Lightweight Directory Access Protocol (LDAP): The Protocol
RFC 4511

• Document
• IESG evaluation record
• IESG writeups
• Email expansions
• History

• Versions
• 32

Document	Type		RFC - Proposed Standard (June 2006; Errata) Obsoletes RFC 2251, RFC 3771, RFC 2830 Was draft-ietf-ldapbis-protocol (ldapbis WG)
	Last updated		2015-10-14
	Stream		IETF
	Formats		plain text pdf html bibtex
Stream	WG state		(None)
	Document shepherd		No shepherd assigned
IESG	IESG state		RFC 4511 (Proposed Standard)
	Consensus Boilerplate		Unknown
	Telechat date
	Responsible AD		Ted Hardie
	Send notices to		(None)

Network Working Group                                J. Sermersheim, Ed.
Request for Comments: 4511                                  Novell, Inc.
Obsoletes: 2251, 2830, 3771                                    June 2006
Category: Standards Track

      Lightweight Directory Access Protocol (LDAP): The Protocol

Status of This Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2006).

Abstract

   This document describes the protocol elements, along with their
   semantics and encodings, of the Lightweight Directory Access Protocol
   (LDAP).  LDAP provides access to distributed directory services that
   act in accordance with X.500 data and service models.  These protocol
   elements are based on those described in the X.500 Directory Access
   Protocol (DAP).

Table of Contents

   1. Introduction ....................................................3
      1.1. Relationship to Other LDAP Specifications ..................3
   2. Conventions .....................................................3
   3. Protocol Model ..................................................4
      3.1. Operation and LDAP Message Layer Relationship ..............5
   4. Elements of Protocol ............................................5
      4.1. Common Elements ............................................5
           4.1.1. Message Envelope ....................................6
           4.1.2. String Types ........................................7
           4.1.3. Distinguished Name and Relative Distinguished Name ..8
           4.1.4. Attribute Descriptions ..............................8
           4.1.5. Attribute Value .....................................8
           4.1.6. Attribute Value Assertion ...........................9
           4.1.7. Attribute and PartialAttribute ......................9
           4.1.8. Matching Rule Identifier ...........................10
           4.1.9. Result Message .....................................10
           4.1.10. Referral ..........................................12

Sermersheim                 Standards Track                     [Page 1]
RFC 4511                         LDAPv3                        June 2006

           4.1.11. Controls ..........................................14
      4.2. Bind Operation ............................................16
           4.2.1. Processing of the Bind Request .....................17
           4.2.2. Bind Response ......................................18
      4.3. Unbind Operation ..........................................18
      4.4. Unsolicited Notification ..................................19
           4.4.1. Notice of Disconnection ............................19
      4.5. Search Operation ..........................................20
           4.5.1. Search Request .....................................20
           4.5.2. Search Result ......................................27
           4.5.3. Continuation References in the Search Result .......28
      4.6. Modify Operation ..........................................31
      4.7. Add Operation .............................................33
      4.8. Delete Operation ..........................................34
      4.9. Modify DN Operation .......................................34
      4.10. Compare Operation ........................................36
      4.11. Abandon Operation ........................................36
      4.12. Extended Operation .......................................37
      4.13. IntermediateResponse Message .............................39
           4.13.1. Usage with LDAP ExtendedRequest and
                   ExtendedResponse ..................................40
           4.13.2. Usage with LDAP Request Controls ..................40
      4.14. StartTLS Operation .......................................40
           4.14.1. StartTLS Request ..................................40
           4.14.2. StartTLS Response .................................41
           4.14.3. Removal of the TLS Layer ..........................41
   5. Protocol Encoding, Connection, and Transfer ....................42
      5.1. Protocol Encoding .........................................42
      5.2. Transmission Control Protocol (TCP) .......................43
      5.3. Termination of the LDAP session ...........................43
   6. Security Considerations ........................................43
   7. Acknowledgements ...............................................45

Show full document text