Human-readable, hyperlinked view of the default directory schema.

About This Reference

This reference describes the default directory schema. Each schema definition has its own section, with links to related sections. Reference pages for the most commonly used elements may include additional descriptions and examples that are not present in the directory schema definitions.

This reference does not include directory configuration attributes and object classes, collation matching rules.

LDAP directory schema defines how data can be stored in the directory. When a directory server receives a request to update directory data, it can check the data changes against the directory schema, refusing any request that would result in a violation of the directory schema and directory data corruption.

Schema checking prevents errors such as the following:

  • Adding inappropriate attributes to an entry

  • Removing required attributes from an entry

  • Using an attribute value that has the wrong syntax

  • Adding the wrong type of subordinate object

LDAP directory schema consists of definitions for the following:

Attribute types

Define attributes of directory entries, including their syntaxes and matching rules

Directory Information Tree (DIT) content rules

Define the content of entries with a given structural object class

DIT structure rules

Define the names entries may have, and how entries may be related to each other

Matching rules

Define how values of attributes are matched and compared

Matching rule uses

List attributes that can be used with an extensibleMatch search filter

Name forms

Define naming relations for structural object classes

Object classes

Define the types of objects that an entry represents, and the required and optional attributes for entries of those types

Syntaxes

Define the encodings used in LDAP

For a technical description of LDAP directory schema, read Directory Schema in Lightweight Directory Access Protocol (LDAP): Directory Information Models (RFC 4512).

LDAP directory servers allow client applications to access directory schema while the server is running. This enables applications to validate their changes against the schema before sending an update request to the server. As a result, LDAP schema definitions are optimized for applications, not humans. The reader must resolve relationships between schema definitions, and must find most documentation elsewhere.

Chapter 1. Attribute Types

1.1. abandonRequests

OID 1.3.6.1.4.1.36733.2.1.1.74
Names abandonRequests
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.2. aci

Values are Access Control Instructions (ACI). See the directory documentation for details.

OID 2.16.840.1.113730.3.1.55
Names aci
Description Sun-defined access control information attribute type
Equality Matching Rule octetStringMatch
Ordering Matching Rule octetStringOrderingMatch
Syntax SunDefinedAccessControlInformation
Single Value false: multiple values allowed
User Modification Allowed true
Usage directoryOperation
Origin Sun Java System Directory Server
Schema File 00-core.ldif

1.3. aclRights

Shows effective access rights. See the directory documentation for details.

OID 1.3.6.1.4.1.42.2.27.9.1.39
Names aclRights
Description Sun-defined access control effective rights attribute type
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed false
Usage directoryOperation
Origin Sun Java System Directory Server
Schema File 00-core.ldif

1.4. aclRightsInfo

Shows how the server calculates effective access rights. See the directory documentation for details.

OID 1.3.6.1.4.1.42.2.27.9.1.40
Names aclRightsInfo
Description Sun-defined access control effective rights information attribute type
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed false
Usage directoryOperation
Origin Sun Java System Directory Server
Schema File 00-core.ldif

1.5. addRequests

OID 1.3.6.1.4.1.36733.2.1.1.75
Names addRequests
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.6. addResponses

OID 1.3.6.1.4.1.36733.2.1.1.76
Names addResponses
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.7. administratorsAddress

An address for contacting the administrator who manages the server. For example, mailto:helpdesk@example.com.

OID 1.3.6.1.4.1.1466.101.120.1
Names administratorsAddress
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage directoryOperation
Origin draft-wahl-ldap-adminaddr
Schema File 00-core.ldif

1.8. aliasedObjectName

Holds the name of the entry that an alias points to.

An alias name is an alternative name for an entry. Alias objects are leaf entries (no subordinates).

ForgeRock servers do not support alias dereferencing.

OID 2.5.4.1
Names aliasedObjectName
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4512
Schema File 00-core.ldif

1.9. altServer

This operational attribute lists URIs of alternate servers to contact when this server is not available.

OID 1.3.6.1.4.1.1466.101.120.6
Names altServer
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage dSAOperation
Origin RFC 4512
Schema File 00-core.ldif

1.10. aRecord

A type A (address) DNS resource record.

OID 0.9.2342.19200300.100.1.26
Names aRecord
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 1274
Schema File 00-core.ldif

1.11. associatedDomain

An attribute for specifying DNS host names associated with an object. For example, the entry with DN dc=example,dc=com could have an associated domain of example.com.

Values of this attribute conform to the following ABNF:

domain = root / label *( DOT label )
root   = SPACE
label  = LETDIG [ *61( LETDIG / HYPHEN ) LETDIG ]
LETDIG = %x30-39 / %x41-5A / %x61-7A ; "0" - "9" / "A"-"Z" / "a"-"z"
SPACE  = %x20                        ; space (" ")
HYPHEN = %x2D                        ; hyphen ("-")
DOT    = %x2E                        ; period (".")
    
OID 0.9.2342.19200300.100.1.37
Names associatedDomain
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreIA5SubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4524
Schema File 00-core.ldif

1.12. associatedName

DNs of entries associated with a DNS domain.

OID 0.9.2342.19200300.100.1.38
Names associatedName
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4524
Schema File 00-core.ldif

1.13. attributeMap

OID 1.3.6.1.4.1.11.1.3.1.1.9
Names attributeMap
Description Attribute mappings used, required, or supported by an agent or service
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4876
Schema File 05-rfc4876.ldif

1.14. attributeTypes

This operational attribute used in LDAP schema defines attribute types, which specify attributes of directory entries, including their syntaxes and matching rules.

OID 2.5.21.5
Names attributeTypes
Equality Matching Rule objectIdentifierFirstComponentMatch
Syntax AttributeTypeDescription
Single Value false: multiple values allowed
User Modification Allowed true
Usage directoryOperation
Origin RFC 4512
Schema File 00-core.ldif

1.15. audio

Attribute for storing sounds encoded according to the algorithm.

OID 0.9.2342.19200300.100.1.55
Names audio
Equality Matching Rule octetStringMatch
Ordering Matching Rule octetStringOrderingMatch
Syntax OctetString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 2798
Schema File 00-core.ldif

1.16. authenticationMethod

OID 1.3.6.1.4.1.11.1.3.1.1.6
Names authenticationMethod
Description Identifies the types of authentication methods either used, required, or provided by a service or peer
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4876
Schema File 05-rfc4876.ldif

1.17. authorityRevocationList

X.509 certificate lists, as described in X.509 clause 11.2.5.

Request and transfer values using the binary option for the attribute description, authorityRevocationList;binary.

OID 2.5.4.38
Names authorityRevocationList
Equality Matching Rule octetStringMatch
Ordering Matching Rule octetStringOrderingMatch
Syntax CertificateList
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4523
Schema File 00-core.ldif

1.18. authPassword

Encoded or hashed passwords, prefixed with a scheme and authentication info.

OID 1.3.6.1.4.1.4203.1.3.4
Names authPassword
Description password authentication information
Equality Matching Rule authPasswordExactMatch
Syntax AuthenticationPasswordSyntax
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 3112
Schema File 03-rfc3112.ldif

1.19. automountInformation

OID 1.3.6.1.1.1.1.33
Names automountInformation
Description Automount information
Equality Matching Rule caseExactIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseExactIA5SubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.20. automountKey

OID 1.3.6.1.1.1.1.32
Names automountKey
Description Automount Key value
Equality Matching Rule caseExactIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseExactIA5SubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.21. automountMapName

OID 1.3.6.1.1.1.1.31
Names automountMapName
Description automount Map Name
Equality Matching Rule caseExactIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseExactIA5SubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.22. bindRequests

OID 1.3.6.1.4.1.36733.2.1.1.77
Names bindRequests
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.23. bindResponses

OID 1.3.6.1.4.1.36733.2.1.1.78
Names bindResponses
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.24. bindTimeLimit

OID 1.3.6.1.4.1.11.1.3.1.1.4
Names bindTimeLimit
Description Maximum time an agent or service allows for a bind operation to complete
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4876
Schema File 05-rfc4876.ldif

1.25. blockInheritance

OID 1.3.6.1.4.1.7628.5.4.2
Names blockInheritance
Equality Matching Rule booleanMatch
Syntax Boolean
Single Value true
User Modification Allowed false
Usage dSAOperation
Origin draft-ietf-ldup-subentry
Schema File 00-core.ldif

1.26. bootFile

OID 1.3.6.1.1.1.1.24
Names bootFile
Description Boot image name
Equality Matching Rule caseExactIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.27. bootParameter

OID 1.3.6.1.1.1.1.23
Names bootParameter
Description rpc.bootparamd parameter
Equality Matching Rule caseExactIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.28. buildingName

Names of buildings where an organization or organizational unit is based.

OID 0.9.2342.19200300.100.1.48
Names buildingName
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4524
Schema File 00-core.ldif

1.29. businessCategory

The kind of business performed by an organization. Each kind corresponds to a different attribute value.

OID 2.5.4.15
Names businessCategory
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.30. bytesRead

OID 1.3.6.1.4.1.36733.2.1.1.67
Names bytesRead
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.31. bytesWritten

OID 1.3.6.1.4.1.36733.2.1.1.68
Names bytesWritten
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.32. c-FacsimileTelephoneNumber

Fax phone number for a collection of entries.

OID 2.5.4.23.1
Names c-FacsimileTelephoneNumber
Superior Type facsimileTelephoneNumber
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax FacsimileTelephoneNumber
Single Value false: multiple values allowed
Collective true
User Modification Allowed true
Usage userApplications
Origin RFC 3671
Schema File 00-core.ldif

1.33. c-InternationalISDNNumber

ISDN address for a collection of entries.

OID 2.5.4.25.1
Names c-InternationalISDNNumber
Superior Type internationaliSDNNumber
Equality Matching Rule numericStringMatch
Ordering Matching Rule numericStringOrderingMatch
Substring Matching Rule numericStringSubstringsMatch
Syntax NumericString
Single Value false: multiple values allowed
Collective true
User Modification Allowed true
Usage userApplications
Origin RFC 3671
Schema File 00-core.ldif

1.34. c-l

Name of a locality or place for a collection of entries.

OID 2.5.4.7.1
Names c-l
Superior Type l
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
Collective true
User Modification Allowed true
Usage userApplications
Origin RFC 3671
Schema File 00-core.ldif

1.35. c-o

Organization name for a collection of entries.

OID 2.5.4.10.1
Names c-o
Superior Type o
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
Collective true
User Modification Allowed true
Usage userApplications
Origin RFC 3671
Schema File 00-core.ldif

1.36. c-ou

Organizational unit name for a collection of entries.

OID 2.5.4.11.1
Names c-ou
Superior Type ou
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
Collective true
User Modification Allowed true
Usage userApplications
Origin RFC 3671
Schema File 00-core.ldif

1.37. c-PhysicalDeliveryOfficeName

Post office for a collection of entries.

OID 2.5.4.19.1
Names c-PhysicalDeliveryOfficeName
Superior Type physicalDeliveryOfficeName
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
Collective true
User Modification Allowed true
Usage userApplications
Origin RFC 3671
Schema File 00-core.ldif

1.38. c-PostalAddress

Postal address for a collection of entries.

OID 2.5.4.16.1
Names c-PostalAddress
Superior Type postalAddress
Equality Matching Rule caseIgnoreListMatch
Substring Matching Rule caseIgnoreListSubstringsMatch
Syntax PostalAddress
Single Value false: multiple values allowed
Collective true
User Modification Allowed true
Usage userApplications
Origin RFC 3671
Schema File 00-core.ldif

1.39. c-PostalCode

Postal code for a collection of entries.

OID 2.5.4.17.1
Names c-PostalCode
Superior Type postalCode
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
Collective true
User Modification Allowed true
Usage userApplications
Origin RFC 3671
Schema File 00-core.ldif

1.40. c-PostOfficeBox

Postal box identifier for a collection of entries.

OID 2.5.4.18.1
Names c-PostOfficeBox
Superior Type postOfficeBox
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
Collective true
User Modification Allowed true
Usage userApplications
Origin RFC 3671
Schema File 00-core.ldif

1.41. c-st

Full name of a state or province for a collection of entries.

OID 2.5.4.8.1
Names c-st
Superior Type st
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
Collective true
User Modification Allowed true
Usage userApplications
Origin RFC 3671
Schema File 00-core.ldif

1.42. c-street

Street address for a collection of entries.

OID 2.5.4.9.1
Names c-street
Superior Type street
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
Collective true
User Modification Allowed true
Usage userApplications
Origin RFC 3671
Schema File 00-core.ldif

1.43. c-TelephoneNumber

Phone number for a collection of entries.

OID 2.5.4.20.1
Names c-TelephoneNumber
Superior Type telephoneNumber
Equality Matching Rule telephoneNumberMatch
Substring Matching Rule telephoneNumberSubstringsMatch
Syntax TelephoneNumber
Single Value false: multiple values allowed
Collective true
User Modification Allowed true
Usage userApplications
Origin RFC 3671
Schema File 00-core.ldif

1.44. c-TelexNumber

Telex terminal number for a collection of entries.

OID 2.5.4.21.1
Names c-TelexNumber
Superior Type telexNumber
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax TelexNumber
Single Value false: multiple values allowed
Collective true
User Modification Allowed true
Usage userApplications
Origin RFC 3671
Schema File 00-core.ldif

1.45. c

Two-letter ISO 3166 country code.

OID 2.5.4.6
Names c, countryName
Superior Type name
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax CountryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.46. cACertificate

X.509 certificate issued to the Certificate Authority (CA), as described in X.509 clause 11.2.2.

Request and transfer values using the binary option for the attribute description, cACertificate;binary.

OID 2.5.4.37
Names cACertificate
Equality Matching Rule certificateExactMatch
Ordering Matching Rule octetStringOrderingMatch
Syntax Certificate
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4523
Schema File 00-core.ldif

1.47. calCalAdrURI

Protocol-independent location for a calendaring and scheduling client to send an event request to a user.

OID 1.2.840.113556.1.4.481
Names calCalAdrURI
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 2739
Schema File 03-rfc2739.ldif

1.48. calCalURI

Protocol-independent location for a calendaring and scheduling client to retrieve an entire snapshot copy of a user's calendar as one or more iCalendar objects.

OID 1.2.840.113556.1.4.478
Names calCalURI
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 2739
Schema File 03-rfc2739.ldif

1.49. calCAPURI

Protocol-independent location for a calendaring and scheduling client can communicate with a user's entire calendar.

OID 1.2.840.113556.1.4.480
Names calCAPURI
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 2739
Schema File 03-rfc2739.ldif

1.50. calFBURL

Protocol-independent location for a calendaring and scheduling client to retrieve information about when a user is busy as an iCalendar object with one or more "VFREEBUSY" calendar components.

OID 1.2.840.113556.1.4.479
Names calFBURL
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 2739
Schema File 03-rfc2739.ldif

1.51. calOtherCalAdrURIs

Protocol-independent additional locations for a calendaring and scheduling client to send event requests to a user.

OID 1.2.840.113556.1.4.485
Names calOtherCalAdrURIs
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 2739
Schema File 03-rfc2739.ldif

1.52. calOtherCalURIs

Protocol-independent location for a calendaring and scheduling client to retrieve snapshots of other calendars a user has as iCalendar objects.

OID 1.2.840.113556.1.4.482
Names calOtherCalURIs
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 2739
Schema File 03-rfc2739.ldif

1.53. calOtherCAPURIs

Protocol-independent location for a calendaring and scheduling client can communicate with a user's other calendars.

OID 1.2.840.113556.1.4.484
Names calOtherCAPURIs
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 2739
Schema File 03-rfc2739.ldif

1.54. calOtherFBURLs

Protocol-independent location for a calendaring and scheduling client to retrieve other information about when a user is busy as iCalendar objects with one or more "VFREEBUSY" calendar components.

OID 1.2.840.113556.1.4.483
Names calOtherFBURLs
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 2739
Schema File 03-rfc2739.ldif

1.55. carLicense

Car license or registration plate number for a person's vehicle.

OID 2.16.840.1.113730.3.1.1
Names carLicense
Description vehicle license or registration plate
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 2798
Schema File 00-core.ldif

1.56. certificateRevocationList

X.509 certificate lists, as described in X.509 clause 11.2.4.

Request and transfer values using the binary option for the attribute description, certificateRevocationList;binary.

OID 2.5.4.39
Names certificateRevocationList
Equality Matching Rule octetStringMatch
Ordering Matching Rule octetStringOrderingMatch
Syntax CertificateList
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4523
Schema File 00-core.ldif

1.57. changeInitiatorsName

Points to the entry that initiated the modification.

OID 1.3.6.1.4.1.26027.1.1.604
Names changeInitiatorsName
Description The initiator user of the change
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage directoryOperation
Origin OpenDS Directory Server
Schema File 03-changelog.ldif

1.58. changelog

OID 2.16.840.1.113730.3.1.35
Names changelog
Description the distinguished name of the entry which contains the set of entries comprising this servers changelog
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value true
User Modification Allowed false
Usage directoryOperation
Origin draft-good-ldap-changelog
Schema File 00-core.ldif

1.59. changeLogCookie

Opaque unique identifier for a change in distributed replication changelog.

OID 1.3.6.1.4.1.26027.1.1.591
Names changeLogCookie
Description The OpenDS opaque cookie for the External Changelog
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage directoryOperation
Origin OpenDS Directory Server
Schema File 03-changelog.ldif

1.60. changeNumber

The set of changes made to a directory server is given by the set of all entries in the changelog, ordered by changeNumber, which strictly increases for a given server.

Note The changeNumber is unique to a server, and not necessarily shared or synchronized across servers. The change numbers for ForgeRock servers can be synchronized using the dsreplication reset-change-number command. ForgeRock servers also provide an alternative changeLogCookie attribute, which can be used reliably across a replicated topology.

A client application may synchronize its local copy of directory data by reading the server's changelog for entries where the changeNumber is greater than or equal to the last change that the client read from the server. A server can, however, trim its changelog. If the last change read from the changelog is not returned in search results, the client application must fall back to rebuilding its entire copy of directory data.

OID 2.16.840.1.113730.3.1.5
Names changeNumber
Description a number which uniquely identifies a change made to a directory entry
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-good-ldap-changelog
Schema File 03-changelog.ldif

1.61. changes

OID 2.16.840.1.113730.3.1.8
Names changes
Description a set of changes to apply to an entry
Equality Matching Rule octetStringMatch
Ordering Matching Rule octetStringOrderingMatch
Syntax OctetString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin draft-good-ldap-changelog
Schema File 03-changelog.ldif

1.62. changeTime

Indicates when an entry was changed for replication.

OID 2.16.840.1.113730.3.1.77
Names changeTime
Description the time when the change was processed
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin Sun Directory Server
Schema File 03-changelog.ldif

1.63. changeType

The type of change made to the entry specified by the targetDN attribute of the changelog entry. One of:

  • add

  • delete

  • modify

  • modrdn

OID 2.16.840.1.113730.3.1.7
Names changeType
Description the type of change made to an entry
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-good-ldap-changelog
Schema File 03-changelog.ldif

1.64. cn

X.500 commonName attribute that contains the name of an object.

When used for a person, this attribute contains the full name.

OID 2.5.4.3
Names cn, commonName
Superior Type name
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.65. cNAMERecord

A type CNAME (canonical name) DNS resource record.

OID 0.9.2342.19200300.100.1.31
Names cNAMERecord
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 1274
Schema File 00-core.ldif

1.66. co

Friendly country name in human readable format. This attribute is commonly used with c country name, whose values are two-letter codes defined in the ISO 3166 standard.

OID 0.9.2342.19200300.100.1.43
Names co, friendlyCountryName
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4524
Schema File 00-core.ldif

1.67. collectiveAttributeSubentries

This operational attribute identifies the collective attribute subentries that apply to the entry.

OID 2.5.18.12
Names collectiveAttributeSubentries
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value false: multiple values allowed
User Modification Allowed false
Usage directoryOperation
Origin RFC 3671
Schema File 00-core.ldif

1.68. collectiveConflictBehavior

Indicates how to handle conflicts between real (stored) and virtual (computed) attribute values.

OID 1.3.6.1.4.1.26027.1.1.606
Names collectiveConflictBehavior
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule 1.3.6.1.4.1.26027.1.4.8.1.3.6.1.4.1.26027.1.3.6
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax CollectiveConflictBehavior
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDS Directory Server
Schema File 00-core.ldif

1.69. collectiveExclusions

This operational attribute identifies the collective attributes to exclude from the entry. The value excludeAllCollectiveAttributes causes all collective attributes to be excluded.

OID 2.5.18.7
Names collectiveExclusions
Equality Matching Rule objectIdentifierMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax OID
Single Value false: multiple values allowed
User Modification Allowed true
Usage directoryOperation
Origin RFC 3671
Schema File 00-core.ldif

1.70. compareRequests

OID 1.3.6.1.4.1.36733.2.1.1.79
Names compareRequests
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.71. compareResponses

OID 1.3.6.1.4.1.36733.2.1.1.80
Names compareResponses
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.72. connectionsClosed

OID 1.3.6.1.4.1.36733.2.1.1.66
Names connectionsClosed
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.73. connectionsEstablished

OID 1.3.6.1.4.1.36733.2.1.1.65
Names connectionsEstablished
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.74. corbaIor

String representation of an interoperable object reference (IOR) for a CORBA object. The value holds all the information necessary to locate the object even if it is in another ORB.

OID 1.3.6.1.4.1.42.2.27.4.1.14
Names corbaIor
Description Stringified interoperable object reference of a CORBA object
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 2714
Schema File 03-rfc2714.ldif

1.75. corbaRepositoryId

Unique repository ID, also known as type ID, for a CORBA interface. Multiple values reflect multiple interfaces, but the list is not necessarily complete.

Although the value string can be of any syntax, the following ID styles are specified:

IDL style: IDL:Prefix/ModuleName/InterfaceName:VersionNumber

Format used for standard interface definition language (IDL) IDs.

RMI style: RMI:ClassName:HashCode[:SUID]

Format used by RMI-IIOP remote objects.

  • ClassName is the fully qualified name of the class.

  • HashCode is the result of the object's hashCode() method.

  • SUID is the 64-bit stream unique identifier for the serialization version of the class.

DCE style: DCE:UUID

Format used for DCE/CORBA interoperability, where the UUID represents a DCE UUID.

Local

The format is defined by the local Object Request Broker (ORB).

OID 1.3.6.1.4.1.42.2.27.4.1.15
Names corbaRepositoryId
Description Repository ids of interfaces implemented by a CORBA object
Equality Matching Rule caseExactMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 2714
Schema File 03-rfc2714.ldif

1.76. createTimestamp

For entries added over protocol (by an LDAP add request), this operational attribute reflects the time the entry was first added.

OID 2.5.18.1
Names createTimestamp
Equality Matching Rule generalizedTimeMatch
Ordering Matching Rule generalizedTimeOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax GeneralizedTime
Single Value true
User Modification Allowed false
Usage directoryOperation
Origin RFC 4512
Schema File 00-core.ldif

1.77. creatorsName

For entries added over protocol (by an LDAP add request), this operational attribute indicates the DN of the creator's entry.

OID 2.5.18.3
Names creatorsName
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value true
User Modification Allowed false
Usage directoryOperation
Origin RFC 4512
Schema File 00-core.ldif

1.78. credentialLevel

OID 1.3.6.1.4.1.11.1.3.1.1.10
Names credentialLevel
Description Identifies type of credentials either used, required, or supported by an agent or service
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4876
Schema File 05-rfc4876.ldif

1.79. crossCertificatePair

X.509 certificate pair, as described in X.509 clause 11.2.3.

Request and transfer values using the binary option for the attribute description, crossCertificatePair;binary.

OID 2.5.4.40
Names crossCertificatePair
Equality Matching Rule octetStringMatch
Ordering Matching Rule octetStringOrderingMatch
Syntax CertificatePair
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4523
Schema File 00-core.ldif

1.80. dc

Domain component as described in RFC 1274, where each attribute value holds one component, or label, of a DNS domain name. A value of this attribute is a string of ASCII characters following this ABNF:

label = (ALPHA / DIGIT) [*61(ALPHA / DIGIT / HYPHEN) (ALPHA / DIGIT)]
ALPHA   = %x41-5A / %x61-7A     ; "A"-"Z" / "a"-"z"
DIGIT   = %x30-39               ; "0"-"9"
HYPHEN  = %x2D                  ; hyphen ("-")
    

Examples: example, com (but not example.com)

OID 0.9.2342.19200300.100.1.25
Names dc, domainComponent
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreIA5SubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.81. defaultSearchBase

OID 1.3.6.1.4.1.11.1.3.1.1.1
Names defaultSearchBase
Description Default base for searches
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4876
Schema File 05-rfc4876.ldif

1.82. defaultSearchScope

OID 1.3.6.1.4.1.11.1.3.1.1.12
Names defaultSearchScope
Description Default scope used when performing a search
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4876
Schema File 05-rfc4876.ldif

1.83. defaultServerList

OID 1.3.6.1.4.1.11.1.3.1.1.0
Names defaultServerList
Description List of default servers
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4876
Schema File 05-rfc4876.ldif

1.84. deleteOldRDN

OID 2.16.840.1.113730.3.1.10
Names deleteOldRDN
Description a flag which indicates if the old RDN should be retained as an attribute of the entry
Equality Matching Rule booleanMatch
Syntax Boolean
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-good-ldap-changelog
Schema File 03-changelog.ldif

1.85. deleteRequests

OID 1.3.6.1.4.1.36733.2.1.1.81
Names deleteRequests
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.86. deleteResponses

OID 1.3.6.1.4.1.36733.2.1.1.82
Names deleteResponses
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.87. deltaRevocationList

X.509 certificate lists, as described in X.509 clause 11.2.6.

Request and transfer values using the binary option for the attribute description, deltaRevocationList;binary.

OID 2.5.4.53
Names deltaRevocationList
Equality Matching Rule octetStringMatch
Ordering Matching Rule octetStringOrderingMatch
Syntax CertificateList
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4523
Schema File 00-core.ldif

1.88. departmentNumber

Code for the department that a person belongs to.

Examples: 1234, ABC/123.

OID 2.16.840.1.113730.3.1.2
Names departmentNumber
Description identifies a department within an organization
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 2798
Schema File 00-core.ldif

1.89. dereferenceAliases

OID 1.3.6.1.4.1.11.1.3.1.1.16
Names dereferenceAliases
Description Specifies if a service or agent either requires, supports, or uses dereferencing of aliases.
Equality Matching Rule booleanMatch
Syntax Boolean
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4876
Schema File 05-rfc4876.ldif

1.90. description

Human-readable descriptive phrase about the entry.

OID 2.5.4.13
Names description
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.91. destinationIndicator

Country and city strings used by the Public Telegram Service.

The strings depend on CCITT Recommendations F.1 and F.31.

Examples: AASD (Sydney, Australia), GBLD (London, United Kingdom)

OID 2.5.4.27
Names destinationIndicator
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax PrintableString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.92. displayName

Name to be used for displaying an entry, especially in a one-line summary list.

OID 2.16.840.1.113730.3.1.241
Names displayName
Description preferred name of a person to be used when displaying entries
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 2798
Schema File 00-core.ldif

1.93. distinguishedName

Base type for user attribute types with DN syntax.

OID 2.5.4.49
Names distinguishedName
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.94. dITContentRules

This operational attribute used in LDAP schema defines DIT content rules, which specify the content of entries with a given structural object class.

OID 2.5.21.2
Names dITContentRules
Equality Matching Rule objectIdentifierFirstComponentMatch
Syntax DITContentRuleDescription
Single Value false: multiple values allowed
User Modification Allowed true
Usage directoryOperation
Origin RFC 4512
Schema File 00-core.ldif

1.95. dITRedirect

DN indicating a newer entry for this entry. This entry should expire after a suitable grace period, for example, after the person changes organizations.

OID 0.9.2342.19200300.100.1.54
Names dITRedirect
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 1274
Schema File 00-core.ldif

1.96. dITStructureRules

This operational attribute used in LDAP schema defines DIT structure rules, which specify the names entries may have, and how entries may be related to each other.

OID 2.5.21.1
Names dITStructureRules
Equality Matching Rule integerFirstComponentMatch
Syntax DITStructureRuleDescription
Single Value false: multiple values allowed
User Modification Allowed true
Usage directoryOperation
Origin RFC 4512
Schema File 00-core.ldif

1.97. dmdName

A Directory Management Domain (DMD) name. The DMD is the administrative authority for this directory server.

OID 2.5.4.54
Names dmdName
Superior Type name
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 2256
Schema File 00-core.ldif

1.98. dnQualifier

Disambiguating information for the RDN of an entry. The information can be used to avoid conflicts when merging data from multiple sources.

All values for this attribute from a particular source should be the same.

OID 2.5.4.46
Names dnQualifier
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax PrintableString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.99. documentAuthor

DNs of the entries for authors and editors of a document.

OID 0.9.2342.19200300.100.1.14
Names documentAuthor
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4524
Schema File 00-core.ldif

1.100. documentIdentifier

Unique identifier(s) of a document.

OID 0.9.2342.19200300.100.1.11
Names documentIdentifier
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4524
Schema File 00-core.ldif

1.101. documentLocation

Location(s) of the document original.

OID 0.9.2342.19200300.100.1.15
Names documentLocation
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4524
Schema File 00-core.ldif

1.102. documentPublisher

DNs of the person or organization who published the document. Joint publications have one value per publisher.

OID 0.9.2342.19200300.100.1.56
Names documentPublisher
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4524
Schema File 00-core.ldif

1.103. documentTitle

Titles of a document, where multiple values can specify different forms, such as long and short versions.

OID 0.9.2342.19200300.100.1.12
Names documentTitle
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4524
Schema File 00-core.ldif

1.104. documentVersion

OID 0.9.2342.19200300.100.1.13
Names documentVersion
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4524
Schema File 00-core.ldif

1.105. drink

OID 0.9.2342.19200300.100.1.5
Names drink, favouriteDrink
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4524
Schema File 00-core.ldif

1.106. ds-certificate-fingerprint

Holds a digital certificate fingerprint value for mapping an incoming certificate to a user entry.

