|
Schema Reference Netscape Directory Server |
|
||
|
|
This chapter contains reference information about Netscape Directory Server (Directory Server) attributes. The attributes are listed in alphabetical order.
Provides an abstract of a document entry.
This attribute is defined in Internet White Pages Pilot.
DirectoryString, multi-valued.
Used by the Directory Server to identify alias entries in the directory. Contains the distinguished name of the entry for which it is an alias.
aliasedObjectName: cn=jdoe, o=example.com
This attribute is defined in RFC 2256.
Specifies a DNS domain associated with an object in the directory tree. For example, the entry in the directory tree with a distinguished name "C=US, O=Example Corporation" would have an associated domain of "EC.US". Note that all domains should be represented in rfc822 order.
This attribute is defined in RFC 1274.
DirectoryString, multi-valued.
Specifies an entry in the organizational directory tree associated with a DNS domain.
This attribute is defined in RFC 1274.
Contains a sound file in binary format. The attribute uses a u-law encoded sound file.
This attribute is defined in RFC 1274.
Contains the common name of the author of a document entry.
This attribute is defined in Internet White Pages Pilot.
DirectoryString, multi-valued.
Contains the surname of the author of a document entry.
This attribute is defined in Internet White Pages Pilot.
DirectoryString, multi-valued.
Contains a list of CA certificates that have been revoked. This attribute is to be stored and requested in the binary form, as `authorityRevocationList ;binary'.
authorityrevocationlist;binary:: AAAAAA==
This attribute is defined in RFC 2256.
Defines the building name associated with the entry.
This attribute is defined in RFC 1274.
DirectoryString, multi-valued.
Identifies the type of business in which the entry is engaged. This should be a broad generalization such as is made at the corporate division level.
This attribute is defined in RFC 2256.
DirectoryString, multi-valued.
Contains the two-character code representing country names, as defined by ISO, in the directory.
This attribute is defined in RFC 2256.
DirectoryString, single-valued.
Contains the CA's certificate. This attribute is to be stored and requested in the binary form, as `cACertificate;binary'.
cacertificate;binary:: AAAAAA==
This attribute is defined in RFC 2256.
Identifies the entry's automobile license plate number.
This attribute is defined in RFC 2798.
DirectoryString, multi-valued.
Contains a list of revoked user certificates. This attribute is to be stored and requested in the binary form, as `certificateRevocationList;binary'.
certificateRevocationList;binary:: AAAAAA==
This attribute is defined in RFC 2256.
Identifies the name of an object in the directory. When the object corresponds to a person, the cn is typically the person's full name.
When identifying the entry's common name or full name:
When in reference to LDAPReplica or LDAPServer object classes:
commonName: replicater.example.com:17430/o%3Dexample%2Cc%3us
cn: replicater.example.com:17430/o%3Dexample%2Cc%3us
This attribute is defined in RFC 2256.
DirectoryString, multi-valued.
Contains the name of a country. Often, the country attribute is used to describe a two-character code for a country, and the friendlyCountryName attribute is used to describe the actual country name.
This attribute is defined in RFC 1274.
DirectoryString, multi-valued.
Provides the name of the attribute for which you want to generate a value. You can specify more than one
cosAttributevalue. This attribute is used by all types of CoS definition entries.This attribute is defined in Directory Server.
Directory String, multi-valued.
Specifies the attribute values used by an indirect CoS to identify the template entry.
This attribute is defined in Directory Server.
DirectoryString, single-valued.
Specifies which template provides the attribute value, when CoS templates compete to provide an attribute value. This attribute represents the global priority of a particular template. A priority of zero is the highest priority.
This attribute is defined in Directory Server.
Specifies the attribute value used by a classic CoS, which, along with the template entry's DN, identifies the template entry.
This attribute is defined in Directory Server.
DirectoryString, single-valued.
Determines the subtrees of the DIT to which the CoS schema applies. The values for this attribute for the schema and for multiple CoS schema may overlap their target trees in an arbitrary fashion.
This attribute is defined in Directory Server.
DirectoryString, single-valued.
Provides the name of the attribute for which you want to generate a value. You can specify more than one
cosAttributevalue. This attribute is used by all types of CoS definition entries.This attribute is defined in Directory Server.
