Sun Java(TM) System Directory Server 5 2004Q2 Administration Reference |
Chapter 9
This chapter contains an alphabetical list of the object classes accepted by the default schema. It provides a definition of each object class, and lists its Required and Allowed Attributes. If an object class inherits attributes from other object classes, the inherited attributes are shown in italics. An object class that inherits from another object class must appear after this object class in the schema.ldif file, otherwise the server will not start.
Object Class ReferenceThis chapter distinguishes between structural, and auxiliary, and abstract object classes. All directory entries are instances of structural object classes. Structural object classes represent real world objects, such as people, buildings, or countries. Auxiliary object classes allow you to extend object class definitions for specific entries. Abstract object classes are defined purely as a superclasses or templates for other (structural) object classes. Object classes listed here can be considered structural, unless otherwise indicated.
The object classes listed in this chapter are available to support your own information in Directory Server. Object classes that are used by Directory Server or other Sun Java System products for internal operations are not documented here. For information about these internal object classes, refer to Chapter 2, "Server Configuration Reference."
accountDefinition
Used to define entries representing computer accounts.
This object class is defined in RFC 1274.
Superior Class
top
OID
0.9.2342.19200300.100.4.5
Required Attributes
Allowed Attributes
aliasDefinition
Abstract object class, used to point to other entries in the directory tree.
Note that alias dereferencing is not supported in Sun Java System Directory Server.
This object class is defined in RFC 2256.
Superior Class
top
OID
2.5.6.1
Required Attributes
Attribute
Description
Defines the object classes for the entry.
Distinguished name of the entry for which this entry is an alias.
bootableDeviceDefinition
Auxiliary object class that specifies a device with boot parameters.
This object class is defined in RFC 2307.
Superior Class
top
OID
1.3.6.1.1.1.2.12
Allowed Attributes
changeLogEntryDefinition
Internal object class, used to represent changes made to Directory Server. You can configure Sun Java System Directory Server 5.2 to maintain a change log that is compatible with the change log implemented in Directory Server 4.x, 5.0, and 5.1 by enabling the Retro Changelog plug-in. Each entry in the change log has the object class changeLogEntry. This object class is defined in the Changelog Internet Draft.
Superior Class
top
OID
2.16.840.1.113730.3.2.1
Required Attributes
Allowed Attributes
cosClassicDefinitionDefinition
Identifies the template entry using both the template entry’s DN (as specified in the cosTemplateDn attribute) and the value of one of the target entry’s attributes (as specified in the cosSpecifier attribute).
This object class is defined in Sun Java System Directory Server.
Superior Class
cosSuperDefinition
OID
2.16.840.1.113730.3.2.100
Required Attributes
Attribute
Description
Defines the object classes for the entry.
Provides the name of the attribute for which you want to generate a value. You can specify more than one cosAttribute value.
Allowed Attributes
cosDefinitionDefinition
Defines the Class of Service you are using. This object class is supported for compatibility with the Directory Server 4.1 CoS Plugin. It will be deprecated in a future Directory Server release.
This object class is defined in Sun Java System Directory Server.
Superior Class
top
OID
2.16.840.1.113730.3.2.84
Required Attributes
Allowed Attributes
cosIndirectDefinitionDefinition
Identifies the template entry using the value of one of the target entry’s attributes. The attribute of the target entry is specified in the cosIndirectSpecifier attribute.
This object class is defined in Sun Java System Directory Server.
Superior Class
cosSuperDefinition
OID
2.16.840.1.113730.3.2.102
Required Attributes
Attribute
Description
Defines the object classes for the entry.
Provides the name of the attribute for which you want to generate a value. You can specify more than one cosAttribute value.
Allowed Attributes
Attribute
Description
Common name of the entry.
Specifies the attribute value used by an indirect CoS to identify the template entry.
Text description of the entry.
cosPointerDefinitionDefinition
Identifies the template entry associated with the CoS definition using the template entry’s DN value. The DN of the template entry is specified in the cosTemplateDn attribute.
This object class is defined in Sun Java System Directory Server.