OID 1.3.6.1.4.1.26027.1.1.268
Names ds-certificate-fingerprint
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin OpenDS Directory Server
Schema File 02-config.ldif

1.107. ds-certificate-subject-dn

Holds a digital certificate subject DN value for mapping an incoming certificate to a user entry.

OID 1.3.6.1.4.1.26027.1.1.266
Names ds-certificate-subject-dn
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin OpenDS Directory Server
Schema File 02-config.ldif

1.108. ds-private-naming-contexts

Holds the DNs that constitute the set of private naming contexts registered with the server, not for external use by applications.

OID 1.3.6.1.4.1.26027.1.1.246
Names ds-private-naming-contexts
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value false: multiple values allowed
User Modification Allowed true
Usage directoryOperation
Origin OpenDS Directory Server
Schema File 02-config.ldif

1.109. ds-privilege-name

Holds an administrative privilege. See the directory server documentation for details.

OID 1.3.6.1.4.1.26027.1.1.260
Names ds-privilege-name
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage directoryOperation
Origin OpenDS Directory Server
Schema File 02-config.ldif

1.110. ds-pwp-account-disabled

TRUE if the user's account has been disabled by an administrator.

OID 1.3.6.1.4.1.26027.1.1.166
Names ds-pwp-account-disabled
Equality Matching Rule booleanMatch
Syntax Boolean
Single Value true
User Modification Allowed true
Usage directoryOperation
Origin OpenDS Directory Server
Schema File 02-config.ldif

1.111. ds-pwp-account-expiration-time

Indicates when a temporary account expires, after which it can no longer be used to authenticate.

OID 1.3.6.1.4.1.26027.1.1.237
Names ds-pwp-account-expiration-time
Equality Matching Rule generalizedTimeMatch
Ordering Matching Rule generalizedTimeOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax GeneralizedTime
Single Value true
User Modification Allowed true
Usage directoryOperation
Origin OpenDS Directory Server
Schema File 02-config.ldif

1.112. ds-pwp-last-login-time

Holds a timestamp of the last successful bind.

OID 1.3.6.1.4.1.26027.1.1.162
Names ds-pwp-last-login-time
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage directoryOperation
Origin OpenDS Directory Server
Schema File 02-config.ldif

1.113. ds-pwp-password-changed-by-required-time

Indicates whether the user's password was changed as required by the password policy.

OID 1.3.6.1.4.1.26027.1.1.163
Names ds-pwp-password-changed-by-required-time
Equality Matching Rule generalizedTimeMatch
Ordering Matching Rule generalizedTimeOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax GeneralizedTime
Single Value true
User Modification Allowed true
Usage directoryOperation
Origin OpenDS Directory Server
Schema File 02-config.ldif

1.114. ds-pwp-password-expiration-time

Indicates when the password for the current entry expires.

OID 1.3.6.1.4.1.36733.2.1.1.60
Names ds-pwp-password-expiration-time, pwdExpirationTime
Equality Matching Rule generalizedTimeMatch
Ordering Matching Rule generalizedTimeOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax GeneralizedTime
Single Value true
User Modification Allowed false
Usage directoryOperation
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.115. ds-pwp-password-policy-dn

Pointer to the entry holding the password policy for the current entry.

OID 1.3.6.1.4.1.26027.1.1.244
Names ds-pwp-password-policy-dn
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value false: multiple values allowed
User Modification Allowed true
Usage directoryOperation
Origin OpenDS Directory Server
Schema File 02-config.ldif

1.116. ds-pwp-reset-time

Indicates when the user's password was reset.

OID 1.3.6.1.4.1.26027.1.1.164
Names ds-pwp-reset-time
Equality Matching Rule generalizedTimeMatch
Ordering Matching Rule generalizedTimeOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax GeneralizedTime
Single Value true
User Modification Allowed true
Usage directoryOperation
Origin OpenDS Directory Server
Schema File 02-config.ldif

1.117. ds-pwp-warned-time

Indicates when the user was first warned about an expiring password.

OID 1.3.6.1.4.1.26027.1.1.165
Names ds-pwp-warned-time
Equality Matching Rule generalizedTimeMatch
Ordering Matching Rule generalizedTimeOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax GeneralizedTime
Single Value true
User Modification Allowed true
Usage directoryOperation
Origin OpenDS Directory Server
Schema File 02-config.ldif

1.118. ds-rlim-idle-time-limit

Sets the maximum time the server allows the user to hold an idle connection open.

OID 1.3.6.1.4.1.26027.1.1.394
Names ds-rlim-idle-time-limit
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage directoryOperation
Origin OpenDS Directory Server
Schema File 02-config.ldif

1.119. ds-rlim-lookthrough-limit

Sets the maximum number of entries the server considers when processing a search by the user.

OID 1.3.6.1.4.1.26027.1.1.241
Names ds-rlim-lookthrough-limit
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage directoryOperation
Origin OpenDS Directory Server
Schema File 02-config.ldif

1.120. ds-rlim-size-limit

Sets the maximum number of entries returned for a search by the user.

OID 1.3.6.1.4.1.26027.1.1.116
Names ds-rlim-size-limit
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage directoryOperation
Origin OpenDS Directory Server
Schema File 02-config.ldif

1.121. ds-rlim-time-limit

Sets the maximum server processing time for a search by the user.

OID 1.3.6.1.4.1.26027.1.1.117
Names ds-rlim-time-limit
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage directoryOperation
Origin OpenDS Directory Server
Schema File 02-config.ldif

1.122. ds-sync-conflict

For an entry resulting from a replication conflict, holds the DN that the entry would have had without the conflict.

OID 1.3.6.1.4.1.26027.1.1.317
Names ds-sync-conflict
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value false: multiple values allowed
User Modification Allowed true
Usage directoryOperation
Origin OpenDS Directory Server
Schema File 02-config.ldif

1.123. ds-sync-fractional-exclude

Indicates which attributes to exclude in fractional replication.

OID 1.3.6.1.4.1.26027.1.1.589
Names ds-sync-fractional-exclude
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage directoryOperation
Origin OpenDS Directory Server
Schema File 02-config.ldif

1.124. ds-sync-fractional-include

Indicates which attributes to include in fractional replication.

OID 1.3.6.1.4.1.26027.1.1.588
Names ds-sync-fractional-include
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage directoryOperation
Origin OpenDS Directory Server
Schema File 02-config.ldif

1.125. ds-sync-generation-id

Holds the replication generation ID for a backend.

OID 1.3.6.1.4.1.26027.1.1.405
Names ds-sync-generation-id
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage directoryOperation
Origin OpenDS Directory Server
Schema File 02-config.ldif

1.126. ds-sync-hist

Holds historical information for replication.

OID 1.3.6.1.4.1.26027.1.1.119
Names ds-sync-hist
Equality Matching Rule octetStringMatch
Ordering Matching Rule historicalCsnOrderingMatch
Syntax OctetString
Single Value false: multiple values allowed
User Modification Allowed false
Usage directoryOperation
Origin OpenDS Directory Server
Schema File 02-config.ldif

1.127. ds-sync-state

Holds replication state information for a backend.

OID 1.3.6.1.4.1.26027.1.1.185
Names ds-sync-state
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage directoryOperation
Origin OpenDS Directory Server
Schema File 02-config.ldif

1.128. ds-target-group-dn

Pointer to a group to be shown as a virtual static group.

OID 1.3.6.1.4.1.26027.1.1.292
Names ds-target-group-dn
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDS Directory Server
Schema File 02-config.ldif

1.129. dSAQuality

Directory administrators can use this attribute to indicate the quality (availability) of this Directory System Agent (DSA).

OID 0.9.2342.19200300.100.1.49
Names dSAQuality
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 1274
Schema File 00-core.ldif

1.130. emailAddress

OID 1.2.840.113549.1.9.1
Names emailAddress
Description represents the email address part of an X.509 certificate
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 2985
Schema File 00-core.ldif

1.131. employeeNumber

Identifier that depends on the organization. It often reflects the order of hire or association with the organization.

OID 2.16.840.1.113730.3.1.3
Names employeeNumber
Description numerically identifies an employee within an organization
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 2798
Schema File 00-core.ldif

1.132. employeeType

Identifier for the employee to employer relationship, such as Employee, Contractor, or Temp. The values used depend on the classification of employees.

OID 2.16.840.1.113730.3.1.4
Names employeeType
Description type of employment for a person
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 2798
Schema File 00-core.ldif

1.133. enhancedSearchGuide

Sets of information used by directory clients when constructing search filters.

Examples: person#(sn$APPROX)#wholeSubtree, organizationalUnit#(ou$SUBSTR)#oneLevel

OID 2.5.4.47
Names enhancedSearchGuide
Equality Matching Rule octetStringMatch
Ordering Matching Rule octetStringOrderingMatch
Syntax EnhancedGuide
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.134. entryDN

An entry's distinguished name is not an attribute of the entry.

This operational attribute makes it possible to perform attribute value assertions against the DN of the entry, enabling operations such as LDAP compare and LDAP search.

OID 1.3.6.1.1.20
Names entryDN
Description DN of the entry
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value true
User Modification Allowed false
Usage directoryOperation
Origin RFC 5020
Schema File 00-core.ldif

1.135. entryUUID

Holds a Universally Unique Identifier (UUID) assigned to the entry.

The server generates the value of this operational attribute when adding the entry to the directory.

A UUID is a 16-octet (128-bit) string, constrained to the namespace specified in , and encoded using the ASCII representation.

Example: 597ae2f6-16a6-1027-98f4-d28b5365dc14.

OID 1.3.6.1.1.16.4
Names entryUUID
Description UUID of the entry
Equality Matching Rule uuidMatch
Ordering Matching Rule uuidOrderingMatch
Syntax UUID
Single Value true
User Modification Allowed false
Usage directoryOperation
Origin RFC 4530
Schema File 00-core.ldif

1.136. etag

Specifies an entity tag suitable for external use when comparing two versions of an entry.

OID 1.3.6.1.4.1.36733.2.1.1.59
Names etag
Equality Matching Rule caseExactMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax PrintableString
Single Value true
User Modification Allowed false
Usage directoryOperation
Origin OpenDJ Directory Server
Schema File 00-core.ldif

1.137. extendedRequests

OID 1.3.6.1.4.1.36733.2.1.1.83
Names extendedRequests
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.138. extendedResponses

OID 1.3.6.1.4.1.36733.2.1.1.84
Names extendedResponses
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.139. facsimileTelephoneNumber

Fax phone number, such as +1 415 555 1212 or +1 415 555 1212$fineResolution.

OID 2.5.4.23
Names facsimileTelephoneNumber
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax FacsimileTelephoneNumber
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.140. firstChangeNumber

Holds the oldest change number in the changelog.

OID 1.3.6.1.4.1.26027.1.1.593
Names firstChangeNumber
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage directoryOperation
Origin OpenDS Directory Server
Schema File 00-core.ldif

1.141. followReferrals

OID 1.3.6.1.4.1.11.1.3.1.1.5
Names followReferrals
Description An agent or service does or should follow referrals
Equality Matching Rule booleanMatch
Syntax Boolean
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4876
Schema File 05-rfc4876.ldif

1.142. fullVendorVersion

Holds the vendor version including the build number.

OID 1.3.6.1.4.1.36733.2.1.1.141
Names fullVendorVersion
Equality Matching Rule caseExactIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed false
Usage dSAOperation
Origin OpenDJ Directory Server
Schema File 00-core.ldif

1.143. gecos

OID 1.3.6.1.1.1.1.2
Names gecos
Description The GECOS field; the common name
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreIA5SubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.144. generationQualifier

Name strings typically forming the suffix part of a person's name.

Examples: Jr., 3rd

OID 2.5.4.44
Names generationQualifier
Superior Type name
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.145. gidNumber

OID 1.3.6.1.1.1.1.1
Names gidNumber
Description An integer uniquely identifying a group in an administrative domain
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.146. givenName

Part of a person's name that is neither their surname nor their middle name.

OID 2.5.4.42
Names givenName
Superior Type name
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.147. governingStructureRule

Indicates the structure rule governing the entry. The structure rule defines the names entries may have, and how entries may be related to each other.

OID 2.5.21.10
Names governingStructureRule
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed false
Usage directoryOperation
Origin RFC 4512
Schema File 00-core.ldif

1.148. hasSubordinates

Indicates whether the entry has any subordinate entries.

OID 2.5.18.9
Names hasSubordinates
Equality Matching Rule booleanMatch
Syntax Boolean
Single Value true
User Modification Allowed false
Usage directoryOperation
Origin X.501
Schema File 00-core.ldif

1.149. homeDirectory

OID 1.3.6.1.1.1.1.3
Names homeDirectory
Description The absolute path to the home directory
Equality Matching Rule caseExactIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.150. homePhone

Home phone number, such as +1 415 555 1212.

OID 0.9.2342.19200300.100.1.20
Names homePhone, homeTelephoneNumber
Equality Matching Rule telephoneNumberMatch
Substring Matching Rule telephoneNumberSubstringsMatch
Syntax TelephoneNumber
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4524
Schema File 00-core.ldif

1.151. homePostalAddress

Home postal address for an object, such as 1234 Main St.$Anytown, CA 12345$USA. Values are expected to be no longer than 6 directory strings of 30 characters each, although servers are not expected to enforce these limits.

OID 0.9.2342.19200300.100.1.39
Names homePostalAddress
Equality Matching Rule caseIgnoreListMatch
Substring Matching Rule caseIgnoreListSubstringsMatch
Syntax PostalAddress
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4524
Schema File 00-core.ldif

1.152. host

Hostname of a computer, generally as a fully qualified domain name such as server.example.com.

OID 0.9.2342.19200300.100.1.9
Names host
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4524
Schema File 00-core.ldif

1.153. houseIdentifier

OID 2.5.4.51
Names houseIdentifier
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.154. includedAttributes

In a changelog entry, holds the attributes on the entry prior to the change.

OID 1.3.6.1.4.1.36733.2.1.1.6
Names includedAttributes
Description A set of attributes which were part of the entry before the changes were applied
Equality Matching Rule octetStringMatch
Ordering Matching Rule octetStringOrderingMatch
Syntax OctetString
Single Value true
User Modification Allowed true
Usage directoryOperation
Origin OpenDJ Directory Server
Schema File 03-changelog.ldif

1.155. info

General information associated with the object represented by the directory entry. Applications should not ascribe specific semantics to the value of this attribute.

OID 0.9.2342.19200300.100.1.4
Names info
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4524
Schema File 00-core.ldif

1.156. inheritable

OID 1.3.6.1.4.1.7628.5.4.1
Names inheritable
Equality Matching Rule booleanMatch
Syntax Boolean
Single Value true
User Modification Allowed false
Usage dSAOperation
Origin draft-ietf-ldup-subentry
Schema File 00-core.ldif

1.157. inheritAttribute

Holds the name of a collective attribute to inherit.

OID 1.3.6.1.4.1.26027.1.1.625
Names inheritAttribute
Equality Matching Rule objectIdentifierMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax OID
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin OpenDS Directory Server
Schema File 00-core.ldif

1.158. inheritFromBaseRDN

Holds the RDN of the base entry under which the entries are found from which to inherit collective attributes.

OID 1.3.6.1.4.1.26027.1.1.622
Names inheritFromBaseRDN
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDS Directory Server
Schema File 00-core.ldif

1.159. inheritFromDNAttribute

Holds the DN-syntax attribute specifying the entry from which to inherit collective attributes.

OID 1.3.6.1.4.1.26027.1.1.621
Names inheritFromDNAttribute
Equality Matching Rule objectIdentifierMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax OID
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDS Directory Server
Schema File 00-core.ldif

1.160. inheritFromRDNAttribute

Holds the RDN attribute of the entry from which to inherit collective attributes.

OID 1.3.6.1.4.1.26027.1.1.624
Names inheritFromRDNAttribute
Equality Matching Rule objectIdentifierMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax OID
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDS Directory Server
Schema File 00-core.ldif

1.161. inheritFromRDNType

Holds the RDN attribute type of the entry from which to inherit collective attributes.

OID 1.3.6.1.4.1.26027.1.1.623
Names inheritFromRDNType
Equality Matching Rule objectIdentifierMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax OID
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDS Directory Server
Schema File 00-core.ldif

1.162. initials

Strings of initials of some or all of a person's names, excluding the surname(s). Each string is one value of the attribute.

OID 2.5.4.43
Names initials
Superior Type name
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.163. internationaliSDNNumber

Integrated Services Digital Network (ISDN) addresses, as specified by the International Telecommunication Union (ITU) Recommendation E.164.

OID 2.5.4.25
Names internationaliSDNNumber
Equality Matching Rule numericStringMatch
Ordering Matching Rule numericStringOrderingMatch
Substring Matching Rule numericStringSubstringsMatch
Syntax NumericString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.164. ipHostNumber

OID 1.3.6.1.1.1.1.19
Names ipHostNumber
Description IPv4 addresses as a dotted decimal omitting leading zeros or IPv6 addresses as defined in RFC2373
Superior Type name
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.165. ipNetmaskNumber

OID 1.3.6.1.1.1.1.21
Names ipNetmaskNumber
Description IP netmask as a dotted decimal, eg. 255.255.255.0, omitting leading zeros
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.166. ipNetworkNumber

OID 1.3.6.1.1.1.1.20
Names ipNetworkNumber
Description IP network as a dotted decimal, eg. 192.168, omitting leading zeros
Superior Type name
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.167. ipProtocolNumber

OID 1.3.6.1.1.1.1.17
Names ipProtocolNumber
Description IP protocol number
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.168. ipServicePort

OID 1.3.6.1.1.1.1.15
Names ipServicePort
Description Service port number
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.169. ipServiceProtocol

OID 1.3.6.1.1.1.1.16
Names ipServiceProtocol
Description Service protocol name
Superior Type name
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.170. ipTnetNumber

OID 1.3.6.1.4.1.42.2.27.5.1.68
Names ipTnetNumber
Description Trusted Solaris network template ip_address
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.171. ipTnetTemplateName

OID 1.3.6.1.4.1.42.2.27.5.1.67
Names ipTnetTemplateName
Description Trusted Solaris network template template_name
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.172. isMemberOf

Shows group DNs of which this entry is a member.

OID 1.3.6.1.4.1.42.2.27.9.1.792
Names isMemberOf
Description Sun-defined attribute type
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value false: multiple values allowed
User Modification Allowed false
Usage directoryOperation
Origin Sun Java System Directory Server
Schema File 00-core.ldif

1.173. janetMailbox

Electronic mailbox attribute using the syntax specified in the Grey Book of the Coloured Book protocols. See, for example, the Wikipedia article on .

Example: janetMail: user@UK.CO.EXAMPLE.

Entries using this attribute must also include an rfc822Mailbox attribute, such as mail: user@example.co.uk.

OID 0.9.2342.19200300.100.1.46
Names janetMailbox
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 1274
Schema File 00-core.ldif

1.174. javaClassName

Case-sensitive fully qualified name of a Java class or interface.

OID 1.3.6.1.4.1.42.2.27.4.1.6
Names javaClassName
Description Fully qualified name of distinguished Java class or interface
Equality Matching Rule caseExactMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 2713
Schema File 03-rfc2713.ldif

1.175. javaClassNames

Case-sensitive fully qualified names of a Java class or interface. Multiple values represent a class or interface name of this object, or of an ancestor class or interface of this object.

OID 1.3.6.1.4.1.42.2.27.4.1.13
Names javaClassNames
Description Fully qualified Java class or interface name
Equality Matching Rule caseExactMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 2713
Schema File 03-rfc2713.ldif

1.176. javaCodebase

Location from which to load the class specified by the javaClassName attribute.

If multiple values are present, each value is an independent code base, meaning each is an alternative location from which to load the class definition.

OID 1.3.6.1.4.1.42.2.27.4.1.7
Names javaCodebase
Description URL(s) specifying the location of class definition
Equality Matching Rule caseExactIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 2713
Schema File 03-rfc2713.ldif

1.177. javaDoc

URL to the Javadoc for the object.

OID 1.3.6.1.4.1.42.2.27.4.1.12
Names javaDoc
Description The Java documentation for the class
Equality Matching Rule caseExactIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 2713
Schema File 03-rfc2713.ldif

1.178. javaFactory

Case-sensitive fully qualified name of a Java class that can be used to create an instance of the class specified by the javaClassName attribute.

OID 1.3.6.1.4.1.42.2.27.4.1.10
Names javaFactory
Description Fully qualified Java class name of a JNDI object factory
Equality Matching Rule caseExactMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 2713
Schema File 03-rfc2713.ldif

1.179. javaReferenceAddress

Sequence of addresses of a JNDI reference. Each value represents and object of type javax.naming.RefAddr, and has the following form, where # is the delimiter:

#sequence-number#address-type#(address-value|#string-content)

sequence-number

The address's position in the JNDI reference starting at 0.

address-type

Type of JNDI address, which is a non-empty string.

address-value

Value of the address contents if the reference is of type javax.naming.StringRefAddr.

string-content

Base64-encoded string representation of the entire serialized address if the reference is not of type javax.naming.StringRefAddr.

OID 1.3.6.1.4.1.42.2.27.4.1.11
Names javaReferenceAddress
Description Addresses associated with a JNDI Reference
Equality Matching Rule caseExactMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 2713
Schema File 03-rfc2713.ldif

1.180. javaSerializedData

A serialized Java object. For details, see the .

OID 1.3.6.1.4.1.42.2.27.4.1.8
Names javaSerializedData
Description Serialized form of a Java object
Equality Matching Rule octetStringMatch
Ordering Matching Rule octetStringOrderingMatch
Syntax OctetString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 2713
Schema File 03-rfc2713.ldif

1.181. jpegPhoto

An image of a person in the JPEG File Interchange Format (JFIF).

OID 0.9.2342.19200300.100.1.60
Names jpegPhoto
Description a JPEG image
Equality Matching Rule octetStringMatch
Ordering Matching Rule octetStringOrderingMatch
Syntax JPEG
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 2798
Schema File 00-core.ldif

1.182. knowledgeInformation

According to the specification, "This attribute is no longer used."

OID 2.5.4.2
Names knowledgeInformation
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 2256
Schema File 00-core.ldif

1.183. l

Name of a locality or place, such as a city, country or geographic region.

OID 2.5.4.7
Names l, localityName
Superior Type name
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.184. labeledURI

A URI with an optional label, as described in .

Example: https://forgerock.com ForgeRock Home Page

OID 1.3.6.1.4.1.250.1.57
Names labeledURI
Description Uniform Resource Identifier with optional label
Equality Matching Rule caseExactMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 2079
Schema File 00-core.ldif

1.185. labeledURL

OID 1.3.6.1.4.1.250.1.41
Names labeledURL
Description Uniform Resource Locator with optional label
Equality Matching Rule caseExactMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 2079
Schema File 00-core.ldif

1.186. lastChangeNumber

Holds the newest change number in the changelog.

OID 1.3.6.1.4.1.26027.1.1.594
Names lastChangeNumber
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage directoryOperation
Origin OpenDS Directory Server
Schema File 00-core.ldif

1.187. lastExternalChangelogCookie

Holds the most recent cookie (cross domain state) available.

OID 1.3.6.1.4.1.26027.1.1.585
Names lastExternalChangelogCookie
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage directoryOperation
Origin OpenDS Directory Server
Schema File 00-core.ldif

1.188. lastModifiedBy

DN of the last user to modify the entry.

Although not described in the RFC as an operational attribute, this attribute should be maintained by the server.

OID 0.9.2342.19200300.100.1.24
Names lastModifiedBy
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 1274
Schema File 00-core.ldif

1.189. lastModifiedTime

UTC time when the entry was last modified.

Although not described in the RFC as an operational attribute, this attribute should be maintained by the server.

OID 0.9.2342.19200300.100.1.23
Names lastModifiedTime
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 1274
Schema File 00-core.ldif

1.190. ldapMessagesRead

OID 1.3.6.1.4.1.36733.2.1.1.69
Names ldapMessagesRead
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.191. ldapMessagesWritten

OID 1.3.6.1.4.1.36733.2.1.1.70
Names ldapMessagesWritten
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.192. ldapSyntaxes

This operational attribute used in LDAP schema defines syntaxes, which specify encodings used in LDAP.

OID 1.3.6.1.4.1.1466.101.120.16
Names ldapSyntaxes
Equality Matching Rule objectIdentifierFirstComponentMatch
Syntax LDAPSyntaxDescription
Single Value false: multiple values allowed
User Modification Allowed true
Usage directoryOperation
Origin RFC 4512
Schema File 00-core.ldif

1.193. loginShell

OID 1.3.6.1.1.1.1.4
Names loginShell
Description The path to the login shell
Equality Matching Rule caseExactIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.194. macAddress

OID 1.3.6.1.1.1.1.22
Names macAddress
Description MAC address in maximal, colon separated hex notation, eg. 00:00:92:90:ee:e2
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.195. mail

Internet mail addresses in Mailbox form, as described in . The server does not ensure that mail addresses conform to RFC 2821, however.

Be aware that matching is case-insensitive: (mail=bjensen@example.com) matches BJENSEN@example.com

Applications supporting internationalized domain names must use the ToASCII method described in to produce subdomain components of the Mailbox form.

OID 0.9.2342.19200300.100.1.3
Names mail, rfc822Mailbox
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreIA5SubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4524
Schema File 00-core.ldif

1.196. mailPreferenceOption

Indication of user's preference for having their names included in mailing lists.

Values are from the following list:

no-list-inclusion (Default)

Do not add name in mailing lists.

any-list-inclusion

May add name in mailing lists.

professional-list-inclusion

May add name in mailing lists related to user's professional interests, optionally as evaluated from the business organization or keywords in the entry.

OID 0.9.2342.19200300.100.1.47
Names mailPreferenceOption
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 1274
Schema File 00-core.ldif

1.197. manager

DNs of manager entries for the entry of a person or entity.

OID 0.9.2342.19200300.100.1.10
Names manager
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4524
Schema File 00-core.ldif

1.198. matchingRules

This operational attribute used in LDAP schema defines matching rules, which specify how values of attributes are matched and compared.

OID 2.5.21.4
Names matchingRules
Equality Matching Rule objectIdentifierFirstComponentMatch
Syntax MatchingRuleDescription
Single Value false: multiple values allowed
User Modification Allowed true
Usage directoryOperation
Origin RFC 4512
Schema File 00-core.ldif

1.199. matchingRuleUse

This operational attribute used in LDAP schema defines matching rule uses, which list attributes that can be used with an extensibleMatch search filter.

OID 2.5.21.8
Names matchingRuleUse
Equality Matching Rule objectIdentifierFirstComponentMatch
Syntax MatchingRuleUseDescription
Single Value false: multiple values allowed
User Modification Allowed true
Usage directoryOperation
Origin RFC 4512
Schema File 00-core.ldif

1.200. mDRecord

A type MD (mail destination) DNS resource record.

OID 0.9.2342.19200300.100.1.27
Names mDRecord
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 1274
Schema File 00-core.ldif

1.201. member

Distinguished names of objects that are part of a group.

OID 2.5.4.31
Names member
Superior Type distinguishedName
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.202. memberGid

OID 1.3.6.1.4.1.42.2.27.5.1.30
Names memberGid
Description Posix Group Name
Equality Matching Rule caseExactIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.203. memberNisNetgroup

OID 1.3.6.1.1.1.1.13
Names memberNisNetgroup
Equality Matching Rule caseExactIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseExactIA5SubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.204. memberUid

OID 1.3.6.1.1.1.1.12
Names memberUid
Equality Matching Rule caseExactIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.205. memberURL

Holds LDAP URLs specifying dynamic group membership.

OID 2.16.840.1.113730.3.1.198
Names memberURL
Description Sun-defined attribute type
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin Sun Java System Directory Server
Schema File 00-core.ldif

1.206. mgrpRFC822MailMember

OID 2.16.840.1.113730.3.1.30
Names mgrpRFC822MailMember
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.207. mobile

Mobile phone number, such as +1 415 555 1212.

OID 0.9.2342.19200300.100.1.41
Names mobile, mobileTelephoneNumber
Equality Matching Rule telephoneNumberMatch
Substring Matching Rule telephoneNumberSubstringsMatch
Syntax TelephoneNumber
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4524
Schema File 00-core.ldif

1.208. modifiersName

For entries updated over protocol (by an LDAP modify request, for example), this operational attribute indicates the DN of the creator's entry.

OID 2.5.18.4
Names modifiersName
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value true
User Modification Allowed false
Usage directoryOperation
Origin RFC 4512
Schema File 00-core.ldif

1.209. modifyDNRequests

OID 1.3.6.1.4.1.36733.2.1.1.87
Names modifyDNRequests
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.210. modifyDNResponses

OID 1.3.6.1.4.1.36733.2.1.1.88
Names modifyDNResponses
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.211. modifyRequests

OID 1.3.6.1.4.1.36733.2.1.1.85
Names modifyRequests
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.212. modifyResponses

OID 1.3.6.1.4.1.36733.2.1.1.86
Names modifyResponses
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.213. modifyTimestamp

For entries updated over protocol (by an LDAP modify request, for example), this operational attribute reflects the time the entry was last modified.

OID 2.5.18.2
Names modifyTimestamp
Equality Matching Rule generalizedTimeMatch
Ordering Matching Rule generalizedTimeOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax GeneralizedTime
Single Value true
User Modification Allowed false
Usage directoryOperation
Origin RFC 4512
Schema File 00-core.ldif

1.214. mxRecord

A type MX (mail exchange) DNS resource record.

OID 0.9.2342.19200300.100.1.28
Names mxRecord
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 1274
Schema File 00-core.ldif

1.215. name

Base type for user attribute types with name syntax.

OID 2.5.4.41
Names name
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.216. nameForms

This operational attribute used in LDAP schema defines name forms, which specify naming relations for structural object classes.

