serverclientauth AND the client certificates have been issued for CRL validation. (IP ports are unsigned, 16-bit integers in the range 1 - 65535)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2404 DBNAME( 'LdapCrlPort' 'LdapCrlPort' ) ACCESS-CLASS critical LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.2403 NAME 'ibm-slapdLdapCrlUser' DESC 'Specify the bindDN that server-side SSL will use to bind to the LDAP server that contains the Certificate Revocation Lists (CRLs) for validating client x.509v3 certificates. This parameter may be needed when ibm-slapdSslAuth=serverclientaut h AND the client certificates have been issued for CRL validation. Note: If the LDAP server holding the CRLs permits unauthenticated access to the CRLs (i.e. anonymous access), then ibm-slapdLdapCrlUser is not required.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2403 DBNAME( 'LdapCrlUser' 'LdapCrlUser' ) ACCESS-CLASS critical LENGTH 1000 ) attributetypes=( 1.3.18.0.2.4.3128 NAME 'ibm-slapdLog' DESC 'Log path and file name. On Windows, forward slashes are allowed, and a leading slash not preceded by a drive letter is assumed to be rooted at the install directory (i.e.: /tmp/bulkload.errors = D:\Program Files\IBM\ldap\tmp\bulkload.errors).' EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE userApplications ) IBMAttributetypes=( 1.3.18.0.2.4.3128 DBNAME( 'ibmlog' 'ibmlog' ) ACCESS-CLASS critical LENGTH 1024 ) attributetypes=( 1.3.18.0.2.4.3134 NAME 'ibm-slapdLogArchivePath' DESC 'Path for archived files. On Windows, forward slashes are allowed, and a leading slash not preceded by a drive letter is assumed to be rooted at the install directory (i.e.: /tmp = D:\Program Files\IBM\ldap\tmp).' EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE userApplications ) IBMAttributetypes=( 1.3.18.0.2.4.3134 DBNAME( 'logArchivePath' 'logArchivePath' ) ACCESS-CLASS critical LENGTH 1024 ) attributetypes=(1.3.18.0.2.4.3269 NAME 'ibm-slapdLogCARSEnabled' DESC 'Must be one of [TRUE|FALSE]. Specifies whether the log data will be written to a CARS Server.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 {5} SINGLE-VALUE USAGE userApplications) attributetypes=(1.3.18.0.2.4.3261 NAME 'ibm-slapdLogCARSOptions' DESC 'Any log options that the event formatted data sent to CARS uses, for example, log level or mask.' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 {30} SINGLE-VALUE USAGE userApplications) attributetypes=(1.3.18.0.2.4.3263 NAME 'ibm-slapdLogCARSPort' DESC 'The CARS server's port where the event formatted data will be sent. ' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 {11} SINGLE-VALUE USAGE userApplications) attributetypes=(1.3.18.0.2.4.3265 NAME 'ibm-slapdLogCARSServer' DESC 'The CARS server's hostname where the event formatted data will be sent.' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 {30} SINGLE-VALUE USAGE userApplications) attributetypes=( NAME 'ibm-slapdLogCachePath' DESC 'Path where the cache files for the log management tool will be created. On Windows, forward slashes are allowed, and a leading slash not preceded by a drive letter is assumed to be rooted at the install directory (i.e.: /tmp/ = D:\Program Files\IBM\ldap\V6.1\tmp\).' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 {1024} SINGLE-VALUE USAGE userApplications) attributetypes=(1.3.18.0.2.4.3268 NAME 'ibm-slapdLogEventFileArchivePath' DESC 'Path for archived event formatted files. On Windows, forward slashes are allowed, and a leading slash not preceded by a drive letter is assumed to be rooted at the install directory (i.e.: /tmp = D:\Program Files\IBM\ldap\V6.1\tmp).' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 {1024} SINGLE-VALUE USAGE userApplications) attributetypes=(1.3.18.0.2.4.3270 NAME 'ibm-slapdLogEventFileEnabled' DESC 'Must be one of [TRUE|FALSE]. Specifies whether the log data will be written to event formatted log files.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 {5} SINGLE-VALUE USAGE userApplications) attributetypes=(1.3.18.0.2.4.3267 NAME 'ibm-slapdLogEventFileMaxArchives' DESC 'The maximum number of archived logs where 0 means no archive file will be kept and -1 means an unlimited number of archive files will be kept.' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 {11} SINGLE-VALUE USAGE userApplications) attributetypes=(1.3.18.0.2.4.3264 NAME 'ibm-slapdLogEventFileOptions' DESC 'Any log options that the event formatted log uses, for example, log level or mask.' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 {30} SINGLE-VALUE USAGE userApplications) attributetypes=(1.3.18.0.2.4.3333 NAME 'ibm-slapdLogEventFilePath' DESC 'Log path for an event formatted log. On Windows, forward slashes are allowed, and a leading slash not preceded by a drive letter is assumed to be rooted at the install directory (i.e.: /tmp/ = D:\Program Files\IBM\ldap\V6.1\tmp\).' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 {1024} SINGLE-VALUE USAGE userApplications) attributetypes=(1.3.18.0.2.4.3331 NAME 'ibm-slapdLogEventFilePrefix' DESC 'File name prefix for the CBE formatted log will be placed. The suffix of the CBE formatted log file will always be "_audit0.log" and cannot be changed. Hence if the prefix for the file name if specified as xyz, then the CBE formatted file name will be xyz_audit0.log.' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 {1024} SINGLE-VALUE USAGE userApplications) attributetypes=(1.3.18.0.2.4.3266 NAME 'ibm-slapdLogEventFileSizeThreshold' DESC 'When this size threshold, in MB, is exceeded the event formatted file will be archived where 0 means no threshold and thus no archiving.' