From 08485c3f4ddabfc0a3fc689fc674543684db1958 Mon Sep 17 00:00:00 2001
From: Mark Craig <mark.craig@forgerock.com>
Date: Fri, 30 Sep 2011 09:31:45 +0000
Subject: [PATCH] First crack at an index, added xml:id attributes for link ends
---
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-pwd-policy.xml | 38 +
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-import-export.xml | 39 +
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-privileges-acis.xml | 62 +
opendj-sdk/opendj3/src/main/docbkx/admin-guide/appendix-controls.xml | 159 +++++-
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-groups.xml | 39 +
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-resource-limits.xml | 14
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-admin-tools.xml | 10
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-listeners.xml | 53 +-
opendj-sdk/opendj3/src/main/docbkx/admin-guide/appendix-ports-used.xml | 20
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-referrals.xml | 8
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-mv-servers.xml | 21
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-monitoring.xml | 27
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-samba.xml | 1
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-ldap-operations.xml | 59 +-
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-troubleshooting.xml | 22
opendj-sdk/opendj3/src/main/docbkx/admin-guide/appendix-extended-ops.xml | 29
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-tuning.xml | 35
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-pta.xml | 3
opendj-sdk/opendj3/src/main/docbkx/admin-guide/appendix-standards.xml | 405 ++++++++++++++--
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-replication.xml | 136 ++++-
opendj-sdk/opendj3/src/main/docbkx/admin-guide/appendix-l10n.xml | 15
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-account-lockout.xml | 23
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-indexing.xml | 101 +++
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-backup-restore.xml | 23
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-server-process.xml | 16
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-virtual-attrs-collective-attrs.xml | 12
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-attribute-uniqueness.xml | 20
opendj-sdk/opendj3/src/main/docbkx/admin-guide/appendix-file-layout.xml | 5
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-schema.xml | 35 +
29 files changed, 1,039 insertions(+), 391 deletions(-)
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/appendix-controls.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/appendix-controls.xml
index 40d289c..cd5d4c2 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/appendix-controls.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/appendix-controls.xml
@@ -41,9 +41,13 @@
<para>OpenDJ software supports the following LDAP controls.</para>
<variablelist>
- <varlistentry>
+ <varlistentry xml:id="assertion-request-control">
<term>Assertion Request Control</term>
<listitem>
+ <indexterm>
+ <primary>LDAP controls</primary>
+ <secondary>Assertion</secondary>
+ </indexterm>
<para>Object Identifier: 1.3.6.1.1.12</para>
<para>RFC: <link xlink:href='http://tools.ietf.org/html/rfc4528'>RFC 4528
- Lightweight Directory Access Protocol (LDAP) Assertion Control</link>
@@ -51,9 +55,13 @@
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="authorization-identity-request-control">
<term>Authorization Identity Request Control</term>
<listitem>
+ <indexterm>
+ <primary>LDAP controls</primary>
+ <secondary>Authorization identity</secondary>
+ </indexterm>
<para>Object Identifier: 2.16.840.1.113730.3.4.16</para>
<para>RFC: <link xlink:href='http://tools.ietf.org/html/rfc3829'>RFC 3829
- Lightweight Directory Access Protocol (LDAP) Authorization Identity
@@ -61,9 +69,13 @@
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="authorization-identity-response-control">
<term>Authorization Identity Response Control</term>
<listitem>
+ <indexterm>
+ <primary>LDAP controls</primary>
+ <secondary>Authorization identity</secondary>
+ </indexterm>
<para>Object Identifier: 2.16.840.1.113730.3.4.15</para>
<para>RFC: <link xlink:href='http://tools.ietf.org/html/rfc3829'>RFC 3829
- Lightweight Directory Access Protocol (LDAP) Authorization Identity
@@ -71,9 +83,13 @@
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="entry-change-notification-response-control">
<term>Entry Change Notification Response Control</term>
<listitem>
+ <indexterm>
+ <primary>LDAP controls</primary>
+ <secondary>Entry change notification</secondary>
+ </indexterm>
<para>Object Identifier: 2.16.840.1.113730.3.4.7</para>
<para>Internet-Draft: <link
xlink:href='http://tools.ietf.org/html/draft-ietf-ldapext-psearch'
@@ -82,9 +98,13 @@
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="get-effective-rights-request-control">
<term>Get Effective Rights Request Control</term>
<listitem>
+ <indexterm>
+ <primary>LDAP controls</primary>
+ <secondary>Get effective rights</secondary>
+ </indexterm>
<para>Object Identifier: 1.3.6.1.4.1.42.2.27.9.5.2</para>
<para>Internet-Draft: <link
xlink:href='http://tools.ietf.org/html/draft-ietf-ldapext-acl-model'
@@ -93,9 +113,13 @@
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="manage-dsait-request-control">
<term>Manage DSAIT Request Control</term>
<listitem>
+ <indexterm>
+ <primary>LDAP controls</primary>
+ <secondary>Manage DSAIT</secondary>
+ </indexterm>
<para>Object Identifier: 2.16.840.1.113730.3.4.2</para>
<para>RFC: <link xlink:href='http://tools.ietf.org/html/rfc3296'>RFC 3296
- Named Subordinate References in Lightweight Directory Access Protocol
@@ -103,9 +127,13 @@
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="matched-values-request-control">
<term>Matched Values Request Control</term>
<listitem>
+ <indexterm>
+ <primary>LDAP controls</primary>
+ <secondary>Matched values</secondary>
+ </indexterm>
<para>Object Identifier: 1.2.826.0.1.3344810.2.3</para>
<para>RFC: <link xlink:href='http://tools.ietf.org/html/rfc3876'>RFC 3876
- Returning Matched Values with the Lightweight Directory Access Protocol
@@ -113,9 +141,13 @@
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="password-expired-response-control">
<term>Password Expired Response Control</term>
<listitem>
+ <indexterm>
+ <primary>LDAP controls</primary>
+ <secondary>Password expired</secondary>
+ </indexterm>
<para>Object Identifier: 2.16.840.1.113730.3.4.4</para>
<para>Internet-Draft: <link
xlink:href='http://tools.ietf.org/html/draft-vchu-ldap-pwd-policy'
@@ -124,9 +156,13 @@
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="password-expiring-response-control">
<term>Password Expiring Response Control</term>
<listitem>
+ <indexterm>
+ <primary>LDAP controls</primary>
+ <secondary>Password expiring</secondary>
+ </indexterm>
<para>Object Identifier: 2.16.840.1.113730.3.4.5</para>
<para>Internet-Draft: <link
xlink:href='http://tools.ietf.org/html/draft-vchu-ldap-pwd-policy'
@@ -135,9 +171,13 @@
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="password-policy-response-control">
<term>Password Policy Response Control</term>
<listitem>
+ <indexterm>
+ <primary>LDAP controls</primary>
+ <secondary>Password policy</secondary>
+ </indexterm>
<para>Object Identifier: 1.3.6.1.4.1.42.2.27.8.5.1</para>
<para>Internet-Draft: <link
xlink:href='http://tools.ietf.org/html/draft-behera-ldap-password-policy'
@@ -146,9 +186,13 @@
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="permissive-modify-request-control">
<term>Permissive Modify Request Control</term>
<listitem>
+ <indexterm>
+ <primary>LDAP controls</primary>
+ <secondary>Permissive modify</secondary>
+ </indexterm>
<para>Object Identifier: 1.2.840.113556.1.4.1413</para>
<para>Microsoft defined this control that, "Allows an LDAP modify to work
under less restrictive conditions. Without it, a delete will fail if an
@@ -159,9 +203,13 @@
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="persistent-search-request-control">
<term>Persistent Search Request Control</term>
<listitem>
+ <indexterm>
+ <primary>LDAP controls</primary>
+ <secondary>Persistent search</secondary>
+ </indexterm>
<para>Object Identifier: 2.16.840.1.113730.3.4.3</para>
<para>Internet-Draft:
<link xlink:href='http://tools.ietf.org/html/draft-ietf-ldapext-psearch'
@@ -170,9 +218,13 @@
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="post-read-request-control">
<term>Post-Read Request Control</term>
<listitem>
+ <indexterm>
+ <primary>LDAP controls</primary>
+ <secondary>Post-read</secondary>
+ </indexterm>
<para>Object Identifier: 1.3.6.1.1.13.2</para>
<para>RFC: <link xlink:href='http://tools.ietf.org/html/rfc4527'>RFC 4527
- Lightweight Directory Access Protocol (LDAP) Read Entry Controls</link>
@@ -180,19 +232,27 @@
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="post-read-response-control">
<term>Post-Read Response Control</term>
<listitem>
+ <indexterm>
+ <primary>LDAP controls</primary>
+ <secondary>Post-read</secondary>
+ </indexterm>
<para>Object Identifier: 1.3.6.1.1.13.2</para>
- <para>RFC: <link xlink:href='http://tools.ietf.org/html/rfc4527'>RFC 4527
+ <para>RFC: <link xlink:href='http://tools.ietf.org/html/rfc4527'>RFC 4527
- Lightweight Directory Access Protocol (LDAP) Read Entry Controls</link>
</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="pre-read-request-control">
<term>Pre-Read Request Control</term>
<listitem>
+ <indexterm>
+ <primary>LDAP controls</primary>
+ <secondary>Pre-read</secondary>
+ </indexterm>
<para>Object Identifier: 1.3.6.1.1.13.1</para>
<para>RFC: <link xlink:href='http://tools.ietf.org/html/rfc4527'>RFC 4527
- Lightweight Directory Access Protocol (LDAP) Read Entry Controls</link>
@@ -200,9 +260,13 @@
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="pre-read-response-control">
<term>Pre-Read Response Control</term>
<listitem>
+ <indexterm>
+ <primary>LDAP controls</primary>
+ <secondary>Pre-read</secondary>
+ </indexterm>
<para>Object Identifier: 1.3.6.1.1.13.1</para>
<para>RFC: <link xlink:href='http://tools.ietf.org/html/rfc4527'>RFC 4527
- Lightweight Directory Access Protocol (LDAP) Read Entry Controls</link>
@@ -210,9 +274,13 @@
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="proxied-authorization-v1-request-control">
<term>Proxied Authorization v1 Request Control</term>
<listitem>
+ <indexterm>
+ <primary>LDAP controls</primary>
+ <secondary>Proxied authorization</secondary>
+ </indexterm>
<para>Object Identifier: 2.16.840.1.113730.3.4.12</para>
<para>Internet-Draft: <link
xlink:href='http://tools.ietf.org/html/draft-weltman-ldapv3-proxy-04'
@@ -221,9 +289,13 @@
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="proxied-autorization-v2-request-control">
<term>Proxied Authorization v2 Request Control</term>
<listitem>
+ <indexterm>
+ <primary>LDAP controls</primary>
+ <secondary>Proxied authorization</secondary>
+ </indexterm>
<para>Object Identifier: 2.16.840.1.113730.3.4.18</para>
<para>RFC: <link xlink:href='http://tools.ietf.org/html/rfc4370'>RFC 4370
- Lightweight Directory Access Protocol (LDAP) Proxied Authorization
@@ -231,18 +303,26 @@
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="public-changelog-exchange-control">
<term>Public Changelog Exchange Control</term>
<listitem>
+ <indexterm>
+ <primary>LDAP controls</primary>
+ <secondary>Public changelog exchange</secondary>
+ </indexterm>
<para>Object Identifier: 1.3.6.1.4.1.26027.1.5.4</para>
<para>OpenDJ specific, for using the bookmark cookie when reading
the external change log.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="server-side-sort-request-control">
<term>Server Side Sort Request Control</term>
<listitem>
+ <indexterm>
+ <primary>LDAP controls</primary>
+ <secondary>Server side sort</secondary>
+ </indexterm>
<para>Object Identifier: 1.2.840.113556.1.4.473</para>
<para>RFC: <link xlink:href='http://tools.ietf.org/html/rfc2891'>RFC 2891
- LDAP Control Extension for Server Side Sorting of Search Results</link>
@@ -250,9 +330,13 @@
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="server-side-sort-response-control">
<term>Server Side Sort Response Control</term>
<listitem>
+ <indexterm>
+ <primary>LDAP controls</primary>
+ <secondary>Server side sort</secondary>
+ </indexterm>
<para>Object Identifier: 1.2.840.113556.1.4.474</para>
<para>RFC: <link xlink:href='http://tools.ietf.org/html/rfc2891'>RFC 2891
- LDAP Control Extension for Server Side Sorting of Search Results</link>
@@ -260,9 +344,13 @@
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="simple-paged-results-control">
<term>Simple Paged Results Control</term>
<listitem>
+ <indexterm>
+ <primary>LDAP controls</primary>
+ <secondary>Simple paged results</secondary>
+ </indexterm>
<para>Object Identifier: 1.2.840.113556.1.4.319</para>
<para>RFC: <link xlink:href='http://tools.ietf.org/html/rfc2696'>RFC 2696
- LDAP Control Extension for Simple Paged Results Manipulation</link>
@@ -270,9 +358,13 @@
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="subentries-request-controls">
<term>Subentries Request Controls</term>
<listitem>
+ <indexterm>
+ <primary>LDAP controls</primary>
+ <secondary>Subentries</secondary>
+ </indexterm>
<para>Object Identifier: 1.3.6.1.4.1.4203.1.10.1</para>
<para>RFC: <link
xlink:href='http://tools.ietf.org/html/rfc3672'
@@ -284,9 +376,13 @@
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="subtree-delete-request-control">
<term>Subtree Delete Request Control</term>
<listitem>
+ <indexterm>
+ <primary>LDAP controls</primary>
+ <secondary>Subtree delete</secondary>
+ </indexterm>
<para>Object Identifier: 1.2.840.113556.1.4.805</para>
<para>Internet-Draft: <link
xlink:href='http://tools.ietf.org/html/draft-armijo-ldap-treedelete'
@@ -294,9 +390,13 @@
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="virtual-list-view-request-control">
<term>Virtual List View Request Control</term>
<listitem>
+ <indexterm>
+ <primary>LDAP controls</primary>
+ <secondary>Virtual list view (browsing)</secondary>
+ </indexterm>
<para>Object Identifier: 2.16.840.1.113730.3.4.9</para>
<para>Internet-Draft: <link
xlink:href='http://tools.ietf.org/html/draft-ietf-ldapext-ldapv3-vlv'
@@ -305,9 +405,13 @@
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="virtual-list-view-response-control">
<term>Virtual List View Response Control</term>
<listitem>
+ <indexterm>
+ <primary>LDAP controls</primary>
+ <secondary>Virtual list view (browsing)</secondary>
+ </indexterm>
<para>Object Identifier: 2.16.840.1.113730.3.4.10</para>
<para>Internet-Draft: <link
xlink:href='http://tools.ietf.org/html/draft-ietf-ldapext-ldapv3-vlv'
@@ -316,5 +420,4 @@
</listitem>
</varlistentry>
</variablelist>
-
</appendix>
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/appendix-extended-ops.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/appendix-extended-ops.xml
index c60d820..68e2412 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/appendix-extended-ops.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/appendix-extended-ops.xml
@@ -37,9 +37,13 @@
<para>OpenDJ software supports the following LDAP extended operations.</para>
<variablelist>
- <varlistentry>
+ <varlistentry xml:id="cancel-extended-request">
<term>Cancel Extended Request</term>
<listitem>
+ <indexterm>
+ <primary>LDAP extended operations</primary>
+ <secondary>Cancel</secondary>
+ </indexterm>
<para>Object Identifier: 1.3.6.1.1.8</para>
<para>RFC: <link xlink:href='http://tools.ietf.org/html/rfc3909'>RFC 3909
- Lightweight Directory Access Protocol (LDAP) Cancel Operation</link>
@@ -47,30 +51,39 @@
</listitem>
</varlistentry>
-
- <varlistentry>
+ <varlistentry xml:id="password-modify-extended-request">
<term>Password Modify Extended Request</term>
<listitem>
+ <indexterm>
+ <primary>LDAP extended operations</primary>
+ <secondary>Password modify</secondary>
+ </indexterm>
<para>Object Identifier: 1.3.6.1.4.1.4203.1.11.1</para>
<para>RFC: <link xlink:href='http://tools.ietf.org/html/rfc3909'>RFC 3062
- LDAP Password Modify Extended Operation</link></para>
</listitem>
</varlistentry>
-
- <varlistentry>
