SLAPO-CLOAK 5 "RELEASEDATE" "OpenLDAP LDVERSION"
Copyright 1998-2021 The OpenLDAP Foundation, All Rights Reserved.Copying restrictions apply. See the COPYRIGHT file.
$OpenLDAP$
NAME
slapo-cloak - Attribute cloak overlay to slapd
SYNOPSIS
ETCDIR/slapd.conf
DESCRIPTION
The
cloak overlay to
slapd (8) allows the server to hide specific attributes, unless explicitly requested
by the client. This improve performance when a client requests all attributes
and get a huge binary attribute that is of no interest for it.
This behavior is disabled when the manageDSAit
control (RFC 3296) is used.
CONFIGURATION
The config directives that are specific to the
cloak overlay must be prefixed by
cloak- , to avoid potential conflicts with directives specific to the underlying
database or to other stacked overlays.
overlay cloak This directive adds the cloak overlay to the current database, or to the frontend, if used before any database instantiation; see slapd.conf (5) for details.
This slapd.conf configuration option is defined for the cloak overlay. It may have multiple occurrences, and it must appear after the overlay directive:
cloak-attr <attribute> [<class>] The value <attribute> is the name of the attribute that will be cloaked. The optional <class> restricts cloaking only to entries of the named <class>.
EXAMPLE
This example hide the
jpegPhoto attribute. Add the following to slapd.conf:
database <database> # ... overlay cloak cloak-attr jpegPhoto
and that slapd loads cloak.la, if compiled as a run-time module;
FILES
ETCDIR/slapd.conf default slapd configuration file
SEE ALSO
slapd.conf (5), slapd (8). The
slapo-cloak (5) overlay supports dynamic configuration via
back-config . ACKNOWLEDGEMENTS
This module was originally written in 2008 by Emmanuel Dreyfus.