Object Class Reference

Schema Reference
Red Hat Directory Server

Index

Chapter 2

Object Class Reference

This chapter contains an alphabetical list of the object classes accepted by the default schema. It gives a definition of each object class and lists its required and allowed attributes. The object classes listed in this chapter are available for you to use to support your own information in the Red Hat Directory Server (Directory Server). Object classes that are used by the Directory Server for internal operations are not documented here. For information about these object classes, please refer to the Red Hat Directory Server Configuration, Command, and File Reference. Replication and synchronization object classes are listed in Chapter 4, "Operational Attributes, Special Attributes, and Special Object Classes."

The required attributes listed for an object class must be present in the entry when that object class is added to the ldif file. If an object class has a superior object class, both of these object classes with all required attributes must be present in the entry. If required attributes are not listed in the ldif file, than the server will not restart.

Note

The LDAP RFCs and X.500 standards allow for an object class to have more than one superior. This behavior is not currently supported by Directory Server.

account

Definition

Used to define entries representing computer accounts.

This object class is defined in RFC 1274.

Superior Class

top

OID

0.9.2342.19200300.100.4.5

Required Attributes

objectClass

Defines the object classes for the entry.

uid (userID)

Identifies the account's user ID.

Allowed Attributes

description

Text description of the entry.

host

Hostname of the computer on which the account resides.

l (localityName)

Place where the account is located.

o (organizationName)

Organization to which the account belongs.

ou (organizationalUnit)

Organizational unit to which the account belongs.

seeAlso

URL to information relevant to the account.

alias

Definition

Used to point to other entries in the directory tree.

Note: Aliasing is not supported in Directory Server.

This object class is defined in RFC 2256.

Superior Class

top

OID

2.5.6.1

Required Attributes

objectClass

Defines the object classes for the entry.

aliasedObjectName

Distinguished name of the entry for which this entry is an alias.

cosClassicDefinition

Definition

Identifies the template entry using both the template entry's DN (as specified in the cosTemplateDn attribute) and the value of one of the target entry's attributes (as specified in the cosSpecifier attribute).

This object class is defined in Directory Server.

Superior Class

cosSuperDefinition

OID

2.16.840.1.113730.3.2.100

Required Attributes

objectClass

Defines the object classes for the entry.

cosAttribute

Provides the name of the attribute for which you want to generate a value. You can specify more than one cosAttribute value.

Allowed Attributes

cn (commonName)

Common name of the entry.

cosSpecifier

Specifies the attribute value used by a classic CoS, which, along with the template entry's DN, identifies the template entry.

cosTemplateDn

Provides the DN of the template entry associated with the CoS definition.

description

Text description of the entry.

cosDefinition

Definition

Defines the Class of Services you are using. This object class is supported in order to provide compatibility with the DS4.1 CoS Plug-in.

This object class is defined in Directory Server.

Superior Class

top

OID

2.16.840.1.113730.3.2.84

Required Attributes

objectClass

Defines the object classes for the entry.

Allowed Attributes

aci

Evaluates what rights are granted or denied when the Directory Server receives an LDAP request from a client.

cn (commonName)

Common name of the entry.

cosAttribute

Provides the name of the attribute for which you want to generate a value. You can specify more than one cosAttribute value.

cosSpecifier

Specifies the attribute value used by a classic CoS, which, along with the template entry's DN, identifies the template entry.

cosTargetTree

Determines the subtrees of the DIT to which the CoS schema applies.

cosTemplateDn

Provides the DN of the template entry associated with the CoS definition.

uid (userID)

Identifies the user ID.

cosIndirectDefinition

Definition

Identifies the template entry using the value of one of the target entry's attributes. The attribute of the target entry is specified in the cosIndirectSpecifier attribute.

This object class is defined in Directory Server.

Superior Class

cosSuperDefinition

OID

2.16.840.1.113730.3.2.102

Required Attributes

objectClass

Defines the object classes for the entry.

cosAttribute

Provides the name of the attribute for which you want to generate a value. You can specify more than one cosAttribute value.

Allowed Attributes

cn (commonName)

Common name of the entry.

cosIndirectSpecifier

Specifies the attribute value used by an indirect CoS to identify the template entry.

description

Text description of the entry.

cosPointerDefinition

Definition

Identifies the template entry associated with the CoS definition using the template entry's DN value. The DN of the template entry is specified in the cosTemplateDn attribute.

This object class is defined in Directory Server.

