Sun ONE Directory Server 5.2 Reference Manual |
Chapter 11 Attribute Reference
This chapter contains an alphabetic list of the standard attributes. It provides a definition of each attribute, the attribute syntax and the OID.
abstract
Definition
Provides an abstract of a document entry.
This attribute is defined in Internet White Pages Pilot.
Syntax
DirectoryString, multi-valued.
OID
0.9.2342.19200300.102.1.9
aliasedObjectName
Definition
Used by the directory server to identify alias entries in the directory. Contains the distinguished name of the entry for which it is an alias.
Note that alias dereferencing is not supported in Sun ONE Directory Server.
For example:
aliasedObjectName: cn=jdoe, dc=example, dc=com
This attribute is defined in RFC 2256.
Syntax
DN, single-valued.
OID
2.5.4.1
associatedDomain
Definition
Specifies a DNS domain associated with an object in the directory tree. For example, the entry in the directory tree with a distinguished name c=US, o=example Corporation might be associated to the domain example.com. Note that all domains should be represented in rfc822 order.
For example:
associatedDomain: example.com
This attribute is defined in RFC 1274.
Syntax
DirectoryString, multi-valued.
OID
0.9.2342.19200300.100.1.37
associatedName
Definition
Specifies an entry in the organizational directory tree associated with a DNS domain.
For example:
associatedName: c=us
This attribute is defined in RFC 1274.
Syntax
DN, multi-valued.
OID
0.9.2342.19200300.100.1.38
audio
Definition
Contains a sound file in binary format. The attribute uses a u-law encoded sound file.
For example:
audio:: AAAAAA==
This attribute is defined in RFC 1274.
Syntax
Binary, multi-valued.
OID
0.9.2342.19200300.100.1.55
authorCn
Definition
Contains the common name of the author of a document entry.
For example:
authorCn: Kacey
This attribute is defined in Internet White Pages Pilot.
Syntax
DirectoryString, multi-valued.
OID
0.9.2342.19200300.102.1.11
authorSn
Definition
Contains the surname of the author of a document entry.
For example:
authorSn: Doe
This attribute is defined in Internet White Pages Pilot.
Syntax
DirectoryString, multi-valued.
OID
0.9.2342.19200300.102.1.12
authorityRevocationList
Definition
Contains a list of CA certificates that have been revoked. This attribute is to be stored and requested in the binary form, as authorityRevocationList;binary.
For example:
authorityRevocationList;binary:: AAAAAA==
This attribute is defined in RFC 2256.
Syntax
Binary, multi-valued.
OID
2.5.4.38
bootFile
Definition
The name of the boot image.
For example:
bootFile: mach
This attribute is defined in RFC 2307.
Syntax
String, multi-valued.
OID
1.3.6.1.1.1.1.24
bootParameter
Definition
Specified boot parameters.
For example:
bootParameter: root=fs:/nfsroot/peg
bootParameter: swap=fs:/nfsswap/peg
bootParameter: dump=fs:/nfsdump/peg
This attribute is defined in RFC 2307.
Syntax
bootParameterSyntax
OID
1.3.6.1.1.1.1.23
buildingName
Definition
Defines the building name associated with the entry.
For example:
buildingName: B14
This attribute is defined in RFC 1274.
Syntax
DirectoryString, multi-valued.
OID
0.9.2342.19200300.100.1.48
businessCategory
Definition
Identifies the type of business in which the entry is engaged. This should be a broad generalization such as is made at the corporate division level.
For example:
businessCategory: Engineering
This attribute is defined in RFC 2256.
Syntax
DirectoryString, multi-valued.
OID
2.5.4.15
c (countryName)
Definition
Contains the two-character code representing country names, as defined in ISO-3166.
For example:
countryName: IE
or
c: IE
This attribute is defined in RFC 2256.
Syntax
DirectoryString, single-valued.
OID
2.5.4.6
CACertificate
Definition
Contains the CA's certificate. This attribute is to be stored and requested in the binary form, as CACertificate;binary.
For example:
CACertificate;binary:: AAAAAA==
This attribute is defined in RFC 2256.
Syntax
Binary, multi-valued.
OID
2.5.4.37
carLicense
Definition
Identifies the entry's automobile license plate number.
For example:
carLicense: 4MCS389
This attribute is defined in RFC 2798.
Syntax
DirectoryString, multi-valued.
OID
2.16.840.1.113730.3.1.1
certificateRevocationList
Definition
Contains a list of revoked user certificates. This attribute is to be stored and requested in the binary form, as certificateRevocationList;binary.
For example:
certificateRevocationList;binary:: AAAAAA==
This attribute is defined in RFC 2256.
Syntax
Binary, multi-valued.
OID
2.5.4.39
changes
Description
For add and modify operations, contains the changes made to the entry, in LDIF format.
This attribute is defined in Changelog Internet Draft.
Syntax
Binary, multi-valued.
OID
2.16.840.1.113730.3.1.8
changeLog
Description
The distinguished name of the entry that contains the set of entries comprising the server change log.
This attribute is defined in Changelog Internet Draft.
Syntax
DN, multi-valued.
OID
2.16.840.1.113730.3.1.35
changeNumber
Description
This single-valued attribute is always present. It contains an integer that uniquely identifies each change made to a directory entry. This number is related to the order in which the change occurred. The higher the number, the later the change.
This attribute is defined in the Changelog Internet Draft.
Syntax
Integer, single-valued.
OID
2.16.840.1.113730.3.1.5
changeTime
Description
Defines a time, in a YYMMDDHHMMSS format, when the entry was added.
This attribute is defined in the Changelog Internet Draft.
Syntax
DirectoryString, single-valued.
OID
2.16.840.1.113730.3.1.77
changeType
Description
Specifies the type of LDAP operation. This attribute can have one of the following values: add, delete, modify, or modrdn.
For example:
changeType: modify
This attribute is defined in the Changelog Internet Draft.
Syntax
DirectoryString, single-valued.
OID
2.16.840.1.113730.3.1.7
cn (commonName)
Definition
Identifies the name of an object in the directory. When the object corresponds to a person, the cn is typically the person's full name.
When identifying the entry's common name or full name:
commonName: Bill Anderson
or
cn: Bill Anderson
When in reference to LDAPReplica or LDAPServer object classes:
commonName: replicater.example.com:17430/dc%3Dexample%2Cdc%3Dcom
or
cn: replicater.example.com:17430/dc%3Dexample%2Cdc%3Dcom
This attribute is defined in RFC 2256.
Syntax
DirectoryString, multi-valued.
OID
2.5.4.3
co (friendlyCountryName)
Definition
Contains the name of a country. Often, the country attribute is used to describe a two-character code for a country, and the friendlyCountryName attribute is used to describe the actual country name.
For example:
friendlyCountryName: Ireland
or
co: Ireland
This attribute is defined in RFC 1274.
Syntax
DirectoryString, multi-valued.
