1 .lf 1 stdin 2 .TH SLAPD.OVERLAYS 5 "2025/05/22" "OpenLDAP 2.6.10" 3 .\" Copyright 2006-2024 The OpenLDAP Foundation All Rights Reserved. 4 .\" Copying restrictions apply. See COPYRIGHT/LICENSE. 5 .\" $OpenLDAP$ 6 .SH NAME 7 slapd.overlays \- overlays for slapd, the stand-alone LDAP daemon 8 .SH DESCRIPTION 9 The 10 .BR slapd (8) 11 daemon can use a variety of different overlays to alter or extend 12 the normal behavior of a database backend. 13 Overlays may be compiled statically into slapd, or when module support 14 is enabled, they may be dynamically loaded. Most of the overlays 15 are only allowed to be configured on individual databases, but some 16 may also be configured globally. 17 18 Configuration options for each overlay are documented separately in the 19 corresponding 20 .BR slapo\-<overlay> (5) 21 manual pages. 22 .TP 23 .B accesslog 24 Access Logging. 25 This overlay can record accesses to a given backend database on another 26 database. 27 .TP 28 .B auditlog 29 Audit Logging. 30 This overlay records changes on a given backend database to an LDIF log 31 file. 32 By default it is not built. 33 .TP 34 .B autoca 35 Automatic Certificate Authority overlay. 36 This overlay can generate X.509 certificate/key pairs for 37 entries in the directory if slapd is linked to OpenSSL. 38 By default it is not built. 39 .TP 40 .B chain 41 Chaining. 42 This overlay allows automatic referral chasing when a referral would 43 have been returned, either when configured by the server or when 44 requested by the client. 45 .TP 46 .B collect 47 Collective Attributes. 48 This overlay implements RFC 3671 collective attributes; these 49 attributes share common values over all the members of the collection 50 as inherited from an ancestor entry. 51 .TP 52 .B constraint 53 Constraint. 54 This overlay enforces a regular expression constraint on all values 55 of specified attributes. It is used to enforce a more rigorous 56 syntax when the underlying attribute syntax is too general. 57 .TP 58 .B dds 59 Dynamic Directory Services. 60 This overlay supports dynamic objects, which have a limited life after 61 which they expire and are automatically deleted. 62 .TP 63 .B deref 64 Dereference Control. 65 This overlay implements the draft Dereference control. The overlay can be 66 used with any backend or globally for all backends. 67 .TP 68 .B dyngroup 69 Dynamic Group. 70 This is a demo overlay which extends the Compare operation to detect 71 members of a dynamic group. 72 It has no effect on any other operations. 73 .TP 74 .B dynlist 75 Dynamic List. 76 This overlay allows expansion of dynamic groups and more. 77 .TP 78 .B homedir 79 Home Directory Provisioning. 80 This overlay manages creation/deletion of home directories for LDAP-based 81 Unix accounts. 82 .TP 83 .B memberof 84 MemberOf. 85 This overlay maintains automatic reverse group membership values, 86 typically stored in an attribute called memberOf. This overlay 87 is deprecated and should be replaced with dynlist. 88 .TP 89 .B otp 90 OATH One-Time Password module. 91 This module allows time-based one-time password, AKA "authenticator-style", 92 and HMAC-based one-time password authentication to be used in conjunction 93 with a standard LDAP password for two factor authentication. 94 .TP 95 .B pbind 96 Proxybind. 97 This overlay forwards simple bind requests on a local database to a 98 remote LDAP server. 99 .TP 100 .B pcache 101 Proxycache. 102 This overlay allows caching of LDAP search requests in a local database. 103 It is most often used with the 104 .BR slapd\-ldap (5) 105 or 106 .BR slapd\-meta (5) 107 backends. 108 .TP 109 .B ppolicy 110 Password Policy. 111 This overlay provides a variety of password control mechanisms, 112 e.g. password aging, password reuse and duplication control, mandatory 113 password resets, etc. 114 .TP 115 .B refint 116 Referential Integrity. 117 This overlay can be used with a backend database such as 118 .BR slapd\-mdb (5) 119 to maintain the cohesiveness of a schema which utilizes reference 120 attributes. 121 .TP 122 .B remoteauth 123 Remote Authentication. 124 This overlay delegates authentication requests to remote directories. 125 .TP 126 .B retcode 127 Return Code. 128 This overlay is useful to test the behavior of clients when 129 server-generated erroneous and/or unusual responses occur. 130 .TP 131 .B rwm 132 Rewrite/remap. 133 This overlay is experimental. 134 It performs basic DN/data rewrite and 135 objectClass/attributeType mapping. 136 .TP 137 .B sssvlv 138 Server Side Sorting and Virtual List Views. 139 This overlay implements the RFC2891 server-side sorting control and 140 virtual list view controls, and replaces the RFC2696 paged-results 141 implementation to ensure it works with the sorting technique. 142 .TP 143 .B syncprov 144 Syncrepl Provider. 145 This overlay implements the provider-side support for 146 .B syncrepl 147 replication, including persistent search functionality. 148 .TP 149 .B translucent 150 Translucent Proxy. 151 This overlay can be used with a backend database such as 152 .BR slapd\-mdb (5) 153 to create a "translucent proxy". 154 Content of entries retrieved from a remote LDAP server can be partially 155 overridden by the database. 156 .TP 157 .B unique 158 Attribute Uniqueness. 159 This overlay can be used with a backend database such as 160 .BR slapd\-mdb (5) 161 to enforce the uniqueness of some or all attributes within a subtree. 162 .TP 163 .B valsort 164 Value Sorting. 165 This overlay can be used to enforce a specific order for the values 166 of an attribute when it is returned in a search. 167 .SH FILES 168 .TP 169 /etc/openldap/slapd.conf 170 default slapd configuration file 171 .TP 172 /etc/openldap/slapd.d 173 default slapd configuration directory 174 .SH SEE ALSO 175 .BR ldap (3), 176 .BR slapo\-accesslog (5), 177 .BR slapo\-auditlog (5), 178 .BR slapo\-autoca (5), 179 .BR slapo\-chain (5), 180 .BR slapo\-collect (5), 181 .BR slapo\-constraint (5), 182 .BR slapo\-dds (5), 183 .BR slapo\-deref (5), 184 .BR slapo\-dyngroup (5), 185 .BR slapo\-dynlist (5), 186 .BR slapo\-memberof (5), 187 .BR slapo\-pbind (5), 188 .BR slapo\-pcache (5), 189 .BR slapo\-ppolicy (5), 190 .BR slapo\-refint (5), 191 .BR slapo\-remoteauth (5), 192 .BR slapo\-retcode (5), 193 .BR slapo\-rwm (5), 194 .BR slapo\-sssvlv (5), 195 .BR slapo\-syncprov (5), 196 .BR slapo\-translucent (5), 197 .BR slapo\-unique (5). 198 .BR slapo\-valsort (5). 199 .BR slapd\-config (5), 200 .BR slapd.conf (5), 201 .BR slapd.backends (5), 202 .BR slapd (8). 203 "OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/) 204 .SH ACKNOWLEDGEMENTS 205 .lf 1 ./../Project 206 .\" Shared Project Acknowledgement Text 207 .B "OpenLDAP Software" 208 is developed and maintained by The OpenLDAP Project <http://www.openldap.org/>. 209 .B "OpenLDAP Software" 210 is derived from the University of Michigan LDAP 3.3 Release. 211 .lf 205 stdin 212
Indexes created Wed Mar 04 05:31:52 UTC 2026