This section contains an alphabetical list of the object classes accepted by the default schema, except for pilot project object classes described in RFC 1274 The COSINE and Internet X.500 Schema. It explains the purpose of each object class, and gives the list of mandatory and optional attributes specific to the particular object class. An object class also inherits the mandatory and optional attributes from its superior object class. Inherited attributes are not listed.
The keyword frozen after the object class name indicates that this object class is used by a component of Sun Internet Mail Server, or by a component of Sun Directory Services. You cannot change a frozen object class definition using the Admin Console. If you change the definition of such an object class, ensure that your changes do not prevent the Sun Internet Mail Server and the Sun Directory Services components from using objects of this class.
Description: Used to define entries representing a user account.
Superior object class: top
Mandatory attribute: uid
Optional attributes: description, host, l, o, ou, seeAlso
Description: An alternative name for an object located under the same data store suffix.
Superior object class: top
Mandatory attribute: aliasedObjectName
It is preferable to avoid using the alias object class and use instead the aliasObject subclass. This is because the alias object class only allows the full DN of the aliased object as its naming attribute, and not just the RDN.
Description: An alternative name for an object located under the same data store suffix.
Superior object class: alias
Optional attributes: * (allows any attribute)
The attributes in the aliasObject entry must include the naming attribute of the entry. The naming attribute should be the same as for the aliased object.
Description: Used to define an entry representing an application entity.
Superior object class: top
Mandatory attributes: cn, presentationAddress
Optional attributes: description, l, o, ou, seeAlso, supportedApplicationContext
Description: Used to define an entry representing an application process.
Superior object class: top
Mandatory attribute: cn
Optional attributes: description, l, ou, seeAlso
Description: Used to define an entry representing an NIS automount record.
Superior object class: top
Mandatory attributes: cn, automountInformation
Optional attribute: description
Description: Used to define an entry representing any device that requires boot parameters. Used to import information from the /etc/bootparams file. It is an auxiliary object class, which means that it should be used in conjunction with a structural object class.
Superior object class: device
Optional attribute: bootFile, bootParameter
Description: Used to define entries representing objects that act as certification authorities. It is an auxiliary object class, which means that it should be used in conjunction with a structural object class.
Superior object class: top
Mandatory attributes: authorityRevocationList, cACertificate, certificateRevocationList
Optional attribute: crossCertificatePair
Description: Used to define entries representing objects that act as certification authorities for version 2. It is an auxiliary object class, which means that it should be used in conjunction with a structural object class.
Superior object class: certificationAuthority
Optional attribute: crossCertificatePair
Description: Identifies country entries in the directory.
Superior object class: top
Mandatory attribute: c
Optional attributes: description, searchGuide
Description: Used to define an entry that provides a service for certification authority revocation lists.
Superior object class: top
Mandatory attribute: cn
Optional attributes: authorityRevocationList, certificateRevocationList, deltaRevocationList
Description: Used to define an entry representing a device (for example a modem or CD-ROM drive).
Superior object class: top
Mandatory attribute: cn
Optional attributes: description, l, o, ou, owner, seeAlso, serialNumber
Description: Used to define an entry representing a domain component, that is a component in the dot-separated sequence that forms a domain name. It is an auxiliary object class, which means that it should be used in conjunction with a structural object class.
Superior object class: top
Mandatory attribute: dc
Description: Used to define an entry that represents a directory management domain (DMD), that is the authority responsible for a particular directory server.
Superior object class: top
Mandatory attribute: dmdName
Optional attributes: businessCategory, description, destinationIndicator, facsimileTelephoneNumber, internationaliSDNNumber, l, physicalDeliveryOfficeName, postOfficeBox, postalAddress, postalCode, preferredDeliveryMethod, registeredAddress, searchGuide, seeAlso, st, street, telephoneNumber, userPassword, x121Address
Description: Used to define entries representing a DNS domain.
Superior object class: domain
Optional attribute: dNSRecord
Description: Used to define an entry representing a document.
