Nsslapd-config, Nsslapd-conntablesize, Nsslapd-counters – Red Hat 8.1 User Manual

Page 28: Nsslapd-csnlogging

Advertising
background image

Example

/etc/dirsrv/slapd-phonebook

2.3.1.36. nsslapd-certmap-basedn (Certificate Map Search Base)

This attribute can be used when client authentication is performed using SSL certificates in order to
avoid limitations of the security subsystem certificate mapping, configured in the certmap.conf file.
Depending on the certmap.conf configuration, the certificate mapping may be done using a directory
subtree search based at the root DN. If the search is based at the root DN, then the nsslapd-certmap-
basedn attribute may force the search to be based at some entry other than the root. The valid value for
this attribute is the DN of the suffix or subtree to use for certificate mapping. For further information on
configuring for SSL, see the "Managing SSL" chapter in the Directory Server Administrator's Guide.

2.3.1.37. nsslapd-config

This read-only attribute is the config DN.

Parameter

Description

Entry DN

cn=config

Valid Values

Any valid configuration DN

Default Value
Syntax

DirectoryString

Example

nsslapd-config: cn=config

2.3.1.38. nsslapd-conntablesize

This attribute sets the connection table size, which determines the total number of connections
supported by the server.

The server has to be restarted for changes to this attribute to go into effect.

Parameter

Description

Entry DN

cn=config

Valid Values

Operating-system dependent

Default Value

The default value is the system's max
descriptors, which can be configured using the

Section 2.3.1.77, “nsslapd-maxdescriptors
(Maximum File Descriptors)”

attribute.

Syntax

Integer

Example

nsslapd-conntablesize: 4093

Increase the value of this attribute if Directory Server is refusing connections because it is out of
connection slots. When this occurs, the Directory Server's error log file records the message Not
listening for new connections -- too m any fds open.

A server restart is required for the change to take effect.

It may be necessary to increase the operating system limits for the number of open files and number of
open files per process, and it may be necessary to increase the ulimit for the number of open files
(ulimit -n) in the shell that starts the Directory Server. See

Section 2.3.1.77, “nsslapd-maxdescriptors

(Maximum File Descriptors)”

for more information.

2.3.1.39. nsslapd-counters

The nsslapd-counters attribute enables and disables Directory Server database and server
performance counters.

There can be a performance impact by keeping track of the larger counters. Turning off 64-bit integers
for counters can have a minimal improvement on performance, although it negatively affects long term
statistics tracking.

This parameter is enabled by default. To disable counters, stop the Directory Server, edit the dse.ldif
file directly, and restart the server.

Parameter

Description

Entry DN

cn=config

Valid Values

on | off

Default Value

on

Syntax

DirectoryString

Example

nsslapd-counters: on

2.3.1.4 0. nsslapd-csnlogging

28

Chapter 2. Core Server Configuration Reference

Advertising
Popular Brands
Popular manuals