Attribute definitions for Directory Server
You can use the example provided here to know more about attribute definitions for Directory Server.
attributetypes=( 1.3.18.0.2.4.285
NAME 'aclEntry'
DESC 'Holds the access controls for entries in an IBM eNetwork LDAP
directory'
EQUALITY 2.5.13.2
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.285
DBNAME( 'aclEntry''aclEntry' )
ACCESS-CLASS restricted
LENGTH 32700 )
attributetypes=( 1.3.18.0.2.4.286
NAME 'aclPropagate'
DESC 'Indicates whether the ACL applies on entry or subtree.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.286
DBNAME( 'aclPropagate''aclPropagate' )
ACCESS-CLASS restricted
LENGTH 5 )
attributetypes=( 1.3.18.0.2.4.287
NAME 'aclSource'
DESC 'Indicates whether the ACL applies on entry or subtree.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.287
DBNAME( 'aclSource''aclSource' )
ACCESS-CLASS system
LENGTH 1000 )
attributetypes=( 2.5.4.1
NAME ( 'aliasedObjectName''aliasedentryname')
DESC 'Represents the pointed to entry that is specified within an
alias entry.'
EQUALITY 2.5.13.1
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 2.5.4.1
DBNAME( 'aliasedObject''aliasedObject' )
ACCESS-CLASS normal
LENGTH 1000
EQUALITY )
attributetypes=( 1.3.6.1.4.1.1466.101.120.6
NAME 'altServer'
DESC 'The values of this attribute are URLs of other servers which
may be contacted when this server becomes unavailable.'
EQUALITY 1.3.6.1.4.1.1466.109.114.1
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
USAGE dSAOperation )
IBMAttributetypes=( 1.3.6.1.4.1.1466.101.120.6
DBNAME( 'altServer''altServer' )
ACCESS-CLASS normal
LENGTH 2048 )
attributetypes=( 2.5.21.5
NAME 'attributeTypes'
DESC 'This attribute is typically located in the subschema entry
and is used to store all attributes known to the server and
objectClasses.'
EQUALITY 2.5.13.30
SYNTAX 1.3.6.1.4.1.1466.115.121.1.3
USAGE directoryOperation )
IBMAttributetypes=( 2.5.21.5
DBNAME( 'attributeTypes''attributeTypes' )
ACCESS-CLASS system
LENGTH 30
EQUALITY )
attributetypes=( 2.5.4.15
NAME 'businessCategory'
DESC 'This attribute describes the kind of business performed by an
organization.'
EQUALITY 2.5.13.2
SUBSTR 2.5.13.4
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
USAGE userApplications )
IBMAttributetypes=( 2.5.4.15
DBNAME( 'businessCategory' 'businessCategory' )
ACCESS-CLASS normal
LENGTH 128
EQUALITY
SUBSTR)
attributetypes=( 2.16.840.1.113730.3.1.5
NAME 'changeNumber'
DESC 'Contains the change number of the entry as assigned by the
supplier server.'
EQUALITY 2.5.13.14
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE
NO-USER-MODIFICATION
USAGE userApplications )
IBMAttributetypes=( 2.16.840.1.113730.3.1.5
DBNAME( 'changeNumber''changeNumber' )
ACCESS-CLASS normal
LENGTH 11
EQUALITY APPROX )
attributetypes=( 2.16.840.1.113730.3.1.8
NAME 'changes'
DESC 'Defines changes made to a Directory Server. These changes are
in LDIF format.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
SINGLE-VALUE
NO-USER-MODIFICATION
USAGE userApplications )
IBMAttributetypes=( 2.16.840.1.113730.3.1.8
DBNAME( 'changes''changes' )
ACCESS-CLASS sensitive )
attributetypes=( 2.16.840.1.113730.3.1.77
NAME 'changeTime'
DESC 'Time last changed.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
SINGLE-VALUE
NO-USER-MODIFICATION
USAGE userApplications )
IBMAttributetypes=( 2.16.840.1.113730.3.1.77
DBNAME( 'changeTime''changeTime' )
ACCESS-CLASS normal
LENGTH 30 )
attributetypes=( 2.16.840.1.113730.3.1.7
NAME 'changeType'
DESC 'Describes the type of change performed on an entry. Accepted
values include: add, delete, modify, modrdn.'
EQUALITY 2.5.13.2
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
NO-USER-MODIFICATION
USAGE userApplications )
IBMAttributetypes=( 2.16.840.1.113730.3.1.7
DBNAME( 'changeType''changeType' )
ACCESS-CLASS normal
LENGTH 250
EQUALITY )
attributetypes=( 2.5.4.3
NAME ( 'cn''commonName')
DESC 'This is the X.500 commonName attribute, which contains a name of an object.
If the object corresponds to a person, it is typically the persons
full name.'
SUP 2.5.4.41
EQUALITY 2.5.13.2
ORDERING 2.5.13.3
SUBSTR 2.5.13.4
USAGE userApplications )
IBMAttributetypes=( 2.5.4.3
DBNAME( 'cn''cn' )
ACCESS-CLASS normal
LENGTH 256
EQUALITY
ORDERING
SUBSTR
APPROX )
attributetypes=( 2.5.18.1
NAME 'createTimestamp'
DESC 'Contains the time that the directory entry was created.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
SINGLE-VALUE
NO-USER-MODIFICATION
USAGE directoryOperation )
IBMAttributetypes=( 2.5.18.1
DBNAME( 'ldap_entry''create_Timestamp' )
ACCESS-CLASS system
LENGTH 26 )
attributetypes=( 2.5.18.3
NAME 'creatorsName'
DESC 'Contains the creator of a directory entry.'
EQUALITY 2.5.13.1
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
SINGLE-VALUE
NO-USER-MODIFICATION
USAGE directoryOperation )
IBMAttributetypes=( 2.5.18.3
DBNAME( 'ldap_entry''creator' )
ACCESS-CLASS system
LENGTH 1000
EQUALITY )
attributetypes=( 2.16.840.1.113730.3.1.10
NAME 'deleteOldRdn'
DESC 'a flag which indicates if the old RDN should be retained as
an attribute of the entry'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE
NO-USER-MODIFICATION
USAGE userApplications )
IBMAttributetypes=( 2.16.840.1.113730.3.1.10
DBNAME( 'deleteOldRdn''deleteOldRdn' )
ACCESS-CLASS normal
LENGTH 5 )
attributetypes=( 2.5.4.13
NAME 'description'
DESC 'Attribute common
to CIM and LDAP schema to provide lengthy description of a
directory object entry.'
EQUALITY 2.5.13.2
SUBSTR 2.5.13.4
SYNTAX
1.3.6.1.4.1.1466.115.121.1.15
USAGE userApplications )
IBMAttributetypes=( 2.5.4.13
DBNAME( 'description''description' )
ACCESS-CLASS normal
LENGTH 1024
EQUALITY
SUBSTR )
attributetypes=( 2.5.21.2
NAME 'ditContentRules'
DESC 'Refer to RFC 2252.'
EQUALITY 2.5.13.30
SYNTAX 1.3.6.1.4.1.1466.115.121.1.16
USAGE directoryOperation )
IBMAttributetypes=( 2.5.21.2
DBNAME( 'ditContentRules''ditContentRules' )
ACCESS-CLASS system
LENGTH 256
EQUALITY )
attributetypes=( 2.5.21.1
NAME 'ditStructureRules'
DESC 'Refer to RFC 2252.'
EQUALITY 2.5.13.29
SYNTAX 1.3.6.1.4.1.1466.115.121.1.17
USAGE directoryOperation )
IBMAttributetypes=( 2.5.21.1
DBNAME( 'ditStructureRules''ditStructureRules' )
ACCESS-CLASS system
LENGTH 256
EQUALITY )
attributetypes=( 2.5.4.49
NAME ( 'dn''distinguishedName')
DESC 'This attribute type is not used as the name of the object itself,
but it is instead a base type from which attributes with DN syntax
inherit. It is unlikely that values of this type itself will occur
in an entry.'
EQUALITY 2.5.13.1
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
USAGE userApplications )
IBMAttributetypes=( 2.5.4.49
DBNAME( 'dn''dn' )
ACCESS-CLASS normal
LENGTH 1000
EQUALITY )
attributetypes=( 1.3.18.0.2.4.288
NAME 'entryOwner'
DESC 'Indicates the distinguished name noted as the owner of the
entry'
EQUALITY 2.5.13.2
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.288
DBNAME( 'entryOwner''entryOwner' )
ACCESS-CLASS restricted
LENGTH 1000 )
attributetypes=( 2.5.18.9
NAME 'hasSubordinates'
DESC 'Indicates whether any subordinate entries exist below the
entry holding this attribute.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE
NO-USER-MODIFICATION
USAGE directoryOperation )
IBMAttributetypes=( 2.5.18.9
DBNAME( 'hasSubordinates''hasSubordinates' )
ACCESS-CLASS system
LENGTH 5 )
attributetypes=( 1.3.18.0.2.4.2244
NAME 'ibm-allGroups'
DESC 'All groups to which an entry belongs. An entry may be a member
directly via member, uniqueMember or memberURL attributes, or
indirectly via ibm-memberGroup attributes. Read-only operational
attribute (not allowed in filter).'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
NO-USER-MODIFICATION
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2244
DBNAME( 'allGroups''allGroups' )
ACCESS-CLASS normal
LENGTH 1000 )
attributetypes=( 1.3.18.0.2.4.2243
NAME 'ibm-allMembers'
DESC 'All members of a group. An entry may be a member directly via
member, uniqueMember or memberURL attributes, or indirectly via
ibm-memberGroup attributes. Read-only operational attribute (not
allowed in filter).'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
NO-USER-MODIFICATION
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2243
DBNAME( 'ibmallMembers''ibmallMembers' )
ACCESS-CLASS normal
LENGTH 1000 )
attributetypes=( 1.3.18.0.2.4.1077
NAME 'ibm-audit'
DESC 'TRUE or FALSE. Enable or disable the audit service. Default
is FALSE.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.1077
DBNAME( 'audit''audit' )
ACCESS-CLASS critical
LENGTH 16 )
attributetypes=( 1.3.18.0.2.4.1073
NAME 'ibm-auditAdd'
DESC 'TRUE or FALSE. Indicate whether to log the Add operation.
Default is FALSE.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.1073
DBNAME( 'auditAdd''auditAdd' )
ACCESS-CLASS critical
LENGTH 16 )
attributetypes=( 1.3.18.0.2.4.1070
NAME 'ibm-auditBind'
DESC 'TRUE or FALSE. Indicate whether to log the Bind operation.
Default is FALSE.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.1070
DBNAME( 'auditBind''auditBind' )
ACCESS-CLASS critical
LENGTH 16 )
attributetypes=( 1.3.18.0.2.4.1071
NAME 'ibm-auditDelete'
DESC 'TRUE or FALSE. Indicate whether to log the Delete operation.
Default is FALSE.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.1071
DBNAME( 'auditDelete''auditDelete' )
ACCESS-CLASS critical
LENGTH 16 )
attributetypes=( 1.3.18.0.2.4.1069
NAME 'ibm-auditExtOpEvent'
DESC 'TRUE or FALSE. Indicate whether to log LDAP v3 Event
Notification extended operations. Default is FALSE.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.1069
DBNAME( 'auditExtOpEvent''auditExtOpEvent' )
ACCESS-CLASS critical
LENGTH 16 )
attributetypes=( 1.3.18.0.2.4.1078
NAME 'ibm-auditFailedOpOnly'
DESC 'TRUE or FALSE. Indicate whether to only log failed operations.
Default is FALSE.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.1078
DBNAME( 'auditFailedOpOnly''auditFailedOpOnly' )
ACCESS-CLASS
critical LENGTH 16 )
attributetypes=( 1.3.18.0.2.4.1079
NAME 'ibm-auditLog'
DESC 'Specifies the pathname for the audit log.'
