| f | | f | |
| | | |
| | | |
| | | |
| | | |
| | | |
| Network Working Group G. Good | | Network Working Group G. Good |
| INTERNET-DRAFT | | INTERNET-DRAFT |
| Obsoletes: 2849 | | Obsoletes: 2849 |
| Category: Standards Track | | Category: Standards Track |
| | | |
| | | |
| The LDAP Data Interchange Format (LDIF) - Technical Specification | | The LDAP Data Interchange Format (LDIF) - Technical Specification |
| | | |
| | | |
| Status of this Memo | | Status of this Memo |
| | | |
| By submitting this Internet-Draft, each author represents that any | | By submitting this Internet-Draft, each author represents that any |
| applicable patent or other IPR claims of which he or she is aware | | applicable patent or other IPR claims of which he or she is aware |
| have been or will be disclosed, and any of which he or she becomes | | have been or will be disclosed, and any of which he or she becomes |
| aware will be disclosed, in accordance with Section 6 of BCP 79. | | aware will be disclosed, in accordance with Section 6 of BCP 79. |
| | | |
| Abstract | | Abstract |
| | | |
| This document describes a file format suitable for describing | | This document describes a file format suitable for describing |
| directory information or modifications made to directory information. | | directory information or modifications made to directory information. |
| The file format, known as LDIF, for LDAP Data Interchange Format, is | | The file format, known as LDIF, for LDAP Data Interchange Format, is |
| typically used to import and export directory information between | | typically used to import and export directory information between |
| LDAP-based directory servers, or to describe a set of changes which | | LDAP-based directory servers, or to describe a set of changes which |
| are to be applied to a directory. | | are to be applied to a directory. |
| | | |
| Relationship to Obsolete Specification | | Relationship to Obsolete Specification |
| | | |
| This obsoletes and replaces [RFC2849] which defined version 1 | | This obsoletes and replaces [RFC2849] which defined version 1 |
| of LDIF. | | of LDIF. |
| | | |
| The paragraph "Notes on LDIF Syntax" in [RFC2849] documented the | | The paragraph "Notes on LDIF Syntax" in [RFC2849] documented the |
| use of non-encoded UTF-8 inside an LDIF file, but the "Formal Syntax | | use of non-encoded UTF-8 inside an LDIF file, but the "Formal Syntax |
| Definition of LDIF" specified either ASCII or base64 encoded UTF-8 | | Definition of LDIF" specified either ASCII or base64 encoded UTF-8 |
| for distinguishedName, rdn and attrval-spec. The specification has | | for distinguishedName, rdn and attrval-spec. The specification has |
| been changed to allow UTF-8 strings without the use of encoding. | | been changed to allow UTF-8 strings without the use of encoding. |
| | | |
| The definition of UTF-8 has been slightly modified to follow the | | The definition of UTF-8 has been slightly modified to follow the |
| definition from [RFC3629]. | | definition from [RFC3629]. |
| | | |
| The style has been changed to conform with the newer editorial | | The style has been changed to conform with the newer editorial |
| standards from [RFC223], specifically in quoting references. | | standards from [RFC223], specifically in quoting references. |
| | | |
| Background and Intended Usage | | Background and Intended Usage |
| | | |
| There are a number of situations where a common interchange format is | | There are a number of situations where a common interchange format is |
| desirable. For example, one might wish to export a copy of the | | desirable. For example, one might wish to export a copy of the |
| contents of a directory server to a file, move that file to a | | contents of a directory server to a file, move that file to a |
| different machine, and import the contents into a second directory | | different machine, and import the contents into a second directory |
| server. | | server. |
| | | |
| Additionally, by using a well-defined interchange format, development | | Additionally, by using a well-defined interchange format, development |
| of data import tools from legacy systems is facilitated. A fairly | | of data import tools from legacy systems is facilitated. A fairly |
| simple set of tools written in awk or perl can, for example, convert | | simple set of tools written in awk or perl can, for example, convert |
| a database of personnel information into an LDIF file. This file can | | a database of personnel information into an LDIF file. This file can |
| then be imported into a directory server, regardless of the internal | | then be imported into a directory server, regardless of the internal |
| database representation the target directory server uses. | | database representation the target directory server uses. |
| | | |
| The LDIF format was originally developed and used in the University | | The LDIF format was originally developed and used in the University |
| of Michigan LDAP implementation. The first use of LDIF was in | | of Michigan LDAP implementation. The first use of LDIF was in |
| describing directory entries. Later, the format was expanded to | | describing directory entries. Later, the format was expanded to |
| allow representation of changes to directory entries. | | allow representation of changes to directory entries. |
| | | |
| Relationship to the application/directory MIME content-type: | | Relationship to the application/directory MIME content-type: |
| | | |
| The application/directory MIME content-type [RFC2425] is a general | | The application/directory MIME content-type [RFC2425] is a general |
| framework and format for conveying directory information, and is | | framework and format for conveying directory information, and is |
| independent of any particular directory service. The LDIF format is | | independent of any particular directory service. The LDIF format is |
| a simpler format which is perhaps easier to create, and may also be | | a simpler format which is perhaps easier to create, and may also be |
| used, as noted, to describe a set of changes to be applied to a | | used, as noted, to describe a set of changes to be applied to a |
| directory. | | directory. |
| | | |