Superior object class: pilotObject
Mandatory attribute: documentIdentifier
Optional attributes: abstract, cn, description, documentAuthor, documentAuthorCommonName, documentAuthorSurname, documentLocation, documentPublisher, documentStore, documentTitle, documentVersion, keywords, l, o, obsoletedByDocument, obsoletesDocument, ou, seeAlso, subject, updatedByDocument, updatesDocument
Description: Used to define an entry representing a series of related documents.
Superior object class: top
Mandatory attributes: cn
Optional attributes: description, l, o, ou, seeAlso, telephoneNumber
Description: Used to define an entry representing a domain.
Superior object class: top
Mandatory attribute: dc
Optional attributes: associatedName, businessCategory, description, destinationIndicator, facsimileTelephoneNumber, internationaliSDNNumber, l, o, physicalDeliveryOfficeName, postOfficeBox, postalAddress, postalCode, preferredDeliveryMethod, registeredAddress, searchGuide, seeAlso, st, street, telephoneNumber, teletexTerminalIdentifier, telexNumber, userPassword, x121Address
Description: Used to define an entry related to a domain.
Superior object class: top
Mandatory attribute: associatedDomain
Description: Used to define an entry representing a directory system agent (DSA) or any directory server.
Superior object class: applicationEntity
Optional attribute: knowledgeInformation
Description: Used to define an entry representing an electronic mail distribution list that uses aliases(4) format.
Superior object class: top
Mandatory attributes: cn
Optional attributes: authorizedDomain, authorizedSubmitter, dataSource, expandable, mailDeliveryFile, mailDeliveryOption, mailProgramDeliveryInfo, mailHost, ownerDeliveryFile, ownerDeliveryOption, ownerProgramDeliveryInfo, requestsToDeliveryFile, requestsToDeliveryOption, requestsToProgramDeliveryInfo, rfc822AuthorizedSubmitter, rfc822MailMember, rfc822Owner, rfc822UnauthorizedSubmitter, unauthorizedDomain, unauthorizedSubmitter
Description: Used to define an entry for a person who uses electronic mail.
Superior object class: inetOrgPerson
Mandatory attributes: cn, objectClass
Optional attributes: assistant, channelName, channelType, dataSource, generationQualifier, freeFormName, homeDirectory, homeFacsimileTelephoneNumber, mail, mailAutoReplyExpirationDate, mailAutoReplyMode, mailAutoReplySubject, mailAutoReplyText, mailAutoReplyTextInternal, mailDeliveryFile, mailDeliveryOption, mailFolderMap, mailForwardingAddress, mailHost, mailMessageStore, mailProgramDeliveryInfo, mailQuota, objectStatus, preferredRfc822Recipient, reportsTo, rfc822Mailbox, userDefinedAttribute1, userDefinedAttribute2, userDefinedAttribute3, userDefinedAttribute4
Description: Used to allow friendlier naming of country entries than with the object class country. The naming attribute of object class country, countryName, has to be a 2 letter string defined in ISO 3166.
Superior object class: country
Mandatory attribute: co
Description: Used to define an entry representing a user of Lotus CC:Mail.
Superior object class: top
Optional attributes: cCMailAddresses, preferredCCMailOriginator, preferredCCMailRecipient
Description: Used to define an entry representing a legacy mail gateway channel.
Superior object class: top
Mandatory attributes: channelName
Optional attributes: ackedSequenceNumber, channelType, currentSequenceNumber, maxLastModifiedTime, objectStatus, seeAlso, userPassword
Description: Used to store preferences for document conversion for a gateway user.
Superior object class: top
Optional attribute: docConvPreference
Description: Used to define an entry representing a user of Lotus Notes.
Superior object class: top
Optional attributes: lotusNotesAddresses, preferredLotusNotesOriginator, preferredLotusNotesRecipient
Description: Used to define an entry representing a user of Mail-11 (DEC).
Superior object class: top
Optional attributes: mail11Addresses, preferredMail11Originator, preferredMail11Recipient
Description: Used to define an entry representing a user of the legacy Mail Relay (MR) mail system.
