mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
opends/resource/admin/admin.xsd
@@ -577,6 +577,20 @@ </xsd:documentation> </xsd:annotation> </xsd:attribute> <xsd:attribute name="advanced" type="xsd:boolean" use="optional" default="false"> <xsd:annotation> <xsd:documentation> Optionally override the advanced option defined in the overridden property definition. Indicates whether or not this property should be treated as an advanced property and hidden by default in client applications. Advanced properties should either be optional (i.e. not mandatory) or be mandatory with default values. This constraint is required so that users do not have to specify values for advanced properties. </xsd:documentation> </xsd:annotation> </xsd:attribute> </xsd:complexType> <xsd:complexType name="relation-type"> <xsd:annotation> opends/resource/admin/preprocessor.xsl
@@ -590,7 +590,15 @@ <xsl:variable name="property" select="$hierarchy/adm:managed-object/adm:property[@name=$name]" /> <xsl:element name="adm:property"> <xsl:copy-of select="$property/@*" /> <xsl:copy-of select="$property/@*[local-name() != 'advanced']" /> <xsl:choose> <xsl:when test="@advanced"> <xsl:copy-of select="@advanced" /> </xsl:when> <xsl:otherwise> <xsl:copy-of select="$property/@advanced" /> </xsl:otherwise> </xsl:choose> <xsl:apply-templates select="$property/adm:TODO | $property/adm:synopsis | $property/adm:description" mode="pre-process"> @@ -855,7 +863,6 @@ <xsl:if test="@naming-property"> <xsl:variable name="naming-property-name" select="@naming-property" /> <!-- FIXME: this does not cope with the situation where the property is inherited, referenced, or overridden. opends/src/admin/defn/org/opends/server/admin/std/AESPasswordStorageSchemeConfiguration.xml
@@ -25,30 +25,29 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="aes-password-storage-scheme" <adm:managed-object name="aes-password-storage-scheme" plural-name="aes-password-storage-schemes" package="org.opends.server.admin.std" extends="password-storage-scheme" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> provides a mechanism for encoding user passwords using the AES reversible encryption mechanism. This implementation contains only an implementation for the user password syntax, with a storage scheme name of "AES". The <adm:user-friendly-name /> provides a mechanism for encoding user passwords using the AES reversible encryption mechanism. </adm:synopsis> <adm:description> This scheme contains only an implementation for the user password syntax, with a storage scheme name of "AES". </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-aes-password-storage-scheme</ldap:name> <ldap:superior>ds-cfg-password-storage-scheme</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -57,6 +56,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,7 +25,6 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="access-control-handler" plural-name="access-control-handlers" package="org.opends.server.admin.std" @@ -77,4 +76,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,28 +25,22 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="access-log-publisher" plural-name="access-log-publishers" package="org.opends.server.admin.std" extends="log-publisher" abstract="true" package="org.opends.server.admin.std" extends="log-publisher" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-plural-name /> are responsible for distributing access log messages from the access logger to a destination. are responsible for distributing access log messages from the access logger to a destination. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-access-log-publisher</ldap:name> <ldap:superior>ds-cfg-log-publisher</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="java-class" mandatory="true"> <adm:synopsis> The fully-qualified name of the Java class that provides the @@ -66,18 +60,13 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="suppress-internal-operations"> <adm:property name="suppress-internal-operations" advanced="true"> <adm:synopsis> Omit access messages generated by internal operations. Except for Synchronization operations that are controlled by the ds-cfg-suppress-synchronization-operations property. Suppress access messages generated by internal operations. </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value> true </adm:value> <adm:value>true</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -89,16 +78,14 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="suppress-synchronization-operations"> <adm:property name="suppress-synchronization-operations" advanced="true"> <adm:synopsis> Omit access messages generated by synchronization operations. Suppress access messages generated by synchronization operations. </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value> false </adm:value> <adm:value>false</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -106,7 +93,9 @@ </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> <ldap:name>ds-cfg-suppress-synchronization-operations</ldap:name> <ldap:name> ds-cfg-suppress-synchronization-operations </ldap:name> </ldap:attribute> </adm:profile> </adm:property> opends/src/admin/defn/org/opends/server/admin/std/AccountStatusNotificationHandlerConfiguration.xml
@@ -25,15 +25,11 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="account-status-notification-handler" <adm:managed-object name="account-status-notification-handler" plural-name="account-status-notification-handlers" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap" > xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-name /> is invoked whenever certain types of events occur that could change @@ -41,16 +37,13 @@ <adm:user-friendly-name /> may be used to notify the user and/or administrators of the change. </adm:synopsis> <adm:tag name="user-management"/> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-account-status-notification-handler</ldap:name> <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="enabled" mandatory="true"> <adm:synopsis> Indicate whether the @@ -66,7 +59,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="java-class" mandatory="true"> <adm:synopsis> The fully-qualified name of the Java class that provides the @@ -86,6 +78,4 @@ </ldap:attribute> </adm:profile> </adm:property> </adm:managed-object>
@@ -25,27 +25,22 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="alert-handler" plural-name="alert-handlers" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-name /> are used to notify administrators of significant problems or notable events that occur in the Directory Server. are used to notify administrators of significant problems or notable events that occur in the Directory Server. </adm:synopsis> <adm:tag name="core"/> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-alert-handler</ldap:name> <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="enabled" mandatory="true"> <adm:synopsis> Indicate whether the @@ -61,7 +56,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="java-class" mandatory="true"> <adm:synopsis> The fully-qualified name of the Java class that provides the @@ -81,21 +75,23 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="enabled-alert-type" mandatory="false" multi-valued="true"> <adm:property name="enabled-alert-type" multi-valued="true"> <adm:synopsis> Specifies the names of the alert types that are enabled for this alert handler. If there are any values for this attribute, then only alerts with one of the specified types will be allowed (unless they are also included in the disabled alert types). If there are no values for this attribute, then any alerts with a type not included in the list of disabled alert types will be allowed. Specifies the names of the alert types that are enabled for this alert handler. </adm:synopsis> <adm:description> If there are any values for this attribute, then only alerts with one of the specified types will be allowed (unless they are also included in the disabled alert types). If there are no values for this attribute, then any alerts with a type not included in the list of disabled alert types will be allowed. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> All alerts with types not included in the set of disabled alert types will be allowed. All alerts with types not included in the set of disabled alert types will be allowed. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -108,22 +104,25 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="disabled-alert-type" mandatory="false" multi-valued="true"> <adm:property name="disabled-alert-type" multi-valued="true"> <adm:synopsis> Specifies the names of the alert types that are disabled for this alert handler. If there are any values for this attribute, then no alerts with any of the specified types will be allowed. If there are no values for this attribute, then only alerts with a type included in the set of enabled alert types will be allowed, or if there are no values for the enabled alert types option then all alert types will be allowed. Specifies the names of the alert types that are disabled for this alert handler. </adm:synopsis> <adm:description> If there are any values for this attribute, then no alerts with any of the specified types will be allowed. If there are no values for this attribute, then only alerts with a type included in the set of enabled alert types will be allowed, or if there are no values for the enabled alert types option then all alert types will be allowed. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> If there is a set of enabled alert types, then only alerts with one of those types will be allowed. Otherwise, all alerts will be allowed. If there is a set of enabled alert types, then only alerts with one of those types will be allowed. Otherwise, all alerts will be allowed. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -136,6 +135,4 @@ </ldap:attribute> </adm:profile> </adm:property> </adm:managed-object>
@@ -25,27 +25,24 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="anonymous-sasl-mechanism-handler" plural-name="anonymous-sasl-mechanism-handlers" package="org.opends.server.admin.std" extends="sasl-mechanism-handler" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> is used to perform all processing related to SASL ANONYMOUS authentication. is used to perform all processing related to SASL ANONYMOUS authentication. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-anonymous-sasl-mechanism-handler</ldap:name> <ldap:superior>ds-cfg-sasl-mechanism-handler</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -54,6 +51,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,25 +25,21 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="approximate-matching-rule" plural-name="approximate-matching-rules" package="org.opends.server.admin.std" extends="matching-rule" abstract="false" package="org.opends.server.admin.std" extends="matching-rule" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-plural-name /> define a set of rules for performing approximate matching operations against assertion values. In many cases, approximate matching is based on a "sounds like" operation. define a set of rules for performing approximate matching operations against assertion values. In many cases, approximate matching is based on a "sounds like" operation. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-approximate-matching-rule</ldap:name> <ldap:superior>ds-cfg-matching-rule</ldap:superior> </ldap:object-class> </adm:profile> </adm:managed-object>
@@ -25,28 +25,24 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="attribute-syntax" plural-name="attribute-syntaxes" package="org.opends.server.admin.std" abstract="false" plural-name="attribute-syntaxes" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-plural-name /> define the type of data that may be stored in an attribute with that syntax. A syntax is generally associated with a set of matching rules that indicate how to perform matching operations against values of that syntax. define the type of data that may be stored in an attribute with that syntax. A syntax is generally associated with a set of matching rules that indicate how to perform matching operations against values of that syntax. </adm:synopsis> <adm:tag name="core"/> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-attribute-syntax</ldap:name> <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="enabled" mandatory="true"> <adm:synopsis> Indicate whether the @@ -62,7 +58,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="java-class" mandatory="true" read-only="true"> <adm:synopsis> The fully-qualified name of the Java class that provides the @@ -82,6 +77,4 @@ </ldap:attribute> </adm:profile> </adm:property> </adm:managed-object>
@@ -25,26 +25,25 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="attribute-type-description-attribute-syntax" plural-name="attribute-type-description-attribute-syntaxes" extends="attribute-syntax" package="org.opends.server.admin.std" abstract="false" extends="attribute-syntax" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-plural-name /> describe the format of the directory schema attribute type definitions. describe the format of the directory schema attribute type definitions. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-attribute-type-description-attribute-syntax</ldap:name> <ldap:name> ds-cfg-attribute-type-description-attribute-syntax </ldap:name> <ldap:superior>ds-cfg-attribute-syntax</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -53,16 +52,19 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="strip-syntax-min-upper-bound" mandatory="false"> <adm:property name="strip-syntax-min-upper-bound" advanced="true"> <adm:synopsis> Indicate whether the suggested minimum upper bound appended to an attribute's syntax OID in it's schema definition Attribute Type Description is stripped off. When retrieving the server's schema, some APIs (JNDI) fail in their syntax lookup methods because they don't parse this value correctly. This configuration option allows the server to be configured to provide schema definitions these APIs can parse correctly. Indicate whether the suggested minimum upper bound appended to an attribute's syntax OID in it's schema definition Attribute Type Description is stripped off. </adm:synopsis> <adm:description> When retrieving the server's schema, some APIs (JNDI) fail in their syntax lookup methods because they don't parse this value correctly. This configuration option allows the server to be configured to provide schema definitions these APIs can parse correctly. </adm:description> <adm:default-behavior> <adm:defined> <adm:value>false</adm:value> @@ -77,6 +79,4 @@ </ldap:attribute> </adm:profile> </adm:property> </adm:managed-object>
@@ -42,8 +42,7 @@ <ldap:superior>ds-cfg-password-validator</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -52,15 +51,15 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="match-attribute" mandatory="false" multi-valued="true"> <adm:property name="match-attribute" multi-valued="true"> <adm:synopsis> Specifies the name(s) of the attribute(s) whose values should be checked to determine whether they match the provided password. If this is not provided, then all attributes in the user's entry will be checked. checked to determine whether they match the provided password. </adm:synopsis> <adm:description> If this is not provided, then all attributes in the user's entry will be checked. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> opends/src/admin/defn/org/opends/server/admin/std/BackendConfiguration.xml
@@ -25,20 +25,20 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="backend" plural-name="backends" <adm:managed-object name="backend" plural-name="backends" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-plural-name/> are responsible for providing access to the underlying data presented by the server. The data may be stored locally (e.g., in an embedded database), remotely (e.g., in an external system), or generated on the fly (e.g., calculated from other information that is available). <adm:user-friendly-plural-name /> are responsible for providing access to the underlying data presented by the server. </adm:synopsis> <adm:description> The data may be stored locally (e.g., in an embedded database), remotely (e.g., in an external system), or generated on the fly (e.g., calculated from other information that is available). </adm:description> <adm:tag name="database"/> <adm:profile name="ldap"> <ldap:object-class> @@ -46,15 +46,13 @@ <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="enabled" mandatory="true" multi-valued="false"> <adm:property name="enabled" mandatory="true"> <adm:synopsis> Indicates whether the backend is enabled for use in the server. </adm:synopsis> <adm:description> If a backend is not enabled, then its contents will not be accessible when processing operations. If a backend is not enabled, then its contents will not be accessible when processing operations. </adm:description> <adm:syntax> <adm:boolean /> @@ -65,18 +63,11 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="java-class" mandatory="true" multi-valued="false"> <adm:property name="java-class" mandatory="true"> <adm:synopsis> The fully-qualified name of the Java class that provides the backend implementation. </adm:synopsis> <adm:description> The specified class must be a subclass of the org.opends.server.api.Backend superclass. The backend must be disabled and re-enabled for changes to the handler class to take effect. </adm:description> <adm:requires-admin-action> <adm:component-restart/> </adm:requires-admin-action> @@ -91,8 +82,7 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="backend-id" mandatory="true" read-only="true" multi-valued="false"> <adm:property name="backend-id" mandatory="true" read-only="true"> <adm:synopsis> Provides a name that will be used to identify the associated backend. @@ -109,27 +99,20 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="writability-mode" mandatory="true" multi-valued="false"> <adm:property name="writability-mode" mandatory="true"> <adm:synopsis> Specifies the behavior that the backend should use when processing write operations. Specifies the behavior that the backend should use when processing write operations. </adm:synopsis> <adm:description> A value of "enabled" will allow write operations to be performed in that backend (if the requested operation is valid, the user has permission to perform the operation, the backend supports that type of write operation, and the global writability mode property is also enabled). A value of "disabled" will cause all write attempts to fail, and a value of "internal-only" will cause external write attempts to fail but will allow writes by replication and internal operations. </adm:description> <adm:syntax> <adm:enumeration> <adm:value name="enabled"> <adm:synopsis> Allows write operations to be performed in that backend. Allows write operations to be performed in that backend (if the requested operation is valid, the user has permission to perform the operation, the backend supports that type of write operation, and the global writability mode property is also enabled). </adm:synopsis> </adm:value> <adm:value name="disabled"> @@ -151,29 +134,28 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="base-dn" mandatory="true" multi-valued="true"> <adm:property name="base-dn" mandatory="true" multi-valued="true"> <adm:synopsis> Specifies the base DN(s) for the data that the backend will handle. Specifies the base DN(s) for the data that the backend will handle. </adm:synopsis> <adm:description> A single backend may be responsible for one or more base DNs. Note that no two backends may have the same base DN, although one backend may have a base DN that is below a base DN provided by another backend (similar to the use of sub-suffixes in the Sun Java System Directory Server). Note that if any of the base DNs is subordinate to a base DN for another backend, then all base DNs for that backend must be subordinate to that same base DN. that no two backends may have the same base DN, although one backend may have a base DN that is below a base DN provided by another backend (similar to the use of sub-suffixes in the Sun Java System Directory Server). Note that if any of the base DNs is subordinate to a base DN for another backend, then all base DNs for that backend must be subordinate to that same base DN. </adm:description> <adm:requires-admin-action> <adm:other> <adm:none> <adm:synopsis> No administrative action is required by default, although some action may be required on a per-backend basis before the new base DN may be used. No administrative action is required by default, although some action may be required on a per-backend basis before the new base DN may be used. </adm:synopsis> </adm:other> </adm:none> </adm:requires-admin-action> <adm:syntax> <adm:dn /> opends/src/admin/defn/org/opends/server/admin/std/BackupBackendConfiguration.xml
@@ -25,21 +25,18 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="backup-backend" plural-name="backup-backends" package="org.opends.server.admin.std" extends="backend" package="org.opends.server.admin.std" extends="backend" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The backup backend provides read-only access to the set of backups that are available for the OpenDS Directory Server. The backup backend provides read-only access to the set of backups that are available for the OpenDS Directory Server. </adm:synopsis> <adm:description> The backup backend is provided as a convenience feature that makes it easier to determine what backups are available to be restored if necessary. The org.opends.server.backends.BackupBackend class provides the implementation for this backend. The backup backend is provided as a convenience feature that makes it easier to determine what backups are available to be restored if necessary. </adm:description> <adm:profile name="ldap"> <ldap:object-class> @@ -47,27 +44,32 @@ <ldap:superior>ds-cfg-backend</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> org.opends.server.backends.BackupBackend </adm:value> <adm:value>org.opends.server.backends.BackupBackend</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="backup-directory" mandatory="true" <adm:property-override name="writability-mode" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value>disabled</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="backup-directory" mandatory="true" multi-valued="true"> <adm:synopsis> Specifies the path to a backup directory containing one or more backups for a particular backend. It may be either an absolute path or one that is relative to the base of the OpenDS Directory Server installation. Specifies the path to a backup directory containing one or more backups for a particular backend. </adm:synopsis> <adm:description> This is a multivalued attribute, and each value may specify a different backup directory if desired (e.g., one for each backend for which backups are taken). This is a multivalued property, and each value may specify a different backup directory if desired (e.g., one for each backend for which backups are taken). Values may be either absolute paths or paths that are relative to the base of the OpenDS Directory Server installation. </adm:description> <adm:syntax> <adm:string /> opends/src/admin/defn/org/opends/server/admin/std/Base64PasswordStorageSchemeConfiguration.xml
@@ -25,30 +25,29 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="base64-password-storage-scheme" <adm:managed-object name="base64-password-storage-scheme" plural-name="base64-password-storage-schemes" package="org.opends.server.admin.std" extends="password-storage-scheme" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> provides a mechanism for encoding user passwords using the BASE64 encoding mechanism. This implementation contains only an implementation for the user password syntax, with a storage scheme name of "BASE64". The <adm:user-friendly-name /> provides a mechanism for encoding user passwords using the BASE64 encoding mechanism. </adm:synopsis> <adm:description> This scheme contains only an implementation for the user password syntax, with a storage scheme name of "BASE64". </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-base64-password-storage-scheme</ldap:name> <ldap:superior>ds-cfg-password-storage-scheme</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -57,6 +56,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,29 +25,25 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="blind-trust-manager-provider" plural-name="blind-trust-manager-providers" package="org.opends.server.admin.std" extends="trust-manager-provider" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> provides a mechanism for blindly trusting any certificate presented to it without performing any kind of validation, including ignoring the validity dates included within the certificate. provides a mechanism for blindly trusting any certificate presented to it without performing any kind of validation, including ignoring the validity dates included within the certificate. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-blind-trust-manager-provider</ldap:name> <ldap:superior>ds-cfg-trust-manager-provider</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -56,6 +52,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,30 +25,29 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="blowfish-password-storage-scheme" <adm:managed-object name="blowfish-password-storage-scheme" plural-name="blowfish-password-storage-schemes" package="org.opends.server.admin.std" extends="password-storage-scheme" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> provides a mechanism for encoding user passwords using the Blowfish reversible encryption mechanism. This implementation contains only an implementation for the user password syntax, with a storage scheme name of "BLOWFISH". The <adm:user-friendly-name /> provides a mechanism for encoding user passwords using the Blowfish reversible encryption mechanism. </adm:synopsis> <adm:description> This scheme contains only an implementation for the user password syntax, with a storage scheme name of "BLOWFISH". </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-blowfish-password-storage-scheme</ldap:name> <ldap:superior>ds-cfg-password-storage-scheme</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -57,6 +56,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,30 +25,30 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="cancel-extended-operation-handler" <adm:managed-object name="cancel-extended-operation-handler" plural-name="cancel-extended-operation-handlers" package="org.opends.server.admin.std" extends="extended-operation-handler" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> provides support for the LDAP cancel extended operation as defined in RFC 3909. It allows clients to cancel operations initiated from earlier requests, and will ensure that both the cancel request and the operation being canceled will receive response messages. The <adm:user-friendly-name /> provides support for the LDAP cancel extended operation as defined in RFC 3909. </adm:synopsis> <adm:description> It allows clients to cancel operations initiated from earlier requests, and will ensure that both the cancel request and the operation being canceled will receive response messages. </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-cancel-extended-operation-handler</ldap:name> <ldap:superior>ds-cfg-extended-operation-handler</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -57,6 +57,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -30,24 +30,20 @@ package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-plural-name /> are responsible for establishing a mapping between a client certificate and the entry for the user that corresponds to that certificate. </adm:synopsis> <adm:tag name="security"/> <adm:tag name="user-management"/> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-certificate-mapper</ldap:name> <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="enabled" mandatory="true"> <adm:synopsis> Indicate whether the @@ -63,7 +59,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="java-class" mandatory="true"> <adm:synopsis> The fully-qualified name of the Java class that provides the opends/src/admin/defn/org/opends/server/admin/std/CharacterSetPasswordValidatorConfiguration.xml
@@ -25,7 +25,6 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="character-set-password-validator" plural-name="character-set-password-validators" package="org.opends.server.admin.std" extends="password-validator" @@ -35,9 +34,10 @@ The <adm:user-friendly-name /> is used to determine whether a proposed password is acceptable by determining whether it contains a sufficient number of characters from one or more user-defined character sets (e.g., passwords must have at least one lowercase letter, one uppercase letter, one digit, and one symbol). determining whether it contains a sufficient number of characters from one or more user-defined character sets (e.g., passwords must have at least one lowercase letter, one uppercase letter, one digit, and one symbol). </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> @@ -45,8 +45,7 @@ <ldap:superior>ds-cfg-password-validator</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -55,19 +54,22 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="character-set" mandatory="true" multi-valued="true"> <adm:property name="character-set" mandatory="true" multi-valued="true"> <adm:synopsis> Specifies a character set containing characters that a password may contain and a value indicating the minimum number of characters required from that set. The value must be an integer (indicating the minimum required characters from the set) followed by a colon and the characters to include in that set (e.g., "3:abcdefghijklmnopqrstuvwxyz" indicates that a user password must contain at least three characters from the set of lowercase ASCII letters). Multiple character sets may be defined in separate values, although no character may appear in more than one character set. Specifies a character set containing characters that a password may contain and a value indicating the minimum number of characters required from that set. </adm:synopsis> <adm:description> Each value must be an integer (indicating the minimum required characters from the set) followed by a colon and the characters to include in that set (e.g., "3:abcdefghijklmnopqrstuvwxyz" indicates that a user password must contain at least three characters from the set of lowercase ASCII letters). Multiple character sets may be defined in separate values, although no character may appear in more than one character set. </adm:description> <adm:syntax> <adm:string case-insensitive="false" /> </adm:syntax> @@ -77,14 +79,16 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="allow-unclassified-characters" mandatory="true"> <adm:synopsis> Indicates whether this password validator allows passwords to contain characters outside of any of the user-defined character sets. If this is "false", then only those characters in the user-defined character sets may be used in passwords. Indicates whether this password validator allows passwords to contain characters outside of any of the user-defined character sets. </adm:synopsis> <adm:description> If this is "false", then only those characters in the user-defined character sets may be used in passwords. </adm:description> <adm:syntax> <adm:boolean /> </adm:syntax> @@ -95,4 +99,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,30 +25,29 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="clear-password-storage-scheme" <adm:managed-object name="clear-password-storage-scheme" plural-name="clear-password-storage-schemes" package="org.opends.server.admin.std" extends="password-storage-scheme" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> provides a mechanism for storing user passwords in clear text, without any form of obfuscation. This implementation contains only an implementation for the user password syntax, with a storage scheme name of "CLEAR". The <adm:user-friendly-name /> provides a mechanism for storing user passwords in clear text, without any form of obfuscation. </adm:synopsis> <adm:description> This scheme contains only an implementation for the user password syntax, with a storage scheme name of "CLEAR". </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-clear-password-storage-scheme</ldap:name> <ldap:superior>ds-cfg-password-storage-scheme</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -57,6 +56,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,28 +25,24 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="client-connection-monitor-provider" <adm:managed-object name="client-connection-monitor-provider" plural-name="client-connection-monitor-providers" package="org.opends.server.admin.std" extends="monitor-provider" package="org.opends.server.admin.std" extends="monitor-provider" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> exposes monitor information about the set of client connections that are established to the Directory Server. The <adm:user-friendly-name /> exposes monitor information about the set of client connections that are established to the Directory Server. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-client-connection-monitor-provider</ldap:name> <ldap:superior>ds-cfg-monitor-provider</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -55,6 +51,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,29 +25,24 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="config-file-handler-backend" plural-name="config-file-handler-backends" package="org.opends.server.admin.std" extends="backend" package="org.opends.server.admin.std" extends="backend" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The config file handler backend provides the ability for clients to access the server configuration over protocol, allowing both read and write operations (although modify DN operations are not supported for entries in the server configuration). access the server configuration over protocol, allowing both read and write operations (although modify DN operations are not supported for entries in the server configuration). </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-config-file-handler-backend</ldap:name> <ldap:superior>ds-cfg-backend</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -56,6 +51,11 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property-override name="writability-mode" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value>enabled</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,29 +25,24 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="connection-handler" plural-name="connection-handlers" package="org.opends.server.admin.std" abstract="true" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-plural-name /> are responsible for handling all interaction with the clients, including accepting the connections, reading requests, and sending responses. </adm:synopsis> <adm:tag name="core"/> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-connection-handler</ldap:name> <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="enabled" mandatory="true"> <adm:synopsis> Indicate whether the @@ -63,8 +58,7 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="java-class" mandatory="true" advanced="true"> <adm:property name="java-class" mandatory="true"> <adm:synopsis> The fully-qualified name of the Java class that provides the <adm:user-friendly-name /> @@ -83,24 +77,27 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="allowed-client" multi-valued="true"> <adm:synopsis> This property specifies a set of address masks that may be used to determine the addresses of the clients that are allowed to establish connections to this connection handler. </adm:synopsis> <adm:description> <adm:requires-admin-action> <adm:none> <adm:synopsis> Changes to this configuration attribute will take effect immediately but will not interfere with connections that may already be established. </adm:description> </adm:synopsis> </adm:none> </adm:requires-admin-action> <adm:default-behavior> <adm:alias> <adm:synopsis> All clients with addresses that do not match an address on the deny list will be allowed. If there is no deny list, then all clients will be allowed. deny list will be allowed. If there is no deny list, then all clients will be allowed. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -113,7 +110,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="denied-client" multi-valued="true"> <adm:synopsis> This property specifies a set of address masks that may be used to @@ -125,15 +121,22 @@ connection matches one or more masks in both lists, then the connection will be denied. If only a denied list is specified, then any client not matching a mask in that list will be allowed. </adm:description> <adm:requires-admin-action> <adm:none> <adm:synopsis> Changes to this configuration attribute will take effect immediately but will not interfere with connections that may already be established. </adm:description> </adm:synopsis> </adm:none> </adm:requires-admin-action> <adm:default-behavior> <adm:alias> <adm:synopsis> If an allow list is specified, then only clients with addresses on the allow list will be allowed. Otherwise, all clients will be allowed. If an allow list is specified, then only clients with addresses on the allow list will be allowed. Otherwise, all clients will be allowed. </adm:synopsis> </adm:alias> </adm:default-behavior> opends/src/admin/defn/org/opends/server/admin/std/CramMD5SASLMechanismHandlerConfiguration.xml
@@ -25,7 +25,6 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="cram-md5-sasl-mechanism-handler" plural-name="cram-md5-sasl-mechanism-handlers" package="org.opends.server.admin.std" extends="sasl-mechanism-handler" @@ -34,7 +33,8 @@ <adm:synopsis> The <adm:user-friendly-name /> is used to perform all processing related to SASL CRAM-MD5 authentication. is used to perform all processing related to SASL CRAM-MD5 authentication. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> @@ -42,7 +42,7 @@ <ldap:superior>ds-cfg-sasl-mechanism-handler</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -53,8 +53,8 @@ </adm:property-override> <adm:property name="identity-mapper" mandatory="true"> <adm:synopsis> Specifies the name of the identity mapper that should be used to match the client authentication ID to a user entry. Specifies the name of the identity mapper that should be used to match the client authentication ID to a user entry. </adm:synopsis> <adm:syntax> <adm:aggregation relation-name="identity-mapper" @@ -74,4 +74,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,30 +25,29 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="crypt-password-storage-scheme" <adm:managed-object name="crypt-password-storage-scheme" plural-name="crypt-password-storage-schemes" package="org.opends.server.admin.std" extends="password-storage-scheme" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> provides a mechanism for encoding user passwords using the UNIX crypt algorithm. This implementation contains only an implementation for the user password syntax, with a storage scheme name of "CRYPT". The <adm:user-friendly-name /> provides a mechanism for encoding user passwords using the UNIX crypt algorithm. </adm:synopsis> <adm:description> This implementation contains only an implementation for the user password syntax, with a storage scheme name of "CRYPT". </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-crypt-password-storage-scheme</ldap:name> <ldap:superior>ds-cfg-password-storage-scheme</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -57,6 +56,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,17 +25,16 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="crypto-manager" plural-name="crypto-managers" <adm:managed-object name="crypto-manager" plural-name="crypto-managers" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> provides hashing, encryption and other kinds of cryptographic operations. It also contains methods for compressing and decompressing data. provides a common interface for performing compression, decompression, hashing, encryption and other kinds of cryptographic operations. </adm:synopsis> <adm:tag name="security"/> <adm:profile name="ldap"> @@ -44,7 +43,7 @@ <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="digest-algorithm" multi-valued="false" advanced="false"> <adm:property name="digest-algorithm" advanced="true"> <adm:synopsis> The preferred message digest algorithm for the Directory Server. </adm:synopsis> @@ -71,7 +70,7 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="mac-algorithm" multi-valued="false" advanced="false"> <adm:property name="mac-algorithm" advanced="true"> <adm:synopsis> The preferred MAC algorithm for the Directory Server. </adm:synopsis> @@ -98,7 +97,7 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="mac-key-length" multi-valued="false" advanced="false"> <adm:property name="mac-key-length" advanced="true"> <adm:synopsis> The preferred key length in bits for the preferred MAC algorithm. </adm:synopsis> @@ -125,18 +124,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="cipher-transformation" multi-valued="false" advanced="false"> <adm:property name="cipher-transformation" advanced="true"> <adm:synopsis> The preferred cipher for the Directory Server, to be specified using the syntax algorithm/mode/padding. The full transformation is required: specifying only an algorithm and allowing the cipher provider to supply the default mode and padding is not supported, because there is no guarantee these default values will be the same among different implementations. Some cipher algorithms, including RC4 and ARCFOUR, do not have a mode or padding, and hence must be specified using NONE for the The preferred cipher for the Directory Server, to be specified using the syntax algorithm/mode/padding. </adm:synopsis> <adm:description> The full transformation is required: specifying only an algorithm and allowing the cipher provider to supply the default mode and padding is not supported, because there is no guarantee these default values will be the same among different implementations. Some cipher algorithms, including RC4 and ARCFOUR, do not have a mode or padding, and hence must be specified using NONE for the mode field and NoPadding for the padding field. For example, RC4/NONE/NoPadding. </adm:synopsis> </adm:description> <adm:requires-admin-action> <adm:none> <adm:synopsis> @@ -160,7 +162,7 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="cipher-key-length" multi-valued="false" advanced="false"> <adm:property name="cipher-key-length" advanced="true"> <adm:synopsis> The preferred key length in bits for the preferred cipher. </adm:synopsis> @@ -204,7 +206,8 @@ <adm:default-behavior> <adm:alias> <adm:synopsis> Uses the default set of SSL protocols provided by the server's JVM. Uses the default set of SSL protocols provided by the server's JVM. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -248,10 +251,10 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="ssl-encryption" multi-valued="false"> <adm:property name="ssl-encryption"> <adm:synopsis> Specifies whether SSL/TLS is used to provide encrypted communication between two OpenDS server components. Specifies whether SSL/TLS is used to provide encrypted communication between two OpenDS server components. </adm:synopsis> <adm:requires-admin-action> <adm:none> @@ -264,9 +267,7 @@ </adm:requires-admin-action> <adm:default-behavior> <adm:defined> <adm:value> false </adm:value> <adm:value>false</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -280,4 +281,3 @@ </adm:property> <adm:property-reference name="ssl-cert-nickname" /> </adm:managed-object>
@@ -25,27 +25,23 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="debug-log-publisher" plural-name="debug-log-publishers" package="org.opends.server.admin.std" extends="log-publisher" abstract="true" xmlns:adm="http://www.opends.org/admin" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap" xmlns:cli="http://www.opends.org/admin-cli"> <adm:synopsis> <adm:user-friendly-plural-name /> are responsible for distributing debug log messages from the debug logger to a destination. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-debug-log-publisher</ldap:name> <ldap:superior>ds-cfg-log-publisher</ldap:superior> </ldap:object-class> </adm:profile> <adm:relation name="debug-target"> <adm:one-to-many naming-property="debug-scope"/> <adm:profile name="ldap"> @@ -58,7 +54,6 @@ </cli:relation> </adm:profile> </adm:relation> <adm:property name="java-class" mandatory="true"> <adm:synopsis> The fully-qualified name of the Java class that provides the @@ -78,12 +73,16 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="default-debug-level" mandatory="true"> <adm:synopsis> The lowest severity level of debug messages to log when none of the defined targets match the message. </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value>error</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> <adm:enumeration> <adm:value name="disabled"> @@ -126,17 +125,16 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="default-debug-category" multi-valued="true"> <adm:synopsis> The debug message categories to be logged when none of the defined targets match the message. The debug message categories to be logged when none of the defined targets match the message. </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> Messages with any category will be logged if they have a sufficient debug level. Messages with any category will be logged if they have a sufficient debug level. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -177,7 +175,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="default-omit-method-entry-arguments"> <adm:synopsis> Property to indicate whether to include method arguments in debug @@ -199,7 +196,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="default-omit-method-return-value"> <adm:synopsis> Property to indicate whether to include the return value in debug @@ -219,7 +215,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="default-include-throwable-cause"> <adm:synopsis> Property to indicate whether to include the cause of exceptions in @@ -239,7 +234,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="default-throwable-stack-frames"> <adm:synopsis> Property to indicate the number of stack frames to include in the opends/src/admin/defn/org/opends/server/admin/std/DebugTargetConfiguration.xml
@@ -25,33 +25,27 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="debug-target" plural-name="debug-targets" <adm:managed-object name="debug-target" plural-name="debug-targets" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-plural-name /> define the types of messages logged by the debug logPublisher. </adm:synopsis> <adm:tag name="logging"/> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-debug-target</ldap:name> <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="debug-scope" mandatory="true" read-only="true"> <adm:synopsis> The fully-qualified OpenDS Java package, class, or method affected by the settings in this target definition. Use the number character (#) to separate the class name and the method name. (ie. org.opends.server.core.DirectoryServer#startUp) The fully-qualified OpenDS Java package, class, or method affected by the settings in this target definition. Use the number character (#) to separate the class name and the method name. (ie. org.opends.server.core.DirectoryServer#startUp) </adm:synopsis> <adm:syntax> <adm:string> @@ -61,20 +55,18 @@ </adm:regex> <adm:usage>JAVA_NAME</adm:usage> <adm:synopsis> A fully-qualified OpenDS Java package, class, or method name. A fully-qualified OpenDS Java package, class, or method name. </adm:synopsis> </adm:pattern> </adm:string> </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> <ldap:name> ds-cfg-debug-scope </ldap:name> <ldap:name>ds-cfg-debug-scope</ldap:name> </ldap:attribute> </adm:profile> </adm:property> <adm:property name="debug-level" mandatory="true"> <adm:synopsis> The lowest severity level of debug messages to log. @@ -82,28 +74,30 @@ <adm:syntax> <adm:enumeration> <adm:value name="disabled"> <adm:synopsis> No messages will be logged. </adm:synopsis> <adm:synopsis>No messages will be logged.</adm:synopsis> </adm:value> <adm:value name="error"> <adm:synopsis> Messages with severity level of ERROR or higher will be logged. Messages with severity level of ERROR or higher will be logged. </adm:synopsis> </adm:value> <adm:value name="warning"> <adm:synopsis> Messages with severity level of WARNING or higher will be logged. Messages with severity level of WARNING or higher will be logged. </adm:synopsis> </adm:value> <adm:value name="info"> <adm:synopsis> Messages with severity level of INFO or higher will be logged. Messages with severity level of INFO or higher will be logged. </adm:synopsis> </adm:value> <adm:value name="verbose"> <adm:synopsis> Messages with severity level of VERBOSE or higher will be logged. Messages with severity level of VERBOSE or higher will be logged. </adm:synopsis> </adm:value> <adm:value name="all"> @@ -119,7 +113,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="debug-category" multi-valued="true"> <adm:synopsis> The debug message categories to be logged. @@ -127,57 +120,39 @@ <adm:default-behavior> <adm:alias> <adm:synopsis> Messages with any category will be logged if they have a sufficient debug level. Messages with any category will be logged if they have a sufficient debug level. </adm:synopsis> </adm:alias> </adm:default-behavior> <adm:syntax> <adm:enumeration> <adm:value name="caught"> <adm:synopsis> Exception caught. </adm:synopsis> <adm:synopsis>Exception caught.</adm:synopsis> </adm:value> <adm:value name="constructor"> <adm:synopsis> Constructor entry. </adm:synopsis> <adm:synopsis>Constructor entry.</adm:synopsis> </adm:value> <adm:value name="data"> <adm:synopsis> Raw data dump. </adm:synopsis> <adm:synopsis>Raw data dump.</adm:synopsis> </adm:value> <adm:value name="database-access"> <adm:synopsis> Access to a backend database. </adm:synopsis> <adm:synopsis>Access to a backend database.</adm:synopsis> </adm:value> <adm:value name="enter"> <adm:synopsis> Method entry. </adm:synopsis> <adm:synopsis>Method entry.</adm:synopsis> </adm:value> <adm:value name="exit"> <adm:synopsis> Method exit. </adm:synopsis> <adm:synopsis>Method exit.</adm:synopsis> </adm:value> <adm:value name="message"> <adm:synopsis> Arbitrary debug message. </adm:synopsis> <adm:synopsis>Arbitrary debug message.</adm:synopsis> </adm:value> <adm:value name="protocol"> <adm:synopsis> Protocol element dump. </adm:synopsis> <adm:synopsis>Protocol element dump.</adm:synopsis> </adm:value> <adm:value name="thrown"> <adm:synopsis> Exception throw from method. </adm:synopsis> <adm:synopsis>Exception throw from method.</adm:synopsis> </adm:value> </adm:enumeration> </adm:syntax> @@ -187,7 +162,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="omit-method-entry-arguments"> <adm:synopsis> Property to indicate whether to include method arguments in debug @@ -195,9 +169,7 @@ </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value> false </adm:value> <adm:value>false</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -209,7 +181,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="omit-method-return-value"> <adm:synopsis> Property to indicate whether to include the return value in debug @@ -217,9 +188,7 @@ </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value> false </adm:value> <adm:value>false</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -231,7 +200,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="include-throwable-cause"> <adm:synopsis> Property to indicate whether to include the cause of exceptions in @@ -239,9 +207,7 @@ </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value> false </adm:value> <adm:value>false</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -253,17 +219,14 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="throwable-stack-frames"> <adm:synopsis> Property to indicate the number of stack frames to include in the stack trace for method entry and exception thrown messages. Property to indicate the number of stack frames to include in the stack trace for method entry and exception thrown messages. </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value> 0 </adm:value> <adm:value>0</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> opends/src/admin/defn/org/opends/server/admin/std/DictionaryPasswordValidatorConfiguration.xml