| The key words "MUST", "MUST NOT", "MAY", "SHOULD", and "SHOULD NOT" | | The key words "MUST", "MUST NOT", "MAY", "SHOULD", and "SHOULD NOT" |
| used in this document are to be interpreted as described | | used in this document are to be interpreted as described |
| in [RFC2119]. | | in [RFC2119]. |
| | | |
| Definition of the LDAP Data Interchange Format | | Definition of the LDAP Data Interchange Format |
| | | |
| The LDIF format is used to convey directory information, or a | | The LDIF format is used to convey directory information, or a |
| description of a set of changes made to directory entries. An LDIF | | description of a set of changes made to directory entries. An LDIF |
| file consists of a series of records separated by line separators. A | | file consists of a series of records separated by line separators. A |
| record consists of a sequence of lines describing a directory entry, | | record consists of a sequence of lines describing a directory entry, |
| or a sequence of lines describing a set of changes to a directory | | or a sequence of lines describing a set of changes to a directory |
| entry. An LDIF file specifies a set of directory entries, or a set | | entry. An LDIF file specifies a set of directory entries, or a set |
| of changes to be applied to directory entries, but not both. | | of changes to be applied to directory entries, but not both. |
| | | |
| There is a one-to-one correlation between LDAP operations that modify | | There is a one-to-one correlation between LDAP operations that modify |
| the directory (add, delete, modify, and modrdn), and the types of | | the directory (add, delete, modify, and modrdn), and the types of |
| changerecords described below ("add", "delete", "modify", and | | changerecords described below ("add", "delete", "modify", and |
| "modrdn" or "moddn"). This correspondence is intentional, and | | "modrdn" or "moddn"). This correspondence is intentional, and |
| permits a straightforward translation from LDIF changerecords to | | permits a straightforward translation from LDIF changerecords to |
| protocol operations. | | protocol operations. |
| | | |
| Formal Syntax Definition of LDIF | | Formal Syntax Definition of LDIF |
| | | |
| The following definition uses the augmented Backus-Naur Form | | The following definition uses the augmented Backus-Naur Form |
| specified in [RFC2234]. | | specified in [RFC2234]. |
| | | |
| ldif-file = ldif-content / ldif-changes | | ldif-file = ldif-content / ldif-changes |
| | | |
| ldif-content = version-spec 1*(1*SEP ldif-attrval-record) | | ldif-content = version-spec 1*(1*SEP ldif-attrval-record) |
| | | |
| ldif-changes = version-spec 1*(1*SEP ldif-change-record) | | ldif-changes = version-spec 1*(1*SEP ldif-change-record) |
| | | |
| ldif-attrval-record = dn-spec SEP 1*attrval-spec | | ldif-attrval-record = dn-spec SEP 1*attrval-spec |
| | | |
| ldif-change-record = dn-spec SEP *control changerecord | | ldif-change-record = dn-spec SEP *control changerecord |
| | | |
| version-spec = "version:" FILL version-number | | version-spec = "version:" FILL version-number |
| | | |
| version-number = 1*DIGIT | | version-number = 1*DIGIT |
| ; version-number MUST be "2" for the | | ; version-number MUST be "2" for the |
| ; LDIF format described in this document. | | ; LDIF format described in this document. |
| | | |
| dn-spec = "dn:" (FILL distinguishedName / | | dn-spec = "dn:" (FILL distinguishedName / |
| ":" FILL base64-distinguishedName) | | ":" FILL base64-distinguishedName) |
| | | |
| distinguishedName = SAFE-UTF8-STRING | | distinguishedName = SAFE-UTF8-STRING |
| ; a distinguished name, as defined | | ; a distinguished name, as defined |
| ; in [RFC2253] | | ; in [RFC2253] |
| | | |
| base64-distinguishedName = BASE64-UTF8-STRING | | base64-distinguishedName = BASE64-UTF8-STRING |
| ; a distinguishedName which has been base64 | | ; a distinguishedName which has been base64 |
| ; encoded (see note 10, below) | | ; encoded (see note 10, below) |
| | | |
| rdn = SAFE-UTF8-STRING | | rdn = SAFE-UTF8-STRING |
| ; a relative distinguished name, defined as | | ; a relative distinguished name, defined as |
| ; <name-component> in [RFC2253] | | ; <name-component> in [RFC2253] |
| | | |
| base64-rdn = BASE64-UTF8-STRING | | base64-rdn = BASE64-UTF8-STRING |
| ; an rdn which has been base64 encoded (see | | ; an rdn which has been base64 encoded (see |
| ; note 10, below) | | ; note 10, below) |
| | | |
| control = "control:" FILL ldap-oid ; controlType | | control = "control:" FILL ldap-oid ; controlType |
| 0*1(1*SPACE ("true" / "false")) ; criticality | | 0*1(1*SPACE ("true" / "false")) ; criticality |
| 0*1(value-spec) ; controlValue | | 0*1(value-spec) ; controlValue |
| SEP | | SEP |
| ; (See note 9, below) | | ; (See note 9, below) |
| | | |
| ldap-oid = 1*DIGIT 0*1("." 1*DIGIT) | | ldap-oid = 1*DIGIT 0*1("." 1*DIGIT) |
| ; An LDAPOID, as defined in [RFC2251] | | ; An LDAPOID, as defined in [RFC2251] |
| | | |
| attrval-spec = AttributeDescription value-spec SEP | | attrval-spec = AttributeDescription value-spec SEP |
| | | |
| value-spec = ":" ( FILL 0*1(SAFE-UTF8-STRING) / | | value-spec = ":" ( FILL 0*1(SAFE-UTF8-STRING) / |
| ":" FILL (BASE64-STRING) / | | ":" FILL (BASE64-STRING) / |
| "<" FILL url) | | "<" FILL url) |
| ; See notes 7 and 8, below | | ; See notes 7 and 8, below |
| n | | n | |
| mod-spec = "increment:" FILL AttributeDescription SEP | | |
| attrval-spec "-" SEP | | |
| ; from [RFC4525] | | |
| | | |
| url = <a Uniform Resource Locator, | | url = <a Uniform Resource Locator, |
| as defined in [RFC1738]> | | as defined in [RFC1738]> |
| ; (See Note 6, below) | | ; (See Note 6, below) |
| | | |
| AttributeDescription = AttributeType [";" options] | | AttributeDescription = AttributeType [";" options] |
| ; Definition taken from [RFC2251] | | ; Definition taken from [RFC2251] |
| | | |
| AttributeType = ldap-oid / (ALPHA *(attr-type-chars)) | | AttributeType = ldap-oid / (ALPHA *(attr-type-chars)) |
| | | |
| options = option / (option ";" options) | | options = option / (option ";" options) |
| | | |
| option = 1*opt-char | | option = 1*opt-char |
| | | |
| attr-type-chars = ALPHA / DIGIT / "-" | | attr-type-chars = ALPHA / DIGIT / "-" |
| | | |
| opt-char = attr-type-chars | | opt-char = attr-type-chars |
