Note, Nsslapd-referralmode (referral mode) – Red Hat 8.1 User Manual
Page 42
entries:
ou=People,dc=example,dc=com
but the request is for this entry:
ou=Groups,dc=example,dc=com
In this case, the referral would be passed back to the client in an attempt to allow the LDAP client to
locate a server that contains the requested entry. Although only one referral is allowed per Directory
Server instance, this referral can have multiple values.
NOTE
To use SSL and TLS communications, the referral attribute should be in the form
ldaps://server-location.
Start TLS does not support referrals.
For more information on managing referrals, see the "Configuring Directory Databases" chapter in the
Directory Server Administrator's Guide.
Parameter
Description
Entry DN
cn=config
Valid Values
Any valid LDAP URL in the form ldap://server-
location
Default Value
Syntax
DirectoryString
Example
nsslapd-referral: ldap://ldap.example.com
2.3.1.88. nsslapd-referralmode (Referral Mode)
When set, this attribute sends back the referral for any request on any suffix.
Parameter
Description
Entry DN
cn=config
Valid Values
Any valid LDAP URL in the form >ldap://server-
location
Default Value
Syntax
DirectoryString
Example
nsslapd-referralmode: ldap://ldap.example.com
2.3.1.89. nsslapd-reservedescriptors (Reserved File Descriptors)
This attribute specifies the number of file descriptors that Directory Server reserves for managing non-
client connections, such as index management and managing replication. The number of file descriptors
that the server reserves for this purpose subtracts from the total number of file descriptors available for
servicing LDAP client connections (See
Section 2.3.1.77, “nsslapd-maxdescriptors (Maximum File
Most installations of Directory Server should never need to change this attribute. However, consider
increasing the value on this attribute if all of the following are true:
The server is replicating to a large number of consumer servers (more than 10), and/or the server is
maintaining a large number of index files (more than 30).
The server is servicing a large number of LDAP connections.
There are error messages reporting that the server is unable to open file descriptors (the actual
error message differs depending on the operation that the server is attempting to perform), but these
error messages are not related to managing client LDAP connections.
Increasing the value on this attribute may result in more LDAP clients being unable to access the
directory. Therefore, the value on this attribute is increased, also increase the value on the nsslapd-
maxdescriptors attribute. It may not be possible to increase the nsslapd-maxdescriptors value if
the server is already using the maximum number of file descriptors that the operating system allows a
process to use; see the operating system documentation for details. If this is the case, then reduce the
load on the server by causing LDAP clients to search alternative directory replicas. See
for information about file descriptor usage for incoming connections.
To assist in computing the number of file descriptors set for this attribute, use the following formula:
4 2
Chapter 2. Core Server Configuration Reference