@@ -25,7 +25,6 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="dictionary-password-validator" plural-name="dictionary-password-validators" package="org.opends.server.admin.std" extends="password-validator" @@ -34,8 +33,9 @@ <adm:synopsis> The <adm:user-friendly-name /> is used to determine whether a proposed password is acceptable based on whether the given password value appears in a provided dictionary file. is used to determine whether a proposed password is acceptable based on whether the given password value appears in a provided dictionary file. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> @@ -43,8 +43,7 @@ <ldap:superior>ds-cfg-password-validator</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -53,15 +52,17 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="dictionary-file" mandatory="true"> <adm:synopsis> Specifies the path to the file containing a list of words that may not be used as passwords. It should be formatted with one word per line. The value may be an absolute path, or a path that is relative to the Specifies the path to the file containing a list of words that may not be used as passwords. </adm:synopsis> <adm:description> It should be formatted with one word per line. The value may be an absolute path, or a path that is relative to the <adm:product-name /> instance root. </adm:synopsis> </adm:description> <adm:syntax> <adm:string /> </adm:syntax> @@ -71,19 +72,17 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="case-sensitive-validation" mandatory="true"> <adm:synopsis> Indicates whether this password validator should treat password characters in a case-sensitive manner. Indicates whether this password validator should treat password characters in a case-sensitive manner. </adm:synopsis> <adm:description> Indicates whether this password validator should treat password characters in a case-sensitive manner. A value of false indicates that any differences in capitalization should be ignored when looking for consecutive characters in the password. A value of true indicates that a character should only be considered repeating if all consecutive occurrences use the same capitalization. A value of false indicates that any differences in capitalization should be ignored when looking for consecutive characters in the password. A value of true indicates that a character should only be considered repeating if all consecutive occurrences use the same capitalization. </adm:description> <adm:syntax> <adm:boolean /> @@ -94,11 +93,11 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="test-reversed-password" mandatory="true"> <adm:synopsis> Indicates whether this password validator should test the reversed value of the provided password as well as the order in which it was given. Indicates whether this password validator should test the reversed value of the provided password as well as the order in which it was given. </adm:synopsis> <adm:syntax> <adm:boolean /> @@ -110,4 +109,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,7 +25,6 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="digest-md5-sasl-mechanism-handler" plural-name="digest-md5-sasl-mechanism-handlers" package="org.opends.server.admin.std" extends="sasl-mechanism-handler" @@ -43,7 +42,7 @@ <ldap:superior>ds-cfg-sasl-mechanism-handler</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -52,21 +51,20 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="realm" mandatory="false"> <adm:property name="realm"> <adm:synopsis> The realm that should be used for DIGEST-MD5 authentication. Specifies the realm that should be used by the server for DIGEST-MD5 authentication. </adm:synopsis> <adm:description> Specifies the realm that should be used by the server for DIGEST-MD5 authentication. If this is not provided, then the server will default to using a set of realm names that correspond to the defined suffixes. Changes to this configuration attribute will take effect immediately. If this is not provided, then the server will default to using a set of realm names that correspond to the defined suffixes. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> The server will default to a set of realm names that correspond to the defined suffixes. The server will default to a set of realm names that correspond to the defined suffixes. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -101,23 +99,20 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="server-fqdn" mandatory="false"> <adm:property name="server-fqdn"> <adm:synopsis> Specifies the fully-qualified domain name for the system. This is the value expected to be present in the host field of the digest-uri-value element. Specifies the DNS-resolvable fully-qualified domain name for the system. </adm:synopsis> <adm:description> Specifies the DNS-resolvable fully-qualified domain name for the system. If this is not provided, then the server will attempt to determine this dynamically. Changes to this configuration attribute will take effect immediately. This is the value expected to be present in the host field of the digest-uri-value element. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> The server will attempt to dynamically determine the fully-qualified domain name. The server will attempt to dynamically determine the fully-qualified domain name. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -131,4 +126,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,27 +25,23 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="directory-string-attribute-syntax" plural-name="directory-string-attribute-syntaxes" extends="attribute-syntax" package="org.opends.server.admin.std" abstract="false" extends="attribute-syntax" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-plural-name /> define an attribute syntax for storing arbitrary string (and sometimes binary) data. define an attribute syntax for storing arbitrary string (and sometimes binary) data. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-directory-string-attribute-syntax</ldap:name> <ldap:superior>ds-cfg-attribute-syntax</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -54,14 +50,16 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="allow-zero-length-values" mandatory="false"> <adm:property name="allow-zero-length-values" advanced="true"> <adm:synopsis> Indicate whether zero-length (i.e., empty string) values will be allowed. This is technically not allowed by the revised LDAPv3 specification, but some environments may require it for backward compatibility with servers that did allow it. Indicate whether zero-length (i.e., empty string) values will be allowed. </adm:synopsis> <adm:description> This is technically not allowed by the revised LDAPv3 specification, but some environments may require it for backward compatibility with servers that did allow it. </adm:description> <adm:default-behavior> <adm:defined> <adm:value>false</adm:value> @@ -76,6 +74,4 @@ </ldap:attribute> </adm:profile> </adm:property> </adm:managed-object>
@@ -25,27 +25,24 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="dsee-compat-access-control-handler" plural-name="dseecompat-access-control-handlers" package="org.opends.server.admin.std" extends="access-control-handler" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> is the provider class for the dseecompat ACI. provides a Sun Java System Directory Server Enterprise Edition compatible access control implementation. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-dsee-compat-access-control-handler</ldap:name> <ldap:superior>ds-cfg-access-control-handler</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -54,22 +51,21 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="global-aci" mandatory="false" multi-valued="true"> <adm:synopsis> Defines a global access control rule, which will always be interpreted for any entry anywhere in the server (although it may be overridden by more specific access control rules placed in the data). </adm:synopsis> <adm:property name="global-aci" multi-valued="true"> <adm:synopsis>Defines global access control rules.</adm:synopsis> <adm:description> Global access control rules apply to all entries anywhere in the data managed by the Directory Server. The global access control rules may be overridden by more specific access control rules placed in the data. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> No global ACIs will be defined, which means that no access will be allowed for any data in the server unless granted by access control rules in the user data. No global access control rules will be defined, which means that no access will be allowed for any data in the server unless specifically granted by access control rules in the data. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -83,4 +79,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,37 +25,28 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="dynamic-group-implementation" <adm:managed-object name="dynamic-group-implementation" plural-name="dynamic-group-implementations" package="org.opends.server.admin.std" extends="group-implementation" package="org.opends.server.admin.std" extends="group-implementation" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> provides a grouping mechanism in which the group membership is determined based on criteria defined in one or more LDAP URLs. The <adm:user-friendly-name /> provides a grouping mechanism in which the group membership is determined based on criteria defined in one or more LDAP URLs. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-dynamic-group-implementation</ldap:name> <ldap:superior>ds-cfg-group-implementation</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> org.opends.server.extensions.DynamicGroup </adm:value> <adm:value>org.opends.server.extensions.DynamicGroup</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,28 +25,23 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="entry-cache" plural-name="entry-caches" <adm:managed-object name="entry-cache" plural-name="entry-caches" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap" > xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-name /> defines a Directory Server entry cache. <adm:user-friendly-plural-name /> are responsible for caching entries which are likely to be accessed by client applications in order to improve Directory Server performance. </adm:synopsis> <adm:tag name="database"/> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-entry-cache</ldap:name> <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="enabled" mandatory="true"> <adm:synopsis> Indicate whether the @@ -62,7 +57,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="java-class" mandatory="true"> <adm:synopsis> The fully-qualified name of the Java class that provides the @@ -82,5 +76,4 @@ </ldap:attribute> </adm:profile> </adm:property> </adm:managed-object> opends/src/admin/defn/org/opends/server/admin/std/EntryCacheMonitorProviderConfiguration.xml
@@ -25,28 +25,24 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="entry-cache-monitor-provider" <adm:managed-object name="entry-cache-monitor-provider" plural-name="entry-cache-monitor-providers" package="org.opends.server.admin.std" extends="monitor-provider" package="org.opends.server.admin.std" extends="monitor-provider" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> exposes monitor information about Directory Server entry cache state. The <adm:user-friendly-name /> exposes monitor information about Directory Server entry cache state. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-entry-cache-monitor-provider</ldap:name> <ldap:superior>ds-cfg-monitor-provider</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -55,5 +51,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object> opends/src/admin/defn/org/opends/server/admin/std/EntryDNVirtualAttributeConfiguration.xml
@@ -25,29 +25,28 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="entry-dn-virtual-attribute" plural-name="entry-dn-virtual-attributes" package="org.opends.server.admin.std" extends="virtual-attribute" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> may be used to generate the entryDN operational attribute, which contains a normalized form of the entry's DN. This provides the ability to use search filters containing the entry's DN. may be used to generate the entryDN operational attribute, which contains a normalized form of the entry's DN. </adm:synopsis> <adm:description> This provides the ability to use search filters containing the entry's DN. </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-entry-dn-virtual-attribute</ldap:name> <ldap:superior>ds-cfg-virtual-attribute</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -56,16 +55,18 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property-override name="conflict-behavior"> <adm:property-override name="conflict-behavior" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> virtual-overrides-real </adm:value> <adm:value>virtual-overrides-real</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property-override name="attribute-type"> <adm:default-behavior> <adm:defined> <adm:value>entryDN</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,38 +25,30 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="entry-uuid-plugin" plural-name="entry-uuid-plugins" package="org.opends.server.admin.std" extends="plugin" xmlns:adm="http://www.opends.org/admin" plural-name="entry-uuid-plugins" package="org.opends.server.admin.std" extends="plugin" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> is used to generate values for the entryUUID operational attribute whenever an entry is added via protocol or imported from LDIF. is used to generate values for the entryUUID operational attribute whenever an entry is added via protocol or imported from LDIF. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-entry-uuid-plugin</ldap:name> <ldap:superior>ds-cfg-plugin</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> org.opends.server.plugins.EntryUUIDPlugin </adm:value> <adm:value>org.opends.server.plugins.EntryUUIDPlugin</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property-override name="plugin-type"> <adm:property-override name="plugin-type" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value>ldifimport</adm:value> @@ -64,6 +56,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,31 +25,30 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="entry-uuid-virtual-attribute" plural-name="entry-uuid-virtual-attributes" package="org.opends.server.admin.std" extends="virtual-attribute" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> may be used to ensure that all entries contained in private backends will have values for the entryUUID operational attribute. The entryUUID values will be generated based on a normalized representation of the entry's DN, which should not cause a consistency problem because we do not allow modify DN operations to be performed in private backends. will have values for the entryUUID operational attribute. </adm:synopsis> <adm:description> The entryUUID values will be generated based on a normalized representation of the entry's DN, which should not cause a consistency problem because we do not allow modify DN operations to be performed in private backends. </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-entry-uuid-virtual-attribute</ldap:name> <ldap:superior>ds-cfg-virtual-attribute</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -58,16 +57,18 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property-override name="conflict-behavior"> <adm:property-override name="conflict-behavior" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> real-overrides-virtual </adm:value> <adm:value>real-overrides-virtual</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property-override name="attribute-type"> <adm:default-behavior> <adm:defined> <adm:value>entryUUID</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,25 +25,21 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="equality-matching-rule" plural-name="equality-matching-rules" package="org.opends.server.admin.std" extends="matching-rule" abstract="false" package="org.opends.server.admin.std" extends="matching-rule" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-plural-name /> define a set of rules for performing equality matching operations against assertion values (i.e., to determine whether an attribute value equals an assertion value). define a set of rules for performing equality matching operations against assertion values (i.e., to determine whether an attribute value equals an assertion value). </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-equality-matching-rule</ldap:name> <ldap:superior>ds-cfg-matching-rule</ldap:superior> </ldap:object-class> </adm:profile> </adm:managed-object>
@@ -47,7 +47,7 @@ </ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -59,8 +59,7 @@ <adm:property name="account-status-notification-type" mandatory="true" multi-valued="true"> <adm:synopsis> <adm:user-friendly-name /> is a possible event type that can trigger an account status Indicates which types of event can trigger an account status notification. </adm:synopsis> <adm:syntax> opends/src/admin/defn/org/opends/server/admin/std/ErrorLogPublisherConfiguration.xml
@@ -25,28 +25,22 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="error-log-publisher" plural-name="error-log-publishers" package="org.opends.server.admin.std" extends="log-publisher" abstract="true" package="org.opends.server.admin.std" extends="log-publisher" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-plural-name /> are responsible for distributing error log messages from the error logger to a destination. are responsible for distributing error log messages from the error logger to a destination. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-error-log-publisher</ldap:name> <ldap:superior>ds-cfg-log-publisher</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="java-class" mandatory="true"> <adm:synopsis> The fully-qualified name of the Java class that provides the @@ -66,18 +60,16 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="default-severity" multi-valued="true"> <adm:synopsis> Property to specify the default severity levels for the logger. </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> Severities fatal-error, severe-warning, and severe-error will be used for the logger. </adm:synopsis> </adm:alias> <adm:defined> <adm:value>fatal-error</adm:value> <adm:value>severe-warning</adm:value> <adm:value>severe-error</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> <adm:enumeration> @@ -88,32 +80,33 @@ </adm:value> <adm:value name="none"> <adm:synopsis> No messages of any severity will be logged by default. This value is intended to be used in conjunction with the override-severity property to define an error logger that will publish no error message beside the errors of a given category. No messages of any severity will be logged by default. This value is intended to be used in conjunction with the override-severity property to define an error logger that will publish no error message beside the errors of a given category. </adm:synopsis> </adm:value> <adm:value name="fatal-error"> <adm:synopsis> The error log severity that will be used for messages that provide information about fatal errors which may force the server to shut down or operate in a significantly degraded state. provide information about fatal errors which may force the server to shut down or operate in a significantly degraded state. </adm:synopsis> </adm:value> <adm:value name="info"> <adm:synopsis> The error log severity that will be used for messages that provide information about significant events within the server that are not warnings or errors. provide information about significant events within the server that are not warnings or errors. </adm:synopsis> </adm:value> <adm:value name="mild-error"> <adm:synopsis> The error log severity that will be used for messages that provide information about mild (recoverable) errors encountered during processing. provide information about mild (recoverable) errors encountered during processing. </adm:synopsis> </adm:value> <adm:value name="mild-warning"> @@ -125,10 +118,10 @@ </adm:value> <adm:value name="notice"> <adm:synopsis> The error log severity that will be used for the most important informational messages (i.e., information that should almost always be logged but is not associated with a warning or error condition). The error log severity that will be used for the most important informational messages (i.e., information that should almost always be logged but is not associated with a warning or error condition). </adm:synopsis> </adm:value> <adm:value name="severe-error"> @@ -148,8 +141,7 @@ <adm:value name="debug"> <adm:synopsis> The error log severity that will be used for messages that provide debugging information triggered during processing. provide debugging information triggered during processing. </adm:synopsis> </adm:value> </adm:enumeration> @@ -160,19 +152,25 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="override-severity" multi-valued="true"> <adm:TODO> This should be split into per-category properties whose value defaults to the default-severity. See issue 2503. </adm:TODO> <adm:synopsis> Property to specify the override severity levels for the logger based on the category of the messages. Each override severity level should include the category and the severity levels to log for that category. (i.e., core=mild-error,info,mild-warning). Valid categories are: core, extensions, protocol, config, log, util, schema, plugin, jeb, backend, tools, task, access-control, admin, sync, version, quicksetup, admin-tool, dsconfig, user-defined. Valid severities are: all, fatal-error, info, mild-error, mild-warning, notice, severe-error, severe-warning, debug. based on the category of the messages. </adm:synopsis> <adm:description> Each override severity level should include the category and the severity levels to log for that category. (i.e., core=mild-error,info,mild-warning). Valid categories are: core, extensions, protocol, config, log, util, schema, plugin, jeb, backend, tools, task, access-control, admin, sync, version, quicksetup, admin-tool, dsconfig, user-defined. Valid severities are: all, fatal-error, info, mild-error, mild-warning, notice, severe-error, severe-warning, debug. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> opends/src/admin/defn/org/opends/server/admin/std/ExactMatchIdentityMapperConfiguration.xml
@@ -25,28 +25,25 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="exact-match-identity-mapper" plural-name="exact-match-identity-mappers" package="org.opends.server.admin.std" extends="identity-mapper" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> maps an identifier string to user entries by searching for the entry containing a specified attribute whose value is the provided identifier. containing a specified attribute whose value is the provided identifier. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-exact-match-identity-mapper</ldap:name> <ldap:superior>ds-cfg-identity-mapper</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -55,19 +52,18 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="match-attribute" mandatory="true" multi-valued="true"> <adm:property name="match-attribute" mandatory="true" multi-valued="true"> <adm:synopsis> Specifies the attribute to use to perform the mapping. Specifies the attribute whose value should exactly match the ID string provided to this identity mapper. </adm:synopsis> <adm:description> Specifies the name or OID of the attribute whose value should exactly match the ID string provided to this identity mapper. At least one value must be provided. All values must refer to the name or OID of an attribute type defined in the Directory Server schema. If multiple attribute type names or OIDs are provided, then at least one of those attributes must contain the provided ID string value in exactly one entry. At least one value must be provided. All values must refer to the name or OID of an attribute type defined in the Directory Server schema. If multiple attribute type names or OIDs are provided, then at least one of those attributes must contain the provided ID string value in exactly one entry. </adm:description> <adm:syntax> <adm:attribute-type /> @@ -78,15 +74,13 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="match-base-dn" mandatory="false" multi-valued="true"> <adm:property name="match-base-dn" multi-valued="true"> <adm:synopsis> Specifies the set of base DNs below which to search for users. </adm:synopsis> <adm:description> Specifies the base DN(s) that should be used when performing searches to map the provided ID string to a user entry. If no values are provided, then the server will search below all public naming contexts. The base DNs will be used when performing searches to map the provided ID string to a user entry. </adm:description> <adm:default-behavior> <adm:alias> @@ -105,4 +99,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,12 +25,9 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="extended-operation-handler" <adm:managed-object name="extended-operation-handler" plural-name="extended-operation-handlers" package="org.opends.server.admin.std" abstract="false" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> @@ -49,9 +46,8 @@ <adm:synopsis> Indicates whether the <adm:user-friendly-name /> is enabled for use (i.e. whether the types of extended operations that it defines will be allowed in the server). Changes to this property will take effect immediately. is enabled for use (i.e. whether the types of extended operations that it defines will be allowed in the server). </adm:synopsis> <adm:syntax> <adm:boolean /> opends/src/admin/defn/org/opends/server/admin/std/ExternalSASLMechanismHandlerConfiguration.xml
@@ -25,27 +25,24 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="external-sasl-mechanism-handler" plural-name="external-sasl-mechanism-handlers" package="org.opends.server.admin.std" extends="sasl-mechanism-handler" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> is used to perform all processing related to SASL EXTERNAL authentication. is used to perform all processing related to SASL EXTERNAL authentication. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-external-sasl-mechanism-handler</ldap:name> <ldap:superior>ds-cfg-sasl-mechanism-handler</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -54,41 +51,29 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="certificate-validation-policy" mandatory="true"> <adm:synopsis> Indicates whether to attempt to validate the peer certificate against a value held in the user's entry. Indicates whether to attempt to validate the peer certificate against a certificate held in the user's entry. </adm:synopsis> <adm:description> Indicates whether the SASL EXTERNAL mechanism handler should attempt to validate the peer certificate against a certificate in the corresponding user's entry. The value must be one of "true" (which will always attempt to validate the certificate and will fail if no certificates are present), "false" (which will never attempt to validate the peer certificate), and "ifpresent" (which will validate the peer certificate if there are one or more certificates in the user's entry, but will not fail if there are no certificates in the entry. Changes to this configuration attribute will take effect immediately. </adm:description> <adm:syntax> <adm:enumeration> <adm:value name="always"> <adm:synopsis> Always require the peer certificate to be present in the user's entry. Always require the peer certificate to be present in the user's entry. </adm:synopsis> </adm:value> <adm:value name="ifpresent"> <adm:synopsis> If the user's entry contains one or more certificates, require that one of them match the peer certificate. If the user's entry contains one or more certificates, require that one of them match the peer certificate. </adm:synopsis> </adm:value> <adm:value name="never"> <adm:synopsis> Do not look for the peer certificate to be present in the user's entry. Do not look for the peer certificate to be present in the user's entry. </adm:synopsis> </adm:value> </adm:enumeration> @@ -99,17 +84,14 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="certificate-attribute" mandatory="false"> <adm:property name="certificate-attribute"> <adm:synopsis> Specifies the attribute that should hold user certificates. Specifies the name of the attribute that should hold user certificates. </adm:synopsis> <adm:description> Specifies the name of the attribute that will be used to hold the certificate information in user entries for the purpose of validation. This must specify the name of a valid attribute type defined in the server schema. Changes to this configuration attribute will take effect immediately. This must specify the name of a valid attribute type defined in the server schema. </adm:description> <adm:default-behavior> <adm:defined> @@ -125,7 +107,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="certificate-mapper" mandatory="true"> <adm:synopsis> Specifies the name of the certificate mapper that should be used @@ -149,4 +130,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,51 +25,44 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="fifo-entry-cache" plural-name="fifo-entry-caches" package="org.opends.server.admin.std" extends="entry-cache" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap" > <adm:managed-object name="fifo-entry-cache" plural-name="fifo-entry-caches" package="org.opends.server.admin.std" extends="entry-cache" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-name /> defines a Directory Server entry cache that uses a FIFO to keep track of the entries. Entries that have been in the cache the longest are the most likely candidates for purging if space is needed. In contrast to other cache structures, the selection of entries to purge is not based on how frequently or recently the entries have been accessed. This requires significantly less locking (it will only be required when an entry is added or removed from the cache, rather than each time an entry is accessed). Cache sizing is based on the percentage of free memory within the JVM, such that if enough memory is free, then adding an entry to the cache will not require purging, but if more than a specified percentage of the available memory within the JVM is already consumed, then one or more entries will need to be removed in order to make room for a new entry. It is also possible to configure a maximum number of entries for the cache. If this is specified, then the number of entries will not be allowed to exceed this value, but it may not be possible to hold this many entries if the available memory fills up first. Other configurable parameters for this cache include the maximum length of time to block while waiting to acquire a lock, and a set of filters that may be used to define criteria for determining which entries are stored in the cache. If a filter list is provided, then only entries matching at least one of the given filters will be stored in the cache. <adm:user-friendly-plural-name /> use a FIFO queue to keep track of the cached entries. </adm:synopsis> <adm:description> Entries that have been in the cache the longest are the most likely candidates for purging if space is needed. In contrast to other cache structures, the selection of entries to purge is not based on how frequently or recently the entries have been accessed. This requires significantly less locking (it will only be required when an entry is added or removed from the cache, rather than each time an entry is accessed). Cache sizing is based on the percentage of free memory within the JVM, such that if enough memory is free, then adding an entry to the cache will not require purging, but if more than a specified percentage of the available memory within the JVM is already consumed, then one or more entries will need to be removed in order to make room for a new entry. It is also possible to configure a maximum number of entries for the cache. If this is specified, then the number of entries will not be allowed to exceed this value, but it may not be possible to hold this many entries if the available memory fills up first. Other configurable parameters for this cache include the maximum length of time to block while waiting to acquire a lock, and a set of filters that may be used to define criteria for determining which entries are stored in the cache. If a filter list is provided, then only entries matching at least one of the given filters will be stored in the cache. </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-fifo-entry-cache</ldap:name> <ldap:superior>ds-cfg-entry-cache</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -78,11 +71,10 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="lock-timeout" mandatory="false"> <adm:property name="lock-timeout" advanced="true"> <adm:synopsis> The length of time in milliseconds to wait while attempting to acquire a read or write lock. The length of time to wait while attempting to acquire a read or write lock. </adm:synopsis> <adm:default-behavior> <adm:defined> @@ -90,7 +82,8 @@ </adm:defined> </adm:default-behavior> <adm:syntax> <adm:duration base-unit="ms" lower-limit="0" allow-unlimited="true"/> <adm:duration base-unit="ms" lower-limit="0" allow-unlimited="true" /> </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> @@ -98,11 +91,10 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="max-memory-percent" mandatory="false"> <adm:property name="max-memory-percent"> <adm:synopsis> The maximum memory usage for the entry cache as a percentage of the total JVM memory. The maximum memory usage for the entry cache as a percentage of the total JVM memory. </adm:synopsis> <adm:default-behavior> <adm:defined> @@ -118,8 +110,7 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="max-entries" mandatory="false"> <adm:property name="max-entries"> <adm:synopsis> The maximum number of entries that we will allow in the cache. </adm:synopsis> @@ -137,9 +128,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property-reference name="include-filter" /> <adm:property-reference name="exclude-filter" /> </adm:managed-object>
@@ -25,26 +25,22 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="file-based-access-log-publisher" plural-name="file-based-access-log-publishers" package="org.opends.server.admin.std" extends="access-log-publisher" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-plural-name /> publish access messages to the file system. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-file-based-access-log-publisher</ldap:name> <ldap:superior>ds-cfg-access-log-publisher</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -53,13 +49,17 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="asynchronous" mandatory="true"> <adm:property name="asynchronous" mandatory="true" advanced="true"> <adm:synopsis> Indicate whether the <adm:user-friendly-name /> will publish records asynchronously. </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value>true</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> <adm:boolean /> </adm:syntax> @@ -69,17 +69,14 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="queue-size"> <adm:property name="queue-size" advanced="true"> <adm:synopsis> The maximum number of log records that can be stored in the asynchronous queue. </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value> 5000 </adm:value> <adm:value>5000</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -91,12 +88,11 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="log-file" mandatory="true"> <adm:synopsis> The file name to use for the log files generated by the <adm:user-friendly-name />. The path to the file is relative to the server root. <adm:user-friendly-name /> . The path to the file is relative to the server root. </adm:synopsis> <adm:requires-admin-action> <adm:component-restart /> @@ -110,22 +106,25 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="log-file-permissions" mandatory="true"> <adm:synopsis> The UNIX permissions of the log files created by this <adm:user-friendly-name />. <adm:user-friendly-name /> . </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value>640</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> <adm:string> <adm:pattern> <adm:regex> ^([0-7][0-7][0-7])$ </adm:regex> <adm:regex>^([0-7][0-7][0-7])$</adm:regex> <adm:usage>MODE</adm:usage> <adm:synopsis> An valid UNIX mode string. The mode string must contain three digits between zero and seven. An valid UNIX mode string. The mode string must contain three digits between zero and seven. </adm:synopsis> </adm:pattern> </adm:string> @@ -136,17 +135,14 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="time-interval"> <adm:property name="time-interval" advanced="true"> <adm:synopsis> This property specifies the interval to check whether the log files need to be rotated. Specifies the interval to check whether the log files need to be rotated. </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value> 5s </adm:value> <adm:value>5s</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -158,16 +154,11 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="buffer-size"> <adm:synopsis> This property specifies the log file buffer size. </adm:synopsis> <adm:property name="buffer-size" advanced="true"> <adm:synopsis>Specifies the log file buffer size.</adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value> 64kb </adm:value> <adm:value>64kb</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -179,18 +170,17 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="auto-flush"> <adm:property name="auto-flush" advanced="true"> <adm:synopsis> This property specifies whether to flush the writer after every log record. If the asynchronous writes option is used, the writer will be flushed after all the log records in the queue are written. Specifies whether to flush the writer after every log record. </adm:synopsis> <adm:description> If the asynchronous writes option is used, the writer will be flushed after all the log records in the queue are written. </adm:description> <adm:default-behavior> <adm:defined> <adm:value> true </adm:value> <adm:value>true</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -202,16 +192,13 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="append"> <adm:synopsis> This property specifies whether to append to existing log files. Specifies whether to append to existing log files. </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value> true </adm:value> <adm:value>true</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -223,13 +210,16 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="rotation-policy" multi-valued="true"> <adm:synopsis> The rotation policy to use for the <adm:user-friendly-name />. When multiple policies are used, rotation will occur if any policy's conditions are met. The rotation policy to use for the <adm:user-friendly-name /> . </adm:synopsis> <adm:description> When multiple policies are used, rotation will occur if any policy's conditions are met. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> @@ -247,17 +237,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="retention-policy" multi-valued="true"> <adm:synopsis> The retention policy to use for the <adm:user-friendly-name />. When multiple policies are used, log files will be cleaned when any of the policy's conditions are met The retention policy to use for the <adm:user-friendly-name /> . </adm:synopsis> <adm:description> When multiple policies are used, log files will be cleaned when any of the policy's conditions are met. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> No retention policy is used and log files will never be cleaned. No retention policy is used and log files will never be cleaned. </adm:synopsis> </adm:alias> </adm:default-behavior> opends/src/admin/defn/org/opends/server/admin/std/FileBasedDebugLogPublisherConfiguration.xml
@@ -25,26 +25,22 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="file-based-debug-log-publisher" plural-name="file-based-debug-log-publishers" package="org.opends.server.admin.std" extends="debug-log-publisher" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-plural-name /> publish debug messages to the file system. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-file-based-debug-log-publisher</ldap:name> <ldap:superior>ds-cfg-debug-log-publisher</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -53,13 +49,17 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="asynchronous" mandatory="true"> <adm:property name="asynchronous" mandatory="true" advanced="true"> <adm:synopsis> Indicate whether the <adm:user-friendly-name /> will publish records asynchronously. </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value>false</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> <adm:boolean /> </adm:syntax> @@ -69,17 +69,14 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="queue-size"> <adm:property name="queue-size" advanced="true"> <adm:synopsis> The maximum number of log records that can be stored in the asynchronous queue. </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value> 5000 </adm:value> <adm:value>5000</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -91,13 +88,15 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="log-file" mandatory="true"> <adm:synopsis> The file name to use for the log files generated by the <adm:user-friendly-name />. The path to the file is relative to the server root. <adm:user-friendly-name /> . </adm:synopsis> <adm:description> The path to the file is relative to the server root. </adm:description> <adm:requires-admin-action> <adm:component-restart /> </adm:requires-admin-action> @@ -110,22 +109,25 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="log-file-permissions" mandatory="true"> <adm:synopsis> The UNIX permissions of the log files created by this <adm:user-friendly-name />. <adm:user-friendly-name /> . </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value>640</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> <adm:string> <adm:pattern> <adm:regex> ^([0-7][0-7][0-7])$ </adm:regex> <adm:regex>^([0-7][0-7][0-7])$</adm:regex> <adm:usage>MODE</adm:usage> <adm:synopsis> An valid UNIX mode string. The mode string must contain three digits between zero and seven. An valid UNIX mode string. The mode string must contain three digits between zero and seven. </adm:synopsis> </adm:pattern> </adm:string> @@ -136,17 +138,14 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="time-interval"> <adm:property name="time-interval" advanced="true"> <adm:synopsis> This property specifies the interval to check whether the log files need to be rotated. Specifies the interval to check whether the log files need to be rotated. </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value> 5s </adm:value> <adm:value>5s</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -158,16 +157,11 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="buffer-size"> <adm:synopsis> This property specifies the log file buffer size. </adm:synopsis> <adm:property name="buffer-size" advanced="true"> <adm:synopsis>Specifies the log file buffer size.</adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value> 64kb </adm:value> <adm:value>64kb</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -179,18 +173,17 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="auto-flush"> <adm:property name="auto-flush" advanced="true"> <adm:synopsis> This property specifies whether to flush the writer after every log record. If the asynchronous writes option is used, the writer will be flushed after all the log records in the queue are written. Specifies whether to flush the writer after every log record. </adm:synopsis> <adm:description> If the asynchronous writes option is used, the writer will be flushed after all the log records in the queue are written. </adm:description> <adm:default-behavior> <adm:defined> <adm:value> true </adm:value> <adm:value>true</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -202,16 +195,13 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="append"> <adm:synopsis> This property specifies whether to append to existing log files. Specifies whether to append to existing log files. </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value> true </adm:value> <adm:value>true</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -223,13 +213,16 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="rotation-policy" multi-valued="true"> <adm:synopsis> The rotation policy to use for the <adm:user-friendly-name />. When multiple policies are used, rotation will occur if any policy's conditions are met. The rotation policy to use for the <adm:user-friendly-name /> . </adm:synopsis> <adm:description> When multiple policies are used, rotation will occur if any policy's conditions are met. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> @@ -247,17 +240,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="retention-policy" multi-valued="true"> <adm:synopsis> The retention policy to use for the <adm:user-friendly-name />. When multiple policies are used, log files will be cleaned when any of the policy's conditions are met The retention policy to use for the <adm:user-friendly-name /> . </adm:synopsis> <adm:description> When multiple policies are used, log files will be cleaned when any of the policy's conditions are met. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> No retention policy is used and log files will never be cleaned. No retention policy is used and log files will never be cleaned. </adm:synopsis> </adm:alias> </adm:default-behavior> opends/src/admin/defn/org/opends/server/admin/std/FileBasedErrorLogPublisherConfiguration.xml
@@ -25,26 +25,22 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="file-based-error-log-publisher" plural-name="file-based-error-log-publishers" package="org.opends.server.admin.std" extends="error-log-publisher" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-plural-name /> publish error messages to the file system. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-file-based-error-log-publisher</ldap:name> <ldap:superior>ds-cfg-error-log-publisher</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -53,13 +49,17 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="asynchronous" mandatory="true"> <adm:property name="asynchronous" mandatory="true" advanced="true"> <adm:synopsis> Indicate whether the <adm:user-friendly-name /> will publish records asynchronously. </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value>false</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> <adm:boolean /> </adm:syntax> @@ -69,17 +69,14 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="queue-size"> <adm:property name="queue-size" advanced="true"> <adm:synopsis> The maximum number of log records that can be stored in the asynchronous queue. </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value> 5000 </adm:value> <adm:value>5000</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -91,13 +88,15 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="log-file" mandatory="true"> <adm:synopsis> The file name to use for the log files generated by the <adm:user-friendly-name />. The path to the file is relative to the server root. <adm:user-friendly-name /> . </adm:synopsis> <adm:description> The path to the file is relative to the server root. </adm:description> <adm:requires-admin-action> <adm:component-restart /> </adm:requires-admin-action> @@ -113,18 +112,22 @@ <adm:property name="log-file-permissions" mandatory="true"> <adm:synopsis> The UNIX permissions of the log files created by this <adm:user-friendly-name />. <adm:user-friendly-name /> . </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value>640</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> <adm:string> <adm:pattern> <adm:regex> ^([0-7][0-7][0-7])$ </adm:regex> <adm:regex>^([0-7][0-7][0-7])$</adm:regex> <adm:usage>MODE</adm:usage> <adm:synopsis> An valid UNIX mode string. The mode string must contain three digits between zero and seven. An valid UNIX mode string. The mode string must contain three digits between zero and seven. </adm:synopsis> </adm:pattern> </adm:string> @@ -135,17 +138,14 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="time-interval"> <adm:property name="time-interval" advanced="true"> <adm:synopsis> This property specifies the interval to check whether the log files need to be rotated. Specifies the interval to check whether the log files need to be rotated. </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value> 5s </adm:value> <adm:value>5s</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -157,16 +157,11 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="buffer-size"> <adm:synopsis> This property specifies the log file buffer size. </adm:synopsis> <adm:property name="buffer-size" advanced="true"> <adm:synopsis>Specifies the log file buffer size.</adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value> 64kb </adm:value> <adm:value>64kb</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -178,18 +173,17 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="auto-flush"> <adm:property name="auto-flush" advanced="true"> <adm:synopsis> This property specifies whether to flush the writer after every log record. If the asynchronous writes option is used, the writer will be flushed after all the log records in the queue are written. Specifies whether to flush the writer after every log record. </adm:synopsis> <adm:description> If the asynchronous writes option is used, the writer will be flushed after all the log records in the queue are written. </adm:description> <adm:default-behavior> <adm:defined> <adm:value> true </adm:value> <adm:value>true</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -201,16 +195,13 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="append"> <adm:synopsis> This property specifies whether to append to existing log files. Specifies whether to append to existing log files. </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value> true </adm:value> <adm:value>true</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -222,13 +213,16 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="rotation-policy" multi-valued="true"> <adm:synopsis> The rotation policy to use for the <adm:user-friendly-name />. When multiple policies are used, rotation will occur if any policy's conditions are met. The rotation policy to use for the <adm:user-friendly-name /> . </adm:synopsis> <adm:description> When multiple policies are used, rotation will occur if any policy's conditions are met. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> @@ -246,17 +240,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="retention-policy" multi-valued="true"> <adm:synopsis> The retention policy to use for the <adm:user-friendly-name />. When multiple policies are used, log files will be cleaned when any of the policy's conditions are met The retention policy to use for the <adm:user-friendly-name /> . </adm:synopsis> <adm:description> When multiple policies are used, log files will be cleaned when any of the policy's conditions are met. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> No retention policy is used and log files will never be cleaned. No retention policy is used and log files will never be cleaned. </adm:synopsis> </adm:alias> </adm:default-behavior> opends/src/admin/defn/org/opends/server/admin/std/FileBasedKeyManagerProviderConfiguration.xml
@@ -25,34 +25,46 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="file-based-key-manager-provider" plural-name="file-based-key-manager-providers" package="org.opends.server.admin.std" extends="key-manager-provider" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:TODO> The key manager must be able to get a pin from somewhere. It looks in property, then an environment variable, then a file, and finally in a configuration attribute. At least one must be present. Can we express this ordering and this "at least one" constraint? Perhaps support a "one-of" element which can be used to group a set of properties. </adm:TODO> <adm:synopsis> The <adm:user-friendly-name /> provider accesses key information in a file on the local filesystem. </adm:synopsis> <adm:description> Multiple file formats may be supported, depending on the providers supported by the underlying Java runtime. </adm:description> <adm:constraint> <adm:synopsis> The key store pin must be specified using one of the key-store-pin properties when the <adm:user-friendly-name /> is enabled. </adm:synopsis> <adm:condition> <adm:implies> <adm:contains property="enabled" value="true" /> <adm:or> <adm:is-present property="key-store-pin-property" /> <adm:is-present property="key-store-pin-environment-variable" /> <adm:is-present property="key-store-pin-file" /> <adm:is-present property="key-store-pin" /> </adm:or> </adm:implies> </adm:condition> </adm:constraint> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-file-based-key-manager-provider</ldap:name> <ldap:superior>ds-cfg-key-manager-provider</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> opends/src/admin/defn/org/opends/server/admin/std/FileBasedTrustManagerProviderConfiguration.xml
@@ -25,34 +25,27 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="file-based-trust-manager-provider" plural-name="file-based-trust-manager-providers" package="org.opends.server.admin.std" extends="trust-manager-provider" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:TODO> Some trust managers may require access to a PIN. In such cases, it will look in property, then an environment variable, then a file, and finally in a configuration attribute. At least one must be present. Can we express this ordering and this "at least one" constraint? Perhaps support a "one-of" element which can be used to group a set of properties. </adm:TODO> <adm:synopsis> The <adm:user-friendly-name /> provider accesses key information in a file on the local filesystem. </adm:synopsis> <adm:description> Multiple file formats may be supported, depending on the providers supported by the underlying Java runtime. </adm:synopsis> </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-file-based-trust-manager-provider</ldap:name> <ldap:superior>ds-cfg-trust-manager-provider</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -64,9 +57,8 @@ <adm:property name="trust-store-file" mandatory="true"> <adm:TODO>Should use a file-based property definition?</adm:TODO> <adm:synopsis> Specifies the path to the file containing the trust information. It may be an absolute path, or a path that is relative to the Specifies the path to the file containing the trust information. It may be an absolute path, or a path that is relative to the <adm:product-name /> instance root. </adm:synopsis> opends/src/admin/defn/org/opends/server/admin/std/FileCountLogRetentionPolicyConfiguration.xml