OID 2.5.21.7
Names nameForms
Equality Matching Rule objectIdentifierFirstComponentMatch
Syntax NameFormDescription
Single Value false: multiple values allowed
User Modification Allowed true
Usage directoryOperation
Origin RFC 4512
Schema File 00-core.ldif

1.217. namingContexts

This operational attribute indicates the base DNs mastered or shadowed by this server.

OID 1.3.6.1.4.1.1466.101.120.5
Names namingContexts
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value false: multiple values allowed
User Modification Allowed true
Usage dSAOperation
Origin RFC 4512
Schema File 00-core.ldif

1.218. newRDN

OID 2.16.840.1.113730.3.1.9
Names newRDN
Description the new RDN of an entry which is the target of a modrdn operation
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-good-ldap-changelog
Schema File 03-changelog.ldif

1.219. newSuperior

OID 2.16.840.1.113730.3.1.11
Names newSuperior
Description the new parent of an entry which is the target of a moddn operation
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-good-ldap-changelog
Schema File 03-changelog.ldif

1.220. nisDomain

OID 1.3.6.1.1.1.1.30
Names nisDomain
Description NIS domain
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.221. nisMapEntry

OID 1.3.6.1.1.1.1.27
Names nisMapEntry
Description A generic NIS entry
Equality Matching Rule caseExactIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseExactIA5SubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.222. nisMapName

OID 1.3.6.1.1.1.1.26
Names nisMapName
Description Name of a A generic NIS map
Superior Type name
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.223. nisNetgroupTriple

OID 1.3.6.1.1.1.1.14
Names nisNetgroupTriple
Description Netgroup triple
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.224. nisNetIdGroup

OID 1.3.6.1.4.1.42.2.27.1.1.13
Names nisNetIdGroup
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.225. nisNetIdHost

OID 1.3.6.1.4.1.42.2.27.1.1.14
Names nisNetIdHost
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.226. nisNetIdUser

OID 1.3.6.1.4.1.42.2.27.1.1.12
Names nisNetIdUser
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.227. nisplusTimeZone

OID 1.3.6.1.4.1.42.2.27.5.1.57
Names nisplusTimeZone
Description tzone column from NIS+ timezone table
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.228. nisPublicKey

OID 1.3.6.1.1.1.1.28
Names nisPublicKey
Description NIS public key
Equality Matching Rule octetStringMatch
Ordering Matching Rule octetStringOrderingMatch
Syntax OctetString
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.229. nisSecretKey

OID 1.3.6.1.1.1.1.29
Names nisSecretKey
Description NIS secret key
Equality Matching Rule octetStringMatch
Ordering Matching Rule octetStringOrderingMatch
Syntax OctetString
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.230. nsds50ruv

DSEE attribute holding the internal state of the replica from the replication update vector.

OID 2.16.840.1.113730.3.1.587
Names nsds50ruv
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin Sun Directory Server
Schema File 06-compat.ldif

1.231. nSRecord

A type NS (name server) DNS resource record.

OID 0.9.2342.19200300.100.1.29
Names nSRecord
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 1274
Schema File 00-core.ldif

1.232. nsUniqueId

DSEE attribute holding an entry UUID.

OID 2.16.840.1.113730.3.1.542
Names nsUniqueId
Description Sun-defined unique identifier
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed false
Usage directoryOperation
Origin Sun Java System Directory Server
Schema File 00-core.ldif

1.233. numSubordinates

This operational attribute holds a count of immediate subordinates of the current entry. (The count therefore does not include entries below immediate subordinates.)

As numSubordinates is an operational attribute client applications must request it explicitly in search results.

Support for the numSubordinates attribute is per entry. If it is present then its value is correct. Its absence does not, however, imply that there are no subordinates.

OID 1.3.6.1.4.1.453.16.2.103
Names numSubordinates
Description Count of immediate subordinates
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed false
Usage directoryOperation
Origin draft-ietf-boreham-numsubordinates
Schema File 00-core.ldif

1.234. o

X.500 organizationName attribute for the name of an organization.

Example: ForgeRock, Inc.

OID 2.5.4.10
Names o, organizationName
Superior Type name
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.235. objectClass

Describes the type of object represented by the entry, controlling which attributes must and may be present on the entry.

Each entry has at least two values, one of which is top or alias.

When an object class value is added to an entry, all superclasses of the object class are implicitly added. For example, if inetOrgPerson is added, person and organizationalPerson are also added.

OID 2.5.4.0
Names objectClass
Equality Matching Rule objectIdentifierMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax OID
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4512
Schema File 00-core.ldif

1.236. objectClasses

This operational attribute used in LDAP schema defines object classes, which specify the types of objects that an entry represents, and the required and optional attributes for entries of those types.

OID 2.5.21.6
Names objectClasses
Equality Matching Rule objectIdentifierFirstComponentMatch
Syntax ObjectClassDescription
Single Value false: multiple values allowed
User Modification Allowed true
Usage directoryOperation
Origin RFC 4512
Schema File 00-core.ldif

1.237. objectclassMap

OID 1.3.6.1.4.1.11.1.3.1.1.11
Names objectclassMap
Description Object class mappings used, required, or supported by an agent or service
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4876
Schema File 05-rfc4876.ldif

1.238. oncRpcNumber

OID 1.3.6.1.1.1.1.18
Names oncRpcNumber
Description ONC RPC number
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.239. operationsAbandoned

OID 1.3.6.1.4.1.36733.2.1.1.71
Names operationsAbandoned
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.240. operationsCompleted

OID 1.3.6.1.4.1.36733.2.1.1.73
Names operationsCompleted
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.241. operationsInitiated

OID 1.3.6.1.4.1.36733.2.1.1.72
Names operationsInitiated
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.242. organizationalStatus

Categories to refer to a person in an organization, such as professor or staff.

Similar attributes include title and userClass.

OID 0.9.2342.19200300.100.1.45
Names organizationalStatus
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4524
Schema File 00-core.ldif

1.243. otherMailbox

An electronic mailbox address of a type other than X.400 or RFC 822.

OID 0.9.2342.19200300.100.1.22
Names otherMailbox
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 1274
Schema File 00-core.ldif

1.244. ou

X.500 organizationalUnitName attribute for the name of an organizational unit.

Example: Product Development

OID 2.5.4.11
Names organizationalUnitName, ou
Superior Type name
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.245. owner

Distinguished names of objects with an ownership relationship to the current object.

OID 2.5.4.32
Names owner
Superior Type distinguishedName
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.246. pager

Pager phone number, such as +1 415 555 1212.

OID 0.9.2342.19200300.100.1.42
Names pager, pagerTelephoneNumber
Equality Matching Rule telephoneNumberMatch
Substring Matching Rule telephoneNumberSubstringsMatch
Syntax TelephoneNumber
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4524
Schema File 00-core.ldif

1.247. personalSignature

Representation of a person's signature. According to RFC 1274, the value is,

Encoded in G3 fax as explained in recommendation T.4, with an ASN.1 wrapper to make it compatible with an X.400 BodyPart as defined in X.420.

OID 0.9.2342.19200300.100.1.53
Names personalSignature
Equality Matching Rule octetStringMatch
Ordering Matching Rule octetStringOrderingMatch
Syntax Binary
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 1274
Schema File 00-core.ldif

1.248. personalTitle

Personal title for a person, such as Dr. or Professor.

OID 0.9.2342.19200300.100.1.40
Names personalTitle
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4524
Schema File 00-core.ldif

1.249. photo

A photograph in G3 fax as described in recommendation T.4, with an ASN.1 wrapper to make it compatible with an X.400 BodyPart, as defined in X.420.

OID 0.9.2342.19200300.100.1.7
Names photo
Equality Matching Rule octetStringMatch
Ordering Matching Rule octetStringOrderingMatch
Syntax OctetString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 2798
Schema File 00-core.ldif

1.250. physicalDeliveryOfficeName

A name used by the postal service to identify a post office.

OID 2.5.4.19
Names physicalDeliveryOfficeName
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.251. postalAddress

An address used by the postal service to perform services for the entity.

Use dollar signs ($) to separate lines in the address, and see the PostalAddress syntax description for details.

Example: 1234 Main St.$Anytown, CA 12345$USA.

OID 2.5.4.16
Names postalAddress
Equality Matching Rule caseIgnoreListMatch
Substring Matching Rule caseIgnoreListSubstringsMatch
Syntax PostalAddress
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.252. postalCode

A code used by the postal service to identify postal service zones.

OID 2.5.4.17
Names postalCode
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.253. postOfficeBox

A postal box identifier that the postal service uses when the customer receives mail at a box on the premises of the postal service.

OID 2.5.4.18
Names postOfficeBox
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.254. preferredDeliveryMethod

Indicates the preferred method for getting a message to the entity, where the methods can be specified in order of decreasing priority.

Example: mhs $ physical.

OID 2.5.4.28
Names preferredDeliveryMethod
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DeliveryMethod
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.255. preferredLanguage

Indicates a person's preferred language or languages, which is useful for international correspondence and computer interaction. describes an Accept-Language field. That field's content, without Accept-Language:, matches the content of this attribute.

Example: en, ko;q=0.8.

OID 2.16.840.1.113730.3.1.39
Names preferredLanguage
Description preferred written or spoken language for a person
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 2798
Schema File 00-core.ldif

1.256. preferredServerList

OID 1.3.6.1.4.1.11.1.3.1.1.2
Names preferredServerList
Description List of preferred servers
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4876
Schema File 05-rfc4876.ldif

1.257. presentationAddress

An OSI presentation address.

OID 2.5.4.29
Names presentationAddress
Equality Matching Rule presentationAddressMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax PresentationAddress
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 2256
Schema File 00-core.ldif

1.258. printer-aliases

OID 1.3.18.0.2.4.1108
Names printer-aliases
Description List of site-specific administrative names of this printer in addition to the value specified for printer-name.
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.259. printer-charset-configured

OID 1.3.18.0.2.4.1109
Names printer-charset-configured
Description The configured charset in which error and status messages will be generated (by default) by this printer.
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.260. printer-charset-supported

OID 1.3.18.0.2.4.1131
Names printer-charset-supported
Description Set of charsets supported for the attribute values of syntax DirectoryString for this directory entry.
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.261. printer-color-supported

OID 1.3.18.0.2.4.1129
Names printer-color-supported
Description Indicates whether this printer is capable of any type of color printing at all, including highlight color.
Equality Matching Rule booleanMatch
Syntax Boolean
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.262. printer-compression-supported

OID 1.3.18.0.2.4.1128
Names printer-compression-supported
Description Compression algorithms supported by this printer.
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.263. printer-copies-supported

OID 1.3.18.0.2.4.1118
Names printer-copies-supported
Description The maximum number of copies of a document that may be printed as a single job on this printer.
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.264. printer-current-operator

OID 1.3.18.0.2.4.1112
Names printer-current-operator
Description The identity of the current human operator responsible for operating this printer.
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.265. printer-delivery-orientation-supported

OID 1.3.18.0.2.4.1114
Names printer-delivery-orientation-supported
Description The possible delivery orientations of pages as they are printed and ejected from this printer.
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.266. printer-document-format-supported

OID 1.3.18.0.2.4.1130
Names printer-document-format-supported
Description The possible source document formats which may be interpreted and printed by this printer.
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.267. printer-finishings-supported

OID 1.3.18.0.2.4.1125
Names printer-finishings-supported
Description The possible finishing operations supported by this printer.
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.268. printer-generated-natural-language-supported

OID 1.3.18.0.2.4.1137
Names printer-generated-natural-language-supported
Description Natural language(s) supported for this directory entry.
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.269. printer-info

OID 1.3.18.0.2.4.1139
Names printer-info
Description Descriptive information about this printer.
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.270. printer-ipp-versions-supported

OID 1.3.18.0.2.4.1133
Names printer-ipp-versions-supported
Description IPP protocol version(s) that this printer supports.
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.271. printer-job-k-octets-supported

OID 1.3.18.0.2.4.1111
Names printer-job-k-octets-supported
Description The maximum size in kilobytes (1,024 octets actually) incoming print job that this printer will accept.
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.272. printer-job-priority-supported

OID 1.3.18.0.2.4.1110
Names printer-job-priority-supported
Description Indicates the number of job priority levels supported by this printer.
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.273. printer-location

OID 1.3.18.0.2.4.1136
Names printer-location
Description The physical location of this printer.
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.274. printer-make-and-model

OID 1.3.18.0.2.4.1138
Names printer-make-and-model
Description Make and model of this printer.
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.275. printer-media-local-supported

OID 1.3.18.0.2.4.1117
Names printer-media-local-supported
Description Site-specific names of media supported by this printer.
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.276. printer-media-supported

OID 1.3.18.0.2.4.1122
Names printer-media-supported
Description The standard names/types/sizes (and optional color suffixes) of the media supported by this printer.
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.277. printer-more-info

OID 1.3.18.0.2.4.1134
Names printer-more-info
Description A URI for more information about this specific printer.
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.278. printer-multiple-document-jobs-supported

OID 1.3.18.0.2.4.1132
Names printer-multiple-document-jobs-supported
Description Indicates whether this printer supports more than one document per job.
Equality Matching Rule booleanMatch
Syntax Boolean
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.279. printer-name

OID 1.3.18.0.2.4.1135
Names printer-name
Description The site-specific administrative name of this printer.
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.280. printer-natural-language-configured

OID 1.3.18.0.2.4.1119
Names printer-natural-language-configured
Description The configured natural language in which error and status messages will be generated (by default) by this printer.
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.281. printer-number-up-supported

OID 1.3.18.0.2.4.1124
Names printer-number-up-supported
Description The possible numbers of print-stream pages to impose upon a single side of an instance of a selected medium.
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.282. printer-output-features-supported

OID 1.3.18.0.2.4.1116
Names printer-output-features-supported
Description The possible output features supported by this printer.
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.283. printer-pages-per-minute-color

OID 1.3.18.0.2.4.1126
Names printer-pages-per-minute-color
Description The nominal number of color pages per minute which may be output by this printer.
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.284. printer-pages-per-minute

OID 1.3.18.0.2.4.1127
Names printer-pages-per-minute
Description The nominal number of pages per minute which may be output by this printer.
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.285. printer-print-quality-supported

OID 1.3.18.0.2.4.1120
Names printer-print-quality-supported
Description List of print qualities supported for printing documents on this printer.
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.286. printer-resolution-supported

OID 1.3.18.0.2.4.1121
Names printer-resolution-supported
Description List of resolutions supported for printing documents by this printer.
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.287. printer-service-person

OID 1.3.18.0.2.4.1113
Names printer-service-person
Description The identity of the current human service person responsible for servicing this printer.
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.288. printer-sides-supported

OID 1.3.18.0.2.4.1123
Names printer-sides-supported
Description The number of impression sides (one or two) and the two-sided impression rotations supported by this printer.
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.289. printer-stacking-order-supported

OID 1.3.18.0.2.4.1115
Names printer-stacking-order-supported
Description The possible stacking order of pages as they are printed and ejected from this printer.
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.290. printer-uri

OID 1.3.18.0.2.4.1140
Names printer-uri
Description A URI supported by this printer.
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.291. printer-xri-supported

OID 1.3.18.0.2.4.1107
Names printer-xri-supported
Description The unordered list of XRI (extended resource identifiers) supported by this printer.
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 3712
Schema File 03-rfc3712.ldif

1.292. profileTTL

OID 1.3.6.1.4.1.11.1.3.1.1.7
Names profileTTL
Description Time to live, in seconds, before a profile is considered stale
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4876
Schema File 05-rfc4876.ldif

1.293. protocolInformation

Used with a presentationAddress attribute to provide additional information to the OSI network service.

OID 2.5.4.48
Names protocolInformation
Equality Matching Rule protocolInformationMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax ProtocolInformation
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 2256
Schema File 00-core.ldif

1.294. pwdAccountLockedTime

Timestamp when the account was last locked, where 000001010000Z means the account has been locked permanently.

OID 1.3.6.1.4.1.42.2.27.8.1.17
Names pwdAccountLockedTime
Description The time an user account was locked
Equality Matching Rule generalizedTimeMatch
Ordering Matching Rule generalizedTimeOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax GeneralizedTime
Single Value true
User Modification Allowed false
Usage directoryOperation
Origin draft-behera-ldap-password-policy
Schema File 01-pwpolicy.ldif

1.295. pwdAllowUserChange

Whether users can change their own passwords.

OID 1.3.6.1.4.1.42.2.27.8.1.14
Names pwdAllowUserChange
Equality Matching Rule booleanMatch
Syntax Boolean
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-behera-ldap-password-policy
Schema File 01-pwpolicy.ldif

1.296. pwdAttribute

Name of the attribute to which the password policy applies.

OID 1.3.6.1.4.1.42.2.27.8.1.1
Names pwdAttribute
Equality Matching Rule objectIdentifierMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax OID
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin draft-behera-ldap-password-policy
Schema File 01-pwpolicy.ldif

1.297. pwdChangedTime

Timestamp of last password change.

OID 1.3.6.1.4.1.42.2.27.8.1.16
Names pwdChangedTime
Description The time the password was last changed
Equality Matching Rule generalizedTimeMatch
Ordering Matching Rule generalizedTimeOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax GeneralizedTime
Single Value true
User Modification Allowed false
Usage directoryOperation
Origin draft-behera-ldap-password-policy
Schema File 01-pwpolicy.ldif

1.298. pwdCheckQuality

How to verify quality when a password is added or modified. 0: do not check; 1: check, but accept if validation passes or if unable to check; 2: check, and return an error if verification does not pass or cannot be completed.

OID 1.3.6.1.4.1.42.2.27.8.1.5
Names pwdCheckQuality
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-behera-ldap-password-policy
Schema File 01-pwpolicy.ldif

1.299. pwdExpireWarning

Maximum number of seconds before expiry to begin returning errors to the user binding to the directory.

OID 1.3.6.1.4.1.42.2.27.8.1.7
Names pwdExpireWarning
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-behera-ldap-password-policy
Schema File 01-pwpolicy.ldif

1.300. pwdFailureCountInterval

Number of seconds after which failures are purged from the failure counter.

OID 1.3.6.1.4.1.42.2.27.8.1.12
Names pwdFailureCountInterval
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-behera-ldap-password-policy
Schema File 01-pwpolicy.ldif

1.301. pwdFailureTime

Timestamp of the last consecutive authentication failure.

OID 1.3.6.1.4.1.42.2.27.8.1.19
Names pwdFailureTime
Description The timestamps of the last consecutive authentication failures
Equality Matching Rule generalizedTimeMatch
Ordering Matching Rule generalizedTimeOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax GeneralizedTime
Single Value false: multiple values allowed
User Modification Allowed false
Usage directoryOperation
Origin draft-behera-ldap-password-policy
Schema File 01-pwpolicy.ldif

1.302. pwdGraceAuthNLimit

Number of times an expired password can be used to authenticate.

OID 1.3.6.1.4.1.42.2.27.8.1.8
Names pwdGraceAuthNLimit
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-behera-ldap-password-policy
Schema File 01-pwpolicy.ldif

1.303. pwdGraceUseTime

Timestamps of grace authentications after a password expired.

OID 1.3.6.1.4.1.42.2.27.8.1.21
Names pwdGraceUseTime
Description The timestamps of the grace authentication after the password has expired
Equality Matching Rule generalizedTimeMatch
Ordering Matching Rule generalizedTimeOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax GeneralizedTime
Single Value false: multiple values allowed
User Modification Allowed false
Usage directoryOperation
Origin draft-behera-ldap-password-policy
Schema File 01-pwpolicy.ldif

1.304. pwdHistory

History of previously used passwords.

OID 1.3.6.1.4.1.42.2.27.8.1.20
Names pwdHistory
Description The history of user s passwords
Equality Matching Rule octetStringMatch
Ordering Matching Rule octetStringOrderingMatch
Syntax OctetString
Single Value false: multiple values allowed
User Modification Allowed false
Usage directoryOperation
Origin draft-behera-ldap-password-policy
Schema File 01-pwpolicy.ldif

1.305. pwdInHistory

Maximum number of passwords stored in the pwdHistory attribute.

OID 1.3.6.1.4.1.42.2.27.8.1.4
Names pwdInHistory
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-behera-ldap-password-policy
Schema File 01-pwpolicy.ldif

1.306. pwdLockout

Whether the password can no longer used to authenticate when pwdMaxFailure has been reached.

OID 1.3.6.1.4.1.42.2.27.8.1.9
Names pwdLockout
Equality Matching Rule booleanMatch
Syntax Boolean
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-behera-ldap-password-policy
Schema File 01-pwpolicy.ldif

1.307. pwdLockoutDuration

Number of seconds when the password can not be used to authenticate after pwdMaxFailure has been reached.

OID 1.3.6.1.4.1.42.2.27.8.1.10
Names pwdLockoutDuration
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-behera-ldap-password-policy
Schema File 01-pwpolicy.ldif

1.308. pwdMaxAge

Number of seconds after which a password expires.

OID 1.3.6.1.4.1.42.2.27.8.1.3
Names pwdMaxAge
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-behera-ldap-password-policy
Schema File 01-pwpolicy.ldif

1.309. pwdMaxFailure

Maximum number of consecutive failed bind attempts allowed before the account is locked.

OID 1.3.6.1.4.1.42.2.27.8.1.11
Names pwdMaxFailure
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-behera-ldap-password-policy
Schema File 01-pwpolicy.ldif

1.310. pwdMinAge

Minimum number of seconds between modifications to the password.

OID 1.3.6.1.4.1.42.2.27.8.1.2
Names pwdMinAge
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-behera-ldap-password-policy
Schema File 01-pwpolicy.ldif

1.311. pwdMinLength

Minimum number of characters in a password.

OID 1.3.6.1.4.1.42.2.27.8.1.6
Names pwdMinLength
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-behera-ldap-password-policy
Schema File 01-pwpolicy.ldif

1.312. pwdMustChange

Whether users much change their passwords when first binding or after a password reset.

OID 1.3.6.1.4.1.42.2.27.8.1.13
Names pwdMustChange
Equality Matching Rule booleanMatch
Syntax Boolean
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-behera-ldap-password-policy
Schema File 01-pwpolicy.ldif

1.313. pwdPolicySubentry

Pointer to the password policy subentry for the current entry.

OID 1.3.6.1.4.1.42.2.27.8.1.23
Names pwdPolicySubentry
Description The pwdPolicy subentry in effect for this object
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value true
User Modification Allowed false
Usage directoryOperation
Origin draft-behera-ldap-password-policy
Schema File 01-pwpolicy.ldif

1.314. pwdReset

Whether the password has been reset by an administrator, and must be changed by the user.

OID 1.3.6.1.4.1.42.2.27.8.1.22
Names pwdReset
Description The indication that the password has been reset
Equality Matching Rule booleanMatch
Syntax Boolean
Single Value true
User Modification Allowed true
Usage directoryOperation
Origin draft-behera-ldap-password-policy
Schema File 01-pwpolicy.ldif

1.315. pwdSafeModify

Whether the existing password must be supplied when changing passwords.

OID 1.3.6.1.4.1.42.2.27.8.1.15
Names pwdSafeModify
Equality Matching Rule booleanMatch
Syntax Boolean
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-behera-ldap-password-policy
Schema File 01-pwpolicy.ldif

1.316. ref

This attribute holds labeledURI values referring to another LDAP server. The URI should be an LDAP URL. The URI should not specify scope, filter, or an attribute description list, and it should contain a non-empty DN.

Example: ldap://referral.example.com:1389/ou=Subscribers,dc=example,dc=com

OID 2.16.840.1.113730.3.1.34
Names ref
Description named reference - a labeledURI
Equality Matching Rule caseExactMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage distributedOperation
Origin RFC 3296
Schema File 00-core.ldif

1.317. registeredAddress

A postal address suitable for reception of telegrams and expedited documents, where the recipient must accept delivery.

Example: Receptionist$Widget, Inc.$1234 Main St.$Anytown, CA 12345$USA.

OID 2.5.4.26
Names registeredAddress
Superior Type postalAddress
Equality Matching Rule caseIgnoreListMatch
Substring Matching Rule caseIgnoreListSubstringsMatch
Syntax PostalAddress
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.318. replicaIdentifier

Uniquely identifies a replica in a topology.

OID 1.3.6.1.4.1.42.2.27.9.1.724
Names replicaIdentifier
Description the OpenDS replication domain server identifier for the change
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage directoryOperation
Origin OpenDS Directory Server
Schema File 03-changelog.ldif

1.319. replicationCSN

Holds a replication change sequence number.

OID 1.3.6.1.4.1.42.2.27.9.1.725
Names replicationCSN
Description The OpenDS replication change number for the change
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage directoryOperation
Origin OpenDS Directory Server
Schema File 03-changelog.ldif

1.320. rfc822mailMember

OID 1.3.6.1.4.1.42.2.27.2.1.15
Names rfc822mailMember
Description rfc822 mail addresss of group member
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.321. roleOccupant

Distinguished names of objects that fulfill the responsibilities of the current role object.

For example, if the role object is for Director of Engineering, this role could be fulfilled by multiple users.

OID 2.5.4.33
Names roleOccupant
Superior Type distinguishedName
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.322. roomNumber

Room number for an object, which might be multiple when rooms are being renumbered, for example. Use the cn attribute when naming rooms, as room numbers can change.

OID 0.9.2342.19200300.100.1.6
Names roomNumber
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4524
Schema File 00-core.ldif

1.323. sambaAcctFlags

OID 1.3.6.1.4.1.7165.2.1.26
Names sambaAcctFlags
Description Account Flags
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.324. sambaAlgorithmicRidBase

OID 1.3.6.1.4.1.7165.2.1.40
Names sambaAlgorithmicRidBase
Description Base at which the samba RID generation algorithm should operate
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.325. sambaBadPasswordCount

OID 1.3.6.1.4.1.7165.2.1.48
Names sambaBadPasswordCount
Description Bad password attempt count
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.326. sambaBadPasswordTime

OID 1.3.6.1.4.1.7165.2.1.49
Names sambaBadPasswordTime
Description Time of the last bad password attempt
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.327. sambaBoolOption

OID 1.3.6.1.4.1.7165.2.1.43
Names sambaBoolOption
Description A boolean option
Equality Matching Rule booleanMatch
Syntax Boolean
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.328. sambaDomainName

OID 1.3.6.1.4.1.7165.2.1.38
Names sambaDomainName
Description Windows NT domain to which the user belongs
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.329. sambaForceLogoff

OID 1.3.6.1.4.1.7165.2.1.66
Names sambaForceLogoff
Description Disconnect Users outside logon hours (default: -1 => off, 0 => on)
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.330. sambaGroupType

OID 1.3.6.1.4.1.7165.2.1.19
Names sambaGroupType
Description NT Group Type
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.331. sambaHomeDrive

OID 1.3.6.1.4.1.7165.2.1.33
Names sambaHomeDrive
Description Driver letter of home directory mapping
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.332. sambaHomePath

OID 1.3.6.1.4.1.7165.2.1.37
Names sambaHomePath
Description Home directory UNC path
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.333. sambaIntegerOption

OID 1.3.6.1.4.1.7165.2.1.44
Names sambaIntegerOption
Description An integer option
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.334. sambaKickoffTime

OID 1.3.6.1.4.1.7165.2.1.32
Names sambaKickoffTime
Description Timestamp of when the user will be logged off automatically
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.335. sambaLMPassword

OID 1.3.6.1.4.1.7165.2.1.24
Names sambaLMPassword
Description LanManager Password
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.336. sambaLockoutDuration

OID 1.3.6.1.4.1.7165.2.1.63
Names sambaLockoutDuration
Description Lockout duration in minutes (default: 30, -1 => forever)
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.337. sambaLockoutObservationWindow

OID 1.3.6.1.4.1.7165.2.1.64
Names sambaLockoutObservationWindow
Description Reset time after lockout in minutes (default: 30)
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.338. sambaLockoutThreshold

OID 1.3.6.1.4.1.7165.2.1.65
Names sambaLockoutThreshold
Description Lockout users after bad logon attempts (default: 0 => off)
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.339. sambaLogoffTime

OID 1.3.6.1.4.1.7165.2.1.31
Names sambaLogoffTime
Description Timestamp of last logoff
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.340. sambaLogonHours

OID 1.3.6.1.4.1.7165.2.1.55
Names sambaLogonHours
Description Logon Hours
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.341. sambaLogonScript

OID 1.3.6.1.4.1.7165.2.1.34
Names sambaLogonScript
Description Logon script path
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.342. sambaLogonTime

OID 1.3.6.1.4.1.7165.2.1.30
Names sambaLogonTime
Description Timestamp of last logon
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.343. sambaLogonToChgPwd

OID 1.3.6.1.4.1.7165.2.1.60
Names sambaLogonToChgPwd
Description Force Users to logon for password change (default: 0 => off, 2 => on)
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.344. sambaMaxPwdAge

OID 1.3.6.1.4.1.7165.2.1.61
Names sambaMaxPwdAge
Description Maximum password age, in seconds (default: -1 => never expire passwords)
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.345. sambaMinPwdAge

OID 1.3.6.1.4.1.7165.2.1.62
Names sambaMinPwdAge
Description Minimum password age, in seconds (default: 0 => allow immediate password change)
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.346. sambaMinPwdLength

OID 1.3.6.1.4.1.7165.2.1.58
Names sambaMinPwdLength
Description Minimal password length (default: 5)
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.347. sambaMungedDial

OID 1.3.6.1.4.1.7165.2.1.47
Names sambaMungedDial
Description Base64 encoded user parameter string
Equality Matching Rule caseExactMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.348. sambaNextGroupRid

OID 1.3.6.1.4.1.7165.2.1.22
Names sambaNextGroupRid
Description Next NT rid to give out for groups
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.349. sambaNextRid

OID 1.3.6.1.4.1.7165.2.1.39
Names sambaNextRid
Description Next NT rid to give out for anything
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.350. sambaNextUserRid

OID 1.3.6.1.4.1.7165.2.1.21
Names sambaNextUserRid
Description Next NT rid to give our for users
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.351. sambaNTPassword

OID 1.3.6.1.4.1.7165.2.1.25
Names sambaNTPassword
Description MD4 hash of the unicode password
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.352. sambaOptionName

OID 1.3.6.1.4.1.7165.2.1.42
Names sambaOptionName
Description Option Name
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.353. sambaPasswordHistory

OID 1.3.6.1.4.1.7165.2.1.54
Names sambaPasswordHistory
Description Concatenated MD4 hashes of the unicode passwords used on this account
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.354. sambaPrimaryGroupSID

OID 1.3.6.1.4.1.7165.2.1.23
Names sambaPrimaryGroupSID
Description Primary Group Security ID
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.355. sambaPrivilegeList

OID 1.3.6.1.4.1.7165.2.1.52
Names sambaPrivilegeList
Description Privileges List
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.356. sambaProfilePath

OID 1.3.6.1.4.1.7165.2.1.35
Names sambaProfilePath
Description Roaming profile path
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.357. sambaPwdCanChange

OID 1.3.6.1.4.1.7165.2.1.28
Names sambaPwdCanChange
Description Timestamp of when the user is allowed to update the password
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.358. sambaPwdHistoryLength

OID 1.3.6.1.4.1.7165.2.1.59
Names sambaPwdHistoryLength
Description Length of Password History Entries (default: 0 => off)
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.359. sambaPwdLastSet

OID 1.3.6.1.4.1.7165.2.1.27
Names sambaPwdLastSet
Description Timestamp of the last password update
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.360. sambaPwdMustChange

OID 1.3.6.1.4.1.7165.2.1.29
Names sambaPwdMustChange
Description Timestamp of when the password will expire
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.361. sambaRefuseMachinePwdChange

OID 1.3.6.1.4.1.7165.2.1.67
Names sambaRefuseMachinePwdChange
Description Allow Machine Password changes (default: 0 => off)
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.362. sambaShareName

OID 1.3.6.1.4.1.7165.2.1.41
Names sambaShareName
Description Share Name
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.363. sambaSID

OID 1.3.6.1.4.1.7165.2.1.20
Names sambaSID
Description Security ID
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.364. sambaSIDList

OID 1.3.6.1.4.1.7165.2.1.51
Names sambaSIDList
Description Security ID List
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.365. sambaStringListOption

OID 1.3.6.1.4.1.7165.2.1.46
Names sambaStringListOption
Description A string list option
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.366. sambaStringOption

OID 1.3.6.1.4.1.7165.2.1.45
Names sambaStringOption
Description A string option
Equality Matching Rule caseExactIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.367. sambaTrustFlags

OID 1.3.6.1.4.1.7165.2.1.53
Names sambaTrustFlags
Description Trust Password Flags
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.368. sambaUserWorkstations

OID 1.3.6.1.4.1.7165.2.1.36
Names sambaUserWorkstations
Description List of user workstations the user is allowed to logon to
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Schema File 05-samba.ldif

1.369. searchGuide

Sets of information used by directory clients when constructing search filters.