Superior Class

cosSuperDefinition

OID

2.16.840.1.113730.3.2.101

Required Attributes

objectClass

Defines the object classes for the entry.

cosAttribute

Provides the name of the attribute for which you want to generate a value. You can specify more than one cosAttribute value.

Allowed Attributes

cn (commonName)

Common name of the entry.

cosTemplateDn

Provides the DN of the template entry associated with the CoS definition.

description

Text description of the entry.

cosSuperDefinition

Definition

All CoS definition object classes inherit from the cosSuperDefinition object class.

This object class is defined in Directory Server.

Superior Class

ldapSubEntry

OID

2.16.840.1.113730.3.2.99

Required Attributes

objectClass

Defines the object classes for the entry.

cosAttribute

Provides the name of the attribute for which you want to generate a value. You can specify more than one cosAttribute value.

Allowed Attributes

cn (commonName)

Common name of the entry.

description

Text description of the entry.

cosTemplate

Definition

Contains a list of the shared attribute values.

This object class is defined in Directory Server.

Superior Class

top

OID

2.16.840.1.113730.3.2.128

Required Attributes

objectClass

Defines the object classes for the entry.

Allowed Attributes

cn (commonName)

Common name of the entry.

cosPriority

Specifies which template provides the attribute value when CoS templates compete to provide an attribute value.

country

Definition

Used to define entries that represent countries.

This object class is defined in RFC 2256.

Superior Class

top

OID

2.5.6.2

Required Attributes

objectClass

Defines the object classes for the entry.

c (countryName)

Contains the two-character code representing country names, as defined by ISO, in the directory.

Allowed Attributes

description

Text description of the country.

searchGuide

Specifies information for suggested search criteria when using the entry as the base object in the directory tree for a search operation.

dcObject

Definition

Allows domain components to be defined for an entry. This object class is defined as auxiliary because it is commonly used in combination with another object class, such as o (organizationName), ou (organizationalUnitName), or l (localityName). For example:
dn: dc=example,dc=com

objectClass: top

objectClass: organization

objectClass: dcObject

dc: example

o: Example Corporation
 
This object class is defined in RFC 2247.

Superior Class

top

OID

1.3.6.1.4.1.1466.344

Required Attributes

objectClass

Defines the object classes for the entry.

dc (domainComponent)

One component of a domain name.

device

Definition

Used to store information about network devices, such as printers, in the directory.

This object class is defined in RFC 2256.

Superior Class

top

OID

2.5.6.14

Required Attributes

objectClass

Defines the object classes for the entry.

cn (commonName)

Common name of the device.

Allowed Attributes

description

Text description of the device.

l (localityName)

Place where the device is located.

o (organizationName)

Organization to which the device belongs.

ou (organizationalUnit)

Organizational unit to which the device belongs.

owner

Distinguished name of the person responsible for the device.

seeAlso

URL to information relevant to the device.

serialNumber

Serial number of the device.

document

Definition

Used to define entries which represent documents in the directory.

This object class is defined in RFC 1274.

Superior Class

top

OID

0.9.2342.19200300.100.4.6

Required Attributes

objectClass

Defines the object classes for the entry.

documentIdentifier

Unique identifier for a document.

Allowed Attributes

abstract

Abstract of the document.

audio

Stores a sound file in binary format.

authorCn

Author's common or given name.

authorSn

Author's surname.

cn (commonName)

Common name of the document.

description

Text description of the document.

dITRedirect

Distinguished name to use as a redirect for the entry.

documentAuthor

Distinguished name of the document author.

documentLocation

Location of the original document.

documentPublisher

Person or organization that published the document.

documentStore

Not defined.

documentTitle

The document's title.

documentVersion

The document's version number.

info

Information about the object.

jpegPhoto

Photo in jpeg format.

keyWords

Keywords that describe the document.

l (localityName)

Place where the document is located.

lastModifiedBy

Distinguished name of the last user to modify the document.

lastModifiedTime

Last time the document was modified.

manager

Distinguished name of the object's manager.

o (organizationName)

Organization to which the document belongs.

obsoletedByDocument

Distinguished name of a document that obsoletes this document.

obsoletesDocument

Distinguished name of a document that is obsoleted by this document.

ou (organizationalUnit)

Organizational unit to which the document belongs.

photo

Photo of the document, in binary form.

seeAlso

URL to information relevant to the document.

subject

Subject of the document.

uniqueIdentifier

Specific item used to distinguish between two entries when a distinguished name has been reused.

updatedByDocument

Distinguished name of a document that is an updated version of this document.

updatesDocument

Distinguished name of a document for which this document is an updated version.

documentSeries

Definition

Used to define an entry that represents a series of documents.