@@ -25,27 +25,21 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="file-count-log-retention-policy" <adm:managed-object name="file-count-log-retention-policy" plural-name="file-count-log-retention-policies" package="org.opends.server.admin.std" extends="log-retention-policy" package="org.opends.server.admin.std" extends="log-retention-policy" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> Retention policy based on the number of rotated log files on disk. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-file-count-log-retention-policy</ldap:name> <ldap:superior>ds-cfg-log-retention-policy</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -54,10 +48,10 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="number-of-files" mandatory="true"> <adm:synopsis> Number of log files to retain before the oldest ones will be cleaned. Number of log files to retain before the oldest ones will be cleaned. </adm:synopsis> <adm:syntax> <adm:integer lower-limit="1" /> @@ -69,4 +63,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,61 +25,52 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="file-system-entry-cache" <adm:managed-object name="file-system-entry-cache" plural-name="file-system-entry-caches" package="org.opends.server.admin.std" extends="entry-cache" package="org.opends.server.admin.std" extends="entry-cache" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap" > xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name/> is an entry cache implementation which uses a JE database to keep track of the entries. The <adm:user-friendly-name /> is an entry cache implementation which uses a JE database to keep track of the entries. </adm:synopsis> <adm:description> For the best performance the JE database should reside in a memory based file system, although any file system will do for this cache to function. Entries are maintained either by FIFO (default) or LRU (configurable) based list implementation. Cache sizing is based on the size or percentage of free space available in the file system, such that if enough memory is free, then adding an entry to the cache will not require purging, but if more than a specified percentage of the file system available space is already consumed, then one or more entries will need to be removed in order to make room for a new entry. It is also possible to configure a maximum number of entries for the cache. If this is specified, then the number of entries will not be allowed to exceed this value, but it may not be possible to hold this many entries if the available memory fills up first. Other configurable parameters for this cache include the maximum length of time to block while waiting to acquire a lock, and a set of filters that may be used to define criteria for determining which entries are stored in the cache. If a set of filters are provided then an entry must match at least one of them in order to be stored in the cache. JE environment cache size can also be configured either as percentage of the free memory available in the JVM, or as an absolute size in bytes. This cache has a persistence property which, if enabled, allows for the contents of the cache to persist across server or cache restarts. For the best performance the JE database should reside in a memory based file system, although any file system will do for this cache to function. Entries are maintained either by FIFO (default) or LRU (configurable) based list implementation. Cache sizing is based on the size or percentage of free space available in the file system, such that if enough memory is free, then adding an entry to the cache will not require purging, but if more than a specified percentage of the file system available space is already consumed, then one or more entries will need to be removed in order to make room for a new entry. It is also possible to configure a maximum number of entries for the cache. If this is specified, then the number of entries will not be allowed to exceed this value, but it may not be possible to hold this many entries if the available memory fills up first. Other configurable parameters for this cache include the maximum length of time to block while waiting to acquire a lock, and a set of filters that may be used to define criteria for determining which entries are stored in the cache. If a set of filters are provided then an entry must match at least one of them in order to be stored in the cache. JE environment cache size can also be configured either as percentage of the free memory available in the JVM, or as an absolute size in bytes. This cache has a persistence property which, if enabled, allows for the contents of the cache to persist across server or cache restarts. </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-file-system-entry-cache</ldap:name> <ldap:superior>ds-cfg-entry-cache</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="lock-timeout"> <adm:property name="lock-timeout" advanced="true"> <adm:synopsis> The length of time in milliseconds to wait while attempting to acquire a read or write lock. The length of time to wait while attempting to acquire a read or write lock. </adm:synopsis> <adm:default-behavior> <adm:defined> @@ -95,7 +86,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="max-memory-size"> <adm:synopsis> The maximum size of the entry cache in bytes. @@ -114,7 +104,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="max-entries"> <adm:synopsis> The maximum number of entries allowed in the cache. @@ -133,11 +122,10 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="cache-type"> <adm:synopsis> Specifies the policy which should be used for purging entries from the cache. FIFO by default and LRU as configurable. Specifies the policy which should be used for purging entries from the cache. </adm:synopsis> <adm:requires-admin-action> <adm:component-restart/> @@ -150,14 +138,10 @@ <adm:syntax> <adm:enumeration> <adm:value name="fifo"> <adm:synopsis> FIFO based entry cache. </adm:synopsis> <adm:synopsis>FIFO based entry cache.</adm:synopsis> </adm:value> <adm:value name="lru"> <adm:synopsis> LRU based entry cache. </adm:synopsis> <adm:synopsis>LRU based entry cache.</adm:synopsis> </adm:value> </adm:enumeration> </adm:syntax> @@ -167,11 +151,10 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="cache-directory"> <adm:property name="cache-directory" mandatory="true"> <adm:synopsis> Specifies the directory in which the JE environment should store the cache. Specifies the directory in which the JE environment should store the cache. </adm:synopsis> <adm:requires-admin-action> <adm:component-restart/> @@ -190,7 +173,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="persistent-cache"> <adm:synopsis> Specifies whether the cache should persist across restarts. @@ -209,20 +191,22 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="compact-encoding"> <adm:synopsis> Indicates whether the cache should use a compact form when encoding cache entries by compressing the attribute descriptions and object class sets. Note that compression does not preserve user-supplied capitalization in the object class and attribute type names. Indicates whether the cache should use a compact form when encoding cache entries by compressing the attribute descriptions and object class sets. </adm:synopsis> <adm:description> Note that compression does not preserve user-supplied capitalization in the object class and attribute type names. </adm:description> <adm:requires-admin-action> <adm:none> <adm:synopsis> Changing this property will only affect the encoding of the cache entries put in the cache after the change is made. It will not be retroactively applied to existing cache entries. Changing this property will only affect the encoding of the cache entries put in the cache after the change is made. It will not be retroactively applied to existing cache entries. </adm:synopsis> </adm:none> </adm:requires-admin-action> @@ -240,7 +224,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="db-cache-percent"> <adm:synopsis> The maximum memory usage for the internal JE cache as a percentage @@ -260,7 +243,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="db-cache-size"> <adm:synopsis> The maximum JVM memory usage in bytes for the internal JE cache. @@ -279,20 +261,19 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="je-property" multi-valued="true"> <adm:property name="je-property" multi-valued="true" advanced="true"> <adm:synopsis> Specifies the environment properties for the Berkeley DB Java Edition database providing the backend for this entry cache. </adm:synopsis> <adm:description> Any Berkeley DB Java Edition property can be specified using the following form: property-name=property-value Refer to OpenDS documentation for further information on related properties, their implications and range values. The definitive identification of all the property parameters available in the example.properties file of Berkeley DB Java Edition distribution. following form: property-name=property-value Refer to OpenDS documentation for further information on related properties, their implications and range values. The definitive identification of all the property parameters available in the example.properties file of Berkeley DB Java Edition distribution. </adm:description> <adm:default-behavior> <adm:defined> @@ -313,11 +294,9 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property-reference name="include-filter"/> <adm:property-reference name="exclude-filter"/> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -326,5 +305,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object> opends/src/admin/defn/org/opends/server/admin/std/FingerprintCertificateMapperConfiguration.xml
@@ -25,28 +25,24 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="fingerprint-certificate-mapper" plural-name="fingerprint-certificate-mappers" package="org.opends.server.admin.std" extends="certificate-mapper" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> maps client certificates to user entries by looking for the MD5 or SHA1 fingerprint in a specified attribute of user entries. maps client certificates to user entries by looking for the MD5 or SHA1 fingerprint in a specified attribute of user entries. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-fingerprint-certificate-mapper</ldap:name> <ldap:superior>ds-cfg-certificate-mapper</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -55,14 +51,13 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="fingerprint-attribute" mandatory="true"> <adm:synopsis> Specifies the attribute in which to look for the fingerprint. </adm:synopsis> <adm:description> Specifies the name or OID of the attribute whose value should exactly match the MD5 or SHA1 representation of the certificate fingerprint. Values of the fingerprint attribute should exactly match the MD5 or SHA1 representation of the certificate fingerprint. </adm:description> <adm:syntax> <adm:attribute-type /> @@ -73,26 +68,23 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="fingerprint-algorithm" mandatory="true"> <adm:synopsis> Specifies the certificate fingerprint algorithm. Specifies the name of the digest algorithm which should be used to compute the fingerprint of client certificates. </adm:synopsis> <adm:description> Specifies the name of the digest algorithm that should be used to compute the fingerprint of client certificates. The value must be either "MD5" or "SHA1". </adm:description> <adm:syntax> <adm:enumeration> <adm:value name="md5"> <adm:synopsis> Use the MD5 digest algorithm to compute certificate fingerprints. Use the MD5 digest algorithm to compute certificate fingerprints. </adm:synopsis> </adm:value> <adm:value name="sha1"> <adm:synopsis> Use the SHA-1 digest algorithm to compute certificate fingerprints. Use the SHA-1 digest algorithm to compute certificate fingerprints. </adm:synopsis> </adm:value> </adm:enumeration> @@ -103,20 +95,19 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="user-base-dn" mandatory="false" multi-valued="true"> <adm:property name="user-base-dn" multi-valued="true"> <adm:synopsis> Specifies the set of base DNs below which to search for users. </adm:synopsis> <adm:description> Specifies the base DN(s) that should be used when performing searches to map the client certificate to a user entry. If no values are provided, then the server will search below all public naming contexts. The base DNs will be used when performing searches to map the client certificates to a user entry. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> The server will perform the search in all public naming contexts. The server will perform the search in all public naming contexts. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -130,4 +121,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,27 +25,21 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="fixed-time-log-rotation-policy" <adm:managed-object name="fixed-time-log-rotation-policy" plural-name="fixed-time-log-rotation-policies" package="org.opends.server.admin.std" extends="log-rotation-policy" package="org.opends.server.admin.std" extends="log-rotation-policy" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> Rotation policy based on fixed time of day. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-fixed-time-log-rotation-policy</ldap:name> <ldap:superior>ds-cfg-log-rotation-policy</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -54,17 +48,15 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="time-of-day" multi-valued="true" mandatory="true"> <adm:property name="time-of-day" multi-valued="true" mandatory="true"> <adm:synopsis> The time of day which log rotation should occur. </adm:synopsis> <adm:syntax> <adm:string> <adm:pattern> <adm:regex> ^(([0-1][0-9])|([2][0-3]))([0-5][0-9])$ </adm:regex> <adm:regex>^(([0-1][0-9])|([2][0-3]))([0-5][0-9])$</adm:regex> <adm:usage>HHmm</adm:usage> <adm:synopsis> 24 hour time of day in HHmm format. @@ -79,4 +71,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,28 +25,24 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="free-disk-space-log-retention-policy" <adm:managed-object name="free-disk-space-log-retention-policy" plural-name="free-disk-space-log-retention-policies" package="org.opends.server.admin.std" extends="log-retention-policy" package="org.opends.server.admin.std" extends="log-retention-policy" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> Retention policy based on the free disk space available. This policy is only available on Java 6. </adm:synopsis> <adm:description> This policy is only available on Java 6. </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-free-disk-space-log-retention-policy</ldap:name> <ldap:superior>ds-cfg-log-retention-policy</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -55,11 +51,8 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="free-disk-space" mandatory="true"> <adm:synopsis> The size of free disk space needed. </adm:synopsis> <adm:synopsis>The size of free disk space needed.</adm:synopsis> <adm:syntax> <adm:size lower-limit="1" /> </adm:syntax> @@ -70,4 +63,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,7 +25,6 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="gssapi-sasl-mechanism-handler" plural-name="gssapi-sasl-mechanism-handlers" package="org.opends.server.admin.std" extends="sasl-mechanism-handler" @@ -34,8 +33,8 @@ <adm:synopsis> The <adm:user-friendly-name /> is used to perform all processing related to SASL GSSAPI authentication using Kerberos V5. is used to perform all processing related to SASL GSSAPI authentication using Kerberos V5. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> @@ -43,7 +42,7 @@ <ldap:superior>ds-cfg-sasl-mechanism-handler</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -52,22 +51,15 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="realm" mandatory="false"> <adm:property name="realm"> <adm:synopsis> Specifies the realm that should be used for GSSAPI authentication. </adm:synopsis> <adm:description> Specifies the realm that should be used by the server for GSSAPI authentication. If this is not provided, then the server will attempt to determine the realm from the Kerberos configuration of the underlying system. Changes to this configuration attribute will take effect immediately. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> The server will attempt to determine the realm from the underlying system configuration. The server will attempt to determine the realm from the underlying system configuration. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -80,17 +72,13 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="kdc-address" mandatory="false"> <adm:property name="kdc-address"> <adm:synopsis> Specifies the address of the KDC that should be used for Kerberos processing. </adm:synopsis> <adm:description> Specifies the address of the KDC that should be used for Kerberos processing. If provided, this should be a fully-qualified DNS-resolvable name. If this is not provided, then the server will attempt to determine the KDC address from the Kerberos configuration of the underlying system. Changes to this configuration attribute will take effect immediately. If provided, this should be a fully-qualified DNS-resolvable name. </adm:description> <adm:default-behavior> <adm:alias> @@ -109,18 +97,14 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="keytab" mandatory="false"> <adm:property name="keytab"> <adm:synopsis> Specifies the path to the keytab file that should be used for Kerberos processing. Specifies the path to the keytab file that should be used for Kerberos processing. </adm:synopsis> <adm:description> Specifies the path to the keytab file that should be used for Kerberos processing. If provided, this should be either an absolute path or one that is relative to the server instance root. If this is not provided, then the server will attempt to use the default keytab from the underlying system configuration. Changes to this configuration attribute will take effect immediately. If provided, this should be either an absolute path or one that is relative to the server instance root. </adm:description> <adm:default-behavior> <adm:alias> @@ -138,21 +122,16 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="server-fqdn" mandatory="false"> <adm:property name="server-fqdn"> <adm:synopsis> Specifies the fully-qualified domain name for the system. Specifies the DNS-resolvable fully-qualified domain name for the system. </adm:synopsis> <adm:description> Specifies the DNS-resolvable fully-qualified domain name for the system. If this is not provided, then the server will attempt to determine this dynamically. Changes to this configuration attribute will take effect immediately. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> The server will attempt to dynamically determine the fully-qualified domain name. The server will attempt to dynamically determine the fully-qualified domain name. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -188,4 +167,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,29 +25,27 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="get-connection-id-extended-operation-handler" <adm:managed-object name="get-connection-id-extended-operation-handler" plural-name="get-connection-id-extended-operation-handlers" package="org.opends.server.admin.std" extends="extended-operation-handler" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> provides a mechanism for clients to obtain the internal connection ID that the server uses to reference their client connection. The <adm:user-friendly-name /> provides a mechanism for clients to obtain the internal connection ID that the server uses to reference their client connection. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-get-connection-id-extended-operation-handler</ldap:name> <ldap:name> ds-cfg-get-connection-id-extended-operation-handler </ldap:name> <ldap:superior>ds-cfg-extended-operation-handler</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -56,6 +54,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,29 +25,28 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="get-symmetric-key-extended-operation-handler" <adm:managed-object name="get-symmetric-key-extended-operation-handler" plural-name="get-symmetric-key-extended-operation-handlers" package="org.opends.server.admin.std" extends="extended-operation-handler" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> provides support for the get symmetric key extended operation, which is used by the OpenDS cryptographic framework for creating and obtaining symmetric encryption keys. The <adm:user-friendly-name /> provides support for the get symmetric key extended operation, which is used by the OpenDS cryptographic framework for creating and obtaining symmetric encryption keys. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-get-symmetric-key-extended-operation-handler</ldap:name> <ldap:name> ds-cfg-get-symmetric-key-extended-operation-handler </ldap:name> <ldap:superior>ds-cfg-extended-operation-handler</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -56,6 +55,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,18 +25,14 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="global" plural-name="globals" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:user-friendly-name>Global Configuration</adm:user-friendly-name> <adm:user-friendly-plural-name> Global Configurations </adm:user-friendly-plural-name> <adm:synopsis> The global configuration contains properties that affect the overall operation of the @@ -44,26 +40,28 @@ . </adm:synopsis> <adm:tag name="core"/> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-root-config</ldap:name> <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="check-schema" mandatory="true"> <adm:property name="check-schema" advanced="true"> <adm:synopsis> Indicates whether schema enforcement is active. </adm:synopsis> <adm:description> This property indicates whether the <adm:product-name /> should ensure that all operations result in entries that are valid When schema enforcement is activate the Directory Server will ensure that all operations result in entries that are valid according to the defined server schema. It is strongly recommended that this option be left enabled to prevent the inadvertent addition of invalid data into the server. </adm:description> <adm:default-behavior> <adm:defined> <adm:value>true</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> <adm:boolean /> </adm:syntax> @@ -73,7 +71,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="default-password-policy" mandatory="true"> <adm:synopsis> Specifies the name of the password policy that will be in effect @@ -89,18 +86,15 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="add-missing-rdn-attributes" mandatory="false"> <adm:property name="add-missing-rdn-attributes" advanced="true"> <adm:synopsis> Indicates whether the Directory Server should automatically add any attribute values contained in the entry's RDN into that entry when processing an add request. Indicates whether the Directory Server should automatically add any attribute values contained in the entry's RDN into that entry when processing an add request. </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value> true </adm:value> <adm:value>true</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -112,18 +106,17 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="allow-attribute-name-exceptions" mandatory="false"> <adm:property name="allow-attribute-name-exceptions" advanced="true"> <adm:synopsis> Indicates whether the Directory Server should allow the use of underscores in attribute names, and should allow attribute names to begin with numeric digits (both of which are violations of the LDAP standards). Indicates whether the Directory Server should allow the use of underscores in attribute names, and should allow attribute names to begin with numeric digits (both of which are violations of the LDAP standards). </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value> false </adm:value> <adm:value>false</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -135,41 +128,40 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="invalid-attribute-syntax-behavior" mandatory="false"> <adm:property name="invalid-attribute-syntax-behavior" advanced="true"> <adm:synopsis> Specifies how the Directory Server should handle operations which would result in an attribute value that violates the associated attribute syntax. Specifies how the Directory Server should handle operations which would result in an attribute value that violates the associated attribute syntax. </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value> reject </adm:value> <adm:value>reject</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> <adm:enumeration> <adm:value name="accept"> <adm:synopsis> The Directory Server will silently accept attribute values that are invalid according to their associated syntax. Matching operations targeting those values may not behave as expected. The Directory Server will silently accept attribute values that are invalid according to their associated syntax. Matching operations targeting those values may not behave as expected. </adm:synopsis> </adm:value> <adm:value name="reject"> <adm:synopsis> The Directory Server will reject attribute values that are invalid according to their associated syntax. The Directory Server will reject attribute values that are invalid according to their associated syntax. </adm:synopsis> </adm:value> <adm:value name="warn"> <adm:synopsis> The Directory Server will accept attribute values that are invalid according to their associated syntax, but will also log a warning message to the error log. Matching operations targeting those values may not behave as expected. The Directory Server will accept attribute values that are invalid according to their associated syntax, but will also log a warning message to the error log. Matching operations targeting those values may not behave as expected. </adm:synopsis> </adm:value> </adm:enumeration> @@ -180,17 +172,15 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="server-error-result-code" mandatory="false"> <adm:property name="server-error-result-code" advanced="true"> <adm:synopsis> Specifies the numeric value of the result code that should be used for cases in which request processing fails due to an internal server error. Specifies the numeric value of the result code that should be used for cases in which request processing fails due to an internal server error. </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value> 80 </adm:value> <adm:value>80</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -202,42 +192,41 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="single-structural-objectclass-behavior" mandatory="false"> <adm:property name="single-structural-objectclass-behavior" advanced="true"> <adm:synopsis> Specifies how the Directory Server should handle operations which would result in an entry without any structural object class, or that would result in an entry containing multiple structural classes. Specifies how the Directory Server should handle operations which would result in an entry without any structural object class, or that would result in an entry containing multiple structural classes. </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value> reject </adm:value> <adm:value>reject</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> <adm:enumeration> <adm:value name="accept"> <adm:synopsis> The Directory Server will silently accept entries that do not contain exactly one structural object class. Certain schema features that depend on the entry's structural class may not behave as expected. The Directory Server will silently accept entries that do not contain exactly one structural object class. Certain schema features that depend on the entry's structural class may not behave as expected. </adm:synopsis> </adm:value> <adm:value name="reject"> <adm:synopsis> The Directory Server will reject entries that do not contain exactly one structural object class. The Directory Server will reject entries that do not contain exactly one structural object class. </adm:synopsis> </adm:value> <adm:value name="warn"> <adm:synopsis> The Directory Server will accept entries that do not contain exactly one structural object class, but will also log a warning message to the error log. Certain schema features that depend on the entry's structural class may not behave The Directory Server will accept entries that do not contain exactly one structural object class, but will also log a warning message to the error log. Certain schema features that depend on the entry's structural class may not behave as expected. </adm:synopsis> </adm:value> @@ -245,24 +234,26 @@ </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> <ldap:name>ds-cfg-single-structural-objectclass-behavior</ldap:name> <ldap:name> ds-cfg-single-structural-objectclass-behavior </ldap:name> </ldap:attribute> </adm:profile> </adm:property> <adm:property name="notify-abandoned-operations" mandatory="false"> <adm:property name="notify-abandoned-operations" advanced="true"> <adm:synopsis> Indicates whether the Directory Server should send a response to any operation that is interrupted via an abandon request. The LDAP specification states that abandoned operations should not receive any response, but this may cause problems with client applications that always expect to receive a response to each request. Indicates whether the Directory Server should send a response to any operation that is interrupted via an abandon request. </adm:synopsis> <adm:description> The LDAP specification states that abandoned operations should not receive any response, but this may cause problems with client applications that always expect to receive a response to each request. </adm:description> <adm:default-behavior> <adm:defined> <adm:value> false </adm:value> <adm:value>false</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -274,20 +265,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="size-limit" mandatory="false"> <adm:property name="size-limit"> <adm:synopsis> Specifies the maximum number of entries that the Directory Server should return to the client in the course of processing a search operation. A value of 0 indicates that no size limit will be enforced. Note that this is the default server-wide limit, but it may be overridden on a per-user basis using the ds-rlim-size-limit operational attribute. Specifies the maximum number of entries that the Directory Server should return to the client in the course of processing a search operation. </adm:synopsis> <adm:description> A value of 0 indicates that no size limit will be enforced. Note that this is the default server-wide limit, but it may be overridden on a per-user basis using the ds-rlim-size-limit operational attribute. </adm:description> <adm:default-behavior> <adm:defined> <adm:value> 1000 </adm:value> <adm:value>1000</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -299,20 +291,20 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="time-limit" mandatory="false"> <adm:property name="time-limit"> <adm:synopsis> Specifies the maximum length of time that the Directory Server should spend processing a search operation. A value of 0 seconds indicates that no time limit will be enforced. Note that this is the default server-wide time limit, but it may be overridden on a per-user basis using the ds-rlim-time-limit operational attribute. Specifies the maximum length of time that the Directory Server should spend processing a search operation. </adm:synopsis> <adm:description> A value of 0 seconds indicates that no time limit will be enforced. Note that this is the default server-wide time limit, but it may be overridden on a per-user basis using the ds-rlim-time-limit operational attribute. </adm:description> <adm:default-behavior> <adm:defined> <adm:value> 60 seconds </adm:value> <adm:value>60 seconds</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -324,7 +316,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="proxied-authorization-identity-mapper" mandatory="true"> <adm:synopsis> @@ -342,42 +333,43 @@ </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> <ldap:name>ds-cfg-proxied-authorization-identity-mapper</ldap:name> <ldap:name> ds-cfg-proxied-authorization-identity-mapper </ldap:name> </ldap:attribute> </adm:profile> </adm:property> <adm:property name="writability-mode" mandatory="false"> <adm:property name="writability-mode"> <adm:synopsis> Specifies which kinds of write operations the Directory Server should attempt to process. Specifies which kinds of write operations the Directory Server should attempt to process. </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value> enabled </adm:value> <adm:value>enabled</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> <adm:enumeration> <adm:value name="enabled"> <adm:synopsis> The Directory Server will attempt to process all write operations that are requested of it, regardless of their origin. The Directory Server will attempt to process all write operations that are requested of it, regardless of their origin. </adm:synopsis> </adm:value> <adm:value name="disabled"> <adm:synopsis> The Directory Server will reject all write operations that are requested of it, regardless of their origin. The Directory Server will reject all write operations that are requested of it, regardless of their origin. </adm:synopsis> </adm:value> <adm:value name="internal-only"> <adm:synopsis> The Directory Server will attempt to process write operations requested as internal operations or through synchronization, but will reject any such operations requested from external clients. The Directory Server will attempt to process write operations requested as internal operations or through synchronization, but will reject any such operations requested from external clients. </adm:synopsis> </adm:value> </adm:enumeration> @@ -388,19 +380,17 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="reject-unauthenticated-requests" mandatory="false"> <adm:property name="reject-unauthenticated-requests"> <adm:synopsis> Indicates whether the Directory Server should reject any request (other than bind or StartTLS requests) received from a client that has not yet authenticated, whose last authentication attempt was unsuccessful, or whose last authentication attempt used anonymous authentication. Indicates whether the Directory Server should reject any request (other than bind or StartTLS requests) received from a client that has not yet authenticated, whose last authentication attempt was unsuccessful, or whose last authentication attempt used anonymous authentication. </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value> false </adm:value> <adm:value>false</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -412,21 +402,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="bind-with-dn-requires-password" mandatory="false"> <adm:property name="bind-with-dn-requires-password"> <adm:synopsis> Indicates whether the Directory Server should reject any simple bind request that contains a DN but no password. Although such bind requests are technically allowed by the LDAPv3 specification (and should be treated as anonymous simple authentication), they may introduce security problems in applications that do not verify that the client actually provided a password. Indicates whether the Directory Server should reject any simple bind request that contains a DN but no password. </adm:synopsis> <adm:description> Although such bind requests are technically allowed by the LDAPv3 specification (and should be treated as anonymous simple authentication), they may introduce security problems in applications that do not verify that the client actually provided a password. </adm:description> <adm:default-behavior> <adm:defined> <adm:value> true </adm:value> <adm:value>true</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -438,23 +428,23 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="lookthrough-limit" mandatory="false"> <adm:property name="lookthrough-limit"> <adm:synopsis> Specifies the maximum number of entries that the Directory Server should "look through" in the course of processing a search request. This includes any entry that the server must examine in the course of processing the request, regardless of whether it actually matches the search criteria. A value of 0 indicates that no lookthrough limit will be enforced. Note that this is the default server-wide limit, but it may be overridden on a per-user basis using the ds-rlim-lookthrough-limit operational attribute. Specifies the maximum number of entries that the Directory Server should "look through" in the course of processing a search request. </adm:synopsis> <adm:description> This includes any entry that the server must examine in the course of processing the request, regardless of whether it actually matches the search criteria. A value of 0 indicates that no lookthrough limit will be enforced. Note that this is the default server-wide limit, but it may be overridden on a per-user basis using the ds-rlim-lookthrough-limit operational attribute. </adm:description> <adm:default-behavior> <adm:defined> <adm:value> 5000 </adm:value> <adm:value>5000</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -466,24 +456,35 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="smtp-server" mandatory="false" multi-valued="true"> <adm:property name="smtp-server" multi-valued="true"> <adm:synopsis> Specifies the address (and optional port number) for a mail server that can be used to send e-mail messages via SMTP. It may be an IP address or resolvable hostname, optionally followed by a colon and a port number. Specifies the address (and optional port number) for a mail server that can be used to send e-mail messages via SMTP. </adm:synopsis> <adm:description> It may be an IP address or resolvable hostname, optionally followed by a colon and a port number. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> If no values are defined, then it will not be possible to take advantage of server features that may provide the ability to send e-mail via SMTP. advantage of server features that may provide the ability to send e-mail via SMTP. </adm:synopsis> </adm:alias> </adm:default-behavior> <adm:syntax> <adm:string /> <adm:string> <adm:pattern> <adm:regex>^.+(:[0-9]+)?$</adm:regex> <adm:usage>HOST[:PORT]</adm:usage> <adm:synopsis> A hostname, optionally followed by a ":" followed by a port number. </adm:synopsis> </adm:pattern> </adm:string> </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> @@ -491,18 +492,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="allowed-task" mandatory="false" multi-valued="true"> <adm:property name="allowed-task" advanced="true" multi-valued="true"> <adm:synopsis> Specifies the fully-qualified name of a Java class that may be invoked in the server. Any attempt to invoke a task not included in the list of allowed tasks will be rejected. Specifies the fully-qualified name of a Java class that may be invoked in the server. </adm:synopsis> <adm:description> Any attempt to invoke a task not included in the list of allowed tasks will be rejected. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> If no values are defined, then the server will not allow any tasks to be invoked. If no values are defined, then the server will not allow any tasks to be invoked. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -515,17 +519,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="disabled-privilege" mandatory="false" multi-valued="true"> <adm:property name="disabled-privilege" multi-valued="true"> <adm:synopsis> Specifies the name of a privilege that should not be evaluated by the server. If a privilege is disabled, then it will be assumed that all clients (including unauthenticated clients) will have that privilege. Specifies the name of a privilege that should not be evaluated by the server. </adm:synopsis> <adm:description> If a privilege is disabled, then it will be assumed that all clients (including unauthenticated clients) will have that privilege. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> If no values are defined, then the server will enforce all privileges. If no values are defined, then the server will enforce all privileges. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -533,14 +541,14 @@ <adm:enumeration> <adm:value name="bypass-acl"> <adm:synopsis> Allows the associated user to bypass access control checks performed by the server. Allows the associated user to bypass access control checks performed by the server. </adm:synopsis> </adm:value> <adm:value name="modify-acl"> <adm:synopsis> Allows the associated user to modify the server's access control configuration. Allows the associated user to modify the server's access control configuration. </adm:synopsis> </adm:value> <adm:value name="config-read"> @@ -550,8 +558,8 @@ </adm:value> <adm:value name="config-write"> <adm:synopsis> Allows the associated user to update the server configuration. The config-read privilege is also required. Allows the associated user to update the server configuration. The config-read privilege is also required. </adm:synopsis> </adm:value> <adm:value name="jmx-read"> @@ -572,24 +580,26 @@ </adm:value> <adm:value name="ldif-import"> <adm:synopsis> Allows the user to request that the server process LDIF import tasks. Allows the user to request that the server process LDIF import tasks. </adm:synopsis> </adm:value> <adm:value name="ldif-export"> <adm:synopsis> Allows the user to request that the server process LDIF export tasks. Allows the user to request that the server process LDIF export tasks. </adm:synopsis> </adm:value> <adm:value name="backend-backup"> <adm:synopsis> Allows the user to request that the server process backup tasks. Allows the user to request that the server process backup tasks. </adm:synopsis> </adm:value> <adm:value name="backend-restore"> <adm:synopsis> Allows the user to request that the server process restore tasks. Allows the user to request that the server process restore tasks. </adm:synopsis> </adm:value> <adm:value name="server-shutdown"> @@ -599,14 +609,15 @@ </adm:value> <adm:value name="server-restart"> <adm:synopsis> Allows the user to request that the server perform an in-core restart. Allows the user to request that the server perform an in-core restart. </adm:synopsis> </adm:value> <adm:value name="proxied-auth"> <adm:synopsis> Allows the user to use the proxied authorization control, or to perform a bind that specifies an alternate authorization identity. Allows the user to use the proxied authorization control, or to perform a bind that specifies an alternate authorization identity. </adm:synopsis> </adm:value> <adm:value name="disconnect-client"> @@ -616,8 +627,8 @@ </adm:value> <adm:value name="cancel-request"> <adm:synopsis> Allows the user to cancel operations in progress on other client connections. Allows the user to cancel operations in progress on other client connections. </adm:synopsis> </adm:value> <adm:value name="password-reset"> @@ -638,13 +649,14 @@ <adm:value name="privilege-change"> <adm:synopsis> Allows the user to make changes to the set of defined root privileges, as well as to grant and revoke privileges for users. privileges, as well as to grant and revoke privileges for users. </adm:synopsis> </adm:value> <adm:value name="unindexed-search"> <adm:synopsis> Allows the user to request that the server process a search that cannot be optimized using server indexes. Allows the user to request that the server process a search that cannot be optimized using server indexes. </adm:synopsis> </adm:value> </adm:enumeration> @@ -655,20 +667,20 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="return-bind-error-messages" mandatory="false"> <adm:property name="return-bind-error-messages"> <adm:synopsis> Indicates whether responses for failed bind operations should include a message string providing the reason for the authentication failure. Note that these messages may include information that could potentially be used by an attacker. If this option is disabled, then these messages will appear only in the server's access log. Indicates whether responses for failed bind operations should include a message string providing the reason for the authentication failure. </adm:synopsis> <adm:description> Note that these messages may include information that could potentially be used by an attacker. If this option is disabled, then these messages will appear only in the server's access log. </adm:description> <adm:default-behavior> <adm:defined> <adm:value> false </adm:value> <adm:value>false</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -680,13 +692,15 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="idle-time-limit" mandatory="false" multi-valued="false"> <adm:property name="idle-time-limit"> <adm:synopsis> Specifies the maximum length of time that a client connection may remain established since its last completed operation. A value of "0 seconds" indicates that no idle time limit will be enforced. Specifies the maximum length of time that a client connection may remain established since its last completed operation. </adm:synopsis> <adm:description> A value of "0 seconds" indicates that no idle time limit will be enforced. </adm:description> <adm:default-behavior> <adm:defined> <adm:value>0 seconds</adm:value> @@ -701,15 +715,17 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="save-config-on-successful-startup" mandatory="false"> <adm:property name="save-config-on-successful-startup"> <adm:synopsis> Indicates whether the Directory Server should save a copy of its configuration whenever the startup process completes successfully. This can ensure that the server provides a "last known good" configuration, which can be used as a reference (or copied into the active config) if the server fails to start with the current "active" configuration. configuration whenever the startup process completes successfully. </adm:synopsis> <adm:description> This can ensure that the server provides a "last known good" configuration, which can be used as a reference (or copied into the active config) if the server fails to start with the current "active" configuration. </adm:description> <adm:default-behavior> <adm:defined> <adm:value>true</adm:value> @@ -724,7 +740,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="workflow-configuration-mode"> <adm:synopsis> Specifies the workflow configuration mode (auto vs. manual). @@ -739,9 +754,9 @@ <adm:value name="auto"> <adm:synopsis> In the "auto" configuration mode there is no workflow configuration. The workflows are created automatically based on the backend configuration. There will be one workflow per backend base DN. configuration. The workflows are created automatically based on the backend configuration. There will be one workflow per backend base DN. </adm:synopsis> </adm:value> <adm:value name="manual"> @@ -758,6 +773,4 @@ </ldap:attribute> </adm:profile> </adm:property> </adm:managed-object>
@@ -25,28 +25,27 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="group-implementation" plural-name="group-implementations" package="org.opends.server.admin.std" abstract="false" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-plural-name /> define named collections of users. Different group implementations may have different ways of determining membership (e.g., it may explicitly list the members, and/or it may dynamically determine membership). define named collections of users. </adm:synopsis> <adm:description> Different group implementations may have different ways of determining membership (e.g., it may explicitly list the members, and/or it may dynamically determine membership). </adm:description> <adm:tag name="core"/> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-group-implementation</ldap:name> <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="enabled" mandatory="true"> <adm:synopsis> Indicate whether the @@ -62,7 +61,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="java-class" mandatory="true"> <adm:synopsis> The fully-qualified name of the Java class that provides the @@ -71,9 +69,7 @@ </adm:synopsis> <adm:syntax> <adm:java-class> <adm:instance-of> org.opends.server.api.Group </adm:instance-of> <adm:instance-of>org.opends.server.api.Group</adm:instance-of> </adm:java-class> </adm:syntax> <adm:profile name="ldap"> @@ -82,6 +78,4 @@ </ldap:attribute> </adm:profile> </adm:property> </adm:managed-object>
@@ -25,28 +25,24 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="has-subordinates-virtual-attribute" plural-name="has-subordinates-virtual-attributes" package="org.opends.server.admin.std" extends="virtual-attribute" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> may be used to generate a virtual attribute that indicates whether the entry has any subordinate entries. may be used to generate a virtual attribute that indicates whether the entry has any subordinate entries. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-has-subordinates-virtual-attribute</ldap:name> <ldap:superior>ds-cfg-virtual-attribute</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -55,16 +51,18 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property-override name="conflict-behavior"> <adm:property-override name="conflict-behavior" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> virtual-overrides-real </adm:value> <adm:value>virtual-overrides-real</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property-override name="attribute-type"> <adm:default-behavior> <adm:defined> <adm:value>hasSubordinates</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,16 +25,15 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="identity-mapper" plural-name="identity-mappers" package="org.opends.server.admin.std" abstract="true" plural-name="identity-mappers" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-plural-name /> are responsible for establishing a mapping between an identifier string and the entry for the user that corresponds to that identifier. are responsible for establishing a mapping between an identifier string and the entry for the user that corresponds to that identifier. </adm:synopsis> <adm:tag name="security"/> <adm:tag name="user-management"/> opends/src/admin/defn/org/opends/server/admin/std/IsMemberOfVirtualAttributeConfiguration.xml
@@ -25,28 +25,24 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="is-member-of-virtual-attribute" plural-name="is-member-of-virtual-attributes" package="org.opends.server.admin.std" extends="virtual-attribute" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> may be used to generate a virtual attribute that contains the DNs of the groups in which the user is a member. may be used to generate a virtual attribute that contains the DNs of the groups in which the user is a member. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-is-member-of-virtual-attribute</ldap:name> <ldap:superior>ds-cfg-virtual-attribute</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -55,16 +51,18 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property-override name="conflict-behavior"> <adm:property-override name="conflict-behavior" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> virtual-overrides-real </adm:value> <adm:value>virtual-overrides-real</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property-override name="attribute-type"> <adm:default-behavior> <adm:defined> <adm:value>isMemberOf</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,27 +25,23 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="jmx-alert-handler" plural-name="jmx-alert-handlers" package="org.opends.server.admin.std" extends="alert-handler" xmlns:adm="http://www.opends.org/admin" <adm:managed-object name="jmx-alert-handler" plural-name="jmx-alert-handlers" package="org.opends.server.admin.std" extends="alert-handler" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> may be used to generate JMX notifications to alert administrators of significant events that occur within the server. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-jmx-alert-handler</ldap:name> <ldap:superior>ds-cfg-alert-handler</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -54,6 +50,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -40,13 +40,16 @@ <adm:synopsis> A Key Manager Provider must be specified when this <adm:user-friendly-name /> is configured to use SSL. is enabled and it is configured to use SSL. </adm:synopsis> <adm:condition> <adm:implies> <adm:contains property="enabled" value="true" /> <adm:implies> <adm:contains property="use-ssl" value="true" /> <adm:is-present property="key-manager-provider" /> </adm:implies> </adm:implies> </adm:condition> </adm:constraint> <adm:profile name="ldap"> @@ -55,7 +58,7 @@ <ldap:superior>ds-cfg-connection-handler</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -69,8 +72,10 @@ <adm:property-reference name="ssl-cert-nickname" /> <adm:property name="key-manager-provider"> <adm:synopsis> Specifies the name of the key manager that should be used with this <adm:user-friendly-name />. Specifies the name of the key manager that should be used with this <adm:user-friendly-name /> . </adm:synopsis> <adm:requires-admin-action> <adm:none> @@ -85,7 +90,8 @@ <adm:undefined /> </adm:default-behavior> <adm:syntax> <adm:aggregation relation-name="key-manager-provider" parent-path="/"> <adm:aggregation relation-name="key-manager-provider" parent-path="/"> <adm:target-needs-enabling-condition> <adm:and> <adm:contains property="enabled" value="true" /> opends/src/admin/defn/org/opends/server/admin/std/KeyManagerProviderConfiguration.xml
@@ -25,9 +25,9 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="key-manager-provider" plural-name="key-manager-providers" package="org.opends.server.admin.std" abstract="false" <adm:managed-object name="key-manager-provider" plural-name="key-manager-providers" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> opends/src/admin/defn/org/opends/server/admin/std/LDAPAttributeDescriptionListPluginConfiguration.xml
@@ -25,30 +25,31 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="ldap-attribute-description-list-plugin" plural-name="ldap-attribute-description-list-plugins" package="org.opends.server.admin.std" extends="plugin" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> is used to provide the ability to request that search result entries include all attributes that are included by a specified object class. For example, including a requested attribute of "@person" has the effect of requesting all attributes in the person object class. include all attributes that are included by a specified object class. </adm:synopsis> <adm:description> For example, including a requested attribute of "@person" has the effect of requesting all attributes in the person object class. </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-ldap-attribute-description-list-plugin</ldap:name> <ldap:name> ds-cfg-ldap-attribute-description-list-plugin </ldap:name> <ldap:superior>ds-cfg-plugin</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -57,14 +58,11 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property-override name="plugin-type"> <adm:property-override name="plugin-type" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value>preparsesearch</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -33,32 +33,28 @@ <adm:synopsis> The <adm:user-friendly-name /> is used to interact with clients using LDAP. In particular, it provides full support for LDAPv3 and limited support for LDAPv2. is used to interact with clients using LDAP. </adm:synopsis> <adm:description> In particular, it provides full support for LDAPv3 and limited support for LDAPv2. </adm:description> <adm:constraint> <adm:synopsis> A Key Manager Provider must be specified when this <adm:user-friendly-name /> is configured to use SSL. is enabled and it is configured to use SSL or StartTLS. </adm:synopsis> <adm:condition> <adm:implies> <adm:contains property="enabled" value="true" /> <adm:implies> <adm:or> <adm:contains property="use-ssl" value="true" /> <adm:contains property="allow-start-tls" value="true" /> </adm:or> <adm:is-present property="key-manager-provider" /> </adm:implies> </adm:condition> </adm:constraint> <adm:constraint> <adm:synopsis> A Key Manager Provider must be specified when this <adm:user-friendly-name /> is configured to allow StartTLS. </adm:synopsis> <adm:condition> <adm:implies> <adm:contains property="allow-start-tls" value="true" /> <adm:is-present property="key-manager-provider" /> </adm:implies> </adm:condition> </adm:constraint> @@ -66,25 +62,18 @@ <adm:synopsis> A Trust Manager Provider must be specified when this <adm:user-friendly-name /> is configured to use SSL. is enabled and it is configured to use SSL or StartTLS. </adm:synopsis> <adm:condition> <adm:implies> <adm:contains property="enabled" value="true" /> <adm:implies> <adm:or> <adm:contains property="use-ssl" value="true" /> <adm:contains property="allow-start-tls" value="true" /> </adm:or> <adm:is-present property="trust-manager-provider" /> </adm:implies> </adm:condition> </adm:constraint> <adm:constraint> <adm:synopsis> A Trust Manager Provider must be specified when this <adm:user-friendly-name /> is configured to allow StartTLS. </adm:synopsis> <adm:condition> <adm:implies> <adm:contains property="allow-start-tls" value="true" /> <adm:is-present property="trust-manager-provider" /> </adm:implies> </adm:condition> </adm:constraint> @@ -98,12 +87,15 @@ to be used. </adm:synopsis> <adm:condition> <adm:implies> <adm:contains property="enabled" value="true" /> <adm:not> <adm:and> <adm:contains property="use-ssl" value="true" /> <adm:contains property="allow-start-tls" value="true" /> </adm:and> </adm:not> </adm:implies> </adm:condition> </adm:constraint> <adm:profile name="ldap"> @@ -112,7 +104,7 @@ <ldap:superior>ds-cfg-connection-handler</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -288,7 +280,7 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="use-tcp-keep-alive"> <adm:property name="use-tcp-keep-alive" advanced="true"> <adm:synopsis> Indicates whether the <adm:user-friendly-name /> @@ -318,7 +310,7 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="use-tcp-no-delay"> <adm:property name="use-tcp-no-delay" advanced="true"> <adm:synopsis> Indicates whether the <adm:user-friendly-name /> @@ -348,7 +340,7 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="allow-tcp-reuse-address"> <adm:property name="allow-tcp-reuse-address" advanced="true"> <adm:synopsis> Indicates whether the <adm:user-friendly-name /> @@ -379,7 +371,7 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="send-rejection-notice"> <adm:property name="send-rejection-notice" advanced="true"> <adm:synopsis> Indicates whether the <adm:user-friendly-name /> @@ -404,7 +396,7 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="max-request-size"> <adm:property name="max-request-size" advanced="true"> <adm:synopsis> Specifies the size of the largest LDAP request message that will be allowed by this @@ -432,7 +424,7 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="num-request-handlers"> <adm:property name="num-request-handlers" advanced="true"> <adm:synopsis> Specifies the number of request handlers that will be used to read requests from clients. @@ -540,7 +532,7 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="accept-backlog"> <adm:property name="accept-backlog" advanced="true"> <adm:synopsis> Specifies the maximum number of pending connection attempts that will be allowed to queue up in the accept backlog before the @@ -635,13 +627,15 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="max-blocked-write-time-limit" mandatory="false"> <adm:property name="max-blocked-write-time-limit" advanced="true"> <adm:synopsis> Specifies the maximum length of time that attempts to write data to LDAP clients should be allowed to block. If an attempt to write data to a client takes longer than this length of time, then the client connection will be terminated. to LDAP clients should be allowed to block. </adm:synopsis> <adm:description> If an attempt to write data to a client takes longer than this length of time, then the client connection will be terminated. </adm:description> <adm:default-behavior> <adm:defined> <adm:value>2 minutes</adm:value> opends/src/admin/defn/org/opends/server/admin/std/LDIFBackendConfiguration.xml