| | | |
| changerecord = "changetype:" FILL | | changerecord = "changetype:" FILL |
| (change-add / change-delete / | | (change-add / change-delete / |
| change-modify / change-moddn) | | change-modify / change-moddn) |
| | | |
| change-add = "add" SEP 1*attrval-spec | | change-add = "add" SEP 1*attrval-spec |
| | | |
| change-delete = "delete" SEP | | change-delete = "delete" SEP |
| | | |
| change-moddn = ("modrdn" / "moddn") SEP | | change-moddn = ("modrdn" / "moddn") SEP |
| "newrdn:" ( FILL rdn / | | "newrdn:" ( FILL rdn / |
| ":" FILL base64-rdn) SEP | | ":" FILL base64-rdn) SEP |
| "deleteoldrdn:" FILL ("0" / "1") SEP | | "deleteoldrdn:" FILL ("0" / "1") SEP |
| 0*1("newsuperior:" | | 0*1("newsuperior:" |
| ( FILL distinguishedName / | | ( FILL distinguishedName / |
| ":" FILL base64-distinguishedName) SEP) | | ":" FILL base64-distinguishedName) SEP) |
| | | |
| change-modify = "modify" SEP *mod-spec | | change-modify = "modify" SEP *mod-spec |
| | | |
| mod-spec = ("add:" / "delete:" / "replace:") | | mod-spec = ("add:" / "delete:" / "replace:") |
| FILL AttributeDescription SEP | | FILL AttributeDescription SEP |
| *attrval-spec | | *attrval-spec |
| "-" SEP | | "-" SEP |
| | | |
| SPACE = %x20 | | SPACE = %x20 |
| ; ASCII SP, space | | ; ASCII SP, space |
| | | |
| FILL = *SPACE | | FILL = *SPACE |
| | | |
| SEP = (CR LF / LF) | | SEP = (CR LF / LF) |
| | | |
| CR = %x0D | | CR = %x0D |
| ; ASCII CR, carriage return | | ; ASCII CR, carriage return |
| | | |
| LF = %x0A | | LF = %x0A |
| ; ASCII LF, line feed | | ; ASCII LF, line feed |
| | | |
| ALPHA = %x41-5A / %x61-7A | | ALPHA = %x41-5A / %x61-7A |
| ; A-Z / a-z | | ; A-Z / a-z |
| | | |
| DIGIT = %x30-39 | | DIGIT = %x30-39 |
| ; 0-9 | | ; 0-9 |
| | | |
| UTF8-1 = %x00-7F | | UTF8-1 = %x00-7F |
| | | |
| UTF8-tail = %x80-BF | | UTF8-tail = %x80-BF |
| | | |
| UTF8-2 = %xC2-DF UTF8-tail | | UTF8-2 = %xC2-DF UTF8-tail |
| | | |
| UTF8-3 = %xE0 %xA0-BF UTF8-tail / | | UTF8-3 = %xE0 %xA0-BF UTF8-tail / |
| %xE1-EC 2( UTF8-tail ) / | | %xE1-EC 2( UTF8-tail ) / |
| %xED %x80-9F UTF8-tail / | | %xED %x80-9F UTF8-tail / |
| %xEE-EF 2( UTF8-tail ) | | %xEE-EF 2( UTF8-tail ) |
| | | |
| UTF8-4 = %xF0 %x90-BF 2( UTF8-tail ) / | | UTF8-4 = %xF0 %x90-BF 2( UTF8-tail ) / |
| %xF1-F3 3( UTF8-tail ) / | | %xF1-F3 3( UTF8-tail ) / |
| %xF4 %x80-8F 2( UTF8-tail ) | | %xF4 %x80-8F 2( UTF8-tail ) |
| | | |
| UTF8-CHAR = UTF8-1 / UTF8-2 / UTF8-3 / UTF8-4 | | UTF8-CHAR = UTF8-1 / UTF8-2 / UTF8-3 / UTF8-4 |
| | | |
| UTF8-STRING = *UTF8-CHAR | | UTF8-STRING = *UTF8-CHAR |
| | | |
| SAFE-CHAR = %x01-09 / %x0B-0C / %x0E-7F | | SAFE-CHAR = %x01-09 / %x0B-0C / %x0E-7F |
| ; any value <= 127 decimal except NUL, LF, | | ; any value <= 127 decimal except NUL, LF, |
| ; and CR | | ; and CR |
| | | |
| SAFE-INIT-CHAR = %x01-09 / %x0B-0C / %x0E-1F / | | SAFE-INIT-CHAR = %x01-09 / %x0B-0C / %x0E-1F / |
| %x21-39 / %x3B / %x3D-7F | | %x21-39 / %x3B / %x3D-7F |
| ; any value <= 127 except NUL, LF, CR, | | ; any value <= 127 except NUL, LF, CR, |
| ; SPACE, colon (":", ASCII 58 decimal) | | ; SPACE, colon (":", ASCII 58 decimal) |
| ; and less-than ("<" , ASCII 60 decimal) | | ; and less-than ("<" , ASCII 60 decimal) |
| | | |
| SAFE-STRING = [SAFE-INIT-CHAR *SAFE-CHAR] | | SAFE-STRING = [SAFE-INIT-CHAR *SAFE-CHAR] |
| | | |
| SAFE-UTF8-CHAR = SAFE-CHAR / UTF8-2 / UTF8-3 / UTF8-4 | | SAFE-UTF8-CHAR = SAFE-CHAR / UTF8-2 / UTF8-3 / UTF8-4 |
| | | |
| SAFE-INIT-UTF8-CHAR = SAFE-INIT-CHAR / UTF8-2 / UTF8-3 / UTF8-4 | | SAFE-INIT-UTF8-CHAR = SAFE-INIT-CHAR / UTF8-2 / UTF8-3 / UTF8-4 |
| | | |
| SAFE-UTF8-STRING = [SAFE-INIT-UTF8-CHAR *SAFE-UTF8-CHAR] | | SAFE-UTF8-STRING = [SAFE-INIT-UTF8-CHAR *SAFE-UTF8-CHAR] |
| | | |
| BASE64-UTF8-STRING = BASE64-STRING | | BASE64-UTF8-STRING = BASE64-STRING |
| ; MUST be the base64 encoding of a | | ; MUST be the base64 encoding of a |
| ; UTF8-STRING | | ; UTF8-STRING |
| | | |
| BASE64-CHAR = %x2B / %x2F / %x30-39 / %x3D / %x41-5A / | | BASE64-CHAR = %x2B / %x2F / %x30-39 / %x3D / %x41-5A / |
| %x61-7A | | %x61-7A |
| ; +, /, 0-9, =, A-Z, and a-z | | ; +, /, 0-9, =, A-Z, and a-z |
| ; as specified in [RFC2045] | | ; as specified in [RFC2045] |
| | | |
| BASE64-STRING = [*(BASE64-CHAR)] | | BASE64-STRING = [*(BASE64-CHAR)] |
| | | |
| | | |
| Notes on LDIF Syntax | | Notes on LDIF Syntax |
| | | |
| 1) For the LDIF format described in this document, the version | | 1) For the LDIF format described in this document, the version |
| number MUST be "2". If the version number is absent, | | number MUST be "2". If the version number is absent, |
| implementations MAY choose to interpret the contents as an | | implementations MAY choose to interpret the contents as an |
| older LDIF file format, supported by the University of | | older LDIF file format, supported by the University of |
| Michigan ldap-3.3 implementation [UMich96]. | | Michigan ldap-3.3 implementation [UMich96]. |
| | | |
| 2) Any non-empty line, including comment lines, in an LDIF file | | 2) Any non-empty line, including comment lines, in an LDIF file |
| MAY be folded by inserting a line separator (SEP) and a SPACE. | | MAY be folded by inserting a line separator (SEP) and a SPACE. |
| Folding MUST NOT occur before the first character of the line. | | Folding MUST NOT occur before the first character of the line. |
| In other words, folding a line into two lines, the first of | | In other words, folding a line into two lines, the first of |
| which is empty, is not permitted. Any line that begins with a | | which is empty, is not permitted. Any line that begins with a |
| single space MUST be treated as a continuation of the previous | | single space MUST be treated as a continuation of the previous |
| (non-empty) line. When joining folded lines, exactly one space | | (non-empty) line. When joining folded lines, exactly one space |
| character at the beginning of each continued line must be | | character at the beginning of each continued line must be |
| discarded. Implementations SHOULD NOT fold lines in the middle | | discarded. Implementations SHOULD NOT fold lines in the middle |
| of a multi-byte UTF-8 character. | | of a multi-byte UTF-8 character. |
| | | |
| 3) Any line that begins with a pound-sign ("#", ASCII 35) is a | | 3) Any line that begins with a pound-sign ("#", ASCII 35) is a |
