nsslapd-plugin

, nsslapd-plugin-depends-on-named

, nsslapd-plugin-depends-on-type

, nsslapd-pluginDescription

, nsslapd-pluginEnabled

, nsslapd-pluginId

, nsslapd-pluginInitfunc

, nsslapd-pluginPath

, nsslapd-pluginType

, nsslapd-pluginVendor

, nsslapd-pluginVersion

- Directory Server plug-in legacy configuration

Description

The nsslapd-plugin attribute on cn=config is multi-valued, read-only attribute lists the syntaxes and matching rules loaded by the server. This manual page covers server plug-in configuration, rather than the nsslapd-plugin attribute.

This manual page provides an overview of legacy configuration information for server plug-ins. This manual page covers the individual plug-in configuration entry attributes. Also, this manual page covers the plug-ins provided with Directory Server, including configurable options, configurable arguments, default setting, dependencies, general performance related information, and further reading.

ATTRIBUTES FOR PLUG-IN CONFIGURATION ENTRIES

The following list covers each plug-in configuration entry attribute.

nsslapd-plugin-depends-on-named

This is a multivalued attribute, used to ensure that plug-ins are called by the server in the correct order. It takes a value that corresponds to the cn value of a plug-in. The plug-in whose cn value matches one of the values below it is started by the server prior to this plug-in. If the plug-in does not exist, the server fails to start.

Entry DN

cn=pluginName,cn=plugins, cn=config

Valid Range

Plug-in name

Default Value

None

Syntax

DirectoryString

Example

nsslapd-plugin-depends-on-named: Class of Service

nsslapd-plugin-depends-on-type

This is a multivalued attribute, used to ensure that plug-ins are called by the server in the correct order. It takes a value that corresponds to the type of a plug-in, contained in the attribute nsslapd-pluginType, and requires that plug-ins of that type are started before the present plug-in.

Entry DN

cn=pluginName,cn=plugins, cn=config

Valid Range

Plug-in type

Default Value

None

Syntax

DirectoryString

Example

nsslapd-plugin-depends-on-type: database

nsslapd-pluginDescription

Provides a description of the plug-in.

Entry DN

cn=pluginName,cn=plugins,cn=config

Valid Range

Any DirectoryString

Default Value

None

Syntax

DirectoryString

Example

nsslapd-pluginDescription: acl access check plug-in

nsslapd-pluginEnabled

Specifies whether or not the plug-in is enabled. This attribute can be changed over protocol, but will only take effect when the server is next restarted.

Entry DN

cn=pluginName,cn=plugins,cn=config

Valid Range

on | off

Default Value

on

Syntax

DirectoryString

Example

nsslapd-pluginEnabled: on

nsslapd-pluginId

Specifies the plug-in ID.

Entry DN

cn=pluginName,cn=plugins,cn=config

Valid Range

Any valid plug-in ID.

Default Value

None

Syntax

DirectoryString

Example

nsslapd-pluginId: chaining database

nsslapd-pluginInitfunc

Specifies the plug-in function to be initiated.

Entry DN

cn=pluginName,cn=plugins,cn=config

Valid Range

Any valid plug-in function.

Default Value

None

Syntax

DirectoryString

Example

nsslapd-pluginInitfunc: NS7bitAttr_Init

nsslapd-pluginPath

Specifies the full path to the plug-in.

Entry DN

cn=pluginName,cn=plugins,cn=config

Valid Range

Any valid path

Default Value

None

Syntax

DirectoryString

Example

nsslapd-pluginPath: /opt/SUNWdsee7/lib/sparcv9/uid-plugin.so

nsslapd-pluginType

Specifies the plug-in type.

Entry DN

cn=pluginName,cn=plugins,cn=config

Valid Range

Any valid plug-in type.

Default Value

None

Syntax

DirectoryString

Example

nsslapd-pluginType: preoperation

nsslapd-pluginVendor

Specifies the vendor of the plug-in.