@@ -25,43 +25,42 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="ldif-backend" plural-name="ldif-backends" package="org.opends.server.admin.std" extends="backend" package="org.opends.server.admin.std" extends="backend" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The LDIF backend provides a mechanism for interacting with data stored in an LDIF file. All basic LDAP operations are supported in the LDIF backend, although it has minimal support for custom controls. The LDIF backend provides a mechanism for interacting with data stored in an LDIF file. </adm:synopsis> <adm:description> All basic LDAP operations are supported in the LDIF backend, although it has minimal support for custom controls. </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-ldif-backend</ldap:name> <ldap:superior>ds-cfg-backend</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:requires-admin-action> <adm:component-restart /> </adm:requires-admin-action> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> org.opends.server.backends.LDIFBackend </adm:value> <adm:value>org.opends.server.backends.LDIFBackend</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="ldif-file" mandatory="true" multi-valued="false"> <adm:property-override name="writability-mode"> <adm:default-behavior> <adm:defined> <adm:value>enabled</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="ldif-file" mandatory="true"> <adm:synopsis> This specifies the path to the LDIF file containing the data for this backend. This specifies the path to the LDIF file containing the data for this backend. </adm:synopsis> <adm:requires-admin-action> <adm:component-restart /> @@ -75,13 +74,11 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="is-private-backend" mandatory="false" multi-valued="false"> <adm:property name="is-private-backend"> <adm:synopsis> This indicates whether the backend should be considered a private backend, which indicates that it is used for storing operational data rather than user-defined information. This indicates whether the backend should be considered a private backend, which indicates that it is used for storing operational data rather than user-defined information. </adm:synopsis> <adm:requires-admin-action> <adm:component-restart /> @@ -100,6 +97,4 @@ </ldap:attribute> </adm:profile> </adm:property> </adm:managed-object>
@@ -25,32 +25,30 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="ldif-connection-handler" plural-name="ldif-connection-handlers" package="org.opends.server.admin.std" extends="connection-handler" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> may be used to process changes in the server using internal operations, where the changes to process are read from an LDIF file. The connection handler will periodically look for the existence of a new file, will process the changes contained in that file as internal operations, and will write the result to an output file with comments indicating the result of the processing. may be used to process changes in the server using internal operations, where the changes to process are read from an LDIF file. </adm:synopsis> <adm:description> The connection handler will periodically look for the existence of a new file, will process the changes contained in that file as internal operations, and will write the result to an output file with comments indicating the result of the processing. </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-ldif-connection-handler</ldap:name> <ldap:superior>ds-cfg-connection-handler</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -59,11 +57,10 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="ldif-directory" mandatory="true" multi-valued="false"> <adm:property name="ldif-directory" mandatory="true"> <adm:synopsis> Specifies the path to the directory in which the LDIF files should be placed. Specifies the path to the directory in which the LDIF files should be placed. </adm:synopsis> <adm:default-behavior> <adm:defined> @@ -79,11 +76,11 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="poll-interval" mandatory="true" multi-valued="false"> <adm:property name="poll-interval" mandatory="true"> <adm:synopsis> Specifies how frequently the LDIF connection handler should check the LDIF directory to determine whether a new LDIF file has been added. Specifies how frequently the LDIF connection handler should check the LDIF directory to determine whether a new LDIF file has been added. </adm:synopsis> <adm:default-behavior> <adm:defined> @@ -99,6 +96,4 @@ </ldap:attribute> </adm:profile> </adm:property> </adm:managed-object>
@@ -25,40 +25,32 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="last-mod-plugin" plural-name="last-mod-plugins" package="org.opends.server.admin.std" extends="plugin" xmlns:adm="http://www.opends.org/admin" plural-name="last-mod-plugins" package="org.opends.server.admin.std" extends="plugin" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> is used to ensure that the creatorsName and createTimestamp attributes are included in an entry whenever it is added to the server, and to ensure that the modifiersName and modifyTimestamp attributes are updated whenever an entry is modified or renamed. is used to ensure that the creatorsName and createTimestamp attributes are included in an entry whenever it is added to the server, and to ensure that the modifiersName and modifyTimestamp attributes are updated whenever an entry is modified or renamed. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-last-mod-plugin</ldap:name> <ldap:superior>ds-cfg-plugin</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> org.opends.server.plugins.LastModPlugin </adm:value> <adm:value>org.opends.server.plugins.LastModPlugin</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property-override name="plugin-type"> <adm:property-override name="plugin-type" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value>preoperationadd</adm:value> @@ -67,6 +59,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,18 +25,21 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="length-based-password-validator" plural-name="length-based-password-validators" package="org.opends.server.admin.std" extends="password-validator" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:TODO> Use constraints to enforce max-password-length >= min-password-length </adm:TODO> <adm:synopsis> The <adm:user-friendly-name /> is used to determine whether a proposed password is acceptable based on whether the number of characters it contains falls within an acceptable range of values. is used to determine whether a proposed password is acceptable based on whether the number of characters it contains falls within an acceptable range of values. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> @@ -44,7 +47,7 @@ <ldap:superior>ds-cfg-password-validator</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -53,16 +56,14 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="max-password-length" mandatory="false"> <adm:property name="max-password-length"> <adm:synopsis> Specifies the maximum number of characters that may be included in a proposed password. Specifies the maximum number of characters that may be included in a proposed password. </adm:synopsis> <adm:description> Specifies the maximum number of characters that may be included in a proposed password. A value of zero indicates that there will be no upper bound enforced. Changes to this configuration attribute will take effect immediately. A value of zero indicates that there will be no upper bound enforced. </adm:description> <adm:default-behavior> <adm:defined> @@ -78,16 +79,14 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="min-password-length" mandatory="false"> <adm:property name="min-password-length"> <adm:synopsis> Specifies the minimum number of characters that must be included in a proposed password. Specifies the minimum number of characters that must be included in a proposed password. </adm:synopsis> <adm:description> Specifies the minimum number of characters that must be included in a proposed password. A value of zero indicates that there will be no lower bound enforced. Changes to this configuration attribute will take effect immediately. A value of zero indicates that there will be no lower bound enforced. </adm:description> <adm:default-behavior> <adm:defined> @@ -104,4 +103,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,32 +25,24 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="local-backend-workflow-element" <adm:managed-object name="local-backend-workflow-element" plural-name="local-backend-workflow-elements" package="org.opends.server.admin.std" extends="workflow-element" package="org.opends.server.admin.std" extends="workflow-element" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> provides access to a local backend. The <adm:user-friendly-name /> provides access to a backend. </adm:synopsis> <adm:tag name="user-management"/> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-local-backend-workflow-element</ldap:name> <ldap:superior>ds-cfg-workflow-element</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="backend" mandatory="true" read-only="true" multi-valued="false"> <adm:property name="backend" mandatory="true" read-only="true"> <adm:synopsis> Identifies the backend accessed by the workflow element. </adm:synopsis> @@ -68,4 +60,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,26 +25,23 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="local-db-backend" plural-name="local-db-backends" package="org.opends.server.admin.std" extends="backend" xmlns:adm="http://www.opends.org/admin" <adm:managed-object name="local-db-backend" plural-name="local-db-backends" package="org.opends.server.admin.std" extends="backend" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap" xmlns:cli="http://www.opends.org/admin-cli"> <adm:synopsis> The primary backend provided by the OpenDS Directory Server uses the Berkeley DB Java Edition to store user-provided data in a local repository. It is the traditional "directory server" backend and is similar to the backends provided by the Sun Java System Directory Server. Berkeley DB Java Edition to store user-provided data in a local repository. </adm:synopsis> <adm:description> The <adm:user-friendly-name/> stores the entries in an encoded form and also provides indexes that can be used to quickly locate target entries based on different kinds of criteria. The org.opends.server.backends.jeb.BackendImpl class provides the implementation for this backend, and therefore should be used as the value of the java-class property. It is the traditional "directory server" backend and is similar to the backends provided by the Sun Java System Directory Server. The <adm:user-friendly-name /> stores the entries in an encoded form and also provides indexes that can be used to quickly locate target entries based on different kinds of criteria. </adm:description> <adm:profile name="ldap"> <ldap:object-class> @@ -55,9 +52,7 @@ <adm:relation name="local-db-index"> <adm:one-to-many naming-property="attribute"/> <adm:profile name="ldap"> <ldap:rdn-sequence> cn=Index </ldap:rdn-sequence> <ldap:rdn-sequence>cn=Index</ldap:rdn-sequence> </adm:profile> <adm:profile name="cli"> <cli:relation> @@ -68,9 +63,7 @@ <adm:relation name="local-db-vlv-index"> <adm:one-to-many naming-property="name"/> <adm:profile name="ldap"> <ldap:rdn-sequence> cn=VLV Index </ldap:rdn-sequence> <ldap:rdn-sequence>cn=VLV Index</ldap:rdn-sequence> </adm:profile> <adm:profile name="cli"> <cli:relation> @@ -81,7 +74,7 @@ </cli:relation> </adm:profile> </adm:relation> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -90,13 +83,19 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="deadlock-retry-limit" mandatory="false" multi-valued="false"> <adm:property-override name="writability-mode"> <adm:default-behavior> <adm:defined> <adm:value>enabled</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="deadlock-retry-limit" advanced="true"> <adm:synopsis> Specifies the number of times that the server should retry an attempted operation in the backend if a deadlock results from two concurrent requests that interfere with each other in a conflicting manner. Specifies the number of times that the server should retry an attempted operation in the backend if a deadlock results from two concurrent requests that interfere with each other in a conflicting manner. </adm:synopsis> <adm:description> A value of "0" indicates no limit. @@ -115,20 +114,19 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="db-directory" mandatory="true" multi-valued="false"> <adm:property name="db-directory" mandatory="true"> <adm:TODO>Default this to the db/backend-id</adm:TODO> <adm:synopsis> Specifies the path to the filesystem directory that will be used to hold the Berkeley DB Java Edition database files containing the data for this backend. Specifies the path to the filesystem directory that will be used to hold the Berkeley DB Java Edition database files containing the data for this backend. </adm:synopsis> <adm:description> The path may be either an absolute path or a path relative to the directory containing the base of the OpenDS Directory Server installation. The path may be any valid directory path in which the server has appropriate permissions to read and write files and has sufficient space to hold the database contents. directory containing the base of the OpenDS Directory Server installation. The path may be any valid directory path in which the server has appropriate permissions to read and write files and has sufficient space to hold the database contents. </adm:description> <adm:requires-admin-action> <adm:component-restart/> @@ -142,25 +140,24 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="compact-encoding" mandatory="false" multi-valued="false"> <adm:property name="compact-encoding"> <adm:synopsis> Indicates whether the backend should use a compact form when encoding entries by compressing the attribute descriptions and object class sets. Indicates whether the backend should use a compact form when encoding entries by compressing the attribute descriptions and object class sets. </adm:synopsis> <adm:description> Note that this property applies only to the entries themselves and does not impact the index data. Note that this property applies only to the entries themselves and does not impact the index data. </adm:description> <adm:requires-admin-action> <adm:other> <adm:none> <adm:synopsis> Changes to this setting will only take effect for writes that occur after the change is made. It will not be retroactively applied to existing data. Changes to this setting will only take effect for writes that occur after the change is made. It will not be retroactively applied to existing data. </adm:synopsis> </adm:other> </adm:none> </adm:requires-admin-action> <adm:default-behavior> <adm:defined> @@ -176,26 +173,25 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="entries-compressed" mandatory="false" multi-valued="false"> <adm:property name="entries-compressed" advanced="true"> <adm:synopsis> Indicates whether the backend should attempt to compress entries before storing them in the database. Indicates whether the backend should attempt to compress entries before storing them in the database. </adm:synopsis> <adm:description> Note that this property applies only to the entries themselves and does not impact the index data. Further, the effectiveness of the compression will be based on the type of data contained in the entry. Note that this property applies only to the entries themselves and does not impact the index data. Further, the effectiveness of the compression will be based on the type of data contained in the entry. </adm:description> <adm:requires-admin-action> <adm:other> <adm:none> <adm:synopsis> Changes to this setting will only take effect for writes that occur after the change is made. It will not be retroactively applied to existing data. Changes to this setting will only take effect for writes that occur after the change is made. It will not be retroactively applied to existing data. </adm:synopsis> </adm:other> </adm:none> </adm:requires-admin-action> <adm:default-behavior> <adm:defined> @@ -211,20 +207,18 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="import-buffer-size" mandatory="false" multi-valued="false"> <adm:property name="import-buffer-size" advanced="true"> <adm:synopsis> Specifies the amount of memory that should be used as an internal buffer for index information when processing an LDIF import. </adm:synopsis> <adm:requires-admin-action> <adm:other> <adm:none> <adm:synopsis> No admin action required, although changes will not take effect for any import that may already be in progress. Changes will not take effect for any import that may already be in progress. </adm:synopsis> </adm:other> </adm:none> </adm:requires-admin-action> <adm:default-behavior> <adm:defined> @@ -240,30 +234,28 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="import-pass-size" mandatory="false" multi-valued="false"> <adm:property name="import-pass-size" advanced="true"> <adm:synopsis> Specifies the maximum number of entries that should be imported in each import pass. Specifies the maximum number of entries that should be imported in each import pass. </adm:synopsis> <adm:description> An import pass consists of the processing required to import a set of entries as well as the index post-processing required to index those entries. A value of zero for this property indicates that all entries should be processed in a single pass, which is the recommended configuration for most deployments, although a non-zero value may be required when importing a very large number of entries if the amount of memory required for index post-processing exceeds the total amount available to the server. An import pass consists of the processing required to import a set of entries as well as the index post-processing required to index those entries. A value of zero for this property indicates that all entries should be processed in a single pass, which is the recommended configuration for most deployments, although a non-zero value may be required when importing a very large number of entries if the amount of memory required for index post-processing exceeds the total amount available to the server. </adm:description> <adm:requires-admin-action> <adm:other> <adm:none> <adm:synopsis> No admin action required, although changes will not take effect for any import that may already be in progress. Changes will not take effect for any import that may already be in progress. </adm:synopsis> </adm:other> </adm:none> </adm:requires-admin-action> <adm:default-behavior> <adm:defined> @@ -279,20 +271,18 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="import-queue-size" mandatory="false" multi-valued="false"> <adm:property name="import-queue-size" advanced="true"> <adm:synopsis> Specifies the size (in number of entries) of the queue that will be used to hold the entries read during an LDIF import. Specifies the size (in number of entries) of the queue that will be used to hold the entries read during an LDIF import. </adm:synopsis> <adm:requires-admin-action> <adm:other> <adm:none> <adm:synopsis> No admin action required, although changes will not take effect for any import that may already be in progress. Changes will not take effect for any import that may already be in progress. </adm:synopsis> </adm:other> </adm:none> </adm:requires-admin-action> <adm:default-behavior> <adm:defined> @@ -308,27 +298,28 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="import-temp-directory" mandatory="true" multi-valued="false"> <adm:property name="import-temp-directory" mandatory="true"> <adm:TODO> Default to something derived from the backend-id </adm:TODO> <adm:synopsis> Specifies the location of the directory that will be used for the files used to hold temporary information that will be used during the index post-processing phase of an LDIF import. files used to hold temporary information that will be used during the index post-processing phase of an LDIF import. </adm:synopsis> <adm:description> The specified directory will only be used while an import is in progress and the files created in this directory will be deleted as they are processed. It may be an absolute path or one that is relative to the instance root directory. The specified directory will only be used while an import is in progress and the files created in this directory will be deleted as they are processed. It may be an absolute path or one that is relative to the instance root directory. </adm:description> <adm:requires-admin-action> <adm:other> <adm:none> <adm:synopsis> No admin action required, although changes will not take effect for any import that may already be in progress. Changes will not take effect for any import that may already be in progress. </adm:synopsis> </adm:other> </adm:none> </adm:requires-admin-action> <adm:default-behavior> <adm:undefined/> @@ -342,25 +333,23 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="import-thread-count" mandatory="false" multi-valued="false"> <adm:property name="import-thread-count" advanced="true"> <adm:synopsis> Specifies the number of threads that will be used for concurrent processing during an LDIF import. </adm:synopsis> <adm:description> This should generally be a small multiple (e.g., 2x) of the number of CPUs in the system for a traditional system, or equal to the number of CPU strands for a CMT system. This should generally be a small multiple (e.g., 2x) of the number of CPUs in the system for a traditional system, or equal to the number of CPU strands for a CMT system. </adm:description> <adm:requires-admin-action> <adm:other> <adm:none> <adm:synopsis> No admin action required, although changes will not take effect for any import that may already be in progress. Changes will not take effect for any import that may already be in progress. </adm:synopsis> </adm:other> </adm:none> </adm:requires-admin-action> <adm:default-behavior> <adm:defined> @@ -376,28 +365,26 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="index-entry-limit" mandatory="false" multi-valued="false"> <adm:property name="index-entry-limit"> <adm:synopsis> Specifies the maximum number of entries that will be allowed to match a given index key before that particular index key is no longer maintained (i.e., it is analogous to the ALL IDs threshold in the Sun Java System Directory Server). Note that this is the default limit for the backend, and it may be overridden on a per-attribute basis. match a given index key before that particular index key is no longer maintained. </adm:synopsis> <adm:description> Note that this is the default limit for the backend, and it may be overridden on a per-attribute basis. A value of 0 means there is no limit. This property is analogous to the ALL IDs threshold in the Sun Java System Directory Server. Note that this is the default limit for the backend, and it may be overridden on a per-attribute basis.A value of 0 means there is no limit. </adm:description> <adm:requires-admin-action> <adm:other> <adm:none> <adm:synopsis> No admin action is required, although if any index keys have already reached this limit, indexes will need to be rebuilt before they will be allowed to use the new limit. If any index keys have already reached this limit, indexes will need to be rebuilt before they will be allowed to use the new limit. </adm:synopsis> </adm:other> </adm:none> </adm:requires-admin-action> <adm:default-behavior> <adm:defined> @@ -413,23 +400,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="db-directory-permissions" mandatory="false" multi-valued="false"> <adm:property name="db-directory-permissions" advanced="true"> <adm:synopsis> Specifies the permissions that should be applied to the directory containing the server database files. They should be expressed as three-digit octal values, which is the traditional representation for UNIX file permissions. containing the server database files. </adm:synopsis> <adm:description> The three digits represent the permissions that will be available for the directory's owner, group members, and other users (in that order), and each digit is the octal representation of the read, write, and execute bits. Note that this only impacts permissions on the database directory and not on the files written into that directory. On UNIX systems, the user's umask will control permissions given to the database files. They should be expressed as three-digit octal values, which is the traditional representation for UNIX file permissions. The three digits represent the permissions that will be available for the directory's owner, group members, and other users (in that order), and each digit is the octal representation of the read, write, and execute bits. Note that this only impacts permissions on the database directory and not on the files written into that directory. On UNIX systems, the user's umask will control permissions given to the database files. </adm:description> <adm:requires-admin-action> <adm:server-restart/> @@ -442,11 +427,11 @@ <adm:syntax> <adm:string> <adm:pattern> <adm:regex>7[0-7][0-7]</adm:regex> <adm:regex>^7[0-7][0-7]$</adm:regex> <adm:usage>MODE</adm:usage> <adm:synopsis> Any octal value between 700 and 777 (the owner must always have read, write, and execute permissions on the directory). Any octal value between 700 and 777 (the owner must always have read, write, and execute permissions on the directory). </adm:synopsis> </adm:pattern> </adm:string> @@ -457,17 +442,16 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="preload-time-limit" mandatory="false" multi-valued="false"> <adm:property name="preload-time-limit" advanced="true"> <adm:synopsis> Specifies the length of time that the backend will be allowed to spend "pre-loading" data when it is initialized. </adm:synopsis> <adm:description> The pre-load process may be used to pre-populate the database cache so that it can be more quickly available when the server is processing requests. A duration of zero means there will be no pre-load. The pre-load process may be used to pre-populate the database cache so that it can be more quickly available when the server is processing requests. A duration of zero means there will be no pre-load. </adm:description> <adm:default-behavior> <adm:defined> @@ -483,17 +467,15 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="subtree-delete-size-limit" mandatory="false" multi-valued="false"> <adm:property name="subtree-delete-size-limit" advanced="true"> <adm:synopsis> Specifies the maximum number of entries that may be deleted from the backend when using the subtree delete control. Specifies the maximum number of entries that may be deleted from the backend when using the subtree delete control. </adm:synopsis> <adm:description> If a subtree delete operation targets a subtree with more than this number of entries, then multiple passes may be required to remove all entries in that subtree. If a subtree delete operation targets a subtree with more than this number of entries, then multiple passes may be required to remove all entries in that subtree. </adm:description> <adm:default-behavior> <adm:defined> @@ -509,17 +491,16 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="subtree-delete-batch-size" mandatory="false" multi-valued="false"> <adm:property name="subtree-delete-batch-size" advanced="true"> <adm:synopsis> Specifies the maximum number of entries that may be deleted from the backend when using the subtree delete control within a single transaction. Specifies the maximum number of entries that may be deleted from the backend when using the subtree delete control within a single transaction. </adm:synopsis> <adm:description> If a subtree delete operation targets a subtree with more than this number of entries, then additional transactions are used to remove the remaining entries in that subtree. If a subtree delete operation targets a subtree with more than this number of entries, then additional transactions are used to remove the remaining entries in that subtree. </adm:description> <adm:default-behavior> <adm:defined> @@ -535,18 +516,16 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="db-cache-percent" mandatory="false" multi-valued="false"> <adm:property name="db-cache-percent"> <adm:synopsis> The percentage of JVM memory to allocate to the database cache. </adm:synopsis> <adm:description> Specifies the percentage of memory available to the JVM that should be used for caching database contents. Note that this will only be used if the value of the db-cache-size property is set to "0 MB". Otherwise, the value of that property will be used instead to control the cache size configuration. Specifies the percentage of memory available to the JVM that should be used for caching database contents. Note that this will only be used if the value of the db-cache-size property is set to "0 MB". Otherwise, the value of that property will be used instead to control the cache size configuration. </adm:description> <adm:default-behavior> <adm:defined> @@ -562,16 +541,15 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="db-cache-size" mandatory="false" multi-valued="false"> <adm:property name="db-cache-size"> <adm:synopsis> The amount of JVM memory to allocate to the database cache. </adm:synopsis> <adm:description> Specifies the amount of memory that should be used for caching database contents. A value of "0 MB" indicates that the db-cache-percent property should be used instead to specify the cache size. Specifies the amount of memory that should be used for caching database contents. A value of "0 MB" indicates that the db-cache-percent property should be used instead to specify the cache size. </adm:description> <adm:default-behavior> <adm:defined> @@ -587,18 +565,16 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="db-cleaner-min-utilization" mandatory="false" multi-valued="false"> <adm:property name="db-cleaner-min-utilization" advanced="true"> <adm:synopsis> Specifies the minimum percentage of "live" data that the database cleaner will attempt to keep in database log files. Specifies the minimum percentage of "live" data that the database cleaner will attempt to keep in database log files. </adm:synopsis> <adm:description> If the amount of live data in any database log file drops below this percentage, then the cleaner will move the remaining live data in that file to the end of the database and will delete the original file in order to keep the database relatively compact. If the amount of live data in any database log file drops below this percentage, then the cleaner will move the remaining live data in that file to the end of the database and will delete the original file in order to keep the database relatively compact. </adm:description> <adm:default-behavior> <adm:defined> @@ -614,18 +590,17 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="db-run-cleaner" mandatory="false" multi-valued="false"> <adm:property name="db-run-cleaner" advanced="true"> <adm:synopsis> This indicates whether the database cleaner threads should be enabled. This indicates whether the database cleaner threads should be enabled. </adm:synopsis> <adm:description> The cleaner threads will be used to periodically compact the database by identifying database files with a low (i.e., less than the amount specified by the db-cleaner-min-utilization property) percentage of live data, moving the remaining live data to the end of the log and deleting that file. The cleaner threads will be used to periodically compact the database by identifying database files with a low (i.e., less than the amount specified by the db-cleaner-min-utilization property) percentage of live data, moving the remaining live data to the end of the log and deleting that file. </adm:description> <adm:default-behavior> <adm:defined> @@ -641,20 +616,19 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="db-evictor-lru-only" mandatory="false" multi-valued="false"> <adm:property name="db-evictor-lru-only" advanced="true"> <adm:synopsis> Indicates whether the database should evict existing data from the cache based on an LRU policy (where the least recently used information will be evicted first). Indicates whether the database should evict existing data from the cache based on an LRU policy (where the least recently used information will be evicted first). </adm:synopsis> <adm:description> If the value of this configuration property is set to "false", then eviction will prefer to keep internal nodes of the underlying Btree in the cache over leaf notes, even if the leaf nodes have been accessed more recently, which may be a better configuration for databases in which only a very small portion of the data is cached. If the value of this configuration property is set to "false", then eviction will prefer to keep internal nodes of the underlying Btree in the cache over leaf notes, even if the leaf nodes have been accessed more recently, which may be a better configuration for databases in which only a very small portion of the data is cached. </adm:description> <adm:requires-admin-action> <adm:component-restart/> @@ -673,25 +647,25 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="db-evictor-nodes-per-scan" mandatory="false" multi-valued="false"> <adm:property name="db-evictor-nodes-per-scan" advanced="true"> <adm:synopsis> Specifies the number of Btree nodes that should be evicted from the cache in a single pass if it is determined that it is necessary to free existing data in order to make room for new information. Specifies the number of Btree nodes that should be evicted from the cache in a single pass if it is determined that it is necessary to free existing data in order to make room for new information. </adm:synopsis> <adm:description> Changes to this property do not take effect until the backend is restarted. It is recommended that you also change this property when you set db-evictor-lru-only to false. This setting controls the number of Btree nodes that are considered, or sampled, each time a node is evicted. A setting of 100 often produces good results, but this may vary from application to application. The larger the nodesPerScan, the more accurate the algorithm. However, setting it too high is detrimental; the need to consider larger numbers of nodes for each eviction may delay the completion of a given database operation, which will impact the response time of the application thread. restarted. It is recommended that you also change this property when you set db-evictor-lru-only to false. This setting controls the number of Btree nodes that are considered, or sampled, each time a node is evicted. A setting of 100 often produces good results, but this may vary from application to application. The larger the nodes per scan, the more accurate the algorithm. However, setting it too high is detrimental; the need to consider larger numbers of nodes for each eviction may delay the completion of a given database operation, which will impact the response time of the application thread. </adm:description> <adm:requires-admin-action> <adm:component-restart/> @@ -710,11 +684,10 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="db-log-file-max" mandatory="false" multi-valued="false"> <adm:property name="db-log-file-max" advanced="true"> <adm:synopsis> Specifies the maximum size that may be used for a database log file. Specifies the maximum size that may be used for a database log file. </adm:synopsis> <adm:requires-admin-action> <adm:component-restart/> @@ -733,15 +706,15 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="db-logging-file-handler-on" mandatory="false" multi-valued="false"> <adm:property name="db-logging-file-handler-on" advanced="true"> <adm:synopsis> Indicates whether the database should maintain a je.info file in the same directory as the database log directory. This file will contain information about the internal processing performed by the underlying database. Indicates whether the database should maintain a je.info file in the same directory as the database log directory. </adm:synopsis> <adm:description> This file will contain information about the internal processing performed by the underlying database. </adm:description> <adm:requires-admin-action> <adm:component-restart/> </adm:requires-admin-action> @@ -759,16 +732,16 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="db-logging-level" mandatory="false" multi-valued="false"> <adm:property name="db-logging-level" advanced="true"> <adm:TODO>Use an enumeration</adm:TODO> <adm:synopsis> This specifies the log level that should be used by the database when it is writing information into the je.info file. This specifies the log level that should be used by the database when it is writing information into the je.info file. </adm:synopsis> <adm:description> The database trace logging level is (in increasing order of verbosity) chosen from: OFF, SEVERE, WARNING, INFO, CONFIG, FINE, FINER, FINEST, ALL. The database trace logging level is (in increasing order of verbosity) chosen from: OFF, SEVERE, WARNING, INFO, CONFIG, FINE, FINER, FINEST, ALL. </adm:description> <adm:requires-admin-action> <adm:component-restart/> @@ -787,19 +760,17 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="db-checkpointer-bytes-interval" mandatory="false" multi-valued="false"> <adm:property name="db-checkpointer-bytes-interval" advanced="true"> <adm:synopsis> Specifies the maximum number of bytes that may be written to the database before it will be forced to perform a checkpoint. Specifies the maximum number of bytes that may be written to the database before it will be forced to perform a checkpoint. </adm:synopsis> <adm:description> This can be used to bound the recovery time that may be required if the database environment is opened without having been properly closed. If this property is set to a non-zero value, the checkpointer wakeup interval is not used. To use time based checkpointing, set this property to zero. This can be used to bound the recovery time that may be required if the database environment is opened without having been properly closed. If this property is set to a non-zero value, the checkpointer wakeup interval is not used. To use time based checkpointing, set this property to zero. </adm:description> <adm:requires-admin-action> <adm:server-restart/> @@ -819,14 +790,14 @@ </adm:profile> </adm:property> <adm:property name="db-checkpointer-wakeup-interval" mandatory="false" multi-valued="false"> advanced="true"> <adm:synopsis> Specifies the maximum length of time that may pass between checkpoints. Specifies the maximum length of time that may pass between checkpoints. </adm:synopsis> <adm:description> Note that this will only be used if the value of the checkpointer bytes interval is zero. Note that this will only be used if the value of the checkpointer bytes interval is zero. </adm:description> <adm:requires-admin-action> <adm:component-restart/> @@ -845,19 +816,17 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="db-num-lock-tables" mandatory="false" multi-valued="false"> <adm:property name="db-num-lock-tables" advanced="true"> <adm:synopsis> This specifies the number of lock tables that should be used by the underlying database. This specifies the number of lock tables that should be used by the underlying database. </adm:synopsis> <adm:description> This can be particularly important to help improve scalability by avoiding contention on systems with large numbers of CPUs. The value of this configuration property should be set to a prime number that is less than or equal to the number of worker threads configured for use in the server. avoiding contention on systems with large numbers of CPUs. The value of this configuration property should be set to a prime number that is less than or equal to the number of worker threads configured for use in the server. </adm:description> <adm:requires-admin-action> <adm:component-restart/> @@ -876,16 +845,14 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="db-num-cleaner-threads" mandatory="false" multi-valued="false"> <adm:property name="db-num-cleaner-threads" advanced="true"> <adm:synopsis> Specifies the number of threads that the backend should maintain to keep the database log files at or near the desired utilization. Specifies the number of threads that the backend should maintain to keep the database log files at or near the desired utilization. </adm:synopsis> <adm:description> In environments with high write throughput, multiple cleaner threads may be required to maintain the desired utilization. In environments with high write throughput, multiple cleaner threads may be required to maintain the desired utilization. </adm:description> <adm:default-behavior> <adm:defined> @@ -901,20 +868,18 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="db-txn-no-sync" mandatory="false" multi-valued="false"> <adm:property name="db-txn-no-sync" advanced="true"> <adm:synopsis> Indicates whether database writes should be primarily written to an internal buffer but not immediately written to disk. Indicates whether database writes should be primarily written to an internal buffer but not immediately written to disk. </adm:synopsis> <adm:description> Setting the value of this configuration attribute to "true" may improve write performance but could cause some number of the most recent changes to be lost if the OpenDS Directory Server or the underlying JVM exits abnormally, or if an OS or hardware failure occurs (a behavior similar to running with transaction durability disabled in the Sun Java System Directory Server). Setting the value of this configuration attribute to "true" may improve write performance but could cause some number of the most recent changes to be lost if the OpenDS Directory Server or the underlying JVM exits abnormally, or if an OS or hardware failure occurs (a behavior similar to running with transaction durability disabled in the Sun Java System Directory Server). </adm:description> <adm:default-behavior> <adm:defined> @@ -930,22 +895,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="db-txn-write-no-sync" mandatory="false" multi-valued="false"> <adm:property name="db-txn-write-no-sync" advanced="true"> <adm:synopsis> Indicates whether the database should synchronously flush data as it is written to disk. Indicates whether the database should synchronously flush data as it is written to disk. </adm:synopsis> <adm:description> If this value is set to "false", then all data written to disk will be synchronously flushed to persistent storage and thereby providing full durability. If it is set to "true", then data may be cached for a period of time by the underlying operating system before actually being written to disk. This may improve performance, but could cause some number of the most recent changes to be lost in the event of an underlying OS or hardware failure (but not in the case that the OpenDS Directory Server or the JVM exits abnormally). If this value is set to "false", then all data written to disk will be synchronously flushed to persistent storage and thereby providing full durability. If it is set to "true", then data may be cached for a period of time by the underlying operating system before actually being written to disk. This may improve performance, but could cause some number of the most recent changes to be lost in the event of an underlying OS or hardware failure (but not in the case that the OpenDS Directory Server or the JVM exits abnormally). </adm:description> <adm:default-behavior> <adm:defined> @@ -961,20 +925,19 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="je-property" mandatory="false" <adm:property name="je-property" advanced="true" multi-valued="true"> <adm:synopsis> Specifies the database and environment properties for the Berkeley DB Java Edition database serving the data for this backend. Specifies the database and environment properties for the Berkeley DB Java Edition database serving the data for this backend. </adm:synopsis> <adm:description> Any Berkeley DB Java Edition property can be specified using the following form: property-name=property-value Refer to OpenDS documentation for further information on related properties, their implications and range values. The definitive identification of all the property parameters available in the example.properties file of Berkeley DB Java Edition distribution. following form: property-name=property-value Refer to OpenDS documentation for further information on related properties, their implications and range values. The definitive identification of all the property parameters available in the example.properties file of Berkeley DB Java Edition distribution. </adm:description> <adm:default-behavior> <adm:undefined /> opends/src/admin/defn/org/opends/server/admin/std/LocalDBIndexConfiguration.xml
@@ -25,15 +25,15 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="local-db-index" plural-name="local-db-indexes" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-plural-name/> are used to store information that makes it possible to locate entries very quickly when processing search operations. The <adm:user-friendly-plural-name /> are used to store information that makes it possible to locate entries very quickly when processing search operations. </adm:synopsis> <adm:description> Indexing is performed on a per-attribute level and different types @@ -47,13 +47,10 @@ <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="attribute" mandatory="true" multi-valued="false" read-only="true"> <adm:property name="attribute" mandatory="true" read-only="true"> <adm:synopsis> This specifies the name of the attribute for which the index is to be maintained. This specifies the name of the attribute for which the index is to be maintained. </adm:synopsis> <adm:syntax> <adm:attribute-type/> @@ -64,9 +61,7 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="index-entry-limit" mandatory="false" multi-valued="false"> <adm:property name="index-entry-limit"> <adm:synopsis> This specifies the maximum number of entries that will be allowed to match a given index key before that particular index key is no @@ -75,31 +70,26 @@ <adm:description> This is analogous to the ALL IDs threshold in the Sun Java System Directory Server. If this is specified, it will override the JE backend-wide configuration. If any index keys have already reached this limit, indexes will need to be rebuilt before they will be allowed to use the new limit. For no limit, use 0 for the value. backend-wide configuration. For no limit, use 0 for the value. </adm:description> <adm:requires-admin-action> <adm:other> <adm:none> <adm:synopsis> If any index keys have already reached this limit, indexes will need to be rebuilt before they will be allowed to use the new limit. will need to be rebuilt before they will be allowed to use the new limit. </adm:synopsis> </adm:other> </adm:none> </adm:requires-admin-action> <adm:default-behavior> <adm:inherited> <adm:relative property-name="index-entry-limit" offset="1" managed-object-name="local-db-backend" /> <adm:relative property-name="index-entry-limit" offset="1" managed-object-name="local-db-backend" /> </adm:inherited> </adm:default-behavior> <adm:syntax> <adm:integer lower-limit="0" upper-limit="2147483647"> <adm:unit-synopsis> Number of entries </adm:unit-synopsis> <adm:unit-synopsis>Number of entries</adm:unit-synopsis> </adm:integer> </adm:syntax> <adm:profile name="ldap"> @@ -108,12 +98,11 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="index-type" mandatory="true" <adm:property name="index-type" mandatory="true" multi-valued="true"> <adm:synopsis> This specifies the type(s) of indexing that should be performed for the associated attribute. This specifies the type(s) of indexing that should be performed for the associated attribute. </adm:synopsis> <adm:description> For equality, presence, and substring index types, the associated @@ -133,33 +122,33 @@ <adm:enumeration> <adm:value name="equality"> <adm:synopsis> This index type will be used to help improve the efficiency of searches using equality search filters. This index type will be used to help improve the efficiency of searches using equality search filters. </adm:synopsis> </adm:value> <adm:value name="ordering"> <adm:synopsis> This index type will be used to help improve the efficiency of searches using "greater than or equal to" or "less then or equal to" search filters. This index type will be used to help improve the efficiency of searches using "greater than or equal to" or "less then or equal to" search filters. </adm:synopsis> </adm:value> <adm:value name="presence"> <adm:synopsis> This index type will be used to help improve the efficiency of searches using the presence search filters. This index type will be used to help improve the efficiency of searches using the presence search filters. </adm:synopsis> </adm:value> <adm:value name="substring"> <adm:synopsis> This index type will be used to help improve the efficiency of searches using substring search filters. This index type will be used to help improve the efficiency of searches using substring search filters. </adm:synopsis> </adm:value> <adm:value name="approximate"> <adm:synopsis> This index type will be used to help improve the efficiency of searches using approximate matching search filters. This index type will be used to help improve the efficiency of searches using approximate matching search filters. </adm:synopsis> </adm:value> </adm:enumeration> @@ -170,17 +159,15 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="substring-length" mandatory="false" multi-valued="false"> <adm:property name="substring-length" advanced="true"> <adm:synopsis> The length of substrings in a substring index. </adm:synopsis> <adm:requires-admin-action> <adm:other> <adm:synopsis> The index will need to be rebuilt before it will reflect the new value. The index will need to be rebuilt before it will reflect the new value. </adm:synopsis> </adm:other> </adm:requires-admin-action> opends/src/admin/defn/org/opends/server/admin/std/LocalDBVLVIndexConfiguration.xml
@@ -25,21 +25,22 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="local-db-vlv-index" plural-name="local-db-vlv-indexes" <adm:managed-object name="local-db-vlv-index" plural-name="local-db-vlv-indexes" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-plural-name/> are used to store information about a specific search request that makes it possible to efficiently process them using the VLV control. The <adm:user-friendly-plural-name /> are used to store information about a specific search request that makes it possible to efficiently process them using the VLV control. </adm:synopsis> <adm:description> A VLV index effectively notifies the server that a virtual list view, with specific query and sort parameters, will be performed. This index also allows the server to collect and maintain the information required to make using the virtual list view faster. A VLV index effectively notifies the server that a virtual list view, with specific query and sort parameters, will be performed. This index also allows the server to collect and maintain the information required to make using the virtual list view faster. </adm:description> <adm:tag name="database" /> <adm:profile name="ldap"> @@ -48,9 +49,7 @@ <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="base-dn" mandatory="true" multi-valued="false"> <adm:property name="base-dn" mandatory="true"> <adm:synopsis> This specifies the base DN used in the search query being indexed. </adm:synopsis> @@ -71,9 +70,7 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="scope" mandatory="true" multi-valued="false"> <adm:property name="scope" mandatory="true"> <adm:synopsis> This specifies the LDAP scope of the query being indexed. </adm:synopsis> @@ -88,9 +85,7 @@ <adm:syntax> <adm:enumeration> <adm:value name="base-object"> <adm:synopsis> Search the base object only. </adm:synopsis> <adm:synopsis>Search the base object only.</adm:synopsis> </adm:value> <adm:value name="single-level"> <adm:synopsis> @@ -100,8 +95,8 @@ </adm:value> <adm:value name="subordinate-subtree"> <adm:synopsis> Search the entire subtree below the base object but not include the base object itself. Search the entire subtree below the base object but not include the base object itself. </adm:synopsis> </adm:value> <adm:value name="whole-subtree"> @@ -118,9 +113,7 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="filter" mandatory="true" multi-valued="false"> <adm:property name="filter" mandatory="true"> <adm:synopsis> This specifies the LDAP filter used in the query being indexed. </adm:synopsis> @@ -141,12 +134,10 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="sort-order" mandatory="true" multi-valued="false"> <adm:property name="sort-order" mandatory="true"> <adm:synopsis> This specifies the names of attributes to sort the entries for the query being indexed. This specifies the names of attributes to sort the entries for the query being indexed. </adm:synopsis> <adm:requires-admin-action> <adm:other> @@ -165,10 +156,7 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="name" mandatory="true" multi-valued="false" read-only="true"> <adm:property name="name" mandatory="true" read-only="true"> <adm:synopsis> This specifies a unique name for this VLV index. </adm:synopsis> @@ -181,26 +169,20 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="max-block-size" mandatory="false" multi-valued="false" read-only="true"> <adm:property name="max-block-size" read-only="true" advanced="true"> <adm:synopsis> This specifies the number of entry IDs to store in a single sorted set before it must be split. This specifies the number of entry IDs to store in a single sorted set before it must be split. </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value> 4000 </adm:value> <adm:value>4000</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> <adm:integer> <adm:unit-synopsis> Number of entry IDs </adm:unit-synopsis> <adm:unit-synopsis>Number of entry IDs</adm:unit-synopsis> </adm:integer> </adm:syntax> <adm:profile name="ldap"> opends/src/admin/defn/org/opends/server/admin/std/LogPublisherConfiguration.xml
@@ -25,28 +25,22 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="log-publisher" plural-name="log-publishers" <adm:managed-object name="log-publisher" plural-name="log-publishers" package="org.opends.server.admin.std" abstract="true" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-plural-name /> are responsible for distributing log messages from different loggers to a destination. are responsible for distributing log messages from different loggers to a destination. </adm:synopsis> <adm:tag name="logging"/> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-log-publisher</ldap:name> <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="enabled" mandatory="true"> <adm:synopsis> Indicate whether the opends/src/admin/defn/org/opends/server/admin/std/LogRetentionPolicyConfiguration.xml