EQUALITY 2.5.13.5 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.1079
DBNAME( 'auditLog''auditLog' )
ACCESS-CLASS critical
LENGTH 1024 )
attributetypes=( 1.3.18.0.2.4.1072
NAME 'ibm-auditModify'
DESC 'TRUE or FALSE. Indicate whether to log the Modify operation.
Default is FALSE.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.1072
DBNAME( 'auditModify''auditModify' )
ACCESS-CLASS critical
LENGTH 16 )
attributetypes=( 1.3.18.0.2.4.1075
NAME 'ibm-auditModifyDN'
DESC 'TRUE or FALSE. Indicate whether to log the ModifyRDN
operation. Default is FALSE.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.1075
DBNAME( 'auditModifyDN''auditModifyDN' )
ACCESS-CLASS critical
LENGTH 16 )
attributetypes=( 1.3.18.0.2.4.1074
NAME 'ibm-auditSearch'
DESC 'TRUE or FALSE. Indicate whether to log the Search operation.
Default is FALSE.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.1074
DBNAME( 'auditSearch''auditSearch' )
ACCESS-CLASS critical
LENGTH 16 )
attributetypes=( 1.3.18.0.2.4.1076
NAME 'ibm-auditUnbind'
DESC 'TRUE or FALSE. Indicate whether to log the Unbind operation.
Default is FALSE.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.1076
DBNAME( 'auditUnbind''auditUnbind' )
ACCESS-CLASS critical
LENGTH 16 )
attributetypes=( 1.3.18.0.2.4.2483
NAME 'ibm-capabilitiessubentry'
DESC 'Names the ibm-capabilities subentry object listing the
capabilities of the naming context containing this object.'
EQUALITY 2.5.13.1
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE
NO-USER-MODIFICATION
USAGE dSAOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2483
DBNAME( 'ibmcapsubentry''ibmcapsubentry' )
ACCESS-CLASS system
LENGTH 1000 )
attributetypes=( 1.3.18.0.2.4.2444
NAME 'ibm-effectiveAcl'
DESC 'An operational attribute that contains the accumulated filter
based effective access for entries in an IBM LDAP directory.'
EQUALITY 2.5.13.2
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 NO-USER-MODIFICATION
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2444
DBNAME( 'effectiveAcl''effectiveAcl' )
ACCESS-CLASS restricted
LENGTH 32700 )
attributetypes=( 1.3.18.0.2.4.2331
NAME 'ibm-effectiveReplicationModel'
DESC 'Advertises in the Root DSE the OID of the replication model in
use by the server'
EQUALITY 1.3.6.1.4.1.1466.109.114.1
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE NO-USER-MODIFICATION
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2331
DBNAME( 'effectiveReplicat''effectiveReplicat' )
ACCESS-CLASS system
LENGTH 240 )
attributetypes=( 1.3.18.0.2.4.2482
NAME 'ibm-enabledCapabilities'
DESC 'Lists capabilities that are enabled for use on this server.'
EQUALITY 2.5.13.2
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
NO-USER-MODIFICATION
USAGE dSAOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2482
DBNAME( 'ibmenabledcap''ibmenabledcap' )
ACCESS-CLASS system
LENGTH 100 )
attributetypes=( 1.3.18.0.2.4.2325
NAME 'ibm-entryChecksum'
DESC 'A checksum of the user attributes for the entry containing
this attribute.'
EQUALITY 1.3.6.1.4.1.1466.109.114.1
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE
NO-USER-MODIFICATION
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2325
DBNAME( 'entryChecksum''entryChecksum' )
ACCESS-CLASS system
LENGTH 100 )
attributetypes=( 1.3.18.0.2.4.2326
NAME 'ibm-entryChecksumOp'
DESC 'A checksum of the replicated operational attributes for the
entry containing this attribute.'
EQUALITY 1.3.6.1.4.1.1466.109.114.1
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE NO-USER-MODIFICATION
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2326
DBNAME( 'entryChecksumOp''entryChecksumOp' )
ACCESS-CLASS system
LENGTH 100 )
attributetypes=( 1.3.18.0.2.4.1780
NAME 'ibm-entryUuid'
DESC 'Uniquely identifies a directory entry throughout its life.'
EQUALITY 2.5.13.2
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
NO-USER-MODIFICATION
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.1780
DBNAME( 'ibmEntryUuid''ibmEntryUuid' )
ACCESS-CLASS system
LENGTH 36
EQUALITY )
attributetypes=( 1.3.18.0.2.4.2443
NAME 'ibm-filterAclEntry'
DESC 'Contains filter based access controls for entries in an IBM
LDAP directory.'
EQUALITY 2.5.13.2
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2443
DBNAME( 'filterAclEntry''filterAclEntry' )
ACCESS-CLASS restricted
LENGTH 32700 )
attributetypes=( 1.3.18.0.2.4.2445
NAME 'ibm-filterAclInherit'
DESC 'Indicates whether filter based ACLs should accumulate up the
ancestor tree.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2445
DBNAME( 'filterAclInherit''filterAclInherit' )
ACCESS-CLASS restricted
LENGTH 5 )
attributetypes=( 1.3.18.0.2.4.3238
NAME 'ibm-pwdPolicyStartTime'
DESC 'Specifies the time Password Policy was last turned on.'
ORDERING 2.5.13.28
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.3238
DBNAME( 'pwdPolicyStartTim'' pwdPolicyStartTim ')
ACCESS-CLASS normal
LENGTH 30 )
attributetypes=( 1.3.18.0.2.4.2330
NAME 'ibm-replicationChangeLDIF'
DESC 'Provides LDIF representation of the last failing operation'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
SINGLE-VALUE
NO-USER-MODIFICATION
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2330
DBNAME( 'replicationChange''replicationChange' )
ACCESS-CLASS system )
attributetypes=( 1.3.18.0.2.4.2498
NAME 'ibm-replicationIsQuiesced'
DESC 'Indicates whether the replicated subtree containing this
attribute is quiesced on this server.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 S
INGLE-VALUE
NO-USER-MODIFICATION
USAGE dSAOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2498
DBNAME( 'replIsQuiesced''replIsQuiesced' )
ACCESS-CLASS system
LENGTH 5 )
attributetypes=( 1.3.18.0.2.4.2338
NAME 'ibm-replicationLastActivationTime'
DESC 'Indicates the last time the replication thread was activated'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
SINGLE-VALUE
NO-USER-MODIFICATION
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2338
DBNAME( 'replicationLastAc''replicationLastAc' )
ACCESS-CLASS system
LENGTH 32 )
attributetypes=( 1.3.18.0.2.4.2334
NAME 'ibm-replicationLastChangeId'
DESC 'Indicates last change ID successfully replicated for a
replication agreement'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE
NO-USER-MODIFICATION
USAGE directoryOperation)
IBMAttributetypes=( 1.3.18.0.2.4.2334
DBNAME( 'replicationLastCh''replicationLastCh' )
ACCESS-CLASS system
LENGTH 11 )
attributetypes=( 1.3.18.0.2.4.2335
NAME 'ibm-replicationLastFinishTime'
DESC 'Indicates the last time the replication thread completed
sending all of the pending entries.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
SINGLE-VALUE
NO-USER-MODIFICATION
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2335
DBNAME( 'replicationLastFi''replicationLastFi' )
ACCESS-CLASS system
LENGTH 30 )
attributetypes=( 1.3.18.0.2.4.2448
NAME 'ibm-replicationLastGlobalChangeId'
DESC 'Indicates the ID of the last global (applies to the entire
DIT, such as schema) change successfully replicated.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE
NO-USER-MODIFICATION
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2448
DBNAME( 'replicationLastGl''replicationLastGl' )
ACCESS-CLASS normal
LENGTH 11 )
attributetypes=( 1.3.18.0.2.4.2340
NAME 'ibm-replicationLastResult'
DESC 'Result of last attempted replication in the form:
<time><change ID><resultcode> <entry-dn> '
EQUALITY 2.5.13.2
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE NO-USER-MODIFICATION
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2340
DBNAME( 'replicationLastRe''replicationLastRe' )
ACCESS-CLASS system
LENGTH 2048 )
attributetypes=( 1.3.18.0.2.4.2332
NAME 'ibm-replicationLastResultAdditional'
DESC 'Provides any additional error information returned by the
consuming server in the message component of the LDAP result'
EQUALITY 2.5.13.2
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
NO-USER-MODIFICATION
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2332
BNAME( 'replicationLastAd''replicationLastAd' )
ACCESS-CLASS system
LENGTH 1024 )
attributetypes=( 1.3.18.0.2.4.2339
NAME 'ibm-replicationNextTime'
DESC 'Indicates next scheduled time for replication'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
SINGLE-VALUE
NO-USER-MODIFICATION
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2339
DBNAME( 'replicationNextTi''replicationNextTi' )
ACCESS-CLASS system
LENGTH 30 )
attributetypes=( 1.3.18.0.2.4.2333
NAME 'ibm-replicationPendingChangeCount'
DESC 'Indicates the total number of pending unreplicated changes for
this replication agreement'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE
NO-USER-MODIFICATION
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2333
DBNAME( 'replicationPendin''replicationPendin' )
ACCESS-CLASS system
LENGTH 12 )
attributetypes=( 1.3.18.0.2.4.2337
NAME 'ibm-replicationPendingChanges'
DESC 'Unreplicated change in the form
<change ID><operation> <dn>
where operation is ADD, DELETE, MODIFY, MODIFYDN'
EQUALITY 2.5.13.2
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
NO-USER-MODIFICATION
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2337
DBNAME( 'replicationPendch''replicationPendch' )
ACCESS-CLASS system
LENGTH 1100 )
attributetypes=( 1.3.18.0.2.4.2336
NAME 'ibm-replicationState'
DESC 'Indicates the state of the replication thread:
active, ready, waiting, suspended, or full; if full, the value will
indicate the amount of progress'
EQUALITY 1.3.6.1.4.1.1466.109.114.1
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE
NO-USER-MODIFICATION
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2336
DBNAME( 'replicationState''replicationState' )
ACCESS-CLASS system
LENGTH 240 )
attributetypes=( 1.3.18.0.2.4.2495
NAME 'ibm-replicationThisServerIsMaster'
DESC 'Indicates whether the server returning this attribute is a
master server for the subtree containing this entry.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE NO-USER-MODIFICATION
USAGE dSAOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2495
DBNAME( 'replThisSvrMast''replThisSvrMast' )
ACCESS-CLASS system
LENGTH 5 )
attributetypes=( 1.3.18.0.2.4.2328
NAME 'ibm-serverId'
DESC 'Advertises in the Root DSE the ibm-slapdServerId configuration
setting'
EQUALITY 1.3.6.1.4.1.1466.109.114.1
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE
NO-USER-MODIFICATION
USAGE dSAOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2328
DBNAME( 'serverId''serverId' )
ACCESS-CLASS system
LENGTH 240 )
attributetypes=( 1.3.18.0.2.4.2374
NAME 'ibm-slapdACLCache'
DESC 'Controls whether or not the server caches ACL information'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2374
DBNAME( 'ACLCache''ACLCache' )
ACCESS-CLASS normal
LENGTH 5 )
attributetypes=( 1.3.18.0.2.4.2373
NAME 'ibm-slapdACLCacheSize'
DESC 'Maximum number of entries to keep in the ACL Cache'
EQUALITY 2.5.13.14
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 S
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2373
DBNAME( 'slapdACLCacheSize''slapdACLCacheSize' )
ACCESS-CLASS normal
LENGTH 11 )
attributetypes=( 1.3.18.0.2.4.2428
NAME 'ibm-slapdAdminDN'
DESC 'Bind DN for ibmslapd administrator, e.g.: cn=root'
EQUALITY 2.5.13.1
ORDERING 1.3.18.0.2.4.405
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2428
DBNAME( 'slapdAdminDN''slapdAdminDN' )
ACCESS-CLASS critical
LENGTH 1000
EQUALITY ORDERING )
attributetypes=( 1.3.18.0.2.4.2425
NAME 'ibm-slapdAdminPW'
DESC 'Bind password for ibmslapd administrator.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
SINGLE-VALUE
SAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2425
DBNAME( 'slapdAdminPW''slapdAdminPW' )
ACCESS-CLASS critical )
attributetypes=( 1.3.18.0.2.4.2366
NAME 'ibm-slapdAuthIntegration'
DESC 'Specifies integration of LDAP administrator access with local
OS users. Legal values are : 0 - do not map local OS users to LDAP
administrator, 1 - map local OS users with proper authority to LDAP
administrator. This is supported only on i5/OS.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2366
DBNAME( 'slapdAuthIntegrat''slapdAuthIntegrat' )
ACCESS-CLASS system
LENGTH 11 )
attributetypes=( 1.3.18.0.2.4.2432
NAME 'ibm-slapdCLIErrors'
DESC 'File path or device on ibmslapd host machine to which DB2 CLI
error messages will be written. On Windows, forward slashes are
allowed, and a leading slash not preceded by a drive letter is
assumed to be rooted at the install directory (i.e.: /tmp/cli.errors
= D:\Program Files\IBM\ldap\tmp\cli.errors).'
