Network Working Group K. Zeilenga, Ed.
Request for Comments: 4524 OpenLDAP Foundation
Obsoletes: 1274 June 2006
Updates: 2247, 2798
Category: Standards Track
Network Working Group K. Zeilenga, Ed.
Request for Comments: 4524 OpenLDAP Foundation
Obsoletes: 1274 June 2006
Updates: 2247, 2798
Category: Standards Track
COSINE LDAP/X.500 Schema
余弦LDAP/X.500模式
Status of This Memo
关于下段备忘
This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.
本文件规定了互联网社区的互联网标准跟踪协议,并要求进行讨论和提出改进建议。有关本协议的标准化状态和状态,请参考当前版本的“互联网官方协议标准”(STD 1)。本备忘录的分发不受限制。
Copyright Notice
版权公告
Copyright (C) The Internet Society (2006).
版权所有(C)互联网协会(2006年)。
Abstract
摘要
This document provides a collection of schema elements for use with the Lightweight Directory Access Protocol (LDAP) from the COSINE and Internet X.500 pilot projects.
本文档提供了一组模式元素,用于COSINE和internetx.500试点项目中的轻量级目录访问协议(LDAP)。
This document obsoletes RFC 1274 and updates RFCs 2247 and 2798.
本文件淘汰了RFC 1274,并更新了RFC 2247和2798。
Table of Contents
目录
1. Introduction ....................................................3
1.1. Relationship to Other Documents ............................3
1.2. Terminology and Conventions ................................4
2. COSINE Attribute Types ..........................................4
2.1. associatedDomain ...........................................4
2.2. associatedName .............................................5
2.3. buildingName ...............................................5
2.4. co .........................................................5
2.5. documentAuthor .............................................6
2.6. documentIdentifier .........................................6
2.7. documentLocation ...........................................6
2.8. documentPublisher ..........................................7
2.9. documentTitle ..............................................7
2.10. documentVersion ...........................................7
2.11. drink .....................................................8
2.12. homePhone .................................................8
2.13. homePostalAddress .........................................8
1. Introduction ....................................................3
1.1. Relationship to Other Documents ............................3
1.2. Terminology and Conventions ................................4
2. COSINE Attribute Types ..........................................4
2.1. associatedDomain ...........................................4
2.2. associatedName .............................................5
2.3. buildingName ...............................................5
2.4. co .........................................................5
2.5. documentAuthor .............................................6
2.6. documentIdentifier .........................................6
2.7. documentLocation ...........................................6
2.8. documentPublisher ..........................................7
2.9. documentTitle ..............................................7
2.10. documentVersion ...........................................7
2.11. drink .....................................................8
2.12. homePhone .................................................8
2.13. homePostalAddress .........................................8
2.14. host ......................................................9
2.15. info ......................................................9
2.16. mail ......................................................9
2.17. manager ..................................................10
2.18. mobile ...................................................10
2.19. organizationalStatus .....................................11
2.20. pager ....................................................11
2.21. personalTitle ............................................11
2.22. roomNumber ...............................................12
2.23. secretary ................................................12
2.24. uniqueIdentifier .........................................12
2.25. userClass ................................................13
3. COSINE Object Classes ..........................................13
3.1. account ...................................................13
3.2. document ..................................................14
3.3. documentSeries ............................................14
3.4. domain ....................................................15
3.5. domainRelatedObject .......................................16
3.6. friendlyCountry ...........................................16
3.7. rFC822LocalPart ...........................................17
3.8. room ......................................................18
3.9. simpleSecurityObject ......................................18
4. Security Considerations ........................................18
5. IANA Considerations ............................................19
6. Acknowledgements ...............................................20
7. References .....................................................20
7.1. Normative References ......................................20
7.2. Informative References ....................................21
Appendix A. Changes since RFC 1274 ...............................23
A.1. LDAP Short Names .........................................23
A.2. pilotObject ..............................................23
A.3. pilotPerson ..............................................23
A.4. dNSDomain ................................................24
A.5. pilotDSA and qualityLabelledData .........................24
A.6. Attribute Syntaxes .......................................24
Appendix B. Changes since RFC 2247 ...............................24
2.14. host ......................................................9
2.15. info ......................................................9
2.16. mail ......................................................9
2.17. manager ..................................................10
2.18. mobile ...................................................10
2.19. organizationalStatus .....................................11
2.20. pager ....................................................11
2.21. personalTitle ............................................11
2.22. roomNumber ...............................................12
2.23. secretary ................................................12
2.24. uniqueIdentifier .........................................12
2.25. userClass ................................................13
3. COSINE Object Classes ..........................................13
3.1. account ...................................................13
3.2. document ..................................................14
3.3. documentSeries ............................................14
3.4. domain ....................................................15
3.5. domainRelatedObject .......................................16
3.6. friendlyCountry ...........................................16
3.7. rFC822LocalPart ...........................................17
3.8. room ......................................................18
3.9. simpleSecurityObject ......................................18
4. Security Considerations ........................................18
5. IANA Considerations ............................................19
6. Acknowledgements ...............................................20
7. References .....................................................20
7.1. Normative References ......................................20
7.2. Informative References ....................................21
Appendix A. Changes since RFC 1274 ...............................23
A.1. LDAP Short Names .........................................23
A.2. pilotObject ..............................................23
A.3. pilotPerson ..............................................23
A.4. dNSDomain ................................................24
A.5. pilotDSA and qualityLabelledData .........................24
A.6. Attribute Syntaxes .......................................24
Appendix B. Changes since RFC 2247 ...............................24
In the late 1980s, X.500 Directory Services were standardized by the CCITT (Commite' Consultatif International de Telegraphique et Telephonique), now a part of the ITU (International Telephone Union). This lead to Directory Service piloting activities in the early 1990s, including the COSINE (Co-operation and Open Systems Interconnection in Europe) PARADISE Project pilot [COSINEpilot] in Europe. Motivated by needs for large-scale directory pilots, RFC 1274 was published to standardize the directory schema and naming architecture for use in the COSINE and other Internet X.500 pilots [RFC1274].
20世纪80年代末,X.500目录服务由CCITT(国际电报和电话咨询委员会)标准化,该委员会现在是ITU(国际电话联盟)的一部分。这导致了20世纪90年代初的目录服务试点活动,包括欧洲的COSINE(欧洲的合作和开放系统互连)天堂项目试点[COSINEpilot]。出于对大规模目录试点的需求,发布了RFC 1274,以标准化目录模式和命名体系结构,以便在余弦和其他Internet X.500试点中使用[RFC1274]。
In the years that followed, X.500 Directory Services have evolved to incorporate new capabilities and even new protocols. In particular, the Lightweight Directory Access Protocol (LDAP) [RFC4510] was introduced in the early 1990s [RFC1487], with Version 3 of LDAP introduced in the late 1990s [RFC2251] and subsequently revised in 2005 [RFC4510].
在随后的几年中,X.500目录服务已经发展到包含新功能甚至新协议。特别是,轻量级目录访问协议(LDAP)[RFC4510]于20世纪90年代初引入[RFC1487],LDAP版本3于20世纪90年代末引入[RFC2251],随后于2005年修订[RFC4510]。
While much of the material in RFC 1274 has been superceded by subsequently published ITU-T Recommendations and IETF RFCs, many of the schema elements lack standardized schema descriptions for use in modern X.500 and LDAP directory services despite the fact that these schema elements are in wide use today. As the old schema descriptions cannot be used without adaptation, interoperability issues may arise due to lack of standardized modern schema descriptions.
虽然RFC 1274中的大部分内容已被随后发布的ITU-T建议和IETF RFC所取代,但许多模式元素缺乏用于现代X.500和LDAP目录服务的标准化模式描述,尽管这些模式元素目前已被广泛使用。由于旧的模式描述不能在没有修改的情况下使用,因此由于缺乏标准化的现代模式描述,可能会出现互操作性问题。
This document addresses these issues by offering standardized schema descriptions, where needed, for widely used COSINE schema elements.
本文档通过为广泛使用的余弦模式元素提供标准化的模式描述(如果需要)来解决这些问题。
This document, together with [RFC4519] and [RFC4517], obsoletes RFC 1274 in its entirety. [RFC4519] replaces Sections 9.3.1 (Userid) and 9.3.21 (Domain Component) of RFC 1274. [RFC4517] replaces Section 9.4 (Generally useful syntaxes) of RFC 1274.
本文件连同[RFC4519]和[RFC4517]一起废止了RFC 1274的全部内容。[RFC4519]取代RFC 1274第9.3.1节(用户ID)和第9.3.21节(域组件)。[RFC4517]取代RFC 1274第9.4节(一般有用的语法)。
This document replaces the remainder of RFC 1274. Appendix A discusses changes since RFC 1274, as well as why certain schema elements were not brought forward in this revision of the COSINE schema. All elements not brought are to be regarded as Historic.
