The Directory Server Access Control Model
Understanding the Directory Server Schema
Matching Rule Description Format
Understanding Attribute Syntaxes
The Attribute Syntax Description Format
Attribute Type Description Format
Object Class Description Format
Directory Server Object Class Implementation
Understanding DIT Content Rules
DIT Content Rule Description Format
DIT Content Rule Implementation
Understanding DIT Structure Rules
DIT Structure Rule Description Format
DIT Structure Rules and Multiple Schemas
DIT Structure Rule Implementation
Understanding Matching Rule Uses
Matching Rule Use Implementation
Understanding Directory Server Plug-Ins
There are a number of attribute syntaxes defined in LDAP, both in the core protocol specification and in other related RFCs and Internet Drafts. Many of these attribute syntaxes are defined in RFC 4517 (LDAP Syntaxes and Matching Rules) in section 3.3. Some of the most commonly used attribute syntaxes include:
The Directory String syntax is used to hold general-purpose string values containing one or more UTF-8 characters. Technically, empty values (that is, those with zero characters) are not allowed. Because the Sun Java System directory server has historically allowed empty values, the directory server offers a configuration option that can be used to allow it as well although it is disabled by default for standards compliance.
The IA5 String syntax is used to hold string values based on the IA5 character set, which is also known as the ASCII character set.
The Printable String syntax is used to hold string values that contain one or more characters from the set of uppercase and lowercase letters, numeric digits, single quotes, left and right parentheses, plus sign, comma, hyphen, period, and equal sign.
The Boolean syntax is used to hold values of either TRUE or FALSE. No other values are allowed for attributes with this syntax.
The Integer syntax is used to hold integer values, which must contain at least one digit. It can start with a hyphen to indicate a negative value. Zero can be used as the first digit only when the value is zero.
The Octet String syntax is used to hold a set of zero or more bytes. It has been used to replace the former Binary syntax.
The DN syntax is used to hold distinguished name values, comprised of zero or more RDN components. Values should be in the format specified in RFC 4514 (LDAP String Representation of Distinguished Names).