| Skip Navigation Links | |
| Exit Print View | |
|   | Oracle Directory Server Enterprise Edition Man Page Reference 11g Release 1 (11.1.1.5.0) | 
Directory Server Configuration
all-ids-threshold-pres(5dsconf)
all-ids-threshold-sub(5dsconf)
db-batched-transaction-count(5dsconf)
db-checkpoint-interval(5dsconf)
def-repl-manager-pwd-file(5dsconf)
ds5BeginReplicaAcceptUpdates(5dsconf)
ds5ReferralDelayAfterInit(5dsconf)
ds5ReplicaAutomaticInit(5dsconf)
ds5ReplicaConsumerTimeout(5dsconf)
ds5ReplicaTransportCompressionLevel(5dsconf)
ds5ReplicaTransportConcurrencyLevel(5dsconf)
ds5ReplicaTransportGroupSize(5dsconf)
ds5ReplicaTransportGrpPktSize(5dsconf)
ds5ReplicaTransportWindowSize(5dsconf)
dsChangelogMaxentries(5dsconf)
dsFilterSPConfigchecksum(5dsconf)
ds-hdsml-clientauthmethod(5dsconf)
ds-hdsml-dsmlschemalocation(5dsconf)
ds-hdsml-iobuffersize(5dsconf)
ds-hdsml-requestmaxsize(5dsconf)
ds-hdsml-responsemsgsize(5dsconf)
ds-hdsml-soapschemalocation(5dsconf)
dsml-client-auth-mode(5dsconf)
dsml-max-parser-count(5dsconf)
dsml-min-parser-count(5dsconf)
dsml-relative-root-url(5dsconf)
dsml-request-max-size(5dsconf)
dsReplFractionalExclude(5dsconf)
dsReplFractionalInclude(5dsconf)
file-descriptor-count(5dsconf)
heap-high-threshold-size(5dsconf)
heap-low-threshold-size(5dsconf)
index-filter-analyzer-enabled(5dsconf)
index-filter-analyzer-max-entries(5dsconf)
max-thread-per-connection-count(5dsconf)
min-free-disk-space-size(5dsconf)
nsAbandonedSearchCheckInterval(5dsconf)
nsActiveChainingComponents(5dsconf)
nsBindConnectionsLimit(5dsconf)
nsConcurrentBindLimit(5dsconf)
nsConcurrentOperationsLimit(5dsconf)
nsds5BeginReplicaRefresh(5dsconf)
nsDS5ReplicaAutoReferral(5dsconf)
nsDS5ReplicaBindMethod(5dsconf)
nsDS5ReplicaChangeCount(5dsconf)
nsds5replicaChangesSentSinceStartup(5dsconf)
nsDS5ReplicaCredentials(5dsconf)
nsds5replicaLastInitEnd(5dsconf)
nsds5replicaLastInitStart(5dsconf)
nsds5replicaLastInitStatus(5dsconf)
nsds5replicaLastUpdateEnd(5dsconf)
nsds5replicaLastUpdateStart(5dsconf)
nsds5replicaLastUpdateStatus(5dsconf)
nsDS5ReplicaPurgeDelay(5dsconf)
nsDS5ReplicatedAttributeList(5dsconf)
nsDS5ReplicationAgreement(5dsconf)
nsDS5ReplicaTombstonePurgeInterval(5dsconf)
nsDS5ReplicaTransportInfo(5dsconf)
nsds5replicaUpdateInProgress(5dsconf)
nsDS5ReplicaUpdateSchedule(5dsconf)
nsMaxTestResponseDelay(5dsconf)
nsMultiplexorCredentials(5dsconf)
nsOperationConnectionsLimit(5dsconf)
nsProxiedAuthorization(5dsconf)
nsReferralOnScopedSearch(5dsconf)
nsslapd-accesscontrol(5dsconf)
nsslapd-accesslog-level(5dsconf)
nsslapd-accesslog-list(5dsconf)
nsslapd-accesslog-logbuffering(5dsconf)
nsslapd-accesslog-logexpirationtime(5dsconf)
nsslapd-accesslog-logexpirationtimeunit(5dsconf)
nsslapd-accesslog-logging-enabled(5dsconf)
nsslapd-accesslog-logmaxdiskspace(5dsconf)
nsslapd-accesslog-logminfreediskspace(5dsconf)
nsslapd-accesslog-logrotationtime(5dsconf)
nsslapd-accesslog-logrotationtimeunit(5dsconf)
nsslapd-accesslog-maxlogsize(5dsconf)