EQUALITY 2.5.13.5
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2432
DBNAME( 'slapdCLIErrors''slapdCLIErrors' )
ACCESS-CLASS normal
LENGTH 1024 )
attributetypes=( 1.3.18.0.2.4.3147
NAME 'ibm-slapdCachedAttributeAutoAdjust'
DESC 'Specifies if autonomic attribute caching is to be enabled.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=(1.3.18.0.2.4.3147
DBNAME('slapdCachAttrAA''slapdCachAttrAA' )
ACCESS-CLASS normal
LENGTH 5)
attributetypes=( 1.3.18.0.2.4.3149
NAME 'ibm-slapdCachedAttributeAutoAdjustTime'
DESC 'Time to start autonomic attribute cache processing.
Values are in the form of Thhmmss where hh is hours, mm is minutes
and ss is seconds, using a 24 hour clock.'
EQUALITY 1.3.6.1.4.1.1466.109.114.2
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=(1.3.18.0.2.4.3149
DBNAME('slapdCachAttrAAT''slapdCachAttrAAT' )
ACCESS-CLASS normal
LENGTH 7)
attributetypes=( 1.3.18.0.2.4.3148
NAME 'ibm-slapdCachedAttributeAutoAdjustTimeInterval'
DESC 'Specifies the time interval, in hours,
for autonomic attribute cache processing.'
EQUALITY 2.5.13.14
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=(1.3.18.0.2.4.3148
DBNAME('slapdCachAttrAAI''slapdCachAttrAAI' )
ACCESS-CLASS normal
LENGTH 11)
attributetypes=( 1.3.18.0.2.4.3116
NAME 'ibm-slapdCryptoSync'
DESC 'A key stash file consistency marker string.
It is queried by the server at start up as part of
a verification process to ensure that the key stash
files match any data that has been two-way encrypted.'
EQUALITY 2.5.13.17
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
SINGLE-VALUE
NO-USER-MODIFICATION
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.3116
DBNAME('CryptoSync''CryptoSync' )
ACCESS-CLASS system )
attributetypes=( 1.3.18.0.2.4.2369
NAME 'ibm-slapdDB2CP'
DESC 'Specifies the Code Page of the directory database. 1208 is
the code page for UTF-8 databases.'
EQUALITY 2.5.13.5
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2369
DBNAME( 'slapdDB2CP''slapdDB2CP' )
ACCESS-CLASS normal
LENGTH 11 )
attributetypes=( 1.3.18.0.2.4.2431
NAME 'ibm-slapdDBAlias'
DESC 'The DB2 database alias.'
EQUALITY 2.5.13.5
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 S
INGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2431
DBNAME( 'slapdDBAlias''slapdDBAlias' )
ACCESS-CLASS normal L
LENGTH 8 )
attributetypes=( 1.3.18.0.2.4.2417
NAME 'ibm-slapdDbConnections'
DESC 'The number of DB2 connections the server will dedicate to the DB2
backend. The value must be 5 or greater. Additional connections may
be created for replication and change log.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2417
DBNAME( 'DbConnections''DbConnections' )
ACCESS-CLASS critical
LENGTH 2 )
ttributetypes=( 1.3.18.0.2.4.2418
NAME 'ibm-slapdDbInstance'
DESC 'The DB2 database instance for this backend.'
EQUALITY 2.5.13.5
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2418
DBNAME( 'slapdDbInstance''slapdDbInstance' )
ACCESS-CLASS critical
LENGTH 8 )
attributetypes=( 1.3.18.0.2.4.2382
NAME 'ibm-slapdDbLocation'
DESC 'The file system path where the backend database is located. On
UNIX or Linux this is usually the home directory of the DB2INSTANCE owner
(e.g.: /home/ldapdb2). On windows its just a drive specifier (e.g.: D:)'
EQUALITY 2.5.13.5
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2382
DBNAME( 'slapdDbLocation''slapdDbLocation' )
ACCESS-CLASS critical
LENGTH 1024 )
attributetypes=( 1.3.18.0.2.4.2426
NAME 'ibm-slapdDbName'
DESC 'The DB2 database name for this backend.'
EQUALITY 2.5.13.5
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2426
DBNAME( 'slapdDbName''slapdDbName' )
ACCESS-CLASS critical
LENGTH 8 )
attributetypes=( 1.3.18.0.2.4.2422
NAME 'ibm-slapdDbUserID'
DESC 'The user name with which to connect to the DB2 database for
this backend.'
EQUALITY 2.5.13.5
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2422
DBNAME( 'slapdDbUserID''slapdDbUserID' )
ACCESS-CLASS critical
LENGTH 8 )
attributetypes=( 1.3.18.0.2.4.2423
NAME 'ibm-slapdDbUserPW'
DESC 'The user password with which to connect to the DB2 database
for this backend.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2423
DBNAME( 'slapdDbUserPW' 'slapdDbUserPW' )
ACCESS-CLASS critical )
attributetypes=( OID TBD
NAME 'ibm-slapdDerefAliases'
DESC 'Maximum alias dereferencing level on search requests, regardless of
any derefAliases that may have been specified on the client requests. Allowed
values are "never", "find", "search" and "always".'
EQUALITY 2.5.13.2
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.3054
DBNAME( 'DerefAliases''DerefAliases' )
ACCESS-CLASS critical
LENGTH 6)
attributetypes=( 1.3.18.0.2.4.2449
NAME 'ibm-slapdDN' DESC 'This attribute is used to sort search
results by the entry DN (LDAP_ENTRY.DN column in the LDAPDB2
database).'
EQUALITY 2.5.13.1
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
SINGLE-VALUE NO-USER-MODIFICATION
USAGE dSAOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2449
DBNAME( 'LDAP_ENTRY''DN' )
ACCESS-CLASS system
LENGTH 1000 )
attributetypes=( 1.3.18.0.2.4.3287NAME 'ibm-slapdGroupMembersCacheBypassLimit'
DESC ‘Maximum number of members
that can be in a group in order for the group and its members to be cached
in the group members cache.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.3287
DBNAME( 'slapdGMCacheByp''slapdGMCacheByp')
ACCESS-CLASS normal
LENGTH 11)
attributetypes=( 1.3.18.0.2.4.3297
NAME NAME 'ibm-slapdGroupMembersCacheSize' DESC ‘Maximum number of group
entries whose members should be cached.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.3297
DBNAME('slapdGMCacheSiz''slapdGMCacheSiz')
ACCESS-CLASS normal
LENGTH 11)
attributetypes=( 1.3.18.0.2.4.3399
NAME NAME 'ibm-slapdProxyMaxPendingOpsPerClient’ DESC 'The maximum number of
operations that could be pending for a single backend server from a single
client connection. If not specified, defaults to 5'
EQUALITY 2.5.13.14
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.3399
DBNAME( 'ProxyMaxPendOps''ProxyMaxPendOps' )
ACCESS-CLASS critical
LENGTH 11)
attributetypes=( 1.3.18.0.2.4.2481
NAME 'ibm-supportedCapabilities'
DESC 'Lists capabilities supported, but necessarily enabled, by this
server.'
QUALITY 2.5.13.2
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
NO-USER-MODIFICATION
USAGE dSAOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2481
DBNAME( 'ibmsupportedCap''ibmsupportedCap' )
ACCESS-CLASS system
LENGTH 100 )
attributetypes=( 1.3.18.0.2.4.2421
NAME 'ibm-slapdEnableEventNotification'
DESC 'If set to FALSE, the server will reject all extended
operation requests to register for event notification with the
extended result LDAP_UNWILLING_TO_PERFORM.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2421
DBNAME( 'enableEvntNotify''enableEvntNotify')
ACCESS-CLASS critical
LENGTH 5 )
attributetypes=( 1.3.18.0.2.4.xxxx
NAME 'ibm-slapdEnablePersistentSearch'
DESC 'If set to FALSE, the server will ignore non-critical
persistent search control sent with a search request and
will return LDAP_UNWILLING_TO_PERFORM for critical persistent
search control sent with a search request'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.xxxx
DBNAME( 'enablePersistentSearch' )
ACCESS-CLASS critical
LENGTH 5 )
attributetypes=( 1.3.18.0.2.4.2372
NAME 'ibm-slapdEntryCacheSize'
DESC 'Maximum number of entries to keep in the entry cache'
EQUALITY 2.5.13.14
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=(1.3.18.0.2.4.2372
DBNAME( 'slapdRDBMCacheSiz''slapdRDBMCacheSiz' )
ACCESS-CLASS normal
LENGTH 11 )
attributetypes=( 1.3.18.0.2.4.2424
NAME 'ibm-slapdLog'
DESC 'File path or device on the ibmslapd host machine
to which error messages will be written. On Windows, forward
slashes are allowed, and a leading slash not preceded by a drive
letter is assumed to be rooted at the install directory (i.e.:
/tmp/slapd.errors = D:\Program Files\IBM\ldap\tmp\slapd.errors).'
EQUALITY 2.5.13.5
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2424
DBNAME( 'slapdErrorLog''slapdErrorLog' )
ACCESS-CLASS critical
LENGTH 1024 )
attributetypes=( 1.3.18.0.2.4.2371
NAME 'ibm-slapdFilterCacheBypassLimit'
DESC 'Search filters that match more than this number of entries
will not be added to the Search Filter cache. Because the list of
entry IDs that matched the filter are included in this cache, this
setting helps to limit memory use. A value of 0 indicates no
limit.'
EQUALITY 2.5.13.14
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUEUSAGE directoryOperation )
IBMAttributetypes=(1.3.18.0.2.4.2371
DBNAME( 'slapdRDBMCacheByp''slapdRDBMCacheByp' )
ACCESS-CLASS normal
LENGTH 11 )
attributetypes=( 1.3.18.0.2.4.2370
NAME 'ibm-slapdFilterCacheSize'
DESC 'Specifies the maximum number of entries to keep in the Search
Filter Cache.'
EQUALITY 2.5.13.14
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2370
DBNAME('slapdFilterCacheS''slapdFilterCacheS' )
ACCESS-CLASS normal
LENGTH 11)
attributetypes=( 1.3.18.0.2.4.2378
NAME 'ibm-slapdIdleTimeOut'
DESC 'Reserved for future use.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2378
DBNAME('SlapdIdleTimeOut''SlapdIdleTimeOut' )
ACCESS-CLASS critical
LENGTH 11)
attributetypes=( 1.3.18.0.2.4.2364
NAME 'ibm-slapdIncludeSchema'
DESC 'File path on the ibmslapd host machine containing schema
definitions used by the LDCF backend. Standard values are:
/etc/V3.system.at /etc/V3.system.oc
/etc/V3.ibm.at/etc/V3.ibm.oc /etc/V3.user.at /etc/V3.user.oc
/etc/V3.ldapsyntaxes /etc/V3.matchingrules/etc/V3.modifiedschema
On Windows, forward slashes are allowed, and a leading slash not
preceded by a drive letter is assumed to be rooted at the install
directory (i.e.: /etc/V3.system.at =
D:\Program Files\IBM\ldap\etc\V3.system.at).'
