|
| Sun ONE Directory Server Administration Guide |
| Symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z |
IndexA
- access control
- ACI attribute 1
- ACI syntax 1
- allowing or denying access 1
- and replication 1
- and schema checking 1
- anonymous access 1, 2, 3
- bind rules 1
- access at specific time or day 1
- access based on value matching 1
- general access 1
- user and group access 1
- Boolean bind rules 1
- compatibility with earlier versions 1
- creating from console 1
- dynamic targets 1
- from specific domain 1
- from specific IP address 1
- logging information 1
- overview 1, 2
- permissions 1
- placement of ACIs 1
- rights 1
- SASL authentication 1
- simple authentication 1
- SSL authentication 1
- structure of ACIs 1
- target DN containing comma 1
- target DN containing comma and 1
- targeting 1
- targeting attribute values 1
- targeting attributes 1
- targeting entries 1
- targeting using filters 1
- using the Access Control Editor 1
- value matching 1
- Access Control Editor
- displaying 1
- access control instruction (ACI). See ACI 1
- access log, see logs 1
- account lockout, see password policies 1
- accounts, see user accounts 1
- ACI
- assessment 1
- attribute 1
- authmethod keyword 1
- bind rules 1, 2
- creating from console 1
- dayofweek keyword 1
- deleting from console 1
- dns keyword 1
- editing from console 1
- evaluation 1
- examples of use 1
- groupdn keyword 1
- inheritance 1
- ip keyword 1
- name 1
- permissions 1, 2
- precedence rule 1
- proxy rights example 1
- replication 1
- rights 1
- roledn keyword 1
- structure 1
- syntax 1
- targattrfilters keyword 1
- target 1
- target DN containing comma 1
- target DN containing comma and 1
- target keywords 1
- target overview 1
- targetattr keyword 1
- targetfilter keyword 1
- userattr and parent 1
- userattr keyword 1
- using macro ACIs 1
- value-based 1
- wildcard in target 1
- wildcards 1
- ACI attribute
- overview 1
- ACI placement 1
- ACIs
- chained suffixes 1
- protecting password policies 1
- with retro change log 1
- ACL. See ACI 1
- add right 1
- Administration Server
- master agents and 1
- agents
- master agent
- Unix 1
- Windows 1
- subagent
- configuring 1
- enabling 1
- starting and stopping on Unix 1
- all keyword 1
- allowing access 1
- anonymous access 1
- example 1
- overview 1
- anyone keyword 1
- approximate index, see indexing 1
- attribute
- ACI 1, 2
- targeting 1
- attribute types
- cosAttribute 1
- cosIndirectSpecifier 1
- cosPriority 1
- cosSpecifier 1
- cosTemplateDN 1
- ds5BeginReplicaAcceptUpdates 1
- ds5ReferralDelayAfterInit 1
- ds5ReplicaTransportCompressionLevel 1
- dsMappedDN 1
- dsMatching-pattern 1
- dsMatching-regexp 1
- dsSearchBaseDN 1
- dsSearchFilter 1
- dsSearchScope 1
- nsIndexType 1
- nsMatchingRule 1
- nsRole 1
- nsRoleDN 1, 2
- nsRoleFilter 1
- nsRoleScopeDN 1
- nsSystemIndex 1
- passwordCheckSyntax 1
- passwordLockout 1
- passwordLockoutDuration 1
- passwordMaxFailure 1
- passwordMinLength 1
- passwordMustChange 1
- passwordUnlock 1
- ref 1
- see also schema 1
- attribute uniqueness, see UID uniqueness plug-in 1
- attributes
- adding a binary value from the command line 1
- adding to an entry using the console 1
- removing a value using the console 1
- subtypes
- not supported in class of service (CoS) 1
- using referential integrity 1
- attributes values
- targeting 1
- audit log, see logs 1
- authentication
- access control and 1
- bind DN 1
- authentication methods
- proxy authorization 1
- authmethod keyword 1
B
- backing up data 1
- default directory location 1
- dse.ldif server configuration file 1
- from the command line 1
- using the console 1
- bak2db utility 1
- bak2db.pl perl script 1
- bind DN
- changing using the console 1
- viewing current 1
- bind rules
- access at specific time or day 1
- access based on authentication method 1
- LDIF example 1
- access based on value matching
- overview 1
- ACI syntax 1
- all keyword 1
- anonymous access 1
- example 1
- anyone keyword 1
- authmethod keyword 1
- Boolean 1
- dayofweek keyword 1
- dns keyword 1