OID
0.9.2342.19200300.100.1.43
cosAttribute
Description
Provides the name of the attribute for which you want to generate a value. You can specify more than one cosAttribute value. This attribute is used by all types of CoS definition entries.
The cosAttribute attribute allows two qualifiers following the name of the CoS attribute. The override qualifier has one of the following values:
- default (or no qualifier) - Indicates that the server does not override a real attribute value stored in the entry when it has the same type as the virtual attribute.
- override - Indicates that the server always returns the value generated by the CoS, even when there is a value stored with the entry.
- operational - Indicates that the attribute will only be returned if it is explicitly requested in the search. Operational attributes do not need to pass a schema check in order to be returned. It also has the same behavior as the override qualifier.
The merge qualifier is either absent or given with the following value:
- merge-schemes - Allows the virtual CoS attribute to be multivalued, either from multiple templates or multiple CoS definitions. For more information, see the section "Managing CoS From the Command Line" in Chapter 5 of the Sun ONE Directory Server Administration Guide.
This attribute is defined in Sun ONE Directory Server.
Syntax
Directory String, multi-valued.
OID
2.16.840.1.113730.3.1.550
cosIndirectSpecifier
Description
Specifies the attribute values used by an indirect CoS to identify the template entry.
This attribute is defined in Sun ONE Directory Server.
Syntax
DirectoryString, single-valued.
OID
2.16.840.1.113730.3.1.577
cosPriority
Definition
Specifies which template provides the attribute value, when CoS templates compete to provide an attribute value. This attribute represents the global priority of a particular template. A priority of zero is the highest priority.
This attribute is defined in Sun ONE Directory Server.
Syntax
Integer, single-valued.
OID
2.16.840.1.113730.3.1.569
cosSpecifier
Description
Specifies the attribute value used by a classic CoS, which, along with the template entry's DN, identifies the template entry.
This attribute is defined in Sun ONE Directory Server.
Syntax
DirectoryString, single-valued.
OID
2.16.840.1.113730.3.1.551
cosTargetTree
Definition
Determines the subtree of the DIT to which the CoS schema applies. The values for this attribute for the schema and for multiple CoS schema may overlap their target trees in an arbitrary fashion.
This attribute is defined in Sun ONE Directory Server.
Syntax
DirectoryString, single-valued.
OID
2.16.840.1.113730.3.1.552
cosTemplateDn
Definition
Points to the entry that contains the CoS template.
This attribute is defined in Sun ONE Directory Server.
Syntax
Distinguished Name, single-valued.
OID
2.16.840.1.113730.3.1.553
crossCertificatePair
Definition
This attribute contains a pair of cross signed certificates. It is to be stored and requested in the binary form, as crossCertificatePair;binary.
For example:
crossCertificatePair;binary:: AAAAAA==
This attribute is defined in RFC 2256.
Syntax
Binary, multi-valued.
OID
2.5.4.40
dc (domainComponent)
Definition
Specifies one component of a domain name.
For example:
domainComponent: example
or
dc: example
This attribute is defined in RFC 2247.
Syntax
DirectoryString, single-valued.
OID
0.9.2342.19200300.100.1.25
deleteOldRdn
Description
In the case of modrdn operations, specifies whether the old RDN was deleted.
This attribute is defined in Changelog Internet Draft.
Syntax
Boolean, multi-valued.
OID
2.16.840.1.113730.3.1.10
deltaRevocationList
Definition
This attribute contains the delta revocation list, a list of newly revoked certificates. It is stored and requested in the binary form, as deltaRevocationList;binary.
For example:
deltaRevocationList;binary:: AAAAAA==
This attribute is defined in RFC 2256.
Syntax
Binary, multi-valued.
OID
2.5.4.53
departmentNumber
Definition
Identifies the entry's department number.
For example:
departmentNumber: 2604
This attribute is defined in RFC 2798.
Syntax
DirectoryString, multi-valued.
OID
2.16.840.1.113730.3.1.2
description
Definition
Provides a human-readable description of the object. For people and organizations this often includes their role or work assignment.
For example:
description: Quality control inspector for the ME2873 product line
This attribute is defined in RFC 2256.
Syntax
DirectoryString, multi-valued.
OID
2.5.4.13
destinationIndicator
Definition
The country and city associated with the entry needed to provide Public Telegram Service. Generally used in conjunction with registeredAddress.
For example:
destinationIndicator: Stow, Ohio, USA
This attribute is defined in RFC 2256.
Syntax
DirectoryString, multi-valued.
OID
2.5.4.27
displayName
Definition
Preferred name of a person to be used when displaying entries. Especially useful in displaying a preferred name for an entry within a one-line summary list. Since other attribute types, such as cn, are multi-valued, they cannot be used to display a preferred name.
For example:
displayName: Michigan Smith
This attribute is defined in RFC 2798.
Syntax
DirectoryString, single-valued.
OID
2.16.840.1.113730.3.1.241
ditRedirect
Definition
Used to indicate that the object described by one entry now has a newer entry in the directory tree. This attribute may be used when an individual's place of work changes, and the individual acquires a new organizational DN.
For example:
ditRedirect: cn=jdoe, dc=example, dc=com
This attribute is defined in RFC 1274.
Syntax
DN
OID
0.9.2342.19200300.100.1.54
dmdName
Definition
The value of this attribute specifies a directory management domain (DMD), the administrative authority that operates the directory server.
For example:
dmdName: example.com
This attribute is defined in RFC 2256.
Syntax
DirectoryString, multi-valued.
OID
2.5.4.54
dn (distinguishedName)
Definition
Defines the distinguished name (dn) for the entry. Note that the dn is not always a mandatory attribute in an entry.
For example:
dn: cn=Jane Doe, ou=Quality Control, dc=example, dc=com
This attribute is defined in RFC 2256.
Syntax
DN
OID
2.5.4.49
dNSRecord
Definition
Specifies DNS resource records, including type A (Address), type MX (Mail Exchange), type NS (Name Server), and type SOA (Start Of Authority) resource records.
For example:
dNSRecord: IN NS ns.uu.net
This attribute is defined in Internet directory pilot.
Syntax
IA5String, multi-valued.
OID
0.9.2342.19200300.100.1.26
documentAuthor
Definition
Contains the distinguished name of the author of a document entry.
For example:
documentAuthor: cn=John Doe, dc=example, dc=com
This attribute is defined in RFC 1274.
Syntax
DN, multi-valued.
OID
0.9.2342.19200300.100.1.14
documentIdentifier
Definition
Specifies a unique identifier for a document.
For example:
documentIdentifier: L3204REV1
This attribute is defined in RFC 1274.
Syntax
DirectoryString, multi-valued.
OID
0.9.2342.19200300.100.1.11
documentLocation
Definition
Defines the location of the original copy of a document entry.
For example:
documentLocation: Department Library
This attribute is defined in RFC 1274.
Syntax
DirectoryString, multi-valued.