nsslapd-accesslog-maxlogsperdir(5dsconf)
nsslapd-accesslog-permissions(5dsconf)
nsslapd-allidsthreshold(5dsconf)
nsslapd-attribute-name-exceptions(5dsconf)
nsslapd-auditlog-level(5dsconf)
nsslapd-auditlog-list(5dsconf)
nsslapd-auditlog-logbuffering(5dsconf)
nsslapd-auditlog-logexpirationtime(5dsconf)
nsslapd-auditlog-logexpirationtimeunit(5dsconf)
nsslapd-auditlog-logging-enabled(5dsconf)
nsslapd-auditlog-logmaxdiskspace(5dsconf)
nsslapd-auditlog-logminfreediskspace(5dsconf)
nsslapd-auditlog-logrotationtime(5dsconf)
nsslapd-auditlog-logrotationtimeunit(5dsconf)
nsslapd-auditlog-maxlogsize(5dsconf)
nsslapd-auditlog-maxlogsperdir(5dsconf)
nsslapd-auditlog-permissions(5dsconf)
nsslapd-certmap-basedn(5dsconf)
nsslapd-changelogmaxage(5dsconf)
nsslapd-changelogmaxentries(5dsconf)
nsslapd-db-checkpoint-interval(5dsconf)
nsslapd-db-circular-logging(5dsconf)
nsslapd-db-durable-transactions(5dsconf)
nsslapd-db-home-directory(5dsconf)
nsslapd-db-idl-divisor(5dsconf)
nsslapd-db-logbuf-size(5dsconf)
nsslapd-db-logdirectory(5dsconf)
nsslapd-db-logfile-size(5dsconf)
nsslapd-db-transaction-batch-val(5dsconf)
nsslapd-disk-full-threshold(5dsconf)
nsslapd-disk-low-threshold(5dsconf)
nsslapd-distribution-funct(5dsconf)
nsslapd-distribution-plugin(5dsconf)
nsslapd-dn-cachememsize(5dsconf)
nsslapd-ds4-compatible-schema(5dsconf)
nsslapd-enquote-sup-oc(5dsconf)
nsslapd-errorlog-level(5dsconf)
nsslapd-errorlog-list(5dsconf)
nsslapd-errorlog-logbuffering(5dsconf)
nsslapd-errorlog-logexpirationtime(5dsconf)
nsslapd-errorlog-logexpirationtimeunit(5dsconf)
nsslapd-errorlog-logging-enabled(5dsconf)
nsslapd-errorlog-logmaxdiskspace(5dsconf)
nsslapd-errorlog-logminfreediskspace(5dsconf)
nsslapd-errorlog-logrotationtime(5dsconf)
nsslapd-errorlog-logrotationtimeunit(5dsconf)
nsslapd-errorlog-maxlogsize(5dsconf)
nsslapd-errorlog-maxlogsperdir(5dsconf)
nsslapd-errorlog-permissions(5dsconf)
nsslapd-exclude-from-export(5dsconf)
nsslapd-groupevalnestlevel(5dsconf)
nsslapd-groupevalsizelimit(5dsconf)
nsslapd-import-cachesize(5dsconf)
nsslapd-infolog-level(5dsconf)
nsslapd-ioblocktimeout(5dsconf)
nsslapd-listenBacklog(5dsconf)
nsslapd-maxconnections(5dsconf)
nsslapd-maxdescriptors(5dsconf)
nsslapd-maxthreadsperconn(5dsconf)
nsslapd-plugin-depends-on-named(5dsconf)
nsslapd-plugin-depends-on-type(5dsconf)
nsslapd-pluginDescription(5dsconf)
nsslapd-pluginEnabled(5dsconf)
nsslapd-pluginInitfunc(5dsconf)
nsslapd-pluginVersion(5dsconf)
nsslapd-privatenamespaces(5dsconf)
nsslapd-pwdgeneratorpwdlen(5dsconf)
nsslapd-require-index(5dsconf)
nsslapd-reservedescriptors(5dsconf)
nsslapd-return-exact-case(5dsconf)
nsslapd-rootpwstoragescheme(5dsconf)
nsslapd-schema-repl-useronly(5dsconf)
nsslapd-securelistenhost(5dsconf)
nsslapd-versionstring(5dsconf)
nsTransmittedControls(5dsconf)
pwd-accept-hashed-pwd-enabled(5dsconf)
pwd-expire-no-warning-enabled(5dsconf)
pwd-expire-warning-delay(5dsconf)
pwd-failure-count-interval(5dsconf)
pwd-grace-login-limit(5dsconf)
pwd-keep-last-auth-time-enabled(5dsconf)