Entry DN

cn=pluginName,cn=plugins,cn=config

Valid Range

Any approved plug-in vendor.

Default Value

Sun Microsystems, Inc.

Syntax

DirectoryString

Example

nsslapd-pluginVendor: Sun Microsystems, Inc.

nsslapd-pluginVersion

Specifies the plug-in version.

Entry DN

cn=pluginName,cn=plugins,cn=config

Valid Range

Any valid plug-in version.

Default Value

Product version

Syntax

DirectoryString

Example

nsslapd-pluginVersion: 11.1.1.5.0

7-BIT CHECK PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

7-Bit Check (NS7bitAttr)

DN of Configuration Entry

cn=7-bit check,cn=plugins,cn=config

Description

Checks certain attributes are seven-bit clean.

Configurable Options

on | off

Default Setting

on

Configurable Arguments

List of attributes, uid mail userpassword, followed by a comma, and then by the suffix or suffixes on which the check is to occur.

Dependencies

None

Performance Related Information

None

Further Information

If your Directory Server uses non-ASCII characters such as Japanese and other languages for some attributes, remove those attributes from the list of attributes checked by this plug-in.

When adding or modifying an attribute value checked by this plug-in, and the new value violates the seven-bit check, the client receives a LDAP_CONSTRAINT_VIOLATION (19) return code, and a message such as the following: Value of attribute attr contains extended (8-bit) characters: value

ACL PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

ACL Plugin

DN of Configuration Entry

cn=ACL Plugin,cn=plugins,cn=config

Description

ACL access check plug-in

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Leave this plug-in running at all times.

ACL PREOPERATION PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

ACL preoperation

DN of Configuration Entry

cn=ACL preoperation,cn=plugins,cn=config

Description

ACL access check plug-in.

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

Database

Performance Related Information

Leave this plug-in running at all times.

BINARY SYNTAX PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

Binary Syntax

DN of Configuration Entry

cn=Binary Syntax,cn=plugins,cn=config

Description

Syntax for handling binary data.

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. Leave this plug-in running at all times.

BOOLEAN SYNTAX PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

Boolean Syntax

DN of Configuration Entry

cn=Boolean Syntax,cn=plugins,cn=config

Description

Syntax for handling booleans.

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. Leave this plug-in running at all times.

CASE EXACT STRING SYNTAX PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

Case Exact String Syntax

DN of Configuration Entry

cn=Case Exact String Syntax,cn=plugins,cn=config

Description

Syntax for handling case-sensitive strings.

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. Leave this plug-in running at all times.

CASE IGNORE STRING SYNTAX PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

Case Ignore String Syntax

DN of Configuration Entry

cn=Case Ignore String Syntax,cn=plugins,cn=config

Description

Syntax for handling case-insensitive strings.

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. Leave this plug-in running at all times.

CHAINING DATABASE PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

Chaining Database

DN of Configuration Entry

cn=Chaining database,cn=plugins,cn=config

Description

Syntax for handling DNs.

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. Leave this plug-in running at all times.

CLASS OF SERVICE PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

Class of Service

DN of Configuration Entry

cn=Class of Service,cn=plugins,cn=config

Description

Allows for sharing of attributes between entries.

Configurable Options

on | off

Default Setting

on

Configurable Arguments

Set the nsslapd-pluginarg0 attribute to:

• 0 (default) to enable fast lookup of classic CoS templates

• 1 to disable fast lookup for classic CoS template selection

• 2 to disable checks for ambiguous pointer and classic CoS definitions

  Ambiguous definitions result when more than one value could be returned for the same attribute of the same entry. When checking remains enabled, Directory Server logs an informational message upon encountering such an ambiguity, provided you have set the log level to allow plug-ins to log informational messages.

• 3 to disable both

Restart Directory Server for modifications to take effect.

Dependencies

None

Performance Related Information

Leave this plug-in running at all times.