Superior object class: top
Optional attributes: mrAddresses, preferredMrOriginator, preferredMrRecipient
Description: Used to define an entry representing a user of Microsoft Mail.
Superior object class: top
Optional attributes: mSMailAddresses, preferredMSMailOriginator, preferredMSMailRecipient
Description: Used to define an entry representing a user of the legacy Novell Groupwise Mail (NGM) mail system.
Superior object class: top
Optional attributes: nGMAddresses, preferredNGMOriginator, preferredNGMRecipient
Description: Used to define an entry representing a user of the legacy Novell Groupwise Mail 7.0 (NGM70) mail system.
Superior object class: top
Optional attributes: nGM70Addresses, preferredNGM70Originator, preferredNGM70Recipient
Description: Used to define an entry representing a user of IBM PROFS.
Superior object class: top
Optional attributes: pROFSAddresses, preferredPROFSOriginator, preferredPROFSRecipient
Description: Used to define entries representing an unordered set of names of objects or other groups.
Superior object class: top
Mandatory attributes: cn, member
Optional attributes: businessCategory, description, o, ou, owner, seeAlso
Description: Used to define entries representing an unordered set of names of objects or other groups. Each name in the set is unique in the directory.
Superior object class: top
Mandatory attributes: cn, uniqueMember
Optional attributes: businessCategory, description, o, ou, owner, seeAlso
Description: Used to define entries representing any device that has a MAC address. Used to import information from the /etc/ethers file. It is an auxiliary object class, which means that it should be used in conjunction with a structural object class.
Superior object class: device
Optional attributes: macAddress
Description: Used to define an entry for a person who uses the Internet and belongs to an organization.
Superior object class: organizationalPerson
Optional attributes: audio, businessCategory, carLicense, departmentNumber, employeeNumber, employeeType, givenName, homePhone, homePostalAddress, initials, jpegPhoto, labeledURI, mail, manager, mobile, pager, photo, preferredLanguage, roomNumber, secretary, uid, userCertificate, userSMIMECertificate, x500uniqueIdentifier
Description: Used to describe a device that has an IP address. Used to import information from the /etc/hosts file. It is an auxiliary object class, which means that it should be used in conjunction with a structural object class.
Superior object class: top
Mandatory attributes: cn, ipHostNumber
Optional attributes: description, bootFile, bootParameter, l, macAddress, manager, serialNumber
Description: Used to define an entry that describes an IP protocol. Used to import information from the /etc/protocols file.
Superior object class: top
Mandatory attributes: cn, ipProtocolNumber
Optional attribute: description
Description: Used to define an entry that describes an IP network. Used to import information from the /etc/networks file.
Superior object class: top
Mandatory attributes: cn, ipNetworkNumber
Optional attributes: description, ipNetmaskNumber, l, manager
Description: Used to define an entry that represents an IP service.
Superior object class: top
Mandatory attributes: cn, ipServicePort, ipServiceProtocol
Optional attribute: description
Description: Used to define an entry that describes a resource on the network that is identified by a URI. It is an auxiliary object class, which means that it should be used in conjunction with a structural object class.
Superior object class: top
Optional attribute: labeledURI
Description: Used to define entries that describe locality.
Superior object class: top
Optional attributes: description, locality, searchGuide, seeAlso, st, street
Description: Used to define a Network Access Server used in the context of RADIUS authentication.
Superior object class: device
Mandatory attributes: iphostnumber, sharedKey
Optional attributes: dictionaryFile, acctattrFile
Description: Used to define an entry that represents an NIS mail.aliases record. Used to import information from the /etc/mail/aliases file.
Superior object class: top
Mandatory attribute: cn
Optional attribute: rfc822MailMember
Description: Used to define an entry that represents an NIS map.
Superior object class: top
Mandatory attribute: nisMapName
Optional attribute: description
Description: Used to define an entry that represents an NIS netgroup record. Used to import information from the /etc/netgroup file.
Superior object class: top
Mandatory attribute: cn
Optional attributes: description, memberNisNetGroup, nisNetGroupTriple
Description: Used to define an entry that represents an NIS netid.byname record.
