Configuration, Command, and File Reference Netscape Directory Server

Index      DocHome      Next

Contents

About This Reference Guide

Directory Server Overview

Prerequisite Reading

What Is In This Reference Guide?

Conventions Used In This Reference Guide

Related Information

Chapter 1   Introduction

Overview of Directory Server Management

Directory Server Configuration

Directory Server Instance File Reference

Migrating Directory Server

Using Directory Server Command-Line Utilities

Using Directory Server Command-Line Scripts

Chapter 2   Core Server Configuration Reference

Server Configuration - Overview

LDIF Configuration Files - Location

Schema Configuration Files - Location

How the Server Configuration is Organized

Configuration Attributes

Configuration of Plug-in Functionality

Configuration of Databases

Configuration of Indexes

Migration of Pre-Directory Server 6.x Configuration Files to LDIF Format

Accessing and Modifying Server Configuration

Access Control For Configuration Entries

Changing Configuration Attributes

Modifying Configuration Entries Using LDAP

Restrictions to Modifying Configuration Entries and Attributes

Configuration Changes Requiring Server Restart

Core Server Configuration Attributes Reference

cn=config

nsslapd-accesscontrol (Enable Access Control)

nsslapd-accesslog (Access Log)

nsslapd-accesslog-level

nsslapd-accesslog-list

nsslapd-accesslog-logbuffering (Log Buffering)

nsslapd-accesslog-logexpirationtime (Access Log Expiration Time)

nsslapd-accesslog-logexpirationtimeunit (Access Log Expiration Time Unit)

nsslapd-accesslog-logging-enabled (Access Log Enable Logging)

nsslapd-accesslog-logmaxdiskspace (Access Log Maximum Disk Space)

nsslapd-accesslog-logminfreediskspace (Access Log Minimum Free Disk Space)

nsslapd-accesslog-logrotationsync-enabled (Access Log Rotation Sync Enabled)

nsslapd-accesslog-logrotationsynchour (Access Log Rotation Sync Hour)

nsslapd-accesslog-logrotationsyncmin (Access Log Rotation Sync Minute)

nsslapd-accesslog-logrotationtime (Access Log Rotation Time)

nsslapd-accesslog-logrotationtimeunit (Access Log Rotation Time Unit)

nsslapd-accesslog-maxlogsize (Access Log Maximum Log Size)

nsslapd-accesslog-maxlogsperdir (Access Log Maximum Number of Log Files)

nsslapd-attribute-name-exceptions

nsslapd-auditlog (Audit Log)

nsslapd-auditlog-list

nsslapd-auditlog-logexpirationtime (Audit Log Expiration Time)

nsslapd-auditlog-logexpirationtimeunit (Audit Log Expiration Time Unit)

nsslapd-auditlog-logging-enabled (Audit Log Enable Logging)

nsslapd-auditlog-logmaxdiskspace (Audit Log Maximum Disk Space)

nsslapd-auditlog-logminfreediskspace (Audit Log Minimum Free Disk Space)

nsslapd-auditlog-logrotationsync-enabled (Audit Log Rotation Sync Enabled)

nsslapd-auditlog-logrotationsynchour (Audit Log Rotation Sync Hour)

nsslapd-auditlog-logrotationsyncmin (Audit Log Rotation Sync Minute)

nsslapd-auditlog-logrotationtime (Audit Log Rotation Time)

nsslapd-auditlog-logrotationtimeunit (Audit Log Rotation Time Unit)

nsslapd-auditlog-maxlogsize (Audit Log Maximum Log Size)

nsslapd-auditlog-maxlogsperdir (Audit Log Maximum Number of Log Files)

nsslapd-certmap-basedn (Certificate Map Search Base)

nsslapd-config

nsslapd-csnlogging

nsslapd-ds4-compatible-schema

nsslapd-enquote-sup-oc (Enable Superior Object Class Enquoting)

nsslapd-errorlog (Error Log)

nsslapd-errorlog-level (Error Log Level)

nsslapd-errorlog-list

nsslapd-errorlog-logexpirationtime (Error Log Expiration Time)

nsslapd-errorlog-logexpirationtimeunit (Error Log Expiration Time Unit)

nsslapd-errorlog-logging-enabled (Enable Error Logging)