Superior Class
cosSuperDefinition
OID
2.16.840.1.113730.3.2.101
Required Attributes
Attribute
Description
Defines the object classes for the entry.
Provides the name of the attribute for which you want to generate a value. You can specify more than one cosAttribute value.
Allowed Attributes
Attribute
Description
Common name of the entry.
Provides the DN of the template entry associated with the CoS definition.
Text description of the entry.
cosSuperDefinitionDefinition
All CoS definition object classes inherit from the cosSuperDefinition object class.
This object class is defined in Sun Java System Directory Server.
Superior Class
ldapSubEntry
OID
2.16.840.1.113730.3.2.99
Required Attributes
Attribute
Description
Defines the object classes for the entry.
Provides the name of the attribute for which you want to generate a value. You can specify more than one cosAttribute value.
Allowed Attributes
cosTemplateDefinition
Contains a list of the shared attribute values.
This object class is defined in Sun Java System Directory Server.
Superior Class
top
OID
2.16.840.1.113730.3.2.128
Required Attributes
Allowed Attributes
Attribute
Description
Common name of the entry.
Specifies which template provides the attribute value, when CoS templates compete to provide an attribute value.
countryDefinition
Used to define entries that represent countries.
This object class is defined in RFC 2256.
Superior Class
top
OID
2.5.6.2
Required Attributes
Attribute
Description
Defines the object classes for the entry.
Contains the two-character code representing country names in the directory (as defined in ISO-3166.)
Allowed Attributes
dcObjectDefinition
This auxiliary object class defines a domain component, such as a network domain that is associated with the entry. This object class is defined as auxiliary because it is commonly used in combination with another object class, such as organization, organizationUnit, or locality. For example:
dn: ou=Engineering,dc=example,dc=com
objectClass: top
objectClass: organizationalUnit
objectClass: dcObject
ou: Engineering
dc: engThis object class is defined in RFC 2247.
Superior Class
top
OID
1.3.6.1.4.1.1466.344
Required Attributes
See Also
deviceDefinition
Used to store information about network devices, such as printers, in the directory.
This object class is defined in RFC 2256.
Superior Class
top
OID
2.5.6.14
Required Attributes
Allowed Attributes
documentDefinition
Used to define entries that represent documents in the directory.
This object class is defined in RFC 1274.
Superior Class
pilotObject
OID
0.9.2342.19200300.100.4.6
Required Attributes
Allowed Attributes
documentSeriesDefinition
Used to define an entry that represents a series of documents.
This object class is defined in RFC 1274.
Superior Class
top
OID
0.9.2342.19200300.100.4.9
Required Attributes
Allowed Attributes
domainDefinition
Used to represent Internet Domains (for example, example.com). The domainComponent attribute should be used for naming entries of this object class.
The domain object class can only be used with an entry that does not correspond to an organization, organizational unit, or other type of object for which an object class has been defined. The domain object class requires that the domainComponent attribute be present, and allows several other attributes to be present in the entry. These allowed attributes are used to describe the object represented by the domain, and may also be useful when searching.
This object class is defined in RFC 2247.
Superior Class
top
OID
0.9.2342.19200300.100.4.13
Required Attributes
Allowed Attributes
See Also
domainRelatedObjectDefinition
Used to define entries that represent DNS/NRS domains that are “equivalent” to an X.500 domain, for example, an organization or organizational unit.
This object class is defined in RFC 1274.
Superior Class
top
OID
0.9.2342.19200300.100.4.17
Required Attributes
Attribute
Description
Defines the object classes for the entry.
Specifies a DNS domain associated with an object in the directory tree.
dSADefinition
Used to define entries representing Directory Server Agents.
This object class is defined in RFC 2256.
Superior Class
top
OID
2.5.6.13
Required Attributes
Attribute
Description
Defines the object classes for the entry.
The Directory Server Agent’s common name.
Contains an OSI presentation address for the entry.
Allowed Attributes
extensibleObjectDefinition
Auxiliary object class which, when present in an entry, permits the entry to optionally hold any attribute. The allowed attribute list of this class is implicitly the set of all attributes known to the server.