- general access 1
- group access 1
- group access example 1
- groupdn keyword 1
- ip keyword 1
- LDAP URLs 1
- LDIF keywords 1
- overview 1
- parent keyword 1
- role access 1
- roledn keyword 1
- self keyword 1
- timeofday keyword 1
- user access
- parent 1
- self 1
- user access example 1
- userattr keyword 1
- userdn keyword 1
- Boolean bind rules
- example 1
- overview 1
- browsing index, see indexing 1
C
- cascading replication, see replication 1
- certificate-based authentication 1
- certificates, see SSL 1
- chained suffixes, see chaining 1
- chaining
- access control evaluation 1
- cascading chaining configuration 1
- class of service (CoS) templates cannot be chained 1
- creating chained suffixes from the command line 1
- creating chained suffixes using the console 1
- deleting a chained suffix 1
- LDAP controls 1
- managing chained suffixes 1
- monitoring chained suffix usage 1
- overview 1
- proxy authorization for cascading 1
- server components 1
- setting the chaining policy for controls and components 1
- SSL configuration 1
- temporarily disabling chained suffixes 1
- change log 1
- changeLogEntry object class 1
- ciphers 1
- class of service, see CoS 1
- classic CoS, see CoS 1
- collation order, see indexing with matching rule 1
- command-line utilities
- ldapmodify 1
- start-slapd 1
- stop-slapd 1
- commas, in DNs 1
- ACI targets and 1, 2
- compare right 1
- compatibility
- ACIs 1
- connections
- monitoring 1
- console, see Directory Server console 1
- consumer replica
- configuration 1
- CoS 1
- classic CoS 1
- creating
- all types of CoS using the console 1
- classic CoS from the command line 1
- indirect CoS from the command line 1
- pointer and classic CoS template entries using the console 1
- pointer CoS from the command line 1
- template entries from the command line 1
- deleting a CoS definition 1
- editing a CoS definition 1
- generating operational attributes 1
- indirect CoS 1
- limitations 1
- multi-valued attributes (merge-schemes) 1
- overriding real attribute values 1
- pointer CoS 1
- priority among templates 1
- role-based CoS 1
- template entry 1
- used to assign individual password policies 1
- cosAttribute attribute type 1
- cosClassicDefinition object class 1
- cosIndirectDefinition object class 1
- cosIndirectSpecifier attribute type 1
- cosPointerDefinition object class 1
- cosPriority attribute type 1
- cosSpecifier attribute type 1
- cosSuperDefinition object class 1
- cosTemplate object class 1
- cosTemplateDN attribute type 1
D
- database cache
- monitoring 1
- dayofweek keyword 1
- db2bak utility 1
- db2index.pl perl script 1
- db2ldif utility 1
- exporting a replica 1
- defining
- access control policy 1
- delete right 1
- deleting
- ACI 1
- denying access 1
- precedence rule 1
- DES cipher 1
- DIGEST-MD5, see SASL 1
- directory entries
- managing from command line 1
- directory entries, see entries 1
- Directory Manager
- configuring 1
- privileges 1
- directory server
- binding to 1
- changing bind DN 1
- configuration 1
- controlling access 1
- deleting entries using the console 1
- login 1
- managing entries using the console 1
- MIB 1
- modifying entries using the console 1
- monitoring 1
- monitoring with SNMP 1
- overview 1
- performance counters 1
- starting and stopping 1
- Directory Server console
- starting the console 1
- dn.db2 file 1
- dn2id.db2 file 1
- dns keyword 1
- ds5BeginReplicaAcceptUpdates attribute type 1
- ds5ReferralDelayAfterInitattribute type 1
- ds5ReplicaTransportCompressionLevel attribute type 1
- dse.ldif file
- backing up 1
- restoring from a backup 1
- dsIdentityMapping object class 1
- dsMappedDN attribute type 1
- dsMatching-pattern attribute type 1
- dsMatching-regexp attribute type 1
- dsSearchBaseDN attribute type 1
- dsSearchFilter attribute type 1
- dsSearchScope attribute type 1
- dynamic groups, see groups 1
E
- encryption 1
- end of file marker in LDIF input 1
- entries
- adding attributes using the console 1
- bulk operations in LDIF 1
- creating with the console 1
- defining role membership 1
