An attribute syntax defines the allowable values for an attribute. The server uses the syntax definition for an attribute to validate data and determine how to match values. For example, a "Boolean" attribute can only have the values "TRUE" and "FALSE".
Attributes can be defined as either single-valued or multi-valued. Multi-valued attributes are not ordered, so an application should not depend on the set of values for a given attribute being returned in particular order. If you need an ordered set of values, consider putting the list of values in a single attribute value:
preferences: 1st-pref 2nd-pref 3rd-pref
Or consider including order information in the value:
preferences: 2 yyy preferences: 1 xxx preferences: 3 zzz
Multi-valued attributes are useful when an entry is known by several names. For example, cn (common name) is multi-valued. An entry could be defined like:
dn: cn=John Smith,o=My Company,c=US objectclass: inetorgperson sn: Smith cn: John Smith cn: Jack Smith cn: Johnny Smith
This allows searches for John Smith and Jack Smith to return the same information.
Binary attributes contain an arbitrary byte string, for example a JPEG photo, and cannot be used to search for entries.
Boolean attributes contain the strings TRUE or FALSE.
DN attributes contain LDAP distinguished names. The values do not need to be the DNs of existing entries, but they must have a valid DN syntax.
Directory String attributes contain a text string using UTF-8 characters. The attribute can be case exact or case ignore with respect to values used in search filters (based on the matching rule defined for the attribute), though the value is always returned as originally entered.
Generalized Time attributes contain a string representation of a year 2000 safe date and time using GMT times with an optional GMT time zone offset. See Generalized and UTC time for more details on the syntax of these values.
IA5 String attributes contain a text string using the IA5 character set (7-bit US ASCII. The attribute can be case exact or case ignore with respect to values used in search filters (based on the matching rule defined for the attribute), though the value is always returned as originally entered. IA5 String also allows the use of a wild card character for substring searches.
Integer attributes contain the text string representation of the value. For example, 0 or 1000. Values for Integer syntax attributes must be in the range -2147483648 to 2147483647.
Telephone Number attributes contain a text representation of a telephone number. The Directory Server does not impose any particular syntax on these values. The following are all valid values: (555)555-5555, 555.555.5555, and +1 43 555 555 5555.
UTC Time attributes use an earlier, non-year 2000 safe, string format for representing dates and times. See Generalized and UTC time for more details.
In the directory schema, the syntax of an attribute is specified using Object Identifiers (OIDs) assigned to each syntax. The following table lists the syntaxes supported by the directory server and their OIDs.
Syntax | OID |
---|---|
Attribute Type Description syntax | 1.3.6.1.4.1.1466.115.121.1.3 |
Binary - octet string | 1.3.6.1.4.1.1466.115.121.1.5 |
Boolean - TRUE/FALSE | 1.3.6.1.4.1.1466.115.121.1.7 |
Directory String syntax | 1.3.6.1.4.1.1466.115.121.1.15 |
DIT Content Rule Description syntax | 1.3.6.1.4.1.1466.115.121.1.16 |
DITStructure Rule Description syntax | 1.3.6.1.4.1.1466.115.121.1.17 |
DN - distinguished name | 1.3.6.1.4.1.1466.115.121.1.12 |
Generalized Time syntax | 1.3.6.1.4.1.1466.115.121.1.24 |
IA5 String syntax | 1.3.6.1.4.1.1466.115.121.1.26 |
IBM Attribute Type Description | 1.3.18.0.2.8.1 |
Integer syntax - integral number | 1.3.6.1.4.1.1466.115.121.1.27 |
LDAP Syntax Description syntax | 1.3.6.1.4.1.1466.115.121.1.54 |
Matching Rule Description | 1.3.6.1.4.1.1466.115.121.1.30 |
Matching Rule Use Description | 1.3.6.1.4.1.1466.115.121.1.31 |
Name Form Description | 1.3.6.1.4.1.1466.115.121.1.35 |
Object Class Description syntax | 1.3.6.1.4.1.1466.115.121.1.37 |
String for containing OIDs. The OID is a string containing digits (0-9) and decimal points (.). See Object identifier (OID). | 1.3.6.1.4.1.1466.115.121.1.38 |
Telephone Number syntax | 1.3.6.1.4.1.1466.115.121.1.50 |
UTC Time syntax. UTC-Time is time string format defined by ASN.1 standards. See ISO 8601 and X680. Use this syntax for storing time values in UTC-Time format. See Generalized and UTC time. | 1.3.6.1.4.1.1466.115.121.1.53 |