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 {11} SINGLE-VALUE USAGE userApplications) attributetypes=(1.3.18.0.2.4.3332 NAME 'ibm-slapdLogEventFormat' DESC 'specifies in which event format the users want the ITDS log records' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 {30} SINGLE-VALUE USAGE userApplications) attributetypes=( 1.3.18.0.2.4.3129 NAME 'ibm-slapdLogMaxArchives' DESC 'The maximum number of archived logs where 0 means no archive file will be kept and -1 means an unlimited number of archive files will be kept.' EQUALITY 2.5.13.14 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE userApplications ) IBMAttributetypes=( 1.3.18.0.2.4.3129 DBNAME( 'logMaxArchives' 'logMaxArchives' ) ACCESS-CLASS critical LENGTH 11 ) attributetypes=(1.3.18.0.2.4.3330 NAME 'ibm-slapdLogMgmtStartTime' DESC 'specifies the start date and time for the log management activity. The format is YYYYMMDDHHMM' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 {1024} SINGLE-VALUE USAGE userApplications) attributetypes=(1.3.18.0.2.4.3334 NAME 'ibm-slapdLogMgmtFrequency' DESC 'Specifies the time interval between two cycles of the log management activity' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 {1024} SINGLE-VALUE USAGE userApplications) attributetypes=( 1.3.18.0.2.4.3130 NAME 'ibm-slapdLogOptions' DESC 'Any log options that the log uses, for example, log level or mask.' EQUALITY 2.5.13.2 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE userApplications ) IBMAttributetypes=( 1.3.18.0.2.4.3130 DBNAME( 'logOptions' 'logOptions' ) ACCESS-CLASS critical LENGTH 30 ) attributetypes=( 1.3.18.0.2.4.3131 NAME 'ibm-slapdLogSizeThreshold' DESC 'When this size threshold, in MB, is exceeded the file will be archived where 0 means no threshold and thus no archiving.' EQUALITY 2.5.13.14 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE userApplications ) IBMAttributetypes=( 1.3.18.0.2.4.3131 DBNAME( 'logSizeThreshold' 'logSizeThreshold' ) ACCESS-CLASS critical LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.2409 NAME 'ibm-slapdMasterDN' DESC 'Bind DN used by a replication supplier server. The value has to match the replicaBindDN in the credentials object associated with the replication agreement. When kerberos is used to authenticate to the replica, ibm-slapdMasterDN must specify the DN representation of the kerberos ID (e.g. ibm-kn=freddy@realm1). When kerberos is used, MasterServerPW is ignored.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2409 DBNAME( 'MasterDN' 'MasterDN' ) ACCESS-CLASS critical LENGTH 1000 ) attributetypes=( 1.3.18.0.2.4.2411 NAME 'ibm-slapdMasterPW' DESC 'Bind password used by replication supplier server. The value has to match the replicaBindPW in the credentials object associated with the replication agreement. When kerberos is used, MasterServerPW is ignored.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2411 DBNAME( 'MasterPW' 'MasterPW' ) ACCESS-CLASS critical ) attributetypes=( 1.3.18.0.2.4.2401 NAME 'ibm-slapdMasterReferral' DESC 'URL of master replica server (e.g.: ldaps://master.us.ibm.com:636)' EQUALITY 2.5.13.2 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2401 DBNAME( 'MasterReferral' 'MasterReferral' ) ACCESS-CLASS critical LENGTH 256 ) attributetypes=( 1.3.18.0.2.4.2412 NAME 'ibm-slapdMaxEventsPerConnection' DESC 'Maximum number of event notifications which can be registered per connection. Minimum = 0 (unlimited) Maximum = 2,147,483,647' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2412 DBNAME( 'EventsPerCon' 'EventsPerCon' ) ACCESS-CLASS critical LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.2405 NAME 'ibm-slapdMaxEventsTotal' DESC 'Maximum total number of event notifications which can be registered for all connections. Minimum = 0 (unlimited) Maximum = 2,147,483,647' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2405 DBNAME( 'MaxEventsTotal' 'MaxEventsTotal' ) ACCESS-CLASS critical LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.2439 NAME 'ibm-slapdMaxNumOfTransactions' DESC 'Maximum number of transactions active at one time. 0 = unlimited' EQUALITY 2.5.13.29 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2439 DBNAME( 'MaxNumOfTrans' 'MaxNumOfTrans' ) ACCESS-CLASS critical LENGTH 11 EQUALITY ORDERING SUBSTR APPROX ) attributetypes=( 1.3.18.0.2.4.2385 NAME 'ibm-slapdMaxOpPerTransaction' DESC 'Maximum number of operations per transaction. Minimum = 1 Maximum = 500' EQUALITY 2.5.13.29 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2385 DBNAME( 'MaxOpPerTrans' 'MaxOpPerTrans' ) ACCESS-CLASS critical LENGTH 11 EQUALITY ORDERING APPROX ) attributetypes=( 1.3.18.0.2.4.xxxx NAME 'ibm-slapdMaxPersistentSearches' DESC 'Maximum total number of simultaneous persistent search operations for all connections. Maximum = 2000 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.xxxx DBNAME( 'MaxPersistentSearches' ) ACCESS-CLASS critical LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.2486 NAME 'ibm-slapdMaxPendingChangesDisplayed' DESC 'Maximum number of pending replication updates or failed updates to be displayed for any given replication agreement on a supplier server. The value is dynamic' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 USAGE userApplications ) IBMAttributetypes=( 1.3.18.0.2.4.2486 DBNAME( 'slapdMaxPendingCh' 'slapdMaxPendingCh' ) ACCESS-CLASS normal LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.2386 NAME 'ibm-slapdMaxTimeLimitOfTransactions' DESC 'The maximum timeout value of a pending transaction in seconds. 0 = unlimited' EQUALITY 2.5.13.29 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2386 DBNAME( 'MaxTimeOfTrans' 'MaxTimeOfTrans' ) ACCESS-CLASS critical LENGTH 11 EQUALITY ORDERING APPROX ) attributestypes=( 1.3.18.0.2.4.3317 NAME 'ibm-slapdPtaMigratePwd' DESC 'Must be one of { TRUE | FALSE }. Specifies if password should be stored in local directory. Default is FALSE. If set to TRUE, after successful Pass-through Authentication the password will be stored in TDS if entry exists.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE directoryOperation) IBMAttributetypes=( 1.3.18.0.2.4.3317 DBNAME( 'ptaMigrate' 'ptaMigrate' ) ACCESS-CLASS normal LENGTH 5) attributetypes=( 1.3.18.0.2.4.2500 NAME 'ibm-slapdMigrationInfo' DESC 'Information used to control migration of a component.' EQUALITY 2.5.13.2 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2500 DBNAME( 'slapdMigrationInf' 'slapdMigrationInf' ) ACCESS-CLASS critical LENGTH 2048 ) attributetypes= (1.3.18.0.2.4.3321 NAME 'ibm-slapdNoReplConflictResolution' DESC 'Must be one of {TRUE | FALSE}. Specifies whether or not directory server will handle replication conflict resolution. If it is set to true, then the server does not try to compare entries' timestamps for replicated entries in an attempt to resolve conflicts between the entries. However, conflict resolution does not apply to entry cn=schema which is always replaced by a replicated cn=schema.