+ <varlistentry xml:id="start-transport-layer-security-extended-request">
<term>Start Transport Layer Security Extended Request</term>
<listitem>
+ <indexterm>
+ <primary>LDAP extended operations</primary>
+ <secondary>StartTLS</secondary>
+ </indexterm>
<para>Object Identifier: 1.3.6.1.4.1.1466.20037</para>
<para>RFC: <link xlink:href='http://tools.ietf.org/html/rfc4511'>RFC 4511
- Lightweight Directory Access Protocol (LDAP): The Protocol</link></para>
</listitem>
</varlistentry>
-
- <varlistentry>
+ <varlistentry xml:id="who-am-i-extended-request">
<term>Who am I? Extended Request</term>
<listitem>
+ <indexterm>
+ <primary>LDAP extended operations</primary>
+ <secondary>Wha am I?</secondary>
+ </indexterm>
<para>Object Identifier: 1.3.6.1.4.1.4203.1.11.3</para>
<para>RFC: <link xlink:href='http://tools.ietf.org/html/rfc4532'>RFC 4532
- Lightweight Directory Access Protocol (LDAP) "Who am I?" Operation</link>
@@ -78,6 +91,4 @@
</listitem>
</varlistentry>
</variablelist>
-
</appendix>
-
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/appendix-file-layout.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/appendix-file-layout.xml
index 79b0169..c62e940 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/appendix-file-layout.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/appendix-file-layout.xml
@@ -33,7 +33,8 @@
<para>OpenDJ software installs and creates the following files and
directories. The following list is not necessarily exhaustive.</para>
-
+ <indexterm><primary>File layout</primary></indexterm>
+ <indexterm><primary>Installed files</primary></indexterm>
<variablelist>
<varlistentry>
<term><filename>QuickSetup.app</filename></term>
@@ -260,6 +261,4 @@
</listitem>
</varlistentry>
</variablelist>
-
</appendix>
-
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/appendix-l10n.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/appendix-l10n.xml
index 700b776..4a02eb3 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/appendix-l10n.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/appendix-l10n.xml
@@ -36,9 +36,9 @@
specific locales. OpenDJ software is also itself localized for a smaller
variety of languages.</para>
- <section>
+ <section xml:id="supported-languages">
<title>OpenDJ Languages</title>
-
+ <indexterm><primary>Languages</primary></indexterm>
<para>OpenDJ <?eval ${product.version}?> software has been localized
in the following languages.</para>
@@ -57,9 +57,9 @@
</note>
</section>
- <section>
+ <section xml:id="supported-locales">
<title>Directory Support For Locales and Language Subtypes</title>
-
+ <indexterm><primary>Locales</primary></indexterm>
<para>OpenDJ software supports the following locales, with their
associated language and country codes, and their collation order
object identifiers. Locale support depends on the underlying Java
@@ -797,8 +797,8 @@
</variablelist>
<para>OpenDJ software supports the following language subtypes.</para>
-
- <itemizedlist>
+ <indexterm><primary>Language subtypes</primary></indexterm>
+ <itemizedlist xml:id="supported-language-subtypes">
<listitem><para>Albanian, sq</para></listitem>
<listitem><para>Arabic, ar</para></listitem>
<listitem><para>Belarusian, be</para></listitem>
@@ -839,8 +839,5 @@
<listitem><para>Ukranian, uk</para></listitem>
<listitem><para>Vietnamese, vi</para></listitem>
</itemizedlist>
-
</section>
-
</appendix>
-
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/appendix-ports-used.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/appendix-ports-used.xml
index 48f8848..4f8076b 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/appendix-ports-used.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/appendix-ports-used.xml
@@ -35,51 +35,55 @@
<!-- Protocol, port number, description (what for), on by default? -->
<variablelist>
- <varlistentry>
+ <varlistentry xml:id="ldap-port">
<term>LDAP: 389 (1389)</term>
<listitem>
+ <indexterm><primary>Ports</primary><secondary>389 (1389)</secondary></indexterm>
<para>OpenDJ directory server listens for LDAP requests from client
applications on port 389 by default. OpenDJ directory server uses port
1389 by default for non-root users. LDAP is enabled by default.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="ldaps-port">
<term>LDAPS: 636 (1636)</term>
<listitem>
+ <indexterm><primary>Ports</primary><secondary>636 (1636)</secondary></indexterm>
<para>OpenDJ directory server listens for LDAPS requests from client
applications on port 636 by default. OpenDJ directory server uses port
1636 by default for non-root users. LDAPS is not enabled by default.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="admin-port">
<term>Administrative connections: 4444</term>
<listitem>
+ <indexterm><primary>Ports</primary><secondary>4444</secondary></indexterm>
<para>OpenDJ directory server listens for administrative traffic on port
4444 by default. The administration connector is enabled by default.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="snmp-port">
<term>SNMP: 161</term>
<listitem>
+ <indexterm><primary>Ports</primary><secondary>161</secondary></indexterm>
<para>OpenDJ directory server listens for SNMP traffic on port 161 by
default. SNMP is not enabled by default.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="jmx-port">
<term>JMX: 1689</term>
<listitem>
+ <indexterm><primary>Ports</primary><secondary>1689</secondary></indexterm>
<para>OpenDJ directory server listens for Java Management eXtension
traffic on port 1689 by default. JMX is not enabled by default.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="repl-port">
<term>Replication: 8989</term>
<listitem>
+ <indexterm><primary>Ports</primary><secondary>8989</secondary></indexterm>
<para>OpenDJ directory server listens for replication traffic
on port 8989 by default. Replication is not enabled by default.</para>
</listitem>
</varlistentry>
</variablelist>
-
</appendix>
-
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/appendix-standards.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/appendix-standards.xml
index 9b4fae0..dfcd8fa 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/appendix-standards.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/appendix-standards.xml
@@ -36,604 +36,871 @@
<!-- Document [link], description -->
<variablelist>
- <varlistentry>
+ <varlistentry xml:id="rfc1274">
<term><link xlink:href='http://tools.ietf.org/html/rfc1274'>RFC 1274:
The COSINE and Internet X.500 Schema</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 1274</secondary>
+ </indexterm>
<para>X.500 Directory Schema, or Naming Architecture, for use in the
COSINE and Internet X.500 pilots.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc1321">
<term><link xlink:href='http://tools.ietf.org/html/rfc1321'>RFC 1321:
The MD5 Message-Digest Algorithm</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 1321</secondary>
+ </indexterm>
<para>MD5 message-digest algorithm that takes as input a message of
arbitrary length and produces as output a 128-bit "fingerprint" or
"message digest" of the input.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc1777">
<term><link xlink:href='http://tools.ietf.org/html/rfc1777'>RFC 1777:
Lightweight Directory Access Protocol (LDAPv2)</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 1777</secondary>
+ </indexterm>
<para>Provide access to the X.500 Directory while not incurring the
resource requirements of the Directory Access Protocol.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc1778">
<term><link xlink:href='http://tools.ietf.org/html/rfc1778'>RFC 1778:
The String Representation of Standard Attribute Syntaxes</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 1778</secondary>
+ </indexterm>
<para>Defines the requirements that must be satisfied by encoding
rules used to render X.500 Directory attribute syntaxes into a form
suitable for use in the LDAP, then defines the encoding rules for the
standard set of attribute syntaxes.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc1779">
<term><link xlink:href='http://tools.ietf.org/html/rfc1779'>RFC 1779:
A String Representation of Distinguished Names</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 1779</secondary>
+ </indexterm>
<para>Defines a string format for representing names, which is designed
to give a clean representation of commonly used names, whilst being
able to represent any distinguished name.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc2079">
<term><link xlink:href='http://tools.ietf.org/html/rfc2079'>RFC 2079:
Definition of an X.500 Attribute Type and an Object Class to Hold
Uniform Resource Identifiers (URIs)</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 2079</secondary>
+ </indexterm>
<para>Defines a new attribute type and an auxiliary object class to
allow URIs, including URLs, to be stored in directory entries in a
standard way.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc2222">
<term><link xlink:href='http://tools.ietf.org/html/rfc2222'>RFC 2222:
Simple Authentication and Security Layer (SASL)</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 2222</secondary>
+ </indexterm>
<para>Describes a method for adding authentication support to
connection-based protocols.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc2246">
<term><link xlink:href='http://tools.ietf.org/html/rfc2246'>RFC 2246:
The TLS Protocol Version 1.0</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 2246</secondary>
+ </indexterm>
<para>Specifies Version 1.0 of the Transport Layer Security
protocol.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc2247">
<term><link xlink:href='http://tools.ietf.org/html/rfc2247'>RFC 2247:
Using Domains in LDAP/X.500 Distinguished Names</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 2247</secondary>
+ </indexterm>
<para>Defines an algorithm by which a name registered with the Internet
Domain Name Service can be represented as an LDAP distinguished name.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc2251">
<term><link xlink:href='http://tools.ietf.org/html/rfc2251'>RFC 2251:
Lightweight Directory Access Protocol (v3)</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 2251</secondary>
+ </indexterm>
<para>Describes a directory access protocol designed to provide access
to directories supporting the X.500 models, while not incurring the
resource requirements of the X.500 Directory Access Protocol.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc2252">
<term><link xlink:href='http://tools.ietf.org/html/rfc2252'>RFC 2252:
Lightweight Directory Access Protocol (v3): Attribute Syntax
Definitions</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 2252</secondary>
+ </indexterm>
<para>Defines a set of syntaxes for LDAPv3, and the rules by which
attribute values of these syntaxes are represented as octet strings
for transmission in the LDAP protocol.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc2253">
<term><link xlink:href='http://tools.ietf.org/html/rfc2253'>RFC 2253:
Lightweight Directory Access Protocol (v3): UTF-8 String Representation
of Distinguished Names</link></term>
<listitem>
- <para></para>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 2253</secondary>
+ </indexterm>
+ <para>Defines a common UTF-8 format to represent distinguished names
+ unambiguously.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc2254">
<term><link xlink:href='http://tools.ietf.org/html/rfc2254'>RFC 2254:
The String Representation of LDAP Search Filters</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 2254</secondary>
+ </indexterm>
<para>Defines the string format for representing names, which is designed
to give a clean representation of commonly used distinguished names,
while being able to represent any distinguished name.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc2255">
<term><link xlink:href='http://tools.ietf.org/html/rfc2255'>RFC 2255:
The LDAP URL Format</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 2255</secondary>
+ </indexterm>
<para>Describes a format for an LDAP Uniform Resource Locator.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc2256">
<term><link xlink:href='http://tools.ietf.org/html/rfc2256'>RFC 2256:
A Summary of the X.500(96) User Schema for use with LDAPv3</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 2256</secondary>
+ </indexterm>
<para>Provides an overview of the attribute types and object classes
defined by the ISO and ITU-T committees in the X.500 documents, in
particular those intended for use by directory clients.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc2307">
<term><link xlink:href='http://tools.ietf.org/html/rfc2307'>RFC 2307:
An Approach for Using LDAP as a Network Information Service</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 2307</secondary>
+ </indexterm>
<para>Describes an experimental mechanism for mapping entities related
to TCP/IP and the UNIX system into X.500 entries so that they may be
resolved with the Lightweight Directory Access Protocol.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc2377">
<term><link xlink:href='http://tools.ietf.org/html/rfc2377'>RFC 2377:
Naming Plan for Internet Directory-Enabled Applications</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 2377</secondary>
+ </indexterm>
<para>Proposes a new directory naming plan that leverages the strengths
of the most popular and successful Internet naming schemes for naming
objects in a hierarchical directory.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc2696">
<term><link xlink:href='http://tools.ietf.org/html/rfc2696'>RFC 2696:
LDAP Control Extension for Simple Paged Results Manipulation</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 2696</secondary>
+ </indexterm>
<para>Allows a client to control the rate at which an LDAP server
returns the results of an LDAP search operation.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc2713">
<term><link xlink:href='http://tools.ietf.org/html/rfc2713'>RFC 2713:
Schema for Representing Java(tm) Objects in an LDAP Directory</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 2713</secondary>
+ </indexterm>
<para>Defines a common way for applications to store and retrieve Java
objects from the directory.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc2714">
<term><link xlink:href='http://tools.ietf.org/html/rfc2714'>RFC 2714:
Schema for Representing CORBA Object References in an LDAP
Directory</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 2714</secondary>
+ </indexterm>
<para>Define a common way for applications to store and retrieve CORBA
object references from the directory.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc2739">
<term><link xlink:href='http://tools.ietf.org/html/rfc2739'>RFC 2739:
Calendar Attributes for vCard and LDAP</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 2739</secondary>
+ </indexterm>
<para>Defines a mechanism to locate a user calendar and free/busy time
using the LDAP protocol.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc2798">
<term><link xlink:href='http://tools.ietf.org/html/rfc2798'>RFC 2798:
Definition of the inetOrgPerson LDAP Object Class</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 2798</secondary>
+ </indexterm>
<para>Define an object class called inetOrgPerson for use in LDAP and
X.500 directory services that extends the X.521 standard
organizationalPerson class.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc2829">
<term><link xlink:href='http://tools.ietf.org/html/rfc2829'>RFC 2829:
Authentication Methods for LDAP</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 2829</secondary>
+ </indexterm>
<para>Specifies particular combinations of security mechanisms which
are required and recommended in LDAP implementations.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc2830">
<term><link xlink:href='http://tools.ietf.org/html/rfc2830'>RFC 2830:
Lightweight Directory Access Protocol (v3): Extension for Transport
Layer Security</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 2830</secondary>
+ </indexterm>
<para>Defines the "Start Transport Layer Security (TLS) Operation"
for LDAP.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc2849">