This object class is defined in RFC 1274.

Superior Class

top

OID

0.9.2342.19200300.100.4.9

Required Attributes

objectClass

Defines the object classes for the entry.

cn (commonName)

The common name of the series.

Allowed Attributes

description

Text description of the series.

l (localityName)

Place where the series is located.

o (organizationName)

Organization to which the series belongs.

ou (organizationalUnit)

Organizational unit to which the series belongs.

seeAlso

URL to information relevant to the series.

telephoneNumber

Telephone number of the person responsible for the series.

domain

Definition

Used to define entries that represent DNS domains in the directory. The dc (domainComponent) attribute should be used for naming entries of this object class.

Used to represent Internet domain names (e.g., example.com).

The domain object class can only be used with an entry that does not correspond to an organization, organizational unit or other type of object for which an object class has been defined. The domain object class requires that the dc (domainComponent) attribute be present and permits several other attributes to be present in the entry.

This object class is defined in RFC 2247.

Superior Class

top

OID

0.9.2342.19200300.100.4.13

Required Attributes

objectClass

Defines the object classes for the entry.

dc (domainComponent)

One component of a domain name.

Allowed Attributes

associatedName

Entry in the organizational directory tree associated with a DNS domain.

businessCategory

Type of business in which this domain is engaged.

description

Text description of the domain.

destinationIndicator

Country and city associated with the entry; needed to provide Public Telegram Service.

fax (facsimileTelephoneNumber)

Domain's fax number.

internationalISDNNumber

Domain's ISDN number.

l (localityName)

Place where the domain is located.

o (organizationName)

Organization to which the domain belongs.

physicalDeliveryOfficeName

Location where physical deliveries can be made.

postOfficeBox

Domain's post office box.

postalAddress

Domain's mailing address.

postalCode

The postal code for this address (such as a United States zip code).

preferredDeliveryMethod

Domain's preferred method of contact or delivery.

registeredAddress

Postal address suitable for reception of expedited documents when the recipient must verify delivery.

searchGuide

Specifies information for suggested search criteria when using the entry as the base object in the directory tree for a search operation.

seeAlso

URL to information relevant to the domain.

st (stateOrProvinceName)

State or province where the domain is located.

street

Street address where the domain is located.

telephoneNumber

Domain's telephone number.

teletexTerminalIdentifier

Identifier for a domain's teletex terminal.

telexNumber

Domain's telex number.

userPassword

Password with which the entry can bind to the directory.

x121Address

X.121 address of the domain.

domainRelatedObject

Definition

Used to define entries which represent DNS/NRS domains which are "equivalent" to an X.500 domain; for example, an organization or organizational unit.

This object class is defined in RFC 1274.

Superior Class

top

OID

0.9.2342.19200300.100.4.17

Required Attributes

objectClass

Defines the object classes for the entry.

associatedDomain

Specifies a DNS domain associated with an object in the directory tree.

dSA

Definition

Used to define entries representing DSAs in the directory.

This object class is defined in RFC 1274.

Superior Class

top

OID

2.5.6.13

Required Attributes

objectClass

Defines the object classes for the entry.

cn (commonName)

The common name of the series.

presentationAddress

Contains an OSI presentation address for the entry.

Allowed Attributes

description

Text description of the series.

knowledgeInformation

This attribute is no longer used.

l (localityName)

Place where the series is located.

o (organizationName)

Organization to which the series belongs.

ou (organizationalUnit)

Organizational unit to which the series belongs.

seeAlso

URL to information relevant to the series.

supportedApplicationContext

This attribute contains the identifiers of OSI application contexts.

extensibleObject

Definition

When present in an entry, extensibleObject permits the entry to hold optionally any attribute. The allowed attribute list of this class is implicitly the set of all attributes known to the server.

This object class is defined in RFC 2252.

Superior Class

top

OID

1.3.6.1.4.1.1466.101.120.111

Required Attributes

objectClass

Defines the object classes for the entry.

Allowed Attributes

All attributes known to the server.

friendlyCountry

Definition

Used to define country entries in the directory tree. This object class is used to allow more user-friendly country names than those allowed by the country object class.

This object class is defined in RFC 1274.

