Net::LDAP::Constant

Section: User Contributed Perl Documentation (3)
Updated: 2021-02-16
Page Index
 

NAME

Net::LDAP::Constant - Constants for use with Net::LDAP  

SYNOPSIS

 use Net::LDAP qw(LDAP_SUCCESS LDAP_PROTOCOL_ERROR);

 

DESCRIPTION

Net::LDAP::Constant exports constants, technically: constant subroutines, for the LDAP status codes and OIDs listed in the sections below.

In addition to exporting individual constants, the following tags can be used to export groups of constants.

:all
Export all constants known to "Net::LDAP::Constant".
":codes"
Export all LDAP status codes mentioned in the section ``Protocol Constants''.
":controls"
Export all "LDAP_CONTROL_*" constants.
":extensions"
Export all "LDAP_EXTENSION_*" constants.
":features"
Export all "LDAP_FEATURE_*" constants.
":capabilities"
Export all "LDAP_CAP_*" constants.
 

Protocol Constants

LDAP_SUCCESS (0)
Operation completed without error
LDAP_OPERATIONS_ERROR (1)
Server encountered an internal error
LDAP_PROTOCOL_ERROR (2)
Unrecognized version number or incorrect PDU structure
LDAP_TIMELIMIT_EXCEEDED (3)
The time limit on a search operation has been exceeded
LDAP_SIZELIMIT_EXCEEDED (4)
The maximum number of search results to return has been exceeded.
LDAP_COMPARE_FALSE (5)
This code is returned when a compare request completes and the attribute value given is not in the entry specified
LDAP_COMPARE_TRUE (6)
This code is returned when a compare request completes and the attribute value given is in the entry specified
LDAP_AUTH_METHOD_NOT_SUPPORTED (7)
Unrecognized SASL mechanism name
LDAP_STRONG_AUTH_NOT_SUPPORTED (7)
Unrecognized SASL mechanism name
LDAP_STRONG_AUTH_REQUIRED (8)
The server requires authentication be performed with a SASL mechanism
LDAP_PARTIAL_RESULTS (9)
Returned to version 2 clients when a referral is returned. The response will contain a list of URLs for other servers.
LDAP_REFERRAL (10)
The server is referring the client to another server. The response will contain a list of URLs
LDAP_ADMIN_LIMIT_EXCEEDED (11)
The server has exceed the maximum number of entries to search while gathering a list of search result candidates
LDAP_UNAVAILABLE_CRITICAL_EXT (12)
A control or matching rule specified in the request is not supported by the server
LDAP_CONFIDENTIALITY_REQUIRED (13)
This result code is returned when confidentiality is required to perform a given operation
LDAP_SASL_BIND_IN_PROGRESS (14)
The server requires the client to send a new bind request, with the same SASL mechanism, to continue the authentication process
LDAP_NO_SUCH_ATTRIBUTE (16)
The request referenced an attribute that does not exist
LDAP_UNDEFINED_TYPE (17)
The request contains an undefined attribute type
LDAP_INAPPROPRIATE_MATCHING (18)
An extensible matching rule in the given filter does not apply to the specified attribute
LDAP_CONSTRAINT_VIOLATION (19)
The request contains a value which does not meet with certain constraints. This result can be returned as a consequence of
The request was to add or modify a user password, and the password fails to meet the criteria the server is configured to check. This could be that the password is too short, or a recognizable word (e.g. it matches one of the attributes in the users entry) or it matches a previous password used by the same user.
The request is a bind request to a user account that has been locked
LDAP_TYPE_OR_VALUE_EXISTS (20)
The request attempted to add an attribute type or value that already exists
LDAP_INVALID_SYNTAX (21)
Some part of the request contained an invalid syntax. It could be a search with an invalid filter or a request to modify the schema and the given schema has a bad syntax.
LDAP_NO_SUCH_OBJECT (32)
The server cannot find an object specified in the request
LDAP_ALIAS_PROBLEM (33)
Server encountered a problem while attempting to dereference an alias
LDAP_INVALID_DN_SYNTAX (34)
The request contained an invalid DN
LDAP_IS_LEAF (35)
The specified entry is a leaf entry
LDAP_ALIAS_DEREF_PROBLEM (36)
Server encountered a problem while attempting to dereference an alias
LDAP_PROXY_AUTHZ_FAILURE (47)
The user bound is not authorized to assume the requested identity.
LDAP_INAPPROPRIATE_AUTH (48)