This attribute is superseded by enhancedSearchGuide.

OID 2.5.4.14
Names searchGuide
Equality Matching Rule octetStringMatch
Ordering Matching Rule octetStringOrderingMatch
Syntax Guide
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.370. searchOneRequests

OID 1.3.6.1.4.1.36733.2.1.1.90
Names searchOneRequests
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.371. searchRequests

OID 1.3.6.1.4.1.36733.2.1.1.89
Names searchRequests
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.372. searchResultEntries

OID 1.3.6.1.4.1.36733.2.1.1.92
Names searchResultEntries
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.373. searchResultReferences

OID 1.3.6.1.4.1.36733.2.1.1.93
Names searchResultReferences
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.374. searchResultsDone

OID 1.3.6.1.4.1.36733.2.1.1.94
Names searchResultsDone
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.375. searchSubRequests

OID 1.3.6.1.4.1.36733.2.1.1.91
Names searchSubRequests
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.376. searchTimeLimit

OID 1.3.6.1.4.1.11.1.3.1.1.3
Names searchTimeLimit
Description Maximum time an agent or service allows for a search to complete
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4876
Schema File 05-rfc4876.ldif

1.377. secretary

DNs of secretary or administrative assistant entries for the entry of a person or entity.

OID 0.9.2342.19200300.100.1.21
Names secretary
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4524
Schema File 00-core.ldif

1.378. seeAlso

Distinguished names of entries related to the current entry.

OID 2.5.4.34
Names seeAlso
Superior Type distinguishedName
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.379. serialNumber

Serial numbers of a device.

OID 2.5.4.5
Names serialNumber
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax PrintableString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.380. service-advert-attribute-authenticator

An SLP attribute authenticator, as described in .

OID 1.3.6.1.4.1.6252.2.27.6.1.7
Names service-advert-attribute-authenticator
Description The authenticator for the attribute list, null if none.
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 2926
Schema File 03-rfc2926.ldif

1.381. service-advert-scopes

SLP scopes as described in .

OID 1.3.6.1.4.1.6252.2.27.6.1.5
Names service-advert-scopes
Description A list of scopes for a service advertisement.
Equality Matching Rule caseExactIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 2926
Schema File 03-rfc2926.ldif

1.382. service-advert-service-type

Service-specific type of an SLP template-type as described in .

OID 1.3.6.1.4.1.6252.2.27.6.1.4
Names service-advert-service-type
Description The service type of the service advertisement, including the "service:" prefix.
Equality Matching Rule caseExactIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 2926
Schema File 03-rfc2926.ldif

1.383. service-advert-url-authenticator

An SLP URL authenticator, as described in .

OID 1.3.6.1.4.1.6252.2.27.6.1.6
Names service-advert-url-authenticator
Description The authenticator for the URL, null if none.
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 2926
Schema File 03-rfc2926.ldif

1.384. serviceAuthenticationMethod

OID 1.3.6.1.4.1.11.1.3.1.1.15
Names serviceAuthenticationMethod
Description Specifies types authentication methods either used, required, or supported by a particular service
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4876
Schema File 05-rfc4876.ldif

1.385. serviceCredentialLevel

OID 1.3.6.1.4.1.11.1.3.1.1.13
Names serviceCredentialLevel
Description Specifies the type of credentials either used, required, or supported by a specific service
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4876
Schema File 05-rfc4876.ldif

1.386. serviceSearchDescriptor

OID 1.3.6.1.4.1.11.1.3.1.1.14
Names serviceSearchDescriptor
Description Specifies search descriptors required, used, or supported by a particular service or agent
Equality Matching Rule caseExactMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4876
Schema File 05-rfc4876.ldif

1.387. shadowExpire

OID 1.3.6.1.1.1.1.10
Names shadowExpire
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.388. shadowFlag

OID 1.3.6.1.1.1.1.11
Names shadowFlag
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.389. shadowInactive

OID 1.3.6.1.1.1.1.9
Names shadowInactive
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.390. shadowLastChange

OID 1.3.6.1.1.1.1.5
Names shadowLastChange
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.391. shadowMax

OID 1.3.6.1.1.1.1.7
Names shadowMax
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.392. shadowMin

OID 1.3.6.1.1.1.1.6
Names shadowMin
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.393. shadowWarning

OID 1.3.6.1.1.1.1.8
Names shadowWarning
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.394. singleLevelQuality

Directory administrators can use this attribute to indicate the data quality at the level immediately below in the DIT.

OID 0.9.2342.19200300.100.1.50
Names singleLevelQuality
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 1274
Schema File 00-core.ldif

1.395. sn

X.500 surname attribute that contains the family name of a person.

OID 2.5.4.4
Names sn, surname
Superior Type name
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.396. sOARecord

A type SOA (start of authority) DNS resource record.

OID 0.9.2342.19200300.100.1.30
Names sOARecord
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 1274
Schema File 00-core.ldif

1.397. SolarisAttrKeyValue

OID 1.3.6.1.4.1.42.2.27.5.1.4
Names SolarisAttrKeyValue
Description Semi-colon separated key=value pairs of attributes
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreIA5SubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.398. SolarisAttrLongDesc

OID 1.3.6.1.4.1.42.2.27.5.1.8
Names SolarisAttrLongDesc
Description Detail description about an entry
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.399. SolarisAttrReserved1

OID 1.3.6.1.4.1.42.2.27.5.1.13
Names SolarisAttrReserved1
Description Reserved for future use
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.400. SolarisAttrReserved2

OID 1.3.6.1.4.1.42.2.27.5.1.14
Names SolarisAttrReserved2
Description Reserved for future use
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.401. SolarisAttrShortDesc

OID 1.3.6.1.4.1.42.2.27.5.1.7
Names SolarisAttrShortDesc
Description Short description about an entry, used by GUIs
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.402. SolarisAuditAlways

OID 1.3.6.1.4.1.42.2.27.5.1.5
Names SolarisAuditAlways
Description Always audited attributes per-user
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.403. SolarisAuditNever

OID 1.3.6.1.4.1.42.2.27.5.1.6
Names SolarisAuditNever
Description Never audited attributes per-user
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.404. SolarisAuthMethod

OID 1.3.6.1.4.1.42.2.27.5.1.20
Names SolarisAuthMethod
Description Authentication method to be used eg. "NS_LDAP_AUTH_NONE", "NS_LDAP_AUTH_SIMPLE" or "NS_LDAP_AUTH_SASL_CRAM_MD5"
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.405. SolarisBindDN

OID 1.3.6.1.4.1.42.2.27.5.1.18
Names SolarisBindDN
Description DN to be used to bind to the directory as proxy
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.406. SolarisBindPassword

OID 1.3.6.1.4.1.42.2.27.5.1.19
Names SolarisBindPassword
Description Password for bindDN to authenticate to the directory
Equality Matching Rule octetStringMatch
Ordering Matching Rule octetStringOrderingMatch
Syntax OctetString
Single Value true
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.407. SolarisBindTimeLimit

OID 1.3.6.1.4.1.42.2.27.5.1.31
Names SolarisBindTimeLimit
Description Time Limit in seconds for bind operations
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.408. SolarisCacheTTL

OID 1.3.6.1.4.1.42.2.27.5.1.17
Names SolarisCacheTTL
Description TTL value for the Domain information eg. 1w, 2d, 3h, 10m, or 5s
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.409. SolarisCertificatePassword

OID 1.3.6.1.4.1.42.2.27.5.1.23
Names SolarisCertificatePassword
Description Password or PIN that grants access to certificate.
Equality Matching Rule octetStringMatch
Ordering Matching Rule octetStringOrderingMatch
Syntax OctetString
Single Value true
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.410. SolarisCertificatePath

OID 1.3.6.1.4.1.42.2.27.5.1.22
Names SolarisCertificatePath
Description Path to certificate file/device
Equality Matching Rule caseExactIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.411. SolarisDataSearchDN

OID 1.3.6.1.4.1.42.2.27.5.1.24
Names SolarisDataSearchDN
Description Search DN for data lookup in ":(DN0),(DN1),..." format
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.412. SolarisKernelSecurityPolicy

OID 1.3.6.1.4.1.42.2.27.5.1.9
Names SolarisKernelSecurityPolicy
Description Solaris kernel security policy
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.413. SolarisLDAPServers

OID 1.3.6.1.4.1.42.2.27.5.1.15
Names SolarisLDAPServers
Description LDAP Server address eg. 76.234.3.1:389
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.414. SolarisPreferredServer

OID 1.3.6.1.4.1.42.2.27.5.1.27
Names SolarisPreferredServer
Description Preferred LDAP Server address or network number
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.415. SolarisPreferredServerOnly

OID 1.3.6.1.4.1.42.2.27.5.1.28
Names SolarisPreferredServerOnly
Description Boolean flag for use of preferredServer or not
Equality Matching Rule booleanMatch
Syntax Boolean
Single Value true
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.416. SolarisProfileId

OID 1.3.6.1.4.1.42.2.27.5.1.11
Names SolarisProfileId
Description Identifier of object defined in profile
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.417. SolarisProfileType

OID 1.3.6.1.4.1.42.2.27.5.1.10
Names SolarisProfileType
Description Type of object defined in profile
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.418. SolarisProjectAttr

OID 1.3.6.1.4.1.42.2.27.5.1.3
Names SolarisProjectAttr
Description Attributes of a Solaris Project entry
Equality Matching Rule caseExactIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.419. SolarisProjectID

OID 1.3.6.1.4.1.42.2.27.5.1.1
Names SolarisProjectID
Description Unique ID for a Solaris Project entry
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.420. SolarisProjectName

OID 1.3.6.1.4.1.42.2.27.5.1.2
Names SolarisProjectName
Description Name of a Solaris Project Entry
Equality Matching Rule caseExactIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.421. SolarisSearchBaseDN

OID 1.3.6.1.4.1.42.2.27.5.1.16
Names SolarisSearchBaseDN
Description Search Base Distinguished Name
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.422. SolarisSearchReferral

OID 1.3.6.1.4.1.42.2.27.5.1.29
Names SolarisSearchReferral
Description referral chasing option eg. "NS_LDAP_NOREF" or "NS_LDAP_FOLLOWREF"
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.423. SolarisSearchScope

OID 1.3.6.1.4.1.42.2.27.5.1.25
Names SolarisSearchScope
Description Scope to be used for search operations eg. "NS_LDAP_SCOPE_BASE", "NS_LDAP_SCOPE_ONELEVEL" or "NS_LDAP_SCOPE_SUBTREE"
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.424. SolarisSearchTimeLimit

OID 1.3.6.1.4.1.42.2.27.5.1.26
Names SolarisSearchTimeLimit
Description Time Limit in seconds for search operations
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.425. SolarisTransportSecurity

OID 1.3.6.1.4.1.42.2.27.5.1.21
Names SolarisTransportSecurity
Description Transport Level Security method to be used eg. "NS_LDAP_SEC_NONE" or "NS_LDAP_SEC_SASL_TLS"
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.426. SolarisUserQualifier

OID 1.3.6.1.4.1.42.2.27.5.1.12
Names SolarisUserQualifier
Description Per-user login attributes
Equality Matching Rule caseIgnoreIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.427. st

Full name of a state or province.

OID 2.5.4.8
Names st, stateOrProvinceName
Superior Type name
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.428. street

Site information for a postal address, such as the street name, place, avenue, and house number.

Example: 1234 Main St.

OID 2.5.4.9
Names street, streetAddress
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.429. structuralObjectClass

Indicates the structural object class of the entry.

OID 2.5.21.9
Names structuralObjectClass
Equality Matching Rule objectIdentifierMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax OID
Single Value true
User Modification Allowed false
Usage directoryOperation
Origin RFC 4512
Schema File 00-core.ldif

1.430. subschemaSubentry

This operational attribute indicates the entry holding the LDAP schema definitions that apply to the current entry.

OID 2.5.18.10
Names subschemaSubentry
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value true
User Modification Allowed false
Usage directoryOperation
Origin RFC 4512
Schema File 00-core.ldif

1.431. subtreeMaximumQuality

Directory administrators can use this attribute to indicate the maximum data quality for a DIT subtree.

The default is the value of singleLevelQuality.

OID 0.9.2342.19200300.100.1.52
Names subtreeMaximumQuality
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 1274
Schema File 00-core.ldif

1.432. subtreeMinimumQuality

Directory administrators can use this attribute to indicate the minimum data quality for a DIT subtree.

The default is the value of singleLevelQuality.

OID 0.9.2342.19200300.100.1.51
Names subtreeMinimumQuality
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 1274
Schema File 00-core.ldif

1.433. subtreeSpecification

A subtree specification provides a way to describe a subset of entries in a subtree of the DIT. A subtree begins at a base entry and includes the subordinates of that entry to an optionally specified lower boundary, possibly including leaf entries.

The following example uses a subtree specification to apply privileges to Directory Administrators group members under ou=people (relative to the parent of the subentry). In other words, this sample applies to entries under ou=people,dc=example,dc=com:

dn: cn=Administrator Privileges,dc=example,dc=com
objectClass: collectiveAttributeSubentry
objectClass: extensibleObject
objectClass: subentry
objectClass: top
cn: Administrator Privileges
ds-privilege-name;collective: config-read
ds-privilege-name;collective: config-write
ds-privilege-name;collective: ldif-export
ds-privilege-name;collective: modify-acl
ds-privilege-name;collective: password-reset
ds-privilege-name;collective: proxied-auth
subtreeSpecification: {base "ou=people", specificationFilter
  "(isMemberOf=cn=Directory Administrators,ou=Groups,dc=example,dc=com)" }
    

Notice that the subentry where this operational attribute occurs sets the context that implicitly defines the bounds of the subtree.

OID 2.5.18.6
Names subtreeSpecification
Equality Matching Rule octetStringMatch
Ordering Matching Rule octetStringOrderingMatch
Syntax SubtreeSpecification
Single Value true
User Modification Allowed true
Usage directoryOperation
Origin RFC 3672
Schema File 00-core.ldif

1.434. sun-printer-bsdaddr

OID 1.3.6.1.4.1.42.2.27.5.1.63
Names sun-printer-bsdaddr
Description Sets the server, print queue destination name and whether the client generates protocol extensions. "Solaris" specifies a Solaris print server extension. The value is represented by the following value: server "," destination ", Solaris".
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.435. sun-printer-kvp

OID 1.3.6.1.4.1.42.2.27.5.1.64
Names sun-printer-kvp
Description This attribute contains a set of key value pairs which may have meaning to the print subsystem or may be user defined. Each value is represented by the following: key "=" value.
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.436. supportedAlgorithms

X.509 supported algorithms, as described in X.509 clause 11.2.7.

Request and transfer values using the binary option for the attribute description, supportedAlgorithms;binary.

OID 2.5.4.52
Names supportedAlgorithms
Equality Matching Rule octetStringMatch
Ordering Matching Rule octetStringOrderingMatch
Syntax SupportedAlgorithm
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4523
Schema File 00-core.ldif

1.437. supportedApplicationContext

Identifiers of OSI application contexts.

OID 2.5.4.30
Names supportedApplicationContext
Equality Matching Rule objectIdentifierMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax OID
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 2256
Schema File 00-core.ldif

1.438. supportedAuthPasswordSchemes

Password storage schemes that can be used for authPassword values. This attribute is intended only for use on the root DSE.

OID 1.3.6.1.4.1.4203.1.3.3
Names supportedAuthPasswordSchemes
Description supported password storage schemes
Equality Matching Rule caseExactIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value false: multiple values allowed
User Modification Allowed true
Usage dSAOperation
Origin RFC 3112
Schema File 03-rfc3112.ldif

1.439. supportedControl

This operational attribute indicates LDAP controls supported by this server.

OID 1.3.6.1.4.1.1466.101.120.13
Names supportedControl
Equality Matching Rule objectIdentifierMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax OID
Single Value false: multiple values allowed
User Modification Allowed true
Usage dSAOperation
Origin RFC 4512
Schema File 00-core.ldif

1.440. supportedExtension

This operational attribute indicates LDAP extended operations supported by this server.

OID 1.3.6.1.4.1.1466.101.120.7
Names supportedExtension
Equality Matching Rule objectIdentifierMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax OID
Single Value false: multiple values allowed
User Modification Allowed true
Usage dSAOperation
Origin RFC 4512
Schema File 00-core.ldif

1.441. supportedFeatures

This operational attribute indicates optional LDAP features supported by this server.

OID 1.3.6.1.4.1.4203.1.3.5
Names supportedFeatures
Equality Matching Rule objectIdentifierMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax OID
Single Value false: multiple values allowed
User Modification Allowed true
Usage dSAOperation
Origin RFC 4512
Schema File 00-core.ldif

1.442. supportedLDAPVersion

This operational attribute indicates LDAP versions supported by this server.

OID 1.3.6.1.4.1.1466.101.120.15
Names supportedLDAPVersion
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value false: multiple values allowed
User Modification Allowed true
Usage dSAOperation
Origin RFC 4512
Schema File 00-core.ldif

1.443. supportedSASLMechanisms

This operational attribute indicates SASL mechanisms supported by this server.

OID 1.3.6.1.4.1.1466.101.120.14
Names supportedSASLMechanisms
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage dSAOperation
Origin RFC 4512
Schema File 00-core.ldif

1.444. supportedTLSCiphers

OID 1.3.6.1.4.1.36733.2.1.1.64
Names supportedTLSCiphers
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage dSAOperation
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.445. supportedTLSProtocols

OID 1.3.6.1.4.1.36733.2.1.1.63
Names supportedTLSProtocols
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage dSAOperation
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.446. targetDN

OID 2.16.840.1.113730.3.1.6
Names targetDN
Description the DN of the entry which was modified
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-good-ldap-changelog
Schema File 03-changelog.ldif

1.447. targetEntryUUID

Uniquely identifies an entry that is targeted to be changed.

OID 1.3.6.1.4.1.26027.1.1.590
Names targetEntryUUID, targetUniqueID
Description The OpenDS unique id of the entry targeted by the change
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage directoryOperation
Origin OpenDS Directory Server
Schema File 03-changelog.ldif

1.448. telephoneNumber

Phone number in a format complying with the ITU Recommendation E.123, such as +1 415 555 1212.

OID 2.5.4.20
Names telephoneNumber
Equality Matching Rule telephoneNumberMatch
Substring Matching Rule telephoneNumberSubstringsMatch
Syntax TelephoneNumber
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.449. teletexTerminalIdentifier

This attribute is obsolete since the ITU Recommendation F.200 was withdrawn.

OID 2.5.4.22
Names teletexTerminalIdentifier
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax TeletexTerminalIdentifier
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.450. telexNumber

Set of strings specifying the telex number, country code, and answerback code of a telex terminal, such as 12345$023$ABCDE.

OID 2.5.4.21
Names telexNumber
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax TelexNumber
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.451. template-major-version-number

Major component of an SLP template-version number for a service type template.

OID 1.3.6.1.4.1.6252.2.27.6.1.1
Names template-major-version-number
Description The major version number of the service type template
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 2926
Schema File 03-rfc2926.ldif

1.452. template-minor-version-number

Minor component of an SLP template-version number for a service type template.

OID 1.3.6.1.4.1.6252.2.27.6.1.2
Names template-minor-version-number
Description The minor version number of the service type template
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 2926
Schema File 03-rfc2926.ldif

1.453. template-url-syntax

ABNF grammar describing the service type specific part of the service URL for an SLP service type template.

OID 1.3.6.1.4.1.6252.2.27.6.1.3
Names template-url-syntax
Description An ABNF grammar describing the service type specific part of the service URL
Equality Matching Rule caseExactIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax IA5String
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 2926
Schema File 03-rfc2926.ldif

1.454. textEncodedORAddress

Text encoding of an X.400 O/R address, as specified in .

This attribute was deprecated in 1991.

OID 0.9.2342.19200300.100.1.2
Names textEncodedORAddress
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 1274
Schema File 00-core.ldif

1.455. title

Title of a person in their organizational context.

Examples: Vice President, Software Engineer.

OID 2.5.4.12
Names title
Superior Type name
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.456. uddiAccessPoint

The value of this attribute is a qualified pointer to a service entry point.

In UDDIv3, the convention is to precede pointer with the use type, as in use-type#address. For UDDIv2 compatibility, the recommended format is v2-URL-type#v3-use-type#address.

OID 1.3.6.1.1.10.4.19
Names uddiAccessPoint
Description entry point address to call a web service
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.457. uddiAddressLine

The value of this attribute holds addresses in free-form text. The maximum size of the value is 80 characters.

If the address contains a template model key, then the value is prefixed with a key name and key value, as in #key-name#key-value#address-data.

OID 1.3.6.1.1.10.4.13
Names uddiAddressLine
Description address
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.458. uddiAuthorizedName

The value of this attribute holds the name of the individual who registered the UDDI business entity or template model.

OID 1.3.6.1.1.10.4.2
Names uddiAuthorizedName
Description businessEntity publisher name
Equality Matching Rule distinguishedNameMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DN
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.459. uddiBindingKey

The value of this attribute uniquely identifies a UDDI binding template.

This value should be empty when saving a new UDDI binding template.

OID 1.3.6.1.1.10.4.18
Names uddiBindingKey
Description bindingTemplate unique identifier
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.460. uddiBusinessKey

The value of this attribute uniquely identifies a UDDI business entity.

This attribute is optional for a business service whose parent already has a business key.

OID 1.3.6.1.1.10.4.1
Names uddiBusinessKey
Description businessEntity unique identifier
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.461. uddiCategoryBag

The value of this attribute holds information about categorizing UDDI business entities, business services, and template models.

The value can optionally be prefixed with a template model and key name, as in #t-model#key-name#key-value. Only key-value is mandatory.

OID 1.3.6.1.1.10.4.15
Names uddiCategoryBag
Description categorization information
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.462. uddiDescription

The value of this attribute localized descriptions.

Each value has the form, xml:lang-value#description.

OID 1.3.6.1.1.10.4.5
Names uddiDescription
Description short description
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.463. uddiDiscoveryURLs

The value of this attribute holds a list of URL to alternate, file-based service discovery mechanisms.

In UDDIv3, the convention is to precede the URL with the use type, as in use-type#URL.

OID 1.3.6.1.1.10.4.6
Names uddiDiscoveryURLs
Description URL to retrieve a businessEntity instance
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.464. uddiEMail

The value of this attribute holds email addresses for the contact.

Prefix values with use type descriptions if more than one email address is provided, as in use-type#email-address.

OID 1.3.6.1.1.10.4.10
Names uddiEMail
Description e-mail address for contact
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.465. uddiFromKey

The value of this attribute uniquely references the first business entity for which an assertion is made.

OID 1.3.6.1.1.10.4.25
Names uddiFromKey
Description unique businessEntity key reference
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.466. uddiHostingRedirector

The value of this attribute indicates that a binding template entry is a pointer to another binding template entry.

UDDIv3 deprecates this element. Use uddiAccessPoint instead.

OID 1.3.6.1.1.10.4.20
Names uddiHostingRedirector
Description designates a pointer to another bindingTemplate
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.467. uddiIdentifierBag

The value of this attribute holds information about common forms of identification, such as D-U-N-S numbers, and tax identifiers.

The value can optionally be prefixed with a template model and key name, as in #t-model#key-name#key-value. Only key-value is mandatory.

OID 1.3.6.1.1.10.4.14
Names uddiIdentifierBag
Description identification information
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.468. uddiInstanceDescription

The value of this attribute holds one or more localized descriptions indicating the role a template model reference plays in the service description.

Each value has the form, xml:lang-value#description.

OID 1.3.6.1.1.10.4.21
Names uddiInstanceDescription
Description instance details description
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.469. uddiInstanceParms

The value of this attribute holds the settings, or a URL reference to a file containing the settings, that are required to use a facet of a UDDI binding template description.

OID 1.3.6.1.1.10.4.22
Names uddiInstanceParms
Description URL reference to required settings
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.470. uddiIsHidden

The value of this attribute indicates a deleted template model that is not found in result sets when finding template models.

OID 1.3.6.1.1.10.4.28
Names uddiIsHidden
Description isHidden attribute
Equality Matching Rule booleanMatch
Syntax Boolean
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.471. uddiIsProjection

The value of this attribute indicates a business service that has a service projection.

OID 1.3.6.1.1.10.4.29
Names uddiIsProjection
Description isServiceProjection attribute
Equality Matching Rule booleanMatch
Syntax Boolean
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.472. uddiKeyedReference

The value of this attribute holds a name-value pair with an additional reference to a template model.

The value can optionally be prefixed with a template model and key name, as in #t-model#key-name#key-value.

OID 1.3.6.1.1.10.4.16
Names uddiKeyedReference
Description categorization information
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.473. uddiLang

The value of this attribute models the xml:lang value for a UDDIv3 address structure.

OID 1.3.6.1.1.10.4.30
Names uddiLang
Description xml:lang value in v3 Address structure
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.474. uddiName

The value of this attribute holds a human-readable name for a UDDI business entity, business service, or template model.

Each value has the form, xml:lang-value#name, where at most one value can omit the xml:lang-value# prefix.

OID 1.3.6.1.1.10.4.4
Names uddiName
Description human readable name
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.475. uddiOperator

The value of this attribute holds the certified name of the UDDI registry site operator that manages the master copy of the UDDI business entity or template model.

UDDIv3 uses uddiv3NodeId instead.

OID 1.3.6.1.1.10.4.3
Names uddiOperator
Description registry site operator of businessEntitys master copy
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.476. uddiOverviewDescription

The value of this attribute holds one or more localized descriptions indicating how to use a UDDI template model.

Each value has the form, xml:lang-value#description.

OID 1.3.6.1.1.10.4.23
Names uddiOverviewDescription
Description outlines tModel usage
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.477. uddiOverviewURL

The value of this attribute holds a URL to longer overview document describing how a UDDI template model reference is used as a component of an overall web service description.

OID 1.3.6.1.1.10.4.24
Names uddiOverviewURL
Description URL reference to overview document
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.478. uddiPersonName

The value of this attribute lists names of people or names of job roles available behind the contact.

Examples: webmaster, administrator.

In UDDIv3, each value can have the form, xml:lang-value#name.

OID 1.3.6.1.1.10.4.8
Names uddiPersonName
Description name of person or job role available for contact
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.479. uddiPhone

The value of this attribute holds telephone numbers for the contact.

Prefix values with use type descriptions if more than one phone number is provided, as in use-type#phone-number.

OID 1.3.6.1.1.10.4.9
Names uddiPhone
Description telephone number for contact
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.480. uddiServiceKey

The value of this attribute uniquely identifies a UDDI business service.

This value should be empty when saving a new UDDI business service structure.

This attribute is optional for a business service whose parent already has a business key.

OID 1.3.6.1.1.10.4.17
Names uddiServiceKey
Description businessService unique identifier
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.481. uddiSortCode

The value of this attribute drives behavior of external display mechanisms that sort addresses.

This is deprecated in UDDIv3.

OID 1.3.6.1.1.10.4.11
Names uddiSortCode
Description specifies an external disply mechanism
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.482. uddiTModelKey

The value of this attribute uniquely identifies a UDDI template model.

When used with a keyed reference, it serves as the key identifying a value set, and implies that the key name-key value pair in a UDDI identify or category bag should be interpreted by the value set referenced by the template model key. When used with an address line element, it implies the key name and key pair in subsequent address line elements should be interpreted by the address structure associated with the referenced template model.