OID
0.9.2342.19200300.100.1.15
documentPublisher
Definition
The person and/or organization that published a document.
For example:
documentPublisher: Southeastern Publishing
This attribute is defined in RFC 1274.
Syntax
DirectoryString, single-valued.
OID
0.9.2342.19200300.100.1.56
documentStore
Definition
Defines the place in which a document is stored. This attribute is defined in the Internet White Pages Pilot.
Syntax
DirectoryString, multi-valued.
OID
0.9.2342.19200300.102.1.10
documentTitle
Definition
Contains the title of a document entry.
For example:
documentTitle: Directory Administrator's Guide
This attribute is defined in RFC 1274.
Syntax
DirectoryString, multi-valued.
OID
0.9.2342.19200300.100.1.12
documentVersion
Definition
Defines the version of a document entry.
For example:
documentVersion: 1.1
This attribute is defined in RFC 1274.
Syntax
DirectoryString, multi-valued.
OID
0.9.2342.19200300.100.1.13
drink (favoriteDrink)
Definition
Describes the favorite drink of a person entry.
For example:
drink: gin
or
favoriteDrink: gin
This attribute is defined in RFC 1274.
Syntax
DirectoryString, multi-valued.
OID
0.9.2342.19200300.100.1.5
dSAQuality
Definition
Specifies the purported quality of a DSA. This attribute allows a DSA manager to indicate the expected level of availability of the DSA.
For example:
dSAQuality: high
This attribute is defined in RFC 1274.
Syntax
DirectoryString, single-valued.
OID
0.9.2342.19200300.100.1.49
employeeNumber
Definition
Identifies the entry's employee number.
For example:
employeeNumber: 3440
This attribute is defined in RFC 2798.
Syntax
DirectoryString, single-valued.
OID
2.16.840.1.113730.3.1.3
employeeType
Definition
Identifies the entry's type of employment.
For example:
employeeType: Full time
This attribute is defined in RFC 2798.
Syntax
DirectoryString, multi-valued.
OID
2.16.840.1.113730.3.1.4
enhancedSearchGuide
Definition
Used by X.500 clients when constructing search filters.
For example:
enhancedSearchGuide: (uid=mhughes)
This attribute is defined in RFC 2798.
Syntax
DirectoryString, multi-valued.
OID
2.5.4.47
fax (facsimileTelephoneNumber)
Definition
Identifies the fax number at which the entry can be reached. Abbreviation: fax.
For example:
facsimileTelephoneNumber: 415-555-1212
or:
fax: 415-555-1212
This attribute is defined in RFC 2256.
Syntax
TelephoneNumber, multi-valued.
OID
2.5.4.23
gecos
Definition
The default GECOS.
This attribute is defined in RFC 2307.
Syntax
String, single-valued.
OID
1.3.6.1.1.1.1.2
generationQualifier
Definition
Contains the generation Qualifier part of the name, typically appearing in the suffix.
For example:
generationQualifier: Jr
This attribute is defined in RFC 2256.
Syntax
DirectoryString, multi-valued.
OID
2.5.4.44
gidNumber
Definition
Group ID number.
For example:
gidNumber: 162035
This attribute is defined in RFC 2307.
Syntax
Integer, single-valued.
OID
1.3.6.1.1.1.1.1
givenName
Definition
Identifies the entry's given name, usually a person's first name.
For example:
givenName: Hecuba
This attribute is defined in RFC 2256.
Syntax
DirectoryString, multi-valued.
OID
2.5.4.42
homeDirectory
Definition
The home directory of the account.
For example:
homeDirectory: /home/bsmith
This attribute is defined in RFC 2307.
Syntax
String, single-valued.
OID
1.3.6.1.1.1.1.3
homePhone
Definition
Identifies the entry's home phone number.
For example:
homePhone: 415-555-1212
This attribute is defined in RFC 1274.
Syntax
TelephoneNumber, multi-valued.
OID
0.9.2342.19200300.100.1.20
homePostalAddress
Definition
Identifies the entry's home mailing address. This field is intended to include multiple lines, but each line within the entry should be separated by a dollar sign ($). To represent an actual dollar sign ($) or backslash (\) within this text, use the escaped hex values \24 and \5c respectively.
To identify an entry's home mailing address:
homePostalAddress: 1234 Ridgeway Drive$Santa Clara, CA$99555
Additionally, to represent the string:
The dollar ($) value can be found
in the c:\cost file.provide the string:
The dollar (\24) value can be found$in the c:\5ccost file.
This attribute is defined in RFC 1274.
Syntax
DirectoryString, multi-valued.
OID
0.9.2342.19200300.100.1.39
host
Definition
Defines the hostname of a computer.
For example:
host: myServer
This attribute is defined in RFC 1274.
Syntax
DirectoryString, multi-valued.
OID
0.9.2342.19200300.100.1.9
houseIdentifier
Definition
Identifies a building in a location.
For example:
houseIdentifier: B105
This attribute is defined in RFC 2256.
Syntax
DirectoryString, multi-valued.
OID
2.5.4.51
info
Definition
Specifies any general information pertinent to an object. It is recommended that specific usage of this attribute type is avoided, and that specific requirements are met by other (possibly additional) attribute types.
For example:
info: not valid
This attribute is defined in RFC 1274.
Syntax
DirectoryString, multi-valued.
OID
0.9.2342.19200300.100.1.4
initials
Definition
Identifies the entry's initials. Does not identify the entry's surname.
For example:
initials: BFA
This attribute is defined in RFC 2256.
Syntax
DirectoryString, multi-valued.
OID
2.5.4.43
internationaliSDNNumber
Definition
Contains the ISDN number of the entry. This is in the internationally agreed format for ISDN addresses given in CCITT Rec. E. 164.
For example:
internationaliSDNNumber: +SO 812467
This attribute is defined in RFC 2256.
Syntax
IA5String, multi-valued.
OID
2.5.4.25
ipHostNumber
Definition
IP address, expressed as a dotted decimal, omitting leading zeros.
For example:
ipHostNumber: 10.0.0.1
This attribute is defined in RFC 2307.
Syntax
IA5String{128}
OID
1.3.6.1.1.1.1.19
ipNetmaskNumber
Definition
IP netmask, expressed as a dotted decimal, omitting leading zeros.
For example:
ipNetmaskNumber: 255.255.255.0
This attribute is defined in RFC 2307.
Syntax
IA5String{128}, single-valued.
OID
1.3.6.1.1.1.1.21
ipNetworkNumber
Definition
IP network, expressed as a dotted decimal, omitting leading zeros.
For example:
ipNetworkNumber: 192.168
This attribute is defined in RFC 2307.
Syntax
IA5String{128}, single-valued.
OID
1.3.6.1.1.1.1.20
ipProtocolNumber
Definition
The IP protocol number. This attribute is defined in RFC 2307.
Syntax
Integer, single-valued.
