3.5. Database Link Plug-in Attributes (Chaining Attributes)

3.5. Database Link Plug-in Attributes (Chaining Attributes)

The database link plug-in attributes are also organized in an information tree, as shown in the following diagram:

Database Link Plug-in
Figure 3.4. Database Link Plug-in

All plug-in technology used by the database link instances is stored in the cn=chaining database plug-in node. This section presents the additional attribute information for the three nodes marked in bold in the cn=chaining database, cn=plugins, cn=config information tree in Figure 3.4, “Database Link Plug-in”.

3.5.1. Database Link Attributes under cn=config, cn=chaining database, cn=plugins, cn=config

This section covers global configuration attributes common to all instances are stored in the cn=config, cn=chaining database, cn=plugins, cn=config tree node.

3.5.1.1. nsActiveChainingComponents

This attribute lists the components using chaining. A component is any functional unit in the server. The value of this attribute overrides the value in the global configuration attribute. To disable chaining on a particular database instance, use the value None. This attribute also allows the components used to chain to be altered. By default, no components are allowed to chain, which explains why this attribute will probably not appear in a list of cn=config, cn=chaining database, cn=config attributes, as LDAP considers empty attributes to be non-existent.

Parameter Description
Entry DN cn=config, cn=chaining database, cn=plugins, cn=config
Valid Values Any valid component entry
Default Value None
Syntax DirectoryString
Example nsActiveChainingComponents: cn=uid uniqueness, cn=plugins, cn=config

3.5.1.2. nsMaxResponseDelay

This error detection, performance-related attribute specifies the maximum amount of time it can take a remote server to respond to an LDAP operation request made by a database link before an error is suspected. Once this delay period has been met, the database link tests the connection with the remote server.

Parameter Description
Entry DN cn=config, cn=chaining database, cn=plugins, cn=config
Valid Values Any valid delay period in seconds
Default Value 60 seconds
Syntax Integer
Example nsMaxResponseDelay: 60

3.5.1.3. nsMaxTestResponseDelay

This error detection, performance-related attribute specifies the duration of the test issued by the database link to check whether the remote server is responding. If a response from the remote server is not returned before this period has passed, the database link assumes the remote server is down, and the connection is not used for subsequent operations.

Parameter Description
Entry DN cn=config, cn=chaining database, cn=plugins, cn=config
Valid Values Any valid delay period in seconds
Default Value 15 seconds
Syntax Integer
Example nsMaxTestResponseDelay: 15

3.5.1.4. nsTransmittedControls

This attribute, which can be both a global (and thus dynamic) configuration or an instance (that is, cn=database link instance, cn=chaining database, cn=plugins, cn=config) configuration attribute, allows the controls the database link forwards to be altered. The following controls are forwarded by default by the database link:

  • Managed DSA (OID: 2.16.840.1.113730.3.4.2)

  • Virtual list view (VLV) (OID: 2.16.840.1.113730.3.4.9)

  • Server side sorting (OID: 1.2.840.113556.1.4.473)

Parameter Description
Entry DN cn=config, cn=chaining database, cn=plugins, cn=config
Valid Values Any valid OID or the above listed controls forwarded by the database link
Default Value None
Syntax Integer
Example nsTransmittedControls: 1.2.840.113556.1.4.473

3.5.2. Database Link Attributes under cn=default instance config, cn=chaining database, cn=plugins, cn=config

Default instance configuration attributes for instances are housed in the cn=default instance config, cn=chaining database, cn=plugins, cn=config tree node.

3.5.2.1. nsAbandonedSearchCheckInterval

This attribute shows the number of seconds that pass before the server checks for abandoned operations.

Parameter Description
Entry DN cn=default instance config, cn=chaining database, cn=plugins, cn=config
Valid Range 0 to maximum 32-bit integer (2147483647) seconds
Default Value 1
Syntax Integer
Example nsAbandonedSearchCheckInterval: 10

3.5.2.2. nsBindConnectionsLimit

This attribute shows the maximum number of TCP connections the database link establishes with the remote server.