OID 1.3.6.1.1.10.4.12
Names uddiTModelKey
Description tModel unique identifier
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.483. uddiToKey

The value of this attribute uniquely references the second business entity for which an assertion is made.

OID 1.3.6.1.1.10.4.26
Names uddiToKey
Description unique businessEntity key reference
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.484. uddiUseType

The value of this attribute holds text describing a type of contact or address.

Examples: technical contact, billing department.

OID 1.3.6.1.1.10.4.7
Names uddiUseType
Description name of convention the referenced document follows
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.485. uddiUUID

The value of this attribute uniquely a UDDI contact, address, or publisher assertion.

OID 1.3.6.1.1.10.4.27
Names uddiUUID
Description unique attribute
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.486. uddiv3BindingKey

The value of this attribute holds a unique, UDDIv3 identifier for a binding template.

OID 1.3.6.1.1.10.4.33
Names uddiv3BindingKey
Description UDDIv3 BindingTemplate unique identifier
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.487. uddiv3BriefResponse

The value of this attribute indicates whether a brief response is associated with a subscription entity. It controls the level of detail returned to a subscription listener.

OID 1.3.6.1.1.10.4.43
Names uddiv3BriefResponse
Description UDDIv3 Subscription ExpiresAfter field
Equality Matching Rule booleanMatch
Syntax Boolean
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.488. uddiv3BusinessKey

The value of this attribute holds a unique, UDDIv3 identifier for a business entity.

OID 1.3.6.1.1.10.4.31
Names uddiv3BusinessKey
Description UDDIv3 businessEntity unique identifier
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.489. uddiv3DigitalSignature

The value of this attribute holds an XML digital signature for a UDDI entity.

OID 1.3.6.1.1.10.4.35
Names uddiv3DigitalSignature
Description UDDIv3 entity digital signature
Equality Matching Rule caseExactMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.490. uddiv3EntityCreationTime

The value of this attribute holds the original creation time for a UDDI entity that is deleted in an entity obituary.

It is also used to record the original creation time in the event of a move.

OID 1.3.6.1.1.10.4.45
Names uddiv3EntityCreationTime
Description UDDIv3 Entity Creation Time
Equality Matching Rule generalizedTimeMatch
Ordering Matching Rule generalizedTimeOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax GeneralizedTime
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.491. uddiv3EntityDeletionTime

The value of this attribute holds the deletion time for a UDDI entity that is deleted in an entity obituary.

OID 1.3.6.1.1.10.4.46
Names uddiv3EntityDeletionTime
Description UDDIv3 Entity Deletion Time
Equality Matching Rule generalizedTimeMatch
Ordering Matching Rule generalizedTimeOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax GeneralizedTime
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.492. uddiv3EntityKey

The value of this attribute holds a unique, UDDIv3 identifier for an instance of a UDDI data structure to be logged as an entity obituary.

OID 1.3.6.1.1.10.4.44
Names uddiv3EntityKey
Description UDDIv3 Entity unique identifier
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.493. uddiv3EntityModificationTime

The value of this attribute holds the last modification time for a UDDI entity.

When a child entity is updated, the parent entity timestamp is also updated.

OID 1.3.6.1.1.10.4.37
Names uddiv3EntityModificationTime
Description UDDIv3 Last Modified Time for Entity
Equality Matching Rule generalizedTimeMatch
Ordering Matching Rule generalizedTimeOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax GeneralizedTime
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.494. uddiv3ExpiresAfter

The value of this attribute specifies the expiry time for a subscription. Its type is xsd:dateTime.

OID 1.3.6.1.1.10.4.42
Names uddiv3ExpiresAfter
Description UDDIv3 Subscription ExpiresAfter field
Equality Matching Rule generalizedTimeMatch
Ordering Matching Rule generalizedTimeOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax GeneralizedTime
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.495. uddiv3MaxEntities

The value of this attribute specifies the maximum number of entities that are returned as part of a subscription notification.

OID 1.3.6.1.1.10.4.41
Names uddiv3MaxEntities
Description UDDIv3 Subscription maxEntities field
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.496. uddiv3NodeId

The value of this attribute holds a node identity for a UDDIv3 node.

OID 1.3.6.1.1.10.4.36
Names uddiv3NodeId
Description UDDIv3 Node Identifier
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.497. uddiv3NotificationInterval

The value of this attribute holds a notification interval string. The string type is xsd:duration.

The interval specifies how often to send asynchronous change notifications to a subscriber.

OID 1.3.6.1.1.10.4.40
Names uddiv3NotificationInterval
Description UDDIv3 Notification Interval
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.498. uddiv3ServiceKey

The value of this attribute holds a unique, UDDIv3 identifier for a business service.

OID 1.3.6.1.1.10.4.32
Names uddiv3ServiceKey
Description UDDIv3 businessService unique identifier
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.499. uddiv3SubscriptionFilter

The value of this attribute holds a UDDIv3 subscription filter. The filter criteria limit the scope of a subscription to a subset of registry records.

OID 1.3.6.1.1.10.4.39
Names uddiv3SubscriptionFilter
Description UDDIv3 Subscription Filter
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.500. uddiv3SubscriptionKey

The value of this attribute holds a unique, UDDIv3 identifier for a subscription entity.

OID 1.3.6.1.1.10.4.38
Names uddiv3SubscriptionKey
Description UDDIv3 Subscription unique identifier
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.501. uddiv3TModelKey

The value of this attribute holds a unique, UDDIv3 identifier for a template model.

OID 1.3.6.1.1.10.4.34
Names uddiv3TModelKey
Description UDDIv3 TModel unique identifier
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed true
Usage userApplications
Origin RFC 4403
Schema File 03-uddiv3.ldif

1.502. uid

Computer system login names associated with the entry.

Example: bjensen, root.

OID 0.9.2342.19200300.100.1.1
Names uid, userid
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.503. uidNumber

OID 1.3.6.1.1.1.1.0
Names uidNumber
Description An integer uniquely identifying a user in an administrative domain
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

1.504. unbindRequests

OID 1.3.6.1.4.1.36733.2.1.1.95
Names unbindRequests
Equality Matching Rule integerMatch
Ordering Matching Rule integerOrderingMatch
Substring Matching Rule caseExactSubstringsMatch
Syntax Integer
Single Value true
User Modification Allowed true
Usage userApplications
Origin OpenDJ Directory Server
Schema File 02-config.ldif

1.505. uniqueIdentifier

Unique identifier for a directory object. The semantics of uniqueness are defined locally for the directory, so the values are not necessarily universally unique identifiers, but might be a payroll number for an individual or a department code for an organizational unit.

OID 0.9.2342.19200300.100.1.44
Names uniqueIdentifier
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4524
Schema File 00-core.ldif

1.506. uniqueMember

Distinguished names of objects that are part of a group, where the RDN of the object includes a value to distinguish between names that have been reused.

OID 2.5.4.50
Names uniqueMember
Equality Matching Rule uniqueMemberMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax NameAndOptionalUID
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.507. userCertificate

X.509 certificate issued to the user, as described in X.509 clause 11.2.1.

Request and transfer values using the binary option for the attribute description, userCertificate;binary.

OID 2.5.4.36
Names userCertificate
Equality Matching Rule certificateExactMatch
Ordering Matching Rule octetStringOrderingMatch
Syntax Certificate
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4523
Schema File 00-core.ldif

1.508. userClass

Categories to refer to a computer or application user, such as full-time employee or contractor.

Similar attributes include organizationalStatus and title.

OID 0.9.2342.19200300.100.1.8
Names userClass
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4524
Schema File 00-core.ldif

1.509. userPassword

Octet string known only to the user and the system to which the user has access.

Applications should prepare textual strings used as passwords by transcoding them to Unicode, applying SASLprep as described in , and encoding as UTF-8. The client must determine whether a password is a textual string.

Passwords are not encrypted during transport. If the underlying transport is not secure, transmission can result in disclosure of the password to unauthorized parties.

OID 2.5.4.35
Names userPassword
Equality Matching Rule octetStringMatch
Ordering Matching Rule octetStringOrderingMatch
Syntax OctetString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.510. userPKCS12

PKCS#12 format personal identity information.

Request and transfer values using the binary option for the attribute description, userPKCS12;binary.

OID 2.16.840.1.113730.3.1.216
Names userPKCS12
Description PKCS #12 PFX PDU for exchange of personal identity information
Equality Matching Rule octetStringMatch
Ordering Matching Rule octetStringOrderingMatch
Syntax Binary
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 2798
Schema File 00-core.ldif

1.511. userSMIMECertificate

PKCS#7 SignedData, where the content signed is ignored by consumers of userSMIMECertificate values. PKCS#7 is described in .

A value holds the entire certificate chain and a smimeCapabilities field as described in . This attribute is preferred over userCertificate for S/MIME applications.

Values should have a data contentType and omit the content field.

Request and transfer values using the binary option for the attribute description, userSMIMECertificate;binary.

OID 2.16.840.1.113730.3.1.40
Names userSMIMECertificate
Description PKCS#7 SignedData used to support S/MIME
Equality Matching Rule octetStringMatch
Ordering Matching Rule octetStringOrderingMatch
Syntax Binary
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 2798
Schema File 00-core.ldif

1.512. vendorName

Name of the party who implemented this LDAP server.

Access to this attribute may be restricted, so client applications must not expect this attribute to be available.

OID 1.3.6.1.1.4
Names vendorName
Equality Matching Rule caseExactIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed false
Usage dSAOperation
Origin RFC 3045
Schema File 00-core.ldif

1.513. vendorVersion

Version of this LDAP server implementation, which must be unique between two versions.

Access to this attribute may be restricted, so client applications must not expect this attribute to be available.

OID 1.3.6.1.1.5
Names vendorVersion
Equality Matching Rule caseExactIA5Match
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value true
User Modification Allowed false
Usage dSAOperation
Origin RFC 3045
Schema File 00-core.ldif

1.514. winAccountName

OID 1.3.6.1.4.1.42.2.27.5.1.62
Names winAccountName
Description Windows user or group Name corresponding to a Unix user or group
Equality Matching Rule caseIgnoreMatch
Ordering Matching Rule caseIgnoreOrderingMatch
Substring Matching Rule caseIgnoreSubstringsMatch
Syntax DirectoryString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin Solaris Specific
Schema File 05-solaris.ldif

1.515. x121Address

Data network address as defined by ITU Recommendation X.121.

OID 2.5.4.24
Names x121Address
Equality Matching Rule numericStringMatch
Ordering Matching Rule numericStringOrderingMatch
Substring Matching Rule numericStringSubstringsMatch
Syntax NumericString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

1.516. x500UniqueIdentifier

Binary string used to distinguish between objects that reuse the same distinguished name.

OID 2.5.4.45
Names x500UniqueIdentifier
Equality Matching Rule bitStringMatch
Syntax BitString
Single Value false: multiple values allowed
User Modification Allowed true
Usage userApplications
Origin RFC 4519
Schema File 00-core.ldif

Chapter 2. DIT Content Rules

None defined in the default LDAP schema.

Chapter 3. DIT Structure Rules

3.1. uddiAddressStructureRule

Rule ID 3
Names uddiAddressStructureRule
Name Form uddiAddressNameForm
Superior Rules uddiContactStructureRule
Origin RFC 4403
Schema File 03-uddiv3.ldif

3.2. uddiBindingTemplateStructureRule

Rule ID 5
Names uddiBindingTemplateStructureRule
Name Form uddiBindingTemplateNameForm
Superior Rules uddiBusinessServiceStructureRule
Origin RFC 4403
Schema File 03-uddiv3.ldif

3.3. uddiBusinessEntityStructureRule

Rule ID 1
Names uddiBusinessEntityStructureRule
Name Form uddiBusinessEntityNameForm
Origin RFC 4403
Schema File 03-uddiv3.ldif

3.4. uddiBusinessServiceStructureRule

Rule ID 4
Names uddiBusinessServiceStructureRule
Name Form uddiBusinessServiceNameForm
Superior Rules uddiBusinessEntityStructureRule
Origin RFC 4403
Schema File 03-uddiv3.ldif

3.5. uddiContactStructureRule

Rule ID 2
Names uddiContactStructureRule
Name Form uddiContactNameForm
Superior Rules uddiBusinessEntityStructureRule
Origin RFC 4403
Schema File 03-uddiv3.ldif

3.6. uddiPublisherAssertionStructureRule

Rule ID 8
Names uddiPublisherAssertionStructureRule
Name Form uddiPublisherAssertionNameForm
Origin RFC 4403
Schema File 03-uddiv3.ldif

3.7. uddiTModelInstanceInfoStructureRule

Rule ID 6
Names uddiTModelInstanceInfoStructureRule
Name Form uddiTModelInstanceInfoNameForm
Superior Rules uddiBindingTemplateStructureRule
Origin RFC 4403
Schema File 03-uddiv3.ldif

3.8. uddiTModelStructureRule

Rule ID 7
Names uddiTModelStructureRule
Name Form uddiTModelNameForm
Origin RFC 4403
Schema File 03-uddiv3.ldif

3.9. uddiv3EntityObituaryStructureRule

Rule ID 10
Names uddiv3EntityObituaryStructureRule
Name Form uddiv3EntityObituaryNameForm
Origin RFC 4403
Schema File 03-uddiv3.ldif

3.10. uddiv3SubscriptionStructureRule

Rule ID 9
Names uddiv3SubscriptionStructureRule
Name Form uddiv3SubscriptionNameForm
Origin RFC 4403
Schema File 03-uddiv3.ldif

Chapter 4. Matching Rule Uses

None defined in the default LDAP schema.

Chapter 5. Matching Rules

5.1. 1.3.6.1.4.1.26027.1.4.8.1.3.6.1.4.1.26027.1.3.6

OID 1.3.6.1.4.1.26027.1.4.8.1.3.6.1.4.1.26027.1.3.6
Description Collective Conflict Behavior enumeration ordering matching rule
Syntax CollectiveConflictBehavior
Origin OpenDJ X-ENUM Syntax

5.2. authPasswordExactMatch

Compares an asserted authPasswordSyntax value with an authPasswordSyntax attribute's value.

The rule evaluates to TRUE if and only if there is an attribute value with the same scheme, authInfo, and authValue as the asserted value. The rule evaluates to FALSE if no attribute value has the same components. Otherwise, the rule evaluates to Undefined.

OID 1.3.6.1.4.1.4203.1.2.2
Names authPasswordExactMatch
Description authentication password exact matching rule
Syntax AuthenticationPasswordSyntax
Origin RFC 3112

5.3. authPasswordMatch

Compares an asserted authPasswordSyntax value with an authPasswordSyntax attribute's value when an extensibleMatch filter component is used. Each value is matched according to its scheme.

The rule evaluates to TRUE if and only if there is an attribute value that matches the asserted value. The rule evaluates to FALSE if no attribute value matches. Otherwise, the rule evaluates to Undefined.

OID 1.3.6.1.4.1.4203.1.2.3
Names authPasswordMatch
Description authentication password matching rule
Syntax AuthenticationPasswordSyntax

5.4. bitStringMatch

Compares an assertion of Bit String syntax to a value whose syntax is the ASN.1 BIT STRING type.

If the ASN.1 type does not have a named bit list, the rule evaluates to TRUE if and only if the assertion and value have the same number of bits, and each bit matches. Otherwise, the same rules apply, but trailing zero bits are ignored.

OID 2.5.13.16
Names bitStringMatch
Syntax BitString
Origin RFC 4517

5.5. booleanMatch

Compares an assertion of Boolean syntax to a value whose syntax is the ASN.1 BOOLEAN type.

The rule evaluates to TRUE if and only if the assertion and value are either both TRUE, or both FALSE.

OID 2.5.13.13
Names booleanMatch
Syntax Boolean
Origin RFC 4517

5.6. caseExactIA5Match

Compares an assertion of IA5 String syntax to a value whose syntax is the ASN.1 IA5String type.

The rule evaluates to TRUE if and only if the prepared attribute value string and prepared assertion value string have the same number of characters, and corresponding characters have the same code point. For the comparison, characters are not case folded, and only insignificant white space handling is applied.

OID 1.3.6.1.4.1.1466.109.114.1
Names caseExactIA5Match
Syntax IA5String
Origin RFC 4517

5.7. caseExactIA5SubstringsMatch

Compares an assertion of Substring Assertion syntax to a value whose syntax is the ASN.1 IA5String type, or one of the alternative types.

The rule evaluates to TRUE if and only if:

  1. The prepared substrings in the assertion value match disjoint portions of the prepared attribute value string in the order they occur in the attribute value.

  2. An initial substring in the assertion value, if present, matches the beginning of the attribute value string.

  3. A final substring in the assertion value, if present, matches the end of the attribute value string.

Strings match when their characters correspond at each code point. For the comparison, characters are not case folded, and only insignificant white space handling is applied.

OID 1.3.6.1.4.1.26027.1.4.902
Names caseExactIA5SubstringsMatch
Syntax SubstringAssertion
Origin RFC 4517

5.8. caseExactJsonQueryMatch

OID 1.3.6.1.4.1.36733.2.1.4.2
Names caseExactJsonQueryMatch
Syntax JsonQuery
Origin OpenDJ Directory Server

5.9. caseExactMatch

Compares an assertion of Directory String syntax to a value whose syntax is the ASN.1 DirectoryString type, or one of the alternative types.

The rule evaluates to TRUE if and only if the prepared attribute value string and prepared assertion value string have the same number of characters, and corresponding characters have the same code point. For the comparison, characters are not case folded, and only insignificant white space handling is applied.

OID 2.5.13.5
Names caseExactMatch
Syntax DirectoryString
Origin RFC 4517

5.10. caseExactOrderingMatch

Compares an assertion of Directory String syntax to a value whose syntax is the ASN.1 DirectoryString type, or one of the alternative types.

The rule evaluates to TRUE if and only if the prepared attribute value string is less than prepared assertion value string according to the code point collation order. For the comparison, characters are not case folded, and only insignificant white space handling is applied.

OID 2.5.13.6
Names caseExactOrderingMatch
Syntax DirectoryString
Origin RFC 4517

5.11. caseExactSubstringsMatch

Compares an assertion of Substring Assertion syntax to a value whose syntax is the ASN.1 DirectoryString type, or one of the alternative types.

The rule evaluates to TRUE if and only if:

  1. The prepared substrings in the assertion value match disjoint portions of the prepared attribute value string in the order they occur in the attribute value.

  2. An initial substring in the assertion value, if present, matches the beginning of the attribute value string.

  3. A final substring in the assertion value, if present, matches the end of the attribute value string.

Strings match when their characters correspond at each code point. For the comparison, characters are not case folded, and only insignificant white space handling is applied.

OID 2.5.13.7
Names caseExactSubstringsMatch
Syntax SubstringAssertion
Origin RFC 4517

5.12. caseIgnoreIA5Match

Compares an assertion of IA5 String syntax to a value whose syntax is the ASN.1 IA5String type.

The rule evaluates to TRUE if and only if the prepared attribute value string and prepared assertion value string have the same number of characters, and corresponding characters have the same code point. For the comparison, characters are case folded, and only insignificant white space handling is applied.

OID 1.3.6.1.4.1.1466.109.114.2
Names caseIgnoreIA5Match
Syntax IA5String
Origin RFC 4517

5.13. caseIgnoreIA5SubstringsMatch

Compares an assertion of Substring Assertion syntax to a value whose syntax is the ASN.1 IA5String type, or one of the alternative types.

The rule evaluates to TRUE if and only if:

  1. The prepared substrings in the assertion value match disjoint portions of the prepared attribute value string in the order they occur in the attribute value.

  2. An initial substring in the assertion value, if present, matches the beginning of the attribute value string.

  3. A final substring in the assertion value, if present, matches the end of the attribute value string.

Strings match when their characters correspond at each code point. For the comparison, characters are case folded, and only insignificant white space handling is applied.

OID 1.3.6.1.4.1.1466.109.114.3
Names caseIgnoreIA5SubstringsMatch
Syntax SubstringAssertion
Origin RFC 4517

5.14. caseIgnoreJsonQueryMatch

OID 1.3.6.1.4.1.36733.2.1.4.1
Names caseIgnoreJsonQueryMatch
Syntax JsonQuery
Origin OpenDJ Directory Server

5.15. caseIgnoreListMatch

Compares an assertion that is a sequence of strings to a value whose syntax is an ASN.1 SEQUENCE OF the DirectoryString type.

The rule evaluates to TRUE if and only if the attribute value and the assertion value have the same number of strings, and corresponding strings match according to the caseIgnoreMatch matching rule.

OID 2.5.13.11
Names caseIgnoreListMatch
Syntax PostalAddress
Origin RFC 4517

5.16. caseIgnoreListSubstringsMatch

Compares an assertion value of the Substring Assertion syntax to a value whose syntax is an ASN.1 SEQUENCE OF the DirectoryString type.

The rule evaluates to TRUE if and only if the assertion value matches the concatenated strings of the attribute value, where none of the initial, any, or final substrings match if they span more than one of the original attribute value strings. The match is evaluated according to the caseIgnoreSubstringsMatch rule.

OID 2.5.13.12
Names caseIgnoreListSubstringsMatch
Syntax SubstringAssertion
Origin RFC 4517

5.17. caseIgnoreMatch

Compares an assertion of Directory String syntax to a value whose syntax is the ASN.1 DirectoryString type, or one of the alternative types.

The rule evaluates to TRUE if and only if the prepared attribute value string and prepared assertion value string have the same number of characters, and corresponding characters have the same code point. For the comparison, characters are case folded, and only insignificant white space handling is applied.

OID 2.5.13.2
Names caseIgnoreMatch
Syntax DirectoryString
Origin RFC 4517

5.18. caseIgnoreOrderingMatch

Compares an assertion of Directory String syntax to a value whose syntax is the ASN.1 DirectoryString type, or one of the alternative types.

The rule evaluates to TRUE if and only if the prepared attribute value string is less than prepared assertion value string according to the code point collation order. For the comparison, characters are case folded, and only insignificant white space handling is applied.

OID 2.5.13.3
Names caseIgnoreOrderingMatch
Syntax DirectoryString
Origin RFC 4517

5.19. caseIgnoreSubstringsMatch

Compares an assertion of Substring Assertion syntax to a value whose syntax is the ASN.1 DirectoryString type, or one of the alternative types.

The rule evaluates to TRUE if and only if:

  1. The prepared substrings in the assertion value match disjoint portions of the prepared attribute value string in the order they occur in the attribute value.

  2. An initial substring in the assertion value, if present, matches the beginning of the attribute value string.

  3. A final substring in the assertion value, if present, matches the end of the attribute value string.

Strings match when their characters correspond at each code point. For the comparison, characters are case folded, and only insignificant white space handling is applied.

OID 2.5.13.4
Names caseIgnoreSubstringsMatch
Syntax SubstringAssertion
Origin RFC 4517

5.20. certificateExactMatch

Compares a certificate exact assertion value with an attribute value of certificate syntax.

OID 2.5.13.34
Names certificateExactMatch
Syntax CertificateExactAssertion
Origin RFC 4523

5.21. directoryStringFirstComponentMatch

Compares an assertion value of DirectoryString syntax to a value whose syntax is an ASN.1 SEQUENCE with a mandatory first component of the ASN.1 DirectoryString type.

The rule evaluates to TRUE if and only if the assertion value matches the first component of the attribute value according to the caseIgnoreMatch matching rule.

OID 2.5.13.31
Names directoryStringFirstComponentMatch
Syntax DirectoryString
Origin RFC 4517

5.22. distinguishedNameMatch

Compares an assertion value of DN syntax to a value whose syntax is an ASN.1 DistinguishedName type.

The rule evaluates to TRUE if and only if the assertion value and the attribute value have the same number of RDNs, and the RDNs in the same position are the same. Two RDNs are the same if and only if they have the same number of attribute value assertions (AVA), and each AVA of the first RDN is the same as the AVA of the second RDN with the same attribute type, according to the equality matching rule for the attribute type. Order of AVAs is not significant. If one or more AVAs evaluate to Undefined, and the remaining AVAs evaluate to TRUE, then the distinguishedNameMatch evaluates to Undefined.

OID 2.5.13.1
Names distinguishedNameMatch
Syntax DN
Origin RFC 4517

5.23. ds-mr-double-metaphone-approx

OID 1.3.6.1.4.1.26027.1.4.1
Names ds-mr-double-metaphone-approx
Description Double Metaphone Approximate Match
Syntax DirectoryString
Origin OpenDS Directory Server

5.24. ds-mr-user-password-equality

OID 1.3.6.1.4.1.26027.1.4.3
Names ds-mr-user-password-equality
Description user password matching rule
Syntax OctetString

5.25. ds-mr-user-password-exact

OID 1.3.6.1.4.1.26027.1.4.2
Names ds-mr-user-password-exact
Description user password exact matching rule
Syntax UserPassword
Origin OpenDS Directory Server

5.26. generalizedTimeMatch

Compares an assertion value of Generalized Time syntax to a value whose syntax is an ASN.1 GeneralizedTime type.

The rule evaluates to TRUE if and only if the attribute value represents a universal coordinated time that is the same as the assertion value.

OID 2.5.13.27
Names generalizedTimeMatch
Syntax GeneralizedTime
Origin RFC 4517

5.27. generalizedTimeOrderingMatch

Compares an assertion value of Generalized Time syntax to a value whose syntax is an ASN.1 GeneralizedTime type.

The rule evaluates to TRUE if and only if the attribute value represents a universal coordinated time that is earlier than the assertion value.

OID 2.5.13.28
Names generalizedTimeOrderingMatch
Syntax GeneralizedTime
Origin RFC 4517

5.28. historicalCsnOrderingMatch

OID 1.3.6.1.4.1.26027.1.4.4
Names historicalCsnOrderingMatch
Syntax OctetString

5.29. historicalCsnRangeMatch

OID 1.3.6.1.4.1.36733.2.1.4.3
Names historicalCsnRangeMatch
Syntax DirectoryString

5.30. integerFirstComponentMatch

Compares an assertion value of Integer syntax to a value whose syntax is an ASN.1 SEQUENCE with a mandatory first component of the ASN.1 INTEGER type.

The rule evaluates to TRUE if and only if the assertion value and the first component of the attribute value are the same integer value.

OID 2.5.13.29
Names integerFirstComponentMatch
Syntax Integer
Origin RFC 4517

5.31. integerMatch

Compares an assertion value of Integer syntax to a value whose syntax is the ASN.1 INTEGER type.

The rule evaluates to TRUE if and only if the assertion value and the attribute value are the same integer value.

OID 2.5.13.14
Names integerMatch
Syntax Integer
Origin RFC 4517

5.32. integerOrderingMatch

Compares an assertion value of Integer syntax to a value whose syntax is the ASN.1 INTEGER type.

The rule evaluates to TRUE if and only if the integer value of the assertion is less than the integer value of the attribute.

OID 2.5.13.15
Names integerOrderingMatch
Syntax Integer
Origin RFC 4517

5.33. keywordMatch

Compares an assertion value of Directory String syntax to a value whose syntax is the ASN.1 DirectoryString type.

The rule evaluates to TRUE if and only if the assertion value character string matches a keyword in the attribute value, where keyword matches are implementation defined.

In this implementation, a keyword match occurs if the assertion value is contained within the attribute value, and the assertion value is bounded by the start or the end of the attribute value or any of the following characters:

  • A space

  • A period

  • A comma

  • A slash

  • A dollar sign

  • A plus sign

  • A dash

  • An underscore

  • An octothorpe (#)

  • An equal sign

OID 2.5.13.33
Names keywordMatch
Syntax DirectoryString
Origin RFC 4517

5.34. numericStringMatch

Compares an assertion of Numeric String syntax to a value whose syntax is the ASN.1 NumericString type.

The rule evaluates to TRUE if and only if the prepared attribute value string and prepared assertion value string have the same number of characters, and corresponding characters have the same code point. For the comparison, characters are not case folded, and only insignificant white space handling is applied.

OID 2.5.13.8
Names numericStringMatch
Syntax NumericString
Origin RFC 4517

5.35. numericStringOrderingMatch

Compares an assertion of Numeric String syntax to a value whose syntax is the ASN.1 NumericString type.

The rule evaluates to TRUE if and only if the prepared attribute value string is less than prepared assertion value string according to the code point collation order. For the comparison, characters are not case folded, and only insignificant white space handling is applied. All space characters are skipped during rule evaluation.

OID 2.5.13.9
Names numericStringOrderingMatch
Syntax NumericString
Origin RFC 4517

5.36. numericStringSubstringsMatch

Compares an assertion of Numeric String syntax to a value whose syntax is the ASN.1 NumericString type.

The rule evaluates to TRUE if and only if:

  1. The prepared substrings in the assertion value match disjoint portions of the prepared attribute value string in the order they occur in the attribute value.

  2. An initial substring in the assertion value, if present, matches the beginning of the attribute value string.

  3. A final substring in the assertion value, if present, matches the end of the attribute value string.

Strings match when their characters correspond at each code point. For the comparison, characters are not case folded, and only insignificant white space handling is applied.

OID 2.5.13.10
Names numericStringSubstringsMatch
Syntax SubstringAssertion
Origin RFC 4517

5.37. objectIdentifierFirstComponentMatch

Compares an assertion value of OID syntax to a value whose syntax is an ASN.1 SEQUENCE with a mandatory first component of the ASN.1 OBJECT IDENTIFIER type.

The rule evaluates to TRUE if and only if the assertion value matches the first component of the attribute value according to the objectIdentifierMatch matching rule.

OID 2.5.13.30
Names objectIdentifierFirstComponentMatch
Syntax OID
Origin RFC 4517

5.38. objectIdentifierMatch

Compares an assertion value of OID syntax to a value whose syntax is the ASN.1 OBJECT IDENTIFIER type.

The rule evaluates to TRUE if and only if the assertion value and the attribute value represent the same object identifier value, that is, the same sequence of integers.

OID 2.5.13.0
Names objectIdentifierMatch
Syntax OID
Origin RFC 4517

5.39. octetStringMatch

Compares an assertion value of Octet String syntax to a value whose syntax is the ASN.1 OCTET STRING type.