EQUALITY 2.5.13.5
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
USAGE directoryOperation )
IBMAttributetypes=(1.3.18.0.2.4.2364
DBNAME( 'slapdIncldeSchema''slapdIncldeSchema' )
ACCESS-CLASS critical
LENGTH 1024 )
attributetypes=( 1.3.18.0.2.4.2365
NAME 'ibm-slapdIpAddress'
DESC 'Specifies IP addresses the server will listen on. These can
be IPv4 or IPv6 addresses. If the attribute is not specified, the
server uses all IP addresses assigned to the host machine. This is
supported on i5/OS only.'
EQUALITY 1.3.6.1.4.1.1466.109.114.1
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2365
DBNAME('slapdIpAddress''slapdIpAddress' )
ACCESS-CLASS system
LENGTH 32 )
attributetypes=(1.3.18.0.2.4.2420
NAME 'ibm-slapdKrbAdminDN'
DESC 'Specifies the kerberos ID of the LDAP administrator (e.g.
ibm-kn=name@realm). Used when kerberos authentication is used to
authenticate the administrator when logged onto the Web Admin
interface. This is specified instead of adminDN and adminPW.'
EQUALITY 2.5.13.5
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUEUSAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2420
DBNAME( 'slapdKrbAdminDN''slapdKrbAdminDN' )
ACCESS-CLASS critical
LENGTH 512 )
attributetypes=( 1.3.18.0.2.4.2394
NAME 'ibm-slapdKrbEnable'
DESC 'Must be one of { TRUE | FALSE }. Specifies whether the
server supports kerberos authentication.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
USAGE directoryOperation)
IBMAttributetypes=( 1.3.18.0.2.4.2394
DBNAME( 'slapdKrbEnable''slapdKrbEnable')
ACCESS-CLASS critical
LENGTH 5 )
attributetypes=( 1.3.18.0.2.4.2419
NAME 'ibm-slapdKrbIdentityMap'
DESC 'If set to TRUE, when a client is authenticated with a
kerberos ID, the server will search for a local user with matching
kerberos credentials, and add that userDN to the connections
bind credentials. This allows ACLs based on LDAP user DNs to still
be usable with kerberos authentication.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2419
DBNAME('KrbIdentityMap''KrbIdentityMap' )
ACCESS-CLASS critical
LENGTH 5 )
attributetypes=(1.3.18.0.2.4.2416
NAME 'ibm-slapdKrbKeyTab'
DESC 'Specifies the LDAP servers keytab file. This file contains the
LDAP servers private key, as associated with its kerberos account.
This file should be protected (like the servers SSL key database
file).
On Windows, forward slashes are allowed, and a leading slash not
preceded by a drive letter (D:) is assumed to be rooted at the
install directory (i.e.: /tmp/slapd.errors =
D:\Program Files\IBM\ldap\tmp\slapd.errors).'
EQUALITY 2.5.13.5
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2416
DBNAME( 'slapdKrbKeyTab''slapdKrbKeyTab' )
ACCESS-CLASS critical
LENGTH 1024 )
attributetypes=( 1.3.18.0.2.4.2400
NAME 'ibm-slapdKrbRealm'
DESC 'Specifies the LDAP servers kerberos realm. Used to publish
the ldapservicename attribute in the root DSE. Note that an LDAP
server can serve as the repository of account information for
multiple KDCs (and realms), but the LDAP server, as a kerberos
server, can only be a member of a single realm.'
EQUALITY 2.5.13.2
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2400
DBNAME( 'slapdKrbRealm''slapdKrbRealm' )
ACCESS-CLASS critical
LENGTH 256 )
attributetypes=( 1.3.18.0.2.4.2415
NAME 'ibm-slapdLdapCrlHost'
DESC 'Specify the hostname of the LDAP server that contains the
Certificate Revocation Lists (CRLs) for validating client x.509v3
certificates. This parameter is needed when
ibm-slapdSslAuth=serverclientauth AND the client certificates
have been issued for CRL validation'
EQUALITY 2.5.13.2
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2415
DBNAME( 'LdapCrlHost' 'LdapCrlHost' )
ACCESS-CLASS critical
LENGTH 256 )
attributetypes=( 1.3.18.0.2.4.2407
NAME 'ibm-slapdLdapCrlPassword'
DESC 'Specify the password that server-side SSL will use to bind to
the LDAP server that contains the Certificate Revocation Lists
(CRLs) for validating client x.509v3certificates. This parameter
may be needed when ibm-slapdSslAuth=serverclientauth AND the client
certificates have been issued for CRL validation. Note: If the
LDAPserver holding the CRLs permits unauthenticated
access tothe CRLs (i.e. anonymous access), then
ibm-slapdLdapCrlPassword is not required.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2407
DBNAME( 'CrlPassword' 'CrlPassword' )
ACCESS-CLASS critical )
attributetypes=( 1.3.18.0.2.4.2404
NAME 'ibm-slapdLdapCrlPort'
DESC 'Specify the LDAP ibm-slapdPort used by the LDAP server that
contains the Certificate Revocation Lists (CRLs) for validating
client x.509v3 certificates. This parameter is needed when
ibm-slapdSslAuth=serverclientauth AND the client certificates have
been issued for CRL validation. (IP ports are unsigned, 16-bit
integers in the range 1 - 65535)'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE
USAGE directoryOperation )
BMAttributetypes=( 1.3.18.0.2.4.2404
DBNAME( 'LdapCrlPort''LdapCrlPort' )
ACCESS-CLASS critical
LENGTH 11 )
attributetypes=( 1.3.18.0.2.4.2403
NAME 'ibm-slapdLdapCrlUser'
DESC 'Specify the bindDN that server-side SSL will use to bind to
the LDAP server that contains the Certificate Revocation Lists
(CRLs)for validating client x.509v3 certificates. This parameter
may be needed when ibm-slapdSslAuth=serverclientauth AND the client
certificates have been issued for CRL validation.
Note:
If the LDAP server holding theCRLs permits unauthenticated access
to the CRLs (i.e. anonymous access), then ibm-slapdLdapCrlUser is
not required.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2403
DBNAME( 'LdapCrlUser''LdapCrlUser' )
ACCESS-CLASS critical
LENGTH 1000)
attributetypes=( 1.3.18.0.2.4.2409
NAME 'ibm-slapdMasterDN'
DESC 'Bind DN used by a replication supplier server. The value has
to match the replicaBindDN in the credentials object associated
with the replication agreement defined between the servers.
When kerberos is used to authenticate to the replica,
ibm-slapdMasterDNmust specify the DN representation of the
kerberos ID(e.g. ibm-kn=freddy@realm1). When kerberos is used,
MasterServerPW is ignored.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2409
DBNAME( 'MasterDN''MasterDN' )
ACCESS-CLASS critical
LENGTH 1000 )
attributetypes=(1.3.18.0.2.4.2411
NAME 'ibm-slapdMasterPW'
DESC 'Bind password used by a replication supplier. The value has to
match the replicaBindPW in the credentials object associated with
the replication agreement defined between the servers. When kerberos
is used, MasterServerPWis ignored.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
SINGLE-VALUE
USAGE directoryOperation)
IBMAttributetypes=( 1.3.18.0.2.4.2411
DBNAME( 'MasterPW''MasterPW' )
ACCESS-CLASS critical )
attributetypes=( 1.3.18.0.2.4.2401
NAME 'ibm-slapdMasterReferral'
DESC 'URL of a master replica server (e.g.:
ldaps://master.us.ibm.com:636)'
EQUALITY 2.5.13.2
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUEUSAGE directoryOperation)
IBMAttributetypes=( 1.3.18.0.2.4.2401
DBNAME( 'MasterReferral''MasterReferral')
ACCESS-CLASS critical
LENGTH 256 )
attributetypes=( 1.3.18.0.2.4.2412
NAME 'ibm-slapdMaxEventsPerConnection'
DESC 'Maximum number of event notifications which can be registered
per connection. Minimum = 0 (unlimited) Maximum = 2,147,483,647'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE
USAGE
directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2412
DBNAME( 'EventsPerCon''EventsPerCon' )
ACCESS-CLASS critical
LENGTH 11)
attributetypes=( 1.3.18.0.2.4.2405
NAME 'ibm-slapdMaxEventsTotal'
DESC 'Maximum total number of event notifications which canbe
registered for all connections. Minimum = 0 (unlimited) Maximum =
2,147,483,647'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2405
DBNAME( 'MaxEventsTotal''MaxEventsTotal' )
ACCESS-CLASS critical
LENGTH 11 )
attributetypes=( 1.3.18.0.2.4.2439
NAME 'ibm-slapdMaxNumOfTransactions'
DESC 'Maximum number of transactions active at one time, 0 = unlimited.'
EQUALITY 2.5.13.29
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2439
DBNAME( 'MaxNumOfTrans''MaxNumOfTrans' )
ACCESS-CLASS critical
LENGTH 11
EQUALITY ORDERING SUBSTR APPROX )
attributetypes=( 1.3.18.0.2.4.2385
NAME 'ibm-slapdMaxOpPerTransaction'
DESC 'Maximum number of operations per transaction. Minimum = 1 Maximum = 500'
EQUALITY 2.5.13.29
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2385
DBNAME( 'MaxOpPerTrans' 'MaxOpPerTrans' )
ACCESS-CLASS critical
LENGTH 11
EQUALITY ORDERING APPROX )
attributetypes=( 1.3.18.0.2.4.2386
NAME 'ibm-slapdMaxTimeLimitOfTransactions'
DESC 'The maximum timeout value of a pending transaction in
seconds. 0 = unlimited'
EQUALITY 2.5.13.29
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2386
DBNAME('MaxTimeOfTrans''MaxTimeOfTrans' )
ACCESS-CLASS critical
LENGTH 11
EQUALITYORDERINGAPPROX )
attributetypes=( 1.3.18.0.2.4.2500
NAME 'ibm-slapdMigrationInfo'
DESC 'Information used to control migration of a component.'
EQUALITY 2.5.13.2
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
USAGE directoryOperation )
IBMAttributetypes=(1.3.18.0.2.4.2500
DBNAME( 'slapdMigrationInf''slapdMigrationInf' )
ACCESS-CLASS critical
LENGTH 2048 )
attributetypes=( 1.3.18.0.2.4.2376
NAME 'ibm-slapdPagedResAllowNonAdmin'
DESC 'Whether or not the server should allow non-Administrator
bind for paged results requests on a search request. If the value
read from the ibmslapd.conf file is TRUE, the server will process
any client request, including those submitted by a user binding
anonymously. If the value read from the ibmslapd.conf file is
FALSE, the server will process only those client requests submitted
by a user with Administrator authority. If a client requests paged
results with a criticality of TRUE or FALSE for a search operation,
does not have Administrator authority, and the value read from the
ibmslapd.conf file for this attribute is FALSE, the server will
return to the client with return code insufficientAccessRights - no
searching or paging will be performed.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2376
DBNAME( 'SlapdPagedNonAdmn''SlapdPagedNonAdmn' )
ACCESS-CLASS critical
LENGTH 5 )
attributetypes=( 1.3.18.0.2.4.2380
NAME 'ibm-slapdPagedResLmt'
DESC 'Maximum number of outstanding paged results search requests
allowed active simultaneously. Range = 0.... If a client requests
a paged results operation, and a maximum number of outstanding paged
results are currently active, then the server will return to the
client with return code of busy - no searching or paging will be
performed.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2380
DBNAME( 'SlapdPagedResLmt''SlapdPagedResLmt' )
ACCESS-CLASS critical
LENGTH 11 )
attributetypes=( 1.3.18.0.2.4.2406
NAME 'ibm-slapdPlugin'
DESC 'A plug-in is a dynamically loaded library which extends the
capabilities of the server. An ibm-slapdPlugin attribute specifies
to the server how to load and initialize a plug-in library. The
syntax is: keyword filename init_function [args...]. The syntax
will be slightly different for each platform due to library
naming conventions.'