@@ -25,29 +25,22 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="log-retention-policy" <adm:managed-object name="log-retention-policy" plural-name="log-retention-policies" package="org.opends.server.admin.std" abstract="true" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-plural-name /> are used to specify when log files should be cleaned. <adm:user-friendly-plural-name /> are used to specify when log files should be cleaned. </adm:synopsis> <adm:tag name="logging"/> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-log-retention-policy</ldap:name> <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="java-class" mandatory="true"> <adm:synopsis> The fully-qualified name of the Java class that provides the @@ -68,4 +61,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,29 +25,22 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="log-rotation-policy" <adm:managed-object name="log-rotation-policy" plural-name="log-rotation-policies" package="org.opends.server.admin.std" abstract="true" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-plural-name /> are used to specify when log files should be rotated. <adm:user-friendly-plural-name /> are used to specify when log files should be rotated. </adm:synopsis> <adm:tag name="logging"/> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-log-rotation-policy</ldap:name> <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="java-class" mandatory="true"> <adm:synopsis> The fully-qualified name of the Java class that provides the @@ -68,4 +61,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,30 +25,29 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="md5-password-storage-scheme" <adm:managed-object name="md5-password-storage-scheme" plural-name="md5-password-storage-schemes" package="org.opends.server.admin.std" extends="password-storage-scheme" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> provides a mechanism for encoding user passwords using an unsalted form of the MD5 message digest algorithm. This implementation contains only an implementation for the user password syntax, with a storage scheme name of "MD5". The <adm:user-friendly-name /> provides a mechanism for encoding user passwords using an unsalted form of the MD5 message digest algorithm. </adm:synopsis> <adm:description> This scheme contains only an implementation for the user password syntax, with a storage scheme name of "MD5". </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-md5-password-storage-scheme</ldap:name> <ldap:superior>ds-cfg-password-storage-scheme</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -57,6 +56,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,28 +25,26 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="matching-rule" plural-name="matching-rules" <adm:managed-object name="matching-rule" plural-name="matching-rules" package="org.opends.server.admin.std" abstract="true" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-plural-name /> define a set of rules for performing matching operations against assertion values. The primary types of matching rules are equality, ordering, substring, and approximate. define a set of rules for performing matching operations against assertion values. </adm:synopsis> <adm:description> The primary types of matching rules are equality, ordering, substring, and approximate. </adm:description> <adm:tag name="core"/> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-matching-rule</ldap:name> <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="enabled" mandatory="true"> <adm:synopsis> Indicate whether the @@ -62,7 +60,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="java-class" mandatory="true"> <adm:synopsis> The fully-qualified name of the Java class that provides the @@ -82,6 +79,4 @@ </ldap:attribute> </adm:profile> </adm:property> </adm:managed-object>
@@ -25,31 +25,30 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="member-virtual-attribute" plural-name="user-defined-virtual-attributes" package="org.opends.server.admin.std" extends="virtual-attribute" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> is used to generate a member or uniqueMember attribute whose values are the DNs of the members of a specified group. This is used to implement virtual static group functionality, in which it is possible to create an entry which looks like a static group but obtains all of its membership from a dynamic group (or some other type of group, including another static group). is used to generate a member or uniqueMember attribute whose values are the DNs of the members of a specified group. </adm:synopsis> <adm:description> This is used to implement virtual static group functionality, in which it is possible to create an entry which looks like a static group but obtains all of its membership from a dynamic group (or some other type of group, including another static group). </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-member-virtual-attribute</ldap:name> <ldap:superior>ds-cfg-virtual-attribute</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -58,15 +57,29 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property-override name="conflict-behavior"> <adm:default-behavior> <adm:defined> <adm:value>virtual-overrides-real</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="allow-retrieving-membership" mandatory="true"> <adm:synopsis> Indicates whether to handle requests that request all values for the virtual attribute. This can be a very expensive operation in some cases, and is not in-line with the primary function of virtual static groups, which is to make it possible to use static group idioms to determine whether a given user is a member. Indicates whether to handle requests that request all values for the virtual attribute. </adm:synopsis> <adm:description> This can be a very expensive operation in some cases, and is not in-line with the primary function of virtual static groups, which is to make it possible to use static group idioms to determine whether a given user is a member. </adm:description> <adm:default-behavior> <adm:defined> <adm:value>false</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> <adm:boolean /> </adm:syntax> @@ -76,15 +89,4 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property-override name="conflict-behavior"> <adm:default-behavior> <adm:defined> <adm:value> virtual-overrides-real </adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,36 +25,37 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="memory-backend" plural-name="memory-backends" package="org.opends.server.admin.std" extends="backend" package="org.opends.server.admin.std" extends="backend" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The memory backend provides a Directory Server backend implementation that stores entries in memory. There is no persistence of any kind, and the backend contents are cleared whenever the backend is brought online or offline and when the server is restarted. The memory backend provides a Directory Server backend implementation that stores entries in memory. </adm:synopsis> <adm:description> There is no persistence of any kind, and the backend contents are cleared whenever the backend is brought online or offline and when the server is restarted. </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-memory-backend</ldap:name> <ldap:superior>ds-cfg-backend</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> org.opends.server.backends.MemoryBackend </adm:value> <adm:value>org.opends.server.backends.MemoryBackend</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property-override name="writability-mode"> <adm:default-behavior> <adm:defined> <adm:value>enabled</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,28 +25,24 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="memory-usage-monitor-provider" <adm:managed-object name="memory-usage-monitor-provider" plural-name="memory-usage-monitor-providers" package="org.opends.server.admin.std" extends="monitor-provider" package="org.opends.server.admin.std" extends="monitor-provider" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> may be used to publish information about memory consumption and garbage collection activity in the JVM. The <adm:user-friendly-name /> may be used to publish information about memory consumption and garbage collection activity in the JVM. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-memory-usage-monitor-provider</ldap:name> <ldap:superior>ds-cfg-monitor-provider</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -55,6 +51,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,34 +25,32 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="monitor-backend" plural-name="monitor-backends" package="org.opends.server.admin.std" extends="backend" xmlns:adm="http://www.opends.org/admin" <adm:managed-object name="monitor-backend" plural-name="monitor-backends" package="org.opends.server.admin.std" extends="backend" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The monitor backend allows clients to access the information made available by Directory Server monitor providers. The monitor backend allows clients to access the information made available by Directory Server monitor providers. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-monitor-backend</ldap:name> <ldap:superior>ds-cfg-backend</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> org.opends.server.backends.MonitorBackend </adm:value> <adm:value>org.opends.server.backends.MonitorBackend</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property-override name="writability-mode"> <adm:default-behavior> <adm:defined> <adm:value>disabled</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,29 +25,26 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="monitor-provider" plural-name="monitor-providers" package="org.opends.server.admin.std" abstract="false" plural-name="monitor-providers" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-plural-name /> may be used to provide information about the state of the server or one of its components. This information may be useful for monitoring and/or troubleshooting purposes. may be used to provide information about the state of the server or one of its components. </adm:synopsis> <adm:description> This information may be useful for monitoring and/or troubleshooting purposes. </adm:description> <adm:tag name="core"/> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-monitor-provider</ldap:name> <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="enabled" mandatory="true"> <adm:synopsis> Indicate whether the @@ -63,7 +60,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="java-class" mandatory="true"> <adm:synopsis> The fully-qualified name of the Java class that provides the @@ -83,6 +79,4 @@ </ldap:attribute> </adm:profile> </adm:property> </adm:managed-object>
@@ -25,15 +25,15 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="network-group" plural-name="network-groups" <adm:managed-object name="network-group" plural-name="network-groups" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> is used to classify incoming connections. The <adm:user-friendly-name /> is used to classify incoming connections and route requests to workflows. </adm:synopsis> <adm:tag name="user-management"/> <adm:profile name="ldap"> @@ -42,16 +42,14 @@ <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="enabled" mandatory="true" multi-valued="false"> <adm:property name="enabled" mandatory="true"> <adm:synopsis> Indicates whether the <adm:user-friendly-name /> Indicates whether the <adm:user-friendly-name /> is enabled for use in the server. </adm:synopsis> <adm:description> If a network group is not enabled, then its contents will not be If a network group is not enabled, then its workflows will not be accessible when processing operations. </adm:description> <adm:syntax> @@ -63,15 +61,16 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="network-group-id" mandatory="true" read-only="true" multi-valued="false"> <adm:property name="network-group-id" mandatory="true" read-only="true"> <adm:synopsis> Provides a name that will be used to identify the associated <adm:user-friendly-name />. <adm:user-friendly-name /> . </adm:synopsis> <adm:description> The name must be unique among all <adm:user-friendly-name /> The name must be unique among all <adm:user-friendly-name /> in the server. </adm:description> <adm:syntax> @@ -83,11 +82,10 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="workflow" mandatory="true" read-only="true" multi-valued="true"> <adm:synopsis> Identifies a workflow in the network group. Identifies the workflows in the network group. </adm:synopsis> <adm:syntax> <adm:aggregation relation-name="workflow" parent-path="/"> @@ -102,6 +100,4 @@ </ldap:attribute> </adm:profile> </adm:property> </adm:managed-object>
@@ -25,28 +25,24 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="num-subordinates-virtual-attribute" plural-name="num-subordinates-virtual-attributes" package="org.opends.server.admin.std" extends="virtual-attribute" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> may be used to generate a virtual attribute that specifies the number of immediate child entries that exist below the entry. may be used to generate a virtual attribute that specifies the number of immediate child entries that exist below the entry. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-num-subordinates-virtual-attribute</ldap:name> <ldap:superior>ds-cfg-virtual-attribute</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -55,16 +51,18 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property-override name="conflict-behavior"> <adm:property-override name="conflict-behavior" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> virtual-overrides-real </adm:value> <adm:value>virtual-overrides-real</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property-override name="attribute-type"> <adm:default-behavior> <adm:defined> <adm:value>numSubordinates</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,25 +25,24 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="ordering-matching-rule" plural-name="ordering-matching-rules" package="org.opends.server.admin.std" extends="matching-rule" abstract="false" package="org.opends.server.admin.std" extends="matching-rule" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-plural-name /> define a set of rules for performing ordering matching operations against assertion values. These matching rules are used for greater-than-or-equal and less-than-or-equal comparisons, as well as for sorting. define a set of rules for performing ordering matching operations against assertion values. </adm:synopsis> <adm:description> These matching rules are used for greater-than-or-equal and less-than-or-equal comparisons, as well as for sorting. </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-ordering-matching-rule</ldap:name> <ldap:superior>ds-cfg-matching-rule</ldap:superior> </ldap:object-class> </adm:profile> </adm:managed-object>
@@ -25,35 +25,47 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="pkcs11-key-manager-provider" plural-name="pkcs11-key-manager-providers" package="org.opends.server.admin.std" extends="key-manager-provider" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:TODO> The key manager must be able to get a pin from somewhere. It looks in property, then an environment variable, then a file, and finally in a configuration attribute. At least one must be present. Can we express this ordering and this "at least one" constraint? Perhaps support a "one-of" element which can be used to group a set of properties. </adm:TODO> <adm:synopsis> The <adm:user-friendly-name /> provider provides the ability for the server to access the private key information through the PKCS11 interface. This standard interface is used by cryptographic accelerators and hardware security modules. key information through the PKCS11 interface. </adm:synopsis> <adm:description> This standard interface is used by cryptographic accelerators and hardware security modules. </adm:description> <adm:constraint> <adm:synopsis> The key store pin must be specified using one of the key-store-pin properties when the <adm:user-friendly-name /> is enabled. </adm:synopsis> <adm:condition> <adm:implies> <adm:contains property="enabled" value="true" /> <adm:or> <adm:is-present property="key-store-pin-property" /> <adm:is-present property="key-store-pin-environment-variable" /> <adm:is-present property="key-store-pin-file" /> <adm:is-present property="key-store-pin" /> </adm:or> </adm:implies> </adm:condition> </adm:constraint> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-pkcs11-key-manager-provider</ldap:name> <ldap:superior>ds-cfg-key-manager-provider</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> opends/src/admin/defn/org/opends/server/admin/std/Package.xml
@@ -310,7 +310,9 @@ </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> <ldap:name>ds-cfg-trust-store-pin-environment-variable</ldap:name> <ldap:name> ds-cfg-trust-store-pin-environment-variable </ldap:name> </ldap:attribute> </adm:profile> </adm:property> @@ -344,8 +346,7 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="include-filter" mandatory="false" multi-valued="true"> <adm:property name="include-filter" multi-valued="true"> <adm:synopsis> The set of filters that define the entries that should be included in the cache. @@ -362,8 +363,7 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="exclude-filter" mandatory="false" multi-valued="true"> <adm:property name="exclude-filter" multi-valued="true"> <adm:synopsis> The set of filters that define the entries that should be excluded from the cache. opends/src/admin/defn/org/opends/server/admin/std/PasswordGeneratorConfiguration.xml
@@ -25,15 +25,15 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="password-generator" plural-name="password-generators" <adm:managed-object name="password-generator" plural-name="password-generators" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-plural-name /> are used by the password modify extended operation to construct a new password for the user. are used by the password modify extended operation to construct a new password for the user. </adm:synopsis> <adm:tag name="user-management"/> <adm:profile name="ldap"> @@ -77,4 +77,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,36 +25,34 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="password-modify-extended-operation-handler" <adm:managed-object name="password-modify-extended-operation-handler" plural-name="password-modify-extended-operation-handlers" package="org.opends.server.admin.std" extends="extended-operation-handler" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> provides the ability for end users to change their own passwords, or for administrators to reset user passwords. The <adm:user-friendly-name /> provides the ability for end users to change their own passwords, or for administrators to reset user passwords. </adm:synopsis> <adm:description> The password modify extended operation is defined in RFC 3062. It includes the ability for users to provide their current password for further confirmation of their identity when changing the password, and it also includes the ability to generate a new password if the user doesn't provide one. The password modify extended operation is defined in RFC 3062. It includes the ability for users to provide their current password for further confirmation of their identity when changing the password, and it also includes the ability to generate a new password if the user doesn't provide one. </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-password-modify-extended-operation-handler</ldap:name> <ldap:name> ds-cfg-password-modify-extended-operation-handler </ldap:name> <ldap:superior>ds-cfg-extended-operation-handler</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -63,7 +61,6 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="identity-mapper" mandatory="true"> <adm:synopsis> Specifies the name of the identity mapper that should be used in opends/src/admin/defn/org/opends/server/admin/std/PasswordPolicyConfiguration.xml
@@ -25,7 +25,6 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="password-policy" plural-name="password-policies" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" @@ -41,17 +40,13 @@ <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="password-attribute" mandatory="true" multi-valued="false"> <adm:property name="password-attribute" mandatory="true"> <adm:synopsis> Specifies the attribute type used to hold user passwords. </adm:synopsis> <adm:description> Specifies the attribute type used to hold user passwords. This attribute type must be defined in the server schema, and it must have either the user password or auth password syntax. Changes to this configuration attribute will take effect immediately. This attribute type must be defined in the server schema, and it must have either the user password or auth password syntax. </adm:description> <adm:syntax> <adm:attribute-type /> @@ -62,7 +57,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="default-password-storage-scheme" mandatory="true" multi-valued="true"> <adm:synopsis> @@ -83,17 +77,18 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="deprecated-password-storage-scheme" mandatory="false" multi-valued="true"> multi-valued="true"> <adm:synopsis> Specifies the names of the password storage schemes that will be considered deprecated for this password policy. If a user with this password policy authenticates to the server and his/her password is encoded with any deprecated schemes, then those values will be removed and replaced with values encoded using the default password storage scheme(s). considered deprecated for this password policy. </adm:synopsis> <adm:description> If a user with this password policy authenticates to the server and his/her password is encoded with any deprecated schemes, then those values will be removed and replaced with values encoded using the default password storage scheme(s). </adm:description> <adm:default-behavior> <adm:undefined /> </adm:default-behavior> @@ -111,12 +106,10 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="password-validator" mandatory="false" multi-valued="true"> <adm:property name="password-validator" multi-valued="true"> <adm:synopsis> Specifies the names of the password validators that should be used with the associated password storage scheme. Specifies the names of the password validators that should be used with the associated password storage scheme. </adm:synopsis> <adm:default-behavior> <adm:undefined /> @@ -135,9 +128,8 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="account-status-notification-handler" mandatory="false" multi-valued="true"> multi-valued="true"> <adm:synopsis> Specifies the names of the account status notification handlers that should be used with the associated password storage scheme. @@ -162,19 +154,14 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="allow-user-password-changes" mandatory="false" multi-valued="false"> <adm:property name="allow-user-password-changes"> <adm:synopsis> Indicates whether users will be allowed to change their own passwords. </adm:synopsis> <adm:description> Indicates whether users will be allowed to change their own passwords. This check is made in addition to access control evaluation, and therefore both must allow the password change for it to occur. Changes to this configuration attribute will take effect immediately. This check is made in addition to access control evaluation, and therefore both must allow the password change for it to occur. </adm:description> <adm:default-behavior> <adm:defined> @@ -190,20 +177,12 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="password-change-requires-current-password" mandatory="false" multi-valued="false"> <adm:property name="password-change-requires-current-password"> <adm:synopsis> Indicates whether user password changes will be required to use the password modify extended operation and include the user's current password before the change will be allowed. </adm:synopsis> <adm:description> Indicates whether user password changes will be required to use the password modify extended operation and include the user's current password before the change will be allowed. Changes to this configuration attribute will take effect immediately. </adm:description> <adm:default-behavior> <adm:defined> <adm:value>false</adm:value> @@ -219,21 +198,13 @@ </ldap:name> </ldap:attribute> </adm:profile> </adm:property> <adm:property name="force-change-on-add" mandatory="false" multi-valued="false"> <adm:property name="force-change-on-add"> <adm:synopsis> Indicates whether users will be forced to change their passwords upon first authenticating to the Directory Server after their account has been created. </adm:synopsis> <adm:description> Indicates whether users will be forced to change their passwords upon first authenticating to the Directory Server after their account has been created. Changes to this configuration attribute will take effect immediately. </adm:description> <adm:default-behavior> <adm:defined> <adm:value>false</adm:value> @@ -248,21 +219,14 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="force-change-on-reset" mandatory="false" multi-valued="false"> <adm:property name="force-change-on-reset"> <adm:synopsis> Indicates whether users will be forced to change their passwords if they are reset by an administrator. </adm:synopsis> <adm:description> Indicates whether users will be forced to change their passwords if they are reset by an administrator. For this purpose, anyone with permission to change a given user's password other than that user will be considered an administrator. Changes to this configuration attribute will take effect immediately. For this purpose, anyone with permission to change a given user's password other than that user will be considered an administrator. </adm:description> <adm:default-behavior> <adm:defined> @@ -277,23 +241,14 @@ <ldap:name>ds-cfg-force-change-on-reset</ldap:name> </ldap:attribute> </adm:profile> </adm:property> <adm:property name="skip-validation-for-administrators" mandatory="false" multi-valued="false"> advanced="true"> <adm:synopsis> Indicates whether passwords set by administrators will be allowed to bypass the password validation process that will be required for user password changes. </adm:synopsis> <adm:description> Indicates whether passwords set by administrators (in add, modify, or password modify operations) will be allowed to bypass the password validation process that will be required for user password changes. Changes to this configuration attribute will take effect immediately. </adm:description> <adm:default-behavior> <adm:defined> <adm:value>false</adm:value> @@ -308,10 +263,7 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="password-generator" mandatory="false" multi-valued="false"> <adm:property name="password-generator"> <adm:synopsis> Specifies the name of the password generator that should be used with the associated password policy. @@ -338,21 +290,15 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="require-secure-authentication" mandatory="false" multi-valued="false"> <adm:property name="require-secure-authentication"> <adm:synopsis> Indicates whether users with the associated password policy will be required to authenticate in a secure manner. </adm:synopsis> <adm:description> Indicates whether users with the associated password policy will be required to authenticate in a secure manner. This could mean either using a secure communication channel between the client and the server, or using a SASL mechanism that does not expose the credentials. Changes to this configuration attribute will take effect immediately. This could mean either using a secure communication channel between the client and the server, or using a SASL mechanism that does not expose the credentials. </adm:description> <adm:default-behavior> <adm:defined> @@ -368,21 +314,12 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="require-secure-password-changes" mandatory="false" multi-valued="false"> <adm:property name="require-secure-password-changes"> <adm:synopsis> Indicates whether users with the associated password policy will be required to change their password in a secure manner that does not expose the credentials. </adm:synopsis> <adm:description> Indicates whether users with the associated password policy will be required to change their password in a secure manner that does not expose the credentials. Changes to this configuration attribute will take effect immediately. </adm:description> <adm:default-behavior> <adm:defined> <adm:value>false</adm:value> @@ -397,23 +334,17 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="allow-multiple-password-values" mandatory="false" multi-valued="false"> <adm:property name="allow-multiple-password-values" advanced="true"> <adm:synopsis> Indicates whether user entries will be allowed to have multiple distinct values for the password attribute. </adm:synopsis> <adm:description> Indicates whether user entries will be allowed to have multiple distinct values for the password attribute. This is potentially dangerous because many mechanisms used to change the password do not work well with such a configuration. If multiple password values are allowed, then any of them may be used to authenticate, and they will all be subject to the same policy constraints. Changes to this configuration attribute will take effect immediately. This is potentially dangerous because many mechanisms used to change the password do not work well with such a configuration. If multiple password values are allowed, then any of them may be used to authenticate, and they will all be subject to the same policy constraints. </adm:description> <adm:default-behavior> <adm:defined> @@ -429,19 +360,15 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="allow-pre-encoded-passwords" mandatory="false" multi-valued="false"> <adm:property name="allow-pre-encoded-passwords" advanced="true"> <adm:synopsis> _Indicates whether users will be allowed to change their passwords Indicates whether users will be allowed to change their passwords by providing a pre-encoded value. </adm:synopsis> <adm:description> Indicates whether users will be allowed to change their passwords by providing a pre-encoded value. This can cause a security risk because the clear-text version of the password is not known and therefore validation checks cannot be applied to it. Changes to this configuration attribute will take effect immediately. This can cause a security risk because the clear-text version of the password is not known and therefore validation checks cannot be applied to it. </adm:description> <adm:default-behavior> <adm:defined> @@ -457,23 +384,18 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="min-password-age" mandatory="false" multi-valued="false"> <adm:property name="min-password-age"> <adm:synopsis> Specifies the minimum length of time that must pass after a password change before the user will be allowed to change the password again. </adm:synopsis> <adm:description> Specifies the minimum length of time that must pass after a password change before the user will be allowed to change the password again. The value of this attribute should be an integer followed by a unit of seconds, minutes, hours, days, or weeks. This setting can be used to prevent users from changing their passwords repeatedly over a short period of time to flush and old password from the history so that it may be re-used. Changes to this configuration attribute will take effect immediately. The value of this attribute should be an integer followed by a unit of seconds, minutes, hours, days, or weeks. This setting can be used to prevent users from changing their passwords repeatedly over a short period of time to flush and old password from the history so that it may be re-used. </adm:description> <adm:default-behavior> <adm:defined> @@ -489,21 +411,16 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="max-password-age" mandatory="false" multi-valued="false"> <adm:property name="max-password-age"> <adm:synopsis> Specifies the maximum length of time that a user may continue using the same password before it must be changed. using the same password before it must be changed (i.e., the password expiration interval). </adm:synopsis> <adm:description> Specifies the maximum length of time that a user may continue using the same password before it must be changed (i.e., the password expiration interval). The value of this attribute should be an integer followed by a unit of seconds, minutes, hours, days, or weeks. A value of 0 seconds will disable password expiration. Changes to this configuration attribute will take effect immediately. The value of this attribute should be an integer followed by a unit of seconds, minutes, hours, days, or weeks. A value of 0 seconds will disable password expiration. </adm:description> <adm:default-behavior> <adm:defined> @@ -519,22 +436,16 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="max-password-reset-age" mandatory="false" multi-valued="false"> <adm:property name="max-password-reset-age"> <adm:synopsis> Specifies the maximum length of time that users have to change passwords after they have been reset by an administrator before they become locked. </adm:synopsis> <adm:description> Specifies the maximum length of time that users have to change passwords after they have been reset by an administrator before they become locked. The value of this attribute should be an integer followed by a unit of seconds, minutes, hours, days, or weeks. A value of 0 seconds will disable this feature. Changes to this configuration attribute will take effect immediately. The value of this attribute should be an integer followed by a unit of seconds, minutes, hours, days, or weeks. A value of 0 seconds will disable this feature. </adm:description> <adm:default-behavior> <adm:defined> @@ -550,22 +461,16 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="password-expiration-warning-interval" mandatory="false" multi-valued="false"> <adm:property name="password-expiration-warning-interval"> <adm:synopsis> Specifies the maximum length of time before a user's password actually expires that the server will begin to include warning notifications in bind responses for that user. </adm:synopsis> <adm:description> Specifies the maximum length of time before a user's password actually expires that the server will begin to include warning notifications in bind responses for that user. The value of this attribute should be an integer followed by a unit of seconds, minutes, hours, days, or weeks. A value of 0 seconds will disable the warning interval. Changes to this configuration attribute will take effect immediately. The value of this attribute should be an integer followed by a unit of seconds, minutes, hours, days, or weeks. A value of 0 seconds will disable the warning interval. </adm:description> <adm:default-behavior> <adm:defined> @@ -583,23 +488,18 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="expire-passwords-without-warning" mandatory="false" multi-valued="false"> <adm:property name="expire-passwords-without-warning"> <adm:synopsis> Indicates whether the Directory Server should allow a user's password to expire even if that user has never seen an expiration warning notification. </adm:synopsis> <adm:description> Indicates whether the Directory Server should allow a user's password to expire even if that user has never seen an expiration warning notification. If this setting is enabled, then accounts will always be expired when the expiration time arrives. If it is disabled, then the user will always receive at least one warning notification, and the password expiration will be set to the warning time plus the warning interval. Changes to this configuration attribute will take effect immediately. If this setting is enabled, then accounts will always be expired when the expiration time arrives. If it is disabled, then the user will always receive at least one warning notification, and the password expiration will be set to the warning time plus the warning interval. </adm:description> <adm:default-behavior> <adm:defined> @@ -615,20 +515,12 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="allow-expired-password-changes" mandatory="false" multi-valued="false"> <adm:property name="allow-expired-password-changes"> <adm:synopsis> Indicates whether a user whose password is expired will still be allowed to change that password using the password modify extended operation. </adm:synopsis> <adm:description> Indicates whether a user whose password is expired will still be allowed to change that password using the password modify extended operation. Changes to this configuration attribute will take effect immediately. </adm:description> <adm:default-behavior> <adm:defined> <adm:value>false</adm:value> @@ -643,20 +535,14 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="grace-login-count" mandatory="false" multi-valued="false"> <adm:property name="grace-login-count"> <adm:synopsis> Specifies the number of grace logins that a user will be allowed after the account has expired to allow that user to choose a new password. </adm:synopsis> <adm:description> Specifies the number of grace logins that a user will be allowed after the account has expired to allow that user to choose a new password. A value of 0 indicates that no grace logins will be allowed. Changes to this configuration attribute will take effect immediately. A value of 0 indicates that no grace logins will be allowed. </adm:description> <adm:default-behavior> <adm:defined> @@ -672,19 +558,14 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="lockout-failure-count" mandatory="false" multi-valued="false"> <adm:property name="lockout-failure-count"> <adm:synopsis> Specifies the maximum number of authentication failures that a user should be allowed before the account is locked out. </adm:synopsis> <adm:description> Specifies the maximum number of authentication failures that a user should be allowed before the account is locked out. A value of 0 indicates that accounts should never be locked out due to failed attempts. changes to this configuration attribute will take effect immediately. A value of 0 indicates that accounts should never be locked out due to failed attempts. </adm:description> <adm:default-behavior> <adm:defined> @@ -700,21 +581,16 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="lockout-duration" mandatory="false" multi-valued="false"> <adm:property name="lockout-duration"> <adm:synopsis> Specifies the length of time that an account should be locked after too many authentication failures. </adm:synopsis> <adm:description> Specifies the length of time that an account should be locked after too many authentication failures. The value of this attribute should be an integer followed by a unit of seconds, minutes, hours, days, or weeks. A value of 0 seconds indicates that the account should remain locked until an administrator resets the password. Changes to this configuration attribute will take effect immediately. The value of this attribute should be an integer followed by a unit of seconds, minutes, hours, days, or weeks. A value of 0 seconds indicates that the account should remain locked until an administrator resets the password. </adm:description> <adm:default-behavior> <adm:defined> @@ -730,23 +606,18 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="lockout-failure-expiration-interval" mandatory="false" multi-valued="false"> <adm:property name="lockout-failure-expiration-interval"> <adm:synopsis> Specifies the length of time that should pass before an authentication failure is no longer counted against a user for the purposes of account lockout. </adm:synopsis> <adm:description> Specifies the length of time that should pass before an authentication failure is no longer counted against a user for the purposes of account lockout. The value of this attribute should be an integer followed by a unit of seconds, minutes, hours, days, or weeks. A value of 0 seconds indicates that the authentication failures should never expire. The failure count will always be cleared upon a successful authentication. Changes to this configuration attribute will take effect immediately. The value of this attribute should be an integer followed by a unit of seconds, minutes, hours, days, or weeks. A value of 0 seconds indicates that the authentication failures should never expire. The failure count will always be cleared upon a successful authentication. </adm:description> <adm:default-behavior> <adm:defined> @@ -764,23 +635,18 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="require-change-by-time" mandatory="false" multi-valued="false"> <adm:property name="require-change-by-time"> <adm:synopsis> Specifies the time by which all users with the associated password policy must change their passwords. </adm:synopsis> <adm:description> Specifies the time by which all users with the associated password policy must change their passwords. The value should be expressed in a generalized time format. If this time is equal to the current time or is in the past, then all users will be required to change their passwords immediately. The behavior of the server in this mode will be identical to the behavior observed when users are forced to change their passwords after an administrative reset. Changes to this configuration attribute will take effect immediately. The value should be expressed in a generalized time format. If this time is equal to the current time or is in the past, then all users will be required to change their passwords immediately. The behavior of the server in this mode will be identical to the behavior observed when users are forced to change their passwords after an administrative reset. </adm:description> <adm:default-behavior> <adm:undefined /> @@ -794,23 +660,17 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="last-login-time-attribute" mandatory="false" multi-valued="false"> <adm:property name="last-login-time-attribute"> <adm:synopsis> Specifies the name or OID of the attribute type that should be used to hold the last login time for users with the associated password policy. </adm:synopsis> <adm:description> Specifies the name or OID of the attribute type that should be used to hold the last login time for users with the associated password policy. This attribute type must be defined in the Directory Server schema and must either be defined as an operational attribute or must be allowed by the set of objectClasses for all users with the associated password policy. Changes to this configuration attribute will take effect immediately. This attribute type must be defined in the Directory Server schema and must either be defined as an operational attribute or must be allowed by the set of objectClasses for all users with the associated password policy. </adm:description> <adm:default-behavior> <adm:undefined /> @@ -824,21 +684,15 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="last-login-time-format" mandatory="false" multi-valued="false"> <adm:property name="last-login-time-format"> <adm:synopsis> Specifies the format string that should be used to generate the last login time value for users with the associated password policy. </adm:synopsis> <adm:description> Specifies the format string that should be used to generate the last login time value for users with the associated password policy. This format string should conform to the syntax described in the API documentation for the java.text.SimpleDateFormat class. Changes to this configuration attribute will take effect immediately. This format string should conform to the syntax described in the API documentation for the java.text.SimpleDateFormat class. </adm:description> <adm:default-behavior> <adm:undefined /> @@ -852,8 +706,7 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="previous-last-login-time-format" mandatory="false" <adm:property name="previous-last-login-time-format" multi-valued="true"> <adm:synopsis> Specifies the format string(s) that may have been used with the @@ -861,14 +714,10 @@ the password policy. </adm:synopsis> <adm:description> Specifies the format string(s) that may have been used with the last login time at any point in the past for users associated with the password policy. These values are used to make it possible to parse previous values, but will not be used to set new values. These format strings should conform to the syntax described in the API documentation for the java.text.SimpleDateFormat class. Changes to this configuration attribute will take effect immediately. These values are used to make it possible to parse previous values, but will not be used to set new values. These format strings should conform to the syntax described in the API documentation for the java.text.SimpleDateFormat class. </adm:description> <adm:default-behavior> <adm:undefined /> @@ -882,24 +731,18 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="idle-lockout-interval" mandatory="false" multi-valued="false"> <adm:property name="idle-lockout-interval"> <adm:synopsis> Specifies the maximum length of time that an account may remain idle (i.e., the associated user does not authenticate to the server) before that user is locked out. </adm:synopsis> <adm:description> Specifies the maximum length of time that an account may remain idle (i.e., the associated user does not authenticate to the server) before that user is locked out. The value of this attribute should be an integer followed by a unit of seconds, minutes, hours, days, or weeks. A value of 0 seconds indicates that idle accounts should not automatically be locked out. This feature will only be available if the last login time is maintained. Changes to this configuration attribute will take effect immediately. The value of this attribute should be an integer followed by a unit of seconds, minutes, hours, days, or weeks. A value of 0 seconds indicates that idle accounts should not automatically be locked out. This feature will only be available if the last login time is maintained. </adm:description> <adm:default-behavior> <adm:defined> @@ -915,20 +758,22 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="state-update-failure-policy" mandatory="false" multi-valued="false"> <adm:property name="state-update-failure-policy" advanced="true"> <adm:synopsis> Specifies how the server should deal with the inability to update password policy state information during an authentication attempt. In particular, it may be used to control whether an otherwise successful bind operation should fail if a failure occurs while attempting to update password policy state information (e.g., to clear a record of previous authentication failures or to update the last login time), or even whether to reject a bind request if it is known ahead of time that it will not be possible to update the authentication failure times in the event of an unsuccessful bind attempt (e.g., if the backend writability mode is disabled). Specifies how the server should deal with the inability to update password policy state information during an authentication attempt. </adm:synopsis> <adm:description> In particular, it may be used to control whether an otherwise successful bind operation should fail if a failure occurs while attempting to update password policy state information (e.g., to clear a record of previous authentication failures or to update the last login time), or even whether to reject a bind request if it is known ahead of time that it will not be possible to update the authentication failure times in the event of an unsuccessful bind attempt (e.g., if the backend writability mode is disabled). </adm:description> <adm:default-behavior> <adm:defined> <adm:value>reactive</adm:value> @@ -938,23 +783,23 @@ <adm:enumeration> <adm:value name="ignore"> <adm:synopsis> If a bind attempt would otherwise be successful, then do not reject it if a problem occurs while attempting to update the password policy state information for the user. If a bind attempt would otherwise be successful, then do not reject it if a problem occurs while attempting to update the password policy state information for the user. </adm:synopsis> </adm:value> <adm:value name="reactive"> <adm:synopsis> Even if a bind attempt would otherwise be successful, reject it if a problem occurs while attempting to update the password policy state information for the user. Even if a bind attempt would otherwise be successful, reject it if a problem occurs while attempting to update the password policy state information for the user. </adm:synopsis> </adm:value> <adm:value name="proactive"> <adm:synopsis> Proactively reject any bind attempt if it is known ahead of time that it would not be possible to update the user's password policy state information. Proactively reject any bind attempt if it is known ahead of time that it would not be possible to update the user's password policy state information. </adm:synopsis> </adm:value> </adm:enumeration> @@ -965,19 +810,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="password-history-count" mandatory="false" multi-valued="false"> <adm:property name="password-history-count"> <adm:synopsis> Specifies the maximum number of former passwords to maintain in the password history. When choosing a new password, the proposed password will be checked to ensure that it does not match the current password, nor any other password in the history list. A value of zero indicates that either no password history is to be maintained (if the password history duration has a value of zero seconds), or that there is no maximum number of passwords to maintain in the history (if the password history duration has a value greater than zero seconds). Specifies the maximum number of former passwords to maintain in the password history. </adm:synopsis> <adm:description> When choosing a new password, the proposed password will be checked to ensure that it does not match the current password, nor any other password in the history list. A value of zero indicates that either no password history is to be maintained (if the password history duration has a value of zero seconds), or that there is no maximum number of passwords to maintain in the history (if the password history duration has a value greater than zero seconds). </adm:description> <adm:default-behavior> <adm:defined> <adm:value>0</adm:value> @@ -992,27 +839,28 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="password-history-duration" mandatory="false" multi-valued="false"> <adm:property name="password-history-duration"> <adm:synopsis> Specifies the maximum length of time that passwords should remain in the password history. When choosing a new password, the proposed password will be checked to ensure that it does not match the current password, nor any other password in the history list. A value of zero seconds indicates that either no password history is to be maintained (if the password history count has a value of zero), or that there is no maximum duration for passwords in the history (if the password history count has a value greater than zero). Specifies the maximum length of time that passwords should remain in the password history. </adm:synopsis> <adm:description> When choosing a new password, the proposed password will be checked to ensure that it does not match the current password, nor any other password in the history list. A value of zero seconds indicates that either no password history is to be maintained (if the password history count has a value of zero), or that there is no maximum duration for passwords in the history (if the password history count has a value greater than zero). </adm:description> <adm:default-behavior> <adm:defined> <adm:value>0 seconds</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> <adm:duration base-unit="s" lower-limit="0" upper-limit="2147483647" allow-unlimited="false" /> <adm:duration base-unit="s" lower-limit="0" upper-limit="2147483647" allow-unlimited="false" /> </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> @@ -1020,6 +868,4 @@ </ldap:attribute> </adm:profile> </adm:property> </adm:managed-object>
@@ -25,29 +25,25 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="password-policy-import-plugin" plural-name="password-policy-import-plugins" package="org.opends.server.admin.std" extends="plugin" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> is used to ensure that clear-text passwords contained in LDIF entries are properly encoded before they are stored in the appropriate Directory Server backend. is used to ensure that clear-text passwords contained in LDIF entries are properly encoded before they are stored in the appropriate Directory Server backend. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-password-policy-import-plugin</ldap:name> <ldap:superior>ds-cfg-plugin</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -56,16 +52,21 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property-override name="plugin-type"> <adm:property-override name="plugin-type" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value>ldifimport</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="default-user-password-storage-scheme" mandatory="false" <adm:property-override name="invoke-for-internal-operations"> <adm:default-behavior> <adm:defined> <adm:value>false</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="default-user-password-storage-scheme" multi-valued="true"> <adm:synopsis> Specifies the names of the password storage schemes that will be @@ -77,15 +78,16 @@ <adm:default-behavior> <adm:alias> <adm:synopsis> If the default password policy uses the attribute with the user password syntax, then the server will use the default password storage schemes for that password policy. Otherwise, it will encode user password values using the "SSHA" scheme. If the default password policy uses the attribute with the user password syntax, then the server will use the default password storage schemes for that password policy. Otherwise, it will encode user password values using the "SSHA" scheme. </adm:synopsis> </adm:alias> </adm:default-behavior> <adm:syntax> <adm:aggregation relation-name="password-storage-scheme" parent-path="/"> <adm:aggregation relation-name="password-storage-scheme" parent-path="/"> <adm:target-needs-enabling-condition> <adm:contains property="enabled" value="true" /> </adm:target-needs-enabling-condition> @@ -96,12 +98,13 @@ </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> <ldap:name>ds-cfg-default-user-password-storage-scheme</ldap:name> <ldap:name> ds-cfg-default-user-password-storage-scheme </ldap:name> </ldap:attribute> </adm:profile> </adm:property> <adm:property name="default-auth-password-storage-scheme" mandatory="false" <adm:property name="default-auth-password-storage-scheme" multi-valued="true"> <adm:synopsis> Specifies the names of password storage schemes that will be used @@ -114,14 +117,15 @@ <adm:alias> <adm:synopsis> If the default password policy uses an attribute with the auth password syntax, then the server will use the default password storage schemes for that password policy. Otherwise, it will encode auth password values using the "SHA1" scheme. password syntax, then the server will use the default password storage schemes for that password policy. Otherwise, it will encode auth password values using the "SHA1" scheme. </adm:synopsis> </adm:alias> </adm:default-behavior> <adm:syntax> <adm:aggregation relation-name="password-storage-scheme" parent-path="/"> <adm:aggregation relation-name="password-storage-scheme" parent-path="/"> <adm:target-needs-enabling-condition> <adm:contains property="enabled" value="true" /> </adm:target-needs-enabling-condition> @@ -132,10 +136,10 @@ </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> <ldap:name>ds-cfg-default-auth-password-storage-scheme</ldap:name> <ldap:name> ds-cfg-default-auth-password-storage-scheme </ldap:name> </ldap:attribute> </adm:profile> </adm:property> </adm:managed-object>