<term><link xlink:href='http://tools.ietf.org/html/rfc2849'>RFC 2849:
The LDAP Data Interchange Format (LDIF) - Technical
Specification</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 2849</secondary>
+ </indexterm>
+ <indexterm>
+ <primary>LDIF</primary>
+ <secondary>Specification</secondary>
+ </indexterm>
<para>Describes a file format suitable for describing directory
information or modifications made to directory information.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc2926">
<term><link xlink:href='http://tools.ietf.org/html/rfc2926'>RFC 2926:
Conversion of LDAP Schemas to and from SLP Templates</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 2926</secondary>
+ </indexterm>
<para>Describes a procedure for mapping between Service Location
Protocol service advertisements and lightweight directory access
protocol descriptions of services.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc3045">
<term><link xlink:href='http://tools.ietf.org/html/rfc3045'>RFC 3045:
Storing Vendor Information in the LDAP root DSE</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 3045</secondary>
+ </indexterm>
<para>Specifies two Lightweight Directory Access Protocol attributes,
vendorName and vendorVersion that MAY be included in the root
DSA-specific Entry (DSE) to advertise vendor-specific information.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc3062">
<term><link xlink:href='http://tools.ietf.org/html/rfc3062'>RFC 3062:
LDAP Password Modify Extended Operation</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 3062</secondary>
+ </indexterm>
<para>Describes an LDAP extended operation to allow modification of
user passwords which is not dependent upon the form of the authentication
identity nor the password storage mechanism used.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc3112">
<term><link xlink:href='http://tools.ietf.org/html/rfc3112'>RFC 3112:
LDAP Authentication Password Schema</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 3112</secondary>
+ </indexterm>
<para>Describes schema in support of user/password authentication in
a LDAP directory including the authPassword attribute type. This
attribute type holds values derived from the user's password(s)
(commonly using cryptographic strength one-way hash).</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc3377">
<term><link xlink:href='http://tools.ietf.org/html/rfc3377'>RFC 3377:
Lightweight Directory Access Protocol (v3): Technical
Specification</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 3377</secondary>
+ </indexterm>
<para>Specifies the set of RFCs comprising the Lightweight Directory
Access Protocol Version 3 (LDAPv3), and addresses the "IESG Note"
attached to RFCs 2251 through 2256.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc3383">
<term><link xlink:href='http://tools.ietf.org/html/rfc3383'>RFC 3383:
Internet Assigned Numbers Authority (IANA) Considerations for the
Lightweight Directory Access Protocol (LDAP)</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 3383</secondary>
+ </indexterm>
<para>Provides procedures for registering extensible elements
of the Lightweight Directory Access Protocol (LDAP).</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc3546">
<term><link xlink:href='http://tools.ietf.org/html/rfc3546'>RFC 3546:
Transport Layer Security (TLS) Extensions</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 3546</secondary>
+ </indexterm>
<para>Describes extensions that may be used to add functionality to
Transport Layer Security.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc3671">
<term><link xlink:href='http://tools.ietf.org/html/rfc3671'>RFC 3671:
Collective Attributes in the Lightweight Directory Access Protocol
(LDAP)</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 3671</secondary>
+ </indexterm>
<para>Summarizes the X.500 information model for collective attributes
and describes use of collective attributes in LDAP.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc3672">
<term><link xlink:href='http://tools.ietf.org/html/rfc3672'>RFC 3672:
Subentries in the Lightweight Directory Access Protocol
(LDAP)</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 3672</secondary>
+ </indexterm>
<para>Adapts X.500 subentries mechanisms for use with the Lightweight
Directory Access Protocol (LDAP).</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc3673">
<term><link xlink:href='http://tools.ietf.org/html/rfc3673'>RFC 3673:
Lightweight Directory Access Protocol version 3 (LDAPv3): All Operational
Attributes</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 3673</secondary>
+ </indexterm>
<para>Describes an LDAP extension which clients may use to request the
return of all operational attributes.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc3674">
<term><link xlink:href='http://tools.ietf.org/html/rfc3674'>RFC 3674:
Feature Discovery in Lightweight Directory Access Protocol
(LDAP)</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 3674</secondary>
+ </indexterm>
<para>Introduces a general mechanism for discovery of elective features
and extensions which cannot be discovered using existing mechanisms.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc3771">
<term><link xlink:href='http://tools.ietf.org/html/rfc3771'>RFC 3771:
Lightweight Directory Access Protocol (LDAP) Intermediate Response
Message</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 3771</secondary>
+ </indexterm>
<para>Defines and describes the IntermediateResponse message, a general
mechanism for defining single-request/multiple-response operations in
Lightweight Directory Access Protocol.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc3829">
<term><link xlink:href='http://tools.ietf.org/html/rfc3829'>RFC 3829:
Lightweight Directory Access Protocol (LDAP) Authorization Identity
Request and Response Controls</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 3829</secondary>
+ </indexterm>
<para>Extends the Lightweight Directory Access Protocol bind operation
with a mechanism for requesting and returning the authorization identity
it establishes.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc3876">
<term><link xlink:href='http://tools.ietf.org/html/rfc3876'>RFC 3876:
Returning Matched Values with the Lightweight Directory Access Protocol
version 3 (LDAPv3)</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 3876</secondary>
+ </indexterm>
<para>Describes a control for the Lightweight Directory Access Protocol
version 3 that is used to return a subset of attribute values from an
entry.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc3909">
<term><link xlink:href='http://tools.ietf.org/html/rfc3909'>RFC 3909:
Lightweight Directory Access Protocol (LDAP) Cancel Operation</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 3909</secondary>
+ </indexterm>
<para>Describes a Lightweight Directory Access Protocol extended operation
to cancel (or abandon) an outstanding operation, with a response to
indicate the outcome of the operation.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc4346">
<term><link xlink:href='http://tools.ietf.org/html/rfc4346'>RFC 4346:
The Transport Layer Security (TLS) Protocol Version 1.1</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 4346</secondary>
+ </indexterm>
<para>Specifies Version 1.1 of the Transport Layer Security
protocol.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc4370">
<term><link xlink:href='http://tools.ietf.org/html/rfc4370'>RFC 4370:
Lightweight Directory Access Protocol (LDAP) Proxied Authorization
Control</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 4370</secondary>
+ </indexterm>
<para>Defines the Proxy Authorization Control, that allows a client
to request that an operation be processed under a provided authorization
identity instead of under the current authorization identity associated
with the connection.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc4403">
<term><link xlink:href='http://tools.ietf.org/html/rfc4403'>RFC 4403:
Lightweight Directory Access Protocol (LDAP) Schema for Universal
Description, Discovery, and Integration version 3 (UDDIv3)</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 4403</secondary>
+ </indexterm>
<para>Defines the Lightweight Directory Access Protocol schema for
representing Universal Description, Discovery, and Integration
data types in an LDAP directory.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc4422">
<term><link xlink:href='http://tools.ietf.org/html/rfc4422'>RFC 4422:
Simple Authentication and Security Layer (SASL)</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 4422</secondary>
+ </indexterm>
<para>Describes a framework for providing authentication and data
security services in connection-oriented protocols via replaceable
mechanisms.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc4505">
<term><link xlink:href='http://tools.ietf.org/html/rfc4505'>RFC 4505:
Anonymous Simple Authentication and Security Layer (SASL)
Mechanism</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 4505</secondary>
+ </indexterm>
<para>Describes a new way to provide anonymous login is needed
within the context of the Simple Authentication and Security
Layer framework.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc4510">
<term><link xlink:href='http://tools.ietf.org/html/rfc4510'>RFC 4510:
Lightweight Directory Access Protocol (LDAP): Technical Specification
Road Map</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 4510</secondary>
+ </indexterm>
<para>Provides a road map of the LDAP Technical Specification.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc4511">
<term><link xlink:href='http://tools.ietf.org/html/rfc4511'>RFC 4511:
Lightweight Directory Access Protocol (LDAP): The Protocol</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 4511</secondary>
+ </indexterm>
<para>Describes the protocol elements, along with their semantics and
encodings, of the Lightweight Directory Access Protocol.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc4512">
<term><link xlink:href='http://tools.ietf.org/html/rfc4512'>RFC 4512:
Lightweight Directory Access Protocol (LDAP): Directory Information
Models</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 4512</secondary>
+ </indexterm>
<para>Describes the X.500 Directory Information Models as used in
LDAP.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc4513">
<term><link xlink:href='http://tools.ietf.org/html/rfc4513'>RFC 4513:
Lightweight Directory Access Protocol (LDAP): Authentication Methods
and Security Mechanisms</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 4513</secondary>
+ </indexterm>
<para>Describes authentication methods and security mechanisms of the
Lightweight Directory Access Protocol.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc4514">
<term><link xlink:href='http://tools.ietf.org/html/rfc4514'>RFC 4514:
Lightweight Directory Access Protocol (LDAP): String Representation of
Distinguished Names</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 4514</secondary>
+ </indexterm>
<para>Defines the string representation used in the Lightweight Directory
Access Protocol to transfer distinguished names.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc4515">
<term><link xlink:href='http://tools.ietf.org/html/rfc4515'>RFC 4515:
Lightweight Directory Access Protocol (LDAP): String Representation
of Search Filters</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 4515</secondary>
+ </indexterm>
<para>Defines a human-readable string representation of LDAP search
filters that is appropriate for use in LDAP URLs and in other
applications.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc4516">
<term><link xlink:href='http://tools.ietf.org/html/rfc4516'>RFC 4516:
Lightweight Directory Access Protocol (LDAP): Uniform Resource
Locator</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 4516</secondary>
+ </indexterm>
<para>Describes a format for a Lightweight Directory Access Protocol
Uniform Resource Locator.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc4517">
<term><link xlink:href='http://tools.ietf.org/html/rfc4517'>RFC 4517:
Lightweight Directory Access Protocol (LDAP): Syntaxes and Matching
Rules</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 4517</secondary>
+ </indexterm>
<para>Defines a base set of syntaxes and matching rules for use in
defining attributes for LDAP directories.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc4519">
<term><link xlink:href='http://tools.ietf.org/html/rfc4519'>RFC 4519:
Lightweight Directory Access Protocol (LDAP): Schema for User
Applications</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 4519</secondary>
+ </indexterm>
<para>Provides a technical specification of attribute types and object
classes intended for use by LDAP directory clients for many directory
services, such as White Pages.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc4524">
<term><link xlink:href='http://tools.ietf.org/html/rfc4524'>RFC 4524:
COSINE LDAP/X.500 Schema</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 4524</secondary>
+ </indexterm>
<para>Provides a collection of schema elements for use with the
Lightweight Directory Access Protocol from the COSINE and Internet
X.500 pilot projects.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc4525">
<term><link xlink:href='http://tools.ietf.org/html/rfc4525'>RFC 4525:
Lightweight Directory Access Protocol (LDAP) Modify-Increment
Extension</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 4525</secondary>
+ </indexterm>
<para>Describes an extension to the Lightweight Directory Access
Protocol Modify operation to support an increment capability.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc4526">
<term><link xlink:href='http://tools.ietf.org/html/rfc4526'>RFC 4526:
Lightweight Directory Access Protocol (LDAP) Absolute True and False
Filters</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 4526</secondary>
+ </indexterm>
<para>Extends the Lightweight Directory Access Protocol to support
absolute True and False filters based upon similar capabilities found
in X.500 directory systems.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc4527">
<term><link xlink:href='http://tools.ietf.org/html/rfc4527'>RFC 4527:
Lightweight Directory Access Protocol (LDAP) Read Entry
Controls</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 4527</secondary>
+ </indexterm>
<para>Specifies an extension to the Lightweight Directory Access
Protocol to allow the client to read the target entry of an update
operation.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc4528">
<term><link xlink:href='http://tools.ietf.org/html/rfc4528'>RFC 4528:
Lightweight Directory Access Protocol (LDAP) Assertion
Control</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 4528</secondary>
+ </indexterm>
<para>Defines the Lightweight Directory Access Protocol Assertion
Control, which allows a client to specify that a directory operation
should only be processed if an assertion applied to the target entry
of the operation is true.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc4529">
<term><link xlink:href='http://tools.ietf.org/html/rfc4529'>RFC 4529:
Requesting Attributes by Object Class in the Lightweight Directory
Access Protocol (LDAP)</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 4529</secondary>
+ </indexterm>
<para>Extends LDAP to support a mechanism that LDAP clients may use to
request the return of all attributes of an object class.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc4530">
<term><link xlink:href='http://tools.ietf.org/html/rfc4530'>RFC 4530:
Lightweight Directory Access Protocol (LDAP) entryUUID Operational
Attribute</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 4530</secondary>
+ </indexterm>
<para>Describes the LDAP/X.500 'entryUUID' operational attribute and
associated matching rules and syntax.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc4532">
<term><link xlink:href='http://tools.ietf.org/html/rfc4532'>RFC 4532:
Lightweight Directory Access Protocol (LDAP) "Who am I?"