EQUALITY 2.5.13.5
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2406
DBNAME( 'slapdPlugin''slapdPlugin')
ACCESS-CLASS critical
LENGTH 2000 )
attributetypes=( 1.3.18.0.2.4.2408
NAME 'ibm-slapdPort'
DESC 'TCP/IP ibm-slapdPort used for non-SSL connections.
Cannot have the same value as ibm-slapdSecurePort. (IP ports are
unsigned, 16-bit integers in the range 1 - 65535)'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2408
DBNAME( 'slapdPort''slapdPort' )
ACCESS-CLASS critical
LENGTH 5 )
attributetypes=( 1.3.18.0.2.4.2402
NAME 'ibm-slapdPwEncryption'
DESC 'Must be one of { none | AES128 | AES192 | AES256 |crypt | sha | ssha | md5
| sha224 | sha256 | sha384 | sha512 | ssha224 | ssha256 | ssha384 | ssha512 }.
Specify the encoding mechanism for the user passwords before they are
stored in the directory. Defaults to none if unspecified. If the
value is set other than none, SASL digest-md5 bind will fail.'
EQUALITY 2.5.13.2
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=(1.3.18.0.2.4.2402
DBNAME( 'PwEncryption''PwEncryption' )
ACCESS-CLASS critical
LENGTH 6 )
attributetypes=( 1.3.18.0.2.4.2413
NAME 'ibm-slapdReadOnly'
DESC 'Must be one of { TRUE | FALSE }. Specifies whether
the backend can be written to. Defaults to FALSE if unspecified. If
set to TRUE, the server will return LDAP_UNWILLING_TO_PERFORM (0x35)
in response to any client request which would change data in the
readOnly database.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE
USAGE directoryOperation)
IBMAttributetypes=( 1.3.18.0.2.4.2413
DBNAME( 'ReadOnly''ReadOnly' )
ACCESS-CLASS critical
LENGTH 5 )
attributetypes=( 1.3.18.0.2.4.2487
NAME 'ibm-slapdReferral'
DESC 'Specify the referral LDAP URL to pass back when the local
suffixes do not match the request. Used for superior referral
(i.e. ibm-slapdSuffix is not within the servers naming context).'
EQUALITY 2.5.13.5
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2487
DBNAME( 'Referral''Referral' )
ACCESS-CLASS critical
LENGTH 32700)
attributeTypes=( 1.3.18.0.2.4.3641
NAME 'ibm-slapdReplicateSecurityAttributes'
DESC 'Attribute to enable replication of security attributes
between master and read-only replica so that password policy
for account lockout can be strongly enforced in replication
topologies'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE
USAGE directoryOperation )
attributetypes=( 1.3.18.0.2.4.2437
NAME 'ibm-slapdSchemaAdditions'
DESC 'File path on the ibmslapd host machine containing additional
schema definitions used by the LDCF backend. Standard values are:
/etc/V3.modifiedschema On Windows, forward slashes are allowed,
and a leading slash not preceded by a drive letter is assumed to be
rooted at the install directory (i.e.: /etc/V3.system.at=
D:\Program Files\IBM\ldap\etc\V3.system.at).'
EQUALITY 2.5.13.5
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
USAGE directoryOperation)
IBMAttributetypes=( 1.3.18.0.2.4.2437
DBNAME( 'slapdSchemaAdditi''slapdSchemaAdditi')
ACCESS-CLASS normal
LENGTH 1024)
attributetypes=( 1.3.18.0.2.4.2363
NAME 'ibm-slapdSchemaCheck'
DESC 'Must be one of { V2 | V3 | V3_lenient}. Specifies schema
checking mechanism for add/modify operation.V2 = perform LDAP v2
checking.V3 = perform LDAP v3 checking.V3_lenient = not ALL
parent object classes are required. Only the immediate object class
is needed when adding entries.'
EQUALITY 2.5.13.2
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2363
DBNAME( 'SchemaCheck''SchemaCheck' )
ACCESS-CLASS critical
LENGTH 10)
attributetypes=( 1.3.18.0.2.4.2398
NAME 'ibm-slapdSecurePort'
DESC 'TCP/IP port used for SSL connections. Cannot have the same
value as ibm-slapdPort. (IP ports are unsigned, 16-bit integers in
the range 1 - 65535)'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2398
DBNAME( 'SecurePort''SecurePort' )
ACCESS-CLASS critical
LENGTH 5)
attributeTypes=( 1.3.18.0.2.4.3637
NAME ( 'ibm-slapdSecurityProtocol' 'slapdSecurityProt' )
DESC 'Attribute used to set the protocol for secure communication.
The supported protocols are SSLV3, TLS10, TLS11, TLS12 and TLS13.'
EQUALITY 1.3.6.1.4.1.1466.109.114.1
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
USAGE directoryOperation )
attributetypes=( 1.3.18.0.2.4.2399
NAME 'ibm-slapdSecurity'
DESC 'Must be one of { none | SSL | SSLOnly }. Specifies types of
connections accepted by the server.none - server listens on
non-ssl port only.ssl - server listens onboth ssl and non-ssl
ports.sslonly - server listens on ssl port only.'
EQUALITY 2.5.13.2
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2399
DBNAME( 'Security''Security' )
ACCESS-CLASS critical
LENGTH 7)
attributetypes=( 1.3.18.0.2.4.2397
NAME 'ibm-slapdSetenv'
DESC 'Server executes putenv() for all values of ibm-slapdSetenv
at startup to modify its own runtime environment. Shell variables
(%PATH% or \24LANG)will not be expanded. The only current use for
this attribute is to set DB2CODEPAGE=1208, which is required if
using UCS-2 (Unicode) databases.'
EQUALITY 2.5.13.5
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
USAGE directoryOperation)
IBMAttributetypes=( 1.3.18.0.2.4.2397
DBNAME( 'slapdSetenv''slapdSetenv')
ACCESS-CLASS critical
LENGTH 2000)
attributetypes=( 1.3.18.0.2.4.2396
NAME 'ibm-slapdSizeLimit'
DESC 'Maximum number of entries to return from search, regardless of
any size limit that may have been specified on the client search
request. Range = 0.... If a client has passed a limit, then the
smaller value of the client value and the value read from
ibmslapd.conf will be used. If a client has not passed a limit and
has bound as admin DN, then the limit will be considered unlimited.
If the client has not passed a limit and has not bound as admin DN,
then the limit will be that which was read from ibmslapd.conf file.
0 = unlimited.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUEUSAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2396
DBNAME( 'SizeLimit''SizeLimit' )
ACCESS-CLASS critical
LENGTH 11)
attributetypes=(1.3.18.0.2.4.2381
NAME 'ibm-slapdSortKeyLimit'
DESC 'Maximum number of sort conditions (keys) that can be specified
on a single search request. Range = 0.... If a client has passed a
search request with more sort keys than the limit allows, and the
sorted search control criticality is FALSE, then the server will
honor the value read from ibmslapd.conf and ignore any sort keys
encountered after the limit has been reached - searching and
sorting will be performed. If a client has passed a search request
with more keys than the limit allows, and the sorted search control
criticality is TRUE, then the server will return to the client with
return code of adminLimitExceeded - no searching or sorting
will be performed.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2381
DBNAME( 'SlapdSortKeyLimit' 'SlapdSortKeyLimit' )
ACCESS-CLASS critical
LENGTH 11)
attributetypes=(1.3.18.0.2.4.2377
NAME 'ibm-slapdSortSrchAllowNonAdmin'
DESC 'Whether or not the server should allow non-Administrator bind
for sort on a search request. If the value read from the
ibmslapd.conf file is TRUE, the server will process any client
request, including those submitted by a user binding anonymously.
If the value read from the ibmslapd.conf file is FALSE, the server
will process only those client requests submitted by a user with
Administrator authority. If a client requests sort with a
criticality of TRUE for a search operation, does not have
Administrator authority, and the value read from the ibmslapd.conf
file for this attribute is FALSE, the server will return to the
client with return code insufficientAccessRights - no searching or
sorting will be performed.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE
USAGE directoryOperation)
IBMAttributetypes=( 1.3.18.0.2.4.2377
BNAME( 'SlapdSortNonAdmin''SlapdSortNonAdmin')
ACCESS-CLASS critical
LENGTH 5 )
attributetypes=( 1.3.18.0.2.4.2395
NAME 'ibm-slapdSslAuth'
DESC 'Must be one of { serverauth | serverclientauth}. Specify
authentication type for ssl connection.serverauth - supports
server authentication at the client.serverclientauth - supports
both server and client authentication.'
EQUALITY 2.5.13.2
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
USAGE directoryOperation)
IBMAttributetypes=( 1.3.18.0.2.4.2395
DBNAME( 'slapdSslAuth''slapdSslAuth')
ACCESS-CLASS critical
LENGTH 16)
attributetypes=( 1.3.18.0.2.4.2389
NAME 'ibm-slapdSslCertificate'
DESC 'Specify the label that identifies the servers Personal
Certificate in the key database file. This label is specified
when the servers private key and certificate are created with the
ikmgui application. If ibm-slapdSslCertificate is not defined, the
default private key, as defined in the key database file, is used by
the LDAP server for SSL connections.'
EQUALITY 2.5.13.5
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2389
DBNAME( 'SslCertificate' 'SslCertificate' )
ACCESS-CLASS critical
LENGTH 128 )
attributetypes=(1.3.18.0.2.4.2429
NAME 'ibm-slapdSslCipherSpec'
ESC 'SSL Cipher Spec Value must be set to DES-56, RC2-40-MD5,
RC4-128-MD5,RC4-128-SHA, RC4-40-MD5,TripleDES-168, or AES. It
identifies the allowable encryption/decryption methods for
establishing a SSL connection between LDAP clients and the server.'
EQUALITY 1.3.6.1.4.1.1466.109.114.1
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
USAGE directoryOperation )
IBMAttributetypes=(1.3.18.0.2.4.2429
DBNAME( 'slapdSslCipherSpe''slapdSslCipherSpe' )
ACCESS-CLASS normal
LENGTH 30)
attributetypes=( 1.3.18.0.2.4.2362
NAME 'ibm-slapdSslCipherSpecs'
DESC 'This attribute is deprecated in favor of
ibm-slapdSslCipherSpec. Specifies a decimal number which identifies
the allowable encryption/decryption methods for establishing a SSL
connection between LDAP client(s) and the server. This number
represents the availability of the encryption/decryption methods
supported by the LDAP server. The pre-defined Cipher values and
their descriptions are: SLAPD_SSL_TRIPLE_DES_SHA_US0x0A Triple DES
encryption with a 168-bit key and a SHA-1 MAC LAPD_SSL_DES_SHA_US
0x09DES encryption with a 56-bit key and a SHA-1 MAC
SLAPD_SSL_RC4_SHA_US 0x05 RC4 encryption with a 128-bit key and a
SHA-1 MAC SLAPD_SSL_RC4_MD5_US0x04 RC4 encryption with a 128-bit
key and a MD5 MAC SLAPD_SSL_RC4_MD5_EXPORT 0x03 RC4 encryption
with a 40-bit key and a MD5 MAC SLAPD_SSL_RC2_MD5_EXPORT 0x06 RC2
encryption with a 40-bit key and a MD5 MAC'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2362
DBNAME( 'SslCipherSpecs''SslCipherSpecs' )
ACCESS-CLASS critical
LENGTH 11 )
attributetypes=( 1.3.18.0.2.4.2375
NAME 'ibm-slapdSSLKeyDatabase'
DESC 'File path to the LDAP servers SSL key database file. This key
database file is used for handling SSL connections from LDAP
clients, as well as for creating secure SSL connections to replica
LDAP servers. On Windows, forward slashes are allowed, and a
leading slash not preceeded by a drive specifier (D:) is assumed to
be rooted at the install directory (i.e.:/etc/key.kdb = D:\Program
Files\IBM\ldap\etc\key.kdb).'