Superior Class

top

OID

0.9.2342.19200300.100.4.18

Required Attributes

objectClass

Defines the object classes for the entry.

co (friendlyCountryName)

Stores the name of a country.

c (countryName)

Contains the two-character code representing country names, as defined by ISO, in the directory.

Allowed Attributes

description

Text description of the country.

searchGuide

Specifies information for suggested search criteria when using the entry as the base object in the directory tree for a search operation.

groupOfCertificates

Definition

Used to describe a set of X.509 certificates. Any certificate that matches one of the memberCertificateDescription values is considered a member of the group.

This object class is defined in Directory Server.

Superior Class

top

OID

2.16.840.1.113730.3.2.31

Required Attributes

objectClass

Defines the object classes for the entry.

cn (commonName)

The group's common name.

Allowed Attributes

businessCategory

Type of business in which the group is engaged.

description

Text description of the group's purpose.

memberCertificateDescription

Values used to determine if a particular certificate is a member of this group.

o (organizationName)

Organization to which the group of certificates belongs.

ou (organizationalUnit)

Organizational unit to which the group belongs.

owner

Distinguished name of the person responsible for the group.

seeAlso

URL to information relevant to the group.

groupOfNames

Definition

Used to define entries for a group of names.

Note: The definition in Directory Server differs from the standard definition. In the standard definition, member is a required attribute. In Directory Server, member is an allowed attribute. Directory Server therefore allows a group to have no member.

This object class is defined in RFC 2256.

Superior Class

top

OID

2.5.6.9

Required Attributes

objectClass

Defines the object classes for the entry.

cn (commonName)

The group's common name.

Allowed Attributes

businessCategory

Type of business in which the group is engaged.

description

Text description of the group's purpose.

member

Distinguished name of a group member.

o (organizationName)

Organization to which the group belongs.

ou (organizationalUnit)

Organizational unit to which the group belongs.

owner

Distinguished name of the person responsible for the group.

seeAlso

URL to information relevant to the group.

groupOfUniqueNames

Definition

Used to define entries for a group of unique names.

Note: The definition in Directory Server differs from the standard definition. In the standard definition, uniquemember is a required attribute. In Directory Server, uniquemember is an allowed attribute. Directory Server therefore allows a group to have no member.

This object class is defined in RFC 2256.

Superior Class

top

OID

2.5.6.17

Required Attributes

objectClass

Defines the object classes for the entry.

objectClass	Defines the object classes for the entry.
uid (userID)	Identifies the account's user ID.

description	Text description of the entry.
host	Hostname of the computer on which the account resides.
l (localityName)	Place where the account is located.
o (organizationName)	Organization to which the account belongs.
ou (organizationalUnit)	Organizational unit to which the account belongs.
seeAlso	URL to information relevant to the account.

objectClass	Defines the object classes for the entry.
aliasedObjectName	Distinguished name of the entry for which this entry is an alias.

objectClass	Defines the object classes for the entry.
cosAttribute	Provides the name of the attribute for which you want to generate a value. You can specify more than one cosAttribute value.

cn (commonName)	Common name of the entry.
cosSpecifier	Specifies the attribute value used by a classic CoS, which, along with the template entry's DN, identifies the template entry.
cosTemplateDn	Provides the DN of the template entry associated with the CoS definition.
description	Text description of the entry.

aci	Evaluates what rights are granted or denied when the Directory Server receives an LDAP request from a client.
cn (commonName)	Common name of the entry.
cosAttribute	Provides the name of the attribute for which you want to generate a value. You can specify more than one cosAttribute value.
cosSpecifier	Specifies the attribute value used by a classic CoS, which, along with the template entry's DN, identifies the template entry.
cosTargetTree	Determines the subtrees of the DIT to which the CoS schema applies.
cosTemplateDn	Provides the DN of the template entry associated with the CoS definition.
uid (userID)	Identifies the user ID.

cn (commonName)	Common name of the entry.
cosIndirectSpecifier	Specifies the attribute value used by an indirect CoS to identify the template entry.
description	Text description of the entry.

cn (commonName)	Common name of the entry.
cosPriority	Specifies which template provides the attribute value when CoS templates compete to provide an attribute value.

objectClass	Defines the object classes for the entry.
c (countryName)	Contains the two-character code representing country names, as defined by ISO, in the directory.

description	Text description of the country.
searchGuide	Specifies information for suggested search criteria when using the entry as the base object in the directory tree for a search operation.

objectClass	Defines the object classes for the entry.
dc (domainComponent)	One component of a domain name.

