Storing Vendor Information in the LDAP root DSE
RFC 3045

Document Type RFC - Informational (January 2001; No errata)
Author Mark Meredith 
Last updated 2013-03-02
Stream Legacy
Formats plain text html pdf htmlized bibtex
Stream Legacy state (None)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state RFC 3045 (Informational)
Telechat date
Responsible AD (None)
Send notices to (None)
Network Working Group                                        M. Meredith
Request for Comments: 3045                                   Novell Inc.
Category: Informational                                     January 2001

            Storing Vendor Information in the LDAP root DSE

Status of this Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2001).  All Rights Reserved.


   This document specifies two Lightweight Directory Access Protocol
   (LDAP) attributes, vendorName and vendorVersion that MAY be included
   in the root DSA-specific Entry (DSE) to advertise vendor-specific
   information.  These two attributes supplement the attributes defined
   in section 3.4 of RFC 2251.

   The information held in these attributes MAY be used for display and
   informational purposes and MUST NOT be used for feature advertisement
   or discovery.

Conventions used in this document

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   document are to be interpreted as described in [RFC2219]

1. Overview

   LDAP clients discover server-specific data--such as available
   controls, extensions, etc.--by reading the root DSE.  See section 3.4
   of [RFC2251] for details.

   For display, information, and limited function discovery, it is
   desirable to be able to query an LDAP server to determine the vendor
   name of that server and also to see what version of that vendor's
   code is currently installed.

Meredith                     Informational                      [Page 1]
RFC 3045      LDAP Root DSE to Display Vendor Information   January 2001

1.1 Function discovery

   There are many ways in which a particular version of a vendor's LDAP
   server implementation may be functionally incomplete, or may contain
   software anomalies.  It is impossible to identify every known
   shortcoming of an LDAP server with the given set of server data
   advertisement attributes.  Furthermore, often times, the anomalies of
   an implementation are not found until after the implementation has
   been distributed, deployed, and is in use.

   The attributes defined in this document MAY be used by client
   implementations in order to identify a particular server
   implementation so that it can 'work around' such anomalies.

   The attributes defined in this document MUST NOT be used to gather
   information related to supported features of an LDAP implementation.
   All LDAP features, mechanisms, and capabilities--if advertised--MUST
   be advertised through other mechanisms, preferably advertisement
   mechanisms defined in concert with said features, mechanisms, and

2. Attribute Types

   These attributes are an addition to the Server-specific Data
   Requirements defined in section 3.4 of [RFC2251].  The associated
   syntaxes are defined in section 4 of [RFC2252].

   Servers MAY restrict access to vendorName or vendorVersion and
   clients MUST NOT expect these attributes to be available.

2.1 vendorName

   This attribute contains a single string, which represents the name of
   the LDAP server implementer.

   All LDAP server implementations SHOULD maintain a vendorName, which
   is generally the name of the company that wrote the LDAP Server code
   like "Novell, Inc."

      ( NAME 'vendorName' EQUALITY SYNTAX

2.2 vendorVersion

   This attribute contains a string which represents the version of the
   LDAP server implementation.

Meredith                     Informational                      [Page 2]
RFC 3045      LDAP Root DSE to Display Vendor Information   January 2001

   All LDAP server implementations SHOULD maintain a vendorVersion.
   Note that this value is typically a release value--comprised of a
   string and/or a string of numbers--used by the developer of the LDAP
   server product (as opposed to the supportedLDAPVersion, which
   specifies the version of the LDAP protocol supported by this server).
   This is single-valued so that it will only have one version value.
   This string MUST be unique between two versions, but there are no
   other syntactic restrictions on the value or the way it is formatted.

      ( NAME 'vendorVersion' EQUALITY SYNTAX

   The intent behind the equality match on vendorVersion is to not allow
   a less than or greater than type of query.  Say release "LDAPv3 8.0"
   has a problem that is fixed in the next release "LDAPv3 8.5", but in
   the mean time there is also an update release say version "LDAPv3
Show full document text