Operation</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 4532</secondary>
+ </indexterm>
<para>Provides a mechanism for Lightweight Directory Access Protocol
clients to obtain the authorization identity the server has associated
with the user or application entity.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="rfc4616">
<term><link xlink:href='http://tools.ietf.org/html/rfc4616'>RFC 4616:
The PLAIN Simple Authentication and Security Layer (SASL)
Mechanism</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>RFC 4616</secondary>
+ </indexterm>
<para>Defines a simple clear-text user/password Simple Authentication
and Security Layer mechanism called the PLAIN mechanism.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="fips180-1">
<term><link xlink:href='http://www.itl.nist.gov/fipspubs/fip180-1.htm'
>FIPS 180-1: Secure Hash Standard (SHA-1)</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>FIPS 180-1</secondary>
+ </indexterm>
<para>Specifies a Secure Hash Algorithm, SHA-1, for computing a condensed
representation of a message or a data file.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="fips180-2">
<term><link
xlink:href='http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf'
>FIPS 180-2: Secure Hash Standard (SHA-1, SHA-256, SHA-384,
SHA-512)</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>FIPS 180-2</secondary>
+ </indexterm>
<para>Specifies four Secure Hash Algorithms for computing a condensed
representation of electronic data.</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry xml:id="dsmlv2">
<term><link
xlink:href='http://www.oasis-open.org/committees/dsml/docs/DSMLv2.xsd'
>DSMLv2: Directory Service Markup Language</link></term>
<listitem>
+ <indexterm>
+ <primary>Supported standards</primary>
+ <secondary>DSMLv2</secondary>
+ </indexterm>
<para>Provides a method for expressing directory queries and updates as
XML documents.</para>
</listitem>
</varlistentry>
</variablelist>
-
</appendix>
-
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-account-lockout.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-account-lockout.xml
index f63c206..0f1b605 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-account-lockout.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-account-lockout.xml
@@ -56,9 +56,9 @@
<para>This chapter shows you how to set up account lockout policies,
and how to intervene manually to lock and unlock accounts.</para>
- <section>
+ <section xml:id="configure-account-lockout">
<title>Configuring Account Lockout</title>
-
+ <indexterm><primary>Accounts</primary><secondary>Lockout</secondary></indexterm>
<para>Account lockout is configured as part of password policy. This section
demonstrates configuring account lockout as part of the default password
policy. Users are allowed three consecutive failures before being locked out
@@ -100,7 +100,7 @@
Result Code: 49 (Invalid Credentials)</screen>
</section>
- <section>
+ <section xml:id="manage-accounts">
<title>Managing Accounts Manually</title>
<para>This section covers disabling and enabling accounts by using the
@@ -114,9 +114,9 @@
version 3.0;acl "Admins can run amok"; allow(all) groupdn =
"ldap:///cn=Directory Administrators,ou=Groups,dc=example,dc=com";)</literallayout>
- <procedure>
+ <procedure xml:id="disable-account">
<title>To Disable an Account</title>
-
+ <indexterm><primary>Accounts</primary><secondary>Disabling</secondary></indexterm>
<step>
<para>Set the account status to disabled with the
<command>manage-account</command> command.</para>
@@ -128,9 +128,9 @@
</step>
</procedure>
- <procedure>
+ <procedure xml:id="reactivate-account">
<title>To Activate a Disabled Account</title>
-
+ <indexterm><primary>Accounts</primary><secondary>Activating</secondary></indexterm>
<step>
<para>Clear the disabled status using the <command>manage-account</command>
command.</para>
@@ -143,14 +143,17 @@
</procedure>
</section>
- <section>
+ <section xml:id="account-status-notification">
<title>Managing Account Status Notification</title>
-
+ <indexterm>
+ <primary>Accounts</primary>
+ <secondary>Status notifications</secondary>
+ </indexterm>
<para>OpenDJ can send mail about account status changes. OpenDJ needs an
SMTP server to send messages. By default, message templates are in
English.</para>
- <procedure>
+ <procedure xml:id="mail-account-status-notifications">
<title>To Mail Users About Account Status</title>
<step>
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-admin-tools.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-admin-tools.xml
index eeac64d..dc86a82 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-admin-tools.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-admin-tools.xml
@@ -48,9 +48,9 @@
<para>This chapter takes a quick look at the tools for managing directory
services.</para>
- <section>
+ <section xml:id="control-panel">
<title>Control Panel</title>
-
+ <indexterm><primary>Control panel</primary></indexterm>
<para>OpenDJ Control Panel offers a graphical user interface for
managing both local and remote servers. You choose the server to manage
when you start the Control Panel. The Control Panel connects to the
@@ -160,8 +160,9 @@
</section>
- <section>
+ <section xml:id="cli-overview">
<title>Command-Line Tools</title>
+ <indexterm><primary>Commands</primary></indexterm>
<para>All OpenDJ command-line tools take the --help option.</para>
@@ -400,9 +401,6 @@
<para>Register OpenDJ as a Windows Service.</para>
</listitem>
</varlistentry>
-
</variablelist>
</section>
-
</chapter>
-
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-attribute-uniqueness.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-attribute-uniqueness.xml
index 878eb4c..7317234 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-attribute-uniqueness.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-attribute-uniqueness.xml
@@ -30,7 +30,7 @@
xmlns:xlink='http://www.w3.org/1999/xlink'
xmlns:xinclude='http://www.w3.org/2001/XInclude'>
<title>Implementing Attribute Value Uniqueness</title>
-
+
<para>Some attribute values ought to remain unique. If you are using
<literal>uid</literal> values as RDNs to distinguish between millions of
user entries stored under <literal>ou=People</literal>, then you do not
@@ -40,6 +40,8 @@
want to share that credit card or mobile number with another customer.
The same is true for your email address.</para>
+ <indexterm><primary>Unique attribute values</primary></indexterm>
+
<para>The difficulty for you as directory administrator lies in
implementing attribute value uniqueness without sacrificing the high
availability that comes from using OpenDJ's loosely consistent,
@@ -53,7 +55,7 @@
<para>This chapter shows you how to set up attribute value uniqueness
in your directory environment.</para>
- <procedure>
+ <procedure xml:id="enable-unique-uids">
<title>To Enable Unique UIDs</title>
<para>OpenDJ provides a unique attribute plugin that you configure by using
@@ -86,9 +88,9 @@
</step>
</procedure>
- <procedure>
+ <procedure xml:id="enable-unique-attributes">
<title>To Enable Unique Values For Other Attributes</title>
-
+
<para>You can also configure the unique attribute plugin for use with
other attributes, such as <literal>mail</literal>, <literal>mobile</literal>,
or attributes you define, for example <literal>cardNumber</literal>.</para>
@@ -128,9 +130,12 @@
</step>
</procedure>
- <procedure>
+ <procedure xml:id="unique-attributes-repl">
<title>To Ensure Unique Attribute Values With Replication</title>
-
+ <indexterm>
+ <primary>Replication</primary>
+ <secondary>Unique attributes</secondary>
+ </indexterm>
<para>The unique attribute plugin ensures unique attribute values on the
directory server where the attribute value is updated. If client applications
separately write the same attribute value at the same time on different
@@ -160,7 +165,6 @@
partition.</para>
</step>
</stepalternatives>
- </step>
+ </step>
</procedure>
</chapter>
-
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-backup-restore.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-backup-restore.xml
index 47bee18..9a6b57e 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-backup-restore.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-backup-restore.xml
@@ -37,9 +37,9 @@
of backup archives, as well as backing up server configuration
information.</para>
- <section>
+ <section xml:id="backup">
<title>Backing Up Directory Data</title>
-
+ <indexterm><primary>Backup</primary></indexterm>
<para>A <filename>bak/</filename> directory is provided when you install
OpenDJ, as a location to save binary backups. When you create a backup,
the <filename>bak/backup.info</filename> contains information about the
@@ -49,7 +49,7 @@
backups only of the directory data. Backups of server configuration are
found in <filename>config/archived-configs/</filename>.</para>
- <procedure>
+ <procedure xml:id="backup-immediately">
<title>To Back Up Data Immediately</title>
<step>
@@ -91,7 +91,7 @@
</step>
</procedure>
- <procedure>
+ <procedure xml:id="schedule-backup">
<title>To Schedule Data Backup</title>
<para>You can schedule data backup using <command>crontab</command>
@@ -109,13 +109,15 @@
</procedure>
</section>
- <section>
+ <section xml:id="restore-data">
<title>Restoring Directory Data From Backup</title>
+ <indexterm><primary>Backup</primary></indexterm>
+ <indexterm><primary>Restore from backup</primary></indexterm>
<para>When you restore data, the procedure to follow depends on whether
the OpenDJ directory server is replicated.</para>
- <procedure>
+ <procedure xml:id="restore-standalone-server">
<title>To Restore a Stand-alone Server</title>
<step>
@@ -155,9 +157,13 @@
</step>
</procedure>
- <procedure>
+ <procedure xml:id="restore-replica">
<title>To Restore a Replica</title>
-
+ <indexterm>
+ <primary>Replication</primary>
+ <secondary>Restoring from backup</secondary>
+ </indexterm>
+
<para>When you restore a replicated server from backup, make sure the
backup is newer than the last purge of the replication change log (default:
3 days).</para>
@@ -214,4 +220,3 @@
</procedure>
</section>
</chapter>
-
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-groups.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-groups.xml
index 9a1aeae..08950aa 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-groups.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-groups.xml
@@ -44,9 +44,13 @@
<para>This chapter demonstrates how to work with groups.</para>
- <section>
+ <section xml:id="static-groups">
<title>Creating Static Groups</title>
-
+ <indexterm>
+ <primary>Groups</primary>
+ <secondary>Static</secondary>
+ </indexterm>
+
<para>A <firstterm>static group</firstterm> is expressed as an entry
that enumerates all the entries that belong to the group. Static group
entries grow as their membership increases.</para>
@@ -103,9 +107,13 @@
cn: My Static Group</screen>
</section>
- <section>
+ <section xml:id="dynamic-groups">
<title>Creating Dynamic Groups</title>
-
+ <indexterm>
+ <primary>Groups</primary>
+ <secondary>Dynamic</secondary>
+ </indexterm>
+
<para>A <firstterm>dynamic group</firstterm> specifies members using
LDAP URLs. Dynamic groups entries can stay small even as their
membership increases.</para>
@@ -161,9 +169,13 @@
mail: rjensen@example.com</screen>
</section>
- <section>
+ <section xml:id="virtual-static-groups">
<title>Creating Virtual Static Groups</title>
-
+ <indexterm>
+ <primary>Groups</primary>
+ <secondary>Virtual static</secondary>
+ </indexterm>
+
<para>OpenDJ lets you create <firstterm>virtual static groups</firstterm>,
which let applications see dynamic groups as what appear to be static
groups.</para>
@@ -244,8 +256,12 @@
ds-target-group-dn: cn=My Dynamic Group,ou=Groups,dc=example,dc=com</screen>
</section>
- <section>
+ <section xml:id="group-membership">
<title>Looking Up Group Membership</title>
+ <indexterm>
+ <primary>Groups</primary>
+ <secondary>Membership</secondary>
+ </indexterm>
<para>OpenDJ lets you look up which groups a user belongs to by using the
<literal>isMemberOf</literal> attribute.</para>
@@ -259,9 +275,13 @@
<para>You must request <literal>isMemberOf</literal> explicitly.</para>
</section>
- <section>
+ <section xml:id="referential-integrity">
<title>Configuring Referential Integrity</title>
-
+ <indexterm>
+ <primary>Groups</primary>
+ <secondary>Referential integrity</secondary>
+ </indexterm>
+
<para>When you delete or rename an entry that belongs to static groups, that
entry's DN must be removed or changed in the list of each group to which it
belongs. You can configure OpenDJ to resolve membership on your behalf after
@@ -303,4 +323,3 @@
uniqueMember: uid=tmorris,ou=People,dc=example,dc=com</screen>
</section>
</chapter>
-
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-import-export.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-import-export.xml
index 9e5b774..c3cd5bf 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-import-export.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-import-export.xml
@@ -30,7 +30,20 @@
xmlns:xlink='http://www.w3.org/1999/xlink'
xmlns:xinclude='http://www.w3.org/2001/XInclude'>
<title>Importing & Exporting LDIF Data</title>
-
+ <indexterm><primary>Provisioning</primary></indexterm>
+ <indexterm><primary>Importing data</primary></indexterm>
+ <indexterm><primary>Restoring from LDIF</primary></indexterm>
+ <indexterm><primary>Exporting data</primary></indexterm>
+ <indexterm><primary>Backup</primary></indexterm>
+ <indexterm>
+ <primary>LDIF</primary>
+ <secondary>Import</secondary>
+ </indexterm>
+ <indexterm>
+ <primary>LDIF</primary>
+ <secondary>Export</secondary>
+ </indexterm>
+
<para>LDAP Data Interchange Format provides a mechanism for representing
directory data in text format. LDIF data is typically used to initialize
directory databases, but also may be used to move data between different
@@ -41,9 +54,9 @@
This chapter also covers creating test data in LDIF format, and manipulating
LDIF data with command-line tools.</para>
- <procedure>
+ <procedure xml:id="generate-ldif">
<title>To Generate Test LDIF Data</title>
-
+ <indexterm><primary>Importing data</primary><secondary>Test data</secondary></indexterm>
<para>When you install OpenDJ, you have the option of importing sample
data generated at installation time. This procedure demonstrates how to
generate LDIF on the command line using the
@@ -92,7 +105,7 @@
</step>
</procedure>
- <procedure>
+ <procedure xml:id="import-ldif">
<title>To Import LDIF Data</title>
<para>You can also use the OpenDJ Control Panel to import data (Directory
@@ -198,7 +211,7 @@
</step>
</procedure>
- <procedure>
+ <procedure xml:id="export-ldif">
<title>To Export LDIF Data</title>
<para>You can also use the OpenDJ Control Panel to export data (Directory
@@ -230,13 +243,17 @@
</step>
</procedure>
- <section>
+ <section xml:id="ldif-tools">
<title>Other Tools For Working With LDIF Data</title>
+ <indexterm>
+ <primary>LDIF</primary>
+ <secondary>Tools</secondary>
+ </indexterm>
<para>This section demonstrates the <command>ldifsearch</command>,
<command>ldifmodify</command>, and <command>ldif-diff</command> tools.</para>
- <section>
+ <section xml:id="ldifsearch-example">
<title>Searching in LDIF With <command>ldifsearch</command></title>
<para>The <command>ldifsearch</command> command lets you search LDIF files
@@ -245,9 +262,7 @@
<screen>$ ldifsearch -b dc=example,dc=org -l generated.ldif "(sn=Grenier)" mobile
dn: uid=user.4630,ou=People,dc=example,dc=org
-mobile: +1 728 983 6669
-
-</screen>
+mobile: +1 728 983 6669</screen>
<para>The <option>-l <replaceable>ldif-file</replaceable></option> option
compares to the hostname and port options used to connect to an LDAP
@@ -255,7 +270,7 @@