description	Text description of the device.
l (localityName)	Place where the device is located.
o (organizationName)	Organization to which the device belongs.
ou (organizationalUnit)	Organizational unit to which the device belongs.
owner	Distinguished name of the person responsible for the device.
seeAlso	URL to information relevant to the device.
serialNumber	Serial number of the device.

objectClass	Defines the object classes for the entry.
documentIdentifier	Unique identifier for a document.

abstract	Abstract of the document.
audio	Stores a sound file in binary format.
authorCn	Author's common or given name.
authorSn	Author's surname.
cn (commonName)	Common name of the document.
description	Text description of the document.
dITRedirect	Distinguished name to use as a redirect for the entry.
documentAuthor	Distinguished name of the document author.
documentLocation	Location of the original document.
documentPublisher	Person or organization that published the document.
documentStore	Not defined.
documentTitle	The document's title.
documentVersion	The document's version number.
info	Information about the object.
jpegPhoto	Photo in jpeg format.
keyWords	Keywords that describe the document.
l (localityName)	Place where the document is located.
lastModifiedBy	Distinguished name of the last user to modify the document.
lastModifiedTime	Last time the document was modified.
manager	Distinguished name of the object's manager.
o (organizationName)	Organization to which the document belongs.
obsoletedByDocument	Distinguished name of a document that obsoletes this document.
obsoletesDocument	Distinguished name of a document that is obsoleted by this document.
ou (organizationalUnit)	Organizational unit to which the document belongs.
photo	Photo of the document, in binary form.
seeAlso	URL to information relevant to the document.
subject	Subject of the document.
uniqueIdentifier	Specific item used to distinguish between two entries when a distinguished name has been reused.
updatedByDocument	Distinguished name of a document that is an updated version of this document.
updatesDocument	Distinguished name of a document for which this document is an updated version.

description	Text description of the series.
l (localityName)	Place where the series is located.
o (organizationName)	Organization to which the series belongs.
ou (organizationalUnit)	Organizational unit to which the series belongs.
seeAlso	URL to information relevant to the series.
telephoneNumber	Telephone number of the person responsible for the series.

associatedName	Entry in the organizational directory tree associated with a DNS domain.
businessCategory	Type of business in which this domain is engaged.
description	Text description of the domain.
destinationIndicator	Country and city associated with the entry; needed to provide Public Telegram Service.
fax (facsimileTelephoneNumber)	Domain's fax number.
internationalISDNNumber	Domain's ISDN number.
l (localityName)	Place where the domain is located.
o (organizationName)	Organization to which the domain belongs.
physicalDeliveryOfficeName	Location where physical deliveries can be made.
postOfficeBox	Domain's post office box.
postalAddress	Domain's mailing address.
postalCode	The postal code for this address (such as a United States zip code).
preferredDeliveryMethod	Domain's preferred method of contact or delivery.
registeredAddress	Postal address suitable for reception of expedited documents when the recipient must verify delivery.
searchGuide	Specifies information for suggested search criteria when using the entry as the base object in the directory tree for a search operation.
seeAlso	URL to information relevant to the domain.
st (stateOrProvinceName)	State or province where the domain is located.
street	Street address where the domain is located.
telephoneNumber	Domain's telephone number.
teletexTerminalIdentifier	Identifier for a domain's teletex terminal.
telexNumber	Domain's telex number.
userPassword	Password with which the entry can bind to the directory.
x121Address	X.121 address of the domain.

objectClass	Defines the object classes for the entry.
associatedDomain	Specifies a DNS domain associated with an object in the directory tree.

description	Text description of the series.
knowledgeInformation	This attribute is no longer used.
l (localityName)	Place where the series is located.
o (organizationName)	Organization to which the series belongs.
ou (organizationalUnit)	Organizational unit to which the series belongs.
seeAlso	URL to information relevant to the series.
supportedApplicationContext	This attribute contains the identifiers of OSI application contexts.

objectClass	Defines the object classes for the entry.
co (friendlyCountryName)	Stores the name of a country.
c (countryName)	Contains the two-character code representing country names, as defined by ISO, in the directory.

businessCategory	Type of business in which the group is engaged.
description	Text description of the group's purpose.
memberCertificateDescription	Values used to determine if a particular certificate is a member of this group.
o (organizationName)	Organization to which the group of certificates belongs.
ou (organizationalUnit)	Organizational unit to which the group belongs.
owner	Distinguished name of the person responsible for the group.
seeAlso	URL to information relevant to the group.