pwd-lockout-repl-priority-enabled(5dsconf)
pwd-max-failure-count(5dsconf)
pwd-max-history-count(5dsconf)
pwd-must-change-enabled(5dsconf)
pwd-root-dn-bypass-enabled(5dsconf)
pwd-safe-modify-enabled(5dsconf)
pwd-strong-check-dictionary-path(5dsconf)
pwd-strong-check-enabled(5dsconf)
pwd-strong-check-require-charset(5dsconf)
pwd-supported-storage-scheme(5dsconf)
pwd-user-change-enabled(5dsconf)
ref-integrity-check-delay(5dsconf)
ref-integrity-enabled(5dsconf)
repl-accept-client-update-enabled(5dsconf)
repl-cl-max-entry-count(5dsconf)
repl-fractional-exclude-attr(5dsconf)
repl-fractional-include-attr(5dsconf)
replPriorityAttribute(5dsconf)
repl-rewrite-referrals-enabled(5dsconf)
repl-user-schema-enabled(5dsconf)
require-bind-pwd-enabled(5dsconf)
require-index-enabled(5dsconf)
retro-cl-deleted-entry-attr(5dsconf)
retro-cl-ignored-attr(5dsconf)
retro-cl-max-entry-count(5dsconf)
root-pwd-storage-scheme(5dsconf)
rotation-min-file-size(5dsconf)
secure-listen-address(5dsconf)
ssl-rsa-security-device(5dsconf)
ssl-supported-ciphers(5dsconf)
transport-compression(5dsconf)
transport-window-size(5dsconf)
useAuthzIdForAuditAttrs(5dsconf)
- DS replication agreement configuration (RAG) properties
A replication agreement governs how a Directory Server supplier updates a Directory Server consumer. Although this configuration element is called an agreement, it concerns the configuration only of the supplier.
| 
 | 
This property specifies the bind DN used by the supplier to bind to the consumer in order to perform replication-related updates. This bind DN must be present on the consumer.
| 
 | 
This property specifies the protocol used by the supplier to bind to the consumer in order to perform replication-related updates. The default is to bind with simple authentication in clear text without securing the connection, as most replications connections are made on an internal network. You may however configure replication to use SSL and simple authentication to protect the connection from malicious snooping, or SSL with client authentication to further protect the connection.
| 
 | 
This property specifies the password used by the supplier to bind to the consumer. You provide it using auth-pwd-file.
| 
 | 
This property specifies the file from which the bind password for replication is read to create the replication agreement. The file is read once on replication agreement creation, and the password is stored for future use.
| 
 | 
This property specifies the list of attributes not to replicate. This property is mutually exclusive with repl-fractional-include-attr.
| 
 | 
This property specifies the list of attributes to replicate. This property is mutually exclusive with repl-fractional-exclude-attr.
| 
 | 
This property specifies the times and days when replication can take place.
| 
 | 
This property specifies the level of libz(3) compression used on replication updates from the supplier to the consumer. Supported settings are as follows.