EQUALITY 2.5.13.5
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2375
DBNAME( 'slapdSSLKeyDataba' 'slapdSSLKeyDataba' )
ACCESS-CLASS critical
LENGTH 1024)
attributetypes=(1.3.18.0.2.4.2438
NAME 'ibm-slapdSSLKeyDatabasePW'
DESC 'Specify the password associated with the LDAP servers SSL key
database file, as specified on the ibm-slapdSslKeyDatabase
parameter. If the LDAP servers keydatabase file has an associated
password stash file, then the ibm-slapdSslKeyDatabasePW parameter
can be omitted, or set toibm-slapdSslKeyDatabasePW = none.
Note:
The password stash file must be located in the same
directory as the key database file and it must have the same file
name as the key database file, but with an extension of .sth,
instead of .kdb'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
SINGLE-VALUEUSAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2438
DBNAME( 'slapdSSLKeyDPW''slapdSSLKeyDPW' )
ACCESS-CLASS normal )
attributetypes=(1.3.18.0.2.4.2392
NAME 'ibm-slapdSslKeyRingFile'
DESC 'file path to the LDAP servers SSL key database file. This key
database file is used for handling SSL connections from LDAP
clients, as well as for creating secure SSL connections to replica
LDAP servers. On Windows, forward slashes are allowed, and a
leading slash not preceeded by a drive specifier (D:) is assumed to
be rooted at the install directory (i.e.:/etc/key.kdb =
D:\Program Files\IBM\ldap\etc\key.kdb).'
EQUALITY 2.5.13.5
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2392
DBNAME( 'SslKeyRingFile''SslKeyRingFile' )
ACCESS-CLASS critical
LENGTH 1024 )
attributetypes=( 1.3.18.0.2.4.2390
NAME 'ibm-slapdSslKeyRingFilePW'
DESC 'Specify the password associated with the LDAP servers SSL key
database file, as specified on the ibm-slapdSslKeyRingFile
parameter. If the LDAP servers key database file has an associated
password stash file, then the ibm-slapdSslKeyRingFilePW parameter
can be ommitted, or set to ibm-slapdSslKeyRingFilePW = none.
Note:
The password stash file must be located in the same
directory as the key database file and it must have the same file
name as the key database file, but with an extension of .sth,
instead of .kdb.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2390
DBNAME( 'SslKeyRingFilePW' 'SslKeyRingFilePW' )
ACCESS-CLASS critical )
attributetypes=( 1.3.18.0.2.4.2388
NAME 'ibm-slapdSuffix'
DESC 'Specifies a naming context to be stored in this backend.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
USAGE directoryOperation )
IBMAttributetypes=(1.3.18.0.2.4.2388
DBNAME( 'slapdSuffix''slapdSuffix' )
ACCESS-CLASS critical
LENGTH 1000 )
attributeTypes=( 1.3.18.0.2.4.3639
NAME 'ibm-slapdSuiteBMode'
DESC 'Attribute used to set the restrictive subset of
the NIST SP 800-131A specification.
The supported Suite B modes are 128 and 192'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE USAGE directoryOperation )
attributetypes=( 1.3.18.0.2.4.3687
NAME 'ibm-slapdTlsExtSigScheme'
DESC 'Attribute used to configure a server with the TLS signature scheme. The supported schemes include: GSK_TLS_SIG_SCHEME_RSA_PKCS1_SHA256, GSK_TLS_SIG_SCHEME_RSA_PKCS1_SHA384, GSK_TLS_SIG_SCHEME_RSA_PKCS1_SHA512, GSK_TLS_SIG_SCHEME_ECDSA_SECP256R1_SHA256, GSK_TLS_SIG_SCHEME_ECDSA_SECP384R1_SHA384, GSK_TLS_SIG_SCHEME_ECDSA_SECP521R1_SHA512, GSK_TLS_SIG_SCHEME_RSA_PSS_RSAE_SHA256, GSK_TLS_SIG_SCHEME_RSA_PSS_RSAE_SHA384, GSK_TLS_SIG_SCHEME_RSA_PSS_RSAE_SHA512, GSK_TLS_SIG_SCHEME_RSA_PSS_PSS_SHA256, GSK_TLS_SIG_SCHEME_RSA_PSS_PSS_SHA384, GSK_TLS_SIG_SCHEME_RSA_PSS_PSS_SHA512. The following legacy schemes are also available: GSK_TLS_SIG_SCHEME_RSA_PKCS1_SHA1, GSK_TLS_SIG_SCHEME_ECDSA_SHA1.'
EQUALITY 1.3.6.1.4.1.1466.109.114.1
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
USAGE directoryOperation )
attributetypes=( 1.3.18.0.2.4.3688
NAME 'ibm-slapdTlsExtSigSchemeCert'
DESC 'Attribute used to configure a server with the TLS signature schemes applicable for certificates. The supported schemes include: GSK_TLS_SIG_SCHEME_RSA_PKCS1_SHA256, GSK_TLS_SIG_SCHEME_RSA_PKCS1_SHA384, GSK_TLS_SIG_SCHEME_RSA_PKCS1_SHA512, GSK_TLS_SIG_SCHEME_ECDSA_SECP256R1_SHA256, GSK_TLS_SIG_SCHEME_ECDSA_SECP384R1_SHA384, GSK_TLS_SIG_SCHEME_ECDSA_SECP521R1_SHA512, GSK_TLS_SIG_SCHEME_RSA_PSS_RSAE_SHA256, GSK_TLS_SIG_SCHEME_RSA_PSS_RSAE_SHA384, GSK_TLS_SIG_SCHEME_RSA_PSS_RSAE_SHA512, GSK_TLS_SIG_SCHEME_RSA_PSS_PSS_SHA256, GSK_TLS_SIG_SCHEME_RSA_PSS_PSS_SHA384, GSK_TLS_SIG_SCHEME_RSA_PSS_PSS_SHA512.'
EQUALITY 1.3.6.1.4.1.1466.109.114.1
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
USAGE directoryOperation )
attributetypes=( 1.3.18.0.2.4.3689
NAME 'ibm-slapdTlsExtSupportedGroups'
DESC 'Attribute used to configure a server with the TLS 1.3 supported named elliptic curve groups for key exchange. The supported groups include: GSK_TLS_SUPPORTED_GROUP_ECDHE_X25519, GSK_TLS_SUPPORTED_GROUP_ECDHE_SECP256R1, GSK_TLS_SUPPORTED_GROUP_ECDHE_SECP384R1, GSK_TLS_SUPPORTED_GROUP_ECDHE_SECP521R1, GSK_TLS_SUPPORTED_GROUP_ECDHE_X448.'
EQUALITY 1.3.6.1.4.1.1466.109.114.1
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
USAGE directoryOperation )
attributetypes=( 1.3.18.0.2.4.2480
NAME 'ibm-slapdSupportedWebAdmVersion'
DESC 'This attribute defines the earliest version of the web
administration console that supports configuration of this server.'
EQUALITY 2.5.13.2
ORDERING 2.5.13.3
SUBSTR 2.5.13.4
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2480
DBNAME( 'slapdSupWebAdmVer''slapdSupWebAdmVer')
ACCESS-CLASS normal
LENGTH 256 )
attributetypes=( 1.3.18.0.2.4.2393
NAME 'ibm-slapdSysLogLevel'
DESC 'Must be one of { l | m | h }. Level at which debugging and
operation statistics are logged in ibmslapd.log file. h - high
(verbose), m - medium, l - low (terse).'
EQUALITY 2.5.13.2
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=(1.3.18.0.2.4.2393
DBNAME( 'SysLogLevel''SysLogLevel' )
ACCESS-CLASS critical
LENGTH 1 )
attributetypes=( 1.3.18.0.2.4.3412
NAME'ibm-slapdTombstoneEnabled’
DESC 'Enable or Disable tombstones to record deleted entries.
The default value is FALSE’
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE
USAGE directoryOperation)
IBMAttributetypes=( 1.3.18.0.2.4.3412
DBNAME( 'slapdTSEnabled''slapdTSEnabled' )
ACCESS-CLASS normal
LENGTH 5 )
attributetypes=( 1.3.18.0.2.4.3413
NAME 'ibm-slapdTombstoneLifetime’
DESC 'Specifies the time in hours that tombstones may live.
When the time limit is reached the tombstones will be deleted
from the database.'
EQUALITY 2.5.13.14
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.3413
DBNAME( 'slapdTSLifetime''slapdTSLifetime' )
ACCESS-CLASS normal
LENGTH 11 )
attributetypes=( 1.3.18.0.2.4.2391
NAME'ibm-slapdTimeLimit'
DESC 'Maximum number of number of seconds to spend on search
request, regardless of any time limit that may have been specified
on the client request. Range = 0.... If a client has passed a
limit, then the smaller value of the client value and the value
read from ibmslapd.conf will be used. If a client has not passed a
limit and has bound as admin DN, then the limit will be considered
unlimited. If the client has not passed a limit and has not bound as
admin DN, then the limit will be that which was read from
ibmslapd.conf file. 0 = unlimited.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE
USAGE directoryOperation)
IBMAttributetypes=( 1.3.18.0.2.4.2391
DBNAME( 'TimeLimit''TimeLimit')
ACCESS-CLASS critical
LENGTH 11 )
attributetypes=( ibm-slapdStartupTraceEnabled-oid
NAME 'ibm-slapdTraceEnabled'
DESC 'Must be one of { TRUE | FALSE }. Specifies whether trace information is to be
collected at server startup'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( ibm-slapdStartupTraceEnabled-oid
ACCESS-CLASS normal
LENGTH 5 )
attributetypes=( ibm-slapdTraceMessageLevel-oid
NAME 'ibm-slapdTraceMessageLevel'
DESC 'any value that would be acceptable after the command line -h option, sets
Debug message level'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( ibm-slapdTraceMessageLevel-oid
ACCESS-CLASS normal
LENGTH 16 )
attributetypes=( ibm-slapdTraceMessageLog-oid
NAME 'ibm-slapdTraceMessageLog'
DESC 'File path or device on ibmslapd host machine to which
LDAP C API and Debug macro messages will be written.
On Windows, forward slashes are allowed, and a leading
slash not preceded by a drive letter is assumed to be rooted at
the install directory
(i.e., /tmp/tracemsg.log = C:\Program Files\IBM\ldap\tmp\tracemsg.log).'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( ibm-slapdTraceMessageLog-oid
ACCESS-CLASS normal
LENGTH 1024 )
attributetypes=( 1.3.18.0.2.4.2384
NAME 'ibm-slapdTransactionEnable'
DESC 'If FALSE, globally disables transaction support; the server
will reject all StartTransaction requests with the response
LDAP_UNWILLING_TO_PERFORM.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2384
DBNAME('TransactionEnable''TransactionEnable' )
ACCESS-CLASS critical
LENGTH 5 )
attributeTypes=( 1.3.18.0.2.4.3638 NAME 'ibm-slapdUniqueAttrForBindWithValue' DESC
'Configuration attribute used for enabling binds using value of a unique attribute.