Parameter Description
Entry DN cn=default instance config, cn=chaining database, cn=plugins, cn=config
Valid Range 1 to 50 connections
Default Value 3
Syntax Integer
Example nsBindConnectionsLimit: 3

3.5.2.3. nsBindRetryLimit

Contrary to what the name suggests, this attribute does not specify the number of times a database link retries to bind with the remote server but the number of times it tries to bind with the remote server. A value of 1 here indicates that the database link only attempts to bind once.

NOTE

Retries only occur for connection failures and not for other types of errors, scuh as invalid bind DNs or bad passwords.

Parameter Description
Entry DN cn=default instance config, cn=chaining database, cn=plugins, cn=config
Valid Range 0 to 5
Default Value 3
Syntax Integer
Example nsBindRetryLimit: 3

3.5.2.4. nsBindTimeout

This attribute shows the amount of time before the bind attempt times out. There is no real valid range for this attribute, except reasonable patience limits.

Parameter Description
Entry DN cn=default instance config, cn=chaining database, cn=plugins, cn=config
Valid Range 0 to 60 seconds
Default Value 15
Syntax Integer
Example nsBindTimeout: 15

3.5.2.5. nsCheckLocalACI

Reserved for advanced use only. This attribute controls whether ACIs are evaluated on the database link as well as the remote data server. Changes to this attribute only take effect once the server has been restarted.

Parameter Description
Entry DN cn=default instance config, cn=chaining database, cn=plugins, cn=config
Valid Values on | off
Default Value off
Syntax DirectoryString
Example nsCheckLocalACI: on

3.5.2.6. nsConcurrentBindLimit

This attribute shows the maximum number of concurrent bind operations per TCP connection.

Parameter Description
Entry DN cn=default instance config, cn=chaining database, cn=plugins, cn=config
Valid Range 1 to 25 binds
Default Value 10
Syntax Integer
Example nsConcurrentBindLimit: 10

3.5.2.7. nsConcurrentOperationsLimit

This attribute specifies the maximum number of concurrent operations allowed.

Parameter Description
Entry DN cn=default instance config, cn=chaining database, cn=plugins, cn=config
Valid Range 1 to 50 operations
Default Value 2
Syntax Integer
Example nsConcurrentOperationsLimit: 5

3.5.2.8. nsConnectionLife

This attribute specifies connection lifetime. Connections between the database link and the remote server can be kept open for an unspecified time or closed after a specific period of time. It is faster to keep the connections open, but it uses more resources. When the value is 0 and a list of failover servers is provided in the nsFarmServerURL attribute, the main server is never contacted after failover to the alternate server.

Parameter Description
Entry DN cn=default instance config, cn=chaining database, cn=plugins, cn=config
Valid Range 0 to limitless seconds (where 0 means forever)
Default Value 0
Syntax Integer
Example nsConnectionLife: 0

3.5.2.9. nsOperationConnectionsLimit

This attribute shows the maximum number of LDAP connections the database link establishes with the remote server.

Parameter Description
Entry DN cn=default instance config, cn=chaining database, cn=plugins, cn=config
Valid Range 1 to n connections
Default Value 20
Syntax Integer
Example nsOperationConnectionsLimit: 10

3.5.2.10. nsProxiedAuthorization

Reserved for advanced use only. This attribute can disable proxied authorization with a value of off.

Parameter Description
Entry DN cn=default instance config, cn=chaining database, cn=plugins, cn=config
Valid Values on | off
Default Value on
Syntax DirectoryString
Example nsProxiedAuthorization: on

3.5.2.11. nsReferralOnScopedSearch

This attribute controls whether referrals are returned by scoped searches. This attribute can be used to optimize the directory because returning referrals in response to scoped searches is more efficient. A referral is returned to all the configured farm servers.

Parameter Description
Entry DN cn=default instance config, cn=chaining database, cn=plugins, cn=config
Valid Values on | off
Default Value off
Syntax DirectoryString
Example nsReferralOnScopedSearch: off

3.5.2.12. nsSizeLimit

This attribute specifies the default size limit for the database link in bytes.

Parameter Description
Entry DN cn=default instance config, cn=chaining database, cn=plugins, cn=config
Valid Range -1 (no limit) to maxmum 32-bit integer (2147483647) entries
Default Value 2000
Syntax Integer
Example nsslapd-sizelimit: 2000

3.5.2.13. nsTimeLimit

This attribute specifies the default search time limit for the database link.