@@ -25,7 +25,6 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="password-policy-state-extended-operation-handler" plural-name="password-policy-state-extended-operation-handlers" @@ -33,13 +32,12 @@ extends="extended-operation-handler" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> provides the ability for administrators to request and optionally alter password policy state information for a specified user. The <adm:user-friendly-name /> provides the ability for administrators to request and optionally alter password policy state information for a specified user. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name> @@ -48,8 +46,7 @@ <ldap:superior>ds-cfg-extended-operation-handler</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -58,6 +55,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,29 +25,22 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="password-storage-scheme" <adm:managed-object name="password-storage-scheme" plural-name="password-storage-schemes" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap" > xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-name /> defines a module that implements a password storage scheme. </adm:synopsis> <adm:tag name="user-management"/> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-password-storage-scheme</ldap:name> <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="enabled" mandatory="true"> <adm:synopsis> Indicate whether the @@ -63,7 +56,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="java-class" mandatory="true"> <adm:synopsis> The fully-qualified name of the Java class that provides the @@ -83,5 +75,4 @@ </ldap:attribute> </adm:profile> </adm:property> </adm:managed-object> opends/src/admin/defn/org/opends/server/admin/std/PasswordValidatorConfiguration.xml
@@ -25,15 +25,15 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="password-validator" plural-name="password-validators" <adm:managed-object name="password-validator" plural-name="password-validators" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-plural-name /> are responsible for determining whether proposed passwords are acceptable for use. are responsible for determining whether proposed passwords are acceptable for use. </adm:synopsis> <adm:tag name="user-management"/> <adm:profile name="ldap"> @@ -77,4 +77,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,7 +25,6 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="plain-sasl-mechanism-handler" plural-name="plain-sasl-mechanism-handlers" package="org.opends.server.admin.std" extends="sasl-mechanism-handler" @@ -34,7 +33,8 @@ <adm:synopsis> The <adm:user-friendly-name /> is used to perform all processing related to SASL PLAIN authentication. is used to perform all processing related to SASL PLAIN authentication. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> @@ -42,7 +42,7 @@ <ldap:superior>ds-cfg-sasl-mechanism-handler</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -74,4 +74,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,30 +25,24 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="plugin" plural-name="plugins" package="org.opends.server.admin.std" abstract="false" <adm:managed-object name="plugin" plural-name="plugins" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-plural-name /> provide a mechanism for executing custom code at specified points in operation processing and in the course of other events like connection establishment and termination, server startup and shutdown, and LDIF import and export. operation processing and in the course of other events like connection establishment and termination, server startup and shutdown, and LDIF import and export. </adm:synopsis> <adm:tag name="core"/> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-plugin</ldap:name> <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="enabled" mandatory="true"> <adm:synopsis> Indicate whether the @@ -83,12 +77,11 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-type" mandatory="true" multi-valued="true"> <adm:property name="plugin-type" mandatory="true" multi-valued="true"> <adm:synopsis> The plugin types, which define the conditions under which this plugin should be invoked. The plugin must be disabled and re-enabled for plugin type changes to take effect. The plugin types, which define the conditions under which this plugin should be invoked. </adm:synopsis> <adm:requires-admin-action> <adm:component-restart /> @@ -107,13 +100,14 @@ </adm:value> <adm:value name="postconnect"> <adm:synopsis> Invoked whenever a new connection is established to the server. Invoked whenever a new connection is established to the server. </adm:synopsis> </adm:value> <adm:value name="postdisconnect"> <adm:synopsis> Invoked whenever an existing connection is terminated (by either the client or the server). Invoked whenever an existing connection is terminated (by either the client or the server). </adm:synopsis> </adm:value> <adm:value name="ldifimport"> @@ -123,7 +117,8 @@ </adm:value> <adm:value name="ldifexport"> <adm:synopsis> Invoked for each operation to be written during an LDIF export. Invoked for each operation to be written during an LDIF export. </adm:synopsis> </adm:value> <adm:value name="preparseabandon"> @@ -223,8 +218,8 @@ </adm:value> <adm:value name="postoperationadd"> <adm:synopsis> Invoked after completing the core add processing but before sending the response to the client. Invoked after completing the core add processing but before sending the response to the client. </adm:synopsis> </adm:value> <adm:value name="postoperationbind"> @@ -235,38 +230,38 @@ </adm:value> <adm:value name="postoperationcompare"> <adm:synopsis> Invoked after completing the core compare processing but before sending the response to the client. Invoked after completing the core compare processing but before sending the response to the client. </adm:synopsis> </adm:value> <adm:value name="postoperationdelete"> <adm:synopsis> Invoked after completing the core delete processing but before sending the response to the client. Invoked after completing the core delete processing but before sending the response to the client. </adm:synopsis> </adm:value> <adm:value name="postoperationextended"> <adm:synopsis> Invoked after completing the core extended processing but before sending the response to the client. Invoked after completing the core extended processing but before sending the response to the client. </adm:synopsis> </adm:value> <adm:value name="postoperationmodify"> <adm:synopsis> Invoked after completing the core modify processing but before sending the response to the client. Invoked after completing the core modify processing but before sending the response to the client. </adm:synopsis> </adm:value> <adm:value name="postoperationmodifydn"> <adm:synopsis> Invoked after completing the core modify DN processing but before sending the response to the client. Invoked after completing the core modify DN processing but before sending the response to the client. </adm:synopsis> </adm:value> <adm:value name="postoperationsearch"> <adm:synopsis> Invoked after completing the core search processing but before sending the response to the client. Invoked after completing the core search processing but before sending the response to the client. </adm:synopsis> </adm:value> <adm:value name="postoperationunbind"> @@ -311,31 +306,32 @@ </adm:value> <adm:value name="postresponsesearch"> <adm:synopsis> Invoked after sending the search result done message to the client. Invoked after sending the search result done message to the client. </adm:synopsis> </adm:value> <adm:value name="postsynchronizationadd"> <adm:synopsis> Invoked after completing post-synchronization processing for an add operation. Invoked after completing post-synchronization processing for an add operation. </adm:synopsis> </adm:value> <adm:value name="postsynchronizationdelete"> <adm:synopsis> Invoked after completing post-synchronization processing for a delete operation. Invoked after completing post-synchronization processing for a delete operation. </adm:synopsis> </adm:value> <adm:value name="postsynchronizationmodify"> <adm:synopsis> Invoked after completing post-synchronization processing for a modify operation. Invoked after completing post-synchronization processing for a modify operation. </adm:synopsis> </adm:value> <adm:value name="postsynchronizationmodifydn"> <adm:synopsis> Invoked after completing post-synchronization processing for a modify DN operation. Invoked after completing post-synchronization processing for a modify DN operation. </adm:synopsis> </adm:value> <adm:value name="searchresultentry"> @@ -345,19 +341,20 @@ </adm:value> <adm:value name="searchresultreference"> <adm:synopsis> Invoked before sending a search result reference to the client. Invoked before sending a search result reference to the client. </adm:synopsis> </adm:value> <adm:value name="subordinatemodifydn"> <adm:synopsis> Invoked in the course of moving or renaming an entry subordinate to the target of a modify DN operation. Invoked in the course of moving or renaming an entry subordinate to the target of a modify DN operation. </adm:synopsis> </adm:value> <adm:value name="intermediateresponse"> <adm:synopsis> Invoked before sending an intermediate repsonse message to the client. Invoked before sending an intermediate repsonse message to the client. </adm:synopsis> </adm:value> </adm:enumeration> @@ -368,14 +365,17 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="invoke-for-internal-operations" mandatory="false"> <adm:property name="invoke-for-internal-operations" advanced="true"> <adm:synopsis> Indicates whether the plugin should be invoked for internal operations. Note that any plugin which may be invoked for internal operations should be careful to ensure that they do not create any new internal operatons that can cause the same plugin to be re-invoked. Indicates whether the plugin should be invoked for internal operations. </adm:synopsis> <adm:description> Note that any plugin which may be invoked for internal operations should be careful to ensure that they do not create any new internal operatons that can cause the same plugin to be re-invoked. </adm:description> <adm:default-behavior> <adm:defined> <adm:value>true</adm:value> @@ -390,6 +390,4 @@ </ldap:attribute> </adm:profile> </adm:property> </adm:managed-object>
@@ -25,36 +25,32 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="plugin-root" plural-name="plugin-roots" package="org.opends.server.admin.std" abstract="false" <adm:managed-object name="plugin-root" plural-name="plugin-roots" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap" xmlns:cli="http://www.opends.org/admin-cli"> <adm:synopsis> The <adm:user-friendly-name /> defines the parent entry for all plugins defined in the server. It may also include configuration attributes that define the order in which those plugins should be loaded and invoked. defines the parent entry for all plugins defined in the server. </adm:synopsis> <adm:description> It may also include configuration attributes that define the order in which those plugins should be loaded and invoked. </adm:description> <adm:tag name="core"/> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-plugin-root</ldap:name> <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:relation name="plugin"> <adm:one-to-many /> <adm:profile name="ldap"> <ldap:rdn-sequence /> <ldap:naming-attribute> cn </ldap:naming-attribute> <ldap:naming-attribute>cn</ldap:naming-attribute> </adm:profile> <adm:profile name="cli"> <cli:relation> @@ -62,21 +58,20 @@ </cli:relation> </adm:profile> </adm:relation> <adm:property name="plugin-order-startup" mandatory="false"> <adm:property name="plugin-order-startup"> <adm:synopsis> Specifies the order in which startup plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which startup plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which startup plugins are loaded and invoked will be undefined. The order in which startup plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -89,21 +84,20 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-shutdown" mandatory="false"> <adm:property name="plugin-order-shutdown"> <adm:synopsis> Specifies the order in which shutdown plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which shutdown plugins are loaded and invoked will be undefined. The order in which shutdown plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -116,21 +110,20 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-post-connect" mandatory="false"> <adm:property name="plugin-order-post-connect"> <adm:synopsis> Specifies the order in which post-connect plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which post-connect plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which post-connect plugins are loaded and invoked will be undefined. The order in which post-connect plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -143,21 +136,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-post-disconnect" mandatory="false"> <adm:property name="plugin-order-post-disconnect"> <adm:synopsis> Specifies the order in which post-disconnect plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which post-disconnect plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which post-disconnect plugins are loaded and invoked will be undefined. The order in which post-disconnect plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -170,21 +163,20 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-ldif-import" mandatory="false"> <adm:property name="plugin-order-ldif-import"> <adm:synopsis> Specifies the order in which LDIF import plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which LDIF import plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which LDIF import plugins are loaded and invoked will be undefined. The order in which LDIF import plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -197,21 +189,20 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-ldif-export" mandatory="false"> <adm:property name="plugin-order-ldif-export"> <adm:synopsis> Specifies the order in which LDIF export plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which LDIF export plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which LDIF export plugins are loaded and invoked will be undefined. The order in which LDIF export plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -224,21 +215,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-pre-parse-abandon" mandatory="false"> <adm:property name="plugin-order-pre-parse-abandon"> <adm:synopsis> Specifies the order in which pre-parse abandon plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which pre-parse abandon plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which pre-parse abandon plugins are loaded and invoked will be undefined. The order in which pre-parse abandon plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -251,21 +242,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-pre-parse-add" mandatory="false"> <adm:property name="plugin-order-pre-parse-add"> <adm:synopsis> Specifies the order in which pre-parse add plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which pre-parse add plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which pre-parse add plugins are loaded and invoked will be undefined. The order in which pre-parse add plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -278,21 +269,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-pre-parse-bind" mandatory="false"> <adm:property name="plugin-order-pre-parse-bind"> <adm:synopsis> Specifies the order in which pre-parse bind plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which pre-parse bind plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which pre-parse bind plugins are loaded and invoked will be undefined. The order in which pre-parse bind plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -305,21 +296,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-pre-parse-compare" mandatory="false"> <adm:property name="plugin-order-pre-parse-compare"> <adm:synopsis> Specifies the order in which pre-parse compare plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which pre-parse compare plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which pre-parse compare plugins are loaded and invoked will be undefined. The order in which pre-parse compare plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -332,21 +323,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-pre-parse-delete" mandatory="false"> <adm:property name="plugin-order-pre-parse-delete"> <adm:synopsis> Specifies the order in which pre-parse delete plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which pre-parse delete plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which pre-parse delete plugins are loaded and invoked will be undefined. The order in which pre-parse delete plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -359,21 +350,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-pre-parse-extended" mandatory="false"> <adm:property name="plugin-order-pre-parse-extended"> <adm:synopsis> Specifies the order in which pre-parse extended operation plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which pre-parse extended operation plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which pre-parse extended operation plugins are loaded and invoked will be undefined. The order in which pre-parse extended operation plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -386,21 +377,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-pre-parse-modify" mandatory="false"> <adm:property name="plugin-order-pre-parse-modify"> <adm:synopsis> Specifies the order in which pre-parse modify plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which pre-parse modify plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which pre-parse modify plugins are loaded and invoked will be undefined. The order in which pre-parse modify plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -413,21 +404,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-pre-parse-modify-dn" mandatory="false"> <adm:property name="plugin-order-pre-parse-modify-dn"> <adm:synopsis> Specifies the order in which pre-parse modify DN plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which pre-parse modify DN plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which pre-parse modify DN plugins are loaded and invoked will be undefined. The order in which pre-parse modify DN plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -440,21 +431,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-pre-parse-search" mandatory="false"> <adm:property name="plugin-order-pre-parse-search"> <adm:synopsis> Specifies the order in which pre-parse search plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which pre-parse search plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which pre-parse search plugins are loaded and invoked will be undefined. The order in which pre-parse search plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -467,21 +458,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-pre-parse-unbind" mandatory="false"> <adm:property name="plugin-order-pre-parse-unbind"> <adm:synopsis> Specifies the order in which pre-parse unbind plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which pre-parse unbind plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which pre-parse unbind plugins are loaded and invoked will be undefined. The order in which pre-parse unbind plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -494,21 +485,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-pre-operation-add" mandatory="false"> <adm:property name="plugin-order-pre-operation-add"> <adm:synopsis> Specifies the order in which pre-operation add plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which pre-operation add plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which pre-operation add plugins are loaded and invoked will be undefined. The order in which pre-operation add plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -521,21 +512,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-pre-operation-bind" mandatory="false"> <adm:property name="plugin-order-pre-operation-bind"> <adm:synopsis> Specifies the order in which pre-operation bind plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which pre-operation bind plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which pre-operation bind plugins are loaded and invoked will be undefined. The order in which pre-operation bind plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -548,21 +539,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-pre-operation-compare" mandatory="false"> <adm:property name="plugin-order-pre-operation-compare"> <adm:synopsis> Specifies the order in which pre-operation compare plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which pre-operation compare plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which pre-operation compare plugins are loaded and invoked will be undefined. The order in which pre-operation compare plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -575,15 +566,15 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-pre-operation-delete" mandatory="false"> <adm:property name="plugin-order-pre-operation-delete"> <adm:synopsis> Specifies the order in which pre-operation delete plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which pre-operation delete plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> @@ -602,21 +593,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-pre-operation-extended" mandatory="false"> <adm:property name="plugin-order-pre-operation-extended"> <adm:synopsis> Specifies the order in which pre-operation extended operation plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which pre-operation extended operation plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which pre-operation extended operation plugins are loaded and invoked will be undefined. The order in which pre-operation extended operation plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -625,25 +616,27 @@ </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> <ldap:name>ds-cfg-plugin-order-pre-operation-extended</ldap:name> <ldap:name> ds-cfg-plugin-order-pre-operation-extended </ldap:name> </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-pre-operation-modify" mandatory="false"> <adm:property name="plugin-order-pre-operation-modify"> <adm:synopsis> Specifies the order in which pre-operation modify plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which pre-operation modify plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which pre-operation modify plugins are loaded and invoked will be undefined. The order in which pre-operation modify plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -656,21 +649,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-pre-operation-modify-dn" mandatory="false"> <adm:property name="plugin-order-pre-operation-modify-dn"> <adm:synopsis> Specifies the order in which pre-operation modify DN plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which pre-operation modify DN plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which pre-operation modify DN plugins are loaded and invoked will be undefined. The order in which pre-operation modify DN plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -679,25 +672,27 @@ </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> <ldap:name>ds-cfg-plugin-order-pre-operation-modify-dn</ldap:name> <ldap:name> ds-cfg-plugin-order-pre-operation-modify-dn </ldap:name> </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-pre-operation-search" mandatory="false"> <adm:property name="plugin-order-pre-operation-search"> <adm:synopsis> Specifies the order in which pre-operation search plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which pre-operation search plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which pre-operation searc plugins are loaded and invoked will be undefined. The order in which pre-operation searc plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -710,21 +705,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-post-operation-abandon" mandatory="false"> <adm:property name="plugin-order-post-operation-abandon"> <adm:synopsis> Specifies the order in which post-operation abandon plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which post-operation abandon plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which post-operation abandon plugins are loaded and invoked will be undefined. The order in which post-operation abandon plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -733,25 +728,27 @@ </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> <ldap:name>ds-cfg-plugin-order-post-operation-abandon</ldap:name> <ldap:name> ds-cfg-plugin-order-post-operation-abandon </ldap:name> </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-post-operation-add" mandatory="false"> <adm:property name="plugin-order-post-operation-add"> <adm:synopsis> Specifies the order in which post-operation add plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which post-operation add plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which post-operation add plugins are loaded and invoked will be undefined. The order in which post-operation add plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -764,21 +761,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-post-operation-bind" mandatory="false"> <adm:property name="plugin-order-post-operation-bind"> <adm:synopsis> Specifies the order in which post-operation bind plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which post-operation bind plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which post-operation bind plugins are loaded and invoked will be undefined. The order in which post-operation bind plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -791,21 +788,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-post-operation-compare" mandatory="false"> <adm:property name="plugin-order-post-operation-compare"> <adm:synopsis> Specifies the order in which post-operation compare plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which post-operation compare plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which post-operation compare plugins are loaded and invoked will be undefined. The order in which post-operation compare plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -814,25 +811,27 @@ </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> <ldap:name>ds-cfg-plugin-order-post-operation-compare</ldap:name> <ldap:name> ds-cfg-plugin-order-post-operation-compare </ldap:name> </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-post-operation-delete" mandatory="false"> <adm:property name="plugin-order-post-operation-delete"> <adm:synopsis> Specifies the order in which post-operation delete plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which post-operation delete plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which post-operation delete plugins are loaded and invoked will be undefined. The order in which post-operation delete plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -845,21 +844,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-post-operation-extended" mandatory="false"> <adm:property name="plugin-order-post-operation-extended"> <adm:synopsis> Specifies the order in which post-operation extended operation plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which post-operation extended operation plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which post-operation extended operation plugins are loaded and invoked will be undefined. The order in which post-operation extended operation plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -868,25 +867,27 @@ </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> <ldap:name>ds-cfg-plugin-order-post-operation-extended</ldap:name> <ldap:name> ds-cfg-plugin-order-post-operation-extended </ldap:name> </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-post-operation-modify" mandatory="false"> <adm:property name="plugin-order-post-operation-modify"> <adm:synopsis> Specifies the order in which post-operation modify plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which post-operation modify plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which post-operation modify plugins are loaded and invoked will be undefined. The order in which post-operation modify plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -899,21 +900,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-post-operation-modify-dn" mandatory="false"> <adm:property name="plugin-order-post-operation-modify-dn"> <adm:synopsis> Specifies the order in which post-operation modify DN plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which post-operation modify DN plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which post-operation modify DN plugins are loaded and invoked will be undefined. The order in which post-operation modify DN plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -922,25 +923,27 @@ </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> <ldap:name>ds-cfg-plugin-order-post-operation-modify-dn</ldap:name> <ldap:name> ds-cfg-plugin-order-post-operation-modify-dn </ldap:name> </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-post-operation-search" mandatory="false"> <adm:property name="plugin-order-post-operation-search"> <adm:synopsis> Specifies the order in which post-operation search plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which post-operation search plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which post-operation search plugins are loaded and invoked will be undefined. The order in which post-operation search plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -953,21 +956,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-post-operation-unbind" mandatory="false"> <adm:property name="plugin-order-post-operation-unbind"> <adm:synopsis> Specifies the order in which post-operation unbind plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which post-operation unbind plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which post-operation unbind plugins are loaded and invoked will be undefined. The order in which post-operation unbind plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -980,21 +983,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-post-response-add" mandatory="false"> <adm:property name="plugin-order-post-response-add"> <adm:synopsis> Specifies the order in which post-response add plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which post-response add plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which post-response add plugins are loaded and invoked will be undefined. The order in which post-response add plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -1007,15 +1010,15 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-post-response-bind" mandatory="false"> <adm:property name="plugin-order-post-response-bind"> <adm:synopsis> Specifies the order in which post-response bind plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which post-response bind plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> @@ -1034,21 +1037,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-post-response-compare" mandatory="false"> <adm:property name="plugin-order-post-response-compare"> <adm:synopsis> Specifies the order in which post-response compare plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which post-response compare plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which post-response compare plugins are loaded and invoked will be undefined. The order in which post-response compare plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -1061,21 +1064,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-post-response-delete" mandatory="false"> <adm:property name="plugin-order-post-response-delete"> <adm:synopsis> Specifies the order in which post-response delete plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which post-response delete plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which post-response delete plugins are loaded and invoked will be undefined. The order in which post-response delete plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -1088,21 +1091,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-post-response-extended" mandatory="false"> <adm:property name="plugin-order-post-response-extended"> <adm:synopsis> Specifies the order in which post-response extended operation plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which post-response extended operation plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which post-response extended operation plugins are loaded and invoked will be undefined. The order in which post-response extended operation plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -1111,25 +1114,27 @@ </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> <ldap:name>ds-cfg-plugin-order-post-response-extended</ldap:name> <ldap:name> ds-cfg-plugin-order-post-response-extended </ldap:name> </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-post-response-modify" mandatory="false"> <adm:property name="plugin-order-post-response-modify"> <adm:synopsis> Specifies the order in which post-response modify plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which post-response modify plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which post-response modify plugins are loaded and invoked will be undefined. The order in which post-response modify plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -1142,131 +1147,20 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-post-response-modify-dn" mandatory="false"> <adm:property name="plugin-order-post-response-modify-dn"> <adm:synopsis> Specifies the order in which post-response modify DN plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which post-response modify DN plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which post-response modify DN plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> <adm:syntax> <adm:string /> </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> <ldap:name>ds-cfg-plugin-order-post-response-modify-dn</ldap:name> </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-post-synchronization-add" mandatory="false"> <adm:synopsis> Specifies the order in which post-synchronization add plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which post-synchronization add plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> <adm:syntax> <adm:string /> </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> <ldap:name>ds-cfg-plugin-order-post-synchronization-add</ldap:name> </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-post-synchronization-delete" mandatory="false"> <adm:synopsis> Specifies the order in which post-synchronization delete plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which post-synchronization delete plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> <adm:syntax> <adm:string /> </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> <ldap:name>ds-cfg-plugin-order-post-synchronization-delete</ldap:name> </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-post-synchronization-modify" mandatory="false"> <adm:synopsis> Specifies the order in which post-synchronization modify plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which post-synchronization modify plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> <adm:syntax> <adm:string /> </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> <ldap:name>ds-cfg-plugin-order-post-synchronization-modify</ldap:name> </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-post-synchronization-modify-dn" mandatory="false"> <adm:synopsis> Specifies the order in which post-synchronization modify DN plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which post-synchronization modify DN plugins are loaded The order in which post-response modify DN plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> @@ -1277,26 +1171,142 @@ <adm:profile name="ldap"> <ldap:attribute> <ldap:name> ds-cfg-plugin-order-post-response-modify-dn </ldap:name> </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-post-synchronization-add"> <adm:synopsis> Specifies the order in which post-synchronization add plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which post-synchronization add plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> <adm:syntax> <adm:string /> </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> <ldap:name> ds-cfg-plugin-order-post-synchronization-add </ldap:name> </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-post-synchronization-delete"> <adm:synopsis> Specifies the order in which post-synchronization delete plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which post-synchronization delete plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> <adm:syntax> <adm:string /> </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> <ldap:name> ds-cfg-plugin-order-post-synchronization-delete </ldap:name> </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-post-synchronization-modify"> <adm:synopsis> Specifies the order in which post-synchronization modify plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which post-synchronization modify plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> <adm:syntax> <adm:string /> </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> <ldap:name> ds-cfg-plugin-order-post-synchronization-modify </ldap:name> </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-post-synchronization-modify-dn"> <adm:synopsis> Specifies the order in which post-synchronization modify DN plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which post-synchronization modify DN plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> <adm:syntax> <adm:string /> </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> <ldap:name> ds-cfg-plugin-order-post-synchronization-modify-dn </ldap:name> </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-post-response-search" mandatory="false"> <adm:property name="plugin-order-post-response-search"> <adm:synopsis> Specifies the order in which post-response search plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which post-response search plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which post-response search plugins are loaded and invoked will be undefined. The order in which post-response search plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -1309,21 +1319,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-search-result-entry" mandatory="false"> <adm:property name="plugin-order-search-result-entry"> <adm:synopsis> Specifies the order in which search result entry plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which search result entry plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which search result entry plugins are loaded and invoked will be undefined. The order in which search result entry plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -1336,21 +1346,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-search-result-reference" mandatory="false"> <adm:property name="plugin-order-search-result-reference"> <adm:synopsis> Specifies the order in which search result reference plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which search result reference plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which search result reference plugins are loaded and invoked will be undefined. The order in which search result reference plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -1359,25 +1369,27 @@ </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> <ldap:name>ds-cfg-plugin-order-search-result-reference</ldap:name> <ldap:name> ds-cfg-plugin-order-search-result-reference </ldap:name> </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-subordinate-modify-dn" mandatory="false"> <adm:property name="plugin-order-subordinate-modify-dn"> <adm:synopsis> Specifies the order in which subordinate modify DN plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which subordinate modify DN plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which subordinate modify DN plugins are loaded and invoked will be undefined. The order in which subordinate modify DN plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -1390,21 +1402,21 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="plugin-order-intermediate-response" mandatory="false"> <adm:property name="plugin-order-intermediate-response"> <adm:synopsis> Specifies the order in which intermediate response plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). Specifies the order in which intermediate response plugins should be loaded and invoked. The value should be a comma-delimited list of plugin names (where the plugin name is the RDN value from the plugin configuration entry DN). The list may include at most one asterisk to indicate the position of any unspecified plugin (and the relative order of those unspecified plugins will be undefined). </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The order in which intermediate response plugins are loaded and invoked will be undefined. The order in which intermediate response plugins are loaded and invoked will be undefined. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -1417,6 +1429,4 @@ </ldap:attribute> </adm:profile> </adm:property> </adm:managed-object>
@@ -25,17 +25,15 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="profiler-plugin" plural-name="profiler-plugins" package="org.opends.server.admin.std" extends="plugin" xmlns:adm="http://www.opends.org/admin" plural-name="profiler-plugins" package="org.opends.server.admin.std" extends="plugin" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> is used to capture profiling information about operations performed inside the JVM while the Directory Server is running. is used to capture profiling information about operations performed inside the JVM while the Directory Server is running. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> @@ -43,7 +41,7 @@ <ldap:superior>ds-cfg-plugin</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -52,22 +50,33 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property-override name="plugin-type"> <adm:property-override name="plugin-type" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value>startup</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property-override name="invoke-for-internal-operations"> <adm:default-behavior> <adm:defined> <adm:value>false</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="profile-sample-interval" mandatory="true"> <adm:synopsis> Specifies the profiler sample interval. </adm:synopsis> <adm:description> Specifies the sample interval that should be used when capturing profiling information in the server. Changes to this configuration attribute will take effect the next time the profiler is started. </adm:description> profiling information in the server. </adm:synopsis> <adm:requires-admin-action> <adm:none> <adm:synopsis> Changes to this configuration attribute will take effect the next time the profiler is started. </adm:synopsis> </adm:none> </adm:requires-admin-action> <adm:syntax> <adm:duration lower-limit="1" base-unit="ms" /> </adm:syntax> @@ -79,13 +88,12 @@ </adm:property> <adm:property name="profile-directory" mandatory="true"> <adm:synopsis> Specifies the directory for writing profile information. Specifies the path to the directory into which profile information will be written. </adm:synopsis> <adm:description> Specifies the path to the directory into which profile information will be written. The directory must exist and the Directory Server must have permission to create new files in it. Changes to this configuration attribute will take effect immediately. The directory must exist and the Directory Server must have permission to create new files in it. </adm:description> <adm:syntax> <adm:string /> @@ -98,14 +106,12 @@ </adm:property> <adm:property name="enable-profiling-on-startup" mandatory="true"> <adm:synopsis> Indicates whether to automatically begin capturing profile data when the server is started. Indicates whether the profiler plugin should start collecting data automatically when the Directory Server is started. </adm:synopsis> <adm:description> Indicates whether the profiler plugin should start collecting data automatically when the Directory Server is started. This will only be read when the server is started, and any changes will take effect on the next restart. This will only be read when the server is started, and any changes will take effect on the next restart. </adm:description> <adm:syntax> <adm:boolean /> @@ -116,17 +122,17 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="profile-action" mandatory="false"> <adm:property name="profile-action"> <adm:synopsis> Specifies the action that should be taken by the profiler. </adm:synopsis> <adm:description> Specifies the action that should be taken by the profiler. A value of "start" will cause the profiler thread to start collecting data if it is not already active. A value of "stop" will cause the profiler thread to stop collecting data and write it do disk, and a value of "cancel" will cause the profiler thread to stop collecting data and discard anything that has been captured. These operations will occur immediately. A value of "start" will cause the profiler thread to start collecting data if it is not already active. A value of "stop" will cause the profiler thread to stop collecting data and write it do disk, and a value of "cancel" will cause the profiler thread to stop collecting data and discard anything that has been captured. These operations will occur immediately. </adm:description> <adm:default-behavior> <adm:defined> @@ -136,24 +142,21 @@ <adm:syntax> <adm:enumeration> <adm:value name="none"> <adm:synopsis> Do not take any action. </adm:synopsis> <adm:synopsis>Do not take any action.</adm:synopsis> </adm:value> <adm:value name="start"> <adm:synopsis> Start collecting profile data. </adm:synopsis> <adm:synopsis>Start collecting profile data.</adm:synopsis> </adm:value> <adm:value name="stop"> <adm:synopsis> Stop collecting profile data and write what has been captured to a file in the profile directory. Stop collecting profile data and write what has been captured to a file in the profile directory. </adm:synopsis> </adm:value> <adm:value name="cancel"> <adm:synopsis> Stop collecting profile data and discard what has been captured. Stop collecting profile data and discard what has been captured. </adm:synopsis> </adm:value> </adm:enumeration> @@ -165,4 +168,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,30 +25,29 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="rc4-password-storage-scheme" <adm:managed-object name="rc4-password-storage-scheme" plural-name="rc4-password-storage-schemes" package="org.opends.server.admin.std" extends="password-storage-scheme" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> provides a mechanism for encoding user passwords using the RC4 reversible encryption mechanism. This implementation contains only an implementation for the user password syntax, with a storage scheme name of "RC4". The <adm:user-friendly-name /> provides a mechanism for encoding user passwords using the RC4 reversible encryption mechanism. </adm:synopsis> <adm:description> This scheme contains only an implementation for the user password syntax, with a storage scheme name of "RC4". </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-rc4-password-storage-scheme</ldap:name> <ldap:superior>ds-cfg-password-storage-scheme</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -57,6 +56,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,7 +25,6 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="random-password-generator" plural-name="random-password-generators" package="org.opends.server.admin.std" extends="password-generator" @@ -43,7 +42,7 @@ <ldap:superior>ds-cfg-password-generator</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -58,12 +57,12 @@ Specifies one or more named character sets. </adm:synopsis> <adm:description> Specifies one or more named character sets. This is a multivalued Specifies one or more named character sets. This is a multi-valued attribute, with each value defining a different character set. The format of the character set is the name of the set followed by a colon and the characters that should be in that set. For example, the value "alpha:abcdefghijklmnopqrstuvwxyz" would define a character set named "alpha" containing all of the lowercase ASCII character set named "alpha" containing all of the lower-case ASCII alphabetic characters. </adm:description> <adm:syntax> @@ -83,12 +82,12 @@ Specifies the format to use for the generated password. The value is a comma-delimited list of elements in which each of those elements is comprised of the name of a character set defined in the ds-cfg-password-character-set attribute, a colon, and the number of characters to include from that set. For example, a value of "alpha:3,numeric:2,alpha:3" would generate an 8-character password in which the first three characters are from the "alpha" set, the next two are from the "numeric" set, and the final three are from the "alpha" set. the password-character-set property, a colon, and the number of characters to include from that set. For example, a value of "alpha:3,numeric:2,alpha:3" would generate an 8-character password in which the first three characters are from the "alpha" set, the next two are from the "numeric" set, and the final three are from the "alpha" set. </adm:description> <adm:syntax> <adm:string /> @@ -100,4 +99,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,35 +25,33 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="referential-integrity-plugin" <adm:managed-object name="referential-integrity-plugin" plural-name="referential-integrity-plugins" package="org.opends.server.admin.std" extends="plugin" package="org.opends.server.admin.std" extends="plugin" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> is used to enforce referential integrity on DN attribute types specified in the plugin configuration. The values of these attribute types, may reference entries that have been deleted by a delete operation or renamed by a modify DN operation. The plugin will either remove stale references to deleted entries or remove an old references and add a new references to a renamed entries. The plugin allows the scope of this referential check to be limited to a set of base DNs if desired. It also can be configured to perform the referential checking in background mode at specified intervals. The <adm:user-friendly-name /> is used to maintain referential integrity for DN valued attributes. </adm:synopsis> <adm:description> The values of these attributes may reference entries that have been deleted by a delete operation or renamed by a modify DN operation. The referential integrity plugin will remove stale references to deleted entries or update references to renamed entries. The referential integrity plugin allows the scope of this referential check to be limited to a set of base DNs if desired. It also can be configured to perform the referential checking in the background mode specified intervals. </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-referential-integrity-plugin</ldap:name> <ldap:superior>ds-cfg-plugin</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -62,8 +60,7 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property-override name="plugin-type"> <adm:property-override name="plugin-type" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value>postoperationdelete</adm:value> @@ -72,18 +69,17 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="attribute-type" mandatory="true" multi-valued="true"> <adm:synopsis> Specifies an attribute type to process referential integrity checking on. There must be at least one of these specified in the plugin configuration and the syntax of the type must either be distinguished name (1.3.6.1.4.1.1466.115.121.1.12) or name and optional uid (1.3.6.1.4.1.1466.115.121.1.34). Specifies the attribute types for which referential integrity should be maintained. </adm:synopsis> <adm:description> Specifies an attribute type to process referential integrity. There must be at least one attribute type specified and the syntax of them must either be distinguished name (1.3.6.1.4.1.1466.115.121.1.12) or name and optional uid (1.3.6.1.4.1.1466.115.121.1.34). </adm:description> <adm:syntax> <adm:attribute-type /> @@ -94,22 +90,16 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="base-dn" mandatory="false" multi-valued="true"> <adm:property name="base-dn" multi-valued="true"> <adm:synopsis> Specifies a base DN to restrict the referential integrity processing scope. If none of these are specified in the plugin configuration, then the server's public naming contexts are used. Specifies the scope within which referential integrity will be maintained. </adm:synopsis> <adm:description> Specifies the a base DN to restrict the referential integrity processing scope. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> The scope will be to use all of the public naming contexts. Referential integrity will be maintained in all public naming contexts. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -122,17 +112,14 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="log-file" mandatory="false" multi-valued="false"> <adm:property name="log-file"> <adm:synopsis> Specifies the log file location where the update records will be written when the plugin is in background mode processing. The default location is in the logs directory of the server instance, using the file name "referint". Specifies the log file location where the update records will be written when the plugin is in background mode processing. </adm:synopsis> <adm:description> Specifies the log file location where the update records will be written. The default location is in the logs directory of the server instance, using the file name "referint". </adm:description> <adm:default-behavior> <adm:defined> @@ -148,23 +135,18 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="update-interval" mandatory="false" multi-valued="false"> <adm:property name="update-interval"> <adm:synopsis> Specifies the interval, in seconds, when the referential integrity background thread will wakeup and process new update records. If this value is 0, then the updates are processed in foreground. Specifies the interval, in seconds, when referential integrity updates will be made. </adm:synopsis> <adm:description> Specifies the interval, in seconds, when the referential integrity update thread will wakeup and process new update records. If this value is 0, then the updates are made synchronously in the foreground. </adm:description> <adm:default-behavior> <adm:defined> <adm:value> 0 seconds </adm:value> <adm:value>0 seconds</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -176,6 +158,4 @@ </ldap:attribute> </adm:profile> </adm:property> </adm:managed-object>