本文件取代RFC 1274的其余部分。附录A讨论了自RFC1274以来的变化,以及为什么某些模式元素没有在这次修订的余弦模式中提出。所有未带来的元素都将被视为历史元素。
The description of the 'domain' object class provided in this document supercedes that found in RFC 2247. That is, Section 3.4 of this document replaces Section 5.2 of [RFC2247].
本文档中提供的“域”对象类的描述取代了RFC 2247中的描述。也就是说,本文件第3.4节取代了[RFC2247]第5.2节。
Some of the schema elements specified here were described in RFC 2798 (inetOrgPerson schema). This document supersedes these descriptions. This document, together with [RFC4519], replaces Section 9.1.3 of RFC 2798.
这里指定的一些模式元素在RFC2798(inetOrgPerson模式)中进行了描述。本文件取代这些说明。本文件与[RFC4519]一起取代RFC 2798第9.1.3节。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119].
本文件中的关键词“必须”、“不得”、“必需”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照BCP 14[RFC2119]中所述进行解释。
DIT stands for Directory Information Tree. DN stands for Distinguished Name. DSA stands for Directory System Agent, a server. DSE stands for DSA-Specific Entry. DUA stands for Directory User Agent, a client.
DIT代表目录信息树。DN代表可分辨名称。DSA代表目录系统代理,一个服务器。DSE代表DSA特定条目。DUA代表目录用户代理,一个客户端。
These terms are discussed in [RFC4512].
[RFC4512]中讨论了这些术语。
Schema definitions are provided using LDAP description formats [RFC4512]. Definitions provided here are formatted (line wrapped) for readability.
模式定义使用LDAP描述格式[RFC4512]提供。为了便于阅读,这里提供的定义是格式化的(换行)。
This section details COSINE attribute types for use in LDAP.
本节详细介绍LDAP中使用的余弦属性类型。
The 'associatedDomain' attribute specifies DNS [RFC1034][RFC2181] host names [RFC1123] that are associated with an object. That is, values of this attribute should conform to the following ABNF:
“associatedDomain”属性指定与对象关联的DNS[RFC1034][RFC2181]主机名[RFC1123]。也就是说,此属性的值应符合以下ABNF:
domain = root / label *( DOT label )
root = SPACE
label = LETDIG [ *61( LETDIG / HYPHEN ) LETDIG ]
LETDIG = %x30-39 / %x41-5A / %x61-7A ; "0" - "9" / "A"-"Z" / "a"-"z"
SPACE = %x20 ; space (" ")
HYPHEN = %x2D ; hyphen ("-")
DOT = %x2E ; period (".")
domain = root / label *( DOT label )
root = SPACE
label = LETDIG [ *61( LETDIG / HYPHEN ) LETDIG ]
LETDIG = %x30-39 / %x41-5A / %x61-7A ; "0" - "9" / "A"-"Z" / "a"-"z"
SPACE = %x20 ; space (" ")
HYPHEN = %x2D ; hyphen ("-")
DOT = %x2E ; period (".")
For example, the entry in the DIT with a DN <DC=example,DC=com> might have an associated domain of "example.com".
例如,DIT中DN<DC=example,DC=com>的条目可能有一个关联域“example.com”。
( 0.9.2342.19200300.100.1.37 NAME 'associatedDomain' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
(0.9.2342.19200300.100.1.37名称'associatedDomain'相等caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch语法1.3.6.1.4.1.1466.115.121.1.26)
The IA5String (1.3.6.1.4.1.1466.115.121.1.26) syntax and the 'caseIgnoreIA5Match' and 'caseIgnoreIA5SubstringsMatch' rules are described in [RFC4517].
[RFC4517]中描述了IA5String(1.3.6.1.4.1.1466.115.121.1.26)语法以及“CaseIgnoreA5Match”和“CaseIgnoreA5SubstringsMatch”规则。
Note that the directory will not ensure that values of this attribute conform to the <domain> production provided above. It is the application's responsibility to ensure that domains it stores in this attribute are appropriately represented.
请注意,目录不会确保此属性的值符合上面提供的<domain>产品。应用程序有责任确保存储在此属性中的域得到适当表示。
Also note that applications supporting Internationalized Domain Names SHALL use the ToASCII method [RFC3490] to produce <label> components of the <domain> production.
还请注意,支持国际化域名的应用程序应使用ToASCII方法[RFC3490]来生产<Domain>产品的<label>组件。
The 'associatedName' attribute specifies names of entries in the organizational DIT associated with a DNS domain [RFC1034][RFC2181].
“associatedName”属性指定与DNS域[RFC1034][RFC2181]关联的组织DIT中的条目名称。
( 0.9.2342.19200300.100.1.38 NAME 'associatedName' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
(0.9.2342.19200300.100.1.38名称“associatedName”相等区分名称匹配语法1.3.6.1.4.1.1466.115.121.1.12)
The DistinguishedName (1.3.6.1.4.1.1466.115.121.1.12) syntax and the 'distinguishedNameMatch' rule are described in [RFC4517].
[RFC4517]中描述了DifferentizedName(1.3.6.1.4.1.1466.115.121.1.12)语法和“DifferentizedNameMatch”规则。
The 'buildingName' attribute specifies names of the buildings where an organization or organizational unit is based, for example, "The White House".
“buildingName”属性指定组织或组织单位所在建筑的名称,例如“白宫”。
( 0.9.2342.19200300.100.1.48 NAME 'buildingName' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
(0.9.2342.19200300.100.1.48名称'buildingName'相等caseIgnoreMatch SUBSTR caseIgnoreMatch substrings匹配语法1.3.6.1.4.1.1466.115.121.1.15{256})
The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and the 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are described in [RFC4517].
[RFC4517]中描述了DirectoryString(1.3.6.1.4.1.1466.115.121.1.15)语法以及“caseIgnoreMatch”和“caseIgnoreSubstringsMatch”规则。
The 'co' (Friendly Country Name) attribute specifies names of countries in human-readable format, for example, "Germany" and "Federal Republic of Germany". It is commonly used in conjunction with the 'c' (Country Name) [RFC4519] attribute (whose values are restricted to the two-letter codes defined in [ISO3166]).
“co”(友好国家名称)属性以人类可读的格式指定国家名称,例如,“德国”和“德意志联邦共和国”。它通常与“c”(国家名称)[RFC4519]属性(其值仅限于[ISO3166]中定义的两个字母代码)一起使用。
( 0.9.2342.19200300.100.1.43 NAME 'co' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
(0.9.2342.19200300.100.1.43名称“co”相等caseIgnoreMatch SUBSTR caseignoresubstrings匹配语法1.3.6.1.4.1.1466.115.121.1.15)
The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and the 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are described in [RFC4517].
[RFC4517]中描述了DirectoryString(1.3.6.1.4.1.1466.115.121.1.15)语法以及“caseIgnoreMatch”和“caseIgnoreSubstringsMatch”规则。
The 'documentAuthor' attribute specifies the distinguished names of authors (or editors) of a document. For example,
“documentAuthor”属性指定文档作者(或编辑)的可分辨名称。例如
( 0.9.2342.19200300.100.1.14 NAME 'documentAuthor' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
(0.9.2342.19200300.100.1.14名称“documentAuthor”相等区分名称匹配语法1.3.6.1.4.1.1466.115.121.1.12)
The DistinguishedName (1.3.6.1.4.1.1466.115.121.1.12) syntax and the 'distinguishedNameMatch' rule are described in [RFC4517].
[RFC4517]中描述了DifferentizedName(1.3.6.1.4.1.1466.115.121.1.12)语法和“DifferentizedNameMatch”规则。
The 'documentIdentifier' attribute specifies unique identifiers for a document. A document may be identified by more than one unique identifier. For example, RFC 3383 and BCP 64 are unique identifiers that (presently) refer to the same document.
“documentIdentifier”属性指定文档的唯一标识符。文档可以由多个唯一标识符标识。例如,RFC 3383和BCP 64是(目前)引用同一文档的唯一标识符。
( 0.9.2342.19200300.100.1.11 NAME 'documentIdentifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
(0.9.2342.19200300.100.1.11名称'documentIdentifier'相等caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch语法1.3.6.1.4.1.1466.115.121.1.15{256})
The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and the 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are described in [RFC4517].
[RFC4517]中描述了DirectoryString(1.3.6.1.4.1.1466.115.121.1.15)语法以及“caseIgnoreMatch”和“caseIgnoreSubstringsMatch”规则。
The 'documentLocation' attribute specifies locations of the document original.
“documentLocation”属性指定原始文档的位置。
( 0.9.2342.19200300.100.1.15 NAME 'documentLocation' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
(0.9.2342.19200300.100.1.15名称“documentLocation”相等caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch语法1.3.6.1.4.1.1466.115.121.1.15{256})
The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and the 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are described in [RFC4517].