Superior object class: top
Mandatory attribute: cn
Optional attribute: nisNetIdGroup, nisNetIdHost, nisNetIdUser
Description: Used to define an entry in the directory that represents an entry in an NIS map. The NIS key is stored in the cn attribute.
Superior object class: top
Mandatory attribute: nisMapName
Optional attributes: cn, description, nisMapEntry
Description: Used to define an entry in the directory that represents an entry in an NIS map. This object class is used in the generic NIS map definition in Sun Directory Services. The NIS key is stored in the sunNisKey attribute.
Superior object class: top
Mandatory attribute: nisMapName
Optional attributes: cn, description, nisMapEntry, sunNisKey
Description: Used to define an entry that represents an Open Network Computing (ONC) remote procedure call (RPC). Used to import information from the /etc/rpc file.
Superior object class: top
Mandatory attributes: cn, oncRpcNumber
Optional attribute: description
Description: Used to define organization entries in the directory.
Superior object class: top
Mandatory attributes: o
Optional attributes: businessCategory, description, destinationIndicator, facsimileTelephoneNumber, internationaliSDNNumber, l, physicalDeliveryOfficeName, postOfficeBox, postalAddress, postalCode, preferredDeliveryMethod, registeredAddress, searchGuide, seeAlso, st, street, telephoneNumber, teletexTerminalIdentifier, telexNumber, userPassword, x121Address
Description: Used to define entries representing people employed by, or in some way associated with, an organization.
Superior object class: person
Optional attributes: destinationIndicator, facsimileTelephoneNumber, internationaliSDNNumber, l, ou, physicalDeliveryOfficeName, postOfficeBox, postalAddress, postalCode, preferredDeliveryMethod, registeredAddress, st, street, telephoneNumber, teletexTerminalIdentifier, telexNumber, title, x121Address
Description: Used to define entries representing a role or position within an organization. An organizationalRole is usually filled by an organizationalPerson, but it can also be filled by a non-human entity.
Superior object class: top
Mandatory attribute: cn
Optional attributes: description, destinationIndicator, facsimileTelephoneNumber, internationaliSDNNumber, l, ou, physicalDeliveryOfficeName, postOfficeBox, postalAddress, postalCode, preferredDeliveryMethod, registeredAddress, roleOccupant, seeAlso, st, street, telephoneNumber, teletexTerminalIdentifier, telexNumber, x121Address
Description: Used to define entries representing subdivisions of an organization.
Superior object class: top
Mandatory attributes: ou
Optional attributes: businessCategory, description, destinationIndicator, facsimileTelephoneNumber, internationaliSDNNumber, l, physicalDeliveryOfficeName, postOfficeBox, postalAddress, postalCode, registeredAddress, searchGuide, seeAlso, st, street, telephoneNumber, teletexTerminalIdentifier, telexNumber, userPassword, x121Address
Description: Used to define entries representing people.
Superior object class: top
Mandatory attributes: cn, sn
Optional attributes: description, seeAlso, telephoneNumber, userPassword
Description: Used to represent an account defined by POSIX attributes. Used to import information from the /etc/passwd file. It is an auxiliary object class, which means that it should be used in conjunction with a structural object class.
Superior object class: top
Mandatory attributes: cn, uid, uidNumber, gidNumber, homeDirectory
Optional attributes: description, gecos, loginShell, userPassword
Description: Used to define an entry that represents a group of POSIX accounts. Used to import information from the /etc/group file.
Superior object class: top
Mandatory attributes: cn, gidNumber
Optional attributes: description, memberUid, userPassword
Description: Used to define an entry that points to another data store.
Superior object class: top
Optional attributes: ref, * (allows any attribute, in particular the same naming attribute as in the RDN of the referenced object)
Description: In the context of RADIUS authentication, used to define remote users who access the network through a Network Access Server (NAS).