COUNTRY STRING SYNTAX PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

Country String Syntax

DN of Configuration Entry

cn=Country String Syntax,cn=plugins,cn=config

Description

Syntax for handling countries.

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. Leave this plug-in running at all times.

DISTINGUISHED NAME SYNTAX PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

Distinguished Name Syntax

DN of Configuration Entry

cn=Distinguished Name Syntax,cn=plugins,cn=config

Description

Syntax for handling DNs.

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. Leave this plug-in running at all times.

DSML FRONTEND SYNTAX PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

Frontend

DN of Configuration Entry

cn=DSMLv2-SOAP-HTTP,cn=frontends,cn=plugins, cn=config

Description

Enables you to access the directory using DSML v2 over SOAP/HTTP.

Configurable Options

on | off

Default Setting

off

Configurable Arguments

ds-hdsml-soapschemalocation

ds-hdsml-dsmlschemalocation

Dependencies

None

Performance Related Information

None

GENERALIZED TIME SYNTAX PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

Generalized Time Syntax

DN of Configuration Entry

cn=Generalized Time Syntax,cn=plugins,cn=config

Description

Syntax for dealing with dates, times, and time zones.

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. Leave this plug-in running at all times.

Further Information

The Generalized Time String consists of the four digit year, two digit month (for example, 01 for January), two digit day, two digit hour, two digit minute, two digit second, an optional decimal part of a second and a time zone indication. We strongly recommend that you use the Z time zone indication (Greenwich Mean Time).

INTEGER SYNTAX PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

Integer Syntax

DN of Configuration Entry

cn=Integer Syntax,cn=plugins,cn=config

Description

Syntax for handling integers.

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. Leave this plug-in running at all times.

INTERNATIONALIZATION PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

Internationalization Plugin

DN of Configuration Entry

cn=Internationalization Plugin,cn=plugins,cn=config

Description

Syntax for handling DNs.

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None. In contrast to previous versions of Directory Server, the collation orders and locales used by the internationalization plug-in are now stored in the configuration.

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. Leave this plug-in running at all times.

LDBM DATABASE PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

ldbm database plug-in

DN of Configuration Entry

cn=ldbm database plug-in,cn=plugins,cn=config

Description

Implements local databases.

Configurable Options

None

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Leave this plug-in running at all times.

MULTIMASTER REPLICATION PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

Multimaster Replication Plugin

DN of Configuration Entry

cn=Multimaster Replication plugin,cn=plugins, cn=config

Description

Enables replication between two Directory Server suffixes.

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

database

Performance Related Information

None

Further Information

You can turn this plug-in off if you have only one server, which will never replicate.

OCTET STRING SYNTAX PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

Octet String Syntax

DN of Configuration Entry

cn=Octet String Syntax,cn=plugins,cn=config

Description

Syntax for handling octet strings.

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. Leave this plug-in running at all times.

CLEAR PASSWORD STORAGE PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

CLEAR

DN of Configuration Entry

cn=CLEAR,cn=Password Storage Schemes,cn=plugins, cn=config

Description

CLEAR password storage scheme used for password encryption.

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. Leave this plug-in running at all times.

CRYPT PASSWORD STORAGE PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

CRYPT

DN of Configuration Entry

cn=CRYPT,cn=Password Storage Schemes,cn=plugins, cn=config

Description

CRYPT password storage scheme used for password encryption.

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. Leave this plug-in running at all times.

NS-MTA-MD5 PASSWORD STORAGE SCHEME PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

NS-MTA-MD5

DN of Configuration Entry

cn=NS-MTA-MD5,cn=Password Storage Schemes, cn=plugins,cn=config

Description

NS-MTA-MD5 password storage scheme for password encryption.

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. Leave this plug-in running at all times.

Further Information

You can no longer choose to encrypt passwords using the NS-MTA-MD5 password storage scheme. The storage scheme is still present, but for backward compatibility only. The data in your directory still contains passwords encrypted with the NS-MTA-MD5 password storage scheme.