<command>ldapsearch</command> users.</para>
</section>
- <section>
+ <section xml:id="ldifmodify-example">
<title>Updating LDIF With <command>ldifmodify</command></title>
<para>The <command>ldifmodify</command> command lets you apply changes to
@@ -276,7 +291,7 @@
same size as the source LDIF file.</para>
</section>
- <section>
+ <section xml:id="ldif-diff-example">
<title>Comparing LDIF With <command>ldif-diff</command></title>
<para>The <command>ldif-diff</command> command reports differences between
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-indexing.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-indexing.xml
index c2948cf..3e5cff5 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-indexing.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-indexing.xml
@@ -30,7 +30,10 @@
xmlns:xlink='http://www.w3.org/1999/xlink'
xmlns:xinclude='http://www.w3.org/2001/XInclude'>
<title>Indexing Attribute Values</title>
-
+ <indexterm>
+ <primary>Indexes</primary>
+ </indexterm>
+
<para>OpenDJ provides several indexing schemes to speed up searches.</para>
<para>When a client requests a directory search operation, the client sends
@@ -53,14 +56,18 @@
index attribute values. This chapter also lists the default indexing
configuration for OpenDJ directory server.</para>
- <section>
+ <section xml:id="indexes-overview">
<title>Index Types & What Each Does</title>
<para>OpenDJ provides several different index types, each corresponding
to a different type of search.</para>
- <section>
+ <section xml:id="indexes-approximate">
<title>Approximate Index</title>
+ <indexterm>
+ <primary>Indexes</primary>
+ <secondary>Approximate</secondary>
+ </indexterm>
<para>An approximate index is used to match values that "sound like" those
provided in the filter. An approximate index on <literal>cn</literal>
@@ -73,8 +80,12 @@
cn: Babs Jensen</screen>
</section>
- <section>
+ <section xml:id="indexes-equality">
<title>Equality Index</title>
+ <indexterm>
+ <primary>Indexes</primary>
+ <secondary>Equality</secondary>
+ </indexterm>
<para>An equality index is used to match values that correspond exactly
(though generally without case sensitivity) to the value provided in
@@ -86,8 +97,12 @@
mail: bjensen@example.com</screen>
</section>
- <section>
+ <section xml:id="indexes-ordering">
<title>Ordering Index</title>
+ <indexterm>
+ <primary>Indexes</primary>
+ <secondary>Ordering</secondary>
+ </indexterm>
<para>An ordering index is used to match values for a filter that
specifies a range. The <literal>ds-sync-hist</literal> has an ordering
@@ -110,8 +125,12 @@
uid: pchassin</screen>
</section>
- <section>
+ <section xml:id="indexes-presence">
<title>Presence Index</title>
+ <indexterm>
+ <primary>Indexes</primary>
+ <secondary>Presence</secondary>
+ </indexterm>
<para>A presence index is used to match the fact that an attribute is
present on the entry, regardless of the value. The <literal>aci</literal>
@@ -124,8 +143,12 @@
dn: ou=People,dc=example,dc=com</screen>
</section>
- <section>
+ <section xml:id="indexes-substring">
<title>Substring Index</title>
+ <indexterm>
+ <primary>Indexes</primary>
+ <secondary>Substring</secondary>
+ </indexterm>
<para>A substring index is used to match values specified with wildcards
in the filter. Substring indexes can be expensive to maintain, especially
@@ -149,8 +172,12 @@
cn: Barbara Maddox</screen>
</section>
- <section>
+ <section xml:id="indexes-vlv">
<title>Virtual List View (Browsing) Index</title>
+ <indexterm>
+ <primary>Indexes</primary>
+ <secondary>Virtual list view (browsing)</secondary>
+ </indexterm>
<para>A VLV or browsing index are designed to help the server respond to
client applications that need virtual list view results, for example to
@@ -163,8 +190,12 @@
</section>
</section>
- <section>
+ <section xml:id="configure-indexes">
<title>Configuring & Rebuilding Indexes</title>
+ <indexterm>
+ <primary>Indexes</primary>
+ <secondary>Configuring</secondary>
+ </indexterm>
<para>You modify index configurations using the <command>dsconfig</command>
command. The configuration changes then take effect after you rebuild the
@@ -177,7 +208,7 @@
the suffixes in different backends.</para>
</tip>
- <section>
+ <section xml:id="configure-standard-index">
<title>Configuring a Standard Index</title>
<para>You can configure standard indexes from the Control Panel, and also
@@ -185,7 +216,7 @@
you finish configuring the index, you must rebuild the index for the changes
to take effect.</para>
- <example>
+ <example xml:id="create-index-example">
<title>Create a New Index</title>
<para>The following example creates a new substring index for
@@ -196,8 +227,12 @@
--set index-type:substring -n</screen>
</example>
- <example>
+ <example xml:id="approx-index-example">
<title>Configure an Approximate Index</title>
+ <indexterm>
+ <primary>Indexes</primary>
+ <secondary>Approximate</secondary>
+ </indexterm>
<para>The following example configures and approximate index for
<literal>cn</literal> (common name).</para>
@@ -208,8 +243,12 @@
</example>
</section>
- <section>
+ <section xml:id="configure-vlv">
<title>Configuring a Virtual List View Index</title>
+ <indexterm>
+ <primary>Indexes</primary>
+ <secondary>Virtual list view (browsing)</secondary>
+ </indexterm>
<para>In the OpenDJ Control Panel, select Manage Indexes >
New VLV Index..., and then set up your VLV index using the New VLV
@@ -226,15 +265,19 @@
VLV index configuration, and then to build the index.</para>
</section>
- <section>
+ <section xml:id="rebuild-index">
<title>Rebuilding Indexes</title>
+ <indexterm>
+ <primary>Indexes</primary>
+ <secondary>Rebuilding</secondary>
+ </indexterm>
<para>After you change an index configuration, or when you find that
an index is corrupt, you can rebuild the index. If you rebuild the index
while the server is online, then you must schedule the rebuild process
as a task.</para>
- <example>
+ <example xml:id="rebuild-index-example">
<title>Rebuild Index</title>
<para>The following example rebuilds the <literal>cn</literal> index
@@ -246,8 +289,12 @@
</example>
</section>
- <section>
+ <section xml:id="index-entry-limits">
<title>Changing Index Entry Limits</title>
+ <indexterm>
+ <primary>Indexes</primary>
+ <secondary>Entry limits</secondary>
+ </indexterm>
<para>Indexing data makes sense when maintaining the index is quicker and
cheaper than searching through all entries.</para>
@@ -281,7 +328,7 @@
<para>You can change the index entry limit on a per index basis.</para>
- <example>
+ <example xml:id="change-index-entry-limit">
<title>Change Index Entry Limit</title>
<para>The following example changes the index entry limit for the
@@ -298,14 +345,18 @@
</section>
</section>
- <section>
+ <section xml:id="verify-index">
<title>Verifying Indexes</title>
+ <indexterm>
+ <primary>Indexes</primary>
+ <secondary>Verifying</secondary>
+ </indexterm>
<para>You can verify that indexes correspond to current directory data,
and that indexes do not contain errors using the
<command>verify-index</command> command.</para>
- <example>
+ <example xml:id="verify-index-example">
<title>Verify Index</title>
<para>The following example verifies the <literal>cn</literal> (common
@@ -333,8 +384,12 @@
</example>
</section>
- <section>
+ <section xml:id="debug-search-indexes">
<title>Checking Indexes For a Search</title>
+ <indexterm>
+ <primary>Indexes</primary>
+ <secondary>Debugging searches</secondary>
+ </indexterm>
<para>When searching, you can improve performance by making sure your search
is indexed as you expect. One way of checking is to request the
@@ -362,8 +417,12 @@
candidate entries goes beyond the search or look-though limit.</para>
</section>
- <section>
+ <section xml:id="default-indexes">
<title>Default Indexes</title>
+ <indexterm>
+ <primary>Indexes</primary>
+ <secondary>Default settings</secondary>
+ </indexterm>
<para>When you first install OpenDJ directory server and import your
data from LDIF, the following indexes are configured.</para>
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-ldap-operations.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-ldap-operations.xml
index dd8a8de..5dd7131 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-ldap-operations.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-ldap-operations.xml
@@ -38,8 +38,9 @@
<!-- TODO: search, compare, add, modify, modifyDN, delete, but also authrate,
searchrate, modrate, and ldappasswordmodify, who am I?, cancel -->
- <section>
+ <section xml:id="search-ldap">
<title>Searching the Directory</title>
+ <indexterm><primary>Searching data</primary></indexterm>
<para>Searching the directory resembles searching for a phone number in
a paper phone book. You can look up a phone number because you know the
@@ -83,7 +84,7 @@
If you do not specify attributes, then the search returns all user attributes
for the entry.</para>
- <example>
+ <example xml:id="simple-filter-search">
<title>Search: Simple Filter</title>
<para>The following example searches for entries with UID containing
@@ -115,7 +116,7 @@
Result Code: 0 (Success)</screen>
</example>
- <example>
+ <example xml:id="complex-filter-search">
<title>Search: Complex Filter</title>
<para>The following example returns entries with <literal>uid</literal>
@@ -169,13 +170,14 @@
</example>
</section>
- <section>
+ <section xml:id="compare-ldap">
<title>Comparing Attribute Values</title>
+ <indexterm><primary>Comparing attribute values</primary></indexterm>
<para>The compare operation checks whether an attribute value you specify
matches the attribute value stored on one or more directory entries.</para>
- <example>
+ <example xml:id="compare-example">
<title>Compare: Checking <literal>authPassword</literal></title>
<para>In this example, Kirsten Vaughan checks whether the hashed password
@@ -192,20 +194,21 @@
</example>
</section>
- <section>
+ <section xml:id="write-ldap">
<title>Updating the Directory</title>
-
+ <indexterm><primary>Updating data</primary></indexterm>
+ <indexterm><primary>LDIF</primary><secondary>Examples</secondary></indexterm>
<para>Authorized users can change directory data using the LDAP add, modify,
modify DN, and delete operations.</para>
- <section>
+ <section xml:id="add-ldap">
<title>Adding Entries</title>
<para>With the <command>ldapmodify -a</command> command, authorized users
can add entire entries from the same sort of LDIF file used to import
and export data.</para>
- <example>
+ <example xml:id="add-two-users">
<title>Add: Two New Users</title>
<screen>$ cat new-users.ldif
@@ -234,14 +237,14 @@
</example>
</section>
- <section>
+ <section xml:id="modify-ldap">
<title>Modifying Entry Attributes</title>
<para>With the <command>ldapmodify</command> command, authorized users
can change the values of attributes in the directory using LDIF as specified
in <link xlink:href='http://tools.ietf.org/html/rfc2849'>RFC 2849</link>.</para>
- <example>
+ <example xml:id="modify-add-attribute">
<title>Modify: Adding Attributes</title>
<para>The following example adds a description and JPEG photo to Sam
@@ -262,7 +265,7 @@
MODIFY operation successful for DN uid=scarter,ou=people,dc=example,dc=com</screen>
</example>
- <example>
+ <example xml:id="modify-replace-attribute">
<title>Modify: Changing an Attribute Value</title>
<para>The following example replaces the description on Sam Carter's
@@ -280,7 +283,7 @@
MODIFY operation successful for DN uid=scarter,ou=people,dc=example,dc=com</screen>
</example>
- <example>
+ <example xml:id="modify-delete-attribute">
<title>Modify: Deleting an Attribute Value</title>
<para>The following example deletes the JPEG photo on Sam Carter's
@@ -298,7 +301,7 @@
</example>
</section>
- <section>
+ <section xml:id="rename-ldap">
<title>Renaming Entries</title>
<para>The Relative Distinguished Name (RDN) refers to the part of an
@@ -314,7 +317,7 @@
modifying the value of the naming attribute, but also modifying the entry's
DN.</para>
- <example>
+ <example xml:id="rename-modrdn">
<title>Rename: Modifying the DN</title>
<para>Sam Carter is changing her last name to Jensen, and changing her
@@ -351,7 +354,7 @@
</example>
</section>
- <section>
+ <section xml:id="rename-moddn">
<title>Moving Entries</title>
<para>When you rename an entry with child entries, the directory has
@@ -366,7 +369,7 @@
<para>With the <command>ldapmodify</command> command, authorized users
can move entries in the directory.</para>
- <example>
+ <example xml:id="move-entry-example">
<title>Move: Merging Customer and Employees Under
<literal>ou=People</literal></title>
@@ -425,13 +428,13 @@
</example>
</section>
- <section>
+ <section xml:id="delete-ldap">
<title>Deleting Entries</title>
<para>With the <command>ldapmodify</command> command, authorized users
can delete entries from the directory.</para>
- <example>
+ <example xml:id="delete-subtree">
<title>Delete: Removing a Subtree</title>
<para>The following example uses the subtree delete option to remove
@@ -445,13 +448,14 @@
</section>
</section>
- <section>
+ <section xml:id="change-password">
<title>Changing Passwords</title>
+ <indexterm><primary>Passwords</primary><secondary>Changing</secondary></indexterm>
<para>With the <command>ldappasswordmodify</command> command, authorized
users can change and reset user passwords.</para>
- <example>
+ <example xml:id="password-reset">
<title>Password Reset</title>
<para>The following example shows Kirsten Vaughan resetting Sam Carter's
@@ -472,7 +476,7 @@
Password Is Reset: true</screen>
</example>
- <example>
+ <example xml:id="change-own-password">
<title>Change Own Password</title>
<para>You can use the <command>ldappasswordmodify</command> command to
@@ -523,9 +527,9 @@
</tip>
</section>
- <section>
+ <section xml:id="tools-properties">
<title>Configuring Default Settings</title>
-
+ <indexterm><primary>Ports</primary><secondary>Settings for tools</secondary></indexterm>
<para>You can use <filename>~/.opendj/tools.properties</filename> to set
the defaults for bind DN, host name, and port number as in the following
example.</para>
@@ -542,9 +546,9 @@
<filename>%UserProfile%/.opendj/tools.properties</filename>.</para>
</section>
- <section>
+ <section xml:id="proxied-authz">
<title>Configuring Proxied Authorization</title>
-
+ <indexterm><primary>Proxied authorization</primary></indexterm>
<para>Proxied authorization provides a standard control as defined in <link
xlink:href='http://tools.ietf.org/html/rfc4370'>RFC 4370</link> (and an
earlier Internet-Draft) for binding with the user credentials of a proxy, who
@@ -567,7 +571,7 @@
commands in the following procedure. My App uses proxied authorization to
make a change to Babs's entry as Kirsten.</para>
- <procedure>
+ <procedure xml:id="setup-proxied-authz">
<title>To Set Up Proxied Authorization</title>
<step>
<para>Grant access to applications that can use proxied authorization.</para>
@@ -608,4 +612,3 @@
</procedure>
</section>
</chapter>
-
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-listeners.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-listeners.xml
index 2bc3417..ac772af 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-listeners.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-listeners.xml
@@ -30,13 +30,13 @@
xmlns:xlink='http://www.w3.org/1999/xlink'
xmlns:xinclude='http://www.w3.org/2001/XInclude'>
<title>Configuring Servers For Client Application Access</title>
-
+ <indexterm><primary>Ports</primary><secondary>Configuring</secondary></indexterm>
<para>This chapter shows you how to configure OpenDJ directory server to
listen for directory client requests, using connection handlers. You can view
information about connection handlers in the OpenDJ Control Panel, and update
the configuration using the <command>dsconfig</command> command.</para>
