Plug-in Name

7-bit check (NS7bitAtt)

DN of Configuration Entry

cn=7-bit check,cn=plugins,cn=config

Description

Checks certain attributes are 7-bit clean

Configurable Options

on | off

Default Setting

on

Configurable Arguments

List of attributes (uid mail userpassword) followed by "," and then suffix(es) on which the check is to occur.

Dependencies

None

Performance Related Information

None

Further Information

If your Directory Server uses non-ASCII characters, Japanese, for example, turn this plug-in off.

Plug-in Name

ACL Plug-in

DN of Configuration Entry

cn=ACL Plugin,cn=plugins,cn=config

Description

ACL access check plug-in

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

N/A

Further Information

Chapter 6, "Managing Access Control"

Plug-in Name

ACL Preoperation

DN of Configuration Entry

cn=ACL preoperation,cn=plugins,cn=config

Description

ACL access check plug-in

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

database

Performance Related Information

None

Further Information

Chapter 6, "Managing Access Control"

Plug-in Name

Binary Syntax

DN of Configuration Entry

cn=Binary Syntax,cn=plugins,cn=config

Description

Syntax for handling binary data

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. You should leave this plug-in running at all times.

Further Information

Plug-in Name

Boolean Syntax

DN of Configuration Entry

cn=Boolean Syntax,cn=plugins,cn=config

Description

Syntax for handling booleans

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. You should leave this plug-in running at all times.

Further Information

Plug-in Name

Case Exact String Syntax

DN of Configuration Entry

cn=Case Exact String Syntax,cn=plugins,cn=config

Description

Syntax for handling case-sensitive strings

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. You should leave this plug-in running at all times.

Further Information

Plug-in Name

Case Ignore String Syntax

DN of Configuration Entry

cn=Case Ignore String Syntax,cn=plugins,cn=config

Description

Syntax for handling case-insensitive strings

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. You should leave this plug-in running at all times.

Further Information

Plug-in Name

Chaining Database

DN of Configuration Entry

cn=Chaining database,cn=plugins,cn=config

Description

Syntax for handling DNs

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. You should leave this plug-in running at all times.

Further Information

Chapter 3, "Configuring Directory Databases"

Plug-in Name

Class of Service

DN of Configuration Entry

cn=Class of Service,cn=plugins,cn=config

Description

Allows for sharing of attributes between entries

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. You should leave this plug-in running at all times.

Further Information

Chapter 5, "Advanced Entry Management"

Plug-in Name

Country String Syntax Plug-in

DN of Configuration Entry

cn=Country String Syntax,cn=plugins,cn=config

Description

Syntax for handling countries

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. You should leave this plug-in running at all times.

Further Information

Plug-in Name

Distinguished Name Syntax

DN of Configuration Entry

cn=Distinguished Name Syntax,cn=plugins,cn=config

Description

Syntax for handling DNs

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. You should leave this plug-in running at all times.

Further Information

Plug-in Name

Generalized Time Syntax

DN of Configuration Entry

cn=Generalized Time Syntax,cn=plugins,cn=config

Description

Syntax for dealing with dates, times and time zones

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. You should leave this plug-in running at all times.

Further Information

The Generalized Time String consists of the following:

• four digit year
  
  
• two digit month (for example, 01 for January)
  
  
• two digit day, two digit hour
  
  
• two digit minute
  
  
• two digit second
  
  
• decimal part of a second (optional)
  
  
• a time zone indication

We strongly recommend that you use the Z time zone indication, which stands for Greenwich Mean Time.

Plug-in Name

Integer Syntax

DN of Configuration Entry

cn=Integer Syntax,cn=plugins,cn=config

Description

Syntax for handling integers

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. You should leave this plug-in running at all times.

Further Information

Plug-in Name

Internationalization Plug-in

DN of Configuration Entry

cn=Internationalization Plugin,cn=plugins,cn=config

Description

Syntax for handling international characters (in DNs)

Configurable Options

on | off

Default Setting

on

Configurable Arguments

The Internationalization Plug-in has one argument which must not be modified: serverRoot/slapd-serverID/config/slapd-collations.conf

This directory stores the collation orders and locales used by the Internationalization Plug-in.

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. You should leave this plug-in running at all times.

Further Information

Appendix D, "Internationalization"

Plug-in Name

ldbm database Plug-in

DN of Configuration Entry

cn=ldbm database plug-in,cn=plugins,cn=config

Description

Implements local databases

Configurable Options

N/A

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

See Netscape Directory Server Configuration, Command, and File Reference for further information on ldbm database plug-in attributes.