[RFC4517]中描述了DirectoryString(1.3.6.1.4.1.1466.115.121.1.15)语法以及“caseIgnoreMatch”和“caseIgnoreSubstringsMatch”规则。
The 'documentPublisher' attribute is the persons and/or organizations that published the document. Documents that are jointly published have one value for each publisher.
“documentPublisher”属性是发布文档的人员和/或组织。联合发布的文档对每个发布者都有一个值。
( 0.9.2342.19200300.100.1.56 NAME 'documentPublisher' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
(0.9.2342.19200300.100.1.56名称“documentPublisher”相等caseIgnoreMatch SUBSTR caseIgnoreSubstrings匹配语法1.3.6.1.4.1.1466.115.121.1.15)
The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and the 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are described in [RFC4517].
[RFC4517]中描述了DirectoryString(1.3.6.1.4.1.1466.115.121.1.15)语法以及“caseIgnoreMatch”和“caseIgnoreSubstringsMatch”规则。
The 'documentTitle' attribute specifies the titles of a document. Multiple values are allowed to accommodate both long and short titles, or other situations where a document has multiple titles, for example, "The Lightweight Directory Access Protocol Technical Specification" and "The LDAP Technical Specification".
“documentTitle”属性指定文档的标题。允许使用多个值来容纳长标题和短标题,或者文档具有多个标题的其他情况,例如,“轻量级目录访问协议技术规范”和“LDAP技术规范”。
( 0.9.2342.19200300.100.1.12 NAME 'documentTitle' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
(0.9.2342.19200300.100.1.12名称'documentTitle'相等caseIgnoreMatch SUBSTR caseIgnoreMatch substrings匹配语法1.3.6.1.4.1.1466.115.121.1.15{256})
The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and the 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are described in [RFC4517].
[RFC4517]中描述了DirectoryString(1.3.6.1.4.1.1466.115.121.1.15)语法以及“caseIgnoreMatch”和“caseIgnoreSubstringsMatch”规则。
The 'documentVersion' attribute specifies the version information of a document.
“documentVersion”属性指定文档的版本信息。
( 0.9.2342.19200300.100.1.13 NAME 'documentVersion' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
(0.9.2342.19200300.100.1.13名称“documentVersion”相等caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch语法1.3.6.1.4.1.1466.115.121.1.15{256})
The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and the 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are described in [RFC4517].
[RFC4517]中描述了DirectoryString(1.3.6.1.4.1.1466.115.121.1.15)语法以及“caseIgnoreMatch”和“caseIgnoreSubstringsMatch”规则。
The 'drink' (favoriteDrink) attribute specifies the favorite drinks of an object (or person), for instance, "cola" and "beer".
“饮料”(favoriteDrink)属性指定对象(或个人)最喜欢的饮料,例如“可乐”和“啤酒”。
( 0.9.2342.19200300.100.1.5 NAME 'drink' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
(0.9.2342.19200300.100.1.5名称'drink'相等caseIgnoreMatch SUBSTR caseignoresubstrings匹配语法1.3.6.1.4.1.1466.115.121.1.15{256})
The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and the 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are described in [RFC4517].
[RFC4517]中描述了DirectoryString(1.3.6.1.4.1.1466.115.121.1.15)语法以及“caseIgnoreMatch”和“caseIgnoreSubstringsMatch”规则。
The 'homePhone' (Home Telephone Number) attribute specifies home telephone numbers (e.g., "+1 775 555 1234") associated with a person.
“家庭电话”(家庭电话号码)属性指定与个人相关的家庭电话号码(例如“+1 775 555 1234”)。
( 0.9.2342.19200300.100.1.20 NAME 'homePhone' EQUALITY telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
(0.9.2342.19200300.100.1.20名称“homePhone”相等电话号码Match SUBSTR电话号码SubStringsMatch语法1.3.6.1.4.1.1466.115.121.1.50)
The telephoneNumber (1.3.6.1.4.1.1466.115.121.1.50) syntax and the 'telephoneNumberMatch' and 'telephoneNumberSubstringsMatch' rules are described in [RFC4517].
[RFC4517]中描述了电话号码(1.3.6.1.4.1.1466.115.121.1.50)语法以及“电话号码格式”和“电话号码子字符串匹配”规则。
The 'homePostalAddress' attribute specifies home postal addresses for an object. Each value should be limited to up to 6 directory strings of 30 characters each. (Note: It is not intended that the directory service enforce these limits.)
“homePostalAddress”属性指定对象的主邮政地址。每个值最多应限制为6个目录字符串,每个字符串包含30个字符。(注意:目录服务无意强制执行这些限制。)
( 0.9.2342.19200300.100.1.39 NAME 'homePostalAddress' EQUALITY caseIgnoreListMatch SUBSTR caseIgnoreListSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
(0.9.2342.19200300.100.1.39名称“HomePostLaddress”相等caseIgnoreListMatch SUBSTR caseIgnoreListSubstringsMatch语法1.3.6.1.4.1.1466.115.121.1.41)
The PostalAddress (1.3.6.1.4.1.1466.115.121.1.41) syntax and the 'caseIgnoreListMatch' and 'caseIgnoreListSubstringsMatch' rules are described in [RFC4517].
[RFC4517]中描述了PostLaddress(1.3.6.1.4.1.1466.115.121.1.41)语法以及“caseIgnoreListMatch”和“caseIgnoreListSubstringsMatch”规则。
The 'host' attribute specifies host computers, generally by their primary fully qualified domain name (e.g., my-host.example.com).
“主机”属性通常通过其主要完全限定域名(例如my host.example.com)指定主机计算机。
( 0.9.2342.19200300.100.1.9 NAME 'host' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
(0.9.2342.19200300.100.1.9名称“主机”相等caseIgnoreMatch SUBSTR caseIgnoreMatch语法1.3.6.1.4.1.1466.115.121.1.15{256})
The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and the 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are described in [RFC4517].
[RFC4517]中描述了DirectoryString(1.3.6.1.4.1.1466.115.121.1.15)语法以及“caseIgnoreMatch”和“caseIgnoreSubstringsMatch”规则。
The 'info' attribute specifies any general information pertinent to an object. This information is not necessarily descriptive of the object.
“info”属性指定与对象相关的任何常规信息。该信息不一定是对对象的描述。
Applications should not attach specific semantics to values of this attribute. The 'description' attribute [RFC4519] is available for specifying descriptive information pertinent to an object.
应用程序不应将特定语义附加到此属性的值。“description”属性[RFC4519]可用于指定与对象相关的描述性信息。
( 0.9.2342.19200300.100.1.4 NAME 'info' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{2048} )
(0.9.2342.19200300.100.1.4名称'info'相等caseIgnoreMatch SUBSTR caseignoresubstrings匹配语法1.3.6.1.4.1.1466.115.121.1.15{2048})
The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and the 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are described in [RFC4517].
[RFC4517]中描述了DirectoryString(1.3.6.1.4.1.1466.115.121.1.15)语法以及“caseIgnoreMatch”和“caseIgnoreSubstringsMatch”规则。
The 'mail' (rfc822mailbox) attribute type holds Internet mail addresses in Mailbox [RFC2821] form (e.g., user@example.com).
“邮件”(rfc822mailbox)属性类型以邮箱[RFC2821]的形式保存Internet邮件地址(例如。,user@example.com).
( 0.9.2342.19200300.100.1.3 NAME 'mail' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
(0.9.2342.19200300.100.1.3名称“邮件”相等caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch语法1.3.6.1.4.1.1466.115.121.1.26{256})
The IA5String (1.3.6.1.4.1.1466.115.121.1.26) syntax and the 'caseIgnoreIA5Match' and 'caseIgnoreIA5SubstringsMatch' rules are described in [RFC4517].
[RFC4517]中描述了IA5String(1.3.6.1.4.1.1466.115.121.1.26)语法以及“CaseIgnoreA5Match”和“CaseIgnoreA5SubstringsMatch”规则。
Note that the directory will not ensure that values of this attribute conform to the <Mailbox> production [RFC2821]. It is the application's responsibility to ensure that domains it stores in this attribute are appropriately represented.
请注意,目录不会确保此属性的值符合<Mailbox>产品[RFC2821]。应用程序有责任确保存储在此属性中的域得到适当表示。
Additionally, the directory will compare values per the matching rules named in the above attribute type description. As these rules differ from rules that normally apply to <Mailbox> comparisons, operational issues may arise. For example, the assertion (mail=joe@example.com) will match "JOE@example.com" even though the <local-parts> differ. Also, where a user has two <Mailbox>es whose addresses differ only by case of the <local-part>, both cannot be listed as values of the user's mail attribute (as they are considered equal by the 'caseIgnoreIA5Match' rule).