- <section>
+ <section xml:id="configure-ldap-port">
<title>LDAP Client Access</title>
<para>You configure LDAP client access by using the command-line tool
@@ -49,7 +49,7 @@
installation time. If you install as a user who cannot use a port < 1024,
then the default port number presented at installation time is 1389.</para>
- <procedure>
+ <procedure xml:id="change-ldap-port">
<title>To Change the LDAP Port Number</title>
<step>
@@ -67,15 +67,14 @@
</procedure>
</section>
- <section>
+ <section xml:id="setup-server-cert">
<title>Preparing For Secure Communications</title>
<subtitle>Setting Up a Self-Signed Certificate</subtitle>
-
+ <indexterm><primary>Certificates</primary></indexterm>
<para>You can set up a self-signed certificate as part of the OpenDJ
installation process. You can also choose to import your own CA-signed
certificate as part of the installation process.</para>
-
<para>Other applications recognize certificates signed by CAs whose root
certificates are installed already. If you need your server certificate to
be recognized automagically by applications configured to use SSL out of the
@@ -86,7 +85,7 @@
after installation. With the self-signed certificate you can set up, for
example, secure communications with StartTLS and over LDAPS.</para>
- <procedure>
+ <procedure xml:id="new-self-signed-cert">
<title>To Create & Install a Self-Signed Certificate</title>
<para>First you create and sign a server certificate that you place in
@@ -131,15 +130,15 @@
</procedure>
</section>
- <section>
+ <section xml:id="configure-starttls">
<title>LDAP Client Access With Transport Layer Security</title>
-
+ <indexterm><primary>StartTLS</primary></indexterm>
<para>StartTLS (Transport Layer Security) negotiations start on the unsecure
LDAP port, and then protect communication with the client. You can opt to
configure StartTLS during installation, or later using the
<command>dsconfig</command> command.</para>
- <procedure>
+ <procedure xml:id="setup-starttls-port">
<title>To Enable StartTLS on the LDAP Port</title>
<step>
@@ -156,9 +155,9 @@
</procedure>
</section>
- <section>
+ <section xml:id="configure-ssl">
<title>LDAP Client Access Over SSL</title>
-
+ <indexterm><primary>SSL</primary></indexterm>
<para>You configure LDAPS (LDAP/SSL) client access by using the command-line
tool <command>dsconfig</command>. You can opt to configure LDAPS access
when you install.</para>
@@ -169,7 +168,7 @@
installation time. If you install as a user who cannot use a port < 1024,
then the default port number presented at installation time is 1636.</para>
- <procedure>
+ <procedure xml:id="setup-ssl-port">
<title>To Set Up LDAPS Access</title>
<step>
@@ -184,7 +183,7 @@
</step>
</procedure>
- <procedure>
+ <procedure xml:id="change-ssl-port">
<title>To Change the LDAPS Port Number</title>
<step>
@@ -202,11 +201,12 @@
</procedure>
</section>
- <section>
+ <section xml:id="setup-dsml">
<title>DSML Client Access</title>
+ <indexterm><primary>DSML</primary></indexterm>
- <para>DSML client access is implemented as a servlet that runs in a
- web application container.</para>
+ <para>Directory Services Markup Language (DSML) client access is implemented
+ as a servlet that runs in a web application container.</para>
<para>You configure DSML client access by editing the
<filename>WEB-INF/web.xml</filename> after you deploy the web
@@ -305,13 +305,14 @@
</mediaobject>
</section>
- <section>
+ <section xml:id="jmx-access">
<title>JMX Client Access</title>
+ <indexterm><primary>JMX</primary></indexterm>
- <para>You configure JMX client access by using the command-line tool
- <command>dsconfig</command>.</para>
+ <para>You configure Java Management Extensions (JMX) client access by using
+ the command-line tool, <command>dsconfig</command>.</para>
- <procedure>
+ <procedure xml:id="setup-jmx">
<title>To Set Up JMX Access</title>
<step>
@@ -328,8 +329,12 @@
</procedure>
</section>
- <section>
+ <section xml:id="ldif-access">
<title>LDIF File Access</title>
+ <indexterm>
+ <primary>LDIF</primary>
+ <secondary>File as backend</secondary>
+ </indexterm>
<para>The LDIF connection handler lets you make changes to directory data
by placing LDIF in a file system directory that OpenDJ server regularly
@@ -338,7 +343,7 @@
<para>You configure LDIF file access by using the command-line tool
<command>dsconfig</command>.</para>
- <procedure>
+ <procedure xml:id="setup-ldif-access">
<title>To Set Up LDIF File Access</title>
<step>
@@ -357,6 +362,4 @@
</step>
</procedure>
</section>
-
</chapter>
-
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-monitoring.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-monitoring.xml
index 22756d2..db9713a 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-monitoring.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-monitoring.xml
@@ -30,16 +30,18 @@
xmlns:xlink='http://www.w3.org/1999/xlink'
xmlns:xinclude='http://www.w3.org/2001/XInclude'>
<title>Monitoring Servers</title>
-
+
<para>This chapter describes the monitoring capabilities that OpenDJ
implements, and shows how to configure them.</para>
+ <indexterm><primary>Monitoring</primary></indexterm>
+
<para>OpenDJ Control Panel provides basic monitoring capabilities under
Monitoring > Connection Handler, Monitoring > Connection Handler, and
Monitoring > Manage Tasks. This chapter covers the other options for
monitoring OpenDJ.</para>
-
- <section>
+
+ <section xml:id="ldap-monitoring">
<title>LDAP-Based Monitoring</title>
<para>OpenDJ exposes monitoring information over LDAP under the entry
@@ -74,8 +76,9 @@
to limit read access under <literal>cn=monitor</literal>.</para>
</section>
- <section>
+ <section xml:id="snmp-monitoring">
<title>SNMP-Based Monitoring</title>
+ <indexterm><primary>SNMP</primary></indexterm>
<para>OpenDJ lets you monitor the server over the Simple Network Management
Protocol (SNMP), with support for the Management Information Base described
@@ -95,8 +98,9 @@
--set opendmk-jarfile:<replaceable>OpenDMK-install-dir</replaceable>/lib/jdmkrt.jar</screen>
</section>
- <section>
+ <section xml:id="jmx-monitoring">
<title>JMX-Based Monitoring</title>
+ <indexterm><primary>JMX</primary></indexterm>
<para>OpenDJ provides Java Management eXtensions (JMX) based monitoring. A
number of tools support JMX, including <command>jconsole</command> and
@@ -127,7 +131,7 @@
$ jvisualvm --openpid 3363 &</screen>
</section>
- <section>
+ <section xml:id="monitoring-status-and-tasks">
<title>Server Operation & Tasks</title>
<para>OpenDJ comes with two commands for monitoring server processes and
@@ -179,8 +183,13 @@
example-20110623030000000 Backup Waiting on start time</screen>
</section>
- <section>
+ <section xml:id="logging">
<title>Server Logs</title>
+ <indexterm><primary>Logs</primary></indexterm>
+ <indexterm>
+ <primary>Replication</primary>
+ <secondary>Log</secondary>
+ </indexterm>
<para>By default OpenDJ stores access and errors logs as well as a
server process ID file under the <filename>logs/</filename> directory.
@@ -273,8 +282,9 @@
list-retention-policies</command>.</para>
</section>
- <section>
+ <section xml:id="alert-notifications">
<title>Alert Notifications</title>
+ <indexterm><primary>Alerts</primary></indexterm>
<para>OpenDJ can send alerts to provide notifications of significant server
events. Yet alert notifications are not enabled by default. You can use
@@ -299,4 +309,3 @@
--set sender-address:opendj@example.com -X -n</screen>
</section>
</chapter>
-
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-mv-servers.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-mv-servers.xml
index f39fcbd..d31db77 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-mv-servers.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-mv-servers.xml
@@ -30,13 +30,18 @@
xmlns:xlink='http://www.w3.org/1999/xlink'
xmlns:xinclude='http://www.w3.org/2001/XInclude'>
<title>Moving Servers</title>
-
+ <indexterm><primary>Moving servers</primary></indexterm>
+
<para>When you change where OpenDJ is deployed, you must take host names,
port numbers, and certificates into account. The changes can also affect
your replication configuration. This chapter shows what to do when moving
a server.</para>
+ <indexterm>
+ <primary>Replication</primary>
+ <secondary>Moving servers</secondary>
+ </indexterm>
- <section>
+ <section xml:id="moving-servers-overview">
<title>Overview</title>
<para>From time to time you might change server hardware, file system layout,
@@ -47,6 +52,7 @@
<itemizedlist>
<para>Two aspects of the configuration are not portable.</para>
<listitem>
+ <indexterm><primary>Certificates</primary></indexterm>
<para>Server certificates contain the host name of the system. Even if you
did not set up secure communications when you installed the server, the
server still has a certificate used for secure communications on the
@@ -64,7 +70,7 @@
</itemizedlist>
</section>
- <section>
+ <section xml:id="before-moving-servers">
<title>Before You Move</title>
<para>Take a moment to determine whether you find it quicker and easier to
@@ -83,7 +89,7 @@
<command>dsconfig</command> and <command>dsreplication</command>
commands.</para>
- <procedure>
+ <procedure xml:id="remove-server">
<title>To Take the Server Out of Service</title>
<step>
@@ -131,14 +137,14 @@
</procedure>
</section>
- <section>
+ <section xml:id="moving-servers">
<title>Moving a Server</title>
<para>Now that you have decided to move your server, and prepared for the
move, you must not only move the files but also fix the configuration and
the server certificates, and then enable replication.</para>
- <procedure>
+ <procedure xml:id="mv-one-server">
<title>To Move the Server</title>
<step>
@@ -222,8 +228,9 @@
</step>
</procedure>
- <procedure>
+ <procedure xml:id="change-server-certificates">
<title>To Change Server Certificates</title>
+ <indexterm><primary>Certificates</primary></indexterm>
<note>
<para>This procedure demonstrates using a new self-signed certificate to
replace the existing certificate in the
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-privileges-acis.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-privileges-acis.xml
index f898451..1bbd6cd 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-privileges-acis.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-privileges-acis.xml
@@ -41,8 +41,9 @@
<para>This chapter covers both access control instructions and privileges,
demonstrating how to configure both.</para>
- <section>
+ <section xml:id="about-acis">
<title>About Access Control Instructions</title>
+ <indexterm><primary>Access control</primary></indexterm>
<para>OpenDJ directory server access control instructions (ACIs) exist as
<literal>aci</literal> attribute values in the directory data. ACIs apply
@@ -113,8 +114,12 @@
specify multiple permissions-subjects pairs, at least one must match
(<literal>OR</literal>).</para>
- <section>
+ <section xml:id="aci-targets">
<title>ACI Targets</title>
+ <indexterm>
+ <primary>Access control</primary>
+ <secondary>Targets</secondary>
+ </indexterm>
<para>The seven types of ACI targets identify the objects to which the ACI
applies.</para>
@@ -213,8 +218,12 @@
</variablelist>
</section>
- <section>
+ <section xml:id="aci-permissions">
<title>ACI Permissions</title>
+ <indexterm>
+ <primary>Access control</primary>
+ <secondary>Permissions</secondary>
+ </indexterm>
<para>ACI permission definitions take one of the following forms.</para>
@@ -304,8 +313,12 @@
</section>
- <section>
+ <section xml:id="aci-subjects">
<title>ACI Subjects</title>
+ <indexterm>
+ <primary>Access control</primary>
+ <secondary>Subjects</secondary>
+ </indexterm>
<para>ACI subjects match characteristics of the client connection to the
server. Use subjects to restrict whether the ACI applies depending on who
@@ -458,8 +471,9 @@
</section>
</section>
- <section>
+ <section xml:id="about-privileges">
<title>About Privileges</title>
+ <indexterm><primary>Privileges</primary></indexterm>
<para>Privileges provide access control for server administration
independently from access control instructions.</para>
@@ -600,7 +614,7 @@
<para>* = default directory root user privileges</para>
</section>
- <section>
+ <section xml:id="configure-privileges">
<title>Configuring Privileges</title>
<para>For root directory administrators, by default <literal>cn=Directory
@@ -610,7 +624,7 @@
<para>For non-root directory administrators, you add privileges with
the <command>ldapmodify</command> command.</para>
- <procedure>
+ <procedure xml:id="change-root-dn-privileges">
<title>To Change Root DN Privileges</title>
<step>
@@ -631,7 +645,7 @@
</step>
</procedure>
- <procedure>
+ <procedure xml:id="change-individual-privileges">
<title>To Add Privileges on an Individual Entry</title>
<para>Privileges are specified using the <literal>ds-privilege-name</literal>
@@ -689,7 +703,7 @@
</step>
</procedure>
- <procedure>
+ <procedure xml:id="change-group-privileges">
<title>To Add Privileges For a Group of Administrators</title>
<para>For deployments with more than one administrator, you no doubt use
@@ -738,8 +752,12 @@
</procedure>
</section>
- <section>
+ <section xml:id="configure-acis">
<title>Configuring Access Control</title>
+ <indexterm>
+ <primary>Access control</primary>
+ <secondary>Examples</secondary>
+ </indexterm>
<para>Access control instructions are defined in the data, as values for
<literal>aci</literal> attributes. They can be imported in LDIF. They can
@@ -778,6 +796,10 @@
to entry updates and entry identification.</para>
</listitem>
<listitem>
+ <indexterm>
+ <primary>Replication</primary>
+ <secondary>Data access</secondary>
+ </indexterm>
<para>Access to replication data is denied.</para>
</listitem>
</itemizedlist>
@@ -790,7 +812,7 @@
<para>This section therefore focuses on ACI examples, rather than
demonstrating how to directory data for each example.</para>
- <example>
+ <example xml:id="access-control-anonymous-reads">
<title>ACI: Anonymous Reads & Searches</title>
<para>This works when the only attributes you do not want world-readable
@@ -801,7 +823,7 @@
</programlisting>
</example>
- <example>
+ <example xml:id="access-control-full-access">
<title>ACI: Full Access for Administrators</title>
<para>Directory Administrators need privileges as well for full access to
@@ -818,7 +840,7 @@
import and export operations.</para>
</example>
- <example>
+ <example xml:id="access-control-selfwrite-password">
<title>ACI: Change Own Password</title>
<para>By default this capability is set in a global ACI.</para>
@@ -827,7 +849,7 @@
words"; allow (write)(userdn = "ldap:///self");)</programlisting>
</example>
- <example>
+ <example xml:id="access-control-selfwrite-group">
<title>ACI: Manage Own Group Membership</title>
<para>For some static groups such as carpoolers and social club members,
@@ -837,7 +859,7 @@
userdn = "ldap:///uid=*,ou=People,dc=example,dc=com");)</programlisting>
</example>
- <example>
+ <example xml:id="access-control-self-service-group">
<title>ACI: Manage Self Service Groups</title>
<para>Let users create and delete self-managed groups.</para>
@@ -850,7 +872,7 @@
owner#USERDN");)</programlisting>
</example>
- <example>
+ <example xml:id="access-control-loopback-only">
<title>ACI: Permit Clear Text Access Over Loopback Only</title>
<para>This ACI uses IP address and Security Strength Factor subjects.</para>
@@ -863,9 +885,13 @@
</example>
</section>
- <section>
+ <section xml:id="get-effective-rights">
<title>Viewing Effective Rights</title>
-
+ <indexterm>
+ <primary>Access control</primary>
+ <secondary>Effective rights</secondary>
+ </indexterm>
+
<para>Once you set up a number of ACIs, you might find it difficult to
understand by inspection what rights a user actually has to a given entry.