DirectoryString, single-valued.
This attribute is to be stored and requested in the binary form, as `crossCertificatePair;binary'.
crosscertificatepair;binary:: AAAAAA==
This attribute is defined in RFC 2256.
Specifies one component of a domain name.
This attribute is defined in RFC 2247.
DirectoryString, single-valued.
This attribute is to be stored and requested in the binary form, as `deltaRevocationList;binary'.
This attribute is defined in RFC 2256.
Identifies the entry's department number.
This attribute is defined in RFC 2798.
DirectoryString, multi-valued.
Provides a human-readable description of the object. For people and organizations this often includes their role or work assignment.
description: Quality control inspector for the ME2873 product line
This attribute is defined in RFC 2256.
DirectoryString, multi-valued.
The country and city associated with the entry needed to provide Public Telegram Service. Generally used in conjunction with registeredAddress.
destinationIndicator: Stow, Ohio, USA
This attribute is defined in RFC 2256.
DirectoryString, multi-valued.
Preferred name of a person to be used when displaying entries. Especially useful in displaying a preferred name for an entry within a one-line summary list. Since other attribute types, such as cn, are multivalued, they can not be used to display a preferred name.
This attribute is defined in RFC 2798.
DirectoryString, single-valued.
Used to indicate that the object described by one entry now has a newer entry in the directory tree. This attribute may be used when an individual's place of work changes, and the individual acquires a new organizational DN.
ditRedirect: cn=jdoe, o=example.com
This attribute is defined in RFC 1274.
The value of this attribute specifies a directory management domain (DMD), the administrative authority which operates the directory server.
This attribute is defined in RFC 2256.
DirectoryString, multi-valued.
Defines the distinguished name (DN) for the entry.
dn: cn=Jane Doe, ou=Quality Control, o=example.com
This attribute is defined in RFC 2256.
Specifies DNS resource records, including type A (Address), type MX (Mail Exchange), type NS (Name Server), and type SOA (Start Of Authority) resource records.
This attribute is defined in Internet directory pilot.
Contains the distinguished name of the author of a document entry.
documentAuthor: cn=John Doe, o=example.com
This attribute is defined in RFC 1274.
Specifies a unique identifier for a document.
This attribute is defined in RFC 1274.
DirectoryString, multi-valued.
Defines the location of the original copy of a document entry.
documentLocation: Department Library
This attribute is defined in RFC 1274.
DirectoryString, multi-valued.
The person and/or organization that published a document.
documentPublisher: Southeastern Publishing
This attribute is defined in RFC 1274.
DirectoryString, single-valued.
Defines the *** of a document.
This attribute is defined in Internet White Pages Pilot.
DirectoryString, multi-valued.
Contains the title of a document entry.
documentTitle: Netscape Directory Server Administrator's Guide
This attribute is defined in RFC 1274.
DirectoryString, multi-valued.
Defines the version of a document entry.
This attribute is defined in RFC 1274.
DirectoryString, multi-valued.
Describes the favorite drink of a person entry.
This attribute is defined in RFC 1274.
DirectoryString, multi-valued.
Specifies the purported quality of a DSA. This attribute allows a DSA manager to indicate the expected level of availability of the DSA.
This attribute is defined in RFC 1274.
DirectoryString, single-valued.
Identifies the entry's employee number.
This attribute is defined in RFC 2798.
DirectoryString, single-valued.
Identifies the entry's type of employment.
This attribute is defined in RFC 2798.
DirectoryString, multi-valued.
Used by X.500 clients when construcing search filters.
enhancedSearchGuide: (uid=mhughes)
This attribute is defined in RFC 2798.
DirectoryString, multi-valued.
fax (facsimileTelephoneNumber)
Identifies the fax number at which the entry can be reached. Abbreviation: fax
facsimileTelephoneNumber: +1 415 555 1212
This attribute is defined in RFC 2256.
TelephoneNumber, multi-valued.
Contains the generation Qualifier part of the name, typically appearing in the suffix.
This attribute is defined in RFC 2256.
DirectoryString, multi-valued.
Identifies the entry's given name, usually a person's first name.
This attribute is defined in RFC 2256.
DirectoryString, multi-valued.
