http://www.openldap.org/doc/admin24/intro.html#What%20is%20slapd%20and%20what%20can%20it%20do
1.9. What is slapd and what can it do?
slapd(8) is an LDAP directory server that runs on many different platforms. You can use it to provide a directory service of your very own.
slapd是一个可以运行在不同平台上的ldap目录服务器。你能用它来提供一个完全自己的目录服务。
Your directory can contain pretty much anything you want to put in it. You can connect it to the global LDAP directory service, or run a service all by yourself.
你能
Some of slapd's more interesting features and capabilities include:
slapd's的一些感兴趣特性和功能如下:
LDAPv3: slapd implements version 3 of Lightweight Directory Access Protocol. slapd supports LDAP over both IPv4 and IPv6 and Unix IPC.
ldapv3:slapd实现了ldap协议的第三版。slapd支持ldap通过
Simple Authentication and Security Layer: slapd supports strong authentication and data security (integrity and confidentiality) services through the use of SASL.
SASL:slapd支持强认证和数据安全服务通过使用sasl.
slapd's SASL implementation utilizes Cyrus SASL software which supports a number of mechanisms including DIGEST-MD5, EXTERNAL, and GSSAPI.
slapd's sasl实现利用了cyrus sasl 软件,这个软件支持大量的机制包括DIGEST-MD5, EXTERNAL, and GSSAPI。
Transport Layer Security: slapd supports certificate-based authentication and data security (integrity and confidentiality) services through the use of TLS (or SSL).
TLS:slapd支持基于证书的认证与数据安全服务通过使用tls或ssl。
slapd's TLS implementation can utilize OpenSSL, GnuTLS, or MozNSS software.
slapd's tls实现利用了openssl,gnutls,或者moznss软件。
Topology control: slapd can be configured to restrict access at the socket layer based upon network topology information. This feature utilizes TCP wrappers.
Access control: slapd provides a rich and powerful access control facility, allowing you to control access to the information in your database(s).
You can control access to entries based on LDAP authorization information, IP address, domain name and other criteria. slapd supports both static and dynamic access control information.
Internationalization: slapd supports Unicode and language tags.
Choice of database backends: slapd comes with a variety of different database backends you can choose from. They include BDB, a high-performance transactional database backend; HDB, a hierarchical high-performance transactional backend; SHELL, a backend interface to arbitrary shell scripts; and PASSWD, a simple backend interface to the passwd(5) file. The BDB and HDB backends utilize Oracle Berkeley DB.
Multiple database instances: slapd can be configured to serve multiple databases at the same time. This means that a single slapd server can respond to requests for many logically different portions of the LDAP tree, using the same or different database backends.
Generic modules API: If you require even more customization, slapd lets you write your own modules easily. slapd consists of two distinct parts: a front end that handles protocol communication with LDAP clients; and modules which handle specific tasks such as database operations. Because these two pieces communicate via a well-defined C API, you can write your own customized modules which extend slapd in numerous ways. Also, a number of programmable database modules are provided. These allow you to expose external data sources to slapd using popular programming languages (Perl, shell, and SQL).
Threads: slapd is threaded for high performance. A single multi-threaded slapd process handles all incoming requests using a pool of threads. This reduces the amount of system overhead required while providing high performance.
Replication: slapd can be configured to maintain shadow copies of directory information. This single-master/multiple-slave replication scheme is vital in high-volume environments where a single slapd installation just doesn't provide the necessary availability or reliability. For extremely demanding environments where a single point of failure is not acceptable, multi-master replication is also available. slapd includes support for LDAP Sync-based replication.
Proxy Cache: slapd can be configured as a caching LDAP proxy service.
Configuration: slapd is highly configurable through a single configuration file which allows you to change just about everything you'd ever want to change. Configuration options have reasonable defaults, making your job much easier. Configuration can also be performed dynamically using LDAP itself, which greatly improves manageability.
softerra ldap administrator 2015.1 chm文档
概念
DIT
entry
rootdse
LDAP Referrals
n. 推荐;下线(referral的复数);参考
Glossary
n. 术语(特殊用语)表;词汇表;专业词典