Parameter Description
Entry DN cn=default instance config, cn=chaining database, cn=plugins, cn=config
Valid Range -1 to maxmum 32-bit integer (2147483647) seconds
Default Value 3600
Syntax Integer
Example nsslapd-timelimit: 3600

3.5.3. Database Link Attributes under cn=database link instance name, cn=chaining database, cn=plugins, cn=config

This information node stores the attributes concerning the server containing the data. A farm server is a server which contains data on databases. This attribute can contain optional servers for failover, separated by spaces. For cascading chaining, this URL can point to another database link.

3.5.3.1. nsFarmServerURL

This attribute gives the LDAP URL of the remote server. A farm server is a server containing data in one or more databases. This attribute can contain optional servers for failover, separated by spaces. If using cascading changing, this URL can point to another database link.

Parameter Description
Entry DN cn=database link instance name, cn=chaining database, cn=plugins, cn=config
Valid Values Any valid remote server LDAP URL
Default Value
Syntax DirectoryString
Example nsFarmServerURL: ldap://farm1.example.com:389 ldap://farm2.example.com:1389

3.5.3.2. nsMultiplexorBindDN

This attribute gives the DN of the administrative entry used to communicate with the remote server. The multiplexor is the server that contains the database link and communicates with the farm server. This bind DN cannot be the Directory Manager, and, if this attribute is not specified, the database link binds as anonymous.

Parameter Description
Entry DN cn=database link instance name, cn=chaining database, cn=plugins, cn=config
Valid Values
Default Value DN of the multiplexor
Syntax DirectoryString
Example nsMultiplexerBindDN: cn=proxy manager

3.5.3.3. nsMultiplexorCredentials

Password for the administrative user, given in plain text. If no password is provided, it means that users can bind as anonymous. The password is encrypted in the configuration file. The example below is what is shown, not what is typed.

Parameter Description
Entry DN cn=database link instance name, cn=chaining database, cn=plugins, cn=config
Valid Values Any valid password, which will then be encrypted using the DES reversible password encryption schema
Default Value
Syntax DirectoryString
Example nsMultiplexerCredentials: {DES} 9Eko69APCJfF

3.5.3.4. nshoplimit

This attribute specifies the maximum number of times a database is allowed to chain; that is, the number of times a request can be forwarded from one database link to another.

Parameter Description
Entry DN cn=database link instance name, cn=chaining database, cn=plugins, cn=config
Valid Range 1 to an appropriate upper limit for the deployment
Default Value 10
Syntax Integer
Example nsHopLimit: 3

3.5.4. Database Link Attributes under cn=monitor, cn=database instance name, cn=chaining database, cn=plugins, cn=config

Attributes used for monitoring activity on the instances are stored in the cn=monitor, cn=database instance name, cn=chaining database, cn=plugins, cn=config information tree.

nsAddCount

This attribute gives the number of add operations received.

nsDeleteCount

This attribute gives the number of delete operations received.

nsModifyCount

This attribute gives the number of modify operations received.

nsRenameCount

This attribute gives the number of rename operations received.

nsSearchBaseCount

This attribute gives the number of base level searches received.

nsSearchOneLevelCount

This attribute gives the number of one-level searches received.

nsSearchSubtreeCount

This attribute gives the number of subtree searches received.

nsAbandonCount

This attribute gives the number of abandon operations received.

nsBindCount

This attribute gives the number of bind requests received.

nsUnbindCount

This attribute gives the number of unbinds received.

nsCompareCount

This attribute gives the number of compare operations received.

nsOperationConnectionCount

This attribute gives the number of open connections for normal operations.

nsBindConnectionCount

This attribute gives the number of open connections for bind operations.


Note: This documentation is provided {and copyrighted} by Red Hat®, Inc. and is released via the Open Publication License. The copyright holder has added the further requirement that Distribution of substantively modified versions of this document is prohibited without the explicit permission of the copyright holder. The CentOS project redistributes these original works (in their unmodified form) as a reference for CentOS-5 because CentOS-5 is built from publicly available, open source SRPMS. The documentation is unmodified to be compliant with upstream distribution policy. Neither CentOS-5 nor the CentOS Project are in any way affiliated with or sponsored by Red Hat®, Inc.