Identifies the entry's home phone number.
homeTelephoneNumber: 415-555-1212
This attribute is defined in RFC 1274.
TelephoneNumber, multi-valued.
Identifies the entry's home mailing address. This field is intended to include multiple lines, but each line within the entry should be separated by a dollar sign ($). To represent an actual dollar sign ($) or backslash (\) within this text, use the escaped hex values \24 and \5c respectively.
To identify an entry's homemailing address:
homePostalAddress: 1234 Ridgeway Drive$Santa Clara, CA$99555
Additionally, to represent the string:
The dollar ($) value can be found
in the c:\cost file.The dollar (\24) value can be found$in the c:\5ccost file.
This attribute is defined in RFC 1274.
DirectoryString, multi-valued.
Defines the hostname of a computer.
This attribute is defined in RFC 1274.
DirectoryString, multi-valued.
Identifes a building in a location.
This attribute is defined in RFC 2256.
DirectoryString, multi-valued.
Specifies any general information pertinent to an object. It is recommended that specific usage of this attribute type is avoided, and that specific requirements are met by other (possibly additional) attribute types.
This attribute is defined in RFC 1274.
DirectoryString, multi-valued.
Identifies the entry's initials. Does not identify the entry's surname.
This attribute is defined in RFC 2256.
DirectoryString, multi-valued.
Contains the ISDN number of the entry. This is in the internationally agreed format for ISDN addresses given in CCITT Rec. E. 164.
This attribute is defined in RFC 2256.
Specifies an email address. This attribute is intended for the convenience of U.K. users unfamiliar with rfc822 mail addresses. Entries using this attribute must also include an rfc822Mailbox attribute.
This attribute is defined in RFC 1274.
DirectoryString, multi-valued.
Contains a JPEG photo of the entry.
This attribute is defined in RFC 2798.
Contains keywords for the entry.
keyWords: directory LDAP X.500
This attribute is defined in Internet White Pages Pilot.
DirectoryString, multi-valued.
This attribute is no longer used.
This attribute is defined in RFC 2256.
DirectoryString, multi-valued.
Identifies the county, city, or other geographical area in which the entry is located or with which it is in some other way associated.
This attribute is defined in RFC 2256.
DirectoryString, multi-valued.
Specifies a Uniform Resource Identifier (URI) that is relevant in some way to the entry. Values placed in the attribute should consist of a URI (currently only URLs are supported) optionally followed by one or more space characters and a label.
labeledURI: http://home.example.com
labeledURI: http://home.example.com iNetscape website
This attribute is defined in RFC 2079.
Specifies the distinguished name of the last user to modify the associated entry.
lastModifiedby: cn=Jane Doe,ou=Quality Control,o=example.com
This attribute is defined in RFC 1274.
Defines the last time, in UTC format, that a change was made to the entry.
lastModifiedTime: Thursday, 22-Sep-93 14:15:00 GMT
This attribute is defined in RFC 1274.
DirectoryString, multi-valued.
Identifies a user's primary email address (the email address retrieved and displayed by "white-pages" lookup applications).
This attribute is defined in RFC 1274.
DirectoryString, multi-valued.
Not used in Netscape Messaging Server 4.0.
Indicates a preference for inclusion of user names on mailing lists (electronic or physical). Accepted values include:
- 0: user doesn't want to be included in mailing lists.
- 1: user consents to be added to any mailing list.
- 2: user only wants to be added to mailing lists which the list provider views as relevant to the user's professional interests.
The absence of this attribute for a person should be interpreted as if the attribute was present with value "no-list-inclusion". This attribute should be interpreted by anyone using the directory to derive mailing lists, and its value respected.
This attribute is defined in RFC 1274.
Identifies the distinguished name of the entry's manager.
manager:cn=Jane Doe, ou=Quality Control, o=example.com
This attribute is defined in RFC 1274.
Identifies the distinguished names for each member of the group.
member: cn=John Doe, o=example.com
This attribute is defined in RFC 2256.