This object class is defined in RFC 2252.
Superior Class
top
OID
1.3.6.1.4.1.1466.101.120.111
Required Attributes
Allowed Attributes
All attributes known to the server.
friendlyCountryDefinition
Used to define country entries in the directory tree. This object class is used to allow more user-friendly country names than those allowed by the country object class.
This object class is defined in RFC 1274.
Superior Class
country
OID
0.9.2342.19200300.100.4.18
Required Attributes
Attribute
Description
Defines the object classes for the entry.
Stores the name of a country.
Contains the two-character code representing country names in the directory (as defined in ISO-3166).
Allowed Attributes
Attribute
Description
Text description of the country.
Specifies information for suggested search criteria when using the entry as the base object in the directory tree for a search operation.
groupOfCertificatesDefinition
Used to describe a set of X.509 certificates. Any certificate that matches one of the memberCertificateDescription values is considered a member of the group.
This object class is defined in Sun Java System Directory Server.
Superior Class
top
OID
2.16.840.1.113730.3.2.31
Required Attributes
Allowed Attributes
groupOfNamesDefinition
Used to define entries for a group of names.
This object class is defined in RFC 2256.
Superior Class
top
OID
2.5.6.9
Required Attributes
Allowed Attributes
groupOfUniqueNamesDefinition
Used to define entries for a group of unique names.
This object class is defined in RFC 2256.
Superior Class
top
OID
2.5.6.17
Required Attributes
Allowed Attributes
groupOfURLsDefinition
An auxiliary object class of groupOfUniqueNames or groupOfNames. The group consists of a list of labeled URLs.
This object class is defined in Sun Java System Directory Server.
Superior Class
top
OID
2.16.840.1.113730.3.2.33
Required Attributes
Allowed Attributes
ieee802DeviceDefinition
Auxiliary object class, specifying a device with a MAC address.
This object class is defined in RFC 2307.
Superior Class
top
OID
1.3.6.1.1.1.2.11
Allowed Attributes
inetOrgPersonDefinition
Used to define entries representing people in an organization’s enterprise network.
This object class is defined in RFC 2798.
Superior Class
organizationalPerson
OID
2.16.840.1.113730.3.2.2
Required Attributes
Attribute
Description
Defines the object classes for the entry.
The person’s common name.
The person’s surname, or last name.
Allowed Attributes
ipHostDefinition
Auxiliary object class, specifying an abstraction of a host, an IP device. The distinguished value of the cn attribute denotes the canonical name of the host.
This object class is defined in RFC 2307.
Superior Class
top
OID
1.3.6.1.1.1.2.6
Required Attributes
Allowed Attributes
ipNetworkDefinition
Auxiliary object class, specifying an abstraction of a host, an IP device. The distinguished value of the cn attribute denotes the canonical name of the host.
This object class is defined in RFC 2307.
Superior Class
top
OID
1.3.6.1.1.1.2.7
Required Attributes
Allowed Attributes
ipProtocolDefinition
Abstraction of an IP protocol. This object class maps a protocol number to one or more names. The distinguished value of the cn attribute denotes the protocol's canonical name.
This object class is defined in RFC 2307.
Superior Class
top
OID
1.3.6.1.1.1.2.4
Required Attributes
Allowed Attributes
ipServiceDefinition
Abstraction an Internet Protocol service. This object class maps an IP port and protocol (such as TCP or UDP) to one or more names. The distinguished value of the cn attribute denotes the service's canonical name.
This object class is defined in RFC 2307.
Superior Class
top
OID
1.3.6.1.1.1.2.3
Required Attributes
Attribute
Description
The common name of the protocol.
The IP service port number.
The IP service protocol.
Allowed Attributes
javaContainerDefinition
Represents a container for a Java object.
This object class is defined in RFC 2713.
Superior Class
top
OID
1.3.6.1.4.1.42.2.27.4.2.1
Required Attributes
javaMarshalledObjectDefinition
Auxiliary object class that represents a Java marshalled object. It must be mixed with a structural object class.