The server requires the client which had attempted to bind anonymously or without supplying credentials to provide some form of credentials
LDAP_INVALID_CREDENTIALS (49)
The wrong password was supplied or the SASL credentials could not be processed
LDAP_INSUFFICIENT_ACCESS (50)
The client does not have sufficient access to perform the requested operation
LDAP_BUSY (51)
The server is too busy to perform requested operation
LDAP_UNAVAILABLE (52)
The server in unavailable to perform the request, or the server is shutting down
LDAP_UNWILLING_TO_PERFORM (53)
The server is unwilling to perform the requested operation
LDAP_LOOP_DETECT (54)
The server was unable to perform the request due to an internal loop detected
LDAP_SORT_CONTROL_MISSING (60)
The search contained a ``virtual list view'' control, but not a server-side sorting control, which is required when a ``virtual list view'' is given.
LDAP_INDEX_RANGE_ERROR (61)
The search contained a control for a ``virtual list view'' and the results exceeded the range specified by the requested offsets.
LDAP_NAMING_VIOLATION (64)
The request violates the structure of the DIT
LDAP_OBJECT_CLASS_VIOLATION (65)
The request specifies a change to an existing entry or the addition of a new entry that does not comply with the servers schema
LDAP_NOT_ALLOWED_ON_NONLEAF (66)
The requested operation is not allowed on an entry that has child entries
LDAP_NOT_ALLOWED_ON_RDN (67)
The requested operation ill affect the RDN of the entry
LDAP_ALREADY_EXISTS (68)
The client attempted to add an entry that already exists. This can occur as a result of
An add request was submitted with a DN that already exists
A modify DN requested was submitted, where the requested new DN already exists
The request is adding an attribute to the schema and an attribute with the given OID or name already exists
LDAP_NO_OBJECT_CLASS_MODS (69)
Request attempt to modify the object class of an entry that should not be modified
LDAP_RESULTS_TOO_LARGE (70)
The results of the request are to large
LDAP_AFFECTS_MULTIPLE_DSAS (71)
The requested operation needs to be performed on multiple servers where the requested operation is not permitted
LDAP_VLV_ERROR (76)
A VLV error has occurred
LDAP_OTHER (80)
An unknown error has occurred
LDAP_SERVER_DOWN (81)
"Net::LDAP" cannot establish a connection or the connection has been lost
LDAP_LOCAL_ERROR (82)
An error occurred in "Net::LDAP"
LDAP_ENCODING_ERROR (83)
"Net::LDAP" encountered an error while encoding the request packet that would have been sent to the server
LDAP_DECODING_ERROR (84)
"Net::LDAP" encountered an error while decoding a response packet from the server.
LDAP_TIMEOUT (85)
"Net::LDAP" timeout while waiting for a response from the server
LDAP_AUTH_UNKNOWN (86)
The method of authentication requested in a bind request is unknown to the server
LDAP_FILTER_ERROR (87)
An error occurred while encoding the given search filter.
LDAP_USER_CANCELED (88)
The user canceled the operation
LDAP_PARAM_ERROR (89)
An invalid parameter was specified
LDAP_NO_MEMORY (90)
Out of memory error
LDAP_CONNECT_ERROR (91)
A connection to the server could not be established
LDAP_NOT_SUPPORTED (92)
An attempt has been made to use a feature not supported by Net::LDAP
LDAP_CONTROL_NOT_FOUND (93)
The controls required to perform the requested operation were not found.
LDAP_NO_RESULTS_RETURNED (94)
No results were returned from the server.
LDAP_MORE_RESULTS_TO_RETURN (95)
There are more results in the chain of results.
LDAP_CLIENT_LOOP (96)
A loop has been detected. For example when following referrals.
LDAP_REFERRAL_LIMIT_EXCEEDED (97)
The referral hop limit has been exceeded.
LDAP_CANCELED (118)
Operation was canceled
LDAP_NO_SUCH_OPERATION (119)
Server has no knowledge of the operation requested for cancellation
LDAP_TOO_LATE (120)
Too late to cancel the outstanding operation
LDAP_CANNOT_CANCEL (121)
The identified operation does not support cancellation or the cancel operation cannot be performed
LDAP_ASSERTION_FAILED (122)
An assertion control given in the LDAP operation evaluated to false causing the operation to not be performed.
LDAP_SYNC_REFRESH_REQUIRED (4096)
Refresh Required.
 