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE directoryOperation) IBMAttributetypes= (1.3.18.0.2.4.3321 DBNAME ('NoReplConflictResolution' 'NoReplConflictResolution') ACCESS-CLASS critical LENGTH 5) attributetypes=( 1.3.18.0.2.4.2376 NAME 'ibm-slapdPagedResAllowNonAdmin' DESC 'Whether or not the server should allow non-Administrator bind for paged results requests on a search request. If the value read from the ibmslapd.conf file is TRUE, the server will process any client request, including those submitted by a user binding anonymously. If the value read from the ibmslapd.conf file is FALSE, the server will process only those client requests submitted by a user with Administrator authority. If a client requests paged results with a criticality of TRUE or FALSE for a search operation, does not have Administrator authority, and the value read from the ibmslapd.conf file for this attribute is FALSE, the server will return to the client with return code insufficientAccessRights - no searching or paging will be performed. ' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2376 DBNAME( 'SlapdPagedNonAdmn' 'SlapdPagedNonAdmn' ) ACCESS-CLASS critical LENGTH 5 ) attributetypes=( 1.3.18.0.2.4.2380 NAME 'ibm-slapdPagedResLmt' DESC 'Maximum number of outstanding paged results search requests allowed active simultaneously. Range = 0.... If a client requests a paged results operation, and a maximum number of outstanding paged results are currently active, then the server will return to the client with return code of busy - no searching or paging will be performed.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2380 DBNAME( 'SlapdPagedResLmt' 'SlapdPagedResLmt' ) ACCESS-CLASS critical L ENGTH 11 ) attributetypes=( 1.3.18.0.2.4.2406 NAME 'ibm-slapdPlugin' DESC 'A plugin is a dynamically loaded library which extends the capabilities of the server. An ibm-slapdPlugin attribute specifies to the server how to load and initialize a plugin library. The syntax is: keyword filename init_function [args...] The syntax will be slightly different for each platform due to library naming conventions.' EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2406 DBNAME ( 'slapdPlugin' 'slapdPlugin' ) ACCESS-CLASS critical LENGTH 2000 ) attributetypes=( 1.3.18.0.2.4.2408 NAME 'ibm-slapdPort' DESC 'TCP/IP port used for non-SSL connections. Can not have the same value as ibm-slapdSecurePort. (IP ports are unsigned, 16-bit integers in the range 1 - 65535)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2408 DBNAME( 'slapdPort' 'slapdPort' ) ACCESS-CLASS critical LENGTH 5 ) attributetypes=( 1.3.18.0.2.4.3146 NAME 'ibm-slapdProxyBackendServerDn' DESC 'Reference to a configuration file entry describing a proxy backend server.' EQUALITY 2.5.13.2 ORDERING 2.5.13.3 SUBSTR 2.5.13.4 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE distributedOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3146 DBNAME( 'slapdProxyBSDn' 'slapdProxyBSDn' ) ACCESS-CLASS critical LENGTH 2048 ) attributetypes=( 1.3.18.0.2.4.3117 NAME 'ibm-slapdProxyBindMethod' DESC 'The method used to bind to backend servers. Must be one of simple/digest/Kerberos.' EQUALITY 2.5.13.2 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3117 DBNAME( 'slapdProxyBindMet' 'slapdProxyBindMet' ) ACCESS-CLASS critical LENGTH 50 ) attributetypes=( 1.3.18.0.2.4.3118 NAME 'ibm-slapdProxyConnectionPoolSize' DESC 'The number of connections to be maintained by the proxy server to an individual backend server.' EQUALITY 2.5.13.14 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3118 DBNAME( 'slapdProxyConnect' 'slapdProxyConnect' ) ACCESS-CLASS critical LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.3135 NAME 'ibm-slapdProxyDigestRealm' DESC 'Optional attribute to provide the realm of the digest MD-5 bind when binding to a backend server' EQUALITY 2.5.13.2 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3135 DBNAME( 'slapdProxyDigestR' 'slapdProxyDigestR' ) ACCESS-CLASS critical LENGTH 2048 ) attributetypes=( 1.3.18.0.2.4.3119 NAME 'ibm-slapdProxyDigestUserName' DESC 'The username to be used when DIGEST is selected as the bind method to a backend server' EQUALITY 2.5.13.2 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3119 DBNAME( 'slapdProxyDigestU' 'slapdProxyDigestU' ) ACCESS-CLASS critical LENGTH 2048 ) attributetypes=( 1.3.18.0.2.4.3120 NAME 'ibm-slapdProxyDn' DESC 'The DN the proxy server will use to bind to backend server nodes.' EQUALITY 2.5.13.2 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3120 DBNAME( 'slapdProxyDn' 'slapdProxyDn' ) ACCESS-CLASS critical LENGTH 2048 ) attributetypes=( 1.3.18.0.2.4.3143 NAME 'ibm-slapdProxyNumPartitions' DESC 'Specifies the number of servers a given container is split between.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3143 DBNAME( 'slapdProxyNumPart' 'slapdProxyNumPart' ) ACCESS-CLASS critical LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.3144 NAME 'ibm-slapdProxyPartitionBase' DESC 'Defines the base at which a container is to be split. Entries below this DN will be split among any number of servers defined with the same base.' EQUALITY 2.5.13.2 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE distributedOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3144 DBNAME( 'slapdProxyPBase' 'slapdProxyPBase' ) ACCESS-CLASS normal LENGTH 2048 ) attributetypes=( 1.3.18.0.2.4.3145 NAME 'ibm-slapdProxyPartitionIndex' DESC 'The unique index a given server is assigned in a split container. The value here must be <= the corresponding ibm-slapdProxyNumPartitionsValue. The first value begins at 1.