Lightweight Directory Access Protocol (LDAP): The Protocol
RFC 4511
Document | Type | RFC - Proposed Standard (June 2006; Errata) | |
---|---|---|---|
Author | Jim Sermersheim | ||
Last updated | 2015-10-14 | ||
Stream | Internent Engineering Task Force (IETF) | ||
Formats | plain text html pdf htmlized (tools) htmlized bibtex | ||
Stream | WG state | (None) | |
Document shepherd | No shepherd assigned | ||
IESG | IESG state | RFC 4511 (Proposed Standard) | |
Action Holders |
(None)
|
||
Consensus Boilerplate | Unknown | ||
Telechat date | |||
Responsible AD | Ted Hardie | ||
Send notices to | (None) |
Network Working Group J. Sermersheim, Ed. Request for Comments: 4511 Novell, Inc. Obsoletes: 2251, 2830, 3771 June 2006 Category: Standards Track Lightweight Directory Access Protocol (LDAP): The Protocol Status of This Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (2006). Abstract This document describes the protocol elements, along with their semantics and encodings, of the Lightweight Directory Access Protocol (LDAP). LDAP provides access to distributed directory services that act in accordance with X.500 data and service models. These protocol elements are based on those described in the X.500 Directory Access Protocol (DAP). Table of Contents 1. Introduction ....................................................3 1.1. Relationship to Other LDAP Specifications ..................3 2. Conventions .....................................................3 3. Protocol Model ..................................................4 3.1. Operation and LDAP Message Layer Relationship ..............5 4. Elements of Protocol ............................................5 4.1. Common Elements ............................................5 4.1.1. Message Envelope ....................................6 4.1.2. String Types ........................................7 4.1.3. Distinguished Name and Relative Distinguished Name ..8 4.1.4. Attribute Descriptions ..............................8 4.1.5. Attribute Value .....................................8 4.1.6. Attribute Value Assertion ...........................9 4.1.7. Attribute and PartialAttribute ......................9 4.1.8. Matching Rule Identifier ...........................10 4.1.9. Result Message .....................................10 4.1.10. Referral ..........................................12 Sermersheim Standards Track [Page 1] RFC 4511 LDAPv3 June 2006 4.1.11. Controls ..........................................14 4.2. Bind Operation ............................................16 4.2.1. Processing of the Bind Request .....................17 4.2.2. Bind Response ......................................18 4.3. Unbind Operation ..........................................18 4.4. Unsolicited Notification ..................................19 4.4.1. Notice of Disconnection ............................19 4.5. Search Operation ..........................................20 4.5.1. Search Request .....................................20 4.5.2. Search Result ......................................27 4.5.3. Continuation References in the Search Result .......28 4.6. Modify Operation ..........................................31 4.7. Add Operation .............................................33 4.8. Delete Operation ..........................................34 4.9. Modify DN Operation .......................................34 4.10. Compare Operation ........................................36 4.11. Abandon Operation ........................................36 4.12. Extended Operation .......................................37 4.13. IntermediateResponse Message .............................39 4.13.1. Usage with LDAP ExtendedRequest and ExtendedResponse ..................................40 4.13.2. Usage with LDAP Request Controls ..................40 4.14. StartTLS Operation .......................................40 4.14.1. StartTLS Request ..................................40 4.14.2. StartTLS Response .................................41 4.14.3. Removal of the TLS Layer ..........................41 5. Protocol Encoding, Connection, and Transfer ....................42 5.1. Protocol Encoding .........................................42 5.2. Transmission Control Protocol (TCP) .......................43 5.3. Termination of the LDAP session ...........................43 6. Security Considerations ........................................43 7. Acknowledgements ...............................................45 8. Normative References ...........................................46 9. Informative References .........................................48Show full document text