This object class is defined in RFC 2713.
Superior Class
javaObject
OID
1.3.6.1.4.1.42.2.27.4.2.8
Required Attributes
javaNamingReferenceDefinition
Auxiliary object class that represents a JNDI reference. It must be mixed in with a structural object class.
This object class is defined in RFC 2713.
Superior Class
javaObject
OID
1.3.6.1.4.1.42.2.27.4.2.7
Allowed Attributes
Attribute
Description
The fully qualified class name of the object factory.
The sequence of addresses of a JNDI reference.
javaObjectDefinition
Abstract object class that represents a Java object.
This object class is defined in RFC 2713.
Superior Class
top
OID
1.3.6.1.4.1.42.2.27.4.2.4
Required Attributes
Attribute
Description
The fully qualified name of the Java object's distinguished class or interface.
Allowed Attributes
javaSerializedObjectDefinition
Auxiliary object class that represents a Java serialized object. It must be mixed in with a structural object class.
This object class is defined in RFC 2713.
Superior Class
javaObject
OID
1.3.6.1.4.1.42.2.27.4.2.5
Required Attributes
labeledURIObjectDefinition
Auxiliary object class that can be added to existing directory objects to allow for inclusion of URI values. This approach does not preclude including the labeledURI attribute type directly in other object classes as appropriate.
This object class is defined in RFC 2079.
Superior Class
top
OID
1.3.6.1.4.1.250.3.15
Required Attributes
Allowed Attributes
ldapSubentryDefinition
This structural object class may be used to indicate operations and management related entries in the directory, called LDAP Subentries.
This object class is defined in the LDAP Subentry Internet Draft.
Superior Class
top
OID
2.16.840.1.113719.2.142.6.1.1
Allowed Attributes
localityDefinition
Used to define entries that represent localities or geographic areas.
This object class is defined in RFC 2256.
Superior Class
top
OID
2.5.6.3
Required Attributes
Allowed Attributes
newPilotPersonDefinition
Used as a subclass of person, to allow the use of a number of additional attributes to be assigned to entries of the person object class. Inherits cn and sn from the person object class.
This object class is defined in Internet White Pages Pilot.
Superior Class
person
OID
0.9.2342.19200300.100.4.4
Required Attributes
Attribute
Description
Defines the object classes for the entry.
The person’s common name.
The person’s surname, or last name.
Allowed Attributes
nisMapDefinition
A generic abstraction of a NIS map.
This object class is defined in RFC 2307.
Superior Class
top
OID
1.3.6.1.1.1.2.9
Required Attributes
Allowed Attributes
nisNetgroupDefinition
An abstraction of a netgroup. May refer to other netgroups.
This object class is defined in RFC 2307.
Superior Class
top
OID
1.3.6.1.1.1.2.8
Required Attributes
Allowed Attributes
Attribute
Description
Text description of the netgroup.
Defines a NIS netgroup with the syntax hostname,username,domainname.
The name of the netgroup.
nisObjectDefinition
Defines an entry in a NIS map.
This object class is defined in RFC 2307.
Superior Class
top
OID
1.3.6.1.1.1.2.10
Required Attributes
Allowed Attributes
nsComplexRoleDefinitionDefinition
Any role that is not a simple role is, by definition, a complex role.
This object class is defined in Sun Java System Directory Server.
Superior Class
nsRoleDefinition
OID
2.16.840.1.113730.3.2.95
Required Attributes
Allowed Attributes
nsFilteredRoleDefinitionDefinition
Specifies assignment of entries to the role, depending upon the attributes contained by each entry.
This object class is defined in Sun Java System Directory Server.
Superior Class
nsComplexRoleDefinition
OID
2.16.840.1.113730.3.2.97
Required Attributes
Attribute
Description
Defines the object classes for the entry.
nsRoleFilter
Specifies the filter assigned to an entry.
Allowed Attributes
nsLicenseUserDefinition
Used to track licenses for servers that are licensed on a per-client basis. nsLicenseUser is intended to be used with the inetOrgPerson object class. You can manage the contents of this object class through the Users and Groups area of the Administration Server.