The rule evaluates to TRUE if and only if the assertion value and the attribute value are of the same length, and corresponding octets are the same.

OID 2.5.13.17
Names octetStringMatch
Syntax OctetString
Origin RFC 4517

5.40. octetStringOrderingMatch

Compares an assertion value of Octet String syntax to a value whose syntax is the ASN.1 OCTET STRING type.

The rule evaluates to TRUE if and only if the assertion value is less than the attribute value according to the collation order. Octets are compared from the first octet to the last octet, and within octets from the most significant bit to the least significant bit.

OID 2.5.13.18
Names octetStringOrderingMatch
Syntax OctetString
Origin RFC 4517

5.41. octetStringSubstringsMatch

OID 2.5.13.19
Names octetStringSubstringsMatch
Syntax OctetString
Origin X.500

5.42. partialDateAndTimeMatchingRule

OID 1.3.6.1.4.1.26027.1.4.7
Names partialDateAndTimeMatchingRule
Description partial date and time matching
Syntax GeneralizedTime
Origin OpenDS Directory Server

5.43. presentationAddressMatch

This rule behaves exactly like the caseIgnoreMatch rule.

OID 2.5.13.22
Names presentationAddressMatch
Syntax PresentationAddress
Origin RFC 2252

5.44. protocolInformationMatch

This rule behaves exactly like the caseIgnoreMatch rule.

OID 2.5.13.24
Names protocolInformationMatch
Syntax ProtocolInformation
Origin RFC 2252

5.45. relativeTimeGTOrderingMatch

OID 1.3.6.1.4.1.26027.1.4.5
Names relativeTimeGTOrderingMatch, relativeTimeOrderingMatch.gt
Description greater-than relative time for time-based searches
Syntax GeneralizedTime
Origin OpenDS Directory Server

5.46. relativeTimeLTOrderingMatch

OID 1.3.6.1.4.1.26027.1.4.6
Names relativeTimeLTOrderingMatch, relativeTimeOrderingMatch.lt
Description less-than relative time for time-based searches
Syntax GeneralizedTime
Origin OpenDS Directory Server

5.47. telephoneNumberMatch

Compares an assertion value of Telephone Number syntax to a value whose syntax is an ASN.1 PrintableString representing a telephone number.

The rule evaluates to TRUE if and only if the assertion value and the attribute value are of the same length, and corresponding octets are the same. For the comparison, characters are case folded, and only telephoneNumber insignificant white space handling is applied.

OID 2.5.13.20
Names telephoneNumberMatch
Syntax TelephoneNumber
Origin RFC 4517

5.48. telephoneNumberSubstringsMatch

Compares an assertion of Substring Assertion syntax to a value whose syntax is an ASN.1 PrintableString representing a telephone number.

The rule evaluates to TRUE if and only if:

  1. The prepared substrings in the assertion value match disjoint portions of the prepared attribute value string in the order they occur in the attribute value.

  2. An initial substring in the assertion value, if present, matches the beginning of the attribute value string.

  3. A final substring in the assertion value, if present, matches the end of the attribute value string.

Strings match when their characters correspond at each code point. For the comparison, characters are case folded, and only telephoneNumber insignificant white space handling is applied.

OID 2.5.13.21
Names telephoneNumberSubstringsMatch
Syntax SubstringAssertion
Origin RFC 4517

5.49. uniqueMemberMatch

Compares an assertion value of Name And Optional UID syntax to a value whose syntax is an ASN.1 NameAndOptionalUID type.

The rule evaluates to TRUE if and only if The distinguished name components of the assertion value and the attribute value match according to the distinguishedNameMatch rule, and either of the following are true:

  • The bit string component is absent from both values.

  • The bit string components are present in both values, and they match according to the bitStringMatch rule.

OID 2.5.13.23
Names uniqueMemberMatch
Syntax NameAndOptionalUID
Origin RFC 4517

5.50. uuidMatch

Compares an asserted UUID with a stored UUID for equality.

This rule uses the same semantics as octetStringMatch, except the assertion value is encoded using the UUID string representation, rather than the normal OCTET STRING string representation.

OID 1.3.6.1.1.16.2
Names uuidMatch
Syntax UUID
Origin RFC 4530

5.51. uuidOrderingMatch

Compares an asserted UUID with a stored UUID for ordering.

This rule uses the same semantics as octetStringOrderingMatch, except the assertion value is encoded using the UUID string representation, rather than the normal OCTET STRING string representation.

UUIDs do not necessarily have a natural ordering. Servers are not required to assign UUIDs in any particular order.

OID 1.3.6.1.1.16.3
Names uuidOrderingMatch
Syntax UUID
Origin RFC 4530

5.52. wordMatch

Compares an assertion value of Directory String syntax to a value whose syntax is the ASN.1 DirectoryString type.

The rule evaluates to TRUE if and only if the assertion value character string matches a word in the attribute value, according to the semantics of the caseIgnoreMatch rule.

In this implementation, a word match occurs if the assertion value is contained within the attribute value, and the assertion value is bounded by the start or the end of the attribute value or any of the following characters:

  • A space

  • A period

  • A comma

  • A slash

  • A dollar sign

  • A plus sign

  • A dash

  • An underscore

  • An octothorpe (#)

  • An equal sign

OID 2.5.13.32
Names wordMatch
Syntax DirectoryString
Origin RFC 4517

Chapter 6. Name Forms

6.1. uddiAddressNameForm

This name form defines the naming attribute for an address.

OID 1.3.6.1.1.10.15.3
Names uddiAddressNameForm
Structural Object Class uddiAddress
Required Attributes uddiUUID
Origin RFC 4403
Schema File 03-uddiv3.ldif

6.2. uddiBindingTemplateNameForm

This name form defines the naming attribute for a binding template.

OID 1.3.6.1.1.10.15.5
Names uddiBindingTemplateNameForm
Structural Object Class uddiBindingTemplate
Required Attributes uddiBindingKey
Origin RFC 4403
Schema File 03-uddiv3.ldif

6.3. uddiBusinessEntityNameForm

This name form defines the naming attribute for a business entity.

OID 1.3.6.1.1.10.15.1
Names uddiBusinessEntityNameForm
Structural Object Class uddiBusinessEntity
Required Attributes uddiBusinessKey
Origin RFC 4403
Schema File 03-uddiv3.ldif

6.4. uddiBusinessServiceNameForm

This name form defines the naming attribute for a business service.

OID 1.3.6.1.1.10.15.4
Names uddiBusinessServiceNameForm
Structural Object Class uddiBusinessService
Required Attributes uddiServiceKey
Origin RFC 4403
Schema File 03-uddiv3.ldif

6.5. uddiContactNameForm

This name form defines the naming attribute for a contact.

OID 1.3.6.1.1.10.15.2
Names uddiContactNameForm
Structural Object Class uddiContact
Required Attributes uddiUUID
Origin RFC 4403
Schema File 03-uddiv3.ldif

6.6. uddiPublisherAssertionNameForm

This name form defines the naming attribute for a publisher assertion.

OID 1.3.6.1.1.10.15.8
Names uddiPublisherAssertionNameForm
Structural Object Class uddiPublisherAssertion
Required Attributes uddiUUID
Origin RFC 4403
Schema File 03-uddiv3.ldif

6.7. uddiTModelInstanceInfoNameForm

This name form defines the naming attribute for a template model instance information object.

OID 1.3.6.1.1.10.15.6
Names uddiTModelInstanceInfoNameForm
Structural Object Class uddiTModelInstanceInfo
Required Attributes uddiTModelKey
Origin RFC 4403
Schema File 03-uddiv3.ldif

6.8. uddiTModelNameForm

This name form defines the naming attribute for a name form.

OID 1.3.6.1.1.10.15.7
Names uddiTModelNameForm
Structural Object Class uddiTModel
Required Attributes uddiTModelKey
Origin RFC 4403
Schema File 03-uddiv3.ldif

6.9. uddiv3EntityObituaryNameForm

This name form defines the naming attribute for an entry obituary.

OID 1.3.6.1.1.10.15.10
Names uddiv3EntityObituaryNameForm
Structural Object Class uddiv3EntityObituary
Required Attributes uddiUUID
Origin RFC 4403
Schema File 03-uddiv3.ldif

6.10. uddiv3SubscriptionNameForm

This name form defines the naming attribute for a subscription.

OID 1.3.6.1.1.10.15.9
Names uddiv3SubscriptionNameForm
Structural Object Class uddiv3Subscription
Required Attributes uddiUUID
Origin RFC 4403
Schema File 03-uddiv3.ldif

Chapter 7. Object Classes

7.1. account

Entries of this object class represent computer accounts.

Use uid as the naming attribute.

OID 0.9.2342.19200300.100.4.5
Names account
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes objectClass, uid
Optional Attributes description, host, l, o, ou, seeAlso
Origin RFC 4524
Schema File 00-core.ldif

7.2. alias

Entry pointing to another entry, using an aliasedObjectName attribute value.

An alias name is an alternative name for an entry. Alias objects are leaf entries (no subordinates).

ForgeRock servers do not support alias dereferencing.

OID 2.5.6.1
Names alias
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes aliasedObjectName, objectClass
Origin RFC 4512
Schema File 00-core.ldif

7.3. applicationEntity

Represents an OSI application.

OID 2.5.6.12
Names applicationEntity
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, objectClass, presentationAddress
Optional Attributes description, l, o, ou, seeAlso, supportedApplicationContext
Origin RFC 2256
Schema File 00-core.ldif

7.4. applicationProcess

Represents an application executing in a computer system.

OID 2.5.6.11
Names applicationProcess
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, objectClass
Optional Attributes description, l, ou, seeAlso
Origin RFC 4519
Schema File 00-core.ldif

7.5. authPasswordObject

Entries of this class optionally contain authPassword attributes.

OID 1.3.6.1.4.1.4203.1.4.7
Names authPasswordObject
Description authentication password mix in class
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Optional Attributes authPassword
Origin RFC 3112
Schema File 03-rfc3112.ldif

7.6. automount

OID 1.3.6.1.1.1.2.17
Names automount
Description Automount information
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes automountInformation, automountKey, objectClass
Optional Attributes description
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

7.7. automountMap

OID 1.3.6.1.1.1.2.16
Names automountMap
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes automountMapName, objectClass
Optional Attributes description
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

7.8. bootableDevice

OID 1.3.6.1.1.1.2.12
Names bootableDevice
Description A device with boot parameters; device SHOULD be used as a structural class
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes objectClass
Optional Attributes bootFile, bootParameter
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

7.9. calEntry

Entry specifying locations for a calendaring and scheduling client to access a user's calendar and send event requests to the user.

OID 1.2.840.113556.1.5.87
Names calEntry
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes objectClass
Optional Attributes calCAPURI, calCalAdrURI, calCalURI, calFBURL, calOtherCAPURIs, calOtherCalAdrURIs, calOtherCalURIs, calOtherFBURLs
Origin RFC 2739
Schema File 03-rfc2739.ldif

7.10. certificationAuthority-V2

Object class for augmenting entries that act as certificate authorities, as described in X.521 clause 6.18.

This object class is deprecated. Use pkiCA instead.

OID 2.5.6.16.2
Names certificationAuthority-V2
Superior Classes certificationAuthority
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes authorityRevocationList, cACertificate, certificateRevocationList, objectClass
Optional Attributes crossCertificatePair, deltaRevocationList
Origin RFC 4523
Schema File 00-core.ldif

7.11. certificationAuthority

Object class for augmenting entries that act as certificate authorities, as described in X.521 clause 6.17.

This object class is deprecated. Use pkiCA instead.

OID 2.5.6.16
Names certificationAuthority
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes authorityRevocationList, cACertificate, certificateRevocationList, objectClass
Optional Attributes crossCertificatePair
Origin RFC 4523
Schema File 00-core.ldif

7.12. changeLogEntry

Entries of this object class represent changes made to a directory server. The set of changes made to a directory server is given by the set of all entries in the changelog, ordered by changeNumber.

Note The changeNumber is unique to a server, and not necessarily shared or synchronized across servers. The change numbers for ForgeRock servers can be synchronized using the dsreplication reset-change-number command. ForgeRock servers also provide an alternative changeLogCookie attribute, which can be used reliably across a replicated topology.

A client application may synchronize its local copy of directory data by reading the server's changelog for entries where the changeNumber is greater than or equal to the last change that the client read from the server. A server can, however, trim its changelog. If the last change read from the changelog is not returned in search results, the client application must fall back to rebuilding its entire copy of directory data.

OID 2.16.840.1.113730.3.2.1
Names changeLogEntry
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes changeNumber, changeTime, changeType, objectClass, targetDN
Optional Attributes changes, deleteOldRDN, newRDN, newSuperior
Origin draft-good-ldap-changelog
Schema File 03-changelog.ldif

7.13. collectiveAttributeSubentry

Subentry for allocating collective attributes, which are attributes that apply to a group of entries.

OID 2.5.17.2
Names collectiveAttributeSubentry
Description LDAP Collective Attributes Subentry class
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Origin RFC 3671
Schema File 00-core.ldif

7.14. container

Microsoft Active Directory object class for an entry used to contain other classes.

OID 1.2.840.113556.1.3.23
Names container
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, objectClass
Origin Microsoft Active Directory
Schema File 03-changelog.ldif

7.15. corbaContainer

Entry that contains a CORBA object.

OID 1.3.6.1.4.1.42.2.27.4.2.10
Names corbaContainer
Description Container for a CORBA object
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, objectClass
Origin RFC 2714
Schema File 03-rfc2714.ldif

7.16. corbaObject

Abstract parent for entries that represent CORBA objects.

OID 1.3.6.1.4.1.42.2.27.4.2.9
Names corbaObject
Description CORBA object representation
Superior Classes top
Class Type ABSTRACT: for use when defining other object classes.
Required Attributes objectClass
Optional Attributes corbaRepositoryId, description
Origin RFC 2714
Schema File 03-rfc2714.ldif

7.17. corbaObjectReference

Entry that represents a reference to a CORBA object.

OID 1.3.6.1.4.1.42.2.27.4.2.11
Names corbaObjectReference
Description CORBA interoperable object reference
Superior Classes corbaObject
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes corbaIor, objectClass
Optional Attributes corbaRepositoryId, description
Origin RFC 2714
Schema File 03-rfc2714.ldif

7.18. country

Represents a country.

OID 2.5.6.2
Names country
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes c, objectClass
Optional Attributes description, searchGuide
Origin RFC 4519
Schema File 00-core.ldif

7.19. cRLDistributionPoint

Object class for augmenting entries that act as certificate revocation list distribution points, as described in X.509 clause 11.1.3.

OID 2.5.6.19
Names cRLDistributionPoint
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, objectClass
Optional Attributes authorityRevocationList, certificateRevocationList, deltaRevocationList
Origin RFC 4523
Schema File 00-core.ldif

7.20. dcObject

Permits an entry to hold domain component information.

OID 1.3.6.1.4.1.1466.344
Names dcObject
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes dc, objectClass
Origin RFC 4519
Schema File 00-core.ldif

7.21. deltaCRL

Object class for augmenting entries that hold delta revocation lists, as described in X.509 clause 11.1.4.

OID 2.5.6.23
Names deltaCRL
Description X.509 delta CRL
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes objectClass
Optional Attributes deltaRevocationList
Origin RFC 4523
Schema File 00-core.ldif

7.22. device

Represents an appliance, computer, or network element.

OID 2.5.6.14
Names device
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, objectClass
Optional Attributes description, l, o, ou, owner, seeAlso, serialNumber
Origin RFC 4519
Schema File 00-core.ldif

7.23. dmd

Represents a Directory Management Domain, which is the administrative authority for this directory server.

OID 2.5.6.20
Names dmd
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes dmdName, objectClass
Optional Attributes businessCategory, description, destinationIndicator, facsimileTelephoneNumber, internationaliSDNNumber, l, physicalDeliveryOfficeName, postOfficeBox, postalAddress, postalCode, preferredDeliveryMethod, registeredAddress, searchGuide, seeAlso, st, street, telephoneNumber, teletexTerminalIdentifier, telexNumber, userPassword, x121Address
Origin RFC 2256
Schema File 00-core.ldif

7.24. dNSDomain

Entries of this object class represent DNS domains.

OID 0.9.2342.19200300.100.4.15
Names dNSDomain
Superior Classes domain
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes dc, objectClass
Optional Attributes aRecord, associatedName, businessCategory, cNAMERecord, description, destinationIndicator, facsimileTelephoneNumber, internationaliSDNNumber, l, mDRecord, mxRecord, nSRecord, o, physicalDeliveryOfficeName, postOfficeBox, postalAddress, postalCode, preferredDeliveryMethod, registeredAddress, sOARecord, searchGuide, seeAlso, st, street, telephoneNumber, teletexTerminalIdentifier, telexNumber, userPassword, x121Address
Origin RFC 1274
Schema File 00-core.ldif

7.25. document

Entries of this object class represent documents.

OID 0.9.2342.19200300.100.4.6
Names document
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes documentIdentifier, objectClass
Optional Attributes cn, description, documentAuthor, documentLocation, documentPublisher, documentTitle, documentVersion, l, o, ou, seeAlso
Origin RFC 4524
Schema File 00-core.ldif

7.26. documentSeries

Entries of this object class represent a series of documents.

OID 0.9.2342.19200300.100.4.9
Names documentSeries
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, objectClass
Optional Attributes description, l, o, ou, seeAlso, telephoneNumber
Origin RFC 4524
Schema File 00-core.ldif

7.27. domain

Entries of this object class represent DNS domains for entries that do not represent organizations or organizational units. For organizations or organizational units, see domainRelatedObject.

Use dc as the naming attribute.

OID 0.9.2342.19200300.100.4.13
Names domain
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes dc, objectClass
Optional Attributes associatedName, businessCategory, description, destinationIndicator, facsimileTelephoneNumber, internationaliSDNNumber, l, o, physicalDeliveryOfficeName, postOfficeBox, postalAddress, postalCode, preferredDeliveryMethod, registeredAddress, searchGuide, seeAlso, st, street, telephoneNumber, teletexTerminalIdentifier, telexNumber, userPassword, x121Address
Origin RFC 4524
Schema File 00-core.ldif

7.28. domainRelatedObject

Entries of this object class represent DNS domains that are equivalent to an X.500 domain, in other words an organization or organizational unit.

OID 0.9.2342.19200300.100.4.17
Names domainRelatedObject
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes associatedDomain, objectClass
Origin RFC 4524
Schema File 00-core.ldif

7.29. ds-certificate-user

Object class for a user or application entry with a digital certificate.

OID 1.3.6.1.4.1.26027.1.2.82
Names ds-certificate-user
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes objectClass
Optional Attributes ds-certificate-fingerprint, ds-certificate-subject-dn, userCertificate
Origin OpenDS Directory Server
Schema File 02-config.ldif

7.30. ds-root-dse

Object class for the server root DSE entry.

OID 1.3.6.1.4.1.26027.1.2.53
Names ds-root-dse
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes objectClass
Origin OpenDS Directory Server
Schema File 02-config.ldif

7.31. ds-virtual-static-group

Object class for an entry allowing a dynamic group to appear as a static group to applications.

OID 1.3.6.1.4.1.26027.1.2.98
Names ds-virtual-static-group
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes ds-target-group-dn, objectClass
Origin OpenDS Directory Server
Schema File 02-config.ldif

7.32. dSA

Represents a Directory Specific Agent, the part of a directory service that provides user agents access to directory data.

OID 2.5.6.13
Names dSA
Superior Classes applicationEntity
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, objectClass, presentationAddress
Optional Attributes description, knowledgeInformation, l, o, ou, seeAlso, supportedApplicationContext
Origin RFC 2256
Schema File 00-core.ldif

7.33. DUAConfigProfile

OID 1.3.6.1.4.1.11.1.3.1.2.5
Names DUAConfigProfile
Description Abstraction of a base configuration for a DUA
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, objectClass
Optional Attributes attributeMap, authenticationMethod, bindTimeLimit, credentialLevel, defaultSearchBase, defaultSearchScope, defaultServerList, dereferenceAliases, followReferrals, objectclassMap, preferredServerList, profileTTL, searchTimeLimit, serviceAuthenticationMethod, serviceCredentialLevel, serviceSearchDescriptor
Origin RFC 4876
Schema File 05-rfc4876.ldif

7.34. extensibleObject

Auxiliary object class that allows the entry to hold any user attribute.

Attributes required or precluded by other object classes are still required or precluded when this object class is present.

OID 1.3.6.1.4.1.1466.101.120.111
Names extensibleObject
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes objectClass
Optional Attributes All attributes
Origin RFC 4512
Schema File 00-core.ldif

7.35. friendlyCountry

Entries of this object class represent countries. This object class allows friendlier naming than allowed by the country object class.

OID 0.9.2342.19200300.100.4.18
Names friendlyCountry
Superior Classes country
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes c, co, objectClass
Optional Attributes description, searchGuide
Origin RFC 4524
Schema File 00-core.ldif

7.36. glue

DSEE object class for an entry restored due to a replication conflict.

OID 2.16.840.1.113730.3.2.30
Names glue
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes objectClass
Origin Sun Directory Server
Schema File 06-compat.ldif

7.37. groupOfEntries

This object class is like the standard groupOfNames object class, except that the member attribute is optional, making it possible to have an empty group.

Note The default schema defines groupOfNames as if it were groupOfEntries, making it possible to have an empty group. This is a deviation from the standard definition.

OID 1.2.826.0.1.3458854.2.1.1
Names groupOfEntries
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, objectClass
Optional Attributes businessCategory, description, member, o, ou, owner, seeAlso
Origin draft-findlay-ldap-groupofentries
Schema File 00-core.ldif

7.38. groupOfNames

Note The default schema defines groupOfNames as if it were groupOfEntries, making it possible to have an empty group. This is a deviation from the standard definition, as proposed in the LDAP groupOfEntries Internet-Draft.

OID 2.5.6.9
Names groupOfNames
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, objectClass
Optional Attributes businessCategory, description, member, o, ou, owner, seeAlso
Origin RFC 4519
Schema File 00-core.ldif

7.39. groupOfUniqueNames

Represents a set of named objects, like groupOfNames, including information relating to the purpose or maintenance of the set. Object names are not repeated or reassigned within the set.

OID 2.5.6.17
Names groupOfUniqueNames
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, objectClass
Optional Attributes businessCategory, description, o, ou, owner, seeAlso, uniqueMember
Origin RFC 4519
Schema File 00-core.ldif

7.40. groupOfURLs

Object class for a dynamic group.

OID 2.16.840.1.113730.3.2.33
Names groupOfURLs
Description Sun-defined objectclass
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, objectClass
Optional Attributes businessCategory, description, memberURL, o, ou, owner, seeAlso
Origin Sun Java System Directory Server
Schema File 00-core.ldif

7.41. ieee802Device

OID 1.3.6.1.1.1.2.11
Names ieee802Device
Description A device with a MAC address; device SHOULD be used as a structural class
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes objectClass
Optional Attributes macAddress
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

7.42. inetOrgPerson

A person object class for Internet and Intranet directory service deployments.

specifies this object class in detail.

Example:

dn: uid=bjensen,ou=People,dc=example,dc=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
uid: bjensen
ou: Product Development
ou: People
cn: Barbara Jensen
cn: Babs Jensen
givenname: Barbara
sn: Jensen
mail: bjensen@example.com
facsimiletelephonenumber: +1 408 555 1992
telephonenumber: +1 408 555 1862
preferredLanguage: en, ko;q=0.8
l: San Francisco
manager: uid=trigden, ou=People, dc=example,dc=com
roomnumber: 0209
userpassword: {SSHA512}PYiRbMHUSTvGQBnmebb6HOltQY/ghgoU3TDSu1QhYoMomreK4ole0jAaDlVa+2qQlzBoCBN/T0TRfzmGi2wiIBVshZfIW4RD
description: Babs Jensen's entry
    

7.43. inheritableLDAPSubEntry

OID 1.3.6.1.4.1.7628.5.6.1.1
Names inheritableLDAPSubEntry
Description Inheritable LDAP Subentry class, version 1
Superior Classes ldapSubEntry
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes inheritable, objectClass
Optional Attributes blockInheritance, cn
Origin draft-ietf-ldup-subentry
Schema File 00-core.ldif

7.44. inheritedCollectiveAttributeSubentry

Object class for specifying how collective attributes are inherited.

OID 1.3.6.1.4.1.26027.1.2.238
Names inheritedCollectiveAttributeSubentry
Description Inherited Collective Attributes Subentry class
Superior Classes subentry
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, inheritAttribute, objectClass, subtreeSpecification
Optional Attributes collectiveConflictBehavior
Origin OpenDS Directory Server
Schema File 00-core.ldif

7.45. inheritedFromDNCollectiveAttributeSubentry

Object class for specifying an entry from which a collective attribute is inherited.

OID 1.3.6.1.4.1.26027.1.2.239
Names inheritedFromDNCollectiveAttributeSubentry
Description Inherited from DN Collective Attributes Subentry class
Superior Classes inheritedCollectiveAttributeSubentry
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, inheritAttribute, inheritFromDNAttribute, objectClass, subtreeSpecification
Optional Attributes collectiveConflictBehavior
Origin OpenDS Directory Server
Schema File 00-core.ldif

7.46. inheritedFromRDNCollectiveAttributeSubentry

Object class for specifying a relative entry from which a collective attribute is inherited.

OID 1.3.6.1.4.1.26027.1.2.240
Names inheritedFromRDNCollectiveAttributeSubentry
Description Inherited from RDN Collective Attributes Subentry class
Superior Classes inheritedCollectiveAttributeSubentry
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, inheritAttribute, inheritFromBaseRDN, inheritFromRDNAttribute, inheritFromRDNType, objectClass, subtreeSpecification
Optional Attributes collectiveConflictBehavior
Origin OpenDS Directory Server
Schema File 00-core.ldif

7.47. ipHost

OID 1.3.6.1.1.1.2.6
Names ipHost
Description Abstraction of a host, an IP device. The distinguished value of the cn attribute denotes the canonical name of the host. Device SHOULD be used as a structural class
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes cn, ipHostNumber, objectClass
Optional Attributes authPassword, description, l, manager, userPassword
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

7.48. ipNetwork

OID 1.3.6.1.1.1.2.7
Names ipNetwork
Description Abstraction of a network. The distinguished value of the cn attribute denotes the canonical name of the network
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes ipNetworkNumber, objectClass
Optional Attributes cn, description, ipNetmaskNumber, l, manager
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

7.49. ipProtocol

OID 1.3.6.1.1.1.2.4
Names ipProtocol
Description Abstraction of an IP protocol. Maps a protocol number to one or more names. The distinguished value of the cn attribute denotes the canonical name of the protocol
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, ipProtocolNumber, objectClass
Optional Attributes description
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

7.50. ipService

OID 1.3.6.1.1.1.2.3
Names ipService
Description Abstraction an Internet Protocol service. Maps an IP port and protocol (such as tcp or udp) to one or more names; the distinguished value of the cn attribute denotes the canonical name of the service
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, ipServicePort, ipServiceProtocol, objectClass
Optional Attributes description
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

7.51. ipTnetHost

OID 1.3.6.1.4.1.42.2.27.5.2.9
Names ipTnetHost
Description Associates an IP address or wildcard with a TSOL template_name
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes ipTnetNumber, objectClass
Origin Solaris Specific
Schema File 05-solaris.ldif

7.52. ipTnetTemplate

OID 1.3.6.1.4.1.42.2.27.5.2.8
Names ipTnetTemplate
Description Object class for TSOL network templates
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes ipTnetTemplateName, objectClass
Optional Attributes SolarisAttrKeyValue
Origin Solaris Specific
Schema File 05-solaris.ldif

7.53. javaContainer

Entry that contains a Java object. The entry's form is specified by an auxiliary object class.

OID 1.3.6.1.4.1.42.2.27.4.2.1
Names javaContainer
Description Container for a Java object
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, objectClass
Origin RFC 2713
Schema File 03-rfc2713.ldif

7.54. javaMarshalledObject

Entry that represents a marshalled Java object.

OID 1.3.6.1.4.1.42.2.27.4.2.8
Names javaMarshalledObject
Description Java marshalled object
Superior Classes javaObject
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes javaClassName, javaSerializedData, objectClass
Optional Attributes description, javaClassNames, javaCodebase, javaDoc
Origin RFC 2713
Schema File 03-rfc2713.ldif

7.55. javaNamingReference

Entry that represents a JNDI reference to a Java object.

OID 1.3.6.1.4.1.42.2.27.4.2.7
Names javaNamingReference
Description JNDI reference
Superior Classes javaObject
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes javaClassName, objectClass
Optional Attributes description, javaClassNames, javaCodebase, javaDoc, javaFactory, javaReferenceAddress
Origin RFC 2713
Schema File 03-rfc2713.ldif

7.56. javaObject

Abstract parent for entries that represent Java objects.

OID 1.3.6.1.4.1.42.2.27.4.2.4
Names javaObject
Description Java object representation
Superior Classes top
Class Type ABSTRACT: for use when defining other object classes.
Required Attributes javaClassName, objectClass
Optional Attributes description, javaClassNames, javaCodebase, javaDoc
Origin RFC 2713
Schema File 03-rfc2713.ldif

7.57. javaSerializedObject

Entry that represents a serialized Java object.

OID 1.3.6.1.4.1.42.2.27.4.2.5
Names javaSerializedObject
Description Java serialized object
Superior Classes javaObject
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes javaClassName, javaSerializedData, objectClass
Optional Attributes description, javaClassNames, javaCodebase, javaDoc
Origin RFC 2713
Schema File 03-rfc2713.ldif

7.58. labeledURIObject

Class allowing a labeledURI attribute, which holds a URI with an optional label, as described in .

OID 1.3.6.1.4.1.250.3.15
Names labeledURIObject
Description object that contains the URI attribute type
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes objectClass
Optional Attributes labeledURI
Origin RFC 2079
Schema File 00-core.ldif

7.59. ldapSubEntry

LDAP subentries are analogous to operational attributes in that they are used by the server for administrative purposes. Examples include password policies, entries for allocating collective attributes, and the entry exposing directory schema.