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 USAGE userApplications ) IBMAttributetypes=( 1.3.18.0.2.4.3145 DBNAME( 'slapdProxyPartiti' 'slapdProxyPartiti' ) ACCESS-CLASS normal LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.3121 NAME 'ibm-slapdProxyPw' DESC 'The password credentials the proxy server will when binding to a backend server node.' EQUALITY 2.5.13.2 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE userApplications ) IBMAttributetypes=( 1.3.18.0.2.4.3121 DBNAME( 'slapdProxyPw' 'slapdProxyPw' ) ACCESS-CLASS critical LENGTH 2048 ) attributetypes=( 1.3.18.0.2.4.3274 NAME 'ibm-slapdProxySplitName' DESC 'Name of a split point defined in the proxy servers configuration file.' EQUALITY 2.5.13.2 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE userApplications ) IBMAttributetypes=( 1.3.18.0.2.4.3274 DBNAME( 'slapdProxySplitNa' 'slapdProxySplitNa' ) ACCESS-CLASS normal LENGTH 2000 attributetypes=( 1.3.18.0.2.4.3122 NAME 'ibm-slapdProxyTargetURL' DESC 'The URL of a backend server. This must be in the form ldap:// or ldaps:// (to indicate SSL use ldaps).' EQUALITY 2.5.13.2 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3122 DBNAME( 'slapdProxyTargetU' 'slapdProxyTargetU' ) ACCESS-CLASS critical LENGTH 2048 ) attributetypes=( 1.3.18.0.2.4.3310 NAME 'ibm-slapdPtaAttrMapping ' DESC 'Must be of the form: attr1 dollar attr2, where attr1 and attr2 are valid attribute names. Specifies that attr1 on TDS is mapped to attr2 on pass-through server.' EQUALITY 2.5.13.14 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation) IBMAttributetypes=( 1.3.18.0.2.4.3310 DBNAME( 'ptaAttrMap' 'ptaAttrMap' ) ACCESS-CLASS critical LENGTH 1024 ) attributetypes=( 1.3.18.0.2.4.3312 NAME 'ibm-slapdPtaBindPW' DESC 'Bind password that will be used to bind to pass-through directory on search connections.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3312 DBNAME( 'ptaBindPw' 'ptaBindPw' ) ACCESS-CLASS critical LENGTH 1000 ) attributetypes=( 1.3.18.0.2.4.3313 NAME 'ibm-slapdPtaBindDN' DESC 'Bind DN that will be used to bind to the pass-through server to search for the mapped entry DN when attribute mapping is configured.' EQUALITY 2.5.13.2 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3313 DBNAME( 'ptaBindDN' 'ptaBindDN' ) ACCESS-CLASS critical LENGTH 1000 ) attributestypes=( 1.3.18.0.2.4.3319 NAME 'ibm-slapdPtaEnabled' DESC 'Must be one of { TRUE | FALSE }. Specifies whether Pass-through Authentication is currently enabled. Defaults to FALSE. If set to TRUE, Pass-through Authentication will be performed as per configuration settings.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3319 DBNAME( 'ptaEnabled' 'ptaEnabled' ) ACCESS-CLASS normal LENGTH 5) attributetypes=( 1.3.18.0.2.4.3318 NAME 'ibm-slapdPtaResultTimeout' DESC 'Specifies a time-out value for the particular pass-through bind to wait for results from pass-through server. When the time limit is reached the bind will be assumed to be failed' EQUALITY 2.5.13.14 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation) IBMAttributetypes=( 1.3.18.0.2.4.3318 DBNAME( 'ptaTimeout' 'ptaTimeout' ) ACCESS-CLASS normal LENGTH 5 ) attributetypes=( 1.3.18.0.2.4.3311 NAME 'ibm-slapdPtaSearchBase' DESC 'Specifies the search base which will be used for searching for the mapped entry DN in a pass-through server when attribute mapping is configured.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3311 DBNAME( 'ptaSrhBase' 'ptaSrhBase' ) ACCESS-CLASS critical LENGTH 1000 ) attributetypes=( 1.3.18.0.2.4.3315 NAME 'ibm-slapdPtaSubtree' DESC 'Specifies subtrees for which Pass-through authentication will be performed.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3315 DBNAME( 'ptaSubtree' 'ptaSubtree' ) ACCESS-CLASS normal LENGTH 1000 ) attributetypes=( 1.3.18.0.2.4.3314 NAME 'ibm-slapdPtaURL' DESC 'URL of a pass-through server. This must be in the form ldap:// or ldaps:// (to indicate SSL use ldaps) with the port number on which the pass-through server is configured.' EQUALITY 2.5.13.2 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3314 DBNAME( 'ptaURL' 'ptaURL' ) ACCESS-CLASS normal LENGTH 256 ) attributetypes=( 1.3.18.0.2.4.2402 NAME 'ibm-slapdPwEncryption' DESC 'Must be one of { none | aes128 | aes192 | aes256 | crypt | sha }. Specify the encoding mechanism for the user passwords before they are stored in the directory. Defaults to none if unspecified. If the value is set other than none, SASL cram-md5 bind will fail.' EQUALITY 2.5.13.2 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2402 DBNAME( 'PwEncryption' 'PwEncryption' ) ACCESS-CLASS critical LENGTH 6 ) attributetypes=( 1.3.18.0.2.4.2413 NAME 'ibm-slapdReadOnly' DESC 'Must be one of { TRUE | FALSE }. Specifies whether the backend can be written to. Defaults to FALSE if unspecified. If set to TRUE, the server will return LDAP_UNWILLING_TO_PERFORM (0x35) in response to any client request which would change data in the readOnly database.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2413 DBNAME( 'ReadOnly' 'ReadOnly' ) ACCESS-CLASS critical LENGTH 5 ) attributetypes=( 1.3.18.0.2.4.2487 NAME 'ibm-slapdReferral' DESC 'Specify the referral LDAP URL to pass back when the local suffixes do not match the request. Used for superior referral (i.e. ibm-slapdSuffix is not within the servers naming context).' EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2487 DBNAME( 'Referral' 'Referral' ) ACCESS-CLASS critical LENGTH 32700 ) attributetypes= (1.3.18.0.2.4.3320 NAME 'ibm-slapdReplRestrictedAccess' DESC 'Must be one of {TRUE | FALSE}. Used to control access to the replication topology entry. If it is set to true, then only the root admin, local admin group members who are assigned DirDataAdmin and ReplicationAdmin roles, and the master DN have access to the replication topology entry, otherwise, any user with proper ACL may have access to the replication topology entry.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE directoryOperation) IBMAttributetypes= (1.3.18.0.2.4.3320 DBNAME ('ReplRestrictedAccess' 'ReplRestrictedAccess') ACCESS-CLASS critical LENGTH 5) attributetypes=( 1.3.18.0.2.4.3142 NAME 'ibm-slapdReplConflictMaxEntrySize' DESC 'Maximum number of bytes that an entry can contain and still be resent to a target server as a result of replication conflict resolution. This value is dynamic.' EQUALITY 2.5.13.14 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE userApplications ) IBMAttributetypes=( 1.3.18.0.2.4.3142 DBNAME( 'slapdReplConflict' 'slapdReplConflict' ) ACCESS-CLASS normal LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.3153 NAME 'ibm-slapdReplContextCacheSize' DESC 'Maximum size of replication context cache, in bytes. The value is dynamic.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE userApplications ) IBMAttributetypes=( 1.3.18.0.2.4.3153 DBNAME( 'slapdReplContextC' 'slapdReplContextC' ) ACCESS-CLASS normal LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.2434 NAME 'ibm-slapdReplDbConns' DESC 'Number of database connections for use by replication.