For example, mail, employeeNumber etc.' EQUALITY 2.5.13.2
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE USAGE directoryOperation )
attributeTypes=( 1.3.18.0.2.4.3646 NAME 'ibm-slapdBindWithUniqueAttrsEnabled' DESC
'Configuration attribute used for enabling binds using combination of a unique attribute and
value. For example, mail=xyz@ibm.com, employeeNumber=123456 etc.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 {5}
SINGLE-VALUE
USAGE directoryOperation
)
attributetypes=( 1.3.18.0.2.4.2499
NAME 'ibm-slapdUseProcessIdPW'
DESC 'If set to true the server will use the user login ID
associated with the ibmslapd process to connect to the database. If
set to false the server will use the ibm-slapdDbUserID and
ibm-slapdDbUserPW values to connect to the database.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2499
DBNAME( 'useprocidpw''useprocidpw' )
ACCESS-CLASS normal
LENGTH 5 )
attributetypes=( 1.3.18.0.2.4.2436
NAME 'ibm-slapdVersion'
DESC 'IBM Slapd version Number'
EQUALITY 2.5.13.5
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2436
DBNAME( 'slapdVersion''slapdVersion' )
ACCESS-CLASS normal
LENGTH 1024 )
attributetypes=( 1.3.18.0.2.4.2327
NAME 'ibm-supportedReplicationModels'
DESC 'Advertises in the Root DSE the OIDs of replication models
supported by the server'
EQUALITY 1.3.6.1.4.1.1466.109.114.1
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
NO-USER-MODIFICATION
USAGE dSAOperation )
IBMAttributetypes=( 1.3.18.0.2.4.2327
DBNAME( 'supportedReplicat''supportedReplicat' )
ACCESS-CLASS system
LENGTH 240 )
attributetypes=( 1.3.18.0.2.4.470
NAME 'IBMAttributeTypes'
DESC ''
EQUALITY 2.5.13.2
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.470
DBNAME( 'IBMAttributeTypes''IBMAttributeTypes' )
ACCESS-CLASS normal
LENGTH 256 )
attributetypes=( 1.3.6.1.4.1.1466.101.120.16
NAME 'ldapSyntaxes'
DESC 'Servers MAY use this attribute to list the syntaxes which are
implemented. Each value corresponds to one syntax.'
EQUALITY 2.5.13.30
SYNTAX 1.3.6.1.4.1.1466.115.121.1.54
USAGE directoryOperation )
IBMAttributetypes=( 1.3.6.1.4.1.1466.101.120.16
DBNAME( 'ldapSyntaxes''ldapSyntaxes' )
ACCESS-CLASS system
LENGTH 256 EQUALITY )
attributetypes=( 2.5.21.4
NAME 'matchingRules'
DESC 'This attribute is typically located in the subschema entry.'
EQUALITY 2.5.13.30
SYNTAX 1.3.6.1.4.1.1466.115.121.1.30
USAGE directoryOperation )
IBMAttributetypes=( 2.5.21.4
DBNAME( 'matchingRules''matchingRules' )
ACCESS-CLASS system
LENGTH 256
EQUALITY )
attributetypes=( 2.5.21.8
NAME 'matchingRuleUse'
DESC 'This attribute is typically located in the subschema entry.'
EQUALITY 2.5.13.30
SYNTAX 1.3.6.1.4.1.1466.115.121.1.31
USAGE directoryOperation )
IBMAttributetypes=( 2.5.21.8
DBNAME( 'matchingRuleUse''matchingRuleUse' )
ACCESS-CLASS system
LENGTH 256
EQUALITY )
attributetypes=( 2.5.4.31
NAME 'member'
DESC 'Identifies the distinguished names for each member of the group.'
SUP 2.5.4.49
EQUALITY 2.5.13.1
USAGE userApplications )
IBMAttributetypes=( 2.5.4.31
DBNAME( 'member''member' )
ACCESS-CLASS normal
LENGTH 1000
EQUALITY )
attributetypes=( 2.5.18.4
NAME 'modifiersName'
DESC 'Contains the last modifier of a directory entry.'
EQUALITY 2.5.13.1 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
SINGLE-VALUE
NO-USER-MODIFICATION
USAGE directoryOperation )
IBMAttributetypes=( 2.5.18.4
DBNAME( 'ldap_entry''modifier' )
ACCESS-CLASS system
LENGTH 1000
EQUALITY )
attributetypes=( 2.5.18.2
NAME 'modifyTimestamp'
DESC 'Contains the time of the last modification of the directory
entry.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
SINGLE-VALUE
NO-USER-MODIFICATION
USAGE directoryOperation )
IBMAttributetypes=( 2.5.18.2
DBNAME( 'ldap_entry''modify_Timestamp' )
ACCESS-CLASS system
LENGTH 26 )
attributetypes=( 2.5.4.41
NAME 'name' DESC 'The name attribute type
is the attribute supertype from which string attribute types
typically used for naming may be formed. It is unlikely that values
of this type itself will occur in an entry.'
EQUALITY 1.3.6.1.4.1.1466.109.114.2
SUBSTR 2.5.13.4
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
USAGE userApplications )
IBMAttributetypes=( 2.5.4.41
DBNAME( 'name''name' )
ACCESS-CLASS normal
LENGTH 32700
EQUALITY
SUBSTR )
attributetypes=( 2.5.21.7
NAME 'nameForms'
DESC 'This attribute is typically located in the subschema entry.'
EQUALITY 2.5.13.30
SYNTAX 1.3.6.1.4.1.1466.115.121.1.35
USAGE directoryOperation )
IBMAttributetypes=( 2.5.21.7
DBNAME( 'nameForms''nameForms' )
ACCESS-CLASS normal
LENGTH 256
EQUALITY )
attributetypes=( 1.3.6.1.4.1.1466.101.120.5
NAME 'namingContexts'
DESC 'The values of this attribute correspond to naming contexts
which this server masters or shadows.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
USAGE dSAOperation )
IBMAttributetypes=( 1.3.6.1.4.1.1466.101.120.5
DBNAME( 'namingContexts''namingContexts' )
ACCESS-CLASS normal
LENGTH 1000 )
attributetypes=( 2.16.840.1.113730.3.1.11
NAME 'newSuperior'
DESC 'Specifies the name of the entry that will become the
immediate superior of the existing entry, when processing a modDN
operation.'
EQUALITY 2.5.13.1
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
SINGLE-VALUE
NO-USER-MODIFICATION
USAGE userApplications )
IBMAttributetypes=( 2.16.840.1.113730.3.1.11
DBNAME( 'newSuperior''newSuperior' )
ACCESS-CLASS normal
LENGTH 1000
EQUALITY APPROX )
attributetypes=( 1.3.1.1.4.1.453.16.2.103
NAME 'numSubordinates'
DESC 'Counts the number of children of this entry.'
EQUALITY 2.5.13.14
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE
NO-USER-MODIFICATION
USAGE directoryOperation )
IBMAttributetypes=( 1.3.1.1.4.1.453.16.2.103
DBNAME( 'numSubordinates''numSubordinates' )
ACCESS-CLASS system
LENGTH 11
attributetypes=( 2.5.4.10
NAME ( 'o''organizationName' 'organization')
DESC 'This attribute contains the name of an organization (organizationName).'
SUP 2.5.4.41
EQUALITY 1.3.6.1.4.1.1466.109.114.2
SUBSTR 2.5.13.4
USAGE userApplications )
IBMAttributetypes=( 2.5.4.10
DBNAME( 'o''o' )
ACCESS-CLASS normal
LENGTH 128 )
attributetypes=( 2.5.4.0
NAME 'objectClass'
DESC 'The values of the objectClass attribute describe the kind of
object which an entry represents.'
EQUALITY 2.5.13.0
SYNTAX 1.3.6.1.4.1.1466.115.121.1.38
USAGE userApplications )
IBMAttributetypes=( 2.5.4.0
DBNAME( 'objectClass''objectClass' )
ACCESS-CLASS normal
LENGTH 128
EQUALITY )
attributetypes=( 2.5.21.6
NAME 'objectClasses'
DESC 'This attribute is typically located in the subschema entry.'
EQUALITY 2.5.13.30
SYNTAX 1.3.6.1.4.1.1466.115.121.1.37
USAGE directoryOperation )
IBMAttributetypes=( 2.5.21.6
DBNAME( 'objectClasses''objectClasses' )
ACCESS-CLASS system
LENGTH 256
EQUALITY )
attributetypes=( 1.3.18.0.2.4.289
NAME 'ownerPropagate'
DESC 'Indicates whether the entryOwner applies on entry or subtree.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.289
DBNAME( 'ownerPropagate''ownerPropagate' )
ACCESS-CLASS restricted
LENGTH 5 )
attributetypes=( 2.5.4.11
NAME ( 'ou''organizationalUnit' 'organizationalUnitName')
DESC 'This attribute contains the name of an organization (organizationName).'
SUP 2.5.4.41
EQUALITY 1.3.6.1.4.1.1466.109.114.2
SUBSTR 2.5.13.4
USAGE userApplications )
IBMAttributetypes=( 2.5.4.11
DBNAME( 'ou''ou' )
ACCESS-CLASS normal
LENGTH 128 )
attributetypes=( 2.5.4.32
NAME 'owner'
DESC 'Identifies the distinguished name (DN) of the person responsible
for the entry.'
SUP 2.5.4.49
EQUALITY 2.5.13.1
USAGE userApplications )
IBMAttributetypes=( 2.5.4.32
DBNAME( 'owner''owner' )
ACCESS-CLASS normal
LENGTH 1000 )
attributetypes=( 1.3.18.0.2.4.290
NAME 'ownerSource'
DESC 'Indicates the distinguished name of the entry whose entryOwner
value is being applied to the entry.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.290
DBNAME( 'ownerSource''ownerSource' )
ACCESS-CLASS system
LENGTH 1000 )
attributetypes=( 1.3.6.1.4.1.42.2.27.8.1.17
NAME 'pwdAccountLockedTime'
DESC 'Specifies the time that the users account was locked'
EQUALITY 2.5.13.27
ORDERING 2.5.13.28
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.6.1.4.1.42.2.27.8.1.17
DBNAME( 'pwdAccLockTime''pwdAccLockTime' )
ACCESS-CLASS critical
LENGTH 30 )
attributetypes=( 1.3.6.1.4.1.42.2.27.8.1.16
NAME 'pwdChangedTime'
DESC 'Specifies the last time the entrys password was changed'
EQUALITY 2.5.13.27
ORDERING 2.5.13.28
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.6.1.4.1.42.2.27.8.1.16
DBNAME( 'pwdChangedTime''pwdChangedTime' )
ACCESS-CLASS critical
LENGTH 30 )
attributetypes=( 1.3.6.1.4.1.42.2.27.8.1.18
NAME 'pwdExpirationWarned'
DESC 'The time the user was first warned about the coming expiration
of the password'
EQUALITY 2.5.13.27
ORDERING 2.5.13.28
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.6.1.4.1.42.2.27.8.1.18
DBNAME( 'pwdExpireWarned''pwdExpireWarned' )
ACCESS-CLASS critical
LENGTH 30)
attributetypes=( 1.3.6.1.4.1.42.2.27.8.1.19
NAME 'pwdFailureTime'
DESC 'The timestamps of the last consecutive authentication
failures'
EQUALITY 2.5.13.27
ORDERING 2.5.13.28
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
USAGE directoryOperation )
IBMAttributetypes=( 1.3.6.1.4.1.42.2.27.8.1.19
DBNAME( 'pwdFailureTime''pwdFailureTime' )
ACCESS-CLASS critical
LENGTH 30 )
attributetypes=( 1.3.6.1.4.1.42.2.27.8.1.21
NAME 'pwdGraceUseTime'
DESC 'The timestamps of the grace login once the password has
expired'
EQUALITY 2.5.13.27
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
USAGE directoryOperation )
IBMAttributetypes=( 1.3.6.1.4.1.42.2.27.8.1.21
DBNAME( 'pwdGraceUseTime''pwdGraceUseTime' )
ACCESS-CLASS critical
LENGTH 30)
attributetypes=( 1.3.6.1.4.1.42.2.27.8.1.20
NAME 'pwdHistory'
DESC 'The history of users passwords'
EQUALITY 2.5.13.5
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
USAGE directoryOperation )
IBMAttributetypes=( 1.3.6.1.4.1.42.2.27.8.1.20
DBNAME( 'pwdHistory''pwdHistory' )
ACCESS-CLASS critical
LENGTH 1024 )
attributetypes=( 1.3.6.1.4.1.42.2.27.8.1.22
NAME 'pwdReset'
DESC 'Indicates that the password has been reset.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.6.1.4.1.42.2.27.8.1.22
DBNAME( 'pwdReset''pwdReset' )
ACCESS-CLASS critical
LENGTH 5 )
attributetypes=( 1.3.18.0.2.4.299
NAME 'replicaBindDN'
DESC 'Distinguished name to use on LDAP bind to the remote replica'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.299
DBNAME( 'replicaBindDN''replicaBindDN' )
ACCESS-CLASS critical
LENGTH 1000 )
attributetypes=( 1.3.18.0.2.4.302
NAME 'replicaBindMethod'
DESC 'LDAP bind type to use on LDAP bind to replica.'