OID
1.3.6.1.1.1.1.17
ipServicePort
Definition
The IP service port number. This attribute is defined in RFC 2307.
Syntax
Integer, single-valued.
OID
1.3.6.1.1.1.1.15
ipServiceProtocol
Definition
The IP service protocol.
For example:
ipServiceProtocol: tcp
ipServiceProtocol: udp
This attribute is defined in RFC 2307.
Syntax
String, multi-valued.
OID
1.3.6.1.1.1.1.16
janetMailbox
Definition
Specifies an email address. This attribute is intended for the convenience of UK users unfamiliar with rfc822 mail addresses. Entries using this attribute must also include an rfc822Mailbox attribute.
This attribute is defined in RFC 1274.
Syntax
DirectoryString, multi-valued.
OID
0.9.2342.19200300.100.1.46
javaClassName
Definition
Stores the fully qualified name of the Java object's distinguished class or interface.
For example:
javaClassName: java.lang.String
This attribute is defined in RFC 2713.
Syntax
Directory String, single-valued.
OID
1.3.6.1.4.1.42.2.27.4.1.6
javaClassNames
Definition
Stores the Java object's fully qualified class or interface names. It is a multivalued attribute. When more than one value is present, each is the name of a class or interface, or ancestor class or interface, of this object.
This attribute is defined in RFC 2713.
Syntax
Directory String, multi-valued.
OID
1.3.6.1.4.1.42.2.27.4.1.13
javaCodebase
Definition
Stores the Java class definition's locations. It specifies the locations from which to load the class definition for the class specified by the javaClassName attribute. If this attribute contains more than one value, each value is an independent codebase.
This attribute is defined in RFC 2713.
Syntax
IA5String, multi-valued.
OID
1.3.6.1.4.1.42.2.27.4.1.7
javaDoc
Definition
This attribute stores a pointer to the Java documentation for the class. Its value is a URL.
For example:
javaDoc: http://java.sun.com/products/jdk/1.2/docs/api/java/lang/String.html
This attribute is defined in RFC 2713.
Syntax
IA5String, multi-valued.
OID
1.3.6.1.4.1.42.2.27.4.1.12
javaFactory
Definition
Stores the fully qualified class name of the object factory that can be used to create an instance of the object identified by the javaClassName attribute.
For example:
javaFactory: com.example.jndi.ExampleObjectFactory
This attribute is defined in RFC 2713.
Syntax
String, multi-valued.
OID
1.3.6.1.4.1.42.2.27.4.1.10
javaReferenceAddress
Definition
Represents the sequence of addresses of a JNDI reference. Each of its values represents one address, a Java object of type javax.naming.RefAddr. Its value is a concatenation of the address type and address contents, preceded by a sequence number.
For example:
ipServiceProtocol:
#0#TypeA#ValA
#1#TypeB#ValB
#2#TypeC##rO0ABXNyABpq
This attribute is defined in RFC 2713.
Syntax
Directory String, multi-valued.
OID
1.3.6.1.4.1.42.2.27.4.1.11
javaSerializedData
Definition
Stores the serialized form of a Java object.
This attribute is defined in RFC 2713.
Syntax
Octet String, single-valued.
OID
1.3.6.1.4.1.42.2.27.4.1.8
jpegPhoto
Definition
Contains a JPEG photo of the entry.
For example:
jpegPhoto:: AAAAAA==
This attribute is defined in RFC 2798.
Syntax
Binary, multi-valued.
OID
0.9.2342.19200300.100.1.60
keyWords
Definition
Contains keywords for the entry.
For example:
keyWords: directory LDAP X.500
This attribute is defined in Internet White Pages Pilot.
Syntax
DirectoryString, multi-valued.
OID
0.9.2342.19200300.102.1.7
knowledgeInformation
Definition
This attribute is no longer used.
This attribute is defined in RFC 2256.
Syntax
DirectoryString, multi-valued.
OID
2.5.4.2
l (localityName)
Definition
Identifies the county, city, or other geographical area in which the entry is located or with which it is in some other way associated.
For example:
localityName: Santa Clara
or
l: Santa Clara
This attribute is defined in RFC 2256.
Syntax
DirectoryString, multi-valued.
OID
2.5.4.7
labeledURI
Definition
Specifies a Uniform Resource Identifier (URI) that is relevant in some way to the entry. Values placed in the attribute should consist of a URI (currently only URLs are supported) optionally followed by one or more space characters and a label.
For example:
labeledURI: http://home.sun.com
labeledURI: http://home.sun.com Sun website
This attribute is defined in RFC 2079.
Syntax
IA5String, multi-valued.
OID
1.3.6.1.4.1.250.1.57
lastModifiedBy
Definition
Specifies the distinguished name of the last user to modify the associated entry.
For example:
lastModifiedBy: cn=Jane Doe,ou=Quality Control,dc=example,dc=com
This attribute is defined in RFC 1274.
Syntax
DN, single-valued.
OID
0.9.2342.19200300.100.1.24
lastModifiedTime
Definition
Defines the last time, in UTC format, that a change was made to the entry.
For example:
lastModifiedTime: Thursday, 22-Sep-93 14:15:00 GMT
This attribute is defined in RFC 1274.
Syntax
DirectoryString, single-valued.
OID
0.9.2342.19200300.100.1.23
loginShell
Definition
The path to the login shell.
For example:
loginShell: /bin/csh
This attribute is defined in RFC 2307.
Syntax
IA5String, single-valued.
OID
1.3.6.1.1.1.1.4
macAddress
Definition
The MAC address in maximal, colon separated hex notation, eg. 00:00:92:90:ee:e2.
For example:
macAddress: 00:00:92:90:ee:e2
This attribute is defined in RFC 2307.
Syntax
String, multi-valued.
OID
1.3.6.1.1.1.1.22
Definition
Identifies a user's primary email address (the email address retrieved and displayed by "white-pages" lookup applications).
For example:
mail: banderson@example.com
This attribute is defined in RFC 1274.
Syntax
DirectoryString, single-valued.
OID
0.9.2342.19200300.100.1.3
mailPreferenceOption
Definition
Not used in Messaging Server 4.0.
Indicates a preference for the inclusion of user names on mailing lists (electronic or physical). Accepted values include:
- 0: user doesn't want to be included in mailing lists.
- 1: user consents to be added to any mailing list.
- 2: user only wants to be added to mailing lists that the list provider views as relevant to the user's professional interests.
The absence of this attribute for a person should be interpreted as if the attribute were present with the value no-list-inclusion. This attribute should be interpreted by anyone using the directory to derive mailing lists, and its value respected.
For example:
mailPreferenceOption:0
This attribute is defined in RFC 1274.
Syntax
Integer, single-valued.
OID
0.9.2342.19200300.100.1.47
manager
Definition
Identifies the distinguished name of the entry's manager.
For example:
manager:cn=Jane Doe, ou=Quality Control, dc=example, dc=com
This attribute is defined in RFC 1274.