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE userApplications ) IBMAttributetypes=( 1.3.18.0.2.4.2434 DBNAME( 'slapdReplDbConns' 'slapdReplDbConns' ) ACCESS-CLASS normal LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.2367 NAME 'ibm-slapdReplicaSubtree' DESC 'A DN identifying the top of a replicated subtree.' EQUALITY 2.5.13.1 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 USAGE userApplications ) IBMAttributetypes=( 1.3.18.0.2.4.2367 DBNAME( 'slapdReplicaSubtr' 'slapdReplicaSubtr' ) ACCESS-CLASS normal LENGTH 1000 ) attributetypes=( 1.3.18.0.2.4.3152 NAME 'ibm-slapdReplMaxErrors' DESC 'Limit to allowed errors per replication agreement, 0=unlimited. The value is dynamic.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE userApplications ) IBMAttributetypes=( 1.3.18.0.2.4.3152 DBNAME( 'slapdReplMaxError' 'slapdReplMaxError' ) ACCESS-CLASS normal LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.2437 NAME 'ibm-slapdSchemaAdditions' DESC 'File path on ibmslapd host machine containing additional schema definitions used by the LDCF backend. Standard values are: /etc/V3.modifiedschema On Windows, forward slashes are allowed, and a leading slash not preceded by a drive letter is assumed to be rooted at the install directory (i.e.: /etc/V3.system.at = D:\Program Files\IBM\ldap\etc\V3.system.at).' EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2437 DBNAME( 'slapdSchemaAdditi' 'slapdSchemaAdditi' ) ACCESS-CLASS normal LENGTH 1024 ) attributetypes=( 1.3.18.0.2.4.2363 NAME 'ibm-slapdSchemaCheck' DESC 'Must be one of { V2 | V3 | V3_lenient }. Specifies schema checking mechanism for add/modify operation. V2 = perform LDAP v2 checking. V3 = perform strict LDAP v3 checking. V3_lenient = not ALL parent object classes are required. Only the immediate object class is needed when adding entries.' EQUALITY 2.5.13.2 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2363 DBNAME( 'SchemaCheck' 'SchemaCheck' ) ACCESS-CLASS critical LENGTH 10 ) attributetypes=( 1.3.18.0.2.4.2398 NAME 'ibm-slapdSecurePort' DESC 'TCP/IP port used for SSL connections. Can not have the same value as ibm-slapdPort. (IP ports are unsigned, 16-bit integers in the range 1 - 65535)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2398 DBNAME( 'SecurePort' 'SecurePort' ) ACCESS-CLASS critical LENGTH 5 ) attributetypes=( 1.3.18.0.2.4.2399 NAME 'ibm-slapdSecurity' DESC 'Must be one of { none | SSL | SSLOnly }. Specifies types of connections accepted by server. none - server listens on non-ssl port only. ssl - server listens on both ssl and non-ssl ports. sslonly - server listens on ssl port only.' EQUALITY 2.5.13.2 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2399 DBNAME( 'Security' 'Security' ) ACCESS-CLASS critical LENGTH 7 ) attributetypes=( 1.3.18.0.2.4.3111 NAME 'ibm-slapdServerBackend' DESC 'Specifies whether this server loads a database or proxy backend.' EQUALITY 2.5.13.2 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3111 DBNAME( 'slapdServerBacken' 'slapdServerBacken' ) ACCESS-CLASS critical LENGTH 1000 ) attributetypes=( 1.3.18.0.2.4.2433 NAME 'ibm-slapdServerId' DESC 'Identifies the server for use in replication' EQUALITY 1.3.6.1.4.1.1466.109.114.1 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE USAGE userApplications ) IBMAttributetypes=( 1.3.18.0.2.4.2433 DBNAME( 'slapdServerId' 'slapdServerId' ) ACCESS-CLASS normal LENGTH 240 ) attributetypes=( 1.3.18.0.2.4.2397 NAME 'ibm-slapdSetenv' DESC 'Server executes putenv() for all values of ibm-slapdSetenv at startup to modify its own runtime environment. Shell variables (%PATH% or \24LANG) will not be expanded. The only current use for this attribute is to set DB2CODEPAGE=1208, which is required if using UCS-2 (Unicode) databases.' EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2397 DBNAME( 'slapdSetenv' 'slapdSetenv' ) ACCESS-CLASS critical LENGTH 2000 ) attributetypes=( 1.3.18.0.2.4.2396 NAME 'ibm-slapdSizeLimit' DESC 'Maximum number of entries to return from search, regardless of any sizelimit that may have been specified on the client search request. Range = 0.... If a client has passed a limit, then the smaller value of the client value and the value read from ibmslapd.conf will be used. If a client has not passed a limit and has bound as admin DN, then the limit will be considered unlimited. If the client has not passed a limit and has not bound as admin DN, then the limit will be that which was read from ibmslapd.conf file. 0 = unlimited.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2396 DBNAME( 'SizeLimit' 'SizeLimit' ) ACCESS-CLASS critical LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.2381 NAME 'ibm-slapdSortKeyLimit' DESC 'Maximum number of sort conditions (keys) that can be specified on a single search request. Range = 0.... If a client has passed a search request with more sort keys than the limit allows, and the sorted search control criticality is FALSE, then the server will honor the value read from ibmslapd.conf and ignore any sort keys encountered after the limit has been reached - searching and sorting will be performed. If a client has passed a search a request with more keys than the limit allows, and the sorted search control criticality is TRUE, then the server will return to the client with return code of adminLimitExceeded - no searching or sorting will be performed.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2381 DBNAME( 'SlapdSortKeyLimit' 'SlapdSortKeyLimit' ) ACCESS-CLASS critical LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.2377 NAME 'ibm-slapdSortSrchAllowNonAdmin' DESC 'Whether or not the server should allow non-Administrator bind for sort on a search request. If the value read from the ibmslapd.conf file is TRUE, the server will process any client request, including those submitted by a user binding anonymously. If the value read from the ibmslapd.conf file is FALSE, the server will process only those client requests submitted by a user with Administrator authority. If a client requests sort with a criticality of TRUE for a search operation, does not have Administrator authority, and the value read from the ibmslapd.conf file for this attribute is FALSE, the server will return to the client with return code insufficientAccessRights - no searching or sorting will be performed.