此外,目录将根据上述属性类型描述中命名的匹配规则比较值。由于这些规则与通常应用于<Mailbox>比较的规则不同,因此可能会出现操作问题。例如,断言(邮件)=joe@example.com)将匹配“JOE@example.com“即使<局部>不同。此外,如果一个用户有两个<Mailbox>e,它们的地址仅因<local part>的大小写不同而不同,则这两个地址不能作为用户邮件属性的值列出(因为“caseIgnoreIA5Match”规则认为它们相等)。
Also note that applications supporting internationalized domain names SHALL use the ToASCII method [RFC3490] to produce <sub-domain> components of the <Mailbox> production.
还请注意,支持国际化域名的应用程序应使用ToASCII方法[RFC3490]来生成<Mailbox>产品的<sub-domain>组件。
The 'manager' attribute specifies managers, by distinguished name, of the person (or entity).
“经理”属性通过可分辨名称指定个人(或实体)的经理。
( 0.9.2342.19200300.100.1.10 NAME 'manager' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
(0.9.2342.19200300.100.1.10名称“经理”相等区分名称匹配语法1.3.6.1.4.1.1466.115.121.1.12)
The DistinguishedName (1.3.6.1.4.1.1466.115.121.1.12) syntax and the 'distinguishedNameMatch' rule are described in [RFC4517].
[RFC4517]中描述了DifferentizedName(1.3.6.1.4.1.1466.115.121.1.12)语法和“DifferentizedNameMatch”规则。
The 'mobile' (mobileTelephoneNumber) attribute specifies mobile telephone numbers (e.g., "+1 775 555 6789") associated with a person (or entity).
“mobile”(mobileTelephoneNumber)属性指定与个人(或实体)关联的移动电话号码(例如“+1 775 555 6789”)。
( 0.9.2342.19200300.100.1.41 NAME 'mobile' EQUALITY telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
(0.9.2342.19200300.100.1.41名称“移动”相等电话号码Match SUBSTR电话号码SubStringsMatch语法1.3.6.1.4.1.1466.115.121.1.50)
The telephoneNumber (1.3.6.1.4.1.1466.115.121.1.50) syntax and the 'telephoneNumberMatch' and 'telephoneNumberSubstringsMatch' rules are described in [RFC4517].
[RFC4517]中描述了电话号码(1.3.6.1.4.1.1466.115.121.1.50)语法以及“电话号码格式”和“电话号码子字符串匹配”规则。
The 'organizationalStatus' attribute specifies categories by which a person is often referred to in an organization. Examples of usage in academia might include "undergraduate student", "researcher", "professor", and "staff". Multiple values are allowed where the person is in multiple categories.
“organizationalStatus”属性指定在组织中经常引用人员的类别。在学术界使用的例子可能包括“本科生”、“研究员”、“教授”和“职员”。如果人员属于多个类别,则允许使用多个值。
Directory administrators and application designers SHOULD consider carefully the distinctions between this and the 'title' and 'userClass' attributes.
目录管理员和应用程序设计者应该仔细考虑这与“标题”和“用户类”属性之间的区别。
( 0.9.2342.19200300.100.1.45 NAME 'organizationalStatus' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
(0.9.2342.19200300.100.1.45名称'OrganizationStatus'相等caseIgnoreMatch SUBSTR caseIgnoreSubstrings匹配语法1.3.6.1.4.1.1466.115.121.1.15{256})
The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and the 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are described in [RFC4517].
[RFC4517]中描述了DirectoryString(1.3.6.1.4.1.1466.115.121.1.15)语法以及“caseIgnoreMatch”和“caseIgnoreSubstringsMatch”规则。
The 'pager' (pagerTelephoneNumber) attribute specifies pager telephone numbers (e.g., "+1 775 555 5555") for an object.
“寻呼机”(pagerTelephoneNumber)属性指定对象的寻呼机电话号码(例如“+1 775 555 5555”)。
( 0.9.2342.19200300.100.1.42 NAME 'pager' EQUALITY telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
(0.9.2342.19200300.100.1.42名称“寻呼机”相等电话号码分组电话号码分组字符串匹配语法1.3.6.1.4.1.1466.115.121.1.50)
The telephoneNumber (1.3.6.1.4.1.1466.115.121.1.50) syntax and the 'telephoneNumberMatch' and 'telephoneNumberSubstringsMatch' rules are described in [RFC4517].
[RFC4517]中描述了电话号码(1.3.6.1.4.1.1466.115.121.1.50)语法以及“电话号码格式”和“电话号码子字符串匹配”规则。
The 'personalTitle' attribute specifies personal titles for a person. Examples of personal titles are "Frau", "Dr.", "Herr", and "Professor".
“personalTitle”属性指定个人的个人头衔。个人头衔的例子有“女士”、“博士”、“先生”和“教授”。
( 0.9.2342.19200300.100.1.40 NAME 'personalTitle' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
(0.9.2342.19200300.100.1.40名称“personalTitle”相等caseIgnoreMatch SUBSTR caseIgnoreMatch substrings匹配语法1.3.6.1.4.1.1466.115.121.1.15{256})
The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and the 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are described in [RFC4517].
[RFC4517]中描述了DirectoryString(1.3.6.1.4.1.1466.115.121.1.15)语法以及“caseIgnoreMatch”和“caseIgnoreSubstringsMatch”规则。
The 'roomNumber' attribute specifies the room number of an object. During periods of renumbering, or in other circumstances where a room has multiple valid room numbers associated with it, multiple values may be provided. Note that the 'cn' (commonName) attribute type SHOULD be used for naming room objects.
“roomNumber”属性指定对象的房间号。在重新编号期间,或在房间有多个有效房间号关联的其他情况下,可以提供多个值。请注意,“cn”(commonName)属性类型应用于命名房间对象。
( 0.9.2342.19200300.100.1.6 NAME 'roomNumber' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
(0.9.2342.19200300.100.1.6名称“roomNumber”相等caseIgnoreMatch SUBSTR caseIgnoreMatch语法1.3.6.1.4.1.1466.115.121.1.15{256})
The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and the 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are described in [RFC4517].
[RFC4517]中描述了DirectoryString(1.3.6.1.4.1.1466.115.121.1.15)语法以及“caseIgnoreMatch”和“caseIgnoreSubstringsMatch”规则。
The 'secretary' attribute specifies secretaries and/or administrative assistants, by distinguished name.
“秘书”属性按可分辨名称指定秘书和/或行政助理。
( 0.9.2342.19200300.100.1.21 NAME 'secretary' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
(0.9.2342.19200300.100.1.21名称“秘书”相等区分名称匹配语法1.3.6.1.4.1.1466.115.121.1.12)
The DistinguishedName (1.3.6.1.4.1.1466.115.121.1.12) syntax and the 'distinguishedNameMatch' rule are described in [RFC4517].
[RFC4517]中描述了DifferentizedName(1.3.6.1.4.1.1466.115.121.1.12)语法和“DifferentizedNameMatch”规则。
The 'uniqueIdentifier' attribute specifies a unique identifier for an object represented in the Directory. The domain within which the identifier is unique and the exact semantics of the identifier are for local definition. For a person, this might be an institution-wide payroll number. For an organizational unit, it might be a department code.
“uniqueIdentifier”属性为目录中表示的对象指定唯一标识符。标识符唯一的域和标识符的确切语义用于本地定义。对于个人而言,这可能是一个机构范围内的工资数字。对于组织单位,它可能是部门代码。
( 0.9.2342.19200300.100.1.44 NAME 'uniqueIdentifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
(0.9.2342.19200300.100.1.44名称'uniqueIdentifier'相等caseIgnoreMatch SUBSTR caseignoresubstrings匹配语法1.3.6.1.4.1.1466.115.121.1.15{256})
The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and the 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are described in [RFC4517].
[RFC4517]中描述了DirectoryString(1.3.6.1.4.1.1466.115.121.1.15)语法以及“caseIgnoreMatch”和“caseIgnoreSubstringsMatch”规则。
Note: X.520 also describes an attribute called 'uniqueIdentifier' (2.5.4.45), which is called 'x500UniqueIdentifier' in LDAP [RFC4519]. The attribute detailed here ought not be confused with 'x500UniqueIdentifier'.
注:X.520还描述了一个名为“uniqueIdentifier”(2.5.4.45)的属性,该属性在LDAP[RFC4519]中称为“x500UniqueIdentifier”。此处详述的属性不应与“x500UniqueIdentifier”混淆。
The 'userClass' attribute specifies categories of computer or application user. The semantics placed on this attribute are for local interpretation. Examples of current usage of this attribute in academia are "student", "staff", and "faculty". Note that the 'organizationalStatus' attribute type is now often preferred, as it makes no distinction between persons as opposed to users.
“userClass”属性指定计算机或应用程序用户的类别。放置在该属性上的语义用于本地解释。目前学术界使用该属性的例子有“学生”、“教职员工”和“教员”。请注意,“organizationalStatus”属性类型现在通常是首选的,因为它不区分人和用户。
( 0.9.2342.19200300.100.1.8 NAME 'userClass' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
(0.9.2342.19200300.100.1.8名称'userClass'相等caseIgnoreMatch SUBSTR caseIgnoreMatch语法1.3.6.1.4.1.1466.115.121.1.15{256})
The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and the 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are described in [RFC4517].