Syntax
DN, multi-valued.
OID
0.9.2342.19200300.100.1.10
member
Definition
Identifies the distinguished names for each member of the group.
For example:
member: cn=John Doe, dc=example, dc=com
This attribute is defined in RFC 2256.
Syntax
DN, multi-valued.
OID
2.5.4.31
memberCertificateDescription
Definition
A multi-valued attribute, for which each value is a description, a pattern, or a filter matching the subject DN of a certificate (usually certificates used for SSL client authentication).
memberCertificateDescription matches any certificate that contains a subject DN with the same AVAs as the description. The description may contain multiple "ou=" AVAs. A matching DN must contain those same "ou=" AVAs, in the same order, although it may contain other AVAs (including other "ou=" AVAs) interspersed. For any other attribute type (not ou), there should be at most one AVA of that type in the description. If there are several, all but the last are ignored.
A matching DN must contain that same AVA, but no other AVA of the same type nearer the root (later, syntactically).
AVAs are considered the same if they contain the same attribute description (case-insensitive comparison) and the same attribute value (case-insensitive comparison, leading and trailing whitespace ignored, and consecutive whitespace characters treated as a single SP).
In order to be considered a member of a group with the following memberCertificateDescription, a certificate would need to include ou=x, ou=A, and o=example, but not o=company.
memberCertificateDescription: {ou=x, ou=A, o=company, o=example}
In order to match the group's requirements, a certificate's subject DNs must contain the same ou attribute types in the same order as defined in the memberCertificateDescription attribute.
This attribute is defined in Sun ONE Directory Server.
Syntax
IA5String, multi-valued.
OID
2.16.840.1.113730.3.1.199
memberNisNetgroup
Definition
The name of a netgroup. This attribute is defined in RFC 2307.
Syntax
IA5String, multi-valued.
OID
1.3.6.1.1.1.1.13
memberUid
Definition
The user id of the member. This attribute is defined in RFC 2307.
Syntax
IA5String, multi-valued.
OID
1.3.6.1.1.1.1.12
memberURL
Definition
Identifies a URL associated with each member of a group. Any type of labeled URL can be used.
For example:
memberURL: ldap:///cn=jdoe,dc=example,dc=com
This attribute is defined in Sun ONE Directory Server.
Syntax
IA5String, multi-valued.
OID
2.16.840.1.113730.3.1.198
mobile
Definition
Identifies the entry's mobile or cellular phone number. Abbreviation: mobile.
For example:
mobileTelephoneNumber: 415-555-4321
mobile: 415-555-4321
This attribute is defined in RFC 1274.
Syntax
TelephoneNumber, multi-valued.
OID
0.9.2342.19200300.100.1.41
multiLineDescription
Definition
Provides descriptive text for a mail user. When represented in LDIF format, each line should be separated by a dollar sign ($). The Directory Server expects 0 or 1 occurrences of this attribute per mail account.
For example:
multiLineDescription: Account Administrator and$directory manager.
To represent an actual dollar sign ($) or backslash (\) within this text, use the escaped hex values \24 and \5c respectively. For example, to represent the string:
The dollar ($) value can be found in the c:\cost file.
provide the string:
The dollar (\24) value can be found$in the c:\5ccost file.
This attribute is defined in Internet White Pages Pilot.
Syntax
DirectoryString, multi-valued.
OID
1.3.6.1.4.1.250.1.2
name
Definition
Identifies the attribute supertype from which string attribute types used for naming may be formed. It is unlikely that values of this type will occur in an entry. LDAP server implementations that do not support attribute subtyping do not need to recognize this attribute in requests. Client implementations should not assume that LDAP servers are capable of performing attribute subtyping.
This attribute is defined in RFC 2256.
Syntax
DirectoryString, multi-valued.
OID
2.5.4.41
newRdn
Description
In the case of modrdn operations, specifies the new RDN of the entry.
This attribute is defined in Changelog Internet Draft.
Syntax
DN, single-valued.
OID
2.16.840.1.113730.3.1.9
newSuperior
Description
In the case of modrdn operations, specifies the newSuperior attribute of the entry.
This attribute is defined in Changelog Internet Draft.
Syntax
DN, single-valued.
OID
2.16.840.1.113730.3.1.11
nisMapEntry
Definition
The NIS map entry ID.
This attribute is defined in RFC 2307.
Syntax
IA5String{1024}, single-valued
OID
1.3.6.1.1.1.1.27
nisMapName
Definition
The name of the NIS map. This attribute is defined in RFC 2307.
Syntax
String, multi-valued.
OID
1.3.6.1.1.1.1.26
nisNetgroupTriple
Definition
Defines a NIS netgroup with the syntax "hostname","username","domainname".
For example:
nisNetgroupTriple: (myserver,jsmith,example.com)
This attribute is defined in RFC 2307.
Syntax
nisNetgroupTripleSyntax
OID
1.3.6.1.1.1.1.14
nsLicensedFor
Definition
Identifies the server the user is licensed to use. The Administration Server expects each nsLicenseUser entry to contain zero or more instances of this attribute. Valid keywords for this attribute are currently:
- mail: the user is a licensed client of the Messaging Server.
- new: the user is a licensed client of the Collabra Server.
- slapd: the user is a licensed client of the Directory Server.
- cal: the user is a licensed client of the Calendar Server.
For example:
nsLicensedFor: slapd
This attribute is defined in Sun ONE Administration Services.
Syntax
DirectoryString, multi-valued.
OID
2.16.840.1.113730.3.1.36
nsRoleScopeDn
Definition
Determines the scope of a role entry. If this attribute is not present, the scope of the role is defined by the LDAPsubentry. Otherwise, the scope is the union of the scope defined by the LDAPsubentry and the scope defined in this attribute.
This attribute is defined in Sun ONE Directory Server.
Syntax
DirectoryString, single-valued.
OID
1.3.6.1.4.1.1466.115.121.1.12
o (organizationName)
Definition
Identifies the name of the organization.
For example:
organizationName: example, Inc.
or
o: example, Inc
This attribute is defined in RFC 2256.
Syntax
DirectoryString, multi-valued.
OID
2.5.4.10
objectClass
Definition
Specifies the object classes of the object. Must include the object.
For example:
objectClass: person
This attribute is defined in RFC 2256.
Syntax
IA5String, multi-valued.
OID
2.5.4.0
obsoletedByDocument
Definition
Contains the distinguished name of a document that obsoletes the document entry.
For example:
obsoletedbyDocument: cn=Document Version 2, ou=Document Library,
dc=example, dc=comThis attribute is defined in Internet White Pages Pilot.
Syntax
DN, multi-valued.
OID
0.9.2342.19200300.102.1.4
obsoletesDocument
Definition
Contains the distinguished name of a document that is obsoleted by the document entry.
For example:
obsoletesDocument: cn=Document Version 1, ou=Document Library,
dc=example, dc=comThis attribute is defined in Internet White Pages Pilot.