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2377 DBNAME( 'SlapdSortNonAdmin' 'SlapdSortNonAdmin' ) ACCESS-CLASS critical LENGTH 5 ) attributetypes=( 1.3.18.0.2.4.2395 NAME 'ibm-slapdSslAuth' DESC 'Must be one of { serverauth | serverclientauth }. Specify authentication type for ssl connection. serverauth - supports server authentication at the client. serverclientauth - supports both server and client authentication.' EQUALITY 2.5.13.2 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2395 DBNAME( 'slapdSslAuth' 'slapdSslAuth' ) ACCESS-CLASS critical LENGTH 16 ) attributetypes=( 1.3.18.0.2.4.2389 NAME 'ibm-slapdSslCertificate' DESC 'Specify the label that identifies the servers Personal Certificate in the key database file. This label is specified when the servers private key and certificate are created with the ikmgui application. If ibm-slapdSslCertificate is not defined, the default private key, as defined in the key database file, is used by the LDAP server for SSL connections.' EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2389 DBNAME( 'SslCertificate' 'SslCertificate' ) ACCESS-CLASS critical LENGTH 128 ) attributetypes=( 1.3.18.0.2.4.2429 NAME 'ibm-slapdSslCipherSpec' DESC 'SSL Cipher Spec Value must be set to DES-56, RC2-40-MD5, RC4-128-MD5, RC4-128-SHA, RC4-40-MD5, TripleDES-168, or AES' EQUALITY 1.3.6.1.4.1.1466.109.114.1 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2429 DBNAME( 'slapdSslCipherSpe' 'slapdSslCipherSpe' ) ACCESS-CLASS normal LENGTH 30 ) attributetypes=( 1.3.18.0.2.4.2362 NAME 'ibm-slapdSslCipherSpecs' DESC 'This attribute is depricated in favor of ibm-slapdSslCipherSpec. Specifies a decimal number which identifies the allowable encryption/decryption methods for establishing a SSL connection between LDAP clients and server. This number represents the availability of the encryption/decryption methods supported by the LDAP server. The pre-defined Cipher values and their descriptions are: SLAPD_SSL_TRIPLE_DES_SHA_US 0x0A Triple DES encryption with a 168-bit key and a SHA-1 MAC SLAPD_SSL_DES_SHA_US 0x09 DES encryption with a 56-bit key and a SHA-1 MAC SLAPD_SSL_RC4_SHA_US 0x05 RC4 encryption with a 128-bit key and a SHA-1 MAC SLAPD_SSL_RC4_MD5_US 0x04 RC4 encryption with a 128-bit key and a MD5 MAC SLAPD_SSL_RC4_MD5_EXPORT 0x03 RC4 encryption with a 40-bit key and a MD5 MAC SLAPD_SSL_RC2_MD5_EXPORT 0x06 RC2 encryption with a 40-bit key and a MD5 MAC' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2362 DBNAME( 'SslCipherSpecs' 'SslCipherSpecs' ) ACCESS-CLASS critical LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.3088 NAME 'ibm-slapdSslFIPsModeEnabled' DESC 'Specifies server will use ICC version of GSKit if TRUE, BSAFE version if false.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3088 DBNAME( 'slapdSslFIPsModeE' 'slapdSslFIPsModeE' ) ACCESS-CLASS critical LENGTH 5 ) attributetypes=( 1.3.18.0.2.4.2375 NAME 'ibm-slapdSSLKeyDatabase' DESC 'File path to the LDAP servers SSL key database file. This key database file is used for handling SSL connections from LDAP clients, as well as for creating secure SSL connections to replica LDAP servers. On Windows, forward slashes are allowed, and a leading slash not preceeded by a drive specifier (D:) is assumed to be rooted at the install directory (i.e.: /etc/key.kdb = D:\Program Files\IBM\ldap\etc\key.kdb).' EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2375 DBNAME( 'slapdSSLKeyDataba' 'slapdSSLKeyDataba' ) ACCESS-CLASS critical LENGTH 1024 ) attributetypes=( 1.3.18.0.2.4.2438 NAME 'ibm-slapdSSLKeyDatabasePW' DESC 'Specify the password associated with the LDAP servers SSL key database file, as specified on the ibm-slapdSslKeyDatabase parameter. If the LDAP servers key database file has an associated password stash file, then the ibm-slapdSslKeyDatabasePW parameter can be ommitted, or set to ibm-slapdSslKeyDatabasePW = none. Note that the password stash file must be located in the same directory as the key database file and it must have the same file name as the key database file, but with an extension of .sth, instead of .kdb' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2438 DBNAME( 'slapdSSLKeyDPW' 'slapdSSLKeyDPW' ) ACCESS-CLASS normal ) attributetypes=( 1.3.18.0.2.4.2392 NAME 'ibm-slapdSslKeyRingFile' DESC 'file path to the LDAP servers SSL key database file. This key database file is used for handling SSL connections from LDAP clients, as well as for creating secure SSL connections to replica LDAP servers. On Windows, forward slashes are allowed, and a leading slash not preceeded by a drive specifier (D:) is assumed to be rooted at the install directory ( i.e.: /etc/key.kdb = D:\Program Files\IBM\ldap\etc\key.kdb).' EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2392 DBNAME( 'SslKeyRingFile' 'SslKeyRingFile' ) ACCESS-CLASS critical LENGTH 1024 ) attributetypes=( 1.3.18.0.2.4.2390 NAME 'ibm-slapdSslKeyRingFilePW' DESC 'Specify the password associated with the LDAP servers SSL key database file, as specified on the ibm-slapdSslKeyRingFile parameter. If the LDAP servers key database file has an associated password stash file, then the ibm-slapdSslKeyRingFilePW parameter can be ommitted, or set to ibm-slapdSslKeyRingFilePW = none. Note that the password stash file must be located in the same directory as the key database file and it must have the same file name as the key database file, but with an extension of .sth, instead of .kdb.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2390 DBNAME( 'SslKeyRingFilePW' 'SslKeyRingFilePW' ) ACCESS-CLASS critical ) attributetypes=( 1.3.18.0.2.4.3289 NAME ' ibm-slapdSslPKCS11AcceleratorMode' DESC specifies the accelerator mode of crypto hardware. Value must be :- SYMMETRIC , DIGEST or RANDOM.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 USAGE directoryOperation) IBMAttributetypes = ( 1.3.18.0.2.4.3289 DBNAME ('SslPKCS11AccMod' 'SslPKCS11AccMod') ACCESS-CLASS normal LENGTH 11) attributetypes=( 1.3.18.0.2.4.3293 NAME ' ibm-slapdSslPKCS11Enabled ' DESC ' Specify whether PKCS11 interface is enabled to do cryptographic operations and key database file lookup from an installed crypto device. Must be one of { TRUE | FALSE }.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE directoryOperation) IBMAttributetypes=( 1.3.18.0.2.4.3293 DBNAME( 'slapdSslPKCS11' 'slapdSslPKCS11' ) ACCESS-CLASS normal LENGTH 5) attributetypes=( 1.3.18.0.2.4.3290 NAME ' ibm-slapdSslPKCS11Keystorage ' DESC 'Specify whether or not the crypto device is used for key storage. Must be one of { TRUE | FALSE }.