EQUALITY 2.5.13.2
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.302
DBNAME( 'replicaBindMethod''replicaBindMethod' )
ACCESS-CLASS normal
LENGTH 100 )
attributetypes=( 1.3.18.0.2.4.300
NAME ( 'replicaCredentials''replicaBindCredentials')
DESC 'Credentials to use on LDAP bind to the remote replica'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.300
DBNAME( 'replicaCred''replicaCred' )
ACCESS-CLASS critical )
attributetypes=( 1.3.18.0.2.4.298
NAME 'replicaHost'
DESC 'Hostname of the remote replica'
EQUALITY 2.5.13.2
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.298
DBNAME( 'replicaHost''replicaHost' )
ACCESS-CLASS normal
LENGTH 100 )
attributetypes=( 1.3.18.0.2.4.301
NAME 'replicaPort'
DESC 'TCP/IP port that the replica server is listening on.'
EQUALITY 2.5.13.2
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.301
DBNAME( 'replicaPort''replicaPort' )
ACCESS-CLASS normal
LENGTH 10 )
attributetypes=( 1.3.18.0.2.4.304
NAME 'replicaUpdateTimeInterval'
DESC 'Specifies the time between replica update transmissions from
master to slave replica.'
EQUALITY 2.5.13.2
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.304
DBNAME( 'replicaUpdateInt''replicaUpdateInt' )
ACCESS-CLASS normal
LENGTH 20 )
attributetypes=( 1.3.18.0.2.4.303
NAME 'replicaUseSSL'
DESC 'Signifies whether replication flows should be protected using
SSL communications.'
EQUALITY 2.5.13.2
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.303
DBNAME( 'replicaUseSSL''replicaUseSSL' )
ACCESS-CLASS normal
LENGTH 10 )
attributetypes=( 2.16.840.1.113730.3.1.34
NAME 'ref'
DESC 'standard Attribute'
EQUALITY 2.5.13.5
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
USAGE userApplications )
IBMAttributetypes=( 2.16.840.1.113730.3.1.34
DBNAME( 'ref''ref' )
ACCESS-CLASS normal
LENGTH 100 )
attributetypes=( 2.5.4.34
NAME 'seeAlso'
DESC 'Identifies another Directory Server entry that may contain information
related to this entry.'
SUP 2.5.4.49
EQUALITY 2.5.13.1
USAGE userApplications )
IBMAttributetypes=( 2.5.4.34
DBNAME( 'seeAlso''seeAlso' )
ACCESS-CLASS normal
LENGTH 1000 )
attributetypes=( 2.5.18.10
NAME 'subschemaSubentry'
DESC 'The value of this attribute is the name of a subschema entry
in which the server makes available attributes specifying the
schema.'
EQUALITY 2.5.13.1
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE
NO-USER-MODIFICATION
USAGE directoryOperation )
IBMAttributetypes=( 2.5.18.10
DBNAME( 'subschemaSubent''subschemaSubent' )
ACCESS-CLASS system
LENGTH 1000
EQUALITY )
attributetypes=( 1.3.18.0.2.4.819
NAME 'subtreeSpecification'
DESC 'Identifies a collection of entries that are located at the
vertices of a single subtree.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
NO-USER-MODIFICATION
USAGE directoryOperation )
IBMAttributetypes=( 1.3.18.0.2.4.819
DBNAME( 'subtreeSpec''subtreeSpec' )
ACCESS-CLASS system
LENGTH 2024 )
attributetypes=( 1.3.6.1.4.1.1466.101.120.7
NAME 'supportedExtension'
DESC 'The values of this attribute are OBJECT IDENTIFIERs
identifying the supported extended operations which the server
supports.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.38
USAGE dSAOperation )
IBMAttributetypes=( 1.3.6.1.4.1.1466.101.120.7
DBNAME( 'supportedExtensio''supportedExtensio' )
ACCESS-CLASS normal
LENGTH 256 )
attributetypes=( 1.3.6.1.4.1.1466.101.120.15
NAME 'supportedLDAPVersion'
DESC 'The values of this attribute are the versions of the LDAP
protocol which the server implements.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
USAGE dSAOperation )
IBMAttributetypes=( 1.3.6.1.4.1.1466.101.120.15
DBNAME( 'supportedLDAPVers''supportedLDAPVers' )
ACCESS-CLASS normal
LENGTH 11 )
attributetypes=( 1.3.6.1.4.1.1466.101.120.14
NAME 'supportedSASLMechanisms'
DESC 'The values of this attribute are the names of supported SASL
mechanisms which the server supports.'
EQUALITY 2.5.13.2
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
USAGE dSAOperation )
IBMAttributetypes=( 1.3.6.1.4.1.1466.101.120.14
DBNAME( 'supportedSASLMech''supportedSASLMech' )
ACCESS-CLASS normal LENGTH 2048)
attributetypes=( 2.16.840.1.113730.3.1.6
NAME 'targetDN'
DESC 'Defines the distinguished name of an entry that was added,
modified, or deleted on a supplier server. In the case of a modrdn
operation, the targetDn contains the distinguished name of the
entry before it was modified.'
EQUALITY 2.5.13.1
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
SINGLE-VALUE
NO-USER-MODIFICATION
USAGE userApplications )
IBMAttributetypes=( 2.16.840.1.113730.3.1.6
DBNAME( 'targetDN''targetDN' )
ACCESS-CLASS normal
LENGTH 1000
EQUALITY APPROX)
{-COMMENT-}Attributes added for FDProxy{-ECOMMENT-}attributetypes=(
1.3.18.0.2.4.3683
NAME 'ibm-slapdFDProxyAdminDN'
DESC 'Bind DN for Virtual Directory admin user.'
EQUALITY distinguishedNameMatch
ORDERING distinguishedNameOrderingMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 {1000}
SINGLE-VALUE
USAGE directoryOperation
)
attributetypes=( 1.3.18.0.2.4.3682
NAME 'ibm-slapdFDProxyAdminPW'
DESC 'Bind password for the Fedreted Directory Proxy Server admin
user.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 {128}
SINGLE-VALUE
USAGE directoryOperation
)
attributetypes=( 1.3.18.0.2.4.3685
NAME 'ibm-slapdFDProxyAdminRole'
DESC 'Administrative role associated with the admin user of Fedreted
Directory Proxy Server. Role can be one of Admin, Writer and Reader.'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
ORDERING caseIgnoreOrderingMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 {100}
SINGLE-VALUE
USAGE directoryOperation
)
attributetypes=( 1.3.18.0.2.4.3684
NAME 'ibm-slapdFDProxyAttrMap'
DESC 'Map of Federeted Directory Proxy Server attribute to backend
server attribute. Format <FDProxy attribute> $ <Backend attribute>
$ [ normal | critical | sensitive ] '
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 {1024}
USAGE directoryOperation
)
attributetypes=( 1.3.18.0.2.4.3679
NAME 'ibm-slapdFDProxyBackendGroupOCName'
DESC 'List of the group entity object class names supported by the
backend server configured with Virtual Directory'
EQUALITY caseIgnoreMatch
ORDERING caseIgnoreOrderingMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 {1024}
USAGE directoryOperation
)
attributetypes=( 1.3.18.0.2.4.3681
NAME 'ibm-slapdFDProxyBackendMemberAttr'
DESC 'List of the member attribute names of group entity supported
by the backend server configured with Virtual Directory.'
EQUALITY caseIgnoreMatch
ORDERING caseIgnoreOrderingMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 {1024}
USAGE directoryOperation
)
attributetypes=( 1.3.18.0.2.4.3680
NAME 'ibm-slapdFDProxyBackendOrgOCName'
DESC 'List of the organizational entity object class names supported
by the backend server configured with Virtual Directory.'
EQUALITY caseIgnoreMatch
ORDERING caseIgnoreOrderingMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 {1024}
USAGE directoryOperation
)
attributetypes=( 1.3.18.0.2.4.3678
NAME 'ibm-slapdFDProxyBackendPersonOCName'
DESC 'List of the person entity object class names supported by the
backend server configured with Virtual Directory.'
EQUALITY caseIgnoreMatch
ORDERING caseIgnoreOrderingMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 {1024}
USAGE directoryOperation
)
attributetypes=( 1.3.18.0.2.4.3677
NAME 'ibm-slapdFDProxyBackendPriority'
DESC 'Priority associated with the backend server / cluster of servers,
1 being highest'
EQUALITY integerMatch
ORDERING integerOrderingMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 {11}
SINGLE-VALUE
USAGE directoryOperation
)
attributetypes=( 1.3.18.0.2.4.3676
NAME 'ibm-slapdFDProxyBackendReadOnly'
DESC 'Specifies if the server / server cluster is read-only. Default
value is false.'
EQUALITY booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 {5}
SINGLE-VALUE
USAGE directoryOperation
)
attributetypes=( 1.3.18.0.2.4.3675
NAME 'ibm-slapdFDProxyBackendRole'
DESC 'Specifies the role of the backend server configured with the
Federated Directory Sever Proxy. Role can be one of AuthenticationServer,
UpdateServer, ReadServer.'
EQUALITY caseIgnoreMatch
ORDERING caseIgnoreOrderingMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 {1024}
SINGLE-VALUE
USAGE directoryOperation
)
attributetypes=( 1.3.18.0.2.4.3674
NAME 'ibm-slapdFDProxyBackendSuffix'
DESC 'Specifies the backend server / server cluster suffix. This suffix
is mapped to Fedreted Directory Proxy Server suffix ibm-slapdFDProxySuffix.'
EQUALITY distinguishedNameMatch
ORDERING distinguishedNameOrderingMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 {1000}
SINGLE-VALUE
USAGE directoryOperation
)
attributetypes=( 1.3.18.0.2.4.3673
NAME 'ibm-slapdFDProxyBackendUniqueAttr'
DESC 'Specifies the unique attribute for the backend server configured
with Virtual Directory.'
EQUALITY caseIgnoreMatch
ORDERING caseIgnoreOrderingMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 {1024}
SINGLE-VALUE
USAGE userApplications
)
attributetypes=( 1.3.18.0.2.4.3672
NAME 'ibm-slapdFDProxyEnableIdentityJoin'
DESC 'Specifies whether the user profiles stored in different backend
servers, belonging to a given user should be joined during search
on the user. Default value is false.'
EQUALITY booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 {5}
SINGLE-VALUE
USAGE directoryOperation
)
attributetypes=( 1.3.18.0.2.4.3671
NAME 'ibm-slapdFDProxyEnableUniqueAttrAuth'
DESC 'Specifies whether the Virtual Directory should
process authentications based on unique attributes. Default value
is false.'
EQUALITY booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 {5}
SINGLE-VALUE
USAGE directoryOperation
)
attributetypes=( 1.3.18.0.2.4.3670
NAME 'ibm-slapdFDProxyServerDN'
DESC 'DN of the backend server configuration stanza configured with
Fedreted Directory Proxy Server.'
EQUALITY distinguishedNameMatch
ORDERING distinguishedNameOrderingMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 {1000}
USAGE directoryOperation
)
attributetypes=( 1.3.18.0.2.4.3669
NAME 'ibm-slapdFDProxySuffix'
DESC 'The Virtual Directory suffix that is mapped to
backend server / server cluster suffix specified by attribute ibm-slapdFDProxyBackendSuffix.'
EQUALITY distinguishedNameMatch
ORDERING distinguishedNameOrderingMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 {1000}
SINGLE-VALUE
USAGE directoryOperation
)
attributetypes=( 1.3.18.0.2.4.3668
NAME 'ibm-slapdFDProxyTimeout'
DESC 'Specifies the backend server connection timeout in seconds.'
EQUALITY integerMatch
ORDERING integerOrderingMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 {11}
SINGLE-VALUE
USAGE directoryOperation
)