[RFC4517]中描述了DirectoryString(1.3.6.1.4.1.1466.115.121.1.15)语法以及“caseIgnoreMatch”和“caseIgnoreSubstringsMatch”规则。
This section details COSINE object classes for use in LDAP.
本节详细介绍LDAP中使用的余弦对象类。
The 'account' object class is used to define entries representing computer accounts. The 'uid' attribute SHOULD be used for naming entries of this object class.
“account”对象类用于定义表示计算机帐户的条目。“uid”属性应用于命名此对象类的条目。
( 0.9.2342.19200300.100.4.5 NAME 'account' SUP top STRUCTURAL MUST uid MAY ( description $ seeAlso $ l $ o $ ou $ host ) )
(0.9.2342.19200300.100.4.5名称“帐户”辅助顶部结构必须为uid MAY(说明$另请参见$l$o$ou$host))
The 'top' object class is described in [RFC4512]. The 'description', 'seeAlso', 'l', 'o', 'ou', and 'uid' attribute types are described in [RFC4519]. The 'host' attribute type is described in Section 2 of this document.
[RFC4512]中描述了“top”对象类。[RFC4519]中描述了“description”、“seeally”、“l”、“o”、“ou”和“uid”属性类型。本文档第2节介绍了“主机”属性类型。
3.3. documentSeriesExample:
3.3. 文档系列示例:
dn: uid=kdz,cn=Accounts,dc=Example,dc=COM
objectClass: account
uid: kdz
seeAlso: cn=Kurt D. Zeilenga,cn=Persons,dc=Example,dc=COM
dn: uid=kdz,cn=Accounts,dc=Example,dc=COM
objectClass: account
uid: kdz
seeAlso: cn=Kurt D. Zeilenga,cn=Persons,dc=Example,dc=COM
The 'document' object class is used to define entries that represent documents.
“document”对象类用于定义表示文档的条目。
( 0.9.2342.19200300.100.4.6 NAME 'document' SUP top STRUCTURAL MUST documentIdentifier MAY ( cn $ description $ seeAlso $ l $ o $ ou $ documentTitle $ documentVersion $ documentAuthor $ documentLocation $ documentPublisher ) )
(0.9.2342.19200300.100.4.6名称“文档”支持顶部结构必须文档标识符可能(cn$description$see另见$l$o$ou$documentTitle$documentVersion$documentAuthor$documentLocation$documentPublisher))
The 'top' object class is described in [RFC4512]. The 'cn', 'description', 'seeAlso', 'l', 'o', and 'ou' attribute types are described in [RFC4519]. The 'documentIdentifier', 'documentTitle', 'documentVersion', 'documentAuthor', 'documentLocation', and 'documentPublisher' attribute types are described in Section 2 of this document.
[RFC4512]中描述了“top”对象类。[RFC4519]中描述了'cn'、'description'、'seeall'、'l'、'o'和'ou'属性类型。本文档第2节介绍了“documentIdentifier”、“documentTitle”、“documentVersion”、“documentAuthor”、“documentLocation”和“documentPublisher”属性类型。
Example:
例子:
dn: documentIdentifier=RFC 4524,cn=RFC,dc=Example,dc=COM
objectClass: document
documentIdentifier: RFC 4524
documentTitle: COSINE LDAP/X.500 Schema
documentAuthor: cn=Kurt D. Zeilenga,cn=Persons,dc=Example,dc=COM
documentLocation: http://www.rfc-editor.org/rfc/rfc4524.txt
documentPublisher: Internet Engineering Task Force
description: A collection of schema elements for use in LDAP
description: Obsoletes RFC 1274
seeAlso: documentIdentifier=RFC 4510,cn=RFC,dc=Example,dc=COM
seeAlso: documentIdentifier=RFC 1274,cn=RFC,dc=Example,dc=COM
dn: documentIdentifier=RFC 4524,cn=RFC,dc=Example,dc=COM
objectClass: document
documentIdentifier: RFC 4524
documentTitle: COSINE LDAP/X.500 Schema
documentAuthor: cn=Kurt D. Zeilenga,cn=Persons,dc=Example,dc=COM
documentLocation: http://www.rfc-editor.org/rfc/rfc4524.txt
documentPublisher: Internet Engineering Task Force
description: A collection of schema elements for use in LDAP
description: Obsoletes RFC 1274
seeAlso: documentIdentifier=RFC 4510,cn=RFC,dc=Example,dc=COM
seeAlso: documentIdentifier=RFC 1274,cn=RFC,dc=Example,dc=COM
The 'documentSeries' object class is used to define an entry that represents a series of documents (e.g., The Request For Comments memos).
“documentSeries”对象类用于定义表示一系列文档(例如,征求意见备忘录)的条目。
( 0.9.2342.19200300.100.4.9 NAME 'documentSeries' SUP top STRUCTURAL MUST cn MAY ( description $ l $ o $ ou $ seeAlso $ telephonenumber ) )
(0.9.2342.19200300.100.4.9名称“documentSeries”SUP-top STRUCTURAL必须cn-MAY(说明$l$o$ou$另见$TEPHONERNUMBER))
The 'top' object class is described in [RFC4512]. The 'description', 'l', 'o', 'ou', 'seeAlso', and 'telephoneNumber' attribute types are described in [RFC4519].
[RFC4512]中描述了“top”对象类。[RFC4519]中描述了'description'、'l'、'o'、'ou'、'SeeAllow'和'telephoneNumber'属性类型。
Example:
例子:
dn: cn=RFC,dc=Example,dc=COM
objectClass: documentSeries
cn: Request for Comments
cn: RFC
description: a series of memos about the Internet
dn: cn=RFC,dc=Example,dc=COM
objectClass: documentSeries
cn: Request for Comments
cn: RFC
description: a series of memos about the Internet
The 'domain' object class is used to define entries that represent DNS domains for objects that are not organizations, organizational units, or other kinds of objects more appropriately defined using an object class specific to the kind of object being defined (e.g., 'organization', 'organizationUnit').
“域”对象类用于定义表示非组织、组织单位或其他类型对象的DNS域的条目,这些对象更适合使用特定于所定义对象类型的对象类来定义(例如,“组织”、“组织单位”)。
The 'dc' attribute should be used for naming entries of the 'domain' object class.
“dc”属性应用于命名“域”对象类的条目。
( 0.9.2342.19200300.100.4.13 NAME 'domain' SUP top STRUCTURAL MUST dc MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ x121Address $ registeredAddress $ destinationIndicator $ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName $ st $ l $ description $ o $ associatedName ) )
(0.9.2342.19200300.100.4.13名称“域”辅助结构必须为dc-MAY(用户密码$searchGuide$另请参见$businessCategory$X121地址$registeredAddress$destinationIndicator$preferredDeliveryMethod$telexNumber$teletexTerminalIdentifier$telephoneNumber$internationaliSDNNumber$facsimileTelephoneNumber$street$postOfficeBox$postalCode$postalAddress$physicalDeliveryOfficeName$st$l$d说明$o$associatedName)
The 'top' object class and the 'dc', 'userPassword', 'searchGuide', 'seeAlso', 'businessCategory', 'x121Address', 'registeredAddress', 'destinationIndicator', 'preferredDeliveryMethod', 'telexNumber', 'teletexTerminalIdentifier', 'telephoneNumber', 'internationaliSDNNumber', 'facsimileTelephoneNumber', 'street', 'postOfficeBox', 'postalCode', 'postalAddress', 'physicalDeliveryOfficeName', 'st', 'l', 'description', and 'o' types
“top”对象类和“dc”、“userPassword”、“searchGuide”、“See Alway”、“businessCategory”、“x121Address”、“registeredAddress”、“destinationIndicator”、“preferredDeliveryMethod”、“telexNumber”、“Teletexterminalidentier”、“telephoneNumber”、“internationaliSDNNumber”、“facsimileTelephoneNumber”、“street”、“postOfficeBox”、“postalCode”,“postalAddress”、“physicalDeliveryOfficeName”、“st”、“l”、“description”和“o”类型
are described in [RFC4519]. The 'associatedName' attribute type is described in Section 2 of this document.
如[RFC4519]所述。本文档第2节介绍了“associatedName”属性类型。
Example:
例子:
dn: dc=com objectClass: domain dc: com description: the .COM TLD
dn:dc=com对象类:域dc:com说明:the.com TLD
The 'domainRelatedObject' object class is used to define entries that represent DNS domains that are "equivalent" to an X.500 domain, e.g., an organization or organizational unit.