@@ -25,36 +25,34 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="regular-expression-identity-mapper" plural-name="regular-expression-identity-mappers" package="org.opends.server.admin.std" extends="identity-mapper" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> provides a means of using a regular expression to translate the provided identifier when searching for the appropriate user entry. This may be used, for example, if the provided identifier is expected to be an e-mail address or Kerberos principal, but only the username portion (the part before the "@" symbol) should be used in the mapping process. Note that a replacement will be made only if all or part of the provided ID string matches the given match pattern. If no part of the provided ID string matches the provided pattern, then the given ID string will be used without any alteration. provides a means of using a regular expression to translate the provided identifier when searching for the appropriate user entry. </adm:synopsis> <adm:description> This may be used, for example, if the provided identifier is expected to be an e-mail address or Kerberos principal, but only the username portion (the part before the "@" symbol) should be used in the mapping process. Note that a replacement will be made only if all or part of the provided ID string matches the given match pattern. If no part of the provided ID string matches the provided pattern, then the given ID string will be used without any alteration. </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-regular-expression-identity-mapper</ldap:name> <ldap:superior>ds-cfg-identity-mapper</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -63,19 +61,18 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="match-attribute" mandatory="true" multi-valued="true"> <adm:property name="match-attribute" mandatory="true" multi-valued="true"> <adm:synopsis> Specifies the attribute to use to perform the mapping. Specifies the name or OID of the attribute whose value should match the provided identifier string after it has been processed by the associated regular expression. </adm:synopsis> <adm:description> Specifies the name or OID of the attribute whose value should match the provided identifier string after it has been processed by the associated regular expression. At least one value must be provided. All values must refer to the name or OID of an attribute type defined in the Directory Server schema. If multiple attribute type names or OIDs are provided, then at least one of those attributes must contain the provided ID string value in exactly one entry. All values must refer to the name or OID of an attribute type defined in the Directory Server schema. If multiple attribute type names or OIDs are provided, then at least one of those attributes must contain the provided ID string value in exactly one entry. </adm:description> <adm:syntax> <adm:attribute-type /> @@ -86,16 +83,11 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="match-base-dn" mandatory="false" multi-valued="true"> <adm:property name="match-base-dn" multi-valued="true"> <adm:synopsis> Specifies the set of base DNs below which to search for users. Specifies the base DN(s) that should be used when performing searches to map the provided ID string to a user entry. </adm:synopsis> <adm:description> Specifies the base DN(s) that should be used when performing searches to map the provided ID string to a user entry. If no values are provided, then the server will search below all public naming contexts. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> @@ -112,24 +104,22 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="match-pattern" mandatory="true" multi-valued="false"> <adm:property name="match-pattern" mandatory="true"> <adm:synopsis> Specifies the regular expression pattern that will be used to identify portions of the ID string which will be replaced. Specifies the regular expression pattern that will be used to identify portions of the ID string which will be replaced. </adm:synopsis> <adm:description> Specifies the regular expression pattern that should be used to match all or part of the provided ID string. Any portion of the ID string which matches this pattern will be replaced in accordance with the provided replace pattern (or will be removed if no replace pattern is specified). If multiple substrings within the given ID string match this pattern, then all occurrences will be replaced. If no part of the given ID string Any portion of the ID string which matches this pattern will be replaced in accordance with the provided replace pattern (or will be removed if no replace pattern is specified). If multiple substrings within the given ID string match this pattern, then all occurrences will be replaced. If no part of the given ID string matches this pattern, then the ID string will not be altered. Exactly one match pattern value must be provided, and it must be a valid regular expression as described in the API documentation for the java.util.regex.Pattern class, including support for capturing groups. Exactly one match pattern value must be provided, and it must be a valid regular expression as described in the API documentation for the java.util.regex.Pattern class, including support for capturing groups. </adm:description> <adm:syntax> <adm:string /> @@ -140,22 +130,18 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="replace-pattern" mandatory="false" multi-valued="false"> <adm:property name="replace-pattern"> <adm:synopsis> Specifies the replacement pattern that should be used for substrings in the ID string that match the provided regular expression pattern. If no replacement pattern is provided, then any matching portions of the ID string will be removed. Specifies the replacement pattern that should be used for substrings in the ID string that match the provided regular expression pattern. </adm:synopsis> <adm:description> Specifies the replacement pattern that should be used for substrings in the ID string that match the provided regular expression pattern. If no replacement pattern is provided, then any matching portions of the ID string will be removed (i.e., replaced with an empty string). The replacement pattern may include a string from a capturing group by using a dollar sign ($) followed by an integer value that indicates which capturing group should be used. If no replacement pattern is provided, then any matching portions of the ID string will be removed (i.e., replaced with an empty string). The replacement pattern may include a string from a capturing group by using a dollar sign ($) followed by an integer value that indicates which capturing group should be used. </adm:description> <adm:default-behavior> <adm:alias> @@ -174,4 +160,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,7 +25,6 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="repeated-characters-password-validator" plural-name="repeated-characters-password-validators" package="org.opends.server.admin.std" extends="password-validator" @@ -34,17 +33,19 @@ <adm:synopsis> The <adm:user-friendly-name /> is used to determine whether a proposed password is acceptable based on the number of times any character may appear consecutively in a password value. is used to determine whether a proposed password is acceptable based on the number of times any character may appear consecutively in a password value. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-repeated-characters-password-validator</ldap:name> <ldap:name> ds-cfg-repeated-characters-password-validator </ldap:name> <ldap:superior>ds-cfg-password-validator</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -55,14 +56,12 @@ </adm:property-override> <adm:property name="max-consecutive-length" mandatory="true"> <adm:synopsis> Specifies the maximum number of times that any character may appear consecutively in a password value. Specifies the maximum number of times that any character may appear consecutively in a password value. </adm:synopsis> <adm:description> Specifies the maximum number of times that any character may appear consecutively in a password value. A value of zero indicates that there will be no maximum limit enforced. Changes to this configuration attribute will take effect immediately. A value of zero indicates that there will be no maximum limit enforced. </adm:description> <adm:syntax> <adm:integer lower-limit="0" /> @@ -75,16 +74,15 @@ </adm:property> <adm:property name="case-sensitive-validation" mandatory="true"> <adm:synopsis> Indicates whether this password validator should treat password characters in a case-sensitive manner. Indicates whether this password validator should treat password characters in a case-sensitive manner. </adm:synopsis> <adm:description> Indicates whether this password validator should treat password characters in a case-sensitive manner. A value of false indicates that any differences in capitalization should be ignored when looking for consecutive characters in the password. A value of true indicates that a character should only be considered repeating if all consecutive occurrences use the same capitalization. A value of false indicates that any differences in capitalization should be ignored when looking for consecutive characters in the password. A value of true indicates that a character should only be considered repeating if all consecutive occurrences use the same capitalization. </adm:description> <adm:syntax> <adm:boolean /> @@ -96,4 +94,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,17 +25,16 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="replication-domain" plural-name="replication-domains" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The A <adm:user-friendly-name /> is used to provide Multimaster Replication of several OpenDS copies of the same data comprises of several Directory Servers sharing the same synchronized set of data. </adm:synopsis> <adm:tag name="replication"/> <adm:profile name="ldap"> @@ -47,23 +46,21 @@ <adm:property name="replication-server" multi-valued="true" mandatory="true"> <adm:synopsis> Specifies the addresses of the replication server to which this Specifies the addresses of the Replication Servers within the <adm:user-friendly-name /> should try to connect at startup time. to which the Directory Server should try to connect at startup time. </adm:synopsis> <adm:description> Addresses must be specified using the syntax: hostname:port </adm:description> <adm:requires-admin-action> <adm:none /> </adm:requires-admin-action> <adm:syntax> <adm:string> <adm:pattern> <adm:regex>.+:[0-9]+</adm:regex> <adm:regex>^.+:[0-9]+$</adm:regex> <adm:usage>HOST:PORT</adm:usage> <adm:synopsis> A hostname, followed by a ":" followed by a port number. A host name followed by a ":" and a port number. </adm:synopsis> </adm:pattern> </adm:string> @@ -74,17 +71,22 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="server-id" multi-valued="false" mandatory="true" read-only="true"> <adm:property name="server-id" mandatory="true" read-only="true"> <adm:synopsis> Specifies the server ID of this multimaster provider. Specifies a unique identifier for the Directory Server within the <adm:user-friendly-name /> . </adm:synopsis> <adm:description> Each multimaster provider must have a different server ID. Each Directory Server within the same <adm:user-friendly-name /> must have a different server ID. A Directory Server which is a member of multiple <adm:user-friendly-plural-name /> may use the same server ID for each of its <adm:user-friendly-name /> configurations. </adm:description> <adm:requires-admin-action> <adm:none /> </adm:requires-admin-action> <adm:syntax> <adm:integer lower-limit="1" upper-limit="65535"></adm:integer> </adm:syntax> @@ -94,13 +96,12 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="base-dn" mandatory="true" multi-valued="false" read-only="true"> <adm:property name="base-dn" mandatory="true" read-only="true"> <adm:synopsis> Specifies the base dn of the Multimaster Domain Specifies the base DN of the replicated data. </adm:synopsis> <adm:syntax> <adm:dn></adm:dn> <adm:dn /> </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> @@ -108,11 +109,10 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="window-size" mandatory="false" multi-valued="false"> <adm:property name="window-size" advanced="true"> <adm:synopsis> Specifies the window size that this domain will use when communicating with replication servers. Specifies the window size that the Directory Server will use when communicating with Replication Servers. </adm:synopsis> <adm:default-behavior> <adm:defined> @@ -120,7 +120,7 @@ </adm:defined> </adm:default-behavior> <adm:syntax> <adm:integer></adm:integer> <adm:integer /> </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> @@ -128,23 +128,25 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="heartbeat-interval" mandatory="false" multi-valued="false"> <adm:property name="heartbeat-interval" advanced="true"> <adm:synopsis> Specifies the heartbeat interval that this Domain must use when communicating with replication servers. The Domain will expect regular heartbeat coming from the replication server with this interval if they are not received it will close its connection and connect to another replication server. Specifies the heart-beat interval that the Directory Server will use when communicating with Replication Servers. </adm:synopsis> <adm:description> The Directory Server will expect a regular heart-beat coming from the Replication Server within the specified interval. If a heartbeat is not received within the interval, the Directory Server will close its connection and connect to another Replication Server. </adm:description> <adm:default-behavior> <adm:defined> <adm:value>1000ms</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> <adm:duration base-unit="ms" allow-unlimited="false" lower-limit="100" /> <adm:duration base-unit="ms" lower-limit="100" /> </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> @@ -152,24 +154,25 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="isolation-policy" mandatory="false" multi-valued="false"> <adm:property name="isolation-policy"> <adm:synopsis> Specifies the behavior of the Directory Server if a write operation is attempted on the data within the <adm:user-friendly-name /> indicates the behavior of the LDAP server if an update is attempted when replication has been configured but none of the configured Replication Servers are up an running when the update is received. when none of the configured Replication Servers are available. </adm:synopsis> <adm:default-behavior> <adm:defined> <adm:value>reject-all-updates</adm:value></adm:defined></adm:default-behavior> <adm:value>reject-all-updates</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> <adm:enumeration> <adm:value name="accept-all-updates"> <adm:synopsis> Indicates that updates should be accepted even though it is not possible to send them to any Replication Server. Best effort will be made to re-send those updates to a not possible to send them to any Replication Server. Best effort will be made to re-send those updates to a Replication Servers when one of them is available, however those changes will be at risk because they will only be available from the historical information. This mode may @@ -178,9 +181,9 @@ </adm:value> <adm:value name="reject-all-updates"> <adm:synopsis> Indicates that all updates attempted on this replicated base-dn on this server when no Replication Server is available will be denied. Indicates that all updates attempted on this <adm:user-friendly-name /> will be rejected when no Replication Server is available. </adm:synopsis> </adm:value> </adm:enumeration> opends/src/admin/defn/org/opends/server/admin/std/ReplicationServerConfiguration.xml
@@ -25,49 +25,44 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="replication-server" plural-name="replication-servers" package="org.opends.server.admin.std" plural-name="replication-servers" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> is the server to which Multimaster Domain connects to publish and receive changes to or from other Multimaster Domains. <adm:user-friendly-plural-name /> are used to publish updates to Directory Servers within a Replication Domain. </adm:synopsis> <adm:tag name="replication"/> <adm:profile name="ldap"> <ldap:object-class> <ldap:name> ds-cfg-replication-server </ldap:name> <ldap:name>ds-cfg-replication-server</ldap:name> <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="replication-server" multi-valued="true" mandatory="false"> <adm:property name="replication-server" multi-valued="true"> <adm:synopsis> Specifies the addresses of the replication server to which this Specifies the addresses of other <adm:user-friendly-plural-name /> to which this <adm:user-friendly-name /> should try to connect at startup time. </adm:synopsis> <adm:description> Addresses must be specified using the syntax: hostname:port </adm:description> <adm:requires-admin-action> <adm:none /> </adm:requires-admin-action> <adm:default-behavior> <adm:undefined /> </adm:default-behavior> <adm:syntax> <adm:string> <adm:pattern> <adm:regex>.+:[0-9]+</adm:regex> <adm:regex>^.+:[0-9]+$</adm:regex> <adm:usage>HOST:PORT</adm:usage> <adm:synopsis> A hostname, followed by a ":" followed by a port number. A host name followed by a ":" and a port number. </adm:synopsis> </adm:pattern> </adm:string> @@ -78,17 +73,18 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="replication-server-id" multi-valued="false" mandatory="true" read-only="true"> <adm:property name="replication-server-id" mandatory="true" read-only="true"> <adm:synopsis> Specifies the server ID of this Replication Server Specifies a unique identifier for the <adm:user-friendly-name /> . </adm:synopsis> <adm:description> Each Replication Server must have a different server ID. Each <adm:user-friendly-name /> must have a different server ID. </adm:description> <adm:requires-admin-action> <adm:none /> </adm:requires-admin-action> <adm:syntax> <adm:integer lower-limit="1" upper-limit="65535"></adm:integer> </adm:syntax> @@ -98,11 +94,13 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="window-size" mandatory="false" multi-valued="false"> <adm:property name="window-size" advanced="true"> <adm:synopsis> Specifies the window size that will this Domain must use when communicating with replication servers. Specifies the window size that the <adm:user-friendly-name /> will use when communicating with other <adm:user-friendly-plural-name /> . </adm:synopsis> <adm:default-behavior> <adm:defined> @@ -118,11 +116,10 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="queue-size" mandatory="false" multi-valued="false"> <adm:property name="queue-size" advanced="true"> <adm:synopsis> Specifies the number of changes that will be kept in memory for each LDAP server in the topology. each Directory Server in the Replication Domain. </adm:synopsis> <adm:default-behavior> <adm:defined> @@ -130,7 +127,7 @@ </adm:defined> </adm:default-behavior> <adm:syntax> <adm:integer></adm:integer> <adm:integer /> </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> @@ -138,15 +135,17 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="replication-db-directory" mandatory="false" hidden="false" multi-valued="false" read-only="true"> <adm:property name="replication-db-directory" mandatory="true" read-only="true"> <adm:synopsis> The path where the <adm:user-friendly-name /> will store all persistent information. </adm:synopsis> <adm:default-behavior> <adm:undefined /> <adm:defined> <adm:value>changelogDb</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> <adm:string></adm:string> @@ -157,7 +156,7 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="replication-purge-delay" multi-valued="false"> <adm:property name="replication-purge-delay" advanced="true"> <adm:synopsis> The time (in seconds) after which the <adm:user-friendly-name /> @@ -177,19 +176,16 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="replication-port" mandatory="true" multi-valued="false"> <adm:property name="replication-port" mandatory="true"> <adm:synopsis> The port on which this <adm:user-friendly-name></adm:user-friendly-name> will wait for connections from other Replication Servers or LDAP Servers or from LDAP servers. <adm:user-friendly-name /> will wait for connections from other <adm:user-friendly-plural-name /> or Directory Servers. </adm:synopsis> <adm:requires-admin-action> <adm:none /> </adm:requires-admin-action> <adm:syntax> <adm:integer></adm:integer> <adm:integer lower-limit="1" upper-limit="65535" /> </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> opends/src/admin/defn/org/opends/server/admin/std/ReplicationSynchronizationProviderConfiguration.xml
@@ -31,12 +31,12 @@ extends="synchronization-provider" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap" xmlns:cli="http://www.opends.org/admin-cli" abstract="false"> xmlns:cli="http://www.opends.org/admin-cli"> <adm:synopsis> The <adm:user-friendly-name /> is used to provide Multimaster Replication of several OpenDS copies of the same data is used to provide multi-master replication of data across multiple Directory Server instances. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> @@ -70,7 +70,7 @@ </cli:relation> </adm:profile> </adm:relation> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> opends/src/admin/defn/org/opends/server/admin/std/RootConfiguration.xml
@@ -84,9 +84,7 @@ <adm:relation name="crypto-manager"> <adm:one-to-one /> <adm:profile name="ldap"> <ldap:rdn-sequence> cn=Crypto Manager,cn=config </ldap:rdn-sequence> <ldap:rdn-sequence>cn=Crypto Manager,cn=config</ldap:rdn-sequence> </adm:profile> <adm:profile name="cli"> <cli:relation> @@ -232,9 +230,7 @@ <adm:relation name="alert-handler"> <adm:one-to-many /> <adm:profile name="ldap"> <ldap:rdn-sequence> cn=Alert Handlers,cn=config </ldap:rdn-sequence> <ldap:rdn-sequence>cn=Alert Handlers,cn=config</ldap:rdn-sequence> </adm:profile> <adm:profile name="cli"> <cli:relation> @@ -349,9 +345,7 @@ <adm:relation name="matching-rule"> <adm:one-to-many /> <adm:profile name="ldap"> <ldap:rdn-sequence> cn=Matching Rules,cn=config </ldap:rdn-sequence> <ldap:rdn-sequence>cn=Matching Rules,cn=config</ldap:rdn-sequence> </adm:profile> <adm:profile name="cli"> <cli:relation> @@ -362,9 +356,7 @@ <adm:relation name="attribute-syntax"> <adm:one-to-many /> <adm:profile name="ldap"> <ldap:rdn-sequence> cn=Syntaxes,cn=config </ldap:rdn-sequence> <ldap:rdn-sequence>cn=Syntaxes,cn=config</ldap:rdn-sequence> </adm:profile> <adm:profile name="cli"> <cli:relation> @@ -422,13 +414,10 @@ </cli:relation> </adm:profile> </adm:relation> <adm:relation name="network-group"> <adm:one-to-many naming-property="network-group-id"/> <adm:profile name="ldap"> <ldap:rdn-sequence> cn=Network Groups,cn=config </ldap:rdn-sequence> <ldap:rdn-sequence>cn=Network Groups,cn=config</ldap:rdn-sequence> </adm:profile> <adm:profile name="cli"> <cli:relation> @@ -439,9 +428,7 @@ <adm:relation name="workflow"> <adm:one-to-many naming-property="workflow-id"/> <adm:profile name="ldap"> <ldap:rdn-sequence> cn=Workflows,cn=config </ldap:rdn-sequence> <ldap:rdn-sequence>cn=Workflows,cn=config</ldap:rdn-sequence> </adm:profile> <adm:profile name="cli"> <cli:relation> @@ -462,7 +449,6 @@ </cli:relation> </adm:profile> </adm:relation> <adm:product-name>OpenDS Directory Server</adm:product-name> <adm:tag-definition name="logging"> <adm:synopsis>Logging</adm:synopsis> opends/src/admin/defn/org/opends/server/admin/std/RootDNConfiguration.xml
@@ -25,41 +25,36 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="root-dn" plural-name="root-dns" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> This class defines the parent entry for all root DN users in the server. It also defines the set of privileges that root users will automatically inherit. The <adm:user-friendly-name /> configuration contains all the Root DN Users defined in the Directory Server. In addition, it also defines the default set of privileges that Root DN Users will automatically inherit. </adm:synopsis> <adm:tag name="core"/> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-root-dn</ldap:name> <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:relation name="root-dn-user" hidden="true"> <adm:one-to-many /> <adm:profile name="ldap"> <ldap:rdn-sequence /> <ldap:naming-attribute> cn </ldap:naming-attribute> <ldap:naming-attribute>cn</ldap:naming-attribute> </adm:profile> </adm:relation> <adm:property name="default-root-privilege-name" mandatory="false" <adm:property name="default-root-privilege-name" multi-valued="true"> <adm:synopsis> Specifies the names of the privileges that root users will be granted by default. Specifies the names of the privileges that root users will be granted by default. </adm:synopsis> <adm:default-behavior> <adm:defined> @@ -85,14 +80,14 @@ <adm:enumeration> <adm:value name="bypass-acl"> <adm:synopsis> Allows the associated user to bypass access control checks performed by the server. Allows the associated user to bypass access control checks performed by the server. </adm:synopsis> </adm:value> <adm:value name="modify-acl"> <adm:synopsis> Allows the associated user to modify the server's access control configuration. Allows the associated user to modify the server's access control configuration. </adm:synopsis> </adm:value> <adm:value name="config-read"> @@ -102,8 +97,8 @@ </adm:value> <adm:value name="config-write"> <adm:synopsis> Allows the associated user to update the server configuration. The config-read privilege is also required. Allows the associated user to update the server configuration. The config-read privilege is also required. </adm:synopsis> </adm:value> <adm:value name="jmx-read"> @@ -124,24 +119,26 @@ </adm:value> <adm:value name="ldif-import"> <adm:synopsis> Allows the user to request that the server process LDIF import tasks. Allows the user to request that the server process LDIF import tasks. </adm:synopsis> </adm:value> <adm:value name="ldif-export"> <adm:synopsis> Allows the user to request that the server process LDIF export tasks. Allows the user to request that the server process LDIF export tasks. </adm:synopsis> </adm:value> <adm:value name="backend-backup"> <adm:synopsis> Allows the user to request that the server process backup tasks. Allows the user to request that the server process backup tasks. </adm:synopsis> </adm:value> <adm:value name="backend-restore"> <adm:synopsis> Allows the user to request that the server process restore tasks. Allows the user to request that the server process restore tasks. </adm:synopsis> </adm:value> <adm:value name="server-shutdown"> @@ -151,14 +148,15 @@ </adm:value> <adm:value name="server-restart"> <adm:synopsis> Allows the user to request that the server perform an in-core restart. Allows the user to request that the server perform an in-core restart. </adm:synopsis> </adm:value> <adm:value name="proxied-auth"> <adm:synopsis> Allows the user to use the proxied authorization control, or to perform a bind that specifies an alternate authorization identity. Allows the user to use the proxied authorization control, or to perform a bind that specifies an alternate authorization identity. </adm:synopsis> </adm:value> <adm:value name="disconnect-client"> @@ -168,8 +166,8 @@ </adm:value> <adm:value name="cancel-request"> <adm:synopsis> Allows the user to cancel operations in progress on other client connections. Allows the user to cancel operations in progress on other client connections. </adm:synopsis> </adm:value> <adm:value name="password-reset"> @@ -190,13 +188,14 @@ <adm:value name="privilege-change"> <adm:synopsis> Allows the user to make changes to the set of defined root privileges, as well as to grant and revoke privileges for users. privileges, as well as to grant and revoke privileges for users. </adm:synopsis> </adm:value> <adm:value name="unindexed-search"> <adm:synopsis> Allows the user to request that the server process a search that cannot be optimized using server indexes. Allows the user to request that the server process a search that cannot be optimized using server indexes. </adm:synopsis> </adm:value> </adm:enumeration> @@ -207,6 +206,4 @@ </ldap:attribute> </adm:profile> </adm:property> </adm:managed-object>
@@ -25,37 +25,40 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="root-dn-user" plural-name="root-dn-users" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> This class defines a root user, which is automatically granted a set of privileges in the server and may be given some special abilities not available to non-root users (e.g., the ability to bind to the server in lockdown mode). A <adm:user-friendly-name /> are administrative users who may be granted special privileges which are not available to non-root users (e.g., the ability to bind to the server in lockdown mode). </adm:synopsis> <adm:description> By default a <adm:user-friendly-name /> inherits the default set of privileges defined in the Root DN configuration. </adm:description> <adm:tag name="core"/> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-root-dn-user</ldap:name> <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="alternate-bind-dn" mandatory="false" multi-valued="true"> <adm:property name="alternate-bind-dn" multi-valued="true"> <adm:synopsis> Specifies one or more alternate DNs that may be used to bind to the server as this root user. Specifies one or more alternate DNs that may be used to bind to the server as this root user. </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> This root user will only be allowed to bind using the DN of the associated configuration entry. This root user will only be allowed to bind using the DN of the associated configuration entry. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -68,6 +71,4 @@ </ldap:attribute> </adm:profile> </adm:property> </adm:managed-object>
@@ -25,18 +25,19 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="root-dse-backend" plural-name="root-dse-backends" package="org.opends.server.admin.std" <adm:managed-object name="root-dse-backend" plural-name="root-dse-backends" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> This class defines a backend to hold the Directory Server root DSE. The <adm:user-friendly-name /> contains the Directory Server root DSE. </adm:synopsis> <adm:description> This is a special meta-backend that will dynamically generate the root DSE entry for base-level searches, and will simply redirect to other backends for operations in other scopes. This is a special meta-backend that will dynamically generate the root DSE entry for base-level searches, and will simply redirect to other backends for operations in other scopes. </adm:description> <adm:tag name="core"/> <adm:tag name="database"/> @@ -46,17 +47,18 @@ <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="subordinate-base-dn" mandatory="false" multi-valued="true"> <adm:property name="subordinate-base-dn" multi-valued="true"> <adm:synopsis> Specifies the set of base DNs that will be used for singleLevel, wholeSubtree, and subordinateSubtree searches based at the root DSE. If this is not provided, then the set of all user-defined suffixes will be used. wholeSubtree, and subordinateSubtree searches based at the root DSE. </adm:synopsis> <adm:default-behavior> <adm:undefined/> <adm:alias> <adm:synopsis> The set of all user-defined suffixes will be used. </adm:synopsis> </adm:alias> </adm:default-behavior> <adm:syntax> <adm:dn /> @@ -67,13 +69,11 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="show-all-attributes" mandatory="true" multi-valued="false"> <adm:property name="show-all-attributes" mandatory="true"> <adm:synopsis> Indicates whether all attributes in the root DSE should be treated like user attributes (and therefore returned to clients by default) regardless of the Directory Server schema configuration. Indicates whether all attributes in the root DSE should be treated like user attributes (and therefore returned to clients by default) regardless of the Directory Server schema configuration. </adm:synopsis> <adm:syntax> <adm:boolean /> opends/src/admin/defn/org/opends/server/admin/std/SASLMechanismHandlerConfiguration.xml
@@ -25,7 +25,6 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="sasl-mechanism-handler" plural-name="sasl-mechanism-handlers" package="org.opends.server.admin.std" @@ -33,7 +32,8 @@ xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-plural-name /> are responsible for the processing associated with SASL bind operations. are responsible for the processing associated with SASL bind operations. </adm:synopsis> <adm:tag name="security"/> <adm:profile name="ldap"> @@ -77,4 +77,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,30 +25,29 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="sha1-password-storage-scheme" <adm:managed-object name="sha1-password-storage-scheme" plural-name="sha1-password-storage-schemes" package="org.opends.server.admin.std" extends="password-storage-scheme" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> provides a mechanism for encoding user passwords using an unsalted form of the SHA-1 message digest algorithm. This implementation contains only an implementation for the user password syntax, with a storage scheme name of "SHA". The <adm:user-friendly-name /> provides a mechanism for encoding user passwords using an unsalted form of the SHA-1 message digest algorithm. </adm:synopsis> <adm:description> This scheme contains only an implementation for the user password syntax, with a storage scheme name of "SHA". </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-sha1-password-storage-scheme</ldap:name> <ldap:superior>ds-cfg-password-storage-scheme</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -57,6 +56,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,21 +25,18 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="smtp-account-status-notification-handler" plural-name="smtp-account-status-notification-handlers" extends="account-status-notification-handler" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-name /> is an account status notification handler that can be used to send email messages to end users and/or administrators whenever an account status notification is generated. is an account status notification handler that can be used to send email messages to end users and/or administrators whenever an account status notification is generated. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name> @@ -50,8 +47,7 @@ </ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -60,22 +56,24 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="email-address-attribute-type" mandatory="false" <adm:property name="email-address-attribute-type" multi-valued="true"> <adm:synopsis> Specifies which attribute in user entries may be used to obtain the email address to use when notifying the end user. Multiple attributes can be specified as separate values, and in that case all email addresses identified in all such values will receive the notification. Specifies which attribute in user entries may be used to obtain the email address to use when notifying the end user. </adm:synopsis> <adm:description> Multiple attributes can be specified as separate values, and in that case all email addresses identified in all such values will receive the notification. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> If no email address attribute types are specified, then no attempt will be made to send email notification messages to end users. Only those users specified in the set of additional recipient addresses will be sent the notification messages. If no email address attribute types are specified, then no attempt will be made to send email notification messages to end users. Only those users specified in the set of additional recipient addresses will be sent the notification messages. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -88,20 +86,22 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="recipient-address" mandatory="false" multi-valued="true"> <adm:property name="recipient-address" multi-valued="true"> <adm:synopsis> Specifies an email address to which notification messages will be sent, either instead of or in addition to the end user for whom the notification has been generated. This may be used to ensure that server administrators also receive a copy of any notification messages that are generated. Specifies an email address to which notification messages will be sent, either instead of or in addition to the end user for whom the notification has been generated. </adm:synopsis> <adm:description> This may be used to ensure that server administrators also receive a copy of any notification messages that are generated. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> If no additional recipient addresses are specified, then only the end users that are the subjects of the account status notifications will receive the notification messages. If no additional recipient addresses are specified, then only the end users that are the subjects of the account status notifications will receive the notification messages. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -114,22 +114,23 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="send-message-without-end-user-address" mandatory="true" multi-valued="false"> <adm:property name="send-message-without-end-user-address" mandatory="true" advanced="true"> <adm:synopsis> Indicates whether an email notification message should be generated and sent to the set of notification recipients even if the user entry does not contain any values for any of the email address attributes (and therefore it will not be possible to notify the end user). This is only applicable if both one or more email address attribute types and one or more additional recipient addresses are specified. Indicates whether an email notification message should be generated and sent to the set of notification recipients even if the user entry does not contain any values for any of the email address attributes (and therefore it will not be possible to notify the end user). </adm:synopsis> <adm:description> This is only applicable if both one or more email address attribute types and one or more additional recipient addresses are specified. </adm:description> <adm:default-behavior> <adm:defined> <adm:value> true </adm:value> <adm:value>true</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -137,15 +138,17 @@ </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> <ldap:name>ds-cfg-send-message-without-end-user-address</ldap:name> <ldap:name> ds-cfg-send-message-without-end-user-address </ldap:name> </ldap:attribute> </adm:profile> </adm:property> <adm:property name="sender-address" mandatory="true" multi-valued="false"> <adm:property name="sender-address" mandatory="true"> <adm:synopsis> Specifies the e-mail address from which the message will be sent. Note that this does not necessarily have to be a legitimate e-mail address. Specifies the e-mail address from which the message will be sent. Note that this does not necessarily have to be a legitimate e-mail address. </adm:synopsis> <adm:syntax> <adm:string /> @@ -156,17 +159,20 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="message-subject" mandatory="true" multi-valued="true"> <adm:property name="message-subject" mandatory="true" multi-valued="true"> <adm:synopsis> Specifies the subject that should be used for email messages generated by this account status notification handler. The values for this property should begin with the name of an account status notification type followed by a colon and the subject that should be used for the associated notification message. If an email message is generated for an account status notification type for which no subject is defined, then that message will be given a generic subject. Specifies the subject that should be used for email messages generated by this account status notification handler. </adm:synopsis> <adm:description> The values for this property should begin with the name of an account status notification type followed by a colon and the subject that should be used for the associated notification message. If an email message is generated for an account status notification type for which no subject is defined, then that message will be given a generic subject. </adm:description> <adm:syntax> <adm:string /> </adm:syntax> @@ -176,18 +182,20 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="message-template-file" mandatory="true" multi-valued="true"> <adm:synopsis> Specifies the path to the file containing the message template that is to be used to generate the email notification messages. The values for this property should begin with the name of an account status notification type followed by a colon and the path to the template file that should be used for that notification type. If an account status notification has a notification type that is not associated with a message template file, then no email message will be generated for that notification. Specifies the path to the file containing the message template that is to be used to generate the email notification messages. </adm:synopsis> <adm:description> The values for this property should begin with the name of an account status notification type followed by a colon and the path to the template file that should be used for that notification type. If an account status notification has a notification type that is not associated with a message template file, then no email message will be generated for that notification. </adm:description> <adm:syntax> <adm:string /> </adm:syntax> @@ -197,6 +205,4 @@ </ldap:attribute> </adm:profile> </adm:property> </adm:managed-object>
@@ -25,27 +25,24 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="smtp-alert-handler" plural-name="smtp-alert-handlers" <adm:managed-object name="smtp-alert-handler" plural-name="smtp-alert-handlers" package="org.opends.server.admin.std" extends="alert-handler" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> may be used to send e-mail messages to notify administrators of significant events that occur within the server. may be used to send e-mail messages to notify administrators of significant events that occur within the server. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-smtp-alert-handler</ldap:name> <ldap:superior>ds-cfg-alert-handler</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -54,11 +51,10 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="sender-address" mandatory="true" multi-valued="false"> <adm:property name="sender-address" mandatory="true"> <adm:synopsis> Specifies the e-mail address to use as the sender for messages generated by this alert handler. Specifies the e-mail address to use as the sender for messages generated by this alert handler. </adm:synopsis> <adm:syntax> <adm:string /> @@ -69,13 +65,15 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="recipient-address" mandatory="true" multi-valued="true"> <adm:property name="recipient-address" mandatory="true" multi-valued="true"> <adm:synopsis> Specifies an e-mail address to which the messages should be sent. </adm:synopsis> <adm:description> Multiple values may be provided if there should be more than one recipient. </adm:synopsis> </adm:description> <adm:syntax> <adm:string /> </adm:syntax> @@ -85,16 +83,19 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="message-subject" mandatory="true" multi-valued="false"> <adm:property name="message-subject" mandatory="true"> <adm:synopsis> Specifies the subject that should be used for e-mail messages generated by this alert handler. The token "%%%%alert-type%%%%" will be dynamically replaced with the alert type string. The token "%%%%alert-id%%%%" will be dynamically replaced with the alert ID value. The token "%%%%alert-message%%%%" will be dynamically replaced with the alert message. The token "\\n" will be replaced with an end-of-line marker. Specifies the subject that should be used for e-mail messages generated by this alert handler. </adm:synopsis> <adm:description> The token "%%%%alert-type%%%%" will be dynamically replaced with the alert type string. The token "%%%%alert-id%%%%" will be dynamically replaced with the alert ID value. The token "%%%%alert-message%%%%" will be dynamically replaced with the alert message. The token "\\n" will be replaced with an end-of-line marker. </adm:description> <adm:syntax> <adm:string /> </adm:syntax> @@ -104,16 +105,19 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="message-body" mandatory="true" multi-valued="false"> <adm:property name="message-body" mandatory="true"> <adm:synopsis> Specifies the body that should be used for e-mail messages generated by this alert handler. The token "%%%%alert-type%%%%" will be dynamically replaced with the alert type string. The token "%%%%alert-id%%%%" will be dynamically replaced with the alert ID value. The token "%%%%alert-message%%%%" will be dynamically replaced with the alert message. The token "\\n" will be replaced with an end-of-line marker. Specifies the body that should be used for e-mail messages generated by this alert handler. </adm:synopsis> <adm:description> The token "%%%%alert-type%%%%" will be dynamically replaced with the alert type string. The token "%%%%alert-id%%%%" will be dynamically replaced with the alert ID value. The token "%%%%alert-message%%%%" will be dynamically replaced with the alert message. The token "\\n" will be replaced with an end-of-line marker. </adm:description> <adm:syntax> <adm:string /> </adm:syntax> @@ -123,6 +127,4 @@ </ldap:attribute> </adm:profile> </adm:property> </adm:managed-object>
@@ -25,31 +25,30 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="salted-md5-password-storage-scheme" <adm:managed-object name="salted-md5-password-storage-scheme" plural-name="salted-md5-password-storage-schemes" package="org.opends.server.admin.std" extends="password-storage-scheme" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> provides a mechanism for encoding user passwords using a salted form of the MD5 message digest algorithm. This implementation contains an implementation for the user password syntax, with a storage scheme name of "SMD5", and an implementation of the auth password syntax, with a storage scheme name of "MD5". The <adm:user-friendly-name /> provides a mechanism for encoding user passwords using a salted form of the MD5 message digest algorithm. </adm:synopsis> <adm:description> This scheme contains an implementation for the user password syntax, with a storage scheme name of "SMD5", and an implementation of the auth password syntax, with a storage scheme name of "MD5". </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-salted-md5-password-storage-scheme</ldap:name> <ldap:superior>ds-cfg-password-storage-scheme</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -58,6 +57,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,31 +25,30 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="salted-sha1-password-storage-scheme" <adm:managed-object name="salted-sha1-password-storage-scheme" plural-name="salted-sha1-password-storage-schemes" package="org.opends.server.admin.std" extends="password-storage-scheme" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> provides a mechanism for encoding user passwords using a salted form of the SHA-1 message digest algorithm. This implementation contains an implementation for the user password syntax, with a storage scheme name of "SSHA", and an implementation of the auth password syntax, with a storage scheme name of "SHA1". The <adm:user-friendly-name /> provides a mechanism for encoding user passwords using a salted form of the SHA-1 message digest algorithm. </adm:synopsis> <adm:description> This scheme contains an implementation for the user password syntax, with a storage scheme name of "SSHA", and an implementation of the auth password syntax, with a storage scheme name of "SHA1". </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-salted-sha1-password-storage-scheme</ldap:name> <ldap:superior>ds-cfg-password-storage-scheme</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -58,6 +57,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,31 +25,32 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="salted-sha256-password-storage-scheme" <adm:managed-object name="salted-sha256-password-storage-scheme" plural-name="salted-sha256-password-storage-schemes" package="org.opends.server.admin.std" extends="password-storage-scheme" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> provides a mechanism for encoding user passwords using a salted form of the 256-bit SHA-2 message digest algorithm. This implementation contains an implementation for the user password syntax, with a storage scheme name of "SSHA256", and an implementation of the auth password syntax, with a storage scheme name of "SHA256". The <adm:user-friendly-name /> provides a mechanism for encoding user passwords using a salted form of the 256-bit SHA-2 message digest algorithm. </adm:synopsis> <adm:description> This scheme contains an implementation for the user password syntax, with a storage scheme name of "SSHA256", and an implementation of the auth password syntax, with a storage scheme name of "SHA256". </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-salted-sha256-password-storage-scheme</ldap:name> <ldap:name> ds-cfg-salted-sha256-password-storage-scheme </ldap:name> <ldap:superior>ds-cfg-password-storage-scheme</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -58,6 +59,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,31 +25,32 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="salted-sha384-password-storage-scheme" <adm:managed-object name="salted-sha384-password-storage-scheme" plural-name="salted-sha384-password-storage-schemes" package="org.opends.server.admin.std" extends="password-storage-scheme" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> provides a mechanism for encoding user passwords using a salted form of the 384-bit SHA-2 message digest algorithm. This implementation contains an implementation for the user password syntax, with a storage scheme name of "SSHA384", and an implementation of the auth password syntax, with a storage scheme name of "SHA384". The <adm:user-friendly-name /> provides a mechanism for encoding user passwords using a salted form of the 384-bit SHA-2 message digest algorithm. </adm:synopsis> <adm:description> This scheme contains an implementation for the user password syntax, with a storage scheme name of "SSHA384", and an implementation of the auth password syntax, with a storage scheme name of "SHA384". </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-salted-sha384-password-storage-scheme</ldap:name> <ldap:name> ds-cfg-salted-sha384-password-storage-scheme </ldap:name> <ldap:superior>ds-cfg-password-storage-scheme</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -58,6 +59,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,31 +25,32 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="salted-sha512-password-storage-scheme" <adm:managed-object name="salted-sha512-password-storage-scheme" plural-name="salted-sha512-password-storage-schemes" package="org.opends.server.admin.std" extends="password-storage-scheme" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> provides a mechanism for encoding user passwords using a salted form of the 512-bit SHA-2 message digest algorithm. This implementation contains an implementation for the user password syntax, with a storage scheme name of "SSHA512", and an implementation of the auth password syntax, with a storage scheme name of "SHA512". The <adm:user-friendly-name /> provides a mechanism for encoding user passwords using a salted form of the 512-bit SHA-2 message digest algorithm. </adm:synopsis> <adm:description> This scheme contains an implementation for the user password syntax, with a storage scheme name of "SSHA512", and an implementation of the auth password syntax, with a storage scheme name of "SHA512". </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-salted-sha512-password-storage-scheme</ldap:name> <ldap:name> ds-cfg-salted-sha512-password-storage-scheme </ldap:name> <ldap:superior>ds-cfg-password-storage-scheme</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -58,6 +59,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,27 +25,25 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="schema-backend" plural-name="schema-backends" package="org.opends.server.admin.std" extends="backend" package="org.opends.server.admin.std" extends="backend" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The schema backend provides access to the OpenDS Directory Server schema information, including the attribute types, object classes, attribute syntaxes, matching rules, matching rule uses, DIT content rules, and DIT structure rules that it contains. The <adm:user-friendly-name /> provides access to the Directory Server schema information, including the attribute types, object classes, attribute syntaxes, matching rules, matching rule uses, DIT content rules, and DIT structure rules that it contains. </adm:synopsis> <adm:description> The server will allow modify operations in this backend to alter the server schema definitions. The org.opends.server.backends.SchemaBackend class provides the implementation for this backend. The configuration entry for this backend is based on the ds-cfg-schema-backend structural object class. Note that any attribute types included in this entry that are not included in this object class (or the parent ds-cfg-backend class) will appear directly in the schema entry. The server will allow modify operations in this backend to alter the server schema definitions. The configuration entry for this backend is based on the ds-cfg-schema-backend structural object class. Note that any attribute types included in this entry that are not included in this object class (or the parent ds-cfg-backend class) will appear directly in the schema entry. </adm:description> <adm:profile name="ldap"> <ldap:object-class> @@ -53,32 +51,36 @@ <ldap:superior>ds-cfg-backend</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> org.opends.server.backends.SchemaBackend </adm:value> <adm:value>org.opends.server.backends.SchemaBackend</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="schema-entry-dn" mandatory="false" <adm:property-override name="writability-mode"> <adm:default-behavior> <adm:defined> <adm:value>enabled</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="schema-entry-dn" advanced="true" multi-valued="true"> <adm:synopsis> This defines the base DN(s) at which the schema information will be published, in addition to the value included in the ds-cfg-base-dn configuration attribute. This defines the base DNs of the subtrees in which the schema information will be published, in addition to the value included in the base-dn property. </adm:synopsis> <adm:description> The value provided in the ds-cfg-base-dn configuration attribute is the only one that will appear in the subschemaSubentry operational attribute of the server's root DSE (which is necessary because that is a single-valued attribute) and as a virtual attribute in other entries, but the ds-cfg-schema-entry-dn attribute may be used to make the schema information available in other locations as well in case certain client applications have been hard-coded to expect the schema to reside in a specific location. The value provided in the base-dn property is the only one that will appear in the subschemaSubentry operational attribute of the server's root DSE (which is necessary because that is a single-valued attribute) and as a virtual attribute in other entries, but the schema-entry-dn attribute may be used to make the schema information available in other locations as well in case certain client applications have been hard-coded to expect the schema to reside in a specific location. </adm:description> <adm:default-behavior> <adm:defined> @@ -94,19 +96,18 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="show-all-attributes" mandatory="true" multi-valued="false"> <adm:property name="show-all-attributes" mandatory="true"> <adm:synopsis> Indicates whether to treat all attributes in the schema entry as if they were user attributes regardless of their configuration. Indicates whether to treat all attributes in the schema entry as if they were user attributes regardless of their configuration. </adm:synopsis> <adm:description> This may provide compatibility with some applications that expect schema attributes like attributeTypes and objectClasses to be included by default even if they are not requested. Note that the ldapSyntaxes attribute will always be treated as operational in order to avoid problems with attempts to modify the schema over protocol. This may provide compatibility with some applications that expect schema attributes like attributeTypes and objectClasses to be included by default even if they are not requested. Note that the ldapSyntaxes attribute will always be treated as operational in order to avoid problems with attempts to modify the schema over protocol. </adm:description> <adm:syntax> <adm:boolean /> opends/src/admin/defn/org/opends/server/admin/std/SevenBitCleanPluginConfiguration.xml