Syntax
DN, multi-valued.
OID
0.9.2342.19200300.102.1.3
oncRpcNumber
Definition
The Open Network Computing (ONC) Remote Procedure Call (RPC) number.
This attribute is defined in RFC 2307.
Syntax
Integer, single-valued.
OID
1.3.6.1.1.1.1.18
organizationalStatus
Definition
Specifies a category by which a person is often referred to in an organization.
For example:
organizationalStatus: researcher
This attribute is defined in RFC 1274.
Syntax
DirectoryString, multi-valued.
OID
0.9.2342.19200300.100.1.45
otherMailbox
Definition
Specifies values for electronic mailbox types other than X.400 and rfc822.
For example:
otherMailbox: Telemail: x378: Joe
This attribute is defined in RFC 1274.
Syntax
DirectoryString, multi-valued.
OID
0.9.2342.19200300.100.1.22
ou (organizationUnitName)
Definition
Identifies the name of an organizational unit.
For example:
organizationUnitName: Marketing
or
ou: Marketing
This attribute is defined in RFC 2256.
Syntax
DirectoryString, multi-valued.
OID
2.5.4.11
owner
Definition
Identifies the distinguished name of the person responsible for the entry.
For example:
owner: cn=Babs Jensen, dc=example, dc=com
This attribute is defined in RFC 2256.
Syntax
DN, multi-valued.
OID
2.5.4.32
pager (pagerTelephoneNumber)
Definition
Identifies the entry's pager phone number.
For example:
pagerTelephoneNumber: 415-555-6789
or
pager: 415-555-6789
This attribute is defined in RFC 1274.
Syntax
TelephoneNumber, multi-valued.
OID
0.9.2342.19200300.100.1.42
passwordChange
Definition
Indicates whether users may change their passwords.
This attribute is defined in Sun ONE Directory Server.
Syntax
DirectoryString, single-valued.
OID
2.16.840.1.113730.3.1.102
passwordCheckSyntax
Definition
Indicates whether the password syntax will be checked before the password is saved.
This attribute is defined in Sun ONE Directory Server.
Syntax
DirectoryString, single-valued.
OID
2.16.840.1.113730.3.1.103
passwordExp
Definition
Indicates whether user passwords will expire after a specified number of seconds.
This attribute is defined in Sun ONE Directory Server.
Syntax
DirectoryString, single-valued.
OID
2.16.840.1.113730.3.1.98
passwordInHistory
Definition
Indicates the number of passwords the Directory Server stores in history.
This attribute is defined in Sun ONE Directory Server.
Syntax
Integer, single-valued.
OID
2.16.840.1.113730.3.1.101
passwordLockout
Definition
Enables the account lockout mechanism.
This attribute is defined in Sun ONE Directory Server.
Syntax
DirectoryString, single-valued.
OID
2.16.840.1.113730.3.1.105
passwordLockoutDuration
Definition
Specifies the length of time (in seconds) during which users will be locked out of the directory.
This attribute is defined in Sun ONE Directory Server.
Syntax
Integer, single-valued.
OID
2.16.840.1.113730.3.1.109
passwordMaxAge
Definition
Indicates the number of seconds after which user passwords will expire.
This attribute is defined in Sun ONE Directory Server.
Syntax
Integer, single-valued.
OID
2.16.840.1.113730.3.1.97
passwordMaxFailure
Definition
Specifies the number of consecutive failed bind attempts after which a user will be locked out of the directory.
This attribute is defined in Sun ONE Directory Server.
Syntax
Integer, single-valued.
OID
2.16.840.1.113730.3.1.106
passwordMinAge
Definition
Specifies the number of seconds that must elapse between password modifications.
This attribute is defined in Sun ONE Directory Server.
Syntax
Integer, single-valued.
OID
2.16.840.1.113730.3.1.222
passwordMinLength
Definition
Specifies the minimum number of characters that must be used in a password.
This attribute is defined in Sun ONE Directory Server.
Syntax
Integer, single-valued.
OID
2.16.840.1.113730.3.1.99
passwordMustChange
Definition
Indicates whether users must change their passwords when they first bind to the Directory Server, or when the password has been reset by the administrator.
This attribute is defined in Sun ONE Directory Server.
Syntax
DirectoryString, single-valued.
OID
2.16.840.1.113730.3.1.220
passwordResetFailureCount
Definition
Specifies the length of time (in seconds) after which the password failure is reset to 0.
This attribute is defined in Sun ONE Directory Server.
Syntax
Integer, single-valued.
OID
2.16.840.1.113730.3.1.223
passwordStorageScheme
Definition
Specifies the algorithm used to encrypt Directory Server passwords.
This attribute is defined in Sun ONE Directory Server.
Syntax
DirectoryString, single-valued.
OID
2.16.840.1.113730.3.1.221
passwordUnlock
Definition
Specifies whether user accounts will be unlocked after a period of time.
This attribute is defined in Sun ONE Directory Server.
Syntax
DirectoryString, single-valued.
OID
2.16.840.1.113730.3.1.108
passwordWarning
Definition
Specifies the number of seconds before a user's password expires that the user will receive a password expiration warning on attempting to authenticate to the directory.
This attribute is defined in Sun ONE Directory Server.
Syntax
Integer, single-valued.
OID
2.16.840.1.113730.3.1.104
personalSignature
Definition
A signature file, in binary format, for the entry.
For example:
personalSignature:: AAAAAA==
This attribute is defined in RFC 1274.
Syntax
Binary, multi-valued.
OID
0.9.2342.19200300.100.1.53
personalTitle
Definition
Specifies a personal title for a person. Examples of personal titles are "Ms," "Dr," "Prof," and "Rev."
For example:
personalTitle: Mr
This attribute is defined in RFC 1274.
Syntax
DirectoryString, multi-valued.
OID
0.9.2342.19200300.100.1.40
photo
Definition
Contains a photo, in binary form, of the entry.
For example:
photo:: AAAAAA==
This attribute is defined in RFC 1274.
Syntax
Binary, multi-valued.
OID
0.9.2342.19200300.100.1.7
physicalDeliveryOfficeName
Definition
Identifies the name of the city or village in which a physical delivery office is located.
For example:
physicalDeliveryOfficeName: Santa Clara
This attribute is defined in RFC 2256.
Syntax
DirectoryString, multi-valued.
OID
2.5.4.19
postalAddress
Definition
Identifies the entry's mailing address. This field is intended to include multiple lines. When represented in LDIF format, each line should be separated by a dollar sign ($).
For example:
postalAddress: P.O. Box 3541$Santa Clara, CA$99555
To represent an actual dollar sign ($) or backslash (\) within the text, use the escaped hex values \24 and \5c respectively.
This attribute is defined in RFC 2256.
Syntax
DirectoryString, multi-valued.
OID
2.5.4.16
postalCode
Definition
Identifies the entry's zip code in the United States.