| comment line, and MUST be ignored when parsing an LDIF file. | | comment line, and MUST be ignored when parsing an LDIF file. |
| | | |
| 4) Any dn, rdn or attrval-spec that contains characters other | | 4) Any dn, rdn or attrval-spec that contains characters other |
| than those defined as "SAFE-UTF8-CHAR", or begins with a | | than those defined as "SAFE-UTF8-CHAR", or begins with a |
| character other than those defined as "SAFE-INIT-UTF8-CHAR", | | character other than those defined as "SAFE-INIT-UTF8-CHAR", |
| above, MUST be base-64 encoded. Other values MAY be base-64 | | above, MUST be base-64 encoded. Other values MAY be base-64 |
| encoded. Any value that contains characters other than those | | encoded. Any value that contains characters other than those |
| defined as "SAFE--CHAR", or begins with a character other than | | defined as "SAFE--CHAR", or begins with a character other than |
| those defined as "SAFE-INIT--CHAR", above, MUST be base-64 | | those defined as "SAFE-INIT--CHAR", above, MUST be base-64 |
| encoded. Other values MAY be base-64 encoded. | | encoded. Other values MAY be base-64 encoded. |
| | | |
| 5) When a zero-length attribute value is to be included directly | | 5) When a zero-length attribute value is to be included directly |
| in an LDIF file, it MUST be represented as | | in an LDIF file, it MUST be represented as |
| AttributeDescription ":" FILL SEP. For example, "seeAlso:" | | AttributeDescription ":" FILL SEP. For example, "seeAlso:" |
| followed by a newline represents a zero-length "seeAlso" | | followed by a newline represents a zero-length "seeAlso" |
| attribute value. It is also permissible for the value | | attribute value. It is also permissible for the value |
| referred to by a URL to be of zero length. | | referred to by a URL to be of zero length. |
| | | |
| 6) When a URL is specified in an attrval-spec, the following | | 6) When a URL is specified in an attrval-spec, the following |
| conventions apply: | | conventions apply: |
| | | |
| a) Implementations SHOULD support the file:// URL format. The | | a) Implementations SHOULD support the file:// URL format. The |
| contents of the referenced file are to be included verbatim | | contents of the referenced file are to be included verbatim |
| in the interpreted output of the LDIF file. | | in the interpreted output of the LDIF file. |
| b) Implementations MAY support other URL formats. The | | b) Implementations MAY support other URL formats. The |
| semantics associated with each supported URL will be | | semantics associated with each supported URL will be |
| documented in an associated Applicability Statement. | | documented in an associated Applicability Statement. |
| | | |
| 7) Distinguished names, relative distinguished names, and | | 7) Distinguished names, relative distinguished names, and |
| attribute values of DirectoryString syntax MUST be valid UTF-8 | | attribute values of DirectoryString syntax MUST be valid UTF-8 |
| strings. Implementations that read LDIF MAY interpret files | | strings. Implementations that read LDIF MAY interpret files |
| in which these entities are stored in some other character set | | in which these entities are stored in some other character set |
| encoding, but implementations MUST NOT generate LDIF content | | encoding, but implementations MUST NOT generate LDIF content |
| which does not contain valid UTF-8 data. | | which does not contain valid UTF-8 data. |
| | | |
| 8) Values or distinguished names that end with SPACE SHOULD be | | 8) Values or distinguished names that end with SPACE SHOULD be |
| base-64 encoded. | | base-64 encoded. |
| | | |
| 9) When controls are included in an LDIF file, implementations | | 9) When controls are included in an LDIF file, implementations |
| MAY choose to ignore some or all of them. This may be | | MAY choose to ignore some or all of them. This may be |
| necessary if the changes described in the LDIF file are being | | necessary if the changes described in the LDIF file are being |
| sent on an LDAPv2 connection (LDAPv2 does not support | | sent on an LDAPv2 connection (LDAPv2 does not support |
| controls), or the particular controls are not supported by the | | controls), or the particular controls are not supported by the |
| remote server. If the criticality of a control is "true", then | | remote server. If the criticality of a control is "true", then |
| the implementation MUST either include the control, or MUST | | the implementation MUST either include the control, or MUST |
| NOT send the operation to a remote server. | | NOT send the operation to a remote server. |
| | | |
| 10) When an attrval-spec, distinguishedName, or rdn is base64- | | 10) When an attrval-spec, distinguishedName, or rdn is base64- |
| encoded, the encoding rules specified in [RFC2045] are used | | encoded, the encoding rules specified in [RFC2045] are used |
| with the following exceptions: a) The requirement that base64 | | with the following exceptions: a) The requirement that base64 |
| output streams must be represented as lines of no more than 76 | | output streams must be represented as lines of no more than 76 |
| characters is removed. Lines in LDIF files may only be folded | | characters is removed. Lines in LDIF files may only be folded |
| according to the folding rules described in note 2, above. b) | | according to the folding rules described in note 2, above. b) |
| Base64 strings in [RFC2045] may contain characters other than | | Base64 strings in [RFC2045] may contain characters other than |
| those defined in BASE64-CHAR, and are ignored. LDIF does not | | those defined in BASE64-CHAR, and are ignored. LDIF does not |
| permit any extraneous characters, other than those used for | | permit any extraneous characters, other than those used for |
| line folding. | | line folding. |
| | | |
| Examples of LDAP Data Interchange Format | | Examples of LDAP Data Interchange Format |
| | | |
| Example 1: An simple LDAP file with two entries | | Example 1: An simple LDAP file with two entries |
| | | |
| version: 1 | | version: 1 |
| dn: cn=Barbara Jensen, ou=Product Development, dc=airius, dc=com | | dn: cn=Barbara Jensen, ou=Product Development, dc=airius, dc=com |
