Red Hat Directory Server 8.0 Configuration, Command, and File Reference
allowing write permissions to everyone can result in the logs being overwritten or deleted by
anyone.
The newly configured access mode only affects new logs that are created; the mode is set
when the log rotates to a new file.
Parameter Description
Entry DN cn=config
Valid Range 000 through 777
Default Value 600
Syntax Integer
Example nsslapd-errorlog-mode: 600
3.1.57. nsslapd-groupevalnestlevel
This attribute is deprecated, and documented here only for historical purposes.
The Access Control Plug-in does not use the value specified by the
nsslapd-groupevalnestlevel attribute to set the number of levels of nesting that access
control performs for group evaluation. Instead, the number of levels of nesting is hardcoded as
5.
Parameter Description
Entry DN cn=config
Valid Range 0 to 5
Default Value 5
Syntax Integer
Example nsslapd-groupevalnestlevel: 5
3.1.58. nsslapd-idletimeout (Default Idle Timeout)
This attribute sets the amount of time in seconds after which an idle LDAP client connection is
closed by the server. A value of 0 means that the server never closes idle connections. This
setting applies to all connections and all users. Idle timeout is enforced when the connection
table is walked, when poll() does not return zero. Therefore, a server with a single connection
never enforces the idle timeout.
Use the nsIdleTimeout operational attribute, which can be added to user entries, to override
the value assigned to this attribute. For details, see the "Setting Resource Limits Based on the
Bind DN" section in the Directory Server Administrator's Guide.
Parameter Description
Entry DN cn=config
cn=config
41