“domainRelatedObject”对象类用于定义表示与X.500域“等效”的DNS域的条目,例如组织或组织单位。
( 0.9.2342.19200300.100.4.17 NAME 'domainRelatedObject' SUP top AUXILIARY MUST associatedDomain )
(0.9.2342.19200300.100.4.17名称'domainRelatedObject'辅助顶级辅助必须关联域)
The 'top' object class is described in [RFC4512]. The 'associatedDomain' attribute type is described in Section 2 of this document.
[RFC4512]中描述了“top”对象类。本文档第2节介绍了“associatedDomain”属性类型。
Example:
例子:
dn: dc=example,dc=com
objectClass: organization
objectClass: dcObject
objectClass: domainRelatedObject
dc: example
associatedDomain: example.com
o: Example Organization
dn: dc=example,dc=com
objectClass: organization
objectClass: dcObject
objectClass: domainRelatedObject
dc: example
associatedDomain: example.com
o: Example Organization
The 'organization' and 'dcObject' object classes and the 'dc' and 'o' attribute types are described in [RFC4519].
[RFC4519]中描述了“组织”和“dcObject”对象类以及“dc”和“o”属性类型。
The 'friendlyCountry' object class is used to define entries representing countries in the DIT. The object class is used to allow friendlier naming of countries than that allowed by the object class 'country' [RFC4519].
“friendlyCountry”对象类用于定义代表DIT中国家的条目。对象类用于比对象类“country”更友好地命名国家[RFC4519]。
( 0.9.2342.19200300.100.4.18 NAME 'friendlyCountry' SUP country STRUCTURAL MUST co )
(0.9.2342.19200300.100.4.18名称“friendlyCountry”辅助国家结构公司)
The 'country' object class is described in [RFC4519]. The 'co' attribute type is described in Section 2 of this document.
[RFC4519]中描述了“country”对象类。本文件第2节描述了“co”属性类型。
Example:
例子:
dn: c=DE objectClass: country objectClass: friendlyCountry c: DE co: Deutschland co: Germany co: Federal Republic of Germany co: FRG
dn:c=DE对象类:国家对象类:友好国家c:DE公司:德国公司:德意志联邦共和国公司:FRG
The 'c' attribute type is described in [RFC4519].
[RFC4519]中描述了“c”属性类型。
The 'rFC822LocalPart' object class is used to define entries that represent the local part of Internet mail addresses [RFC2822]. This treats the local part of the address as a 'domain' object.
“rFC822LocalPart”对象类用于定义表示Internet邮件地址本地部分的条目[RFC2822]。这会将地址的本地部分视为“域”对象。
( 0.9.2342.19200300.100.4.14 NAME 'rFC822localPart' SUP domain STRUCTURAL MAY ( cn $ description $ destinationIndicator $ facsimileTelephoneNumber $ internationaliSDNNumber $ physicalDeliveryOfficeName $ postalAddress $ postalCode $ postOfficeBox $ preferredDeliveryMethod $ registeredAddress $ seeAlso $ sn $ street $ telephoneNumber $ teletexTerminalIdentifier $ telexNumber $ x121Address ) )
(0.9.2342.19200300.100.4.14名称“rFC822localPart”辅助域(cn$description$destinationIndicator$facsimiletelphonenumber$internationaliSDNNumber$physicalDeliveryOfficeName$Postladdress$postalCode$postOfficeBox$PreferredDelivery$registeredAddress$See另见$sn$street$电话号码$Teletexterminalidentier$电传号码$X121地址))
The 'domain' object class is described in Section 3.4 of this document. The 'cn', 'description', 'destinationIndicator', 'facsimileTelephoneNumber', 'internationaliSDNNumber, 'physicalDeliveryOfficeName', 'postalAddress', 'postalCode', 'postOfficeBox', 'preferredDeliveryMethod', 'registeredAddress', 'seeAlso', 'sn, 'street', 'telephoneNumber', 'teletexTerminalIdentifier', 'telexNumber', and 'x121Address' attribute types are described in [RFC4519].
本文件第3.4节描述了“域”对象类。“cn”、“描述”、“目的地指示器”、“传真机号码”、“国际号码”、“物理递送官方名称”、“邮递地址”、“邮政编码”、“邮局信箱”、“首选递送方式”、“注册地址”、“另请参阅”、“sn”、“街道”、“电话号码”、“电传终端识别器”、“电传号码”,[RFC4519]中描述了“x121Address”和“x121Address”属性类型。
Example:
例子:
dn: dc=kdz,dc=example,dc=com
objectClass: domain
objectClass: rFC822LocalPart
dc: kdz
associatedName: cn=Kurt D. Zeilenga,cn=Persons,dc=Example,dc=COM
dn: dc=kdz,dc=example,dc=com
objectClass: domain
objectClass: rFC822LocalPart
dc: kdz
associatedName: cn=Kurt D. Zeilenga,cn=Persons,dc=Example,dc=COM
The 'dc' attribute type is described in [RFC4519].
[RFC4519]中描述了“dc”属性类型。
The 'room' object class is used to define entries representing rooms. The 'cn' (commonName) attribute SHOULD be used for naming entries of this object class.
“房间”对象类用于定义表示房间的条目。“cn”(commonName)属性应用于命名此对象类的条目。
( 0.9.2342.19200300.100.4.7 NAME 'room' SUP top STRUCTURAL MUST cn MAY ( roomNumber $ description $ seeAlso $ telephoneNumber ) )
(0.9.2342.19200300.100.4.7名称“房间”SUP top STRUCTURAL必须cn MAY(房间号$说明$另见$电话号码))
The 'top' object class is described in [RFC4512]. The 'cn', 'description', 'seeAlso', and 'telephoneNumber' attribute types are described in [RFC4519]. The 'roomNumber' attribute type is described in Section 2 of this document.
[RFC4512]中描述了“top”对象类。[RFC4519]中描述了'cn'、'description'、'seeall'和'telephoneNumber'属性类型。本文档第2节介绍了“roomNumber”属性类型。
dn: cn=conference room,dc=example,dc=com
objectClass: room
cn: conference room
telephoneNumber: +1 755 555 1111
dn: cn=conference room,dc=example,dc=com
objectClass: room
cn: conference room
telephoneNumber: +1 755 555 1111
The 'simpleSecurityObject' object class is used to require an entry to have a 'userPassword' attribute when the entry's structural object class does not require (or allow) the 'userPassword attribute'.
“simpleSecurityObject”对象类用于在条目的结构对象类不需要(或允许)userPassword属性时,要求条目具有“userPassword”属性。
( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject' SUP top AUXILIARY MUST userPassword )
(0.9.2342.19200300.100.4.19名称“simpleSecurityObject”SUP top辅助必须使用用户密码)
The 'top' object class is described in [RFC4512]. The 'userPassword' attribute type is described in [RFC4519].
[RFC4512]中描述了“top”对象类。[RFC4519]中描述了“userPassword”属性类型。
dn: dc=kdz,dc=Example,dc=COM
objectClass: account
objectClass: simpleSecurityObject
uid: kdz
userPassword: My Password
seeAlso: cn=Kurt D. Zeilenga,cn=Persons,dc=Example,dc=COM
dn: dc=kdz,dc=Example,dc=COM
objectClass: account
objectClass: simpleSecurityObject
uid: kdz
userPassword: My Password
seeAlso: cn=Kurt D. Zeilenga,cn=Persons,dc=Example,dc=COM
General LDAP security considerations [RFC4510] are applicable to the use of this schema. Additional considerations are noted above where appropriate.
一般LDAP安全注意事项[RFC4510]适用于此模式的使用。在适当的情况下,上文还提到了其他注意事项。
Directories administrators should ensure that access to sensitive information be restricted to authorized entities and that appropriate data security services, including data integrity and data confidentiality, are used to protect against eavesdropping.
目录管理员应确保对敏感信息的访问仅限于授权实体,并使用适当的数据安全服务,包括数据完整性和数据保密性,以防止窃听。
Simple authentication (e.g., plain text passwords) mechanisms should only be used when adequate data security services are in place. LDAP offers reasonably strong authentication and data security services [RFC4513].
只有在有足够的数据安全服务时,才应使用简单身份验证(例如纯文本密码)机制。LDAP提供了相当强大的身份验证和数据安全服务[RFC4513]。
The Internet Assigned Numbers Authority (IANA) has updated the LDAP descriptors registry [RFC4520] as indicated in the following template:
互联网分配号码管理局(IANA)已更新LDAP描述符注册表[RFC4520],如以下模板所示:
Subject: Request for LDAP Descriptor Registration Update Descriptor (short name): see comment Object Identifier: see comments Person & email address to contact for further information: Kurt Zeilenga <kurt@OpenLDAP.org> Usage: see comments Specification: RFC 4524 Author/Change Controller: IESG Comments:
主题:请求LDAP描述符注册更新描述符(简称):请参阅注释对象标识符:请参阅注释联系人和电子邮件地址以获取更多信息:Kurt Zeilenga<kurt@OpenLDAP.org>用法:参见注释规范:RFC 4524作者/变更控制者:IESG注释:
The following descriptors have been updated to refer to RFC 4524.