| objectclass: top | | objectclass: top |
| objectclass: person | | objectclass: person |
| objectclass: organizationalPerson | | objectclass: organizationalPerson |
| cn: Barbara Jensen | | cn: Barbara Jensen |
| cn: Barbara J Jensen | | cn: Barbara J Jensen |
| cn: Babs Jensen | | cn: Babs Jensen |
| sn: Jensen | | sn: Jensen |
| uid: bjensen | | uid: bjensen |
| telephonenumber: +1 408 555 1212 | | telephonenumber: +1 408 555 1212 |
| description: A big sailing fan. | | description: A big sailing fan. |
| | | |
| dn: cn=Bjorn Jensen, ou=Accounting, dc=airius, dc=com | | dn: cn=Bjorn Jensen, ou=Accounting, dc=airius, dc=com |
| objectclass: top | | objectclass: top |
| objectclass: person | | objectclass: person |
| objectclass: organizationalPerson | | objectclass: organizationalPerson |
| cn: Bjorn Jensen | | cn: Bjorn Jensen |
| sn: Jensen | | sn: Jensen |
| telephonenumber: +1 408 555 1212 | | telephonenumber: +1 408 555 1212 |
| | | |
| Example 2: A file containing an entry with a folded attribute value | | Example 2: A file containing an entry with a folded attribute value |
| | | |
| version: 1 | | version: 1 |
| dn:cn=Barbara Jensen, ou=Product Development, dc=airius, dc=com | | dn:cn=Barbara Jensen, ou=Product Development, dc=airius, dc=com |
| objectclass:top | | objectclass:top |
| objectclass:person | | objectclass:person |
| objectclass:organizationalPerson | | objectclass:organizationalPerson |
| cn:Barbara Jensen | | cn:Barbara Jensen |
| cn:Barbara J Jensen | | cn:Barbara J Jensen |
| cn:Babs Jensen | | cn:Babs Jensen |
| sn:Jensen | | sn:Jensen |
| uid:bjensen | | uid:bjensen |
| telephonenumber:+1 408 555 1212 | | telephonenumber:+1 408 555 1212 |
| description:Babs is a big sailing fan, and travels extensively in sea | | description:Babs is a big sailing fan, and travels extensively in sea |
| rch of perfect sailing conditions. | | rch of perfect sailing conditions. |
| title:Product Manager, Rod and Reel Division | | title:Product Manager, Rod and Reel Division |
| | | |
| Example 3: A file containing a base-64-encoded value | | Example 3: A file containing a base-64-encoded value |
| | | |
| version: 1 | | version: 1 |
| dn: cn=Gern Jensen, ou=Product Testing, dc=airius, dc=com | | dn: cn=Gern Jensen, ou=Product Testing, dc=airius, dc=com |
| objectclass: top | | objectclass: top |
| objectclass: person | | objectclass: person |
| objectclass: organizationalPerson | | objectclass: organizationalPerson |
| cn: Gern Jensen | | cn: Gern Jensen |
| cn: Gern O Jensen | | cn: Gern O Jensen |
| sn: Jensen | | sn: Jensen |
| uid: gernj | | uid: gernj |
| telephonenumber: +1 408 555 1212 | | telephonenumber: +1 408 555 1212 |
| description:: V2hhdCBhIGNhcmVmdWwgcmVhZGVyIHlvdSBhcmUhICBUaGlzIHZhbHVl | | description:: V2hhdCBhIGNhcmVmdWwgcmVhZGVyIHlvdSBhcmUhICBUaGlzIHZhbHVl |
| IGlzIGJhc2UtNjQtZW5jb2RlZCBiZWNhdXNlIGl0IGhhcyBhIGNvbnRyb2wgY2hhcmFjdG | | IGlzIGJhc2UtNjQtZW5jb2RlZCBiZWNhdXNlIGl0IGhhcyBhIGNvbnRyb2wgY2hhcmFjdG |
| VyIGluIGl0IChhIENSKS4NICBCeSB0aGUgd2F5LCB5b3Ugc2hvdWxkIHJlYWxseSBnZXQg | | VyIGluIGl0IChhIENSKS4NICBCeSB0aGUgd2F5LCB5b3Ugc2hvdWxkIHJlYWxseSBnZXQg |
| b3V0IG1vcmUu | | b3V0IG1vcmUu |
| | | |
| Example 4: A file containing an entries with UTF-8-encoded attribute | | Example 4: A file containing an entries with UTF-8-encoded attribute |
| values, including language tags. Comments indicate the contents | | values, including language tags. Comments indicate the contents |
| of UTF-8-encoded attributes and distinguished names. | | of UTF-8-encoded attributes and distinguished names. |
| | | |
| version: 1 | | version: 1 |
| dn:: b3U95Za25qWt6YOoLG89QWlyaXVz | | dn:: b3U95Za25qWt6YOoLG89QWlyaXVz |
| # dn:: ou=<JapaneseOU>,o=Airius | | # dn:: ou=<JapaneseOU>,o=Airius |
| objectclass: top | | objectclass: top |
| objectclass: organizationalUnit | | objectclass: organizationalUnit |
| ou:: 5Za25qWt6YOo | | ou:: 5Za25qWt6YOo |
| # ou:: <JapaneseOU> | | # ou:: <JapaneseOU> |
| ou;lang-ja:: 5Za25qWt6YOo | | ou;lang-ja:: 5Za25qWt6YOo |
| # ou;lang-ja:: <JapaneseOU> | | # ou;lang-ja:: <JapaneseOU> |
| ou;lang-ja;phonetic:: 44GI44GE44GO44KH44GG44G2 | | ou;lang-ja;phonetic:: 44GI44GE44GO44KH44GG44G2 |
| | | |
| # ou;lang-ja:: <JapaneseOU_in_phonetic_representation> | | # ou;lang-ja:: <JapaneseOU_in_phonetic_representation> |
| ou;lang-en: Sales | | ou;lang-en: Sales |
| description: Japanese office | | description: Japanese office |
| | | |
| dn:: dWlkPXJvZ2FzYXdhcmEsb3U95Za25qWt6YOoLG89QWlyaXVz | | dn:: dWlkPXJvZ2FzYXdhcmEsb3U95Za25qWt6YOoLG89QWlyaXVz |
| # dn:: uid=<uid>,ou=<JapaneseOU>,o=Airius | | # dn:: uid=<uid>,ou=<JapaneseOU>,o=Airius |
| userpassword: {SHA}O3HSv1MusyL4kTjP+HKI5uxuNoM= | | userpassword: {SHA}O3HSv1MusyL4kTjP+HKI5uxuNoM= |
| objectclass: top | | objectclass: top |
| objectclass: person | | objectclass: person |
| objectclass: organizationalPerson | | objectclass: organizationalPerson |
| objectclass: inetOrgPerson | | objectclass: inetOrgPerson |
| uid: rogasawara | | uid: rogasawara |
| mail: rogasawara@airius.co.jp | | mail: rogasawara@airius.co.jp |
| givenname;lang-ja:: 44Ot44OJ44OL44O8 | | givenname;lang-ja:: 44Ot44OJ44OL44O8 |
| # givenname;lang-ja:: <JapaneseGivenname> | | # givenname;lang-ja:: <JapaneseGivenname> |
| sn;lang-ja:: 5bCP56yg5Y6f | | sn;lang-ja:: 5bCP56yg5Y6f |
| # sn;lang-ja:: <JapaneseSn> | | # sn;lang-ja:: <JapaneseSn> |
| cn;lang-ja:: 5bCP56yg5Y6fIOODreODieODi+ODvA== | | cn;lang-ja:: 5bCP56yg5Y6fIOODreODieODi+ODvA== |
| # cn;lang-ja:: <JapaneseCn> | | # cn;lang-ja:: <JapaneseCn> |
| title;lang-ja:: 5Za25qWt6YOoIOmDqOmVtw== | | title;lang-ja:: 5Za25qWt6YOoIOmDqOmVtw== |
| # title;lang-ja:: <JapaneseTitle> | | # title;lang-ja:: <JapaneseTitle> |
| preferredlanguage: ja | | preferredlanguage: ja |
| givenname:: 44Ot44OJ44OL44O8 | | givenname:: 44Ot44OJ44OL44O8 |
| # givenname:: <JapaneseGivenname> | | # givenname:: <JapaneseGivenname> |
| sn:: 5bCP56yg5Y6f | | sn:: 5bCP56yg5Y6f |
| # sn:: <JapaneseSn> | | # sn:: <JapaneseSn> |
| cn:: 5bCP56yg5Y6fIOODreODieODi+ODvA== | | cn:: 5bCP56yg5Y6fIOODreODieODi+ODvA== |
| # cn:: <JapaneseCn> | | # cn:: <JapaneseCn> |
| title:: 5Za25qWt6YOoIOmDqOmVtw== | | title:: 5Za25qWt6YOoIOmDqOmVtw== |
| # title:: <JapaneseTitle> | | # title:: <JapaneseTitle> |