nsslapd-errorlog-logmaxdiskspace (Error Log Maximum Disk Space)

nsslapd-errorlog-logminfreediskspace (Error Log Minimum Free Disk Space)

nsslapd-errorlog-logrotationsync-enabled (Error Log Rotation Sync Enabled)

nsslapd-errorlog-logrotationsynchour (Error Log Rotation Sync Hour)

nsslapd-errorlog-logrotationsyncmin (Error Log Rotation Sync Minute)

nsslapd-errorlog-logrotationtime (Error Log Rotation Time)

nsslapd-errorlog-logrotationtime (Error Log Rotation Time)

nsslapd-errorlog-logrotationtimeunit (Error Log Rotation Time Unit)

nsslapd-errorlog-maxlogsize (Maximum Error Log Size)

nsslapd-errorlog-maxlogsperdir (Maximum Number of Error Log Files)

nsslapd-groupevalnestlevel

nsslapd-idletimeout (Default Idle Timeout)

nsslapd-instancedir (Instance Directory)

nsslapd-ioblocktimeout (IO Block Time Out)

nsslapd-lastmod (Track Modification Time)

nsslapd-listenhost (Listen to IP Address)

nsslapd-localhost (Local Host)

nsslapd-localuser (Local User)

nsslapd-maxbersize (Maximum Message Size)

nsslapd-maxdescriptors (Maximum File Descriptors)

nsslapd-maxthreadsperconn (Maximum Threads Per Connection)

nsslapd-nagle

nsslapd-outbound-ldap-io-timeout

nsslapd-plug-in

nsslapd-port (Port Number)

nsslapd-privatenamespaces

nsslapd-readonly (Read Only)

nsslapd-referral (Referral)

nsslapd-referralmode (Referral Mode)

nsslapd-reservedescriptors (Reserved File Descriptors)

nsslapd-return-exact-case (Return Exact Case)

nsslapd-rootdn (Manager DN)

nsslapd-rootpw (Root Password)

nsslapd-rootpwstoragescheme (Root Password Storage Scheme)

nsslapd-schemacheck (Schema Checking)

nsslapd-schemareplace

nsslapd-securelistenhost

nsslapd-securePort (Encrypted Port Number)

nsslapd-security (Security)

nsslapd-sizelimit (Size Limit)

nsslapd-ssl-check-hostname (Verify Hostname for Outbound Connections)

nsslapd-threadnumber (Thread Number)

nsslapd-timelimit (Time Limit)

nsslapd-versionstring

passwordChange (Password Change)

passwordCheckSyntax (Check Password Syntax)

passwordExp (Password Expiration)

passwordHistory (Password History)

passwordInHistory (Number of Passwords to Remember)

passwordLockout (Account Lockout)

passwordLockoutDuration (Lockout Duration)

passwordMaxAge (Password Maximum Age)

passwordMaxFailure (Maximum Password Failures)

passwordMinAge (Password Minimum Age)

passwordMinLength (Password Minimum Length)

passwordMustChange (Password Must Change)

passwordResetFailureCount (Reset Password Failure Count After)

passwordStorageScheme (Password Storage Scheme)

passwordUnlock (Unlock Account)

passwordWarning (Send Warning)

cn=changelog5

nsslapd-changelogdir

nsslapd-changelogmaxage (Max Changelog Age)

nsslapd-changelogmaxentries (Max Changelog Records)

cn=encryption

nssslsessiontimeout

nssslclientauth

nsssl2

nsssl3

nsssl3ciphers

cn=features

cn=mapping tree

Suffix Configuration Attributes Under cn="suffixName"

nsslapd-state

nsslapd-backend

Replication Attributes Under cn=replica, cn="suffixName", cn=mapping tree,cn=config

cn

nsDS5Flags

nsDS5ReplicaBindDN

nsDS5ReplicaChangeCount

nsDS5ReplicaId

nsDS5ReplicaLegacyConsumer

nsDS5ReplicaName

nsDS5ReplicaPurgeDelay

nsDS5ReplicaReferral

nsDS5ReplicaRoot

nsDS5ReplicaTombstonePurgeInterval

nsDS5ReplicaType

nsState

Replication Attributes Under cn=ReplicationAgreementName,cn=replica, cn="suffixName", cn=mapping tree,cn=config