RMCE PASSWORD STORAGE SCHEME PLUG-IN

This password storage scheme plug-in is used for example by the administration framework and is reserved for internal use.

SHA PASSWORD STORAGE SCHEME PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

SHA

DN of Configuration Entry

cn=SHA,cn=Password Storage Schemes,cn=plugins, cn=config

Description

SHA password storage scheme for password encryption.

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

If there are no passwords encrypted using the SHA password storage scheme, you may turn this plug-in off. If you want to encrypt your password with the SHA password storage scheme, choose SSHA instead. SSHA is a far more secure option.

SSHA PASSWORD STORAGE SCHEME PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

SSHA

DN of Configuration Entry

cn=SSHA,cn=Password Storage Schemes,cn=plugins, cn=config

Description

SSHA password storage scheme for password encryption.

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. Leave this plug-in running at all times.

STRONG PASSWORD CHECK PLUG-IN

When Directory Server is configured to check password quality, and this plug-in is enabled, the plug-in checks the following each time a password is added or modified.

• Clear text password values contain the classes of characters specified by the configuration.

• Clear text password values do not contain any sequence of four characters present in the dictionary file specified by the configuration.

Hashed password values such as {SSHA}0Ri1g2yqlH3GTZcuRQ4uS22syCQLBKAU2ypLSw== are not checked.

Consider the following aspects of this plug-in.

Plug-In Name

Strong Password Checking plug-in

DN of Configuration Entry

cn=Strong Password Check,cn=plugins,cn=config

Configurable options and arguments

on | off

nsslapd-pluginarg0, which takes an integer representing a mask of values representing the character classes that must be present in a valid password. Set nsslapd-pluginarg0 to one of or a sum of the following values, not counting the special values 16 and 17.

• 1 means the password must contain special characters.

• 2 means the password must contain numeric characters.

• 4 means the password must contain upper case characters.

• 8 means the password must contain lower case characters.

• 16 is a special value meaning at least three of the four character classes.

• 17 is a special value meaning at least two of the four character classes.

The default setting is 15.

nsslapd-pluginarg1, which takes the absolute file system path to an ASCII dictionary file. If the argument is missing, the dictionary check is skipped. The plug-in does not initialize and Directory Server does not start if the value of this attribute is invalid or refers to an inaccessible file.

Default settings

off

Dependencies

Default password file, install-path/resources/plugins/words-english-big.txt

POSTAL ADDRESS STRING SYNTAX PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

Postal Address Syntax

DN of Configuration Entry

cn=Postal Address Syntax,cn=plugins,cn=config

Description

Syntax used for handling postal addresses.

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. Leave this plug-in running at all times.

PTA PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

Pass Through Authentication

DN of Configuration Entry

cn=Pass Through Authentication,cn=plugins, cn=config

Description

Enables pass-through authentication, the mechanism that allows one directory to consult another to authenticate bind requests.

Configurable Options

on | off

Default Setting

off

Configurable Arguments

The LDAP URL to the configuration directory.

nsslapd-pluginarg0: ldap://config.example.com/o=example

Dependencies

None

REFERENTIAL INTEGRITY POSTOPERATION PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

Referential Integrity Postoperation

DN of Configuration Entry

cn=Referential Integrity Postoperation, cn=plugins,cn=config

Description

Enables the server to ensure referential integrity.

All attributes in all databases that are used by the referential integrity plug-in must be indexed. The indexes need to be created in the configuration of all the databases. When the retro change log is enabled, the cn=changelog suffix must be indexed.

Configurable Options

All configuration and on | off

Default Setting

off

Configurable Arguments

When enabled, the post operation Referential Integrity plug-in performs integrity updates on the member, uniquemember, owner, and seeAlso attributes immediately after a delete or rename operation. You can reconfigure the plug-in to perform integrity checks on all other attributes.