This object class is defined in Sun Java System Administration Services.
Superior Class
top
OID
2.16.840.1.113730.3.2.7
Required Attributes
Allowed Attributes
Attribute
Description
nsLicensedFor
Specifies a license.
nsLicenseEndTime
Specifies an end time for a license.
nsLicenseStartTime
Specifies a start time for a license.
nsManagedRoleDefinitionDefinition
Specifies assignment of a role to an explicit, enumerated list of members.
This object class is defined in Sun Java System Directory Server.
Superior Class
nsSimpleRoleDefinition
OID
2.16.840.1.113730.3.2.96
Required Attributes
Allowed Attributes
nsNestedRoleDefinitionDefinition
Specifies containment of one or more roles of any type within the role.
This object class is defined in Sun Java System Directory Server.
Superior Class
nsComplexRoleDefinition
OID
1.3.6.1.4.1.42.2.27.9.2.9
Required Attributes
Attribute
Description
Defines the object classes for the entry.
Specifies the roles assigned to an entry.
Allowed Attributes
Attribute
Description
The entry’s common name.
Text description of the entry.
Defines the scope of the role entry.
nsRoleDefinitionDefinition
All role definition object classes inherit from the nsRoleDefinition object class.
This object class is defined in Sun Java System Directory Server.
Superior Class
ldapSubEntry
OID
2.16.840.1.113730.3.2.93
Required Attributes
Allowed Attributes
nsSimpleRoleDefinitionDefinition
Roles containing this object class are called simple roles because they have a deliberately limited flexibility, which makes it easy to:
This object class is defined in Sun Java System Directory Server.
Superior Class
nsRoleDefinition
OID
2.16.840.1.113730.3.2.94
Required Attributes
Allowed Attributes
oncRpcDefinition
An abstraction of an Open Network Computing (ONC) Remote Procedure Call (RPC) binding. This class maps an ONC RPC number to a name. The distinguished value of the cn attribute denotes the RPC service's canonical name.
This object class is defined in RFC 2307.
Superior Class
top
OID
1.3.6.1.1.1.2.5
Required Attributes
Allowed Attributes
organizationDefinition
Used to define entries that represent organizations. An organization is generally assumed to be a large, relatively static grouping within a larger corporation or enterprise.
This object class is defined in RFC 2256.
Superior Class
top
OID
2.5.6.4
Required Attributes
Allowed Attributes
organizationalPersonDefinition
Used to define entries for people employed by or associated with an organization.
This object class is defined in RFC 2256.
Superior Class
person
OID
2.5.6.7
Required Attributes
Attribute
Description
Defines the object classes for the entry.
The person’s common name.
The person’s surname, or last name.
Allowed Attributes
organizationalRoleDefinition
Used to define entries that represent roles held by people within an organization.
This object class is defined in RFC 2256.
Superior Class
top
OID
2.5.6.8
Required Attributes
Allowed Attributes
organizationalUnitDefinition
Used to define entries that represent organizational units. An organizational unit is generally assumed to be a relatively static grouping within a larger organization.
This object class is defined in RFC 2256.
Superior Class
top
OID
2.5.6.5
Required Attributes
Attribute
Description
Defines the object classes for the entry.
The name of the organizational unit.
Allowed Attributes
passwordPolicyDefinition
Defines a password policy entry.
This object class is defined in Sun Java System Directory Server.
Superior Class
top
OID
1.3.6.1.4.1.42.2.27.9.2.6
Required Attributes
Allowed Attributes
personDefinition
Used to define entries that generically represent people. This object class is the base class for the organizationalPerson object class.
This object class is defined in RFC 2256.
Superior Class
top
OID
2.5.6.6
Required Attributes
Attribute
Description
Defines the object classes for the entry.
The person’s common name.
The person’s surname, or last name.
Allowed Attributes
Attribute
Description
Text description of the person.
DN to information relevant to the person.
The person’s telephone number.
Password with which the entry can bind to the directory.
pilotObjectDefinition
Used as a subclass to allow additional attributes to be assigned to entries of all other object classes.