The Get Effective Rights control can help.</para>
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-pta.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-pta.xml
index ce10f35..6b46163 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-pta.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-pta.xml
@@ -30,7 +30,8 @@
xmlns:xlink='http://www.w3.org/1999/xlink'
xmlns:xinclude='http://www.w3.org/2001/XInclude'>
<title>Configuring Pass Through Authentication</title>
-
+ <indexterm><primary>Pass through authentication</primary></indexterm>
+
<para>This chapter focuses on pass through authentication (PTA), whereby you
configure another server to determine the response to an authentication
request. A typical use case for pass through authentication involves
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-pwd-policy.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-pwd-policy.xml
index e3f9cd1..7ca8047 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-pwd-policy.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-pwd-policy.xml
@@ -30,7 +30,8 @@
xmlns:xlink='http://www.w3.org/1999/xlink'
xmlns:xinclude='http://www.w3.org/2001/XInclude'>
<title>Configuring Password Policy</title>
-
+ <indexterm><primary>Password policy</primary></indexterm>
+
<para>If you want to synchronize password policy across your organization
and your applications go to the directory for authentication, then the
directory can be a good place to enforce your password policy uniformly.
@@ -43,7 +44,7 @@
<!-- TODO: A section with a larger set of examples would be nice. -->
- <section>
+ <section xml:id="pwp-overview">
<title>About OpenDJ Password Policies</title>
<para>OpenDJ password policies govern not only passwords, but also account
@@ -53,7 +54,7 @@
and also subentry password policies as part of the (replicated) user
data.</para>
- <section>
+ <section xml:id="pwp-per-server">
<title>Server Based Password Policies</title>
<para>You manage the password policies in the OpenDJ configuration by using
@@ -132,13 +133,21 @@
passwords hashed by the client application.</para>
</section>
- <section>
+ <section xml:id="pwp-replicated">
<title>Subentry Based Password Policies</title>
+ <indexterm>
+ <primary>Replication</primary>
+ <secondary>Password policy</secondary>
+ </indexterm>
<para>You manage subentry password policies by adding the subentries
alongside the user data. Thus OpenDJ can replicate subentry password
policies across servers.</para>
+ <indexterm>
+ <primary>Password policy</primary>
+ <secondary>Behera Internet-Draft</secondary>
+ </indexterm>
<para>Subentry password policies support the Internet-Draft <link
xlink:href="http://tools.ietf.org/html/draft-behera-ldap-password-policy-09"
>Password Policy for LDAP Directories</link> (version 09). A subentry
@@ -236,7 +245,7 @@
</itemizedlist>
</section>
- <section>
+ <section xml:id="pwp-application">
<title>Which Password Policy Applies</title>
<para>The password policy that applies to a user is identified by the
@@ -248,16 +257,20 @@
</section>
</section>
- <section>
+ <section xml:id="configure-pwp">
<title>Configuring Password Policies</title>
<para>You configure password policies using the <command>dsconfig</command>
command. Notice that password policies are part of the server configuration,
and therefore not replicated.</para>
- <procedure>
+ <procedure xml:id="default-pwp">
<title>To Adjust the Default Password Policy</title>
-
+ <indexterm>
+ <primary>Password policy</primary>
+ <secondary>Default</secondary>
+ </indexterm>
+
<para>You can reconfigure the default password policy for example to
enforce password expiration, check that passwords do not match dictionary
words, and prevent password reuse.</para>
@@ -312,7 +325,7 @@
</step>
</procedure>
- <procedure>
+ <procedure xml:id="create-per-server-pwp">
<title>To Create a Server Based Password Policy</title>
<para>You can add a password policy for example for new users who have not
@@ -366,7 +379,7 @@
</step>
</procedure>
- <procedure>
+ <procedure xml:id="create-repl-pwp">
<title>To Create a Subentry Based Password Policy</title>
<para>You can add a subentry to configure a password policy that
applies to Directory Administrators.</para>
@@ -413,7 +426,7 @@
</procedure>
</section>
- <section>
+ <section xml:id="assign-pwp">
<title>Assigning Password Policies</title>
<para>You assign subentry based password policies for a subtree of the DIT by
@@ -428,7 +441,7 @@
<para>You assign server based password policies by using the
<literal>ds-pwp-password-policy-dn</literal> attribute.</para>
- <procedure>
+ <procedure xml:id="assign-pwp-to-individual">
<title>To Assign a Password Policy to a User</title>
<step>
@@ -513,4 +526,3 @@
</procedure>
</section>
</chapter>
-
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-referrals.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-referrals.xml
index e749714..00de03a 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-referrals.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-referrals.xml
@@ -30,7 +30,8 @@
xmlns:xlink='http://www.w3.org/1999/xlink'
xmlns:xinclude='http://www.w3.org/2001/XInclude'>
<title>Working With Referrals</title>
-
+ <indexterm><primary>Referrals</primary></indexterm>
+
<para>Referrals point directory clients to another directory server. The
client receiving a referral must then connect to the other server to complete
the request. Referrals are used for example when a directory server is
@@ -42,7 +43,7 @@
<command>ldapmodify</command> command. You can also use the Manage Entries
window of the Control Panel to handle referrals.</para>
- <section>
+ <section xml:id="referrals-overview">
<title>About Referrals</title>
<para>Referrals are implemented as entries with <link
@@ -60,7 +61,7 @@
applications must be capable of following the referral returned.</para>
</section>
- <section>
+ <section xml:id="managing-referrals">
<title>Managing Referrals</title>
<para>To create an LDAP referral either you create a referral entry, or
@@ -129,4 +130,3 @@
DSAIT control with the <command>ldapmodify</command> command.</para>
</section>
</chapter>
-
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-replication.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-replication.xml
index 9371a33..b223c20 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-replication.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-replication.xml
@@ -38,8 +38,16 @@
of OpenDJ installation, and in many cases let replication do its work in
the background.</para>
- <section>
+ <section xml:id="repl-quick-setup">
<title>Replication Quick Setup</title>
+ <indexterm>
+ <primary>Replication</primary>
+ <secondary>Quick setup</secondary>
+ </indexterm>
+ <indexterm>
+ <primary>High availability</primary>
+ <see>Replication</see>
+ </indexterm>
<para>The easiest way to set up replication for the first time involves
using the setup wizard.</para>
@@ -95,8 +103,12 @@
</section>
- <section>
+ <section xml:id="about-repl">
<title>About Replication</title>
+ <indexterm>
+ <primary>Replication</primary>
+ <secondary>Overview</secondary>
+ </indexterm>
<para>Before you take replication further than setting up replication
in the setup wizard, read this section to learn more about how OpenDJ
@@ -145,14 +157,18 @@
more than one replication topology.</para>
</section>
- <section>
+ <section xml:id="configure-repl">
<title>Configuring Replication</title>
+ <indexterm>
+ <primary>Replication</primary>
+ <secondary>Configuring</secondary>
+ </indexterm>
<para>For some deployments you choose not to configure replication using the
setup wizard. This section shows how to configure replication with
command-line tools.</para>
- <section>
+ <section xml:id="enable-repl">
<title>Enabling Replication</title>
<para>You can start the replication process by using the
@@ -200,7 +216,7 @@
the new server as the second server.</para>
</section>
- <section>
+ <section xml:id="init-repl">
<title>Initializing Replicas</title>
<para>Although you can enable replication before you have user data, you
@@ -212,7 +228,7 @@
exported from another replica when adding a server to the topology, or by
restoring a backup from an existing replica onto a new server.</para>
- <procedure>
+ <procedure xml:id="init-repl-online">
<title>To Initialize Online</title>
<step>
@@ -236,7 +252,7 @@
</step>
</procedure>
- <procedure>
+ <procedure xml:id="init-repl-ldif">
<title>To Initialize All Servers From the Same LDIF</title>
<para>Follow these steps to prepare a replication topology starting from
@@ -265,7 +281,7 @@
</step>
</procedure>
- <procedure>
+ <procedure xml:id="init-repl-backup">
<title>To Create a New Replica From Existing Backup</title>
<para>You can create a new replica from a backup of an existing replica.
@@ -352,13 +368,17 @@
</procedure>
</section>
- <section>
+ <section xml:id="stop-repl">
<title>Stopping Replication</title>
-
+ <indexterm>
+ <primary>Replication</primary>
+ <secondary>Stopping</secondary>
+ </indexterm>
+
<para>How you stop replication depends on whether the change is meant to
be temporary, or meant to be permanent.</para>
- <procedure>
+ <procedure xml:id="stop-repl-tmp">
<title>To Stop Replication Temporarily For a Replica</title>
<para>If you need to stop a server from replicating temporarily, you can
@@ -383,7 +403,7 @@
</step>
</procedure>
- <procedure>
+ <procedure xml:id="stop-repl-permanent">
<title>To Stop Replication Permanently For a Replica</title>
<para>If you need to stop a server from replicating permanently, for
@@ -419,9 +439,13 @@
</procedure>
</section>
- <section>
+ <section xml:id="repl-dedicated-servers">
<title>Stand-alone Replication Servers</title>
-
+ <indexterm>
+ <primary>Replication</primary>
+ <secondary>Dedicated servers</secondary>
+ </indexterm>
+
<para>Replication in OpenDJ is designed to be both easy to implement in
environments with a few servers, and also scalable in environments with
many servers. You can enable the replication service on each OpenDJ
@@ -438,7 +462,7 @@
in fully-meshed replication.</para>
- <procedure>
+ <procedure xml:id="repl-setup-dedicated-server">
<title>To Set Up a Stand-alone Replication Server</title>
<para>This example sets up a stand-alone replication server to handle
@@ -544,15 +568,19 @@
</procedure>
</section>
- <section>
+ <section xml:id="repl-groups">
<title>Replication Groups</title>
-
+ <indexterm>
+ <primary>Replication</primary>
+ <secondary>Grouping servers</secondary>
+ </indexterm>
+
<para>Replication lets you define groups so that replicas communicate
first with replication servers in the group before going to replication
servers outside the group. Groups are identified with unique numeric
group IDs.</para>
- <procedure>
+ <procedure xml:id="define-repl-groups">
<title>To Set Up Replication Groups</title>
<para>For each group, set the appropriate group ID for the topology
@@ -602,9 +630,13 @@
</tip>
</section>
- <section>
+ <section xml:id="read-only-repl">
<title>Read-Only Replicas</title>
-
+ <indexterm>
+ <primary>Replication</primary>
+ <secondary>Read-only servers</secondary>
+ </indexterm>
+
<para>By default all directory servers in a replication topology are
read-write. You can however choose to make replicas take updates only
from the replication protocol, and refuse updates from client
@@ -614,9 +646,13 @@
set-global-configuration-prop --set writability-mode:internal-only -X -n</screen>
</section>
- <section>
+ <section xml:id="repl-assured">
<title>Assured Replication</title>
-
+ <indexterm>
+ <primary>Replication</primary>
+ <secondary>Assured</secondary>
+ </indexterm>
+
<para>In standard replication, when a client requests an update operation
the directory server performs the update and, if the update is successful,
sends information about the update to the replication service, and sends
@@ -635,7 +671,7 @@
standard replication, yet it is also slower, potentially waiting for a
timeout before failing when the network or other servers are down.</para>
- <procedure>
+ <procedure xml:id="repl-safe-data">
<title>To Ensure Updates Reach Replication Servers</title>
<para>Safe data mode requires the update be sent to
@@ -656,9 +692,9 @@
--domain-name "dc=example,dc=com"
--set assured-type:safe-data --set assured-sd-level:1 -X -n</screen>
</step>
- </procedure>
-
- <procedure>
+ </procedure>
+
+ <procedure xml:id="repl-safe-read">
<title>To Ensure Updates Are Replayed Everywhere</title>
<para>Safe read mode requires the update be replayed on all directory
@@ -685,9 +721,13 @@
degraded status, assured replication ceases to have an effect.</para>
</section>
- <section>
+ <section xml:id="repl-subtree">
<title>Subtree Replication</title>
-
+ <indexterm>
+ <primary>Replication</primary>
+ <secondary>Subtree</secondary>
+ </indexterm>
+
<para>OpenDJ lets you do subtree replication, for example replicating
<literal>ou=People,dc=example,dc=com</literal>, but not the rest of
<literal>dc=example,dc=com</literal>, by putting the subtree in a separate
@@ -701,9 +741,13 @@
<literal>ou=People,dc=example,dc=com</literal> in its own topology.</para>
</section>
- <section>
+ <section xml:id="repl-fractional">
<title>Fractional Replication</title>
-
+ <indexterm>
+ <primary>Replication</primary>
+ <secondary>Fractional</secondary>
+ </indexterm>
+
<para>OpenDJ lets you do fractional replication, whereby you specify
the attributes to include in the replication process, or alternatively
specify the attributes to exclude.</para>
@@ -738,8 +782,15 @@
</section>
</section>
- <section>
+ <section xml:id="repl-change-notification">
<title>Change Notification For Your Applications</title>
+ <indexterm>
+ <primary>Replication</primary>
+ <secondary>Change notification</secondary>
+ </indexterm>
+ <indexterm>
+ <primary>External change log</primary>
+ </indexterm>
<para>Some applications require notification when directory data updates
occur. For example, an application might need to sync directory data with
@@ -750,7 +801,7 @@
provides an external change log mechanism to allow applications to be
notified of changes to directory data.</para>
- <procedure>
+ <procedure xml:id="enable-ecl">
<title>To Enable the External Change Log</title>
<para>OpenDJ directory servers not using replication cannot expose an
@@ -780,7 +831,7 @@
</step>
</procedure>
- <procedure>
+ <procedure xml:id="use-ecl">
<title>To Use the External Change Log</title>
<para>You read the external change log over protocol. In addition, when you
@@ -946,13 +997,18 @@
value for the cookie.</para>
</step>
</procedure>
-
- <para>The external change log can also operate in a mode compatible with the
- <link xlink:href="http://tools.ietf.org/html/draft-good-ldap-changelog-04"
- >Internet-Draft: Definition of an Object Class to Hold LDAP Change
- Records</link>. Thus, you can use the change log with legacy applications
- that require this format without using cookies that facilitate retrieving
- updates in a multi-master replication environment.</para>
+
+ <para xml:id="ecl-legacy-format">The external change log can also operate in
+ a mode compatible with the <link
+ xlink:href="http://tools.ietf.org/html/draft-good-ldap-changelog-04"
+ >Internet-Draft: Definition of an Object Class to Hold LDAP Change
+ Records</link>. Thus, you can use the change log with legacy applications
+ that require this format without using cookies that facilitate retrieving
+ updates in a multi-master replication environment.</para>
+ <indexterm>
+ <primary>External change log</primary>
+ <secondary>Legacy format</secondary>
+ </indexterm>
</section>
</chapter>