This attribute is a multivalued attribute, where each value is a description, a pattern, or a filter matching the subject DN of a certificate (usually certificates used for SSL client authentication).
memberCertificateDescription matches any certificate that contains a subject DN with the same AVAs as the description. The description may contain multiple "ou=" AVAs. A matching DN must contain those same "ou=" AVAs, in the same order, although it may contain other AVAs (including other "ou=" AVAs) interspersed. For any other attribute type (not ou), there should be at most one AVA of that type in the description. If there are several, all but the last are ignored.
A matching DN must contain that same AVA, but no other AVA of the same type nearer the root (later, syntactically).
AVAs are considered the same if they contain the same attribute description (case-insensitive comparison) and the same attribute value (case-insensitive comparison, leading and trailing whitespace ignored, and consecutive whitespace characters treated as a single SP).
In order to be considered a member of a group with the following memberCertificateDescription, a certificate would need to include ou=x, ou=A, and o=example, but not o=company.
memberCertificateDescription: {ou=x, ou=A, o=company, o=example}
In order to match the group's requirements, a certificate's subject DNs must contain the same ou attribute types in the same order as defined in the memberCertificateDescription attribute.
This attribute is defined in Directory Server.
Identifies an URL associated with each member of a group. Any type of labeled URL can be used.
memberURL: ldap://cn=jdoe, o=example.com
This attribute is defined in Directory Server.
Identifies the entry's mobile or cellular phone number. Abbreviation: mobile
mobileTelephoneNumber: 415-555-4321
This attribute is defined in RFC 1274.
TelephoneNumber, multi-valued.
Identifies the attribute supertype from which string attribute types used for naming may be formed. It is unlikely that values of this type will occur in an entry. LDAP server implementations that do not support attribute subtyping do not need to recognize this attribute in requests. Client implementations should not assume that LDAP servers are capapble of performing attribute subtyping.
This attribute is defined in RFC 2256.
DirectoryString, multi-valued.
Identifies the Netscape server the user is licensed to use. The Netscape Administration Server expects each nsLicenseUser entry to contain zero or more instances of this attribute. Valid keywords for this attribute are currently:
- mail: the user is a licensed client of the Netscape Messaging Server.
- news: the user is a licensed client of the Netscape Collabra Server.
- slapd: the user is a licensed client of the Netscape Directory Server.
- cal: the user is a licensed client of the Netscape Calendar Server.
This attribute is defined in Netscape Administration Services.
DirectoryString, multi-valued.
This attribute is defined in Netscape Administration Services.
DirectoryString, multi-valued.
This attribute is defined in Netscape Administration Services.
DirectoryString, multi-valued.
Identifies the name of the organization.
organizationName: Example Corporation, Inc.
This attribute is defined in RFC 2256.
DirectoryString, multi-valued.
Specifies the object classes of the object. Must include the object.
This attribute is defined in RFC 2256.
DirectoryString, multi-valued.
Contains the distinguished name of a document that obsoletes the document entry.
This attribute is defined in Internet White Pages Pilot.
Contains the distinguished name of a document that is obsoleted by the document entry.
This attribute is defined in Internet White Pages Pilot.
Specifies a category by which a person is often referred to in an organization.
organizationalStatus: researcher
This attribute is defined in RFC 1274.
DirectoryString, multi-valued.
Specifies values for electronic mailbox types other than X.400 and rfc822.
otherMailbox: internet $ jdoe@example.com
This attribute is defined in RFC 1274.
DirectoryString, multi-valued.
Identifies the name of an organizational unit.
organizationUnitName: Marketing
This attribute is defined in RFC 2256.
DirectoryString, multi-valued.
Identifies the distinguished name of the person responsible for the entry.
owner: cn=John Smith, o=Example Corporation, c=US
This attribute is defined in RFC 2256.
Identifies the entry's pager phone number. Abbreviation: pager.
pagerTelephoneNumber: 415-555-6789
This attribute is defined in RFC 1274.
TelephoneNumber, multi-valued.
A signature file, in binary format, for the entry.
This attribute is defined in RFC 1274.
Specifies a personal title for a person. Examples of personal titles are "Ms", "Dr", "Prof" and "Rev".
This attribute is defined in RFC 1274.
DirectoryString, multi-valued.
Contains a photo, in binary form, of the entry.
This attribute is defined in RFC 1274.
Identifies the name of the city or village in which a physical delivery office is located.
physicalDeliveryOfficeName: Santa Clara
This attribute is defined in RFC 2256.