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE directoryOperation) IBMAttributetypes=( 1.3.18.0.2.4.3290 DBNAME( 'SslPKCS11Keystore' ' SslPKCS11Keystore ' ) ACCESS-CLASS normal LENGTH 5) attributetypes=( 1.3.18.0.2.4.3292 NAME ' ibm-slapdSslPKCS11Lib ' DESC 'File path of the installed crypto device driver used for key database storage or crypto graphic operations. On Windows, forward slashes are allowed, and a leading slash not preceded by a drive specifier (D:) is assumed to be rooted at the install directory (i.e.: /etc/key.kdb = D:\Program Files\IBM\ldap\etc\key.kdb).' EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3292 DBNAME( 'slapdSSLPKCS11Lib' 'slapdSSLPKCS11Lib' ) ACCESS-CLASS critical LENGTH 1024 ) attributetypes=( 1.3.18.0.2.4.3291 NAME 'ibm-slapdSslPKCS11TokenLabel' DESC 'Specify the token label that identifies the crypto set in a given hardware device to be used. This label is specified when the crypto hardware set is configured for keydatabase storage, crypto operation or both.' EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3291 DBNAME( 'SslPKCS11Label' 'SslPKCS11Label') ACCESS-CLASS critical LENGTH 128 ) attributetypes=( 1.3.18.0.2.4.3286 NAME ' ibm-slapdSslPKCS11TokenPW ' DESC 'Specify the token password associated with a crypto set in crypto hardware.' SYNTAX 1.3.6.1.4.1.1466.11 5.121.1.5 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3286 DBNAME( 'SslPKCS11TokenPw 'SslPKCS11TokenPw' ) ACCESS-CLASS critical ) attributetypes=( 1.3.18.0.2.4.3058 NAME 'ibm-slapdStartupTraceEnabled' DESC 'Must be one of [TRUE|FALSE]. Specifies whether trace information is to be collected at server startup.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3058 DBNAME( 'slapdStartupTrace' 'slapdStartupTrace' ) ACCESS-CLASS normal LENGTH 5 ) attributetypes=( 1.3.18.0.2.4.3260 NAME 'ibm-slapdStatusInterval' DESC 'The interval between status checks.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE userApplications ) IBMAttributetypes=( 1.3.18.0.2.4.3260 DBNAME( 'slapdStatusInterv' 'slapdStatusInterv' ) ACCESS-CLASS normal LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.2388 NAME 'ibm-slapdSuffix' DESC 'Specifies a naming context to be stored in this backend.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2388 DBNAME( 'slapdSuffix' 'slapdSuffix' ) ACCESS-CLASS critical LENGTH 1000 ) attributetypes=( 1.3.18.0.2.4.2480 NAME 'ibm-slapdSupportedWebAdmVersion' DESC 'This attribute defines the earliest version of the web admin that supports this servers of cn=configuration.' EQUALITY 2.5.13.2 ORDERING 2.5.13.3 SUBSTR 2.5.13.4 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2480 DBNAME( 'slapdSupWebAdmVer' 'slapdSupWebAdmVer' ) ACCESS-CLASS normal LENGTH 256 ) attributetypes=( 1.3.18.0.2.4.2393 NAME 'ibm-slapdSysLogLevel' DESC 'Must be one of { l | m | h }. Level at which debugging and operation statistics are logged in ibmslapd.log file. h - high (verbose), m - medium, l - low (terse).' EQUALITY 2.5.13.2 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2393 DBNAME( 'SysLogLevel' 'SysLogLevel' ) ACCESS-CLASS critical LENGTH 1 ) attributetypes=( 1.3.18.0.2.4.2391 NAME 'ibm-slapdTimeLimit' DESC 'Maximum number of number of seconds to spend on search request, regardless of any timelimit that may have been specified on the client request. Range = 0.... If a client has passed a limit, then the smaller value of the client value and the value read from ibmslapd.conf will be used. If a client has not passed a limit and has bound as admin DN, then the limit will be considered unlimited. If the client has not passed a limit and has not bound as admin DN, then the limit will be that which was read from ibmslapd.conf file. 0 = unlimited.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2391 DBNAME( 'TimeLimit' 'TimeLimit' ) ACCESS-CLASS critical LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.3060 NAME 'ibm-slapdTraceMessageLevel' DESC 'Any value that would be acceptable after the ibmslapd -h command line option, sets the Debug message level' EQUALITY 2.5.13.2 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3060 DBNAME( 'slapdTraceLevel' 'slapdTraceLevel' ) ACCESS-CLASS normal LENGTH 6 ) attributetypes=( 1.3.18.0.2.4.3059 NAME 'ibm-slapdTraceMessageLog' DESC 'File path or device on server host machine to which LDAP CAPI and Debug macro messages will be written. On Windows forward slashes are allowed and a leading slash not preceded by a drive letter is assumed to be rooted at the install directory (i.e., /tmp/tracemsg.log = C:\Program Files\IBM\LDAP\tmp\tracemsg.log).' EQUALITY 2.5.13.2 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3059 DBNAME( 'slapdTraceMessage' 'slapdTraceMessage' ) ACCESS-CLASS normal LENGTH 1024 ) attributetypes=( 1.3.18.0.2.4.2384 NAME 'ibm-slapdTransactionEnable' DESC 'If FALSE, globally disables transaction support; the server will reject all StartTransaction requests with the response LDAP_UNWILLING_TO_PERFORM.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2384 DBNAME( 'TransactionEnable' 'TransactionEnable' ) ACCESS-CLASS critical LENGTH 5 ) attributetypes=( 1.3.18.0.2.4.2499 NAME 'ibm-slapdUseProcessIdPW' DESC 'If set to true the server will use user login ID associated with the ibmslapd process to connect to the database. If set to false the server will use ibm-slapdDbUserID and ibm-slapdDbUserPW to connect to the database.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2499 DBNAME( 'useprocidpw' 'useprocidpw' ) ACCESS-CLASS normal LENGTH 5 ) attributetypes=(1.3.18.0.2.4.3280 NAME 'ibm-slapdUlimitDataSegment' DESC 'Specify the value of ulimit Data Segment in Kbytes' EQUALITY 2.5.13.14 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation) IBMAttributetypes=(1.3.18.0.2.4.3280 DBNAME ( 'slapdDataSeg''slapdDataSeg' ) ACCESS-CLASS critical LENGTH 11 ) attributetypes=(1.3.18.0.2.4.3278 NAME 'ibm-slapdUlimitDescription' DESC 'Specify the remark for ulimit entry' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 USAGE directoryOperation) IBMAttributetypes=(1.3.18.0.2.4.3278 DBNAME ( 'uDescription' 'uDescription' ) ACCESS-CLASS normal LENGTH 256) attributetypes=(1.3.18.0.2.4.3282 NAME 'ibm-slapdUlimitFileSize' DESC 'Specify the value of ulimit File Size in 512-bytes block' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation) IBMAttributetypes=(1.3.18.0.2.4.3282 DBNAME ( 'slapdFileSize' 'slapdFileSize' ) ACCESS-CLASS critical LENGTH 11 ) attributetypes=(1.3.18.0.2.4.3279 