Superior object class: top
Mandatory attribute: uid
Optional attributes: acctAuthentic, acctDelayTime, acctInputOctet, acctOutputOctet, acctSessionId, acctSessionTime, acctStatusType, acctTerminateCause, authCalleddStationId, authCallingStationId, authFilterId, authHostPortNumber, authHostPortType, authLoginService, authPortLimit, authPrefixName, authReplyMessage, authServiceProtocol, authType, authStartMenuId, authSuffixName, authState, authStopMenuId, authTerminationAction, chapPassword, expirationDate, framedCompression, framedIPAddress, framedMTU, framedRoute, framedRouting, framedProtocol, grpCheckInfo, grpReplyInfo, idleTimeoutNumber, ipHostNumber, ipLoginHost, ipLoginPort, ipNetmaskNumber, ipxNetworkNumber, radiusLoginProfile, radiusPppProfile, radiusSlipProfile, radiusAuthFailedAccess, radiusLoginExpiration, radiusLoginPasswd, radiusPppExpiration, radiusPppPasswd, radiusSlipExpiration, radiusSlipPasswd, dynamicSessionCounter, dynamicSessionId, dynamicIPAddress, sessionTimeoutNumber, userCallbackId, userCallbackNumber, userPassword
Description: Used to define entries representing a person in the residential environment.
Superior object class: top
Mandatory attribute: l
Optional attributes: businessCategory, destinationIndicator, facsimileTelephoneNumber, internationaliSDNNumber, l, physicalDeliveryOfficeName, postOfficeBox, postalAddress, postalCode, preferredDeliveryMethod, registeredAddress, st, street, telephoneNumber, teletexTerminalIdentifier, telexNumber, x121Address
Description: Used to define entries which represent the local part of RFC822 mail addresses. This treats this part of an RFC822 address as a domain.
Superior object class: domain
Optional attributes: cn, description, destinationIndicator, facsimileTelephoneNumber, internationaliSDNNumber, l, o, physicalDeliveryOfficeName, postOfficeBox, postalAddress, postalCode, preferredDeliveryMethod, registeredAddress, seeAlso, sn, st, street, telephoneNumber, teletexTerminalIdentifier, telexNumber, userPassword, x121Address
Description: Used to define an entry representing a room.
Superior object class: top
Mandatory attribute: cn
Optional attributes: description, roomNumber, seeAlso, telephoneNumber
Description: Used to represent a user that has a shadow password. It is an auxiliary object class, which means that it may be used in conjunction with any object class.
Superior object class: top
Mandatory attribute: uid
Optional attributes: description, shadowLastChange, shadowMax, shadowMin, shadowWarning, shadowInactive, shadowExpire, shadowFlag, userPassword
Description: Used to define an entry containing a user password, for simple authentication.
Superior object class: top
Mandatory attribute: userPassword
Description: Used to define an entry for an object participating in Strong Authentication. It is an auxiliary object class, which means that it should be used in conjunction with a structural object class.
Superior object class: top
Mandatory attribute: userCertificate
Description: Used to define an entry that contains the rules governing the schema. It is an auxiliary object class, which means that it should be used in conjunction with a structural object class.
Optional attributes: attributeTypes, dITStructureRules, ditContentRules, matchingRules, matchingRuleUse, nameForms, objectClasses
Description: Used by the NIS/LDAP server to manage NIS maps. An entry is created for each map stored in the LDAP directory.
Superior object class: top
Mandatory attributes: sunNisDomain, sunNisMapFullName, sunNisMapState, sunNisMaster, sunNisSecurityMode
Optional attributes: description, seeAlso, sunNisDbmCache, sunNisDnsForwarding, sunNisInputFile, sunNisOutputName, sunNisLoadMap
Description: Used to define an entry that represents an NIS ypservers record. Used to import information from the ypservers file.
Superior object class: top
Mandatory attributes: cn
Description: An abstract object class, parent of all others. It ensures that every object class contains the objectClass attribute.
Mandatory attribute: objectClass
Description: Used to name an entry with a unique ID. It is an auxiliary object class, which means that it should be used in conjunction with a structural object class.
Superior object class: top
Mandatory attribute: uid
Description: Used to store security information about a user. It is an auxiliary object class, which means that it should be used in conjunction with a structural object class.
Superior object class: top
Optional attribute: supportedAlgorithms