No compression
Default zlib compression (zlib numeric value = -1)
Fastest zlib compression (zlib numeric value = 1)
Strongest zlib compression (zlib numeric value = 9)
If the bottleneck for replication in your environment is network bandwidth, this property can potentially help you tune the replication protocol for better performance.
| 
 | 
This property specifies how many replication messages are grouped on the supplier before being sent to the consumer. Valid range is 1 to 255.
If the bottleneck for replication in your environment is network bandwidth, this property can potentially help you tune the replication protocol for better performance.
| 
 | 
This property specifies the number of replication messages sent from the supplier to the consumer before waiting for a response from the consumer to continue. Valid range is 1 to 65535.
If the bottleneck for replication in your environment is network latency or network bandwidth, this property can potentially help you tune the replication protocol for better performance.
Syntax values shown in lower case or partly in lower case are literal values.
Those shown in upper case are syntax types, defined as follows:
A valid attribute type name such as cn or objectClass.
true or false.
A valid distinguished name such as ou=People,dc=example,dc=com.
A duration specified in months (M), weeks (w), days (d), hours (h), minutes (m), seconds (s), and miliseconds (ms), or some combination with multiple specifiers. For example, you can specify one week as 1w, 7d, 168h, 10080m, or 604800s. You can also specify one week as 1w0d0h0m0s.
DURATION properties typically do not each support all duration specifiers (Mwdhms). Examine the output of dsconf help-properties for the property to determine which duration specifiers are supported.
A valid e-mail address.
An IP address or host name.
A positive integer value between 0 and the maximum supported integer value in the system address space. On 32-bit systems, 2147483647. On 64-bit systems, 9223372036854775807.
An interval value of the form hhmm-hhmm 0123456, where the first element specifies the starting hour, the next element the finishing hour in 24-hour time format, from 0000-2359, and the second specifies days, starting with Sunday (0) to Saturday (6).
An IP address or range of address in one of the following formats:
IP address in dotted decimal form.
IP address and bits, in the form of network number/mask bits.
IP address and quad, in the form of a pair of dotted decimal quads.
All address. A catch-all for clients that are note placed into other, higher priority groups.
0.0.0.0. This address is for groups to which initial membership is not considered. For example, for groups that clients switch to after their initial bind.
IP address of the local host.
A valid LDAP URL as specified by RFC 2255.
A memory size specified in gigabytes (G), megabytes (M),kilobytes (k), or bytes (b). Unlike DURATION properties, MEMORY_SIZE properties cannot combine multiple specifiers. However, MEMORY_SIZE properties allow decimal values, for example, 1.5M.
A valid cn (common name).
A three-digit, octal file permissions specifier. The first digit specifies permissions for the server user ID, the second for the server group ID, the last for other users. Each digit consists of a bitmask defining read (4), write (2), execute (1), or no access (0) permissions, thus 640 specifies read-write access for the server user, read-only access for other users of the server group, and no access for other users.
The full path to the file from which the bind password should be read.
A valid, absolute file system path.
A DirectoryString value, as specified by RFC 2252.
An SSL cipher supported by the server. See the Reference for a list of supported ciphers.
An SSL protocol supported by the server. See the Reference for a list of supported protocols.
A time of the form hhmm in 24-hour format, where hh stands for hours and mm stands for minutes.
See attributes(5) for descriptions of the following attributes:
| 
 |