DirectoryString, multi-valued.
Identifies the entry's mailing address. This field is intended to include multiple lines. When represented in LDIF format, each line should be separated by a dollar sign ($).
To represent an actual dollar sign ($) or backslash (\) within this text, use the escaped hex values \24 and \5c respectively. For example, to represent the string:
The dollar ($) value can be found
in the c:\cost file.The dollar (\24) value can be found$in the c:\5ccost file.
This attribute is defined in RFC 2256.
DirectoryString, multi-valued.
Identifies the entry's zip code in the United States.
This attribute is defined in RFC 2256.
DirectoryString, multi-valued.
Specifies a postal mailing address.
This attribute is defined in RFC 2256.
DirectoryString, multi-valued.
Identifies the entry's preferred contact or delivery method.
preferredDeliveryMethod: telephone
This attribute is defined in RFC 2256.
DirectoryString, single-valued.
Defines a person's preferred written or spoken language. The value for this attribute should conform to the syntax for HTTP Accept-Language header values.
This attribute is defined in RFC 2798.
DirectoryString, single-valued.
Contains an OSI presentation address for the entry. The presentation address consists of an OSI Network Address and up to three selectors, one each for use by the transport, session, and presentation entities.
presentationAddress: TELEX+00726322+RFC-1006+02+130.59.2.1
This attribute is defined in RFC 2256.
Used in conjunction with the presentationAddress attribute to provide additional information to the OSO network service.
This attribute is defined in RFC 2256.
DirectoryString, multi-valued.
Used in LDAPv3 to support smart referrals. Contains an LDAP URL in the format:
ldap://<servername>:<portnumber>/<dn>
ref: ldap://server.example.com:389/ou=People, o=example.comThis attribute is defined in LDAPv3 referrals Internet Draft.
This attribute contains a postal address for receiving telegrams or expedited documents. The recipient's signature is usually required on delivery.
This attribute is defined in RFC 2256.
DirectoryString, multi-valued.
Contains the distinguished name of the person acting in the role defined in the organizationalRole entry.
roleOccupant: cn=jdoe, o=example.com
This attribute is defined in RFC 2256.
Specifies the room number of an object. Note that the commonName attribute should be used for naming room objects.
This attribute is defined in RFC 1274.
DirectoryString, multi-valued.
Specifies information for a suggested search criteria when using the entry as the base object in the directory tree for a search operation. When constructing search filters, use enhancedSearchGuide instead.
This attribute is defined in RFC 2256.
Identifies the entry's secretary or administrative assistant.
secretary: cn=John Doe, o=example.com
This attribute is defined in RFC 1274.
Identifies another directory server entry that may contain information related to this entry.
seeAlso: cn=Quality Control Inspectors,ou=manufacturing,o=example.com
This attribute is defined in RFC 2256.
Specifies the serial number of a device.
This attribute is defined in RFC 2256.
DirectoryString, multi-valued.
Specifies the purported data quality at the level immediately below in the DIT.
This attribute is defined in RFC 1274.
DirectoryString, single-valued.
Identifies the entry's surname, also referred to as last name or family name.
This attribute is defined in RFC 2256.
DirectoryString, multi-valued.
Identifies the state or province in which the entry resides. Abbreviation: st.
stateOrProvinceName: California
This attribute is defined in RFC 2256.
DirectoryString, multi-valued.
Identifies the entry's house number and street name.
streetAddress: 1234 Ridgeway Drive
This attribute is defined in RFC 2256.
DirectoryString, multi-valued.
Contains information about the subject matter of the document entry.
subject: employee option grants
This attribute is defined in Internet White Pages Pilot.
DirectoryString, multi-valued.
Specifies the purported maximum data quality for a DIT subtree.
This attribute is defined in RFC 1274.
DirectoryString, single-valued.
Specifies the purported minimum data quality for a DIT subtree.
This attribute is defined in RFC 1274.
DirectoryString, single-valued.
This attribute is to be stored and requested in the binary form, as `supportedAlgorithms;binary'.
supportedAlgorithms:: AAAAAA==
This attribute is defined in RFC 2256.
This attribute contains the identifiers of OSI application contexts.