description

nsDS5ReplicaBindDN

nsDS5ReplicaBindMethod

nsDS5ReplicaChangesSentSinceStartup

nsDS5ReplicaCredentials

nsDS5ReplicaHost

nsDS5ReplicaLastInitEnd

nsDS5ReplicaLastInitStart

nsDS5ReplicaLastInitStatus

nsDS5ReplicaLastUpdateEnd

nsDS5ReplicaLastUpdateStart

nsDS5ReplicaLastUpdateStatus

nsDS5ReplicaPort

nsDS5ReplicaReapActive

nsDS5ReplicaRefresh

nsDS5ReplicaRoot

nsDS5ReplicaTimeout

nsDS5ReplicaTransportInfo

nsDS5ReplicaUpdateInProgress

nsDS5ReplicaUpdateSchedule

nsDS50ruv

cn=monitor

connection

currentConnections

totalConnections

dTableSize

readWaiters

opsInitiated

opsCompleted

entriesSent

bytesSent

currentTime

startTime

nbackEnds

backendMonitorDN

cn=replication

cn=SNMP

nssnmpenabled

nssnmporganization

nssnmplocation

nssnmpcontact

nssnmpdescription

nssnmpmasterhost

nssnmpmasterport

cn=tasks

cn=uniqueid generator

nsstate

Configuration Quick Reference Tables

LDIF Configuration Files

Configuration Changes Requiring Server Restart

Chapter 3   Plug-in Implemented Server Functionality Reference

Overview

Object Classes for Plug-In Configuration

Server Plug-in Functionality Reference

7-bit check Plug-in

ACL Plug-in

ACL preoperation Plug-in

Binary Syntax Plug-in

Boolean Syntax Plug-in

Case Exact String Syntax Plug-in

Case Ignore String Syntax Plug-in

Chaining database Plug-in

Class of Service Plug-in

Country String Syntax Plug-in

Distinguished Name Syntax Plug-in

Generalized Time Syntax Plug-in

HTTP Client Plug-in

Integer Syntax Plug-in

Internationalization Plug-in

ldbm database Plug-in

Legacy Replication Plug-in

Multimaster Replication Plug-in

Octet String Syntax Plug-in

CLEAR Password Storage Plug-in

CRYPT Password Storage Plug-in

NS-MTA-MD5 Password Storage Scheme Plug-in

SHA Password Storage Scheme Plug-in

SSHA Password Storage Scheme Plug-in

Postal Address String Syntax Plug-in

Presence Plug-in

PTA Plug-in

Referential Integrity Postoperation Plug-in

Retro Changelog Plug-in

Roles Plug-in

Space Insensitive String Syntax Plug-in

State Change Plug-in

Telephone Syntax Plug-in

UID Uniqueness Plug-in

URI Syntax Plug-in

List of Attributes Common to All Plug-ins

nsslapd-pluginPath

nsslapd-pluginInitfunc

nsslapd-pluginType

nsslapd-pluginEnabled

nsslapd-pluginId

nsslapd-pluginVersion

nsslapd-pluginVendor

nsslapd-pluginDescription

Attributes Allowed by Certain Plug-ins

nsslapd-plugin-depends-on-type

nsslapd-plugin-depends-on-named

Database Plug-in Attributes

Database Attributes Under cn=config,cn=ldbm database,cn=plugins,cn=config

nsLookthroughLimit

nsslapd-allidsthreshold

nsslapd-cache-autosize

nsslapd-cache-autosize-split

nsslapd-dbcachesize

nsslapd-db-checkpoint-interval

nsslapd-db-circular-logging

nsslapd-db-debug

nsslapd-db-durable-transactions

nsslapd-db-home-directory

nsslapd-db-idl-divisor

nsslapd-db-logbuf-size

nsslapd-db-logdirectory

nsslapd-db-logfile-size

nsslapd-db-page-size

nsslapd-db-spin-count

nsslapd-db-transaction-batch-val

nsslapd-db-transaction-logging

nsslapd-db-trickle-percentage

nsslapd-db-verbose

nsslapd-dbncache

nsslapd-import-cachesize

nsslapd-mode

Database Attributes Under cn=monitor,cn=ldbm database, cn=plugins,cn=config

dbcachehits

dbcachetries

dbcachehitratio

dbcachepagein

dbcachepageout

dbcacheroevict

dbcacherwevict

Database Attributes Under cn=NetscapeRoot,cn=ldbm database, cn=plugins,cn=config and cn=UserRoot,cn=ldbm database, cn=plugins,cn=config