Unlike entries in the server-specific configuration backend, Subentries are present in and replicated with user data. Modifying subentries nevertheless requires the subentry-write administrative privilege.

For details, see the Internet-Draft, .

OID 2.16.840.1.113719.2.142.6.1.1
Names ldapSubEntry
Description LDAP Subentry class, version 1
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes objectClass
Optional Attributes cn
Origin draft-ietf-ldup-subentry
Schema File 00-core.ldif

7.60. locality

The entry with this object class represents a place in the physical world.

OID 2.5.6.3
Names locality
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes objectClass
Optional Attributes description, l, searchGuide, seeAlso, st, street
Origin RFC 4519
Schema File 00-core.ldif

7.61. mailGroup

OID 2.16.840.1.113730.3.2.4
Names mailGroup
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes mail, objectClass
Optional Attributes cn, mgrpRFC822MailMember
Origin Solaris Specific
Schema File 05-solaris.ldif

7.62. namedObject

The namedObject structural object class is a placeholder. It is intended for use in entries that have auxiliary object classes, and for which there is no appropriate structural object class.

The Internet-Draft shows the example of a POSIX group entry:

dn: cn=wheel,ou=Groups,dc=padl,dc=com
objectClass: top
objectClass: namedObject
objectClass: posixGroup
cn: wheel
gidNumber: 0
memberUid: root
    
OID 1.3.6.1.4.1.5322.13.1.1
Names namedObject
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes objectClass
Optional Attributes cn
Origin draft-howard-namedobject
Schema File 00-core.ldif

7.63. nisDomainObject

OID 1.3.6.1.1.1.2.15
Names nisDomainObject
Description Associates a NIS domain with a naming context
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes nisDomain, objectClass
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

7.64. nisKeyObject

OID 1.3.6.1.1.1.2.14
Names nisKeyObject
Description An object with a public and secret key
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes cn, nisPublicKey, nisSecretKey, objectClass
Optional Attributes description, uidNumber
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

7.65. nisMailAlias

OID 1.3.6.1.4.1.42.2.27.1.2.5
Names nisMailAlias
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, objectClass
Optional Attributes rfc822mailMember
Origin Solaris Specific
Schema File 05-solaris.ldif

7.66. nisMap

OID 1.3.6.1.1.1.2.9
Names nisMap
Description A generic abstraction of a NIS map
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes nisMapName, objectClass
Optional Attributes description
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

7.67. nisNetgroup

OID 1.3.6.1.1.1.2.8
Names nisNetgroup
Description Abstraction of a netgroup. May refer to other netgroups
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, objectClass
Optional Attributes description, memberNisNetgroup, nisNetgroupTriple
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

7.68. nisNetId

OID 1.3.6.1.4.1.42.2.27.1.2.6
Names nisNetId
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, objectClass
Optional Attributes nisNetIdGroup, nisNetIdHost, nisNetIdUser
Origin Solaris Specific
Schema File 05-solaris.ldif

7.69. nisObject

OID 1.3.6.1.1.1.2.10
Names nisObject
Description An entry in a NIS map
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, nisMapEntry, nisMapName, objectClass
Optional Attributes description
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

7.70. nisplusTimeZoneData

OID 1.3.6.1.4.1.42.2.27.5.2.12
Names nisplusTimeZoneData
Description NIS+ timezone table data
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, objectClass
Optional Attributes description, nisplusTimeZone
Origin Solaris Specific
Schema File 05-solaris.ldif

7.71. oncRpc

OID 1.3.6.1.1.1.2.5
Names oncRpc
Description Abstraction of an Open Network Computing (ONC) [RFC1057] Remote Procedure Call (RPC) binding. This class maps an ONC RPC number to a name. The distinguished value of the cn attribute denotes the canonical name of the RPC service
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, objectClass, oncRpcNumber
Optional Attributes description
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

7.72. organization

The entry with this object class represents a structured group of people.

OID 2.5.6.4
Names organization
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes o, objectClass
Optional Attributes businessCategory, description, destinationIndicator, facsimileTelephoneNumber, internationaliSDNNumber, l, physicalDeliveryOfficeName, postOfficeBox, postalAddress, postalCode, preferredDeliveryMethod, registeredAddress, searchGuide, seeAlso, st, street, telephoneNumber, teletexTerminalIdentifier, telexNumber, userPassword, x121Address
Origin RFC 4519
Schema File 00-core.ldif

7.73. organizationalPerson

The entry with this object class represents a person in relation to an organization.

OID 2.5.6.7
Names organizationalPerson
Superior Classes person
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, objectClass, sn
Optional Attributes description, destinationIndicator, facsimileTelephoneNumber, internationaliSDNNumber, l, ou, physicalDeliveryOfficeName, postOfficeBox, postalAddress, postalCode, preferredDeliveryMethod, registeredAddress, seeAlso, st, street, telephoneNumber, teletexTerminalIdentifier, telexNumber, title, userPassword, x121Address
Origin RFC 4519
Schema File 00-core.ldif

7.74. organizationalRole

The entry with this object class represents a job, function, or position in an organization.

OID 2.5.6.8
Names organizationalRole
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, objectClass
Optional Attributes description, destinationIndicator, facsimileTelephoneNumber, internationaliSDNNumber, l, ou, physicalDeliveryOfficeName, postOfficeBox, postalAddress, postalCode, preferredDeliveryMethod, registeredAddress, roleOccupant, seeAlso, st, street, telephoneNumber, teletexTerminalIdentifier, telexNumber, x121Address
Origin RFC 4519
Schema File 00-core.ldif

7.75. organizationalUnit

The entry with this object class represents a piece of an organization.

OID 2.5.6.5
Names organizationalUnit
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes objectClass, ou
Optional Attributes businessCategory, description, destinationIndicator, facsimileTelephoneNumber, internationaliSDNNumber, l, physicalDeliveryOfficeName, postOfficeBox, postalAddress, postalCode, preferredDeliveryMethod, registeredAddress, searchGuide, seeAlso, st, street, telephoneNumber, teletexTerminalIdentifier, telexNumber, userPassword, x121Address
Origin RFC 4519
Schema File 00-core.ldif

7.76. person

The entry with this object class represents a human being.

OID 2.5.6.6
Names person
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, objectClass, sn
Optional Attributes description, seeAlso, telephoneNumber, userPassword
Origin RFC 4519
Schema File 00-core.ldif

7.77. pilotDSA

Object class assigning common attributes for COSINE and Internet X.500 pilot Directory System Agent (DSA) entries.

OID 0.9.2342.19200300.100.4.21
Names pilotDSA
Superior Classes dSA
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, dSAQuality, objectClass, presentationAddress
Optional Attributes description, knowledgeInformation, l, o, ou, seeAlso, supportedApplicationContext
Origin RFC 1274
Schema File 00-core.ldif

7.78. pilotObject

Object class assigning common attributes for COSINE and Internet X.500 pilot entries.

OID 0.9.2342.19200300.100.4.3
Names pilotObject
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes objectClass
Optional Attributes audio, dITRedirect, info, jpegPhoto, lastModifiedBy, lastModifiedTime, manager, photo, uniqueIdentifier
Origin RFC 1274
Schema File 00-core.ldif

7.79. pilotOrganization

Organization object class for COSINE and Internet X.500 pilot entries.

OID 0.9.2342.19200300.100.4.20
Names pilotOrganization
Superior Classes organization, organizationalUnit
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes o, objectClass, ou
Optional Attributes buildingName, businessCategory, description, destinationIndicator, facsimileTelephoneNumber, internationaliSDNNumber, l, physicalDeliveryOfficeName, postOfficeBox, postalAddress, postalCode, preferredDeliveryMethod, registeredAddress, searchGuide, seeAlso, st, street, telephoneNumber, teletexTerminalIdentifier, telexNumber, userPassword, x121Address
Origin RFC 1274
Schema File 00-core.ldif

7.80. pilotPerson

Person object class for COSINE and Internet X.500 pilot entries.

OID 0.9.2342.19200300.100.4.4
Names pilotPerson
Superior Classes person
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, objectClass, sn
Optional Attributes businessCategory, description, drink, homePhone, homePostalAddress, janetMailbox, mail, mailPreferenceOption, mobile, organizationalStatus, otherMailbox, pager, personalSignature, personalTitle, preferredDeliveryMethod, roomNumber, secretary, seeAlso, telephoneNumber, textEncodedORAddress, uid, userClass, userPassword
Origin RFC 1274
Schema File 00-core.ldif

7.81. pkiCA

Object class for augmenting entries that act as certificate authorities, as described in X.509 clause 11.1.2.

OID 2.5.6.22
Names pkiCA
Description X.509 PKI Certificate Authority
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes objectClass
Optional Attributes authorityRevocationList, cACertificate, certificateRevocationList, crossCertificatePair
Origin RFC 4523
Schema File 00-core.ldif

7.82. pkiUser

Object class for augmenting entries that may be subject to certificates, as described in X.509 clause 11.1.1.

OID 2.5.6.21
Names pkiUser
Description X.509 PKI User
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes objectClass
Optional Attributes userCertificate
Origin RFC 4523
Schema File 00-core.ldif

7.83. posixAccount

OID 1.3.6.1.1.1.2.0
Names posixAccount
Description Abstraction of an account with POSIX attributes
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes cn, gidNumber, homeDirectory, objectClass, uid, uidNumber
Optional Attributes authPassword, description, gecos, loginShell, userPassword
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

7.84. posixGroup

OID 1.3.6.1.1.1.2.2
Names posixGroup
Description Abstraction of a group of accounts
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes gidNumber, objectClass
Optional Attributes authPassword, description, memberUid, userPassword
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

7.86. printerIPP

OID 1.3.18.0.2.6.256
Names printerIPP
Description Internet Printing Protocol (IPP) information.
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes objectClass
Optional Attributes printer-ipp-versions-supported, printer-multiple-document-jobs-supported
Origin RFC 3712
Schema File 03-rfc3712.ldif

7.87. printerLPR

OID 1.3.18.0.2.6.253
Names printerLPR
Description LPR information.
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes objectClass, printer-name
Optional Attributes printer-aliases
Origin RFC 3712
Schema File 03-rfc3712.ldif

7.90. pwdPolicy

Password policy that is part of the directory data and can be replicated.

OID 1.3.6.1.4.1.42.2.27.8.2.1
Names pwdPolicy
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes objectClass, pwdAttribute
Optional Attributes pwdAllowUserChange, pwdCheckQuality, pwdExpireWarning, pwdFailureCountInterval, pwdGraceAuthNLimit, pwdInHistory, pwdLockout, pwdLockoutDuration, pwdMaxAge, pwdMaxFailure, pwdMinAge, pwdMinLength, pwdMustChange, pwdSafeModify
Origin draft-behera-ldap-password-policy
Schema File 01-pwpolicy.ldif

7.91. pwdValidatorPolicy

Object class for an entry that specifies a password validation policy.

OID 1.3.6.1.4.1.36733.2.1.2.18
Names pwdValidatorPolicy
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes objectClass, ds-cfg-password-validator
Origin OpenDJ Directory Server
Schema File 03-pwpolicyextension.ldif

7.92. qualityLabelledData

Object class assigning common data quality attributes to subtrees in the DIT.

OID 0.9.2342.19200300.100.4.22
Names qualityLabelledData
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes dSAQuality, objectClass
Optional Attributes subtreeMaximumQuality, subtreeMinimumQuality
Origin RFC 1274
Schema File 00-core.ldif

7.93. referral

Represents a subordinate reference in the directory, in other words an entry that refers to another entry.

Use this object class with extensibleObject to allow the entry to support the naming attributes used in its DN.

OID 2.16.840.1.113730.3.2.6
Names referral
Description named subordinate reference object
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes ref
Origin RFC 3296
Schema File 00-core.ldif

7.94. residentialPerson

The entry with this object class represents a person's residence in representation of the person.

OID 2.5.6.10
Names residentialPerson
Superior Classes person
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, l, objectClass, sn
Optional Attributes businessCategory, description, destinationIndicator, facsimileTelephoneNumber, internationaliSDNNumber, physicalDeliveryOfficeName, postOfficeBox, postalAddress, postalCode, preferredDeliveryMethod, registeredAddress, seeAlso, st, street, telephoneNumber, teletexTerminalIdentifier, telexNumber, userPassword, x121Address
Origin RFC 4519
Schema File 00-core.ldif

7.95. rFC822LocalPart

Entries of this object class represent the local part of Internet mail addresses as described in .

The local part of the address is handled like a domain entry.

OID 0.9.2342.19200300.100.4.14
Names rFC822LocalPart
Superior Classes domain
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes dc, objectClass
Optional Attributes associatedName, businessCategory, cn, description, destinationIndicator, facsimileTelephoneNumber, internationaliSDNNumber, l, o, physicalDeliveryOfficeName, postOfficeBox, postalAddress, postalCode, preferredDeliveryMethod, registeredAddress, searchGuide, seeAlso, sn, st, street, telephoneNumber, teletexTerminalIdentifier, telexNumber, userPassword, x121Address
Origin RFC 4524
Schema File 00-core.ldif

7.96. room

Entries of this object class represent rooms with cn as the naming attribute.

OID 0.9.2342.19200300.100.4.7
Names room
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, objectClass
Optional Attributes description, roomNumber, seeAlso, telephoneNumber
Origin RFC 4524
Schema File 00-core.ldif

7.97. sambaConfig

OID 1.3.6.1.4.1.7165.1.2.2.10
Names sambaConfig
Description Samba Configuration Section
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes objectClass
Optional Attributes description
Schema File 05-samba.ldif

7.98. sambaConfigOption

OID 1.3.6.1.4.1.7165.2.2.12
Names sambaConfigOption
Description Samba Configuration Option
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes objectClass, sambaOptionName
Optional Attributes description, sambaBoolOption, sambaIntegerOption, sambaStringListOption, sambaStringOption
Schema File 05-samba.ldif

7.99. sambaDomain

OID 1.3.6.1.4.1.7165.2.2.5
Names sambaDomain
Description Samba Domain Information
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes objectClass, sambaDomainName, sambaSID
Optional Attributes sambaAlgorithmicRidBase, sambaForceLogoff, sambaLockoutDuration, sambaLockoutObservationWindow, sambaLockoutThreshold, sambaLogonToChgPwd, sambaMaxPwdAge, sambaMinPwdAge, sambaMinPwdLength, sambaNextGroupRid, sambaNextRid, sambaNextUserRid, sambaPwdHistoryLength, sambaRefuseMachinePwdChange
Schema File 05-samba.ldif

7.100. sambaGroupMapping

OID 1.3.6.1.4.1.7165.2.2.4
Names sambaGroupMapping
Description Samba Group Mapping
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes gidNumber, objectClass, sambaGroupType, sambaSID
Optional Attributes description, displayName, sambaSIDList
Schema File 05-samba.ldif

7.101. sambaIdmapEntry

OID 1.3.6.1.4.1.7165.1.2.2.8
Names sambaIdmapEntry
Description Mapping from a SID to an ID
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes objectClass, sambaSID
Optional Attributes gidNumber, uidNumber
Schema File 05-samba.ldif

7.102. sambaPrivilege

OID 1.3.6.1.4.1.7165.2.2.13
Names sambaPrivilege
Description Samba Privilege
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes objectClass, sambaSID
Optional Attributes sambaPrivilegeList
Schema File 05-samba.ldif

7.103. sambaSamAccount

OID 1.3.6.1.4.1.7165.2.2.6
Names sambaSamAccount
Description Samba 3.0 Auxilary SAM Account
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes objectClass, sambaSID, uid
Optional Attributes cn, description, displayName, sambaAcctFlags, sambaBadPasswordCount, sambaBadPasswordTime, sambaDomainName, sambaHomeDrive, sambaHomePath, sambaKickoffTime, sambaLMPassword, sambaLogoffTime, sambaLogonHours, sambaLogonScript, sambaLogonTime, sambaMungedDial, sambaNTPassword, sambaPasswordHistory, sambaPrimaryGroupSID, sambaProfilePath, sambaPwdCanChange, sambaPwdLastSet, sambaPwdMustChange, sambaUserWorkstations
Schema File 05-samba.ldif

7.104. sambaShare

OID 1.3.6.1.4.1.7165.2.2.11
Names sambaShare
Description Samba Share Section
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes objectClass, sambaShareName
Optional Attributes description
Schema File 05-samba.ldif

7.105. sambaSidEntry

OID 1.3.6.1.4.1.7165.1.2.2.9
Names sambaSidEntry
Description Structural Class for a SID
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes objectClass, sambaSID
Schema File 05-samba.ldif

7.106. sambaTrustPassword

OID 1.3.6.1.4.1.7165.2.2.14
Names sambaTrustPassword
Description Samba Trust Password
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes objectClass, sambaDomainName, sambaNTPassword, sambaTrustFlags
Optional Attributes sambaPwdLastSet, sambaSID
Schema File 05-samba.ldif

7.107. sambaUnixIdPool

OID 1.3.6.1.4.1.7165.1.2.2.7
Names sambaUnixIdPool
Description Pool for allocating UNIX uids/gids
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes gidNumber, objectClass, uidNumber
Schema File 05-samba.ldif

7.108. shadowAccount

OID 1.3.6.1.1.1.2.1
Names shadowAccount
Description Additional attributes for shadow passwords
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes objectClass, uid
Optional Attributes authPassword, description, shadowExpire, shadowFlag, shadowInactive, shadowLastChange, shadowMax, shadowMin, shadowWarning, userPassword
Origin draft-howard-rfc2307bis
Schema File 04-rfc2307bis.ldif

7.109. simpleSecurityObject

Entries of this object class require that the entry have a userPassword attribute when the userPassword attribute is not required or allowed by the structural object class chain.

OID 0.9.2342.19200300.100.4.19
Names simpleSecurityObject
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes objectClass, userPassword
Origin RFC 4524
Schema File 00-core.ldif

7.110. slpService

Parent class for Service Location Protocol (SLP) objects. Specific service types inherit from this class and define their own attributes. They are structural object classes.

SLP service type templates have the following properties:

template-type

Defines the service type of the template. The service type can reflect:

  • A simple service, for example service:ftp

  • An abstract service type, for example service:printer

  • An concrete service type, for example service:printer:lpr

  • A service with a naming authority, for example service:printer.sun:local

This definition is used as the name of the LDAP object class for the template. To translate the service type name, : and . are replaced with -. For example, service:printer.sun:local becomes the object class name service-printer-sun-local.

template-version

String containing a major and minor version number, separated by .

template-description

Block of human-readable text describing what the service does.

template-url-syntax

ABNF grammar describing the service type specific part of the service URL.

OID 1.3.6.1.4.1.6252.2.27.6.2.1
Names slpService
Description parent superclass for SLP services
Superior Classes top
Class Type ABSTRACT: for use when defining other object classes.
Required Attributes description, objectClass, service-advert-scopes, service-advert-service-type, template-major-version-number, template-minor-version-number, template-url-syntax
Optional Attributes service-advert-attribute-authenticator, service-advert-url-authenticator
Origin RFC 2926
Schema File 03-rfc2926.ldif

7.111. slpServicePrinter

OID 1.3.18.0.2.6.254
Names slpServicePrinter
Description Service Location Protocol (SLP) information.
Superior Classes slpService
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes description, objectClass, service-advert-scopes, service-advert-service-type, template-major-version-number, template-minor-version-number, template-url-syntax
Optional Attributes service-advert-attribute-authenticator, service-advert-url-authenticator
Origin RFC 3712
Schema File 03-rfc3712.ldif

7.112. SolarisAuditUser

OID 1.3.6.1.4.1.42.2.27.5.2.2
Names SolarisAuditUser
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes objectClass
Optional Attributes SolarisAuditAlways, SolarisAuditNever
Origin Solaris Specific
Schema File 05-solaris.ldif

7.113. SolarisAuthAttr

OID 1.3.6.1.4.1.42.2.27.5.2.4
Names SolarisAuthAttr
Description Authorizations data
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, objectClass
Optional Attributes SolarisAttrKeyValue, SolarisAttrLongDesc, SolarisAttrReserved1, SolarisAttrReserved2, SolarisAttrShortDesc
Origin Solaris Specific
Schema File 05-solaris.ldif

7.114. SolarisExecAttr

OID 1.3.6.1.4.1.42.2.27.5.2.6
Names SolarisExecAttr
Description Profiles execution attributes
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes objectClass
Optional Attributes SolarisAttrKeyValue, SolarisAttrReserved1, SolarisAttrReserved2, SolarisKernelSecurityPolicy, SolarisProfileId, SolarisProfileType
Origin Solaris Specific
Schema File 05-solaris.ldif

7.115. SolarisNamingProfile

OID 1.3.6.1.4.1.42.2.27.5.2.7
Names SolarisNamingProfile
Description Solaris LDAP Naming client profile objectClass
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes SolarisLDAPServers, SolarisSearchBaseDN, cn, objectClass
Optional Attributes SolarisAuthMethod, SolarisBindDN, SolarisBindPassword, SolarisBindTimeLimit, SolarisCacheTTL, SolarisCertificatePassword, SolarisCertificatePath, SolarisDataSearchDN, SolarisPreferredServer, SolarisPreferredServerOnly, SolarisSearchReferral, SolarisSearchScope, SolarisSearchTimeLimit, SolarisTransportSecurity
Origin Solaris Specific
Schema File 05-solaris.ldif

7.116. SolarisProfAttr

OID 1.3.6.1.4.1.42.2.27.5.2.5
Names SolarisProfAttr
Description Profiles data
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, objectClass
Optional Attributes SolarisAttrKeyValue, SolarisAttrLongDesc, SolarisAttrReserved1, SolarisAttrReserved2
Origin Solaris Specific
Schema File 05-solaris.ldif

7.117. SolarisProject

OID 1.3.6.1.4.1.42.2.27.5.2.1
Names SolarisProject
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes SolarisProjectID, SolarisProjectName, objectClass
Optional Attributes SolarisProjectAttr, description, memberGid, memberUid
Origin Solaris Specific
Schema File 05-solaris.ldif

7.118. SolarisUserAttr

OID 1.3.6.1.4.1.42.2.27.5.2.3
Names SolarisUserAttr
Description User attributes
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes objectClass
Optional Attributes SolarisAttrKeyValue, SolarisAttrReserved1, SolarisAttrReserved2, SolarisUserQualifier
Origin Solaris Specific
Schema File 05-solaris.ldif

7.119. strongAuthenticationUser

Object class for augmenting entries that use certificate-based authentication, as described in X.521 clause 6.15.

This object class is deprecated. Use pkiUser instead.

OID 2.5.6.15
Names strongAuthenticationUser
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes objectClass, userCertificate
Origin RFC 4523
Schema File 00-core.ldif

7.120. subentry

Subentries are analogous to operational attributes in that they are used by the server for administrative purposes. Examples include password policies, entries for allocating collective attributes, and the entry exposing directory schema.

Unlike entries in the server-specific configuration backend, Subentries are present in and replicated with user data. Modifying subentries nevertheless requires the subentry-write administrative privilege.

For details, see RFC 3672, .

OID 2.5.17.0
Names subentry
Description LDAP Subentry class
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes cn, objectClass, subtreeSpecification
Origin RFC 3672
Schema File 00-core.ldif

7.121. subschema

Auxiliary object class for entries holding LDAP schema definitions.

OID 2.5.20.1
Names subschema
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Optional Attributes attributeTypes, dITContentRules, dITStructureRules, matchingRuleUse, matchingRules, nameForms, objectClasses
Origin RFC 4512
Schema File 00-core.ldif

7.122. sunPrinter

OID 1.3.6.1.4.1.42.2.27.5.2.14
Names sunPrinter
Description Sun printer information
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes objectClass, printer-name
Optional Attributes sun-printer-bsdaddr, sun-printer-kvp
Origin Solaris Specific
Schema File 05-solaris.ldif

7.123. top

The top-level object class, which is the abstract parent of all structural object class hierarchies.

OID 2.5.6.0
Names top
Class Type ABSTRACT: for use when defining other object classes.
Required Attributes objectClass
Origin RFC 4512
Schema File 00-core.ldif

7.124. uddiAddress

This entry represents an address contained by a UDDI contact.

OID 1.3.6.1.1.10.6.3
Names uddiAddress
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes objectClass, uddiUUID
Optional Attributes uddiAddressLine, uddiLang, uddiSortCode, uddiTModelKey, uddiUseType, uddiv3TModelKey
Origin RFC 4403
Schema File 03-uddiv3.ldif

7.125. uddiBindingTemplate

This entry represents a UDDI binding template.

OID 1.3.6.1.1.10.6.5
Names uddiBindingTemplate
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes objectClass, uddiBindingKey
Optional Attributes uddiAccessPoint, uddiCategoryBag, uddiDescription, uddiHostingRedirector, uddiServiceKey, uddiv3BindingKey, uddiv3DigitalSignature, uddiv3EntityCreationTime, uddiv3NodeId, uddiv3ServiceKey
Origin RFC 4403
Schema File 03-uddiv3.ldif

7.126. uddiBusinessEntity

This entry represents a UDDI business entity.

OID 1.3.6.1.1.10.6.1
Names uddiBusinessEntity
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes objectClass, uddiBusinessKey, uddiName
Optional Attributes uddiAuthorizedName, uddiCategoryBag, uddiDescription, uddiDiscoveryURLs, uddiIdentifierBag, uddiOperator, uddiv3BusinessKey, uddiv3DigitalSignature, uddiv3EntityModificationTime, uddiv3NodeId
Origin RFC 4403
Schema File 03-uddiv3.ldif

7.127. uddiBusinessService

This entry represents a UDDI business service.

OID 1.3.6.1.1.10.6.4
Names uddiBusinessService
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes objectClass, uddiServiceKey
Optional Attributes uddiBusinessKey, uddiCategoryBag, uddiDescription, uddiIsProjection, uddiName, uddiv3BusinessKey, uddiv3DigitalSignature, uddiv3EntityCreationTime, uddiv3EntityModificationTime, uddiv3NodeId, uddiv3ServiceKey
Origin RFC 4403
Schema File 03-uddiv3.ldif

7.128. uddiContact

This entry represents a contact contained by a UDDI business entity.

OID 1.3.6.1.1.10.6.2
Names uddiContact
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes objectClass, uddiPersonName, uddiUUID
Optional Attributes uddiDescription, uddiEMail, uddiPhone, uddiUseType
Origin RFC 4403
Schema File 03-uddiv3.ldif

7.129. uddiPublisherAssertion

This entry represents a UDDI publisher assertion.

OID 1.3.6.1.1.10.6.8
Names uddiPublisherAssertion
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes objectClass, uddiFromKey, uddiKeyedReference, uddiToKey, uddiUUID
Optional Attributes uddiv3DigitalSignature, uddiv3NodeId
Origin RFC 4403
Schema File 03-uddiv3.ldif

7.130. uddiTModel

This entry represents a UDDI template model.

OID 1.3.6.1.1.10.6.7
Names uddiTModel
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes objectClass, uddiName, uddiTModelKey
Optional Attributes uddiAuthorizedName, uddiCategoryBag, uddiDescription, uddiIdentifierBag, uddiIsHidden, uddiOperator, uddiOverviewDescription, uddiOverviewURL, uddiv3DigitalSignature, uddiv3NodeId, uddiv3TModelKey
Origin RFC 4403
Schema File 03-uddiv3.ldif

7.131. uddiTModelInstanceInfo

This entry represents a UDDI template model instance info object.

OID 1.3.6.1.1.10.6.6
Names uddiTModelInstanceInfo
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes objectClass, uddiTModelKey
Optional Attributes uddiDescription, uddiInstanceDescription, uddiInstanceParms, uddiOverviewDescription, uddiOverviewURL, uddiv3TModelKey
Origin RFC 4403
Schema File 03-uddiv3.ldif

7.132. uddiv3EntityObituary

This entry represents a UDDI entity obituary that contains information for a deleted UDDIv3 entity.

OID 1.3.6.1.1.10.6.10
Names uddiv3EntityObituary
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes objectClass, uddiUUID, uddiv3EntityKey
Optional Attributes uddiAuthorizedName, uddiv3EntityCreationTime, uddiv3EntityDeletionTime, uddiv3NodeId
Origin RFC 4403
Schema File 03-uddiv3.ldif

7.133. uddiv3Subscription

This entry represents a UDDI subscription entity.

OID 1.3.6.1.1.10.6.9
Names uddiv3Subscription
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes objectClass, uddiUUID, uddiv3SubscriptionFilter
Optional Attributes uddiAuthorizedName, uddiv3BindingKey, uddiv3BriefResponse, uddiv3ExpiresAfter, uddiv3MaxEntities, uddiv3NodeId, uddiv3NotificationInterval, uddiv3SubscriptionKey
Origin RFC 4403
Schema File 03-uddiv3.ldif

7.134. uidObject

This object class permits the entry to contain user identification information.

OID 1.3.6.1.1.3.1
Names uidObject
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes objectClass, uid
Origin RFC 4519
Schema File 00-core.ldif

7.135. untypedObject

OID 1.3.6.1.4.1.26027.1.2.900
Names untypedObject
Description Entry of no particular type
Superior Classes top
Class Type STRUCTURAL: for structural specification of the DIT. Entries have only one structural object class superclass chain.
Required Attributes objectClass
Optional Attributes c, cn, dc, description, l, o, ou, owner, seeAlso, st, street, uid
Origin draft-furuseth-ldap-untypedobject
Schema File 00-core.ldif

7.136. userSecurityInformation

Object class for augmenting entries with additional security information, as described in X.521 clause 6.16.

OID 2.5.6.18
Names userSecurityInformation
Superior Classes top
Class Type AUXILIARY: for use in augmenting attributes of entries that already have a structural object class.
Required Attributes objectClass
Optional Attributes supportedAlgorithms
Origin RFC 4523
Schema File 00-core.ldif

Chapter 8. Syntaxes

8.1. AttributeTypeDescription

Values of this syntax define attribute types.

The syntax corresponds to the AttributeTypeDescription ASN.1 type defined by X.501.