- deleting entries using the console 1
- deleting from the command line 1
- managing from command line 1
- managing object classes using the console 1
- managing with the console 1
- modifying from the command line 1
- modifying with Generic Editor 1
- ordering in LDIF files 1
- targeting 1
- viewing role membership 1
- entry cache
- monitoring 1
- EOF marker in LDIF input 1
- equality index, see indexing 1
- error log
- access control information 1
- errors log, see logs 1
- exporting LDIF 1
- from the command line 1
- using the console 1
F
- files
- databaseName_dn.db2 1
- databaseName_dn2id.db2 1
- databaseName_id2children.db2 1
- databaseName_id2entry.db2 1
- filtered role
- example 1
- filtered roles, see roles 1
- Fortezza 1
G
- general access
- overview 1
- groupdn keyword 1
- groupdnattr keyword 1
- groups 1
- access control 1
- access control example 1
- access to directory 1
- creating
- dynamic groups 1
- static groups 1
- dynamic groups 1
- modifying a group definition 1
- referential integrity management 1
- removing a group definition 1
- static groups 1
- GSSAPI, see SASL 1
H
- hub replica
- configuration 1
I
- id2children.db2 file 1
- id2entry.db2 file 1
- identity mapping 1
- importing LDIF 1
- from the command line 1
- initializing a suffix using the console 1
- initializing a suffix with ldif2db 1
- initializing a suffix with ldif2db.pl 1
- using the console 1
- inactivating user accounts 1
- indexing 1
- approximate index 1
- browsing index 1
- creating browsing indexes for client searches 1
- creating browsing indexes for the console 1
- creating indexes from the command line 1
- creating indexes using the console 1
- database files 1
- deleting an index file 1
- equality index 1
- matching rule index 1
- modifying the default indexes 1
- presence index 1
- reindexing a suffix 1
- reindexing by reinitializing a suffix 1
- substring index 1
- system indexes 1
- viewing the default indexes 1
- indirect CoS, see CoS 1
- internationalization
- modifying entries 1
- ip keyword 1
K
- Kerberos, see SASL 1
L
- LDAP clients
- authentication over SSL 1
- LDAP controls
- chaining 1
- LDAP search filters
- in targets 1
- example 1
- examples 1
- LDAP URLs
- in access control 1
- ldapdelete utility
- deleting entries 1
- DNs with commas 1
- ldapmodify utility
- DNs with commas 1
- modifying entries 1
- LDIF
- access control keywords
- groupdnattr 1
- userattr 1
- bulk operations using the console 1
- ordering of entries 1
- ldif2db utility 1
- ldif2db.pl perl script 1
- ldif2ldap utility 1
- legacy servers
- replication 1
- logs 1
- access log 1
- audit log 1
- configuring
- access log 1
- audit log 1
- errors log 1
- disk space usage of the access log 1
- errors log 1
- file rotation policy 1
- manual file rotation 1
- viewing
- access log 1
- audit log 1
- errors log 1
M
- macro ACIs
- example 1
- overview 1
- syntax 1
- managed roles, see roles 1
- master agent
- Unix 1
- Windows 1
- master replica
- configuration 1
- matching rule index, see indexing 1
- metaphone phonetic algorithm in approximate indexing 1
- MIB
- directory server 1
- netscape-ldap.mib 1
- monitoring
- chained suffix usage 1
- connections 1
- database cache 1
- entry cache 1
- from the command line 1
- log files 1
- replication status 1
- resource usage 1
- using the console 1
- with SNMP 1
- multi-master replication, see replication 1
N
- nested roles, see roles 1
- netscape-ldap.mib 1
- nsComplexRoleDefinition object class 1
- nsFilteredRoleDefinition object class 1
- nsIndex object class 1
- nsIndexType attribute type 1
- nsManagedRoleDefinition object class 1
- nsMatchingRule attribute type 1
- nsNestedRoleDefinition object class 1
- nsRole attribute type 1
- nsRoleDefinition object class 1
- nsRoleDN attribute type 1, 2
- nsRoleFilter attribute type 1
- nsRoleScopeDN attribute type 1
- nsSimpleRoleDefinition object class 1
- nsSystemIndex attribute type 1
O
- object classes
- changeLogEntry 1
- cosClassicDefinition 1
- cosIndirectDefinition 1
- cosPointerDefinition 1
- cosSuperDefinition 1
- cosTemplate 1