Further Information

Chapter 3, "Configuring Directory Databases"

Plug-in Name

Legacy Replication Plug-in

DN of Configuration Entry

cn=Legacy Replication plug-in,cn=plugins,cn=config

Description

Enables this version of Directory Server to be a consumer of a 4.1 supplier

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None. This plug-in can be disabled if the server is not (and never will be) a consumer of a 4.1 server.

Dependencies

database

Performance Related Information

None

Further Information

Chapter 8, "Managing Replication"

Plug-in Name

Multi-master Replication Plug-in

DN of Configuration Entry

cn=Multimaster Replication plugin,cn=plugins,
cn=config

Description

Enables replication between two Directory Servers

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

database

Performance Related Information

N/A

Further Information

You can turn this plug-in off if you only have one server, which will never replicate. See also chapter 8, "Managing Replication."

Plug-in Name

Octet String Syntax

DN of Configuration Entry

cn=Octet String Syntax,cn=plugins,cn=config

Description

Syntax for handling octet strings

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. You should leave this plug-in running at all times.

Further Information

Plug-in Name

CLEAR

DN of Configuration Entry

cn=CLEAR,cn=Password Storage Schemes,cn=plugins, cn=config

Description

CLEAR password storage scheme used for password encryption

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. You should leave this plug-in running at all times.

Further Information

Chapter 7, "User Account Management"

Plug-in Name

CRYPT

DN of Configuration Entry

cn=CRYPT,cn=Password Storage Schemes,cn=plugins, cn=config

Description

CRYPT password storage scheme used for password encryption

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. You should leave this plug-in running at all times.

Further Information

Chaper 7, "User Account Management"

Plug-in Name

NS-MTA-MD5

DN of Configuration Entry

cn=NS-MTA-MD5,cn=Password Storage Schemes,cn=plugins, cn=config

Description

NS-MTA-MD5 password storage scheme for password encryption

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. Netscape recommends that you leave this plug-in running at all times.

Further Information

You cannot choose to encrypt passwords using the NS-MTA-MD5 password storage scheme. The storage scheme is present in Netscape Directory Server but only for reasons of backward compatibility with earlier versions of Directory Server. See chapter 7, "User Account Management."

Plug-in Name

SHA

DN of Configuration Entry

cn=SHA,cn=Password Storage Schemes,cn=plugins,cn=config

Description

SHA password storage scheme for password encryption

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

If your directory does not contain passwords encrypted using the SHA password storage scheme, you may turn this plug-in off. SHA is only included for compatibility with earlier releases; it is recommended that you use SSHA rather than SHA because SSHA is a far more secure option.

Further Information

Chapter 7, "User Account Management"

Plug-in Name

SSHA

DN of Configuration Entry

cn=SSHA,cn=Password Storage Schemes,cn=plugins,cn=config

Description

SSHA password storage scheme for password encryption

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. You should leave this plug-in running at all times.

Further Information

Chapter 7, "User Account Management"

Plug-in Name

Postal Address Syntax

DN of Configuration Entry

cn=Postal Address Syntax,cn=plugins,cn=config

Description

Syntax used for handling postal addresses

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. You should leave this plug-in running at all times.

Further Information

Plug-in Name

Presence

DN of Configuration Entry

cn=Presence,cn=plugins,cn=config

Description

Syntax used for handling postal addresses

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

database

Performance Related Information

Check the reference provided in Further Information.

Further Information

Chapter 18, "Configuring IM Presence Information"

Plug-in Name

Pass-Through Authentication Plug-in

DN of Configuration Entry

cn=Pass Through Authentication,cn=plugins,cn=config

Description

Enables pass-through authentication, the mechanism which allows one directory to consult another to authenticate bind requests. This plug-in is not listed in Directory Server Console if you use the same server for your user directory and configuration directory.

Configurable Options

on | off

Default Setting

off

Configurable Arguments

ldap://netscape.com:389/o=netscape

Dependencies

None

Performance Related Information

Chapter 16, "Using the Pass-through Authentication Plug-in"

Further Information

Chapter 16, "Using the Pass-through Authentication Plug-in"

Plug-in Name

Referential Integrity Postoperation

DN of Configuration Entry

cn=Referential Integrity Postoperation,cn=plugins, cn=config

Description

Enables the server to ensure referential integrity

Configurable Options

All configuration and on | off

Default Setting

off

Configurable Arguments

When enabled, the postoperation Referential Integrity Plug-in performs integrity updates on the member, uniquemember, owner,  and seeAlso attributes immediately after a delete or rename operation. You can reconfigure the plug-in to perform integrity checks on all other attributes.

Configurable arguments are as follows:

1. Check for referential integrity
   -1 = no check for referential integrity
   0 = check for referential integrity is performed immediately
   positive integer = request for referential integrity is queued and processed at a later stage. This positive integer serves as a wake-up call for the thread to process the request at intervals corresponding to the integer specified.
   