OID 1.3.6.1.4.1.1466.115.121.1.3
Description Attribute Type Description
Origin RFC 4517

8.2. AuthenticationPasswordSyntax

Values of this syntax hold encoded or hashed passwords.

The syntax follows this ABNF:

authPasswordValue = w scheme s authInfo s authValue w
scheme = %x30-39 / %x41-5A / %x2D-2F / %x5F
    ; 0-9, A-Z, "-", ".", "/", or "_"
authInfo = schemeSpecificValue
authValue = schemeSpecificValue
      schemeSpecificValue = *( %x21-23 / %x25-7E )
    ; printable ASCII less "$" and " "
s = w SEP w
w = *SP
SEP = %x24 ; "$"
SP = %x20 ; " " (space)
    

The scheme describes the mechanism.

The authInfo is often base64-encoded salt.

The authValue is often a base64-encoded value derived from the password(s).

OID 1.3.6.1.4.1.4203.1.1.2
Description Authentication Password Syntax
Origin RFC 3112

8.3. Binary

Values of this syntax hold binary values.

The values are BER-encoded instances of an attribute value ASN.1 data type for X.500, where the first byte inside the OCTET STRING wrapper is a tag octet, and the OCTET STRING is encoded in primitive form.

OID 1.3.6.1.4.1.1466.115.121.1.5
Description Binary
Origin RFC 4517

8.4. BitString

Values of this syntax hold a sequence of binary digits.

The syntax follows this ABNF, corresponding to the BIT STRING ASN.1 type:

BitString    = SQUOTE *binary-digit SQUOTE "B"
binary-digit = "0" / "1"
    
OID 1.3.6.1.4.1.1466.115.121.1.6
Description Bit String
Origin RFC 4517

8.5. Boolean

Values of this syntax hold a Boolean value, either TRUE or FALSE.

The syntax follows the BOOLEAN ASN.1 type.

OID 1.3.6.1.4.1.1466.115.121.1.7
Description Boolean
Origin RFC 4517

8.6. Certificate

Values of this syntax hold an X.509 certificate.

Request values using the binary option for the attribute description, such as userCertificate;binary.

Values of this syntax and the form of each value must be preserved as presented to avoid corrupting the digital signature.

OID 1.3.6.1.4.1.1466.115.121.1.8
Description Certificate
Origin RFC 4523

8.7. CertificateExactAssertion

Values of this syntax hold an X.509 CertificateExactAssertion as described in X.509, clause 11.3.1.

Values are encoded using Generic String Encoding Rules, specified in . The syntax follows this ABNF:

CertificateExactAssertion = "{" sp cea-serialNumber "," sp cea-issuer sp "}"

cea-serialNumber = id-serialNumber msp CertificateSerialNumber
cea-issuer = id-issuer msp Name

id-serialNumber = %x73.65.72.69.61.6C.4E.75.6D.62.65.72 ; 'serialNumber'
id-issuer = %x69.73.73.75.65.72 ; 'issuer'

Name = id-rdnSequence ":" RDNSequence
id-rdnSequence = %x72.64.6E.53.65.71.75.65.6E.63.65 ; 'rdnSequence'

CertificateSerialNumber = INTEGER
    
OID 1.3.6.1.1.15.1
Description X.509 Certificate Exact Assertion
Origin RFC 4523

8.8. CertificateList

Values of this syntax hold an X.509 CertificateList as described in X.509, clause 7.3.

Request values using the binary option for the attribute description, such as certificateRevocationList;binary.

Values of this syntax and the form of each value must be preserved as presented to avoid corrupting the digital signature.

OID 1.3.6.1.4.1.1466.115.121.1.9
Description Certificate List
Origin RFC 4523

8.9. CertificatePair

Values of this syntax hold an X.509 CertificatePair as described in X.509, clause 11.2.3.

Request values using the binary option for the attribute description, such as crossCertificatePair;binary.

Values of this syntax and the form of each value must be preserved as presented to avoid corrupting the digital signature.

OID 1.3.6.1.4.1.1466.115.121.1.10
Description Certificate Pair
Origin RFC 4523

8.10. CollectiveConflictBehavior

Values of this syntax indicate how to handle conflicts between real (stored) and virtual (computed) attribute values.

OID 1.3.6.1.4.1.26027.1.3.6
Description Collective Conflict Behavior
Acceptable Values real-overrides-virtual, virtual-overrides-real, merge-real-and-virtual
Schema File 00-core.ldif

8.11. CountryString

Values of this syntax hold two-character country codes as defined in the standard.

OID 1.3.6.1.4.1.1466.115.121.1.11
Description Country String
Origin RFC 4517

8.12. DeliveryMethod

Values of this syntax have values that are sequences of items that indicate the service(s) by which an entity can receive messages, in order of preference.

The syntax follows this ABNF:

DeliveryMethod = pdm *( WSP DOLLAR WSP pdm )
pdm            = "any" / "mhs" / "physical" / "telex" / "teletex" /
                 "g3fax" / "g4fax" / "ia5" / "videotex" / "telephone"
WSP            = 0*SPACE  ; zero or more " "
DOLLAR         = %x24 ; dollar sign ("$")
SPACE          = %x20 ; space (" ")
    
OID 1.3.6.1.4.1.1466.115.121.1.14
Description Delivery Method
Origin RFC 4517

8.13. DirectoryString

Values of this syntax hold strings of one or more arbitrary characters from the Universal Character Set (UCS). A zero-length character string is not permitted for this syntax.

LDAP encodes these values in UTF-8, as specified in .

Client applications must accept arbitrary UCS code points, including code points outside the printable range, and code points not presently assigned to any character.

OID 1.3.6.1.4.1.1466.115.121.1.15
Description Directory String
Origin RFC 4517

8.14. DITContentRuleDescription

Values of this syntax define DIT content rules.

The syntax corresponds to the DITContentRuleDescription ASN.1 type defined by X.501.

OID 1.3.6.1.4.1.1466.115.121.1.16
Description DIT Content Rule Description
Origin RFC 4517

8.15. DITStructureRuleDescription

Values of this syntax define DIT structure rules.

The syntax corresponds to the DITStructureRuleDescription ASN.1 type defined by X.501.

OID 1.3.6.1.4.1.1466.115.121.1.17
Description DIT Structure Rule Description
Origin RFC 4517

8.16. DN

Values of this syntax hold the distinguished name (DN) of an entry.

The syntax corresponds to the DistinguishedName ASN.1 type defined by X.501.

OID 1.3.6.1.4.1.1466.115.121.1.12
Description DN
Origin RFC 4517

8.17. EnhancedGuide

Values of this syntax suggest criteria to be used in constructing filters to search for entries of a particular object class. The criteria are combinations of attribute types and filter operators.

For example, the value person#(sn$EQ)#oneLevel suggests searching for person entries with an equality filter to match surname (SN) attribute values with a scope of one level below the base DN.

The syntax follows this ABNF:

EnhancedGuide = object-class SHARP WSP criteria WSP
                SHARP WSP subset
object-class  = WSP oid WSP
subset        = "baseobject" / "oneLevel" / "wholeSubtree"

criteria      = and-term *( BAR and-term )
and-term      = term *( AMPERSAND term )
term          = EXCLAIM term /
                attributetype DOLLAR match-type /
                LPAREN criteria RPAREN /
                true /
                false
match-type    = "EQ" / "SUBSTR" / "GE" / "LE" / "APPROX"
true          = "?true"
false         = "?false"
BAR           = %x7C  ; vertical bar ("|")
AMPERSAND     = %x26  ; ampersand ("&")
EXCLAIM       = %x21  ; exclamation mark ("!")

WSP           = 0*SPACE  ; zero or more " "
DOLLAR        = %x24 ; dollar sign ("$")
SPACE         = %x20 ; space (" ")
SHARP         = %x23 ; octothorpe (or sharp sign) ("#")
LPAREN        = %x28 ; left paren ("(")
RPAREN        = %x29 ; right paren (")")

attributetype = oid
oid           = descr / numericoid
descr         = keystring
numericoid    = number 1*( DOT number )
keystring     = leadkeychar *keychar
leadkeychar   = ALPHA
keychar       = ALPHA / DIGIT / HYPHEN
number        = DIGIT / ( LDIGIT 1*DIGIT )
ALPHA         = %x41-5A / %x61-7A   ; "A"-"Z" / "a"-"z"
DIGIT         = %x30 / LDIGIT       ; "0"-"9"
LDIGIT        = %x31-39             ; "1"-"9"
HEX           = DIGIT / %x41-46 / %x61-66 ; "0"-"9" / "A"-"F" / "a"-"f"
    

The syntax corresponds to the EnhancedGuide ASN.1 type defined by X.520.

OID 1.3.6.1.4.1.1466.115.121.1.21
Description Enhanced Guide
Origin RFC 4517

8.18. FacsimileTelephoneNumber

Values of this syntax hold fax telephone numbers with optional additional fax parameters.

The syntax follows this ABNF:

fax-number       = telephone-number *( DOLLAR fax-parameter )
telephone-number = PrintableString
fax-parameter    = "twoDimensional" /
                   "fineResolution" /
                   "unlimitedLength" /
                   "b4Length" /
                   "a3Width" /
                   "b4Width" /
                   "uncompressed"
    
OID 1.3.6.1.4.1.1466.115.121.1.22
Description Facsimile Telephone Number
Origin RFC 4517

8.19. Fax

Values of this syntax hold fax images produced by the Group 3 facsimile process, as described in Terminal Equipment and Protocols for Telematic Services, ITU-T Recommendation T.4.

The ASN.1 type corresponds to this Fax syntax, assuming EXPLICIT TAGS:

Fax ::= CHOICE {
    g3-facsimile  [3] G3FacsimileBodyPart
}
    

The G3FacsimileBodyPart ASN.1 type is defined by X.420.

OID 1.3.6.1.4.1.1466.115.121.1.23
Description Fax
Origin RFC 4517

8.20. GeneralizedTime

Values of this syntax hold generalized times, character strings representing a date and time.

The syntax follows this ABNF:

GeneralizedTime = century year month day hour
                  [ minute [ second / leap-second ] ]
                  [ fraction ]
                  g-time-zone

century = 2(%x30-39)                             ; "00" to "99"
year    = 2(%x30-39)                             ; "00" to "99"
month   = ( %x30 %x31-39 )                       ; "01" (January) to "09"
          / ( %x31 %x30-32 )                     ; "10" to "12"
day     = ( %x30 %x31-39 )                       ; "01" to "09"
          / ( %x31-32 %x30-39 )                  ; "10" to "29"
          / ( %x33 %x30-31 )                     ; "30" to "31"
hour    = ( %x30-31 %x30-39 ) / ( %x32 %x30-33 ) ; "00" to "23"
minute  = %x30-35 %x30-39                        ; "00" to "59"

second      = ( %x30-35 %x30-39 )                ; "00" to "59"
leap-second = ( %x36 %x30 )                      ; "60"

fraction        = ( DOT / COMMA ) 1*(%x30-39)
g-time-zone     = %x5A                           ; "Z"
                  / g-differential
g-differential  = ( MINUS / PLUS ) hour [ minute ]
MINUS           = %x2D                           ; minus sign ("-")
PLUS            = %x2B                           ; plus sign ("+")
    

Where the ABNF allows invalid times, such as Feb. 31, 2017, the values are considered invalid.

When the "Z" form of the time zone is used, the time value represents universal coordinated time. Otherwise, it represents a local time in the time zone indicated by the g-differential.

Example: 201702151036Z meaning 10:36 AM, February 15, 2017 universal coordinated time.

The syntax corresponds to the GeneralizedTime ASN.1 type, with the exception that local times without a differential are not permitted.

OID 1.3.6.1.4.1.1466.115.121.1.24
Description Generalized Time
Origin RFC 4517

8.21. Guide

Values of this syntax suggest criteria to be used in constructing filters to search for entries of a particular object class. The criteria are combinations of attribute types and filter operators.

This syntax is considered obsolete, and should not be used when defining new attribute types. The alternative is EnhancedGuide.

OID 1.3.6.1.4.1.1466.115.121.1.25
Description Guide
Origin RFC 4517

8.22. IA5String

Values of this syntax hold strings of zero or more characters from International Alphabet 5 (IA5), the international version of the ASCII character set. The set is defined in International Reference Alphabet (IRA) (Formerly International Alphabet No. 5 or IA5) Information Technology - 7-Bit Coded Character Set for Information Interchange, ITU-T Recommendation T.50.

The syntax follows this ABNF:

IA5String = *(%x00-7F)
    

The syntax corresponds to the IA5String ASN.1 type.

OID 1.3.6.1.4.1.1466.115.121.1.26
Description IA5 String
Origin RFC 4517

8.23. Integer

Values of this syntax hold whole numbers of unlimited magnitude.

The syntax follows this ABNF:

Integer = ( HYPHEN LDIGIT *DIGIT ) / number
number  = DIGIT / ( LDIGIT 1*DIGIT )
HYPHEN  = %x2D                               ; hyphen ("-")
DIGIT   = %x30 / LDIGIT                      ; "0"-"9"
LDIGIT  = %x31-39                            ; "1"-"9"
    

The syntax corresponds to the INTEGER ASN.1 type.

OID 1.3.6.1.4.1.1466.115.121.1.27
Description Integer
Origin RFC 4517

8.24. JPEG

Values of this syntax hold images in the JPEG File Interchange Format (JFIF), as described in JPEG File Interchange Format (Version 1.02). The values are the sequence of octets of the JFIF encoding.

The syntax corresponds to the following ASN.1 type:

JPEG ::= OCTET STRING (CONSTRAINED BY
           { -- contents octets are an image in the --
             -- JPEG File Interchange Format -- })
    
OID 1.3.6.1.4.1.1466.115.121.1.28
Description JPEG
Origin RFC 4517

8.25. Json

Values of this syntax hold JavaScript Object Notation (JSON) documents.

The syntax is specified in .

OID 1.3.6.1.4.1.36733.2.1.3.1
Description Json
Origin OpenDJ Directory Server

8.26. JsonQuery

Values of this syntax hold ForgeRock® Common REST JSON Query filter strings. See the directory documentation for details.

OID 1.3.6.1.4.1.36733.2.1.3.2
Description Json Query
Origin OpenDJ Directory Server

8.27. LDAPSyntaxDescription

Values of this syntax define LDAP syntaxes.

The syntax corresponds to the following ASN.1 type:

LDAPSyntaxDescription ::= SEQUENCE {
        identifier      OBJECT IDENTIFIER,
        description     DirectoryString { ub-schema } OPTIONAL }
    

DirectoryString is defined in X.520. The integer value of ub-schema depends on the implementation.

OID 1.3.6.1.4.1.1466.115.121.1.54
Description LDAP Syntax Description
Origin RFC 4517

8.28. MatchingRuleDescription

Values of this syntax define matching rules.

The syntax corresponds to the MatchingRuleDescription ASN.1 type defined by X.501.

OID 1.3.6.1.4.1.1466.115.121.1.30
Description Matching Rule Description
Origin RFC 4517

8.29. MatchingRuleUseDescription

Values of this syntax define matching rule uses.

The syntax corresponds to the MatchingRuleUseDescription ASN.1 type defined by X.501.

OID 1.3.6.1.4.1.1466.115.121.1.31
Description Matching Rule Use Description
Origin RFC 4517

8.30. NameAndOptionalUID

Values of this syntax hold a DN followed by an optional unique identifier to distinguish the name from others with the same DN.

The syntax follows this ABNF:

NameAndOptionalUID = distinguishedName [ SHARP BitString ]
    

Example: uid=bjensen,ou=people,dc=example,dc=com#'0101'B.

The syntax corresponds to the NameAndOptionalUID ASN.1 type defined by X.501.

OID 1.3.6.1.4.1.1466.115.121.1.34
Description Name and Optional UID
Origin RFC 4517

8.31. NameFormDescription

Values of this syntax define name forms.

The syntax corresponds to the NameFormDescription ASN.1 type defined by X.501.

OID 1.3.6.1.4.1.1466.115.121.1.35
Description Name Form Description
Origin RFC 4517

8.32. NumericString

Values of this syntax hold sequences of one or more numerals and spaces.

The syntax follows this ABNF:

NumericString = 1*(DIGIT / SPACE)
    

Example: 123 456 789 0.

The syntax corresponds to the NumericString ASN.1 type.

OID 1.3.6.1.4.1.1466.115.121.1.36
Description Numeric String
Origin RFC 4517

8.33. ObjectClassDescription

Values of this syntax define object classes.

The syntax corresponds to the ObjectClassDescription ASN.1 type defined by X.501.

OID 1.3.6.1.4.1.1466.115.121.1.37
Description Object Class Description
Origin RFC 4517

8.34. OctetString

Values of this syntax hold sequences of zero or more arbitrary octets.

The syntax follows this ABNF:

OctetString = *OCTET
OCTET       = %x00-FF ; Any octet (8-bit data unit)
    

The syntax corresponds to the OCTET STRING ASN.1 type.

OID 1.3.6.1.4.1.1466.115.121.1.40
Description Octet String
Origin RFC 4517

8.35. OID

Values of this syntax hold Object Identifiers (OID), sequences of two or more non-negative integers that uniquely identify some object or item of specification.

Examples: 1.2.3.4, cn.

The syntax corresponds to the OBJECT IDENTIFIER ASN.1 type.

OID 1.3.6.1.4.1.1466.115.121.1.38
Description OID
Origin RFC 4517

8.36. OtherMailbox

Values of this syntax hold electronic mail addresses for a particular mail system.

The syntax follows this ABNF:

OtherMailbox = mailbox-type DOLLAR mailbox
mailbox-type = PrintableString
mailbox      = IA5String
    

The mailbox-type identifies the mail system. The mailbox identifies the mail box within the system.

The syntax corresponds to this ASN.1 type, assuming EXPLICIT TAGS:

OtherMailbox ::= SEQUENCE {
        mailboxType  PrintableString,
        mailbox      IA5String
}
    
OID 1.3.6.1.4.1.1466.115.121.1.39
Description Other Mailbox
Origin RFC 4517

8.37. PostalAddress

Values of this syntax hold sequences of strings of one or more arbitrary UCS characters, which form an address in a physical mail system.

The syntax follows this ABNF:

PostalAddress = line *( DOLLAR line )
line          = 1*line-char
line-char     = %x00-23
              / (%x5C "24")  ; escaped "$"
              / %x25-5B
              / (%x5C "5C")  ; escaped "\"
              / %x5D-7F
              / UTFMB

DOLLAR  = %x24 ; dollar sign ("$")
UTFMB   = UTF2 / UTF3 / UTF4
UTF1    = %x00-7F
UTF2    = %xC2-DF UTF0
UTF3    = %xE0 %xA0-BF UTF0 / %xE1-EC 2(UTF0) /
          %xED %x80-9F UTF0 / %xEE-EF 2(UTF0)
UTF4    = %xF0 %x90-BF 2(UTF0) / %xF1-F3 3(UTF0) /
          %xF4 %x80-8F 2(UTF0)
    

Example: 1234 Main St.$Anytown, CA 12345$USA.

The syntax corresponds to the PostalAddress ASN.1 type:

PostalAddress ::= SEQUENCE SIZE(1..ub-postal-line) OF
        DirectoryString { ub-postal-string }
    

The integers ub-postal-line and ub-postal-string depend on the implementation. The syntax is defined in X.520.

OID 1.3.6.1.4.1.1466.115.121.1.41
Description Postal Address
Origin RFC 4517

8.38. PresentationAddress

Values of this syntax hold presentation addresses used when addressing other OSI application entities.

The syntax is described in , A string encoding of Presentation Address. However, this implementation treats the syntax exactly like DirectoryString syntax.

OID 1.3.6.1.4.1.1466.115.121.1.43
Description Presentation Address
Origin RFC 2252

8.39. PrintableString

Values of this syntax hold strings of one or more latin alphabetic, numeric, and selected punctuation characters as described by the following ABNF:

PrintableString    = 1*PrintableCharacter
PrintableCharacter = ALPHA / DIGIT / SQUOTE / LPAREN / RPAREN /
                     PLUS / COMMA / HYPHEN / DOT / EQUALS /
                     SLASH / COLON / QUESTION / SPACE
ALPHA              = %x41-5A / %x61-7A   ; "A"-"Z" / "a"-"z"
DIGIT              = %x30 / LDIGIT       ; "0"-"9"
LDIGIT             = %x31-39             ; "1"-"9"
SPACE              = %x20 ; space (" ")
SQUOTE             = %x27 ; single quote ("'")
LPAREN             = %x28 ; left paren ("(")
RPAREN             = %x29 ; right paren (")")
PLUS               = %x2B ; plus sign ("+")
COMMA              = %x2C ; comma (",")
HYPHEN             = %x2D ; hyphen ("-")
DOT                = %x2E ; period (".")
EQUALS             = %x3D ; equals sign ("=")
SLASH              = %x2F ; forward slash ("/")
COLON              = %x3A ; colon (":")
QUESTION           = %x3F ; question mark ("?")
    

The syntax corresponds to the PrintableString ASN.1 type.

OID 1.3.6.1.4.1.1466.115.121.1.44
Description Printable String
Origin RFC 4517

8.40. ProtocolInformation

According to X.520, Values of this syntax hold protocol information for network addresses in a presentation address.

This was referenced but not defined in the LDAP specifications. As a result, this syntax is treated like that of Directory String.

OID 1.3.6.1.4.1.1466.115.121.1.42
Description Protocol Information
Origin RFC 2252

8.41. SubstringAssertion

Values of this syntax hold sequences of zero or more character substrings used as an argument for substring extensible matching of character string attribute values.

Such are the match values of matching rule assertions. They are not used in attribute values or in a substring filter.

Each substring is a string of one or more characters from the Universal Character Set (UCS). Zero-length substrings are not permitted.

Values follow this ABNF:

SubstringAssertion = [ initial ] any [ final ]

initial  = substring
any      = ASTERISK *(substring ASTERISK)
final    = substring
ASTERISK = %x2A  ; asterisk ("*")

substring           = 1*substring-character
substring-character = %x00-29
                      / (%x5C "2A")  ; escaped "*"
                      / %x2B-5B
                      / (%x5C "5C")  ; escaped "\"
                      / %x5D-7F
                      / UTFMB

UTFMB   = UTF2 / UTF3 / UTF4
UTF1    = %x00-7F
UTF2    = %xC2-DF UTF0
UTF3    = %xE0 %xA0-BF UTF0 / %xE1-EC 2(UTF0) /
          %xED %x80-9F UTF0 / %xEE-EF 2(UTF0)
UTF4    = %xF0 %x90-BF 2(UTF0) / %xF1-F3 3(UTF0) /
          %xF4 %x80-8F 2(UTF0)
    

The syntax corresponds to the SubstringAssertion ASN.1 type defined in X.520.

OID 1.3.6.1.4.1.1466.115.121.1.58
Description Substring Assertion
Origin RFC 4517

8.42. SubtreeSpecification

OID 1.3.6.1.4.1.1466.115.121.1.45
Description Subtree Specification

8.43. SunDefinedAccessControlInformation

Values of this syntax hold Access Control Instructions (ACI). See the directory documentation for details.

OID 1.3.6.1.4.1.26027.1.3.4
Description Sun-defined Access Control Information

8.44. SupportedAlgorithm

Values of this syntax hold X.509 SupportedAlgorithms, as described in X.509, clause 11.2.7.

Request values using the binary option for the attribute description, such as supportedAlgorithms;binary.

Values of this syntax and the form of each value must be preserved as presented to avoid corrupting the digital signature.

OID 1.3.6.1.4.1.1466.115.121.1.49
Description Supported Algorithm
Origin RFC 4523

8.45. TelephoneNumber

Values of this syntax hold telephone numbers, strings of printable characters, as in PrintableString, that comply with the internationally agreed format for representing international telephone numbers.

Examples: +1 415 555 1212, +1-415-555-1212.

The syntax corresponds to the following ASN.1 type from X.520:

PrintableString (SIZE(1..ub-telephone-number))
    

The integer value of ub-telephone-number depends on the implementation.

OID 1.3.6.1.4.1.1466.115.121.1.50
Description Telephone Number
Origin RFC 4517

8.46. TeletexTerminalIdentifier

Values of this syntax hold identifiers and, optionally, parameters of teletex terminals.

Values follow this ABNF:

teletex-id = ttx-term *(DOLLAR ttx-param)
ttx-term   = PrintableString          ; terminal identifier
ttx-param  = ttx-key COLON ttx-value  ; parameter
ttx-key    = "graphic" / "control" / "misc" / "page" / "private"
ttx-value  = *ttx-value-octet
ttx-value-octet = %x00-23
                  / (%x5C "24")  ; escaped "$"
                  / %x25-5B
                  / (%x5C "5C")  ; escaped "\"
                  / %x5D-FF

DOLLAR             = %x24 ; dollar sign ("$")
PrintableString    = 1*PrintableCharacter
PrintableCharacter = ALPHA / DIGIT / SQUOTE / LPAREN / RPAREN /
                     PLUS / COMMA / HYPHEN / DOT / EQUALS /
                     SLASH / COLON / QUESTION / SPACE
ALPHA              = %x41-5A / %x61-7A   ; "A"-"Z" / "a"-"z"
DIGIT              = %x30 / LDIGIT       ; "0"-"9"
LDIGIT             = %x31-39             ; "1"-"9"
SPACE              = %x20 ; space (" ")
SQUOTE             = %x27 ; single quote ("'")
LPAREN             = %x28 ; left paren ("(")
RPAREN             = %x29 ; right paren (")")
PLUS               = %x2B ; plus sign ("+")
COMMA              = %x2C ; comma (",")
HYPHEN             = %x2D ; hyphen ("-")
DOT                = %x2E ; period (".")
EQUALS             = %x3D ; equals sign ("=")
SLASH              = %x2F ; forward slash ("/")
COLON              = %x3A ; colon (":")
QUESTION           = %x3F ; question mark ("?")
    

The syntax corresponds to the TeletexTerminalIdentifier ASN.1 type defined in X.520.

OID 1.3.6.1.4.1.1466.115.121.1.51
Description Teletex Terminal Identifier
Origin RFC 4517

8.47. TelexNumber

Values of this syntax hold the telex number, country code, and answerback code of a telex terminal.

The syntax follows this ABNF:

telex-number  = actual-number DOLLAR country-code DOLLAR answerback
actual-number = PrintableString
country-code  = PrintableString
answerback    = PrintableString

DOLLAR             = %x24 ; dollar sign ("$")
PrintableString    = 1*PrintableCharacter
PrintableCharacter = ALPHA / DIGIT / SQUOTE / LPAREN / RPAREN /
                     PLUS / COMMA / HYPHEN / DOT / EQUALS /
                     SLASH / COLON / QUESTION / SPACE
ALPHA              = %x41-5A / %x61-7A   ; "A"-"Z" / "a"-"z"
DIGIT              = %x30 / LDIGIT       ; "0"-"9"
LDIGIT             = %x31-39             ; "1"-"9"
SPACE              = %x20 ; space (" ")
SQUOTE             = %x27 ; single quote ("'")
LPAREN             = %x28 ; left paren ("(")
RPAREN             = %x29 ; right paren (")")
PLUS               = %x2B ; plus sign ("+")
COMMA              = %x2C ; comma (",")
HYPHEN             = %x2D ; hyphen ("-")
DOT                = %x2E ; period (".")
EQUALS             = %x3D ; equals sign ("=")
SLASH              = %x2F ; forward slash ("/")
COLON              = %x3A ; colon (":")
QUESTION           = %x3F ; question mark ("?")

    

The syntax corresponds to the TelexNumber ASN.1 type, defined in X.520.

OID 1.3.6.1.4.1.1466.115.121.1.52
Description Telex Number
Origin RFC 4517

8.48. UserPassword

Values of this syntax hold user passwords in encoded form.

A value is formatted as {scheme}encoded-value, where the scheme is the password storage scheme, and encoded-value is the value encoded or hashed according to the storage scheme.

Cleartext passwords are octet strings.

OID 1.3.6.1.4.1.26027.1.3.1
Description User Password
Origin OpenDS Directory Server

8.49. UTCTime

Values of this syntax hold character strings representing a date and time to a precision of one minute or one second.

This syntax is deprecated. For new attributes, use GeneralizedTime instead.

The syntax follows this ABNF:

UTCTime         = year month day hour minute [ second ] [ u-time-zone ]
u-time-zone     = %x5A                           ; "Z"
                  / u-differential
u-differential  = ( MINUS / PLUS ) hour minute

century = 2(%x30-39)                             ; "00" to "99"
year    = 2(%x30-39)                             ; "00" to "99"
month   = ( %x30 %x31-39 )                       ; "01" (January) to "09"
          / ( %x31 %x30-32 )                     ; "10" to "12"
day     = ( %x30 %x31-39 )                       ; "01" to "09"
          / ( %x31-32 %x30-39 )                  ; "10" to "29"
          / ( %x33 %x30-31 )                     ; "30" to "31"
hour    = ( %x30-31 %x30-39 ) / ( %x32 %x30-33 ) ; "00" to "23"
minute  = %x30-35 %x30-39                        ; "00" to "59"

second      = ( %x30-35 %x30-39 )                ; "00" to "59"
leap-second = ( %x36 %x30 )                      ; "60"

fraction        = ( DOT / COMMA ) 1*(%x30-39)
MINUS           = %x2D                           ; minus sign ("-")
PLUS            = %x2B                           ; plus sign ("+")
    

Where the ABNF allows invalid times, such as Feb. 31, 2017, the values are considered invalid.

When the "Z" form of the time zone is used, the time value represents universal coordinated time. Otherwise, it represents a local time in the time zone indicated by the u-differential.

The syntax corresponds to the UTCTime ASN.1 type.

OID 1.3.6.1.4.1.1466.115.121.1.53
Description UTC Time
Origin RFC 4517

8.50. UUID

Values of this syntax hold 16-octet (128-bit) strings, constrained to the namespace specified in , that identify an object. Values are encoded using the ASCII representation.

Example: 597ae2f6-16a6-1027-98f4-d28b5365dc14.

OID 1.3.6.1.1.16.1
Description UUID
Origin RFC 4530
Read a different version of :