| givenname;lang-ja;phonetic:: 44KN44Gp44Gr44O8 | | givenname;lang-ja;phonetic:: 44KN44Gp44Gr44O8 |
| # givenname;lang-ja;phonetic:: | | # givenname;lang-ja;phonetic:: |
| <JapaneseGivenname_in_phonetic_representation_kana> | | <JapaneseGivenname_in_phonetic_representation_kana> |
| sn;lang-ja;phonetic:: 44GK44GM44GV44KP44KJ | | sn;lang-ja;phonetic:: 44GK44GM44GV44KP44KJ |
| # sn;lang-ja;phonetic:: <JapaneseSn_in_phonetic_representation_kana> | | # sn;lang-ja;phonetic:: <JapaneseSn_in_phonetic_representation_kana> |
| cn;lang-ja;phonetic:: 44GK44GM44GV44KP44KJIOOCjeOBqeOBq+ODvA== | | cn;lang-ja;phonetic:: 44GK44GM44GV44KP44KJIOOCjeOBqeOBq+ODvA== |
| # cn;lang-ja;phonetic:: <JapaneseCn_in_phonetic_representation_kana> | | # cn;lang-ja;phonetic:: <JapaneseCn_in_phonetic_representation_kana> |
| title;lang-ja;phonetic:: 44GI44GE44GO44KH44GG44G2IOOBtuOBoeOCh+OBhg== | | title;lang-ja;phonetic:: 44GI44GE44GO44KH44GG44G2IOOBtuOBoeOCh+OBhg== |
| # title;lang-ja;phonetic:: | | # title;lang-ja;phonetic:: |
| # <JapaneseTitle_in_phonetic_representation_kana> | | # <JapaneseTitle_in_phonetic_representation_kana> |
| givenname;lang-en: Rodney | | givenname;lang-en: Rodney |
| sn;lang-en: Ogasawara | | sn;lang-en: Ogasawara |
| cn;lang-en: Rodney Ogasawara | | cn;lang-en: Rodney Ogasawara |
| title;lang-en: Sales, Director | | title;lang-en: Sales, Director |
| | | |
| Example 5: A file containing a reference to an external file | | Example 5: A file containing a reference to an external file |
| | | |
| version: 1 | | version: 1 |
| dn: cn=Horatio Jensen, ou=Product Testing, dc=airius, dc=com | | dn: cn=Horatio Jensen, ou=Product Testing, dc=airius, dc=com |
| objectclass: top | | objectclass: top |
| objectclass: person | | objectclass: person |
| objectclass: organizationalPerson | | objectclass: organizationalPerson |
| cn: Horatio Jensen | | cn: Horatio Jensen |
| | | |
| cn: Horatio N Jensen | | cn: Horatio N Jensen |
| sn: Jensen | | sn: Jensen |
| uid: hjensen | | uid: hjensen |
| telephonenumber: +1 408 555 1212 | | telephonenumber: +1 408 555 1212 |
| jpegphoto:< file:///usr/local/directory/photos/hjensen.jpg | | jpegphoto:< file:///usr/local/directory/photos/hjensen.jpg |
| | | |
| Example 6: A file containing a series of change records and comments | | Example 6: A file containing a series of change records and comments |
| | | |
| version: 1 | | version: 1 |
| # Add a new entry | | # Add a new entry |
| dn: cn=Fiona Jensen, ou=Marketing, dc=airius, dc=com | | dn: cn=Fiona Jensen, ou=Marketing, dc=airius, dc=com |
| changetype: add | | changetype: add |
| objectclass: top | | objectclass: top |
| objectclass: person | | objectclass: person |
| objectclass: organizationalPerson | | objectclass: organizationalPerson |
| cn: Fiona Jensen | | cn: Fiona Jensen |
| sn: Jensen | | sn: Jensen |
| uid: fiona | | uid: fiona |
| telephonenumber: +1 408 555 1212 | | telephonenumber: +1 408 555 1212 |
| jpegphoto:< file:///usr/local/directory/photos/fiona.jpg | | jpegphoto:< file:///usr/local/directory/photos/fiona.jpg |
| | | |
| # Delete an existing entry | | # Delete an existing entry |
| dn: cn=Robert Jensen, ou=Marketing, dc=airius, dc=com | | dn: cn=Robert Jensen, ou=Marketing, dc=airius, dc=com |
| changetype: delete | | changetype: delete |
| | | |
| # Modify an entry's relative distinguished name | | # Modify an entry's relative distinguished name |
| dn: cn=Paul Jensen, ou=Product Development, dc=airius, dc=com | | dn: cn=Paul Jensen, ou=Product Development, dc=airius, dc=com |
| changetype: modrdn | | changetype: modrdn |
| newrdn: cn=Paula Jensen | | newrdn: cn=Paula Jensen |
| deleteoldrdn: 1 | | deleteoldrdn: 1 |
| | | |
| # Rename an entry and move all of its children to a new location in | | # Rename an entry and move all of its children to a new location in |
| # the directory tree (only implemented by LDAPv3 servers). | | # the directory tree (only implemented by LDAPv3 servers). |
| dn: ou=PD Accountants, ou=Product Development, dc=airius, dc=com | | dn: ou=PD Accountants, ou=Product Development, dc=airius, dc=com |
| changetype: modrdn | | changetype: modrdn |
| newrdn: ou=Product Development Accountants | | newrdn: ou=Product Development Accountants |
| deleteoldrdn: 0 | | deleteoldrdn: 0 |
| newsuperior: ou=Accounting, dc=airius, dc=com | | newsuperior: ou=Accounting, dc=airius, dc=com |
| | | |
| # Modify an entry: add an additional value to the postaladdress | | # Modify an entry: add an additional value to the postaladdress |
| # attribute, completely delete the description attribute, replace | | # attribute, completely delete the description attribute, replace |
| # the telephonenumber attribute with two values, and delete a specific | | # the telephonenumber attribute with two values, and delete a specific |
| # value from the facsimiletelephonenumber attribute | | # value from the facsimiletelephonenumber attribute |
| dn: cn=Paula Jensen, ou=Product Development, dc=airius, dc=com | | dn: cn=Paula Jensen, ou=Product Development, dc=airius, dc=com |
| changetype: modify | | changetype: modify |
| add: postaladdress | | add: postaladdress |
| postaladdress: 123 Anystreet $ Sunnyvale, CA $ 94086 | | postaladdress: 123 Anystreet $ Sunnyvale, CA $ 94086 |
| - | | - |
| | | |
| delete: description | | delete: description |
| - | | - |
| replace: telephonenumber | | replace: telephonenumber |
| telephonenumber: +1 408 555 1234 | | telephonenumber: +1 408 555 1234 |
| telephonenumber: +1 408 555 5678 | | telephonenumber: +1 408 555 5678 |
| - | | - |
| delete: facsimiletelephonenumber | | delete: facsimiletelephonenumber |
| facsimiletelephonenumber: +1 408 555 9876 | | facsimiletelephonenumber: +1 408 555 9876 |
| - | | - |
| | | |
| # Modify an entry: replace the postaladdress attribute with an empty | | # Modify an entry: replace the postaladdress attribute with an empty |
| # set of values (which will cause the attribute to be removed), and | | # set of values (which will cause the attribute to be removed), and |
| # delete the entire description attribute. Note that the first will | | # delete the entire description attribute. Note that the first will |
| # always succeed, while the second will only succeed if at least | | # always succeed, while the second will only succeed if at least |
