From a3b3525e556898bbd3243d99cdc122dc2bd95122 Mon Sep 17 00:00:00 2001
From: Mark Craig <mark.craig@forgerock.com>
Date: Wed, 22 Oct 2014 15:13:43 +0000
Subject: [PATCH] CR-4936 OPENDJ-1593 Fix problems in Understanding LDAP chapters

---
 src/main/docbkx/dev-guide/man-ldapsearch.xml          |   10 ++++++++++
 src/main/docbkx/dev-guide/man-ldifsearch.xml          |   10 ++++++++++
 src/main/docbkx/dev-guide/chap-understanding-ldap.xml |   28 ++++++++++++++++++++++++++--
 3 files changed, 46 insertions(+), 2 deletions(-)

diff --git a/src/main/docbkx/dev-guide/chap-understanding-ldap.xml b/src/main/docbkx/dev-guide/chap-understanding-ldap.xml
index 245e7b3..fd47e54 100644
--- a/src/main/docbkx/dev-guide/chap-understanding-ldap.xml
+++ b/src/main/docbkx/dev-guide/chap-understanding-ldap.xml
@@ -108,7 +108,7 @@
   for words in the dictionary, or for subscriber names in the phone book.
   A sample entry follows.</para>
 
-  <programlisting language="LDIF">
+  <programlisting language="ldif">
 dn: uid=bjensen,ou=People,dc=example,dc=com
 uid: bjensen
 cn: Babs Jensen
@@ -210,6 +210,30 @@
   <literal>""</literal> (the empty string), is called the root DSE, and
   contains information about what the server supports, including the other
   base DNs it serves.</para></footnote></para>
+
+  <para>
+   A directory server stores two kinds of attributes in a directory entry:
+   <firstterm>user attributes</firstterm>
+   and <firstterm>operational attributes</firstterm>.
+   User attributes hold the information for users of the directory.
+   All of the attributes shown in the entry at the outset of this section
+   are user attributes.
+   Operational attributes hold information used by the directory itself.
+   Examples of operational attributes include
+   <literal>entryUUID</literal>, <literal>modifyTimestamp</literal>,
+   and <literal>subschemaSubentry</literal>.
+   When an LDAP search operation finds an entry in the directory,
+   the directory server returns all the visible user attributes
+   unless the search request restricts the list of attributes
+   by specifying those attributes explicitly.
+   The directory server does not however return any operational attributes
+   unless the search request specifically asks for them.
+   Generally speaking, applications should change only user attributes,
+   and leave updates of operational attributes to the server,
+   relying on public directory server interfaces to change server behavior.
+   An exception is access control instruction (<literal>aci</literal>) attributes,
+   which are operational attributes used to control access to directory data.
+  </para>
  </section>
  
  <section xml:id="ldap-client-server-communication">
@@ -299,7 +323,7 @@
     else, her DN would have to change. For another example, if you decide
     to consolidate <literal>ou=Customers</literal> and
     <literal>ou=Employees</literal> under <literal>ou=People</literal>
-    instead, all the entries underneath much change distinguished names.
+    instead, all the entries underneath must change distinguished names.
     <footnote><para>Renaming entire branches of entries can be a major
     operation for the directory, so avoid moving entire branches if you
     can.</para></footnote></para>
diff --git a/src/main/docbkx/dev-guide/man-ldapsearch.xml b/src/main/docbkx/dev-guide/man-ldapsearch.xml
index 42c0b4c..6363191 100644
--- a/src/main/docbkx/dev-guide/man-ldapsearch.xml
+++ b/src/main/docbkx/dev-guide/man-ldapsearch.xml
@@ -479,6 +479,16 @@
      on the entries returned by the search.</para>
     </listitem>
    </varlistentry>
+
+   <varlistentry>
+    <term><literal>1.1</literal></term>
+    <listitem>
+     <para>
+      Return no attributes, only the DNs of matching entries.
+     </para>
+    </listitem>
+   </varlistentry>
+
   </variablelist>
  </refsect1>
  <refsect1>
diff --git a/src/main/docbkx/dev-guide/man-ldifsearch.xml b/src/main/docbkx/dev-guide/man-ldifsearch.xml
index a5df212..eaae30a 100644
--- a/src/main/docbkx/dev-guide/man-ldifsearch.xml
+++ b/src/main/docbkx/dev-guide/man-ldifsearch.xml
@@ -153,6 +153,16 @@
      on the entries returned by the search.</para>
     </listitem>
    </varlistentry>
+
+   <varlistentry>
+    <term><literal>1.1</literal></term>
+    <listitem>
+     <para>
+      Return no attributes, only the DNs of matching entries.
+     </para>
+    </listitem>
+   </varlistentry>
+
   </variablelist>
  </refsect1>
  <refsect1>

--
Gitblit v1.10.0