The following arguments are configurable:

1. (nsslapd-pluginarg0) Check for referential integrity

   -1 = no check for referential integrity

   0 = check for referential integrity is performed immediately

   positive integer = request for referential integrity is queued and processed at a later stage. This positive integer serves as a wake-up call for the thread to process the request, at intervals corresponding to the integer specified.

2. (nsslapd-pluginarg1) Log file for storing the change, for example /local/dsInst/logs/referint

3. (nsslapd-pluginarg2) Reserved for future use.

4. (Other nsslapd-pluginarg* attributes) Attribute names to be checked for referential integrity.

Dependencies

database type

Tuning Recommendations

Do the following when you use the referential integrity plug-in in a multi-master replication environment:

• Enable the referential integrity plug-in on all servers containing master replicas

• Enable the referential integrity plug-in with the same configuration on every master

Set the first argument to a positive value, such as 10, meaning ten seconds, to ensure that work performed by this plug-in happens asynchronously, rather than synchronously.

When enabling the plug-in, also create equality indexes for all attributes configured for use with the plug-in. The plug-in uses such indexes when searching for entries to update. Without equality indexes for the attributes it uses, the plug-in must perform costly unindexed searches that have negative impact on performance.

RETRO CHANGE LOG PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

Retro Changelog Plugin

DN of Configuration Entry

cn=Retro Changelog Plugin,cn=plugins,cn=config

Description

Used by LDAP clients for maintaining application compatibility with Directory Server 4.x versions.

Maintains a log of all changes occurring in Directory Server. The retro change log offers the same functionality as the changelog in the 4.x versions of Directory Server.

Configurable Options

on | off

Default Setting

off

Configurable Arguments

The following arguments can be configured for the retro change log plug-in:

• nsslapd-pluginarg0: -ignore_attributesconfigures the retro change log plug-in to ignore attributes specified by the following nsslapd-pluginarg. This argument is configured by default.

• nsslapd-pluginarg1: copyingFromspecifies a list of attributes to be ignored by the preceding nsslapd-pluginarg. This argument is configured by default.

• nsslapd-pluginarg2: suffixes="suffix1","suffix2" configures the retro change log to record updates to specified suffixes only

• nsslapd-pluginarg3: deletedEntryAttributes=attribute1,attribute2 configures the retro change log to record specified attributes of an entry when that entry is deleted

Dependencies

None

Performance Related Information

May slow down Directory Server performance.

Example Configuration

dn: cn=Retro Changelog Plugin,cn=plugins,cn=config
objectClass: top
objectClass: nsSlapdPlugin
objectClass: ds-signedPlugin
objectClass: extensibleObject
cn: Retro Changelog Plugin
nsslapd-pluginPath: /opt/SUNWdsee7/lib/sparcv9/retrocl-plugin.so
nsslapd-pluginInitfunc: retrocl_plugin_init
nsslapd-pluginType: object
nsslapd-plugin-depends-on-type: database
nsslapd-pluginarg0: -ignore_attributes
nsslapd-pluginarg1: copyingFrom
nsslapd-pluginarg2: suffixes="ou=people","dc=example","dc=com"
nsslapd-pluginarg3: deletedEntryAtrributes="objectclass","employeenumber"
nsslapd-changelogdir: /local/dsInst/db/changelog
nsslapd-pluginEnabled: on
nsslapd-pluginId: retrocl
nsslapd-pluginVersion: 11.1.1.5.0
nsslapd-pluginVendor: Sun Microsystems, Inc.
nsslapd-pluginDescription: Retrocl Plugin
ds-pluginSignatureState: valid signature

ROLES PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

Roles Plugin

DN of Configuration Entry

cn=Roles Plugin,cn=plugins,cn=config

Description

Enables the use of roles in Directory Server.

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

State Change Plugin

Performance Related Information

Do not modify the configuration of this plug-in. Leave this plug-in running at all times.