| # one value for the description attribute is present. | | # one value for the description attribute is present. |
| dn: cn=Ingrid Jensen, ou=Product Support, dc=airius, dc=com | | dn: cn=Ingrid Jensen, ou=Product Support, dc=airius, dc=com |
| changetype: modify | | changetype: modify |
| replace: postaladdress | | replace: postaladdress |
| - | | - |
| delete: description | | delete: description |
| - | | - |
| | | |
| Example 7: An LDIF file containing a change record with a control | | Example 7: An LDIF file containing a change record with a control |
| version: 1 | | version: 1 |
| # Delete an entry. The operation will attach the LDAPv3 | | # Delete an entry. The operation will attach the LDAPv3 |
| # Tree Delete Control defined in [Armijo00]. The criticality | | # Tree Delete Control defined in [Armijo00]. The criticality |
| # field is "true" and the controlValue field is | | # field is "true" and the controlValue field is |
| # absent, as required by [Armijo00]. | | # absent, as required by [Armijo00]. |
| dn: ou=Product Development, dc=airius, dc=com | | dn: ou=Product Development, dc=airius, dc=com |
| control: 1.2.840.113556.1.4.805 true | | control: 1.2.840.113556.1.4.805 true |
| changetype: delete | | changetype: delete |
| | | |
| n | Example 8: Incrementing the uidNumber, example from [RFC4525]. | n | |
| # Increment uidNumber | | |
| version: 1 | | |
| dn: cn=max-assigned uidNumber,dc=example,dc=com | | |
| changetype: modify | | |
| increment: uidNumber | | |
| uidNumber: 1 | | |
| - | | |
| | | |
| Security Considerations | | Security Considerations |
| | | |
| Given typical directory applications, an LDIF file is likely to | | Given typical directory applications, an LDIF file is likely to |
| contain sensitive personal data. Appropriate measures should be | | contain sensitive personal data. Appropriate measures should be |
| taken to protect the privacy of those persons whose data is contained | | taken to protect the privacy of those persons whose data is contained |
| in an LDIF file. | | in an LDIF file. |
| | | |
| Since ":<" directives can cause external content to be included when | | Since ":<" directives can cause external content to be included when |
| processing an LDIF file, one should be cautious of accepting LDIF | | processing an LDIF file, one should be cautious of accepting LDIF |
| files from external sources. A "trojan" LDIF file could name a file | | files from external sources. A "trojan" LDIF file could name a file |
| with sensitive contents and cause it to be included in a directory | | with sensitive contents and cause it to be included in a directory |
| entry, which a hostile entity could read via LDAP. | | entry, which a hostile entity could read via LDAP. |
| | | |
| LDIF does not provide any method for carrying authentication | | LDIF does not provide any method for carrying authentication |
| information with an LDIF file. Users of LDIF files must take care to | | information with an LDIF file. Users of LDIF files must take care to |
| verify the integrity of an LDIF file received from an external | | verify the integrity of an LDIF file received from an external |
| source. | | source. |
| | | |
| Contributors | | Contributors |
| Gordon Good was the author of [RFC2849] which defined LDIF. Most | | Gordon Good was the author of [RFC2849] which defined LDIF. Most |
| of this specification is a copy of [RFC2849], simply adding full | | of this specification is a copy of [RFC2849], simply adding full |
| support for UTF-8 and editing according to newer RFC standards. | | support for UTF-8 and editing according to newer RFC standards. |
| | | |
| Acknowledgments | | Acknowledgments |
| | | |
| The LDAP Interchange Format was developed as part of the University | | The LDAP Interchange Format was developed as part of the University |
| of Michigan LDAP reference implementation, and was developed by Tim | | of Michigan LDAP reference implementation, and was developed by Tim |
| Howes, Mark Smith, and Gordon Good. It is based in part upon work | | Howes, Mark Smith, and Gordon Good. It is based in part upon work |
| supported by the National Science Foundation under Grant No. NCR- | | supported by the National Science Foundation under Grant No. NCR- |
| 9416667. | | 9416667. |
| | | |
| Members of the IETF LDAP Extensions Working group provided many | | Members of the IETF LDAP Extensions Working group provided many |
| helpful suggestions. In particular, Hallvard B. Furuseth of the | | helpful suggestions. In particular, Hallvard B. Furuseth of the |
| University of Oslo made many significant contributions to this | | University of Oslo made many significant contributions to this |
| document, including a thorough review and rewrite of the BNF. | | document, including a thorough review and rewrite of the BNF. |
| | | |
| Normative References | | Normative References |
| | | |
| [RFC2234] Crocker, D., and P. Overell, "Augmented BNF for Syntax | | [RFC2234] Crocker, D., and P. Overell, "Augmented BNF for Syntax |
| Specifications: ABNF", RFC 2234, November 1997. | | Specifications: ABNF", RFC 2234, November 1997. |
| | | |
| [RFC2253] Wahl, M., Kille, S. and T. Howes, "A String | | [RFC2253] Wahl, M., Kille, S. and T. Howes, "A String |
| Representation of Distinguished Names", RFC 2253, | | Representation of Distinguished Names", RFC 2253, |
| December 1997. | | December 1997. |
| | | |
| [RFC2251] Wahl, M., Howes, T. and S. Kille, "Lightweight Directory | | [RFC2251] Wahl, M., Howes, T. and S. Kille, "Lightweight Directory |
| Access Protocol (v3)", RFC 2251, July 1997. | | Access Protocol (v3)", RFC 2251, July 1997. |
| | | |
| [RFC2045] Freed, N. and N. Borenstein, "Multipurpose Internet Mail | | [RFC2045] Freed, N. and N. Borenstein, "Multipurpose Internet Mail |
| Extensions (MIME) Part One: Format of Internet Message | | Extensions (MIME) Part One: Format of Internet Message |
| Bodies", RFC 2045, November 1996. | | Bodies", RFC 2045, November 1996. |
| | | |
| [RFC1738] Berners-Lee, T., Masinter, L. and M. McCahill, "Uniform | | [RFC1738] Berners-Lee, T., Masinter, L. and M. McCahill, "Uniform |
| Resource Locators (URL)", RFC 1738, December 1994. | | Resource Locators (URL)", RFC 1738, December 1994. |
| | | |