For example:
postalCode: 44224
This attribute is defined in RFC 2256.
Syntax
DirectoryString, multi-valued.
OID
2.5.4.17
postOfficeBox
Definition
Specifies a postal mailing address.
For example:
postOfficeBox: P.O. Box 1234
This attribute is defined in RFC 2256.
Syntax
DirectoryString, multi-valued.
OID
2.5.4.18
preferredDeliveryMethod
Definition
Identifies the entry's preferred contact or delivery method.
For example:
preferredDeliveryMethod: telephone
This attribute is defined in RFC 2256.
Syntax
DirectoryString, single-valued.
OID
2.5.4.28
preferredLanguage
Definition
Defines a person's preferred written or spoken language. The value for this attribute should conform to the syntax for HTTP Accept-Language header values.
For example:
preferredLanguage: en-us
This attribute is defined in RFC 2798.
Syntax
DirectoryString, single-valued.
OID
2.16.840.1.113730.3.1.39
presentationAddress
Definition
Contains an OSI presentation address for the entry. The presentation address consists of an OSI Network Address and up to three selectors, one each for use by the transport, session, and presentation entities.
For example:
presentationAddress: TELEX+00726322+RFC-1006+02+130.59.2.1
This attribute is defined in RFC 2256.
Syntax
IA5String, single-valued.
OID
2.5.4.29
protocolInformation
Definition
Used in conjunction with the presentationAddress attribute to provide additional information to the OSI network service.
This attribute is defined in RFC 2256.
Syntax
DirectoryString, multi-valued.
OID
2.5.4.48
ref
Description
Used in LDAPv3 to support smart referrals. Contains an LDAP URL in the format:
ldap://<servername>:<portnumber>/<dn>
The port number is optional.
For example:
ref: ldap://server.example.com:389/ou=People, o=example.com
Note that DN special characters must be escaped. For example:
ref: ldap://server.example.com:389/ou=People, o=example%Inc
This attribute is defined in RFC 3296.
Syntax
IA5String, multi-valued.
OID
2.16.840.1.113730.3.1.34
registeredAddress
Definition
This attribute contains a postal address for receiving telegrams or expedited documents. The recipient's signature is usually required on delivery.
This attribute is defined in RFC 2256.
Syntax
DirectoryString, multi-valued.
OID
2.5.4.26
roleOccupant
Definition
Contains the distinguished name of the person acting in the role defined in the organizationalRole entry.
For example:
roleOccupant: uid=jdoe, dc=example, dc=com
This attribute is defined in RFC 2256.
Syntax
DN, multi-valued.
OID
2.5.4.33
roomNumber
Definition
Specifies the room number of an object. Note that the commonName attribute should be used for naming room objects.
For example:
roomNumber: 230
This attribute is defined in RFC 1274.
Syntax
DirectoryString, multi-valued.
OID
0.9.2342.19200300.100.1.6
searchGuide
Definition
Specifies information for a suggested search criteria when using the entry as the base object in the directory tree for a search operation. When constructing search filters, use enhancedSearchGuide instead.
This attribute is defined in RFC 2256.
Syntax
IA5String, multi-valued.
OID
2.5.4.14
secretary
Definition
Identifies the entry's secretary or administrative assistant.
For example:
secretary: cn=John Doe, dc=example, dc=com
This attribute is defined in RFC 1274.
Syntax
DN, multi-valued.
OID
0.9.2342.19200300.100.1.21
seeAlso
Definition
Identifies another directory server entry that may contain information related to this entry.
For example:
seeAlso: cn=Quality Control Inspectors,ou=manufacturing,
dc=example, dc=comThis attribute is defined in RFC 2256.
Syntax
DN, multi-valued.
OID
2.5.4.34
serialNumber
Definition
Specifies the serial number of a device.
For example:
serialNumber: 555-1234-AZ
This attribute is defined in RFC 2256.
Syntax
DirectoryString, multi-valued.
OID
2.5.4.5
shadowExpire
Definition
UNIX systems only. Related to the /etc/shadow file, this attribute contains an absolute date specifying when the login may no longer be used.
This attribute is defined in RFC 2307.
Syntax
Integer, single-valued.
OID
1.3.6.1.1.1.1.10
shadowFlag
Definition
UNIX systems only. Related to the /etc/shadow file, this attribute is currently not used and is reserved for future use.
This attribute is defined in RFC 2307.
Syntax
Integer, single-valued.
OID
1.3.6.1.1.1.1.11
shadowInactive
Definition
UNIX systems only. Related to the /etc/shadow file, this attribute specifies the number of days of inacitivity allowed for the specified user.
This attribute is defined in RFC 2307.
Syntax
Integer, single-valued.
OID
1.3.6.1.1.1.1.9
shadowLastChange
Definition
UNIX systems only. Related to the /etc/shadow file, this attribute specifies number of days between January 1, 1970, and the date that the password was last modified.
This attribute is defined in RFC 2307.
Syntax
Integer, single-valued.
OID
1.3.6.1.1.1.1.5
shadowMax
Definition
UNIX systems only. Related to the /etc/shadow file, this attribute specifies the maximum number of days the password is valid.
This attribute is defined in RFC 2307.
Syntax
Integer, single-valued.
OID
1.3.6.1.1.1.1.7
shadowMin
Definition
UNIX systems only. Related to the /etc/shadow file, this attribute specifies the minimum number of days required between password changes.
This attribute is defined in RFC 2307.
Syntax
Integer, single-valued.
OID
1.3.6.1.1.1.1.6
shadowWarning
Definition
UNIX systems only. Related to the /etc/shadow file, this attribute specifies the number of days before the password expires that the user is warned.
This attribute is defined in RFC 2307.
Syntax
Integer, single-valued.
OID
1.3.6.1.1.1.1.8
singleLevelQuality
Definition
Specifies the purported data quality at the level immediately below in the DIT.
This attribute is defined in RFC 1274.
Syntax
DirectoryString, single-valued.
OID
0.9.2342.19200300.100.1.50
sn (surname)
Definition
Identifies the entry's surname, also referred to as last name or family name.
For example:
surname: Anderson
or
sn: Anderson
This attribute is defined in RFC 2256.
Syntax
DirectoryString, multi-valued.
OID
2.5.4.4
st (stateOrProvinceName)
Definition
Identifies the state or province in which the entry resides. Abbreviation: st.
For example:
stateOrProvinceName: California
or
st: California
This attribute is defined in RFC 2256.
Syntax
DirectoryString, multi-valued.
OID
2.5.4.8
street (streetAddress)
Definition
Identifies the entry's house number and street name.
For example:
streetAddress: 1234 Ridgeway Drive
or
street: 1234 Ridgeway Drive
This attribute is defined in RFC 2256.
Syntax
DirectoryString, multi-valued.
OID
2.5.4.9
subject
Definition
Contains information about the subject matter of the document entry.