NAME 'ibm-slapdUlimitNofile' DESC 'Specify the value of ulimit parameter number of file (File Descriptor)' EQUALITY 2.5.13.14 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation) IBMAttributetypes=(1.3.18.0.2.4.3279 DBNAME ( 'slapdNoFile''slapdNo.File' ) ACCESS-CLASS critical LENGTH 11 ) attributetypes=(1.3.18.0.2.4.3283 NAME 'ibm-slapdUlimitRSS' DESC 'Specify the value of ulimit Maximum memory size (rss) in Kbytes' EQUALITY 2.5.13.14 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation) IBMAttributetypes=(1.3.18.0.2.4.3283 DBNAME ( 'slapdRSS' 'slapdRSS' ) ACCESS-CLASS critical LENGTH 11 ) attributetypes=(1.3.18.0.2.4.3281 NAME 'ibm-slapdUlimitStackSize' DESC 'Specify the value of ulimit Stack Size in Kbytes' EQUALITY 2.5.13.14 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation) IBMAttributetypes=(1.3.18.0.2.4.3281 DBNAME ( 'slapdStackSize' 'slapdStackSize' ) ACCESS-CLASS critical LENGTH 11 ) attributetypes=(1.3.18.0.2.4.3284 NAME 'ibm-slapdUlimitVirtualMemory' DESC 'Specify the value of ulimit Virtual Memory in Kbytes' EQUALITY 2.5.13.14 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=(1.3.18.0.2.4.3284 DBNAME ( 'slapdVirMemory''slapdVirMemory' ) ACCESS-CLASS critical LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.2436 NAME 'ibm-slapdVersion' DESC 'IBM Slapd version Number' EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.2436 DBNAME( 'slapdVersion' 'slapdVersion' ) ACCESS-CLASS normal LENGTH 1024 ) attributetypes=( 1.3.18.0.2.4.3026 NAME 'ibm-slapdWriteTimeout' DESC 'Specifies a time-out value for blocked writes. When the time limit is reached the connection will be dropped.' EQUALITY 2.5.13.14 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3026 DBNAME( 'slapdWriteTimeout' 'slapdWriteTimeout' ) ACCESS-CLASS normal LENGTH 11 ) attributetypes=( 1.3.18.0.2.4.3110 NAME 'ids-instanceDesc' DESC 'A description of what this particular directory server is to be used for.' EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3110 DBNAME( 'idsInstDesc' 'idsInstDesc' ) ACCESS-CLASS critical LENGTH 256 ) attributetypes=( 1.3.18.0.2.4.3132 NAME 'ids-instanceLocation' DESC 'File path or device on server host machine to which the directory server instance\27s idsslapd-<instance name>directory is located. On Windows forward slashes are allowed and a leading slash not preceded by a drive letter is assumed to be rooted at the install directory (i.e., /tmp/idsslapd-server1 = C:\Program Files\IBM\LDAP\tmp\idsslapd-server1).' EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3132 DBNAME( 'idsinstLoc' 'idsinstLoc' ) ACCESS-CLASS critical LENGTH 1024 ) attributetypes=( 1.3.18.0.2.4.3133 NAME 'ids-instanceVersion' DESC 'IBM Slapd version Number for the directory server instance.' EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3133 DBNAME( 'idsinstVeri' 'idsinstVeri' ) ACCESS-CLASS critical LENGTH 1024 ) attributetypes=( 1.3.18.0.2.4.3154 NAME 'ibm-slapdSslFIPsProcessingMode' DESC 'Specifies server will operate in FIPS mode.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE directoryOperation ) IBMAttributetypes=( 1.3.18.0.2.4.3154 DBNAME( 'slapdSslFIPsPMode' 'slapdSslFIPsPMode' ) ACCESS-CLASS critical LENGTH 5 )
Dynamically-changed attributes
The following is a list of attributes that can be changed dynamically. You do not have to restart the server for these changes to take effect.
- Cn=Configuration
- ibm-slapdadmindn
- ibm-slapdAdminGroupEnabled
- ibm-slapdadminpw
- ibm-slapdDerefAliases
- ibm-slapdpwencryption
- ibm-slapdsizelimit
- ibm-slapdtimelimit
- cn=Log Management, cn=Configuration
- The dynamically-changed attributes apply to the following subentries:
- cn=Default, cn=Log Management, cn=Configuration
- cn=ibmslapd, cn=Log Management, cn=Configuration
- cn=Audit, cn=Log Management, cn=Configuration
- cn=Bulkload, cn=Log Management, cn=Configuration
- cn=DB2CLI, cn=Log Management, cn=Configuration
- cn=Tools, cn=Log Management, cn=Configuration
- cn=Replication, cn=Log Management, cn=Configuration
- cn=Admin, cn=Log Management, cn=Configuration
- cn=Admin Audit, cn=Log Management, cn=Configuration
The following are the dynamically-changed attributes for these subentries:
- ibm-slapdLog (Does not apply to cn=Default)
- ibm-slapdLogArchivePath
- ibm-slapdLogMaxArchives
- ibm-slapdLogOptions (Does not apply to cn=Default)
- ibm-slapdLogSizeThreshold
- cn=AdminGroup,cn=Configuration
- These attributes are dynamically-changed for the subtrees under this entry.
- ibm-slapdAdminDN
- ibm-slapdAdminPW
- ibm-slapdDigestAdminUser
- ibm-slapdKrbAdminDN
- cn=Front End, cn=Configuration
- ibm-slapdaclcache
- ibm-slapdaclcachesize
- ibm-slapdfiltercachebypasslimit
- ibm-slapdfiltercachesize
- ibm-slapdidletimeout
- cn=Connection Management, cn=Front End, cn=Configuration
- ibm-slapdAllowAnon
- ibm-slapdAllReapingThreshold
- ibm-slapdAnonReapingThreshold
- ibm-slapdBoundReapingThreshold
- ibm-slapdESizeThreshold
- ibm-slapdEThreadActivate
- ibm-slapdEThreadEnable
- ibm-slapdETimeThreshold
- ibm-slapdIdleTimeOut
- ibm-slapdWriteTimeout
- cn=Event Notification, cn=Configuration
- ibm-slapdmaxeventsperconnection
- ibm-slapdmaxeventstotal
- cn=Transaction, cn=Configuration
- ibm-slapdmaxnumoftransactions
- ibm-slapdmaxoppertransaction
- ibm-slapdmaxtimelimitoftransactions
- cn=ConfigDB, cn=Config Backends, cn=IBM Directory, cn=Schemas, cn=Configuration
- ibm-slapdreadonly
- cn=Directory, cn=RDBM Backends, cn=IBM Directory, cn=Schemas, cn=Configuration
- ibm-slapdCachedAttribute
- ibm-slapdCachedAttributeSize
- ibm-slapdLanguageTagsEnabled
- ibm-slapdpagedresallownonadmin
- ibm-slapdpagedreslmt
- ibm-slapdreadonly
- ibm-slapdsortkeylimit
- ibm-slapdsortsrchallownonadmin
- ibm-slapdsuffix
- cn=change log, cn=RDBM Backends, cn=IBM Directory, cn=Schemas, cn=Configuration
- ibm-slapdCachedAttribute
- ibm-slapdCachedAttributeSize
- cn=Digest, cn=configuration
- ibm-slapdDigestAdminUser
- ibm-slapdDigestRealm
- ibm-slapdDigestAttr
- cn=pwdPolicy Admin, cn=Configuration
- ibm-slapdConfigPwdPolicyOn
- pwdMinLength
- pwdLockout
- pwdLockoutDuration
- pwdMaxFailure
- pwdFailureCountInterval
- passwordMinAlphaChars
- passwordMinOtherChars
- passwordMaxRepeatedChars
- passwordMinDiffChars
- cn=Replication, cn=configuration
- ibm-slapdReplContextCacheSize
Server version 6.0 and above">Feedback
[ Top of Page | Previous Page | Next Page | Contents | Index ]