This attribute is defined in RFC 2256.
DirectoryString, multi-valued.
Identifies the entry's phone number.
This attribute is defined in RFC 2256.
TelephoneNumber, multi-valued.
Identifies the entry's teletex terminal identifier. The format of the attribute is as follows:
teletex-id = ttx-term 0*("$" ttx-param)
ttx-term = printablestring
ttx-param = ttx-key ":" ttx-value
ttx-key = "graphic" / "control" / "misc" / "page" / "private"
ttx-value = octetstringIn the above, the first printable string is the encoding of the first portion of the teletex terminal identifier to be encoded, and the subsequent 0 or more octetstrings are subsequent portions of the teletex terminal identifier.
This attribute is defined in RFC 2256.
DirectoryString, multi-valued.
Defines the telex number of the entry. The format of the telex number is as follows:
actual-number "$" country "$" answerback
- actual-number: the syntactic representation of the number portion of the TELEX number being encoded.
- country: the TELEX country code.
- answerback: the answerback code of aTELEX terminal.
This attribute is defined in RFC 2256.
DirectoryString, multi-valued.
Defines the text-encoded Originator/Recipient (X.400) address of the entry as defined in RFC987.
textEncodedORAddress: /S=doe/OU=eng/O=example/ADMD=telemail/C=us/
This attribute is defined in RFC 1274.
DirectoryString, multi-valued.
Identifies the title of a person in the organization.
This attribute is defined in RFC 2256.
DirectoryString, multi-valued.
Contains the time, in seconds, that cached information about an entry should be considered valid. Once the specified time has elapsed, the information is considered out of date. A value of zero (0) indicates that the entry should not be cached. Abbreviation: ttl.
This attribute is defined in LDAP Caching Internet Draft.
DirectoryString, multi-valued.
Identifies the entry's userid (usually the logon ID). Abbreviation: uid.
This attribute is defined in RFC 1274.
DirectoryString, multi-valued.
Identifies a specific item used to distinguish between two entries when a distinguished name has been reused. This attribute is intended to detect instance of a reference to a distinguished name that has been deleted. This attribute is assigned by the server.
This attribute is defined in RFC 1274.
DirectoryString, multi-valued.
Identifies a group of names associated with an entry where each name was given a uniqueIdentifier to ensure its uniqueness. A value for the uniqueMember attribute is a DN followed by the uniqueIdentifier.
This attribute is defined in RFC 2256.
Contains the distinguished name of a document that is an updated version of the document entry.
This attribute is defined in Internet White Pages Pilot.
Contains the distinguished name of a document for which this document is an updated version.
This attribute is defined in Internet White Pages Pilot.
This attribute is to be stored and requested in the binary form, as `userCertificate;binary'.
userCertificate;binary:: AAAAAA==
This attribute is defined in RFC 2256.
Specifies a category of computer user. The semantics of this attribute are arbitrary. The organizationalStatus attribute makes no distinction between computer users and others users and may be more applicable.
This attribute is defined in RFC 1274.
DirectoryString, multi-valued.
Identifies the entry's password and encryption method in the following format:
{encryption method}encrypted password
Transfer of cleartext passwords is strongly discouraged where the underlying transport service cannot guarantee confidentiality. Transfer of cleartext may result in disclosure of the password to unauthorized parties.
userPassword: {sha}FTSLQhxXpA05
This attribute is defined in RFC 2256.
This attribute provides a format for the exchange of personal identity information. The attribute is to be stored and requested in binary form, as `userPKCS12;binary'. The attribute values are PFX PDUs stored as binary data.
This attribute is defined in RFC 2798.
Used by Netscape Communicator for S/MIME. This attribute is to be stored and requested in the binary form, as `userSMIMECertificte;binary'.
userSMIMECertificate;binary:: AAAAAA==
This attribute is defined in RFC 2798.
Defines the X.121 address of a person.
This attribute is defined in RFC 2256.
Reserved for future use. A binary method of identification useful for differentiating objects when a distinguished name has been reused.
x500UniqueIdentifier:: AAAAAA==
© 2001 Sun Microsystems, Inc. Portions copyright 1999, 2002 Netscape Communications Corporation. All rights reserved.
Last Updated August 16, 2002