- dsIdentityMapping 1
- managing on an entry using the console 1
- nsComplexRoleDefinition 1
- nsFilteredRoleDefinition 1
- nsIndex 1
- nsManagedRoleDefinition 1
- nsNestedRoleDefinition 1
- nsRoleDefinition 1
- nsSimpleRoleDefinition 1
- passwordPolicy 1
- referral 1
- see also schema 1
P
- parent access 1
- parent keyword 1
- pass-through authentication (PTA) 1
- configuring the plug-in 1
- connection parameters 1
- specifying failover servers 1
- using SSL 1
- pass-through authentication (PTA). See PTA plug-in 1
- password policies
- account lockout 1
- and replication 1
- assigning to users 1
- configuring the global password policy from the command line 1
- configuring the global password policy using the console 1
- creating an individual policy from the command line 1
- creating an individual policy using the console 1
- password length 1
- protecting with ACIs 1
- syntax checking 1
- password policy
- replication considerations 1
- passwordCheckSyntax attribute type 1
- passwordLockout attribute type 1
- passwordLockoutDuration attribute type 1
- passwordMaxFailure attribute type 1
- passwordMinLength attribute type 1
- passwordMustChange attribute type 1
- passwordPolicy object class 1
- passwords
- resetting user passwords 1
- see also password policies 1
- passwordUnlock attribute type 1
- performance counters
- monitoring the server 1
- permissions
- ACI syntax 1
- allowing or denying access 1
- assigning rights 1
- overview 1
- precedence rule 1
- pointer CoS, see CoS 1
- port number
- directory server configuration 1
- for SSL communications 1
- precedence rule
- ACI 1
- presence index, see indexing 1
- proxy authorization 1
- ACI example 1
- with cascading chaining 1
- proxy DN 1
- proxy right 1
R
- RC4 cipher 1
- read right 1
- read-only mode
- suffixes 1
- realm
- inSASL DIGEST-MD5 1
- ref attribute type 1
- referential integrity
- attributes 1
- disabling 1
- enabling 1
- log file 1
- overview 1
- with replication 1, 2
- referral object class 1
- referrals
- creating smart referrals 1
- default referrals 1
- global referrals 1
- setting suffix-level referrals 1
- reindexing by reinitializing a suffix 1
- replicate_now.sh script 1
- replication 1
- and access control 1
- change log 1
- choosing the replication manager entry 1
- compatibility with earlier versions 1
- configuring a dedicated consumer replica 1
- configuring a hub replica 1
- configuring a master replica 1
- configuring legacy replication 1
- consumer referrals 1
- creating a replication agreement 1
- ensuring synchronization 1
- initializing cascading replicas 1
- initializing consumers from the command line 1
- initializing multi-master replicas 1
- monitoring status 1
- of ACIs 1
- over WAN 1
- purge delay 1
- referential integrity configuration 1
- replica ID 1
- replicate_now.sh script 1
- with SSL 1
- resetting user passwords 1
- resource limits
- setting
- using command line 1
- resource limits on users 1
- resources
- monitoring 1
- restoring backups
- dse.ldif server configuration file 1
- from the command line 1, 2
- replication considerations 1
- using the console 1
- retro change log
- ACIs 1
- trimming 1
- retro change log plug-in
- enabling 1
- overview 1
- rights
- list of 1
- roledn keyword 1
- roles 1
- access to directory 1
- creating
- filtered roles from the command line 1
- filtered roles using the console 1
- managed roles from the command line 1
- managed roles using the console 1
- nested roles from the command line 1
- nested roles using the console 1
- defining an entry's role membership 1
- deleting a role definition 1
- editing a role definition 1
- filtered
- example 1
- filtered roles 1
- inactivating members 1
- managed roles 1
- modifying a role definition 1
- nested roles 1
- object classes and attributes 1
- role-based class of service (CoS) 1
- used to assign individual password policies 1
- viewing an entry's role membership 1
- root DN, see Directory Manager 1
- root suffixes, see suffixes 1
S
- SASL 1
- configuring DIGEST_MD5 in clients 1
- configuring DIGEST-MD5 on the server 1