STATE CHANGE PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

State Change Plugin

DN of Configuration Entry

cn=State Change Plugin,cn=plugins,cn=config

Description

State change notification service plug-in for detecting updates, such as configuration changes, and triggering callbacks when updates happen.

This plug-in is used internally by the roles plug-in.

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

SUBTREE ENTRY COUNTER PLUG-INS

Consider the following aspects of this plug-in.

Plug-In Name

Subtree Entry Counter For ObjectClass

DN of Configuration Entry

cn=Subtree Entry Counter for ObjectClass,cn=plugins, cn=config

Description

Maintain a count of entries with a particular object class. The following plug-ins are provided.

• Subtree entry counter for departments in domains

• Subtree entry counter for domains within a domain

• Subtree entry counter for mail lists

• Subtree entry counter for nested departments

• Subtree entry counter for total domains

• Subtree entry counter for users

Configurable Options

on | off

Default Setting

off

Configurable Arguments

None

Dependencies

None

Performance Related Information

These plug-ins are provided for use with Messaging Server only, and are disabled by default. Leave these plug-ins disabled unless your Messaging Server requires them.

Counter Attributes Maintained

nsNumDepts

Either the number of departments within a domain, or the number of departments within a department (nested departments), depending on the DN of the entry.

nsNumDomains

Either the number of total domains, or the number of domains within a domain or nested domain, depending on the DN of the entry.

nsNumMailLists

Number of mail lists.

TELEPHONE SYNTAX PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

Telephone Syntax

DN of Configuration Entry

cn=Telephone Syntax,cn=plugins,cn=config

Description

Syntax for handling telephone numbers.

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. Leave this plug-in running at all times.

UID UNIQUENESS PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

UID Uniqueness

DN of Configuration Entry

cn=UID Uniqueness,cn=plugins,cn=config

Description

Checks that the values of specified attributes are unique each time a modification occurs on an entry.

Configurable Options

on | off

Default Setting

off

Configurable Arguments

You may configure this plug-in in either of two different ways.

1. Specify attributes that must be unique for a series of one or more subtrees identified by DNs. For example, to specify that employeeNumber and uid attribute values must be unique across both o=org1,dc=example,dc=com and o=org2,dc=example,dc=com , configure the arguments in the configuration entry as follows:

   nsslapd-pluginarg0: employeeNumber
   nsslapd-pluginarg1: uid
   nsslapd-pluginarg2: o=org1,dc=example,dc=com
   nsslapd-pluginarg3: o=org2,dc=example,dc=com

2. You specify attributes that must be unique inside congruent subtrees, optionally only on entries of a specified object class. For example, to specify that employeeNumber and uid attribute values must be unique in either o=org1,dc=example,dc=com or o=org2,dc=example,dc=com, but only on entries of the inetOrgPerson object class, configure the arguments in the configuration entry as follows:

   nsslapd-pluginarg0: employeeNumber
   nsslapd-pluginarg1: uid
   nsslapd-pluginarg2: MarkerObjectClass="organization"
    RequiredObjectClass="inetOrgPerson"

Dependencies

database type

Performance Related Information

Directory Server provides the UID Uniqueness plug-in by default. To ensure unique values for other attributes, you can create instances of the UID Uniqueness plug-in for those attributes.

The UID Uniqueness plug-in may slow down Directory Server performance.

URI PLUG-IN

Consider the following aspects of this plug-in.

Plug-In Name

URI Syntax

DN of Configuration Entry

cn=URI Syntax,cn=plugins,cn=config

Description

Syntax for handling URIs (Unique Resource Identifiers) including URLs (Unique Resource Locators.)

Configurable Options

on | off

Default Setting

on

Configurable Arguments

None

Dependencies

None

Performance Related Information

Do not modify the configuration of this plug-in. Leave this plug-in running at all times.

Attributes

See attributes(5) for descriptions of the following attributes:

See Also

dse.ldif(4)