Control OIDs

Control OIDs identify LDAP Controls.

By announcing the respective OIDs in the operational attribute "supportedControls" of the Root DSE an LDAP server indicates which LDAP Controls it supports.

LDAP_CONTROL_SORTREQUEST (1.2.840.113556.1.4.473)
See Net::LDAP::Control::Sort.
LDAP_CONTROL_SORTRESULT (1.2.840.113556.1.4.474)
LDAP_CONTROL_SORTRESPONSE (1.2.840.113556.1.4.474)
See Net::LDAP::Control::SortResult.
LDAP_CONTROL_VLVREQUEST (2.16.840.1.113730.3.4.9)
See Net::LDAP::Control::VLV.
LDAP_CONTROL_VLVRESPONSE (2.16.840.1.113730.3.4.10)
See Net::LDAP::Control::VLVResponse.
LDAP_CONTROL_PROXYAUTHORIZATION (2.16.840.1.113730.3.4.18)
LDAP_CONTROL_PROXYAUTHENTICATION (2.16.840.1.113730.3.4.18)
See Net::LDAP::Control::ProxyAuth.
LDAP_CONTROL_PAGED (1.2.840.113556.1.4.319)
See Net::LDAP::Control::Paged.
LDAP_CONTROL_TREE_DELETE (1.2.840.113556.1.4.805)
See Net::LDAP::Control::TreeDelete.
LDAP_CONTROL_MATCHEDVALS (1.2.826.0.1.3344810.2.2)
Outdated OID mentioned in predecessors to RFC 3876. Superseded by "LDAP_CONTROL_MATCHEDVALUES".
LDAP_CONTROL_MATCHEDVALUES (1.2.826.0.1.3344810.2.3)
See Net::LDAP::Control::MatchedValues.
LDAP_CONTROL_MANAGEDSAIT (2.16.840.1.113730.3.4.2)
See Net::LDAP::Control::ManageDsaIT.
LDAP_CONTROL_PERSISTENTSEARCH (2.16.840.1.113730.3.4.3)
See Net::LDAP::Control::PersistentSearch.
LDAP_CONTROL_ENTRYCHANGE (2.16.840.1.113730.3.4.7)
See Net::LDAP::Control::EntryChange.
LDAP_CONTROL_PWEXPIRED (2.16.840.1.113730.3.4.4)
LDAP_CONTROL_PWEXPIRING (2.16.840.1.113730.3.4.5)
LDAP_CONTROL_REFERRALS (1.2.840.113556.1.4.616)
LDAP_CONTROL_RELAX (1.3.6.1.4.1.4203.666.5.12)
See Net::LDAP::Control::Relax.
LDAP_CONTROL_PASSWORDPOLICY (1.3.6.1.4.1.42.2.27.8.5.1)
See Net::LDAP::Control::PasswordPolicy.
LDAP_CONTROL_PERMISSIVEMODIFY (1.2.840.113556.1.4.1413)
LDAP_CONTROL_PREREAD (1.3.6.1.1.13.1)
See Net::LDAP::Control::PreRead.
LDAP_CONTROL_POSTREAD (1.3.6.1.1.13.2)
See Net::LDAP::Control::PostRead.
LDAP_CONTROL_ASSERTION (1.3.6.1.1.12)
See Net::LDAP::Control::Assertion.
LDAP_CONTROL_DONTUSECOPY (1.3.6.1.1.22)
See Net::LDAP::Control::DontUseCopy.
LDAP_CONTROL_NOOP (1.3.6.1.4.1.4203.666.5.2)
See Net::LDAP::Control::NoOp.
LDAP_CONTROL_SUBENTRIES (1.3.6.1.4.1.4203.1.10.1)
See Net::LDAP::Control::Subentries.
LDAP_CONTROL_SYNC (1.3.6.1.4.1.4203.1.9.1.1)
See Net::LDAP::Control::SyncRequest.
LDAP_CONTROL_SYNC_STATE (1.3.6.1.4.1.4203.1.9.1.2)
See Net::LDAP::Control::SyncState.
LDAP_CONTROL_SYNC_DONE (1.3.6.1.4.1.4203.1.9.1.3)
See Net::LDAP::Control::SyncDone.
LDAP_SYNC_INFO (1.3.6.1.4.1.4203.1.9.1.4)
 