   
2. Log file for storing the change; for example /usr/netscape/logs/referint
   
   
3. All the additional attrribute names you want to be checked for referential integrity.

Dependencies

database

Performance Related Information

You should enable the Referential Integrity Plug-in on only one master in a multimaster replication environment to avoid conflict resolution loops. When enabling the plug-in on chained servers, you must be sure to analyze your performance resource and time needs as well as your integrity needs.

Further Information

See the section Maintaining Referential Integrity.

Plug-in Name

Retro Change Log Plug-in

DN of Configuration Entry

cn=Retro Changelog Plugin,cn=plugins,cn=config

Description

Used by LDAP clients for maintaining application compatibility with Directory Server 4.x versions. Maintains a log of all changes occuring in the Directory Server. The Retro Changelog offers the same functionality as the changelog in the 4.x versions of Directory Server.

Configurable Options

on | off

Default Setting

off

Configurable Arguments

See Netscape Directory Server Configuration, Command, and File Reference for further information on the two configuration attributes for the Retro Change Log Plug-in.

Dependencies

None

Performance Related Information

May slow down Directory Server performance.

Further Information

Chapter 8, "Managing Replication"

Plug-in Name

Roles Plug-in

DN of Configuration Entry

cn=Roles Plugin,cn=plugins,cn=config

Description

Enables the use of roles in the Directory Server

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. You should leave this plug-in running at all times.

Further Information

Chapter 5, "Advanced Entry Management"

Plug-in Name

Space Insensitive String Syntax

DN of Configuration Entry

cn=Space Insensitive String Syntax,cn=plugins,cn=config

Description

Syntax for handling space-insensitive values

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. You should leave this plug-in running at all times.

Further Information

This plug-in enables the Directory Server to support space and case insensitive values. Applications can now search the directory using entries with ASCII space characters.

For example, applications that use AOL Screen Names can search the Directory Server using filters that contain Screen Names--a search or compare operation that uses jOHN Doe will match entries that contain any of the following Screen Name values: johndoe, john doe, and John Doe.

For more information about finding directory entries, see  Appendix B, "Finding Directory Entries."

The nsAIMID attribute type, which is a part of the Presence schema, uses this syntax. For details, see the section Schema for the Presence Plug-in.

Plug-in Name

State Change Plug-in

DN of Configuration Entry

cn=State Change Plugin,cn=plugins,cn=config

Description

Enables state-change-notification service.

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Further Information

Plug-in Name

Telephone Syntax

DN of Configuration Entry

cn=Telephone Syntax,cn=plugins,cn=config

Description

Syntax for handling telephone numbers

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. You should leave this plug-in running at all times.

Further Information

Plug-in Name

UID Uniqueness Plug-in

DN of Configuration Entry

cn=UID Uniqueness,cn=plugins,cn=config

Description

Checks that the values of specified attributes are unique each time a modification occurs on an entry.

Configurable Options

on | off

Default Setting

off

Configurable Arguments

Enter the following arguments:

uid
"DN"
"DN"...

if you want to check for uid attribute uniqueness in all listed subtrees.

However, enter the following arguments:

attribute="uid"
MarkerObjectclass = "ObjectClassName"

and optionally

requiredObjectClass = "ObjectClassName"

if you want to check for uid attribute uniqueness when adding or updating entries with the requiredObjectClass, starting from the parent entry containing the ObjectClass as defined by the MarkerObjectClass attribute.

Dependencies

N/A

Performance Related Information

This plug-in may slow down Directory Server performance.

In a multi-master replication environment, the UID Uniqueness Plug-in will not work at all and should therefore not be enabled.

If you try to add a new entry to a server where the UID Uniqueness Plug-in is enabled and a referral has been created in a subtree, then the UID Uniqueness Plug-in will not work because if it sees any other error apart from noSuchObject (meaning that the entry does not already exist), which it will do if a referral is created, then it will return an operations error preventing you from adding your new entry. To prevent being blocked by such an operations error, disable the plug-in on the server where you created the referral. If, however, you still want to run a UID Uniqueness check, make sure that you only activate the plug-in on the last of the referred-to servers to prevent it from blocking the referral mechanism.

Further Information

Chapter 17, "Using the Attribute Uniqueness Plug-in"

Plug-in Name

URI Syntax

DN of Configuration Entry

cn=URI Syntax,cn=plugins,cn=config

Description

Syntax for handling URIs (Unique Resource Identifiers), including URLs (Unique Resource Locators)

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. You should leave this plug-in running at all times.

Further Information