@@ -25,34 +25,33 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="seven-bit-clean-plugin" <adm:managed-object name="seven-bit-clean-plugin" plural-name="seven-bit-clean-plugins" package="org.opends.server.admin.std" extends="plugin" package="org.opends.server.admin.std" extends="plugin" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> may be used to ensure that values for a specified set of attributes are 7-bit clean. That is, for those attributes, the values are not allowed to contain any bytes having the high-order bit set, which is used to indicate the presence of non-ASCII characters. Some applications may not properly handle attribute values that contain non-ASCII characters, and this plugin may help ensure that attributes used by those applications do not contain characters which may cause problems in those applications. The <adm:user-friendly-name /> may be used to ensure that values for a specified set of attributes are 7-bit clean. </adm:synopsis> <adm:description> That is, for those attributes, the values are not allowed to contain any bytes having the high-order bit set, which is used to indicate the presence of non-ASCII characters. Some applications may not properly handle attribute values that contain non-ASCII characters, and this plugin may help ensure that attributes used by those applications do not contain characters which may cause problems in those applications. </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-seven-bit-clean-plugin</ldap:name> <ldap:superior>ds-cfg-plugin</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -61,8 +60,7 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property-override name="plugin-type"> <adm:property-override name="plugin-type" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value>ldifimport</adm:value> @@ -72,11 +70,11 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="attribute-type" mandatory="true" multi-valued="true"> <adm:property name="attribute-type" mandatory="true" multi-valued="true"> <adm:synopsis> Specifies the name or OID of an attribute type for which values should be checked to ensure that they are 7-bit clean. Specifies the name or OID of an attribute type for which values should be checked to ensure that they are 7-bit clean. </adm:synopsis> <adm:default-behavior> <adm:defined> @@ -94,13 +92,15 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="base-dn" mandatory="false" multi-valued="true"> <adm:property name="base-dn" multi-valued="true"> <adm:synopsis> Specifies the base DN below which the checking will be performed. Any attempt to update a value for one of the configured attributes below this base DN must be 7-bit clean for the operation to be allowed. Specifies the base DN below which the checking will be performed. </adm:synopsis> <adm:description> Any attempt to update a value for one of the configured attributes below this base DN must be 7-bit clean for the operation to be allowed. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> @@ -117,6 +117,4 @@ </ldap:attribute> </adm:profile> </adm:property> </adm:managed-object>
@@ -25,7 +25,6 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="similarity-based-password-validator" plural-name="similarity-based-password-validators" package="org.opends.server.admin.std" extends="password-validator" @@ -34,9 +33,9 @@ <adm:synopsis> The <adm:user-friendly-name /> is used to determine whether a proposed password is acceptable based on whether the number of characters it contains falls within an acceptable range of values. is used to determine whether a proposed password is acceptable based on whether the number of characters it contains falls within an acceptable range of values. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> @@ -44,7 +43,7 @@ <ldap:superior>ds-cfg-password-validator</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -58,9 +57,8 @@ Specifies the minimum difference of new and old password. </adm:synopsis> <adm:description> Specifies the minimal difference of new and old password. A value of zero indicates that there will be no difference is acceptable. Changes to this configuration attribute will take effect immediately. A value of zero indicates that there will be no difference is acceptable. </adm:description> <adm:syntax> <adm:integer lower-limit="0" /> @@ -72,4 +70,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,28 +25,22 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="size-limit-log-retention-policy" <adm:managed-object name="size-limit-log-retention-policy" plural-name="size-limit-log-retention-policies" package="org.opends.server.admin.std" extends="log-retention-policy" package="org.opends.server.admin.std" extends="log-retention-policy" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> Retention policy based on the amount of space taken by the log files on disk. Retention policy based on the amount of space taken by the log files on disk. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-size-limit-log-retention-policy</ldap:name> <ldap:superior>ds-cfg-log-retention-policy</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -55,7 +49,6 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="disk-space-used" mandatory="true"> <adm:synopsis> The maximum total disk space used by the log files. @@ -70,4 +63,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,27 +25,21 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="size-limit-log-rotation-policy" <adm:managed-object name="size-limit-log-rotation-policy" plural-name="size-limit-log-rotation-policies" package="org.opends.server.admin.std" extends="log-rotation-policy" package="org.opends.server.admin.std" extends="log-rotation-policy" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> Rotation policy based on the size of the log file. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-size-limit-log-rotation-policy</ldap:name> <ldap:superior>ds-cfg-log-rotation-policy</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -54,7 +48,6 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="file-size-limit" mandatory="true"> <adm:synopsis> The size of the file when rotation takes place. @@ -69,4 +62,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,31 +25,24 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="soft-reference-entry-cache" <adm:managed-object name="soft-reference-entry-cache" plural-name="soft-reference-entry-caches" package="org.opends.server.admin.std" extends="entry-cache" package="org.opends.server.admin.std" extends="entry-cache" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap" > xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-name /> defines a Directory Server entry cache that uses soft references to manage objects in a way that will allow them to be freed if the JVM is running low on memory. is a Directory Server entry cache implementation that uses soft references to manage objects in a way that will allow them to be freed if the JVM is running low on memory. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-soft-reference-entry-cache</ldap:name> <ldap:superior>ds-cfg-entry-cache</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -58,11 +51,10 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="lock-timeout" mandatory="false"> <adm:property name="lock-timeout" advanced="true"> <adm:synopsis> The length of time in milliseconds to wait while attempting to acquire a read or write lock. The length of time in milliseconds to wait while attempting to acquire a read or write lock. </adm:synopsis> <adm:default-behavior> <adm:defined> @@ -70,7 +62,8 @@ </adm:defined> </adm:default-behavior> <adm:syntax> <adm:duration base-unit="ms" lower-limit="0" allow-unlimited="true"/> <adm:duration base-unit="ms" lower-limit="0" allow-unlimited="true" /> </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> @@ -78,8 +71,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property-reference name="include-filter" /> <adm:property-reference name="exclude-filter" /> </adm:managed-object> opends/src/admin/defn/org/opends/server/admin/std/StackTraceMonitorProviderConfiguration.xml
@@ -25,28 +25,24 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="stack-trace-monitor-provider" <adm:managed-object name="stack-trace-monitor-provider" plural-name="stack-trace-monitor-providers" package="org.opends.server.admin.std" extends="monitor-provider" package="org.opends.server.admin.std" extends="monitor-provider" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> provides the ability for clients to obtain a stack trace of all threads currently running in the Directory Server. The <adm:user-friendly-name /> provides the ability for clients to obtain a stack trace of all threads currently running in the Directory Server. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-stack-trace-monitor-provider</ldap:name> <ldap:superior>ds-cfg-monitor-provider</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -55,6 +51,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,29 +25,26 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="start-tls-extended-operation-handler" <adm:managed-object name="start-tls-extended-operation-handler" plural-name="start-tls-extended-operation-handlers" package="org.opends.server.admin.std" extends="extended-operation-handler" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> provides the ability clients to use the StartTLS extended operation to initiate a secure communication channel over an otherwise clear-text LDAP connection. The <adm:user-friendly-name /> provides the ability clients to use the StartTLS extended operation to initiate a secure communication channel over an otherwise clear-text LDAP connection. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-start-tls-extended-operation-handler</ldap:name> <ldap:superior>ds-cfg-extended-operation-handler</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -56,6 +53,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,39 +25,34 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="static-group-implementation" <adm:managed-object name="static-group-implementation" plural-name="static-group-implementations" package="org.opends.server.admin.std" extends="group-implementation" package="org.opends.server.admin.std" extends="group-implementation" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> provides a grouping mechanism in which the group membership is based on an explicit list of the DNs of the users that are members of the group. Note that it is possible to nest static groups, which can be accomplished by including the DN of a nested group in the member list for the parent group. The <adm:user-friendly-name /> provides a grouping mechanism in which the group membership is based on an explicit list of the DNs of the users that are members of the group. </adm:synopsis> <adm:description> Note that it is possible to nest static groups, which can be accomplished by including the DN of a nested group in the member list for the parent group. </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-static-group-implementation</ldap:name> <ldap:superior>ds-cfg-group-implementation</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> org.opends.server.extensions.StaticGroup </adm:value> <adm:value>org.opends.server.extensions.StaticGroup</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,8 +25,8 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="subject-attribute-to-user-attribute-certificate-mapper" <adm:managed-object name="subject-attribute-to-user-attribute-certificate-mapper" plural-name="subject-attribute-to-user-attribute-certificate-mappers" package="org.opends.server.admin.std" extends="certificate-mapper" xmlns:adm="http://www.opends.org/admin" @@ -35,16 +35,18 @@ The <adm:user-friendly-name /> maps client certificates to user entries by mapping the values of attributes contained in the certificate subject to attributes contained in user entries. attributes contained in the certificate subject to attributes contained in user entries. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-subject-attribute-to-user-attribute-certificate-mapper</ldap:name> <ldap:name> ds-cfg-subject-attribute-to-user-attribute-certificate-mapper </ldap:name> <ldap:superior>ds-cfg-certificate-mapper</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -56,16 +58,17 @@ <adm:property name="subject-attribute-mapping" mandatory="true" multi-valued="true"> <adm:synopsis> Specifies a mapping between certificate attributes and user attributes. Specifies a mapping between certificate attributes and user attributes. </adm:synopsis> <adm:description> Specifies a mapping between certificate attributes and user attributes. Each value should be in the form "certattr:userattr" where certattr is the name of the attribute in the certificate subject and userattr is the name of the corresponding attribute in user entries. There may be multiple mappings defined, and when performing the mapping values for all attributes present in the certificate subject that have mappings defined must be present in the corresponding user entries. Each value should be in the form "certattr:userattr" where certattr is the name of the attribute in the certificate subject and userattr is the name of the corresponding attribute in user entries. There may be multiple mappings defined, and when performing the mapping values for all attributes present in the certificate subject that have mappings defined must be present in the corresponding user entries. </adm:description> <adm:syntax> <adm:string /> @@ -76,19 +79,16 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="user-base-dn" mandatory="false" multi-valued="true"> <adm:property name="user-base-dn" multi-valued="true"> <adm:synopsis> Specifies the set of base DNs below which to search for users. Specifies the base DNs that should be used when performing searches to map the client certificate to a user entry. </adm:synopsis> <adm:description> Specifies the base DN(s) that should be used when performing searches to map the client certificate to a user entry. If no values are provided, then the server will search below all public naming contexts. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> The server will perform the search in all public naming contexts. The server will perform the search in all public naming contexts. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -102,4 +102,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,28 +25,27 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="subject-dn-to-user-attribute-certificate-mapper" <adm:managed-object name="subject-dn-to-user-attribute-certificate-mapper" plural-name="subject-dn-to-user-attribute-certificate-mappers" package="org.opends.server.admin.std" extends="certificate-mapper" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> maps client certificates to user entries by looking for the certificate subject DN in a specified attribute of user entries. maps client certificates to user entries by looking for the certificate subject DN in a specified attribute of user entries. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-subject-dn-to-user-attribute-certificate-mapper</ldap:name> <ldap:name> ds-cfg-subject-dn-to-user-attribute-certificate-mapper </ldap:name> <ldap:superior>ds-cfg-certificate-mapper</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -55,15 +54,11 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="subject-attribute" mandatory="true"> <adm:synopsis> Specifies the attribute in which to look for the subject DN. Specifies the name or OID of the attribute whose value should exactly match the certificate subject DN. </adm:synopsis> <adm:description> Specifies the name or OID of the attribute whose value should exactly match the certificate subject DN. </adm:description> <adm:syntax> <adm:attribute-type /> </adm:syntax> @@ -73,20 +68,16 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="user-base-dn" mandatory="false" multi-valued="true"> <adm:property name="user-base-dn" multi-valued="true"> <adm:synopsis> Specifies the set of base DNs below which to search for users. Specifies the base DNs that should be used when performing searches to map the client certificate to a user entry. </adm:synopsis> <adm:description> Specifies the base DN(s) that should be used when performing searches to map the client certificate to a user entry. If no values are provided, then the server will search below all public naming contexts. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> The server will perform the search in all public naming contexts. The server will perform the search in all public naming contexts. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -100,4 +91,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,28 +25,25 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="subject-equals-dn-certificate-mapper" plural-name="subject-equals-dn-certificate-mappers" package="org.opends.server.admin.std" extends="certificate-mapper" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> maps client certificates to user entries based on the assumption that the certificate subject is the same as the DN of the target user entry. maps client certificates to user entries based on the assumption that the certificate subject is the same as the DN of the target user entry. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-subject-equals-dn-certificate-mapper</ldap:name> <ldap:superior>ds-cfg-certificate-mapper</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -55,6 +52,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,28 +25,25 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="subschema-subentry-virtual-attribute" plural-name="subschema-subentry-virtual-attributes" package="org.opends.server.admin.std" extends="virtual-attribute" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> may be used to generate a virtual attribute that specifies the location of the subschemaSubentry with the schema definitions in effect for the entry. may be used to generate a virtual attribute that specifies the location of the subschemaSubentry with the schema definitions in effect for the entry. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-subschema-subentry-virtual-attribute</ldap:name> <ldap:superior>ds-cfg-virtual-attribute</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -55,16 +52,18 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property-override name="conflict-behavior"> <adm:property-override name="conflict-behavior" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> virtual-overrides-real </adm:value> <adm:value>virtual-overrides-real</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property-override name="attribute-type"> <adm:default-behavior> <adm:defined> <adm:value>subschemaSubentry</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,25 +25,24 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="substring-matching-rule" plural-name="substring-matching-rules" package="org.opends.server.admin.std" extends="matching-rule" abstract="false" package="org.opends.server.admin.std" extends="matching-rule" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-plural-name /> define a set of rules for performing substring matching operations against assertion values. Substring matching may be used to perform partial matching with attribute values. define a set of rules for performing substring matching operations against assertion values. </adm:synopsis> <adm:description> Substring matching may be used to perform partial matching with attribute values. </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-substring-matching-rule</ldap:name> <ldap:superior>ds-cfg-matching-rule</ldap:superior> </ldap:object-class> </adm:profile> </adm:managed-object>
@@ -25,10 +25,9 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="synchronization-provider" plural-name="synchronization-providers" package="org.opends.server.admin.std" abstract="true" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> @@ -58,8 +57,7 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="java-class" mandatory="true" multi-valued="false"> <adm:property name="java-class" mandatory="true"> <adm:synopsis> The fully-qualified name of the Java class that provides the <adm:user-friendly-name /> opends/src/admin/defn/org/opends/server/admin/std/SystemInfoMonitorProviderConfiguration.xml
@@ -25,28 +25,24 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="system-info-monitor-provider" <adm:managed-object name="system-info-monitor-provider" plural-name="system-info-monitor-providers" package="org.opends.server.admin.std" extends="monitor-provider" package="org.opends.server.admin.std" extends="monitor-provider" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> may be used to publish information about the system and virtual machine on which the Directory Server is running. The <adm:user-friendly-name /> may be used to publish information about the system and virtual machine on which the Directory Server is running. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-system-info-monitor-provider</ldap:name> <ldap:superior>ds-cfg-monitor-provider</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -55,6 +51,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,42 +25,36 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="task-backend" plural-name="task-backends" package="org.opends.server.admin.std" extends="backend" package="org.opends.server.admin.std" extends="backend" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The task backend provides a mechanism for processing tasks in the OpenDS Directory Server. Tasks are intended to provide access to certain types of administrative functions in the server that may not otherwise be convenient to perform remotely. OpenDS Directory Server. Tasks are intended to provide access to certain types of administrative functions in the server that may not otherwise be convenient to perform remotely. </adm:synopsis> <adm:description> Tasks that are currently available for use provide the ability to backup and restore backends, to import and export LDIF files, and to stop and restart the server. The details of the task to perform are held in an entry that is added below the root of the task backend, and then the task backend is responsible for decoding that task entry and ensuring that it is processed as requested. Tasks may be invoked immediately, but they may also be scheduled for execution at some future time. It is also expected that task backend will be given the ability process recurring tasks, which can be used to help ensure that maintenance operations (e.g., backups) are performed automatically on a regular basis. The org.opends.server.backends.task.TaskBackend class provides the entry point for the task backend implementation. Tasks that are currently available for use provide the ability to backup and restore backends, to import and export LDIF files, and to stop and restart the server. The details of the task to perform are held in an entry that is added below the root of the task backend, and then the task backend is responsible for decoding that task entry and ensuring that it is processed as requested. Tasks may be invoked immediately, but they may also be scheduled for execution at some future time. It is also expected that task backend will be given the ability to process recurring tasks, which can be used to help ensure that maintenance operations (e.g., backups) are performed automatically on a regular basis. </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-task-backend</ldap:name> <ldap:superior>ds-cfg-backend</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -69,16 +63,22 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="task-backing-file" mandatory="true" multi-valued="false"> <adm:property-override name="writability-mode"> <adm:default-behavior> <adm:defined> <adm:value>enabled</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="task-backing-file" mandatory="true"> <adm:synopsis> This specifies the path to the backing file for storing information about the tasks configured in the server. It may be either an absolute path or a path that is relative to the base of the OpenDS Directory Server instance. This specifies the path to the backing file for storing information about the tasks configured in the server. </adm:synopsis> <adm:description> It may be either an absolute path or a path that is relative to the base of the OpenDS Directory Server instance. </adm:description> <adm:syntax> <adm:string /> </adm:syntax> @@ -88,13 +88,11 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="task-retention-time" mandatory="false" multi-valued="false"> <adm:property name="task-retention-time"> <adm:synopsis> This specifies the length of time that task entries should be retained after processing on the associated task has been completed. This specifies the length of time that task entries should be retained after processing on the associated task has been completed. </adm:synopsis> <adm:default-behavior> <adm:defined> @@ -110,21 +108,18 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="notification-sender-address" mandatory="false" multi-valued="false"> <adm:property name="notification-sender-address"> <adm:synopsis> This specifies the e-mail address to use as the sender (i.e., "From:") address for notification mail messages generated when a task completes execution. This specifies the e-mail address to use as the sender (i.e., "From:") address for notification mail messages generated when a task completes execution. </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The default sender address used will be "opends-task-notification@" followed by the canonical address of the system on which the server is running. The default sender address used will be "opends-task-notification@" followed by the canonical address of the system on which the server is running. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -137,6 +132,4 @@ </ldap:attribute> </adm:profile> </adm:property> </adm:managed-object>
@@ -25,26 +25,22 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="telephone-number-attribute-syntax" plural-name="telephone-number-attribute-syntaxes" extends="attribute-syntax" package="org.opends.server.admin.std" abstract="false" extends="attribute-syntax" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-plural-name /> define an attribute syntax for storing telephone number information. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-telephone-number-attribute-syntax</ldap:name> <ldap:superior>ds-cfg-attribute-syntax</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -53,11 +49,10 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="strict-format" mandatory="false"> <adm:property name="strict-format" advanced="true"> <adm:synopsis> Indicates whether to require telephone number values to strictly comply with the standard definition for this syntax. Indicates whether to require telephone number values to strictly comply with the standard definition for this syntax. </adm:synopsis> <adm:default-behavior> <adm:defined> @@ -73,6 +68,4 @@ </ldap:attribute> </adm:profile> </adm:property> </adm:managed-object>
@@ -25,27 +25,21 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="time-limit-log-rotation-policy" <adm:managed-object name="time-limit-log-rotation-policy" plural-name="time-limit-log-rotation-policies" package="org.opends.server.admin.std" extends="log-rotation-policy" package="org.opends.server.admin.std" extends="log-rotation-policy" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> Rotation policy based on the time since last rotation. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-time-limit-log-rotation-policy</ldap:name> <ldap:superior>ds-cfg-log-rotation-policy</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -54,11 +48,8 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="rotation-interval" mandatory="true"> <adm:synopsis> The time interval between rotations. </adm:synopsis> <adm:synopsis>The time interval between rotations.</adm:synopsis> <adm:syntax> <adm:duration base-unit="ms" lower-limit="1" /> </adm:syntax> @@ -69,4 +60,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,7 +25,6 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="traditional-work-queue" plural-name="traditional-work-queues" extends="work-queue" package="org.opends.server.admin.std" @@ -34,21 +33,20 @@ <adm:synopsis> The <adm:user-friendly-name /> is a type of work queue that uses a number of worker threads that watch a queue and pick up an operation to process whenever one becomes available. is a type of work queue that uses a number of worker threads that watch a queue and pick up an operation to process whenever one becomes available. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-traditional-work-queue</ldap:name> <ldap:superior>ds-cfg-work-queue</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="num-worker-threads" mandatory="true"> <adm:synopsis> The number of worker threads that should be used to process operations placed into the queue. The number of worker threads that should be used to process operations placed into the queue. </adm:synopsis> <adm:syntax> <adm:integer lower-limit="1" /> @@ -59,18 +57,20 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="max-work-queue-capacity" mandatory="false"> <adm:property name="max-work-queue-capacity"> <adm:synopsis> The maximum number of queued operations that can be in the work queue at any given time. If the work queue is already full and additional requests are received by the server, they will be rejected. The maximum number of queued operations that can be in the work queue at any given time. </adm:synopsis> <adm:description> If the work queue is already full and additional requests are received by the server, they will be rejected. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> The work queue will not impose any limit on the number of operations that can be enqueued at any one time. The work queue will not impose any limit on the number of operations that can be enqueued at any one time. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -83,6 +83,4 @@ </ldap:attribute> </adm:profile> </adm:property> </adm:managed-object>
@@ -25,30 +25,29 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="triple-des-password-storage-scheme" <adm:managed-object name="triple-des-password-storage-scheme" plural-name="triple-des-password-storage-schemes" package="org.opends.server.admin.std" extends="password-storage-scheme" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> provides a mechanism for encoding user passwords using the triple-DES (DES/EDE) reversible encryption mechanism. This implementation contains only an implementation for the user password syntax, with a storage scheme name of "3DES". The <adm:user-friendly-name /> provides a mechanism for encoding user passwords using the triple-DES (DES/EDE) reversible encryption mechanism. </adm:synopsis> <adm:description> This scheme contains only an implementation for the user password syntax, with a storage scheme name of "3DES". </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-triple-des-password-storage-scheme</ldap:name> <ldap:superior>ds-cfg-password-storage-scheme</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -57,6 +56,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,14 +25,15 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="trust-manager-provider" plural-name="trust-manager-providers" package="org.opends.server.admin.std" abstract="false" <adm:managed-object name="trust-manager-provider" plural-name="trust-manager-providers" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-plural-name /> are responsible for determining whether to trust presented certificates. are responsible for determining whether to trust presented certificates. </adm:synopsis> <adm:tag name="security"/> <adm:profile name="ldap"> opends/src/admin/defn/org/opends/server/admin/std/TrustStoreBackendConfiguration.xml
@@ -25,10 +25,8 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="trust-store-backend" plural-name="trust-store-backends" extends="backend" plural-name="trust-store-backends" extends="backend" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> @@ -44,7 +42,7 @@ <ldap:superior>ds-cfg-backend</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -53,20 +51,26 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property-override name="writability-mode"> <adm:default-behavior> <adm:defined> <adm:value>enabled</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="trust-store-file" mandatory="true"> <adm:TODO>Should use a file-based property definition?</adm:TODO> <adm:synopsis> Specifies the path to the file that stores the trust information. It may be an absolute path, or a path that is relative to the Specifies the path to the file that stores the trust information. </adm:synopsis> <adm:description> It may be an absolute path, or a path that is relative to the <adm:product-name /> instance root. </adm:synopsis> </adm:description> <adm:default-behavior> <adm:defined> <adm:value> config/ads-truststore </adm:value> <adm:value>config/ads-truststore</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> @@ -88,13 +92,20 @@ </adm:synopsis> <adm:description> Valid values should always include 'JKS' and 'PKCS12', but different implementations may allow other values as well. If no value is provided, then the JVM-default value will be used. Changes to this configuration attribute will take effect the next time that the key manager is accessed. different implementations may allow other values as well. </adm:description> <adm:requires-admin-action> <adm:none> <adm:synopsis> Changes to this property will take effect the next time that the key manager is accessed. </adm:synopsis> </adm:none> </adm:requires-admin-action> <adm:default-behavior> <adm:undefined /> <adm:alias> <adm:synopsis>The JVM default value will be used.</adm:synopsis> </adm:alias> </adm:default-behavior> <adm:syntax> <adm:string /> opends/src/admin/defn/org/opends/server/admin/std/UniqueAttributePluginConfiguration.xml
@@ -25,28 +25,29 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="unique-attribute-plugin" <adm:managed-object name="unique-attribute-plugin" plural-name="unique-attribute-plugins" package="org.opends.server.admin.std" extends="plugin" package="org.opends.server.admin.std" extends="plugin" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> is used enforce constraints on the value of an attribute within a portion of the directory. The <adm:user-friendly-name /> is used enforce constraints on the value of an attribute within a portion of the directory. </adm:synopsis> <adm:description> The values for each attribute must be unique within each base DN specified in the plugin's base-dn property or within all of the server's public naming contexts if no base DNs were specified. </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-unique-attribute-plugin</ldap:name> <ldap:superior>ds-cfg-plugin</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -55,8 +56,7 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property-override name="plugin-type"> <adm:property-override name="plugin-type" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value>preoperationadd</adm:value> @@ -68,26 +68,10 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="type" mandatory="true" multi-valued="true"> <adm:property name="type" mandatory="true" multi-valued="true"> <adm:synopsis> Specifies the attribute type to check for value uniqueness. Specifies the type of attributes to check for value uniqueness. </adm:synopsis> <adm:description> Specifies the attribute type to check for value uniqueness. The values for each ds-cfg-type attribute must be unique within each base DN specified in the configuration's ds-cfg-base-dn attribute or within all of the server's public naming contexts if no base DNs were specified in the configuration. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> The plugin will not start if at least one of these is not defined. </adm:synopsis> </adm:alias> </adm:default-behavior> <adm:syntax> <adm:attribute-type /> </adm:syntax> @@ -97,15 +81,10 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="base-dn" mandatory="false" multi-valued="true"> <adm:property name="base-dn" multi-valued="true"> <adm:synopsis> Specifies a base DN that the attribute must be unique within. </adm:synopsis> <adm:description> Specifies a base DN that the attribute must be unique within. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> @@ -123,6 +102,4 @@ </ldap:attribute> </adm:profile> </adm:property> </adm:managed-object>
@@ -25,7 +25,6 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="unique-characters-password-validator" plural-name="unique-characters-password-validators" package="org.opends.server.admin.std" extends="password-validator" @@ -34,8 +33,8 @@ <adm:synopsis> The <adm:user-friendly-name /> is used to determine whether a proposed password is acceptable based on the number of unique characters that it contains. is used to determine whether a proposed password is acceptable based on the number of unique characters that it contains. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> @@ -43,7 +42,7 @@ <ldap:superior>ds-cfg-password-validator</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -54,14 +53,12 @@ </adm:property-override> <adm:property name="min-unique-characters" mandatory="true"> <adm:synopsis> Specifies the minimum number of unique characters that a password will be allowed to contain. Specifies the minimum number of unique characters that a password will be allowed to contain. </adm:synopsis> <adm:description> Specifies the minimum number of unique characters that a password will be allowed to contain. A value of zero indicates that there will be no minimum value enforced. Changes to this configuration attribute will take effect immediately. A value of zero indicates that there will be no minimum value enforced. </adm:description> <adm:syntax> <adm:integer lower-limit="0" /> @@ -74,15 +71,15 @@ </adm:property> <adm:property name="case-sensitive-validation" mandatory="true"> <adm:synopsis> Indicates whether this password validator should treat password characters in a case-sensitive manner. Indicates whether this password validator should treat password characters in a case-sensitive manner. </adm:synopsis> <adm:description> Indicates whether this password validator should treat password characters in a case-sensitive manner. A value of true indicates that a capital letter should not be considered the same as its lowercase counterpart. A value of false indicates that differences in capitalization should be ignored when looking at the number of unique characters in the password. A value of true indicates that a capital letter should not be considered the same as its lower-case counterpart. A value of false indicates that differences in capitalization should be ignored when looking at the number of unique characters in the password. </adm:description> <adm:syntax> <adm:boolean /> @@ -94,4 +91,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,7 +25,6 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="user-defined-virtual-attribute" plural-name="user-defined-virtual-attributes" package="org.opends.server.admin.std" extends="virtual-attribute" @@ -34,18 +33,21 @@ <adm:synopsis> The <adm:user-friendly-name /> is used to create virtual attributes with user-defined values in entries that match the criteria set in the associated virtual attribute rule. This provides functionality that is similar to Class of Service (CoS) in the Sun Java System Directory Server. is used to create virtual attributes with user-defined values in entries that match the criteria defined in the plugin's configuration. </adm:synopsis> <adm:description> This provides functionality that is similar to Class of Service (CoS) in the Sun Java System Directory Server. </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-user-defined-virtual-attribute</ldap:name> <ldap:superior>ds-cfg-virtual-attribute</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -56,8 +58,8 @@ </adm:property-override> <adm:property name="value" mandatory="true" multi-valued="true"> <adm:synopsis> Specifies the value (or set of values) that should be included in entries matching the criteria in the associated virtual attribute rule. Specifies the value(s) which should be included in virtual attribute. </adm:synopsis> <adm:syntax> <adm:string /> @@ -69,4 +71,3 @@ </adm:profile> </adm:property> </adm:managed-object>
@@ -25,28 +25,23 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="version-monitor-provider" <adm:managed-object name="version-monitor-provider" plural-name="version-monitor-providers" package="org.opends.server.admin.std" extends="monitor-provider" package="org.opends.server.admin.std" extends="monitor-provider" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> may be used to publish Directory Server version information. The <adm:user-friendly-name /> may be used to publish Directory Server version information. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-version-monitor-provider</ldap:name> <ldap:superior>ds-cfg-monitor-provider</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -55,6 +50,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,16 +25,14 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="virtual-attribute" plural-name="virtual-attributes" package="org.opends.server.admin.std" plural-name="virtual-attributes" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> <adm:user-friendly-plural-name /> are responsible for dynamically generating attribute values that appear in entries but are not persistently stored in the backend. are responsible for dynamically generating attribute values which appear in entries but are not persistently stored in the backend. </adm:synopsis> <adm:tag name="core"/> <adm:profile name="ldap"> @@ -43,7 +41,6 @@ <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="java-class" mandatory="true"> <adm:synopsis> The fully-qualified name of the Java class that provides the @@ -63,7 +60,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="enabled" mandatory="true"> <adm:synopsis> Indicate whether the @@ -79,11 +75,10 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="attribute-type" mandatory="true"> <adm:synopsis> Specifies the attribute type for the attribute whose values should be dynamically assigned by the virtual attribute. Specifies the attribute type for the attribute whose values should be dynamically assigned by the virtual attribute. </adm:synopsis> <adm:syntax> <adm:attribute-type /> @@ -94,18 +89,17 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="base-dn" mandatory="false" multi-valued="true"> <adm:property name="base-dn" multi-valued="true"> <adm:synopsis> Specifies the base DNs for the branches containing entries that may be eligible to use this virtual attribute. Specifies the base DNs for the branches containing entries that may be eligible to use this virtual attribute. </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> The location of the entry in the server will not be taken into account when determining whether an entry is eligible to use this virtual attribute. The location of the entry in the server will not be taken into account when determining whether an entry is eligible to use this virtual attribute. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -118,17 +112,17 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="group-dn" mandatory="false" multi-valued="true"> <adm:property name="group-dn" multi-valued="true"> <adm:synopsis> Specifies the DNs for the groups whose members may be eligible to use this virtual attribute. Specifies the DNs of the groups whose members may be eligible to use this virtual attribute. </adm:synopsis> <adm:default-behavior> <adm:alias> <adm:synopsis> Group membership will not be taken into account when determining whether an entry is eligible to use this virtual attribute. Group membership will not be taken into account when determining whether an entry is eligible to use this virtual attribute. </adm:synopsis> </adm:alias> </adm:default-behavior> @@ -141,11 +135,10 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="filter" mandatory="false" multi-valued="true"> <adm:property name="filter" multi-valued="true"> <adm:synopsis> Specifies the search filters for entries that may be eligible to use this virtual attribute. Specifies the search filters for entries that may be eligible to use this virtual attribute. </adm:synopsis> <adm:default-behavior> <adm:defined> @@ -161,11 +154,10 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="conflict-behavior" mandatory="false"> <adm:property name="conflict-behavior"> <adm:synopsis> Specifies the behavior that the server should exhibit for entries that contain one or more real values for the associated attribute. Specifies the behavior that the server should exhibit for entries that contain one or more real values for the associated attribute. </adm:synopsis> <adm:default-behavior> <adm:defined> @@ -176,20 +168,20 @@ <adm:enumeration> <adm:value name="real-overrides-virtual"> <adm:synopsis> Any real values contained in the entry should be preserved and virtual values should not be generated. Any real values contained in the entry should be preserved and virtual values should not be generated. </adm:synopsis> </adm:value> <adm:value name="virtual-overrides-real"> <adm:synopsis> Any real values contained in the entry should be suppressed and virtual values should be generated. Any real values contained in the entry should be suppressed and virtual values should be generated. </adm:synopsis> </adm:value> <adm:value name="merge-real-and-virtual"> <adm:synopsis> Any real values contained in the entry should be preserved and merged with the set of generated virtual values. Any real values contained in the entry should be preserved and merged with the set of generated virtual values. </adm:synopsis> </adm:value> </adm:enumeration> opends/src/admin/defn/org/opends/server/admin/std/VirtualStaticGroupImplementationConfiguration.xml
@@ -25,32 +25,31 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="virtual-static-group-implementation" <adm:managed-object name="virtual-static-group-implementation" plural-name="virtual-static-group-implementations" package="org.opends.server.admin.std" extends="group-implementation" package="org.opends.server.admin.std" extends="group-implementation" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> provides a grouping mechanism in which the membership for the virtual static group is based on the membership for another group defined within the server. The primary benefit of virtual static groups is that they make it possible to present other types of groups (e.g., dynamic groups) as if they were static groups for the benefit of applications that do not support alternate grouping mechanisms. The <adm:user-friendly-name /> provides a grouping mechanism in which the membership for the virtual static group is based on the membership for another group defined within the server. </adm:synopsis> <adm:description> The primary benefit of virtual static groups is that they make it possible to present other types of groups (e.g., dynamic groups) as if they were static groups for the benefit of applications that do not support alternate grouping mechanisms. </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-virtual-static-group-implementation</ldap:name> <ldap:superior>ds-cfg-group-implementation</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -59,6 +58,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,29 +25,26 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="who-am-i-extended-operation-handler" <adm:managed-object name="who-am-i-extended-operation-handler" plural-name="who-am-i-extended-operation-handlers" package="org.opends.server.admin.std" extends="extended-operation-handler" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> provides the ability for clients to request their authorization identity using the "Who Am I?" extended operation as defined in RFC 4532. The <adm:user-friendly-name /> provides the ability for clients to request their authorization identity using the "Who Am I?" extended operation as defined in RFC 4532. </adm:synopsis> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-who-am-i-extended-operation-handler</ldap:name> <ldap:superior>ds-cfg-extended-operation-handler</ldap:superior> </ldap:object-class> </adm:profile> <adm:property-override name="java-class"> <adm:property-override name="java-class" advanced="true"> <adm:default-behavior> <adm:defined> <adm:value> @@ -56,6 +53,4 @@ </adm:defined> </adm:default-behavior> </adm:property-override> </adm:managed-object>
@@ -25,9 +25,7 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="work-queue" plural-name="work-queues" <adm:managed-object name="work-queue" plural-name="work-queues" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> @@ -35,20 +33,20 @@ The <adm:user-friendly-name /> is responsible for ensuring that requests received from clients are processed in a timely manner. Whenever a connection handler receives a client request, it should be placed in the work queue so that it may be processed appropriately. processed in a timely manner. </adm:synopsis> <adm:description> Whenever a connection handler receives a client request, it should be placed in the work queue so that it may be processed appropriately. </adm:description> <adm:tag name="core"/> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-work-queue</ldap:name> <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="java-class" mandatory="true"> <adm:synopsis> The fully-qualified name of the Java class that provides the @@ -68,6 +66,4 @@ </ldap:attribute> </adm:profile> </adm:property> </adm:managed-object>
@@ -25,15 +25,15 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="workflow" plural-name="workflows" <adm:managed-object name="workflow" plural-name="workflows" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> is list of tasks applied on a DIT. The <adm:user-friendly-name /> is a list of processing steps (Work Flow Elements) which are applied to data as it is retrieved from the Directory Server. </adm:synopsis> <adm:tag name="user-management"/> <adm:profile name="ldap"> @@ -42,18 +42,17 @@ <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="enabled" mandatory="true" read-only="false" multi-valued="false"> <adm:property name="enabled" mandatory="true"> <adm:synopsis> Indicates whether the <adm:user-friendly-name /> Indicates whether the <adm:user-friendly-name /> is enabled for use in the server. </adm:synopsis> <adm:description> If a workflow is not enabled, then its contents will not be accessible when processing operations. If a <adm:user-friendly-name /> is not enabled, then its contents will not be accessible when processing operations. </adm:description> <adm:syntax> <adm:boolean /> @@ -64,17 +63,15 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="workflow-id" mandatory="true" read-only="true" multi-valued="false"> <adm:property name="workflow-id" mandatory="true" read-only="true"> <adm:synopsis> Provides a name that will be used to identify the associated <adm:user-friendly-name />. Provides a name that will be used to identify the <adm:user-friendly-name /> . </adm:synopsis> <adm:description> The name must be unique among all <adm:user-friendly-name /> The name must be unique among all <adm:user-friendly-plural-name /> in the server. </adm:description> <adm:syntax> @@ -86,20 +83,15 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="workflow-element" mandatory="true" read-only="false" multi-valued="false"> <adm:property name="workflow-element" mandatory="true"> <adm:synopsis> The <adm:user-friendly-name /> identifies the root task of the worklfow. Specifies the root Work Flow Element in the <adm:user-friendly-name /> . </adm:synopsis> <adm:description> All the tasks in the worklfow are organized in a tree. The root element of the tree is identified by the <adm:user-friendly-name />. </adm:description> <adm:syntax> <adm:aggregation relation-name="workflow-element" parent-path="/"> <adm:aggregation relation-name="workflow-element" parent-path="/"> <adm:target-is-enabled-condition> <adm:contains property="enabled" value="true" /> </adm:target-is-enabled-condition> @@ -111,14 +103,11 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="base-dn" mandatory="true" read-only="false" multi-valued="false"> <adm:property name="base-dn" mandatory="true"> <adm:synopsis> The <adm:user-friendly-name /> specifies the base DN of the data targeted by the worlflow. Specifies the base DN of the data targeted by the <adm:user-friendly-name /> . </adm:synopsis> <adm:syntax> <adm:string /> @@ -128,5 +117,5 @@ <ldap:name>ds-cfg-base-dn</ldap:name> </ldap:attribute> </adm:profile> </adm:property></adm:managed-object> </adm:property> </adm:managed-object> opends/src/admin/defn/org/opends/server/admin/std/WorkflowElementConfiguration.xml
@@ -25,36 +25,41 @@ ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <adm:managed-object name="workflow-element" plural-name="workflow-elements" package="org.opends.server.admin.std" <adm:managed-object name="workflow-element" plural-name="workflow-elements" package="org.opends.server.admin.std" xmlns:adm="http://www.opends.org/admin" xmlns:ldap="http://www.opends.org/admin-ldap"> <adm:synopsis> The <adm:user-friendly-name /> is a task part of a worklfow. <adm:user-friendly-plural-name /> implement a single processing step in a Work Flow. </adm:synopsis> <adm:description> A <adm:user-friendly-name /> may perform a task such as mapping DNs, renaming attributes, filtering attributes, joining data sources, proxying, or load-balancing. The simplest <adm:user-friendly-name /> is the Local Backend Work Flow Element which is used to route data to a Backend. </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-workflow-element</ldap:name> <ldap:superior>top</ldap:superior> </ldap:object-class> </adm:profile> <adm:property name="enabled" mandatory="true" read-only="false" multi-valued="false"> <adm:property name="enabled" mandatory="true"> <adm:synopsis> Indicates whether the <adm:user-friendly-name /> Indicates whether the <adm:user-friendly-name /> is enabled for use in the server. </adm:synopsis> <adm:description> If a workflow element is not enabled, then its contents will not be accessible when processing operations. If a <adm:user-friendly-name /> is not enabled, then its contents will not be accessible when processing operations. </adm:description> <adm:syntax> <adm:boolean /> @@ -65,17 +70,16 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="workflow-element-id" mandatory="true" read-only="true" multi-valued="false"> <adm:property name="workflow-element-id" mandatory="true" read-only="true"> <adm:synopsis> Provides a name that will be used to identify the associated <adm:user-friendly-name />. <adm:user-friendly-name /> . </adm:synopsis> <adm:description> The name must be unique among all <adm:user-friendly-name /> The name must be unique among all <adm:user-friendly-plural-name /> in the server. </adm:description> <adm:syntax> @@ -87,7 +91,6 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="java-class" mandatory="true"> <adm:synopsis> The fully-qualified name of the Java class that provides the @@ -108,4 +111,3 @@ </adm:profile> </adm:property> </adm:managed-object>