Control constants

LDAP_PP_PASSWORD_EXPIRED (0) [LDAP_CONTROL_PASSWORDPOLICY]
The account's password has expired.
LDAP_PP_ACCOUNT_LOCKED (1) [LDAP_CONTROL_PASSWORDPOLICY]
The account is locked.
LDAP_PP_CHANGE_AFTER_RESET (2) [LDAP_CONTROL_PASSWORDPOLICY]
The account's password has been reset and now must be changed.
LDAP_PP_PASSWORD_MOD_NOT_ALLOWED (3) [LDAP_CONTROL_PASSWORDPOLICY]
The account's password may not be modified.
LDAP_PP_MUST_SUPPLY_OLD_PASSWORD (4) [LDAP_CONTROL_PASSWORDPOLICY]
The old password must also be supplied when setting a new password.
LDAP_PP_INSUFFICIENT_PASSWORD_QUALITY (5) [LDAP_CONTROL_PASSWORDPOLICY]
The new password was not of sufficient quality.
LDAP_PP_PASSWORD_TOO_SHORT (6) [LDAP_CONTROL_PASSWORDPOLICY]
The new password was too short.
LDAP_PP_PASSWORD_TOO_YOUNG (7) [LDAP_CONTROL_PASSWORDPOLICY]
The previous password was changed too recently.
LDAP_PP_PASSWORD_IN_HISTORY (8) [LDAP_CONTROL_PASSWORDPOLICY]
The new password was used too recently.
LDAP_SYNC_NONE (0) [LDAP_CONTROL_SYNC]
LDAP_SYNC_REFRESH_ONLY (1) [LDAP_CONTROL_SYNC]
LDAP_SYNC_RESERVED (2) [LDAP_CONTROL_SYNC]
LDAP_SYNC_REFRESH_AND_PERSIST (3) [LDAP_CONTROL_SYNC]
LDAP_SYNC_REFRESH_PRESENTS (0) [LDAP_SYNC_INFO]
LDAP_SYNC_REFRESH_DELETES (1) [LDAP_SYNC_INFO]
LDAP_TAG_SYNC_NEW_COOKIE (0x80) [LDAP_SYNC_INFO]
LDAP_TAG_SYNC_REFRESH_DELETE (0xa1) [LDAP_SYNC_INFO]
LDAP_TAG_SYNC_REFRESH_PRESENT (0xa2) [LDAP_SYNC_INFO]
LDAP_TAG_SYNC_ID_SET (0xa3) [LDAP_SYNC_INFO]
LDAP_TAG_SYNC_COOKIE (0x04) [LDAP_SYNC_INFO]
LDAP_TAG_REFRESHDELETES (0x01) [LDAP_SYNC_INFO]
LDAP_TAG_REFRESHDONE (0x01) [LDAP_SYNC_INFO]
LDAP_TAG_RELOAD_HINT (0x01) [LDAP_CONTROL_SYNC]
LDAP_SYNC_PRESENT (0) [LDAP_CONTROL_SYNC_STATE]
LDAP_SYNC_ADD (1) [LDAP_CONTROL_SYNC_STATE]
LDAP_SYNC_MODIFY (2) [LDAP_CONTROL_SYNC_STATE]
LDAP_SYNC_DELETE (3) [LDAP_CONTROL_SYNC_STATE]

Active Directory Control OIDs

See section LDAP Extended Controls in <https://winprotocoldoc.blob.core.windows.net/productionwindowsarchives/MS-ADTS/[MS-ADTS].pdf>.