This object class is defined in RFC 1274.
Superior Class
top
OID
0.9.2342.19200300.100.4.3
Required Attributes
Allowed Attributes
pilotOrganizationDefinition
Used as a subclass to allow additional attributes to be assigned to organization and organizationalUnit object class entries.
This object class is defined in RFC 1274.
Superior Class
top
OID
0.9.2342.19200300.100.4.20
Required Attributes
Attribute
Description
Defines the object classes for the entry.
Organization to which the entry belongs.
Organizational unit to which the entry belongs.
Allowed Attributes
posixAccountDefinition
Auxiliary object class.
This object class is defined in RFC 2307.
Superior Class
top
OID
1.3.6.1.1.1.2.0
Required Attributes
Allowed Attributes
Attribute
Description
A human-readable description of the account.
The default GECOS.
The path to the login shell.
The entry’s password and encryption method.
posixGroupDefinition
Structural object class.
This object class is defined in RFC 2307.
Superior Class
top
OID
1.3.6.1.1.1.2.2
Required Attributes
Allowed Attributes
Attribute
Description
A human-readable description of the group.
The member user ID.
The entry’s password and encryption method.
referralDefinition
Used to represent a subordinate reference information in the directory. These referral objects hold one or more URIs contained in values of the ref attribute type and are used to generate protocol referrals and continuations.
This object class is defined in RFC 3296.
Superior Class
top
OID
2.16.840.1.113730.3.2.6
Required Attributes
Note
To use this object class, you must either make it a subclass, or use it with the extensibleObject object class. This ensures that you have an attribute for naming the entry.
residentialPersonDefinition
Used by Directory Server to contain a person’s residential information.
This object class is defined in RFC 2256.
Superior Class
person
OID
2.5.6.10
Required Attributes
Attribute
Description
Defines the object classes for the entry.
The person’s common name.
Place in which the person resides.
The person’s surname, or last name.
Allowed Attributes
RFC822LocalPartDefinition
Used to define entries that represent the local part of RFC822 mail addresses. The directory treats this part of an RFC822 address as a domain.
This object class is defined in Internet directory pilot.
Superior Class
domain
OID
0.9.2342.19200300.100.4.14
Allowed Attributes
roomDefinition
Used to store information in the directory about a room.
This object class is defined in RFC 1274.
Superior Class
top
OID
0.9.2342.19200300.100.4.7
Required Attributes
Allowed Attributes
Attribute
Description
Text description of the room.
The room’s number.
DN to information relevant to the room.
The room’s telephone number.
shadowAccountDefinition
Auxiliary object class. Related to the /etc/shadow file.
This object class is defined in RFC 2307.
Superior Class
top
OID
1.3.6.1.1.1.2.1
Required Attributes
Allowed Attributes
simpleSecurityObjectDefinition
Used to allow an entry to contain the userPassword attribute when an entry's principal object classes do not allow userPassword as an attribute type. Reserved for future use.
This object class is defined in RFC 1274.
Superior Class
top
OID
0.9.2342.19200300.100.4.19
Required Attributes
Attribute
Description
Defines the object classes for the entry.
Password with which the entry can bind to the directory.
strongAuthenticationUserDefinition
Auxiliary object class, used to store a user’s certificate entry in the directory. This object class is used with other object classes, such as the person and organization object classes.
This object class is defined in RFC 2256.
Superior Class
top
OID
2.5.6.15
Required Attributes
Attribute
Description
Defines the object classes for the entry.
Stores a user’s certificate, usually in binary form.
subschemaDefinition
Internal object class. An auxiliary object class subentry used to administer the subschema for the subschema administrative area. It holds the operational attributes representing the policy parameters used to express the subschema.
This object class is defined in RFC 2252.
Superior Class
top
OID
2.5.20.1
Required Attributes
Allowed Attributes
topDefinition
Abstract object class, that defines the root of the object class hierarchy.
This object class is defined in RFC 2256.
Superior Class
N/A
OID
2.5.6.0
Required Attributes