- configuring GSSAPI on the server 1
- configuring Kerberos on the server 1
- DIGEST-MD5 realm 1
- GSSAPI 1
- identity mapping for DIGEST-MD5 1
- identity mapping mechanism 1
- identity mappings for GSSAPI and Kerberos 1
- Kerberos 1
- using Kerberos in clients 1
- SASL authentication 1
- schema 1
- checking 1
- deleting attribute type definitions 1
- deleting attributes from an object class 1
- deleting object class definitions 1
- editing attribute type definitions 1
- modifying object class definitions 1
- optional (MAY) attributes of an object class 1
- required (MUST) attributes of an object class 1
- viewing attribute type definitions 1
- viewing object class definitions 1
- schema checking 1
- and access control 1
- search right 1
- Secure Sockets Layer, see SSL 1
- security 1
- client authentication 1
- self access 1
- self keyword 1
- selfwrite right 1
- example 1
- ServerRoot 1
- setting access controls 1
- simple authentication 1
- Simple Authentication and Security Layer (SASL). See SASL authentication 1
- Simple Sockets Layer. See SSL 1
- SNMP
- agents 1
- master agent
- Unix 1
- Windows 1
- monitoring the directory server 1
- overview 1
- subagent
- configuring 1
- configuring master host 1
- configuring master port 1
- enabling 1
- starting and stopping on Unix 1
- SSL 1
- allowing client authentication for the console 1
- and chained suffixes 1
- choosing encryption ciphers 1
- client authentication 1
- configuring certificate-based authentication in clients 1
- configuring clients to use SSL 1
- configuring server authentication in clients 1
- configuring SSL 1
- creating a certificate database 1
- enabling SSL 1
- generating a certificate request 1
- installing a server certificate 1
- port number 1
- server certificates 1
- starting the server with a pin file 1
- trusting the Certificate Authority 1
- user certificates in clients 1
- with replication 1
- with the pass-through authentication plug-in 1
- SSL authentication 1
- starting the directory server 1
- with SSL 1
- start-slapd script 1
- static groups, see groups 1
- stopping the directory server 1
- stop-slapd script 1
- subagent
- configuring 1
- enabling 1
- starting and stopping on Unix 1
- substring index, see indexing 1
- subsuffixes, see suffixes 1
- subtypes
- for binary attributes 1
- for languages in LDIF update statements 1
- suffixes 1
- backing up the entire directory 1
- chaining, see chaining 1
- creating a root suffix using the console 1
- creating from command line 1
- creating subsuffixes using the console 1
- deleting a suffix 1
- exporting a single suffix using the console 1
- exporting data to LDIF 1
- exporting the entire directory using the console 1
- exporting to LDIF from the command line 1
- importing entries from LDIF 1
- initializing a suffix from the command line 1, 2
- initializing a suffix using the console 1
- monitoring entry and database cache usage 1
- read-only mode 1
- reindexing a suffix 1
- setting suffix-level referrals 1
- temporarily disabling 1
- Sun Tone Certified(TM) logo 1
T
- targattrfilters keyword 1
- target
- ACI syntax 1
- attribute values 1
- attributes 1
- DNs containing commas 1, 2
- keywords in ACIs 1
- overview 1
- using LDAP search filters 1
- using LDAP URLs 1
- target keyword 1
- targetattr keyword 1
- targetfilter keyword 1
- targeting
- directory entries 1
- timeofday keyword 1
- TLS 1
- Triple DES cipher 1
U
- UID uniqueness plug-in 1
- unique attribute plug-in
- configuring 1
- Unix
- master agent 1
- user access 1
- example 1
- to child entries 1
- to own entry 1
- user accounts
- inactivating 1
- lockout policy after wrong passwords 1
- setting individual resource limits 1
- userattr keyword 1
- restriction on add 1
- userdn keyword 1
V
- value-based ACI 1
- virtual attributes
- generated by class of service (CoS) 1
- generated by roles 1
- VLV index, see indexing with browsing index 1
- vlvindex utility 1
W
- wildcard
- in LDAP URL 1
- in target 1
- Windows
- master agent 1
- Windows registry
- key for SASL library path 1
- write right 1