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-resource-limits.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-resource-limits.xml
index 115942d..3dd922b 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-resource-limits.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-resource-limits.xml
@@ -30,11 +30,12 @@
xmlns:xlink='http://www.w3.org/1999/xlink'
xmlns:xinclude='http://www.w3.org/2001/XInclude'>
<title>Setting Resource Limits</title>
-
+ <indexterm><primary>Resource limits</primary></indexterm>
+
<para>This chapter shows you how to set resource limits that prevent
directory clients from using an unfair share of system resources.</para>
- <section>
+ <section xml:id="limit-search-resources">
<title>Limiting Search Resources</title>
<para>Well-written directory client applications limit the scope of their
@@ -76,7 +77,7 @@
</listitem>
</itemizedlist>
- <procedure>
+ <procedure xml:id="set-search-limits-per-user">
<title>To Set Search Limits For a User</title>
<step>
<para>Change the user entry to set the limits to override.</para>
@@ -99,7 +100,7 @@
</step>
</procedure>
- <procedure>
+ <procedure xml:id="set-search-limits-per-group">
<title>To Set Search Limits For a Group</title>
<step>
<para>Create an LDAP subentry to specify the limits using collective
@@ -133,7 +134,7 @@
</procedure>
</section>
- <section>
+ <section xml:id="limit-idle-time">
<title>Limiting Idle Time</title>
<para>If you have applications that leave connections open for long
@@ -149,7 +150,7 @@
<para>The example shown sets the idle time limit to 24 hours.</para>
</section>
- <section>
+ <section xml:id="limit-max-request-size">
<title>Limiting Maximum Request Size</title>
<para>The default maximum request size of 5 MB, set using the advanced
@@ -167,4 +168,3 @@
handler to 20 MB.</para>
</section>
</chapter>
-
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-samba.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-samba.xml
index 738bbca..1537cfd 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-samba.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-samba.xml
@@ -30,6 +30,7 @@
xmlns:xlink='http://www.w3.org/1999/xlink'
xmlns:xinclude='http://www.w3.org/2001/XInclude'>
<title>Samba Password Synchronization</title>
+ <indexterm><primary>Samba</primary></indexterm>
<para>When you store Samba profiles in OpenDJ, Samba stores its own attributes
as defined in the Samba schema. Samba does not use the LDAP standard
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-schema.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-schema.xml
index fe79c89..4e3445a 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-schema.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-schema.xml
@@ -30,7 +30,8 @@
xmlns:xlink='http://www.w3.org/1999/xlink'
xmlns:xinclude='http://www.w3.org/2001/XInclude'>
<title>Managing Schema</title>
-
+ <indexterm><primary>Schema</primary></indexterm>
+
<para>Schema definitions describe the data, and especially the object classes
and attribute types that can be stored in the directory. By default OpenDJ
conforms strictly to LDAPv3 standards pertaining to schema definitions and
@@ -48,7 +49,7 @@
This chapter also identifies the standard schema definitions available when
you install OpenDJ.</para>
- <section>
+ <section xml:id="about-schema">
<title>About Directory Schema</title>
<para>Directory schema, described in <link
@@ -111,9 +112,13 @@
installation time.</para>
</section>
- <section>
+ <section xml:id="update-schema">
<title>Updating Directory Schema</title>
-
+ <indexterm>
+ <primary>Replication</primary>
+ <secondary>Schema definitions</secondary>
+ </indexterm>
+
<para>OpenDJ directory server is designed to permit updating the list of
directory schema definitions while the server is running. As a result you can
add support for new applications that require new attributes or new kinds
@@ -196,8 +201,12 @@
</screen>
</section>
- <section>
+ <section xml:id="schema-legacy-support">
<title>Relaxing Schema Checking to Import Legacy Data</title>
+ <indexterm>
+ <primary>Schema</primary>
+ <secondary>Legacy data</secondary>
+ </indexterm>
<para>By default, OpenDJ accepts data that follows the standards in terms of
what is allowed and what is rejected. You might have legacy data from a
@@ -230,8 +239,12 @@
set-global-configuration-prop --set check-schema:false -X -n</screen>
</section>
- <section>
+ <section xml:id="standard-schema">
<title>Standard Schema Included With OpenDJ</title>
+ <indexterm>
+ <primary>Schema</primary>
+ <secondary>Bundled definitions</secondary>
+ </indexterm>
<para>The following files under <filename>config/schema/</filename>
contain schema definitions out of the box.</para>
@@ -371,6 +384,15 @@
</varlistentry>
<varlistentry>
<term>
+ <filename>05-samba.ldif</filename>
+ </term>
+ <listitem>
+ <para>This file contains schema definitions required when storing Samba
+ user accounts in the directory server.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
<filename>05-solaris.ldif</filename>
</term>
<listitem>
@@ -390,4 +412,3 @@
</variablelist>
</section>
</chapter>
-
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-server-process.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-server-process.xml
index 2160248..a592d90 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-server-process.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-server-process.xml
@@ -30,7 +30,6 @@
xmlns:xlink='http://www.w3.org/1999/xlink'
xmlns:xinclude='http://www.w3.org/2001/XInclude'>
<title>Managing Server Processes</title>
-
<para>Using the OpenDJ Control Panel, you can start and stop local servers.
You can also start and stop OpenDJ using command-line tools, and use the
operating system's capabilities for starting OpenDJ at boot time.</para>
@@ -42,8 +41,9 @@
happens during a system crash or when you kill the server process using
system tools.</para>
- <section>
+ <section xml:id="start-server">
<title>Starting a Server</title>
+ <indexterm><primary>Start server</primary></indexterm>
<itemizedlist>
<para>Use one of the following techniques.</para>
@@ -85,8 +85,9 @@
</itemizedlist>
</section>
- <section>
+ <section xml:id="stop-server">
<title>Stopping a Server</title>
+ <indexterm><primary>Stop server</primary></indexterm>
<itemizedlist>
<para>Use one of the following techniques.</para>
@@ -109,8 +110,9 @@
</itemizedlist>
</section>
- <section>
+ <section xml:id="restart-server">
<title>Restarting a Server</title>
+ <indexterm><primary>Restart server</primary></indexterm>
<itemizedlist>
<para>Use one of the following techniques.</para>
@@ -133,8 +135,12 @@
</itemizedlist>
</section>
- <section>
+ <section xml:id="crash-recovery">
<title>Server Recovery</title>
+ <indexterm>
+ <primary>Replication</primary>
+ <secondary>Crash recovery</secondary>
+ </indexterm>
<para>OpenDJ tends to show resilience when restarting after a crash or after
the server process is killed abruptly. OpenDJ might have to replay the last
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-troubleshooting.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-troubleshooting.xml
index 817f6b4..3b7dbca 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-troubleshooting.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-troubleshooting.xml
@@ -31,11 +31,12 @@
xmlns:xlink='http://www.w3.org/1999/xlink'
xmlns:xinclude='http://www.w3.org/2001/XInclude'>
<title>Troubleshooting Server Problems</title>
-
+ <indexterm><primary>Troubleshooting</primary></indexterm>
+
<para>This chapter describes how to troubleshoot common server problems,
and how to collect information necessary when seeking support help.</para>
- <section>
+ <section xml:id="troubleshoot-identify-problem">
<title>Identifying the Problem</title>
<para>In order to solve your problem methodically, save time by defining the
@@ -72,7 +73,7 @@
start looking for solutions.</para>
</section>
- <section>
+ <section xml:id="troubleshoot-installation">
<title>Troubleshooting Installation & Upgrade</title>
<para>Installation and upgrade procedures result in a log file tracing
@@ -82,7 +83,7 @@
<literallayout class="monospaced">See /var/....log for a detailed log of this operation.</literallayout>
</section>
- <section>
+ <section xml:id="troubleshoot-import">
<title>Troubleshooting LDIF Import</title>
<para>By default OpenDJ requires that LDIF data you import respect standards.
@@ -119,7 +120,7 @@
default behavior to ensure automated checking.</para>
</section>
- <section>
+ <section xml:id="troubleshoot-secure-connections">
<title>Troubleshooting TLS/SSL Connections</title>
<para>In order to trust the server certificate, client applications usually
@@ -147,7 +148,7 @@
<screen>OPENDJ_JAVA_ARGS="-Djavax.net.debug=all" start-ds</screen>
</section>
- <section>
+ <section xml:id="troubleshoot-connections">
<title>Troubleshooting Client Operations</title>
<para>By default OpenDJ logs information about all client operations in
@@ -178,8 +179,12 @@
control when not using it as Directory Manager.</para>
</section>
- <section>
+ <section xml:id="troubleshoot-repl">
<title>Troubleshooting Replication</title>
+ <indexterm>
+ <primary>Replication</primary>
+ <secondary>Troubleshooting</secondary>
+ </indexterm>
<para>Replication can generally recover from conflicts and transient issues.
Replication does, however, require that update operations be copied
@@ -215,7 +220,7 @@
from a recent backup or from a server that is up to date.</para>
</section>
- <section>
+ <section xml:id="troubleshoot-get-help">
<title>Asking For Help</title>
<para>When you cannot resolve a problem yourself, and want to ask for help,
@@ -259,5 +264,4 @@
</listitem>
</itemizedlist>
</section>
-
</chapter>
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-tuning.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-tuning.xml
index b772d46..352388a 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-tuning.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-tuning.xml
@@ -30,6 +30,7 @@
xmlns:xlink='http://www.w3.org/1999/xlink'
xmlns:xinclude='http://www.w3.org/2001/XInclude'>
<title>Tuning Servers For Performance</title>
+ <indexterm><primary>Performance tuning</primary></indexterm>
<para>Server tuning refers to the art of adjusting server, JVM, and system
configuration to meet the service level performance requirements of directory
@@ -43,7 +44,7 @@
This chapter therefore aims to provide suggestions on how to measure and
to improve directory service performance for better trade offs.</para>
- <section>
+ <section xml:id="perf-define-starting-points">
<title>Defining Performance Requirements & Constraints</title>
<para>Your key performance requirement is most likely to satisfy your
@@ -52,7 +53,7 @@
expect, and determine what resources you will have to satisfy their
expectations.</para>
- <section>
+ <section xml:id="perf-sla">
<title>Service-Level Agreements</title>
<para>Service-level agreement (SLA) is a formal name for what directory
@@ -80,6 +81,10 @@
<listitem>
<para>Directory service <firstterm>throughput</firstterm></para>
+ <indexterm>
+ <primary>Replication</primary>
+ <secondary>Write throughput</secondary>
+ </indexterm>
<para>Directory service throughput can range up to many thousands of
operations per second. In fact there is no upper limit for read operations
such as searches, because only write operations must be replicated. To
@@ -127,7 +132,7 @@
outcome.</para>
</section>
- <section>
+ <section xml:id="perf-constraints">
<title>Available Resources</title>
<para>With your SLA in hand, take inventory of the server, networks,
@@ -147,7 +152,7 @@
long you expect to have them, and why you need them. Also make note of
what is missing and why.</para>
- <section>
+ <section xml:id="perf-hardware">
<title>Server Hardware Recommendations</title>
<para>Concerning server hardware, OpenDJ runs on systems with Java support,
@@ -155,7 +160,7 @@
single-board, x86 systems due to low memory latency.</para>
</section>
- <section>
+ <section xml:id="perf-storage">
<title>Storage Recommendations</title>
<para>OpenDJ is designed to work with local storage for the database,
@@ -181,7 +186,7 @@
</section>
</section>
- <section>
+ <section xml:id="perf-testing">
<title>Testing Performance</title>
<para>Even if you do not need high availability, you still need two of
@@ -228,7 +233,7 @@
client applications.</para>
</section>
- <section>
+ <section xml:id="perf-tweaking">
<title>Tweaking OpenDJ Performance</title>
<para>When your tests show that OpenDJ performance is lacking even though
@@ -236,7 +241,7 @@
resources in place, you can tweak OpenDJ performance in a number of ways.
This section mentions the most common tweaks.</para>
- <section>
+ <section xml:id="perf-java">
<title>Java Settings</title>
<para>Default Java settings let you evaluate OpenDJ using limited system
@@ -303,7 +308,7 @@
</variablelist>
</section>
- <section>
+ <section xml:id="perf-data-storage">
<title>Data Storage Settings</title>
<para>By default, OpenDJ does use compact data encoding, reducing size used
@@ -323,8 +328,12 @@
Import task 20110627101758486 scheduled to start Jun 27, 2011 10:17:58 AM CEST</screen>
</section>
- <section>
+ <section xml:id="perf-import">
<title>LDIF Import Settings</title>
+ <indexterm>
+ <primary>Importing data</primary>
+ <secondary>Performance</secondary>
+ </indexterm>
<para>You can tweak OpenDJ to speed up import of large LDIF files.</para>
@@ -348,7 +357,7 @@
<command>import-ldif</command> command to skip validation.</para>
</section>
- <section>
+ <section xml:id="perf-db-cache">
<title>Database Cache Settings</title>
<para>Database cache size is, by default, set as a percentage of the JVM
@@ -383,7 +392,7 @@
depends on your operating system.</para>
</section>
- <section>
+ <section xml:id="perf-entry-cache">
<title>Entry Cache Settings</title>
<para>OpenDJ implements an entry cache. The entry cache is not designed to
@@ -398,7 +407,7 @@
--set max-entries:10 --set enabled:true -X -n</screen>
</section>
- <section>
+ <section xml:id="perf-logging">
<title>Logging Settings</title>
<para>Debug logs trace the internal workings of OpenDJ, and therefore
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-virtual-attrs-collective-attrs.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-virtual-attrs-collective-attrs.xml
index 4f7d948..665bee2 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-virtual-attrs-collective-attrs.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-virtual-attrs-collective-attrs.xml
@@ -40,8 +40,9 @@
<para>This chapter demonstrates how to define virtual and collective
attributes, showing common solutions as examples of their use.</para>
- <section>
+ <section xml:id="virtual-attributes">
<title>Virtual Attributes</title>
+ <indexterm><primary>Virtual attributes</primary></indexterm>
<para>OpenDJ defines a number of virtual attributes by default.</para>
@@ -114,7 +115,11 @@
dn: dc=example,dc=com
numSubordinates: 4
</screen>
-
+ <indexterm>
+ <primary>Replication</primary>
+ <secondary>Not for virtual attributes</secondary>
+ </indexterm>
+
<para>You can use the existing virtual attribute types to create your
own virtual attributes, and you can also use the
<literal>user-defined</literal> type to create your own. The virtual
@@ -135,8 +140,9 @@
attributes.</para>
</section>
- <section>
+ <section xml:id="collective-attributes">
<title>Collective Attributes</title>
+ <indexterm><primary>Collective attributes</primary></indexterm>
<para>Collective attributes provide a standard mechanism for defining
attributes that appear on all the entries in a subtree potentially filtered
--
Gitblit v1.10.0