nsslapd-cachesize

nsslapd-cachememsize

nsslapd-directory

nsslapd-readonly

nsslapd-require-index

nsslapd-suffix

Database Attributes Under cn=database,cn=monitor,cn=ldbm database, cn=plugins,cn=config

nsslapd-db-abort-rate

nsslapd-db-active-txns

nsslapd-db-cache-hit

nsslapd-db-cache-try

nsslapd-db-cache-region-wait-rate

nsslapd-db-cache-size-bytes

nsslapd-db-clean-pages

nsslapd-db-commit-rate

nsslapd-db-deadlock-rate

nsslapd-db-dirty-pages

nsslapd-db-hash-buckets

nsslapd-db-hash-elements-examine-rate

nsslapd-db-hash-search-rate

nsslapd-db-lock-conflicts

nsslapd-db-lock-region-wait-rate

nsslapd-db-lock-request-rate

nsslapd-db-lockers

nsslapd-db-log-bytes-since-checkpoint

nsslapd-db-log-region-wait-rate

nsslapd-db-log-write-rate

nsslapd-db-longest-chain-length

nsslapd-db-page-create-rate

nsslapd-db-page-read-rate

nsslapd-db-page-ro-evict-rate

nsslapd-db-page-rw-evict-rate

nsslapd-db-page-trickle-rate

nsslapd-db-page-write-rate

nsslapd-db-pages-in-use

nsslapd-db-txn-region-wait-rate

Database Attributes Under cn=default indexes,cn=config,cn=ldbm database, cn=plugins,cn=config

nsSystemIndex

nsIndexType

nsMatchingRule

cn

description

Database Attributes Under cn=monitor,cn=Netscaperoot,cn=ldbm database,cn=plugins,cn=config

dbfilenamenumber

dbfilecachehit

dbfilecachemiss

dbfilepagein

dbfilepageout

Database Attributes Under cn=index,cn=Netscaperoot,cn=ldbm database, cn=plugins,cn=config and cn=index,cn=UserRoot,cn=ldbm database, cn=plugins,cn=config

Database Link Plug-in Attributes (chaining attributes)

Database Link Attributes Under cn=config,cn=chaining database, cn=plugins,cn=config

nsActiveChainingComponents

nsMaxResponseDelay

nsMaxTestResponseDelay

nsTransmittedControls

Database Link Attributes Under cn=default instance config,cn=chaining database,cn=plugins,cn=config

nsAbandonedSearchCheckInterval

nsBindConnectionsLimit

nsBindRetryLimit

nsBindTimeout

nsCheckLocalACI

nsConcurrentBindLimit

nsConcurrentOperationsLimit

nsConnectionLife

nsOperationConnectionsLimit

nsProxiedAuthorization

nsReferralOnScopedSearch

nsSizeLimit

nsTimeLimit

Database Link Attributes Under cn=database link instance name,cn=chaining database, cn=plugins,cn=config

nsFarmServerURL

nsMultiplexorBindDN

nsMultiplexorCredentials

nshoplimit

Database Link Attributes Under cn=monitor,cn=database instance name,cn=chaining database, cn=plugins,cn=config

nsAddCount

nsDeleteCount

nsModifyCount

nsRenameCount

nsSearchBaseCount

nsSearchOneLevelCount

nsSearchSubtreeCount

nsAbandonCount

nsBindCount

nsUnbindCount

nsCompareCount

nsOperationConnectionCount

nsBindConnectionCount

Retro Changelog Plug-in Attributes

nsslapd-changelogdir

nsslapd-changelogmaxage (Max Changelog Age)