以下描述符已更新,以参考RFC 4524。
NAME Type OID
------------------------ ---- --------------------------
account O 0.9.2342.19200300.100.4.5
associatedDomain A 0.9.2342.19200300.100.1.37
associatedName A 0.9.2342.19200300.100.1.38
buildingName A 0.9.2342.19200300.100.1.48
co A 0.9.2342.19200300.100.1.43
document O 0.9.2342.19200300.100.4.6
documentAuthor A 0.9.2342.19200300.100.1.14
documentIdentifier A 0.9.2342.19200300.100.1.11
documentLocation A 0.9.2342.19200300.100.1.15
documentPublisher A 0.9.2342.19200300.100.1.56
documentSeries O 0.9.2342.19200300.100.4.8
documentTitle A 0.9.2342.19200300.100.1.12
documentVersion A 0.9.2342.19200300.100.1.13
domain O 0.9.2342.19200300.100.4.13
domainRelatedObject O 0.9.2342.19200300.100.4.17
drink A 0.9.2342.19200300.100.1.5
favouriteDrink A* 0.9.2342.19200300.100.1.5
friendlyCountry O 0.9.2342.19200300.100.4.18
NAME Type OID
------------------------ ---- --------------------------
account O 0.9.2342.19200300.100.4.5
associatedDomain A 0.9.2342.19200300.100.1.37
associatedName A 0.9.2342.19200300.100.1.38
buildingName A 0.9.2342.19200300.100.1.48
co A 0.9.2342.19200300.100.1.43
document O 0.9.2342.19200300.100.4.6
documentAuthor A 0.9.2342.19200300.100.1.14
documentIdentifier A 0.9.2342.19200300.100.1.11
documentLocation A 0.9.2342.19200300.100.1.15
documentPublisher A 0.9.2342.19200300.100.1.56
documentSeries O 0.9.2342.19200300.100.4.8
documentTitle A 0.9.2342.19200300.100.1.12
documentVersion A 0.9.2342.19200300.100.1.13
domain O 0.9.2342.19200300.100.4.13
domainRelatedObject O 0.9.2342.19200300.100.4.17
drink A 0.9.2342.19200300.100.1.5
favouriteDrink A* 0.9.2342.19200300.100.1.5
friendlyCountry O 0.9.2342.19200300.100.4.18
friendlyCountryName A* 0.9.2342.19200300.100.1.43 homePhone A 0.9.2342.19200300.100.1.20 homePostalAddress A 0.9.2342.19200300.100.1.39 homeTelephone A* 0.9.2342.19200300.100.1.20 host A 0.9.2342.19200300.100.1.9 info A 0.9.2342.19200300.100.1.4 mail A 0.9.2342.19200300.100.1.3 manager A 0.9.2342.19200300.100.1.10 mobile A 0.9.2342.19200300.100.1.41 mobileTelephoneNumber A* 0.9.2342.19200300.100.1.41 organizationalStatus A 0.9.2342.19200300.100.1.45 pager A 0.9.2342.19200300.100.1.42 pagerTelephoneNumber A* 0.9.2342.19200300.100.1.42 personalTitle A 0.9.2342.19200300.100.1.40 rFC822LocalPart O 0.9.2342.19200300.100.4.14 rfc822Mailbox A* 0.9.2342.19200300.100.1.3 room O 0.9.2342.19200300.100.4.7 roomNumber A 0.9.2342.19200300.100.1.6 secretary A 0.9.2342.19200300.100.1.21 simpleSecurityObject O 0.9.2342.19200300.100.4.19 singleLevelQuality A 0.9.2342.19200300.100.1.50 uniqueIdentifier A 0.9.2342.19200300.100.1.44 userClass A 0.9.2342.19200300.100.1.8
friendlyCountryName A*0.9.2342.19200300.100.1.43家庭电话A 0.9.2342.19200300.100.1.20家庭邮政地址A 0.9.2342.19200300.100.1.39家庭电话A*0.9.2342.19200300.100.1.20主机A 0.9.2342.19200300.100.1.9信息A 0.9.2342.19200300.100.100.1.4邮件A 0.9.2342.19200300.100.1.1.3经理A 0.9.2342.19200300.19200300.100.10.9.2342.19200300.100.1.41移动电话号码A*0.9.2342.19200300.100.1.41组织状态A 0.9.2342.19200300.100.1.45寻呼机A 0.9.2342.19200300.100.1.42寻呼机号码A*0.9.2342.19200300.100.1.42个人标题A 0.9.2342.19200300.19200300.100.100.1.40 RFC2LOCART LPAO 0.9.2342.100.100.100.4.14 RFC820.2342邮箱地址A*0.19200300.2340房间O 0.9.2342.19200300.100.4.7房间号A 0.9.2342.19200300.100.1.6秘书A 0.9.2342.19200300.100.1.21简单安全对象O 0.9.2342.19200300.100.4.19单级质量A 0.9.2342.19200300.100.1.50唯一标识符A 0.9.2342.19200300.100.1.44用户类别A 0.9.2342.19200300.100.1.8
where Type A is Attribute, Type O is ObjectClass, and * indicates that the registration is historic in nature.
其中类型A是属性,类型O是ObjectClass,*表示注册本质上是历史性的。
This document is based on RFC 1274, by Paul Barker and Steve Kille, as well as on RFC 2247, by Steve Kill, Mark Wahl, Al Grimstad, Rick Huber, and Sri Satulari.
本文件基于Paul Barker和Steve Kille的RFC 1274,以及Steve Kill、Mark Wahl、Al Grimstad、Rick Huber和Sri Saturali的RFC 2247。
[RFC1034] Mockapetris, P., "Domain names - concepts and facilities", STD 13, RFC 1034, November 1987.
[RFC1034]Mockapetris,P.,“域名-概念和设施”,STD 13,RFC 1034,1987年11月。
[RFC1123] Braden, R., "Requirements for Internet Hosts - Application and Support", STD 3, RFC 1123, October 1989.
[RFC1123]Braden,R.,“互联网主机的要求-应用和支持”,STD 3,RFC 1123,1989年10月。
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。
[RFC2181] Elz, R. and R. Bush, "Clarifications to the DNS Specification", RFC 2181, July 1997.
[RFC2181]Elz,R.和R.Bush,“DNS规范的澄清”,RFC 21811997年7月。
[RFC2247] Kille, S., Wahl, M., Grimstad, A., Huber, R., and S. Sataluri, "Using Domains in LDAP/X.500 Distinguished Names", RFC 2247, January 1998.
[RFC2247]Kille,S.,Wahl,M.,Grimstad,A.,Huber,R.,和S.Sataluri,“在LDAP/X.500可分辨名称中使用域”,RFC 2247,1998年1月。
[RFC2821] Klensin, J., Ed., "Simple Mail Transfer Protocol", RFC 2821, April 2001.
[RFC2821]Klensin,J.,Ed.,“简单邮件传输协议”,RFC 28212001年4月。
[RFC2822] Resnick, P., "Internet Message Format", RFC 2822, April 2001.
[RFC2822]Resnick,P.,“互联网信息格式”,RFC 2822,2001年4月。
[RFC3490] Faltstrom, P., Hoffman, P., and A. Costello, "Internationalizing Domain Names in Applications (IDNA)", RFC 3490, March 2003.
[RFC3490]Faltstrom,P.,Hoffman,P.,和A.Costello,“应用程序中的域名国际化(IDNA)”,RFC 34902003年3月。
[RFC4510] Zeilenga, K., Ed., "Lightweight Directory Access Protocol (LDAP): Technical Specification Road Map", RFC 4510, June 2006.
[RFC4510]Zeilenga,K.,Ed.“轻量级目录访问协议(LDAP):技术规范路线图”,RFC45102006年6月。
[RFC4512] Zeilenga, K., "Lightweight Directory Access Protocol (LDAP): Directory Information Models", RFC 4512, June 2006.
[RFC4512]Zeilenga,K.,“轻量级目录访问协议(LDAP):目录信息模型”,RFC4512,2006年6月。
[RFC4513] Harrison, R., "Lightweight Directory Access Protocol (LDAP): Authentication Methods and Security Mechanisms", RFC 4513, June 2006.
[RFC4513]Harrison,R.,“轻量级目录访问协议(LDAP):认证方法和安全机制”,RFC4513,2006年6月。
[RFC4517] Legg, S., Ed., "Lightweight Directory Access Protocol (LDAP): Syntaxes and Matching Rules", RC 4517, June 2006.
[RFC4517]Legg,S.,编辑,“轻量级目录访问协议(LDAP):语法和匹配规则”,RC 45172006年6月。
[RFC4519] Sciberras, A., Ed., "Lightweight Directory Access Protocol (LDAP): Schema for User Applications", RFC 4519, June 2006.