For example:
subject: employee option grants
This attribute is defined in Internet White Pages Pilot.
Syntax
DirectoryString, multi-valued.
OID
0.9.2342.19200300.102.1.8
subtreeMaximumQuality
Definition
Specifies the purported maximum data quality for a DIT subtree.
This attribute is defined in RFC 1274.
Syntax
DirectoryString, single-valued.
OID
0.9.2342.19200300.100.1.52
subtreeMinimumQuality
Definition
Specifies the purported minimum data quality for a DIT subtree.
This attribute is defined in RFC 1274.
Syntax
DirectoryString, single-valued.
OID
0.9.2342.19200300.100.1.51
supportedAlgorithms
Definition
This attribute is to be stored and requested in the binary form, as supportedAlgorithms;binary.
For example:
supportedAlgorithms;binary: AAAAAA==
This attribute is defined in RFC 2256.
Syntax
Binary, multi-valued.
OID
2.5.4.52
supportedApplicationContext
Definition
This attribute contains the identifiers of OSI application contexts.
This attribute is defined in RFC 2256.
Syntax
DirectoryString, multi-valued.
OID
2.5.4.30
targetDn
Description
Contains the DN of the entry that was affected by the LDAP operation. In the case of a modrdn operation, the targetDn attribute contains the DN of the entry before it was modified or moved.
This attribute is defined in Changelog Internet Draft.
Syntax
DN, multi-valued.
OID
2.16.840.1.113730.3.1.6
telephoneNumber
Definition
Identifies the entry's phone number.
For example:
telephoneNumber: 415-555-2233
This attribute is defined in RFC 2256.
Syntax
TelephoneNumber, multi-valued.
OID
2.5.4.20
telexNumber
Definition
Defines the telex number of the entry. The format of the telex number is as follows:
actual-number "$" country "$" answerback
where:
- actual-number: the syntactic representation of the number portion of the TELEX number being encoded.
- country: the TELEX country code.
- answerback: the answerback code of a TELEX terminal.
This attribute is defined in RFC 2256.
Syntax
DirectoryString, multi-valued.
OID
2.5.4.21
textEncodedORAddress
Definition
Defines the text-encoded Originator/Recipient (X.400) address of the entry as defined in RFC987.
For example:
textEncodedORAddress: /S=doe/OU=eng/O=example/ADMD=telemail/C=us/
This attribute is defined in RFC 1274.
Syntax
DirectoryString, multi-valued.
OID
0.9.2342.19200300.100.1.2
title
Definition
Identifies the title of a person in the organization.
For example:
title: Senior QC Inspector
This attribute is defined in RFC 2256.
Syntax
DirectoryString, multi-valued.
OID
2.5.4.12
uid (userID)
Definition
Identifies the entry's userid (usually the logon ID). Abbreviation: uid.
For example:
userid: banderson
or
uid: banderson
This attribute is defined in RFC 1274.
Syntax
DirectoryString, multi-valued.
OID
0.9.2342.19200300.100.1.1
uidNumber
Definition
UNIX only. Related to the /etc/shadow file, this attribute specifies the user's login ID.
This attribute is defined in RFC 2307.
Syntax
Integer, single-valued.
OID
1.3.6.1.1.1.1.0
uniqueIdentifier
Definition
Identifies a specific item used to distinguish between two entries when a distinguished name has been reused. This attribute is intended to detect an instance of a reference to a distinguished name that has been deleted. This attribute is assigned by the server.
For example:
uniqueIdentifier: 17B
This attribute is defined in RFC 1274.
Syntax
DirectoryString, multi-valued.
OID
0.9.2342.19200300.100.1.44
uniqueMember
Definition
Identifies a group of names associated with an entry where each name was given a uniqueIdentifier to ensure its uniqueness. A value for the uniqueMember attribute is a DN followed by the uniqueIdentifier.
For example:
uniqueMember: cn=John Doe, dc=example, dc=com 17
This attribute is defined in RFC 2256.
Syntax
DN, multi-valued.
OID
2.5.4.50
updatedByDocument
Definition
Contains the distinguished name of a document that is an updated version of the document entry.
For example:
updatedByDocument: cn=Document Version 2, ou=Document Library,
dc=example, dc=comThis attribute is defined in Internet White Pages Pilot.
Syntax
DN, multi-valued.
OID
0.9.2342.19200300.102.1.6
updatesDocument
Definition
Contains the distinguished name of a document for which this document is an updated version.
For example:
updatesDocument: cn=Document Version 1, ou=Document Library,
dc=example, dc=comThis attribute is defined in Internet White Pages Pilot.
Syntax
DN, multi-valued.
OID
0.9.2342.19200300.102.1.5
userCertificate
Definition
This attribute contains a certificate. It is to be stored and requested in the binary form, as userCertificate;binary.
For example:
userCertificate;binary:: AAAAAA==
This attribute is defined in RFC 2256.
Syntax
Binary, multi-valued.
OID
2.5.4.36
userClass
Definition
Specifies a category of computer user. The semantics of this attribute are arbitrary. The organizationalStatus attribute makes no distinction between computer users and others users and may be more applicable.
For example:
userClass: intern
This attribute is defined in RFC 1274.
Syntax
DirectoryString, multi-valued.
OID
0.9.2342.19200300.100.1.8
userPassword
Definition
Identifies the entry's password and encryption method in the following format:
{encryption method}encrypted password
Transfer of clear text passwords is strongly discouraged where the underlying transport service cannot guarantee confidentiality. Transfer of clear text may result in disclosure of the password to unauthorized parties.
For example:
userPassword: {ssha}9LsFG7RT+dFnPErwSfxDlaQTn6dbIFGklMNFRr==
This attribute is defined in RFC 2256.
Syntax
Binary, multi-valued.
OID
2.5.4.35
userPKCS12
Definition
This attribute provides a format for the exchange of personal identity information. The attribute is to be stored and requested in binary form, as userPKCS12;binary. The attribute values are PFX PDUs stored as binary data.
This attribute is defined in RFC 2798.
Syntax
Binary, multi-valued.
OID
2.16.840.1.113730.3.1.216
userSMIMECertificate
Definition
Used by Netscape Communicator for S/MIME. This attribute is to be stored and requested in the binary form, as userSMIMECertificate;binary.
For example:
userSMIMECertificate;binary:: AAAAAA==
This attribute is defined in RFC 2798.
Syntax
Binary, multi-valued.
OID
2.16.840.1.113730.3.1.40
x121Address
Definition
Defines the X.121 address of a person.
This attribute is defined in RFC 2256.
Syntax
IA5String, multi-valued.
OID
2.5.4.24
x500UniqueIdentifier
Definition
Reserved for future use. A binary method of identification useful for differentiating objects when a distinguished name has been reused.
For example:
x500UniqueIdentifier: 17B
This attribute is defined in RFC 2256.
Syntax
Binary, multi-valued.
OID
2.5.4.45