Chapter 4   Server Instance File Reference

Overview of Directory Server Files

Backup Files

Configuration Files

Database Files

ldif Files

Lock Files

Log Files

Chapter 5   Access Log and Connection Code Reference

Access Log Content

Access Logging Levels

Default Access Logging Content

Connection Number

File Descriptor

Slot Number

Operation Number

Method Type

Version Number

Error Number

Tag Number

Number of Entries

Elapsed Time

LDAP Request Type

LDAP Response Type

Unindexed Search Indicator

VLV-Related Entries

Search Scope

Extended Operation OID

Change Sequence Number

Abandon Message

Message ID

SASL Multi-Stage Bind Logging

Access Log Content for Additional Access Logging Levels

Connection Description

Options Description

Common Connection Codes

LDAP Result Codes

Chapter 6   Migration from Earlier Versions

Migration from 4.x Directory Server to 6.x

Server Attributes

Database Attributes

Upgrade from Directory Server 5.x to 6.x

General Server Configuration Attributes

Database Attributes

Database Link Attributes

SNMP Attributes

Chapter 7   Command-Line Utilities

Finding and Executing Command-Line Utilities

Command-Line Utilities Quick Reference

Using Special Characters

Syntax for Using Special Characters

ldapsearch

ldapsearch Options

Commonly Used ldapsearch Options

SSL Options

Additional ldapsearch Options

ldapmodify

Syntax

ldapmodify Options

Commonly Used ldapmodify Options

SSL Options

Additional ldapmodify Options

ldapdelete

Syntax

ldapdelete Options

Commonly Used ldapdelete Options

SSL Options

Additional ldapdelete Options

ldif

Syntax

Options

dbscan

Syntax

Options

Chapter 8   Command-Line Scripts

Finding and Executing Command-Line Scripts

Command-Line Scripts Quick Reference

Shell and Batch Scripts

bak2db (Restore database from backup)

Syntax

db2bak (Create backup of database)

Syntax

db2ldif (Export database contents to LDIF)

Syntax

Options

db2dsml (Export database contents to DSML)

Syntax

Options

db2index (Reindex database index files)

Syntax

Usage

Options

dsml2db (Import DSML document contents into database)

Syntax

Options

getpwenc (Print encrypted password)

Syntax

Options

ldif2db (Import)

Syntax

Options

ldif2ldap (Perform import operation over LDAP)

Syntax

Options

monitor (Retrieve monitoring information)

Syntax

Options

restart-slapd (Restart the Directory Server)

Syntax

Options

Exit Status

restoreconfig (Restore Administration Server Configuration)

Syntax

Options

saveconfig (Save Administration Server Configuration)

Syntax

Options

start-slapd (Start the Directory Server)

Syntax

Options

Exit Status

stop-slapd (Stop the Directory Server)

Syntax

Options

Exit Status

suffix2instance (Map Suffix to Backend Name)

Syntax

Options

vlvindex (Create virtual list view indexes)

Syntax

Options

Perl Scripts

bak2db.pl (Restore database from backup)

Syntax

Options

db2bak.pl (Create backup of database)

Syntax

Options

db2index.pl (Create and generate indexes)

Syntax

Options

db2ldif.pl (Export database contents to LDIF)

Syntax

Options

ldif2db.pl (Import)

Syntax

Options

logconv.pl (Log converter)

Syntax

Options

migrateInstance6 (Migrate to Directory Server 6.x)

Syntax

Options

ns-accountstatus.pl (Establish account status)

Syntax

Options

ns-activate.pl (Activate an entry or group of entries)

Syntax

Options

ns-inactivate.pl (Inactivate an entry or group of entries)

Syntax

Options

template-cl-dump.pl (Dump and decode changelog)

Syntax

Options

template-repl-monitor.pl (Monitor replication status)

Syntax

Options

Configuration File Format

Appendix A   Using the ns-slapd and slapd.exe Command-Line Utilities

Overview of ns-slapd and slapd.exe Commands

ns-slapd (UNIX)

slapd.exe (Windows)

Finding and Executing the ns-slapd and slapd.exe Command-Line Utilities

ns-slapd and slapd.exe Command-Line Utilities for Exporting Databases

db2ldif

Syntax

Options

ns-slapd and slapd.exe Command-Line Utilities for Restoring and Backing up Databases

ldif2db

Syntax

Options

archive2db

Syntax

Options

db2archive

Syntax

Options

ns-slapd and slapd.exe Command-Line Utilities for Creating and Regenerating Indexes

db2index

Syntax

Options

Glossary

Index

© 2001 Sun Microsystems, Inc. Portions copyright 1999, 2002 Netscape Communications Corporation. All rights reserved.

Last Updated August 16, 2002