| [RFC2119] Bradner, S., "Key Words for use in RFCs to Indicate | | [RFC2119] Bradner, S., "Key Words for use in RFCs to Indicate |
| Requirement Levels", BCP 14, RFC 2119, March 1997. | | Requirement Levels", BCP 14, RFC 2119, March 1997. |
| | | |
| [RFC3629] Yergeau, F., "UTF-8, a transformation format | | [RFC3629] Yergeau, F., "UTF-8, a transformation format |
| of ISO 10646", November 2003 | | of ISO 10646", November 2003 |
| | | |
| t | [RFC4525] Zeilenga, K., "Lightweight Directory Access Protocol | t | |
| Modify-Increment Extension", RFC 4525, June 2006 | | |
| | | |
| Informative References | | Informative References |
| | | |
| [RFC2849] Good, G., "The LDAP Data Interchange Format", | | [RFC2849] Good, G., "The LDAP Data Interchange Format", |
| RFC 2849, June 2000. | | RFC 2849, June 2000. |
| | | |
| [RFC2425] Howes, T. and M. Smith, "A MIME Content-Type for Directory | | [RFC2425] Howes, T. and M. Smith, "A MIME Content-Type for Directory |
| Information", RFC 2425, September 1998. | | Information", RFC 2425, September 1998. |
| | | |
| [Armijo00] M. P. Armijo, "Tree Delete Control", Work in Progress. | | [Armijo00] M. P. Armijo, "Tree Delete Control", Work in Progress. |
| August 2000. | | August 2000. |
| | | |
| [UMich96] The SLAPD and SLURPD Administrators Guide. University of | | [UMich96] The SLAPD and SLURPD Administrators Guide. University of |
| Michigan, April 1996. <URL: | | Michigan, April 1996. <URL: |
| http://www.umich.edu/~dirsvcs/ldap/doc/guides/slapd/toc.html> | | http://www.umich.edu/~dirsvcs/ldap/doc/guides/slapd/toc.html> |
| | | |
| [RFC2223] Postel, J. and Reynolds, J., "Instructions to RFC | | [RFC2223] Postel, J. and Reynolds, J., "Instructions to RFC |
| Authors", RFC2223, October 1997. | | Authors", RFC2223, October 1997. |
| | | |
| Author's Address | | Author's Address |
| | | |
| Gordon Good | | Gordon Good |
| iPlanet e-commerce Solutions | | iPlanet e-commerce Solutions |
| 150 Network Circle | | 150 Network Circle |
| Mailstop USCA17-201 | | Mailstop USCA17-201 |
| Santa Clara, CA 95054, USA | | Santa Clara, CA 95054, USA |
| | | |
| Phone: +1 408 276 4351 | | Phone: +1 408 276 4351 |
| EMail: ggood@netscape.com | | EMail: ggood@netscape.com |
| | | |
| Intellectual Property | | Intellectual Property |
| | | |
| The IETF takes no position regarding the validity or scope of any | | The IETF takes no position regarding the validity or scope of any |
| Intellectual Property Rights or other rights that might be claimed | | Intellectual Property Rights or other rights that might be claimed |
| to pertain to the implementation or use of the technology | | to pertain to the implementation or use of the technology |
| described in this document or the extent to which any license | | described in this document or the extent to which any license |
| under such rights might or might not be available; nor does it | | under such rights might or might not be available; nor does it |
| represent that it has made any independent effort to identify any | | represent that it has made any independent effort to identify any |
| such rights. Information on the ISOC's procedures with respect to | | such rights. Information on the ISOC's procedures with respect to |
| rights in ISOC Documents can be found in BCP 78 and BCP 79. | | rights in ISOC Documents can be found in BCP 78 and BCP 79. |
| | | |
| Copies of IPR disclosures made to the IETF Secretariat and any | | Copies of IPR disclosures made to the IETF Secretariat and any |
| assurances of licenses to be made available, or the result of an | | assurances of licenses to be made available, or the result of an |
| attempt made to obtain a general license or permission for the use | | attempt made to obtain a general license or permission for the use |
| of such proprietary rights by implementers or users of this | | of such proprietary rights by implementers or users of this |
| specification can be obtained from the IETF on-line IPR repository | | specification can be obtained from the IETF on-line IPR repository |
| at http://www.ietf.org/ipr. | | at http://www.ietf.org/ipr. |
| | | |
| The IETF invites any interested party to bring to its attention | | The IETF invites any interested party to bring to its attention |
| any copyrights, patents or patent applications, or other | | any copyrights, patents or patent applications, or other |
| proprietary rights that may cover technology that may be required | | proprietary rights that may cover technology that may be required |
| to implement this standard. Please address the information to the | | to implement this standard. Please address the information to the |
| IETF at ietf-ipr@ietf.org. | | IETF at ietf-ipr@ietf.org. |
| | | |
| Disclaimer of Validity | | Disclaimer of Validity |
| | | |
| This document and the information contained herein is provided on an | | This document and the information contained herein is provided on an |
| "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING | | "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING |
| TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING | | TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING |
| BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION | | BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION |
| HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF | | HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF |
| MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. | | MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. |
| | | |
| Copyright Statement | | Copyright Statement |
| | | |
| Copyright (C) The IETF Trust (2009). | | Copyright (C) The IETF Trust (2009). |
| | | |
| This document is subject to the rights, licenses and restrictions | | This document is subject to the rights, licenses and restrictions |
| contained in BCP 78, and except as set forth therein, the authors | | contained in BCP 78, and except as set forth therein, the authors |
| retain all their rights. | | retain all their rights. |
| | | |
| Acknowledgement | | Acknowledgement |
| | | |
| Funding for the RFC Editor function is currently provided by the | | Funding for the RFC Editor function is currently provided by the |
| Internet Society. | | Internet Society. |
| | | |
| | | |
| | | |