access control instruction (ACI)
authentication password syntax
Common Development and Distribution License
deprecated password storage scheme
Directory Services Markup Language
entry change notification control
extensible match search filter
greater than or equal to search filter
less than or equal to search filter
Lightweight Directory Access Protocol
notice of disconnection unsolicited notification
Password Modify extended operation
Simple Authentication and Security Layer
virtual attributes only control
The authorization identity controls are a pair of request and response controls defined in RFC 3829 that can be used in conjunction with an LDAP bind operation to allow the client to learn the authorization identity for the client connection.
The authorization identity request control has an OID of 2.16.840.1.113730.3.4.16 and does not have a value. The authorization identity response control has an OID of 2.16.840.1.113730.3.4.15 and the value of that control should be a string representing the authorization identify for that connection (or an empty string if the authorization identity is that of the anonymous user). The response control should only be included in the response if the authentication was successful.
Note that the authorization identity controls are only allowed for use in conjunction with the LDAP bind operation, and therefore cannot be used after the client has authenticated. The “Who Am I?” extended operation can be used to obtain the authorization identity at any time after the bind has completed.
For an example of using this control in a search request, see To Search Using the Authorization Identity Request Control in Sun OpenDS Standard Edition 2.2 Administration Guide.