[RFC4519]Sciberras,A.,Ed.,“轻量级目录访问协议(LDAP):用户应用程序模式”,RFC4519,2006年6月。
[X.501] International Telecommunication Union - Telecommunication Standardization Sector, "The Directory -- Models," X.501(1993) (also ISO/IEC 9594- 2:1994).
[X.501]国际电信联盟-电信标准化部门,“目录——模型”,X.501(1993)(也指ISO/IEC 9594-2:1994)。
[COSINEpilot] Goodman, D., "PARADISE" section of the March 1991
INTERNET MONTHLY REPORTS (p. 28-29),
http://www.iana.org/periodic-reports/imr-mar91.txt
[COSINEpilot] Goodman, D., "PARADISE" section of the March 1991
INTERNET MONTHLY REPORTS (p. 28-29),
http://www.iana.org/periodic-reports/imr-mar91.txt
[ISO3166] International Organization for Standardization, "Codes for the representation of names of countries", ISO 3166.
[ISO3166]国际标准化组织,“国家名称表示代码”,ISO 3166。
[RFC1274] Barker, P. and S. Kille, "The COSINE and Internet X.500 Schema", RFC 1274, November 1991.
[RFC1274]巴克,P.和S.基尔,“余弦和互联网X.500模式”,RFC1274,1991年11月。
[RFC1279] Hardcastle-Kille, S., "X.500 and Domains", RFC 1279, November 1991.
[RFC1279]Hardcastle Kille,S.,“X.500和域”,RFC 1279,1991年11月。
[RFC1487] Yeong, W., Howes, T., and S. Kille, "X.500 Lightweight Directory Access Protocol", RFC 1487, July 1993.
[RFC1487]Yeong,W.,Howes,T.,和S.Kille,“X.500轻型目录访问协议”,RFC 1487,1993年7月。
[RFC2251] Wahl, M., Howes, T., and S. Kille, "Lightweight Directory Access Protocol (v3)", RFC 2251, December 1997.
[RFC2251]Wahl,M.,Howes,T.,和S.Kille,“轻量级目录访问协议(v3)”,RFC 2251,1997年12月。
[RFC2798] Smith, M., "Definition of the inetOrgPerson LDAP Object Class", RFC 2798, April 2000.
[RFC2798]Smith,M.,“inetOrgPerson LDAP对象类的定义”,RFC 2798,2000年4月。
[RFC3494] Zeilenga, K., "Lightweight Directory Access Protocol version 2 (LDAPv2) to Historic Status", RFC 3494, March 2003.
[RFC3494]Zeilenga,K.,“轻型目录访问协议版本2(LDAPv2)到历史状态”,RFC 34942003年3月。
[RFC4520] Zeilenga, K., "Internet Assigned Numbers Authority (IANA) Considerations for the Lightweight Directory Access Protocol (LDAP)", BCP 64, RFC 4520.
[RFC4520]Zeilenga,K.,“轻量级目录访问协议(LDAP)的互联网分配号码管理局(IANA)注意事项”,BCP 64,RFC 4520。
This document represents a substantial rewrite of RFC 1274. The following sections summarize the substantive changes.
本文件是对RFC 1274的实质性重写。以下各节概述了实质性变化。
A number of COSINE attribute types have short names in LDAP.
许多余弦属性类型在LDAP中具有短名称。
X.500 Name LDAP Short Name
------------- ---------------
domainComponent dc
favoriteDrink drink
friendCountryName co
homeTelephoneNumber homePhone
mobileTelephoneNumber mobile
pagerTelephoneNumber pager
rfc822Mailbox mail
userid uid
X.500 Name LDAP Short Name
------------- ---------------
domainComponent dc
favoriteDrink drink
friendCountryName co
homeTelephoneNumber homePhone
mobileTelephoneNumber mobile
pagerTelephoneNumber pager
rfc822Mailbox mail
userid uid
While the LDAP short names are generally used in LDAP, some implementations may (for legacy reasons [RFC3494]) recognize the attribute type by its X.500 name. Hence, the X.500 names have been reserved solely for this purpose.
虽然LDAP中通常使用LDAP短名称,但某些实现可能(出于遗留原因[RFC3494])通过其X.500名称识别属性类型。因此,X.500名称仅用于此目的。
Note: 'uid' and 'dc' are described in [RFC4519].
注:[RFC4519]中描述了“uid”和“dc”。
The 'pilotObject' object class was not brought forward as its function is largely replaced by operational attributes introduced in X.500(93) [X.501] and version 3 of LDAP [RFC4512]. For instance, the function of the 'lastModifiedBy' and 'lastModifiedTime' attribute types is now served by the 'creatorsName', 'createTimestamp', 'modifiersName', and 'modifyTimestamp' operational attributes [RFC4512].
没有提出“pilotObject”对象类,因为其功能在很大程度上被X.500(93)[X.501]和LDAP版本3[RFC4512]中引入的操作属性所取代。例如,“lastModifiedBy”和“lastModifiedTime”属性类型的功能现在由“CreatorName”、“createTimestamp”、“ModifierName”和“modifyTimestamp”操作属性提供[RFC4512]。
The 'pilotPerson' object class was not brought forward as its function is largely replaced by the 'organizationalPerson' [RFC4512] object class and its subclasses, such as 'inetOrgPerson' [RFC2798].
“pilotPerson”对象类并未提出,因为其功能在很大程度上被“organizationalPerson”[RFC4512]对象类及其子类(如“inetOrgPerson”[RFC2798])所取代。
Most of the related attribute types (e.g., 'mail', 'manager') were brought forward as they are used in other object classes.
大多数相关的属性类型(例如,“mail”、“manager”)都是在其他对象类中使用时提出的。
The 'dNSDomain' object class and related attribute types were not brought forward as its use is primarily experimental [RFC1279].
“dNSDomain”对象类和相关属性类型没有被提出,因为它的使用主要是实验性的[RFC1279]。
The 'pilotDSA' and 'qualityLabelledData' object classes, as well as related attribute types, were not brought forward as its use is primarily experimental [QoS].
“pilotDSA”和“qualityLabelledData”对象类以及相关属性类型没有被提出,因为其使用主要是实验性的[QoS]。
RFC 1274 defined and used caseIgnoreIA5StringSyntax attribute syntax. This has been replaced with the IA5String syntax and appropriate matching rules in 'mail' and 'associatedDomain'.
RFC 1274定义并使用了CaseIgnoreA5StringSyntax属性语法。这已被“mail”和“associatedDomain”中的IA5String语法和适当的匹配规则所取代。
RFC 1274 restricted 'mail' to have non-zero length values. This restriction is not reflected in the IA5String syntax used in the definitions provided in this specification. However, as values are to conform to the <Mailbox> production, the 'mail' should not contain zero-length values. Unfortunately, the directory service will not enforce this restriction.
RFC 1274限制“邮件”具有非零长度值。此限制未反映在本规范中提供的定义中使用的IA5String语法中。但是,由于值要符合<Mailbox>产品,“邮件”不应包含零长度值。不幸的是,目录服务不会强制执行此限制。
The 'domainNameForm' name form was not brought forward as specification of name forms used in LDAP is left to a future specification.
“domainNameForm”名称表单并未提出,因为LDAP中使用的名称表单的规范将留待将来的规范处理。
Editor's Address
编辑地址
Kurt D. Zeilenga OpenLDAP Foundation
库尔特D.Zeeliga OpenLDAP基金会
EMail: Kurt@OpenLDAP.org
EMail: Kurt@OpenLDAP.org
Full Copyright Statement
完整版权声明
Copyright (C) The Internet Society (2006).
版权所有(C)互联网协会(2006年)。
This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights.
本文件受BCP 78中包含的权利、许可和限制的约束,除其中规定外,作者保留其所有权利。
This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
本文件及其包含的信息是按“原样”提供的,贡献者、他/她所代表或赞助的组织(如有)、互联网协会和互联网工程任务组不承担任何明示或暗示的担保,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。
Intellectual Property
知识产权
The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79.
IETF对可能声称与本文件所述技术的实施或使用有关的任何知识产权或其他权利的有效性或范围,或此类权利下的任何许可可能或可能不可用的程度,不采取任何立场;它也不表示它已作出任何独立努力来确定任何此类权利。有关RFC文件中权利的程序信息,请参见BCP 78和BCP 79。
Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr.
向IETF秘书处披露的知识产权副本和任何许可证保证,或本规范实施者或用户试图获得使用此类专有权利的一般许可证或许可的结果,可从IETF在线知识产权存储库获取,网址为http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org.
IETF邀请任何相关方提请其注意任何版权、专利或专利申请,或其他可能涵盖实施本标准所需技术的专有权利。请将信息发送至IETF的IETF-ipr@ietf.org.
Acknowledgement
确认
Funding for the RFC Editor function is provided by the IETF Administrative Support Activity (IASA).
RFC编辑器功能的资金由IETF行政支持活动(IASA)提供。