beautypg.com

Note, Nsslapd-localhost (local host), Nsslapd-localuser (local user) – Red Hat 8.1 User Manual

Page 38: Nsslapd-lockdir (server lock file directory), Nsslapd-maxbersize (maximum message size)

background image

Parameter

Description

Entry DN

cn=config

Valid Values

Any local hostname, IPv4 or IPv6 address

Default Value
Syntax

DirectoryString

Example

nsslapd-listenhost: ldap.example.com

NOTE

On HP-UX the hostname value can be a relocatable IP address.

2.3.1.73. nsslapd-localhost (Local Host)

This attribute specifies the host machine on which the Directory Server runs. This attribute is used to
create the referral URL that forms part of the MMR protocol. In a high-availability configuration with
failover nodes, that referral should point to the virtual name of the cluster, not the local hostname.

Parameter

Description

Entry DN

cn=config

Valid Values

Any fully qualified hostname.

Default Value

Hostname of installed machine.

Syntax

DirectoryString

Example

nsslapd-localhost: phonebook.example.com

2.3.1.74 . nsslapd-localuser (Local User)

This attribute sets the user as whom the Directory Server runs. The group as which the user runs is
derived from this attribute by examining the user's primary group. Should the user change, then all of the
instance-specific files and directories for this instance need to be changed to be owned by the new user,
using a tool such as chown.

The value for the nsslapd-localuser is set initially when the server instance is configured.

Parameter

Description

Entry DN

cn=config

Valid Values

Any valid user

Default Value
Syntax

DirectoryString

Example

nsslapd-localuser: nobody

2.3.1.75. nsslapd-lockdir (Server Lock File Directory)

This is the full path to the directory the server uses for lock files. The default value is
/var/lock/dirsrv/slapd-instance_name. Changes to this value will not take effect until the server
is restarted.

Parameter

Description

Entry DN

cn=config

Valid Values

Absolute path to a directory owned by the server
user ID with write access to the server ID

Default Value

/var/lock/dirsrv/slapd-instance_name

Syntax

DirectoryString

Example

nsslapd-lockdir:
/var/lock/dirsrv/slapd-instance_name

2.3.1.76. nsslapd-maxbersize (Maximum Message Size)

Defines the maximum size in bytes allowed for an incoming message. This limits the size of LDAP
requests that can be handled by the Directory Server. Limiting the size of requests prevents some kinds
of denial of service attacks.

The limit applies to the total size of the LDAP request. For example, if the request is to add an entry and
if the entry in the request is larger than two megabytes, then the add request is denied. Be cautious
before changing this attribute.

The server should be restarted for changes in this attribute to take effect.

Parameter

Description

38

Chapter 2. Core Server Configuration Reference