LDAP_CONTROL_SHOW_DELETED (1.2.840.113556.1.4.417)
LDAP_CONTROL_CROSSDOMAIN_MOVE (1.2.840.113556.1.4.521)
LDAP_CONTROL_SERVER_NOTIFICATION (1.2.840.113556.1.4.528)
LDAP_CONTROL_EXTENDED_DN (1.2.840.113556.1.4.529)
LDAP_CONTROL_LAZY_COMMIT (1.2.840.113556.1.4.619)
LDAP_CONTROL_SD_FLAGS (1.2.840.113556.1.4.801)
LDAP_CONTROL_RANGE_OPTION (1.2.840.113556.1.4.802)
LDAP_CONTROL_DIRSYNC (1.2.840.113556.1.4.841)
LDAP_CONTROL_GET_STATS (1.2.840.113556.1.4.970)
LDAP_CONTROL_VERIFY_NAME (1.2.840.113556.1.4.1338)
LDAP_CONTROL_DOMAIN_SCOPE (1.2.840.113556.1.4.1339)
LDAP_CONTROL_SEARCH_OPTIONS (1.2.840.113556.1.4.1340)
LDAP_CONTROL_RODC_DCPROMO (1.2.840.113556.1.4.1341)
LDAP_CONTROL_ASQ (1.2.840.113556.1.4.1504)
LDAP_CONTROL_QUOTA_CONTROL (1.2.840.113556.1.4.1852)
LDAP_CONTROL_SHUTDOWN_NOTIFY (1.2.840.113556.1.4.1907)
LDAP_CONTROL_RANGE_RETRIEVAL_NOERR (1.2.840.113556.1.4.1948)
LDAP_CONTROL_FORCE_UPDATE (1.2.840.113556.1.4.1974)
LDAP_CONTROL_DN_INPUT (1.2.840.113556.1.4.2026)
LDAP_CONTROL_SHOW_RECYCLED (1.2.840.113556.1.4.2064)
LDAP_CONTROL_SHOW_DEACTIVATED_LINK (1.2.840.113556.1.4.2065)
LDAP_CONTROL_POLICY_HINTS_DEPRECATED (1.2.840.113556.1.4.2066)
LDAP_CONTROL_DIRSYNC_EX (1.2.840.113556.1.4.2090)
LDAP_CONTROL_TREE_DELETE_EX (1.2.840.113556.1.4.2204)
LDAP_CONTROL_UPDATE_STATS (1.2.840.113556.1.4.2205)
LDAP_CONTROL_SEARCH_HINTS (1.2.840.113556.1.4.2206)
LDAP_CONTROL_EXPECTED_ENTRY_COUNT (1.2.840.113556.1.4.2211)
LDAP_CONTROL_POLICY_HINTS (1.2.840.113556.1.4.2239)
LDAP_CONTROL_SET_OWNER (1.2.840.113556.1.4.2255)
LDAP_CONTROL_BYPASS_QUOTA (1.2.840.113556.1.4.2256)
LDAP_CONTROL_LINK_TTL (1.2.840.113556.1.4.2309)
LDAP_CONTROL_SET_CORRELATION_ID (1.2.840.113556.1.4.2330)
LDAP_CONTROL_THREAD_TRACE_OVERRIDE (1.2.840.113556.1.4.2354)
 

Extension OIDs

Extension OIDs identify LDAP Extended operations.

By announcing the respective OIDs in the operational attribute "supportedExtension" of the Root DSE an LDAP server indicates which LDAP Extended operations it supports.

LDAP_NOTICE_OF_DISCONNECTION (1.3.6.1.4.1.1466.20036)
Indicates that the server is about to close the connection due to an error (RFC 4511).
LDAP_EXTENSION_START_TLS (1.3.6.1.4.1.1466.20037)
Indicates if the server supports the Start TLS extension (RFC 4513). See ``start_tls'' in Net::LDAP.
LDAP_EXTENSION_PASSWORD_MODIFY (1.3.6.1.4.1.4203.1.11.1)
Indicates that the server supports the Password Modify extension (RFC 3062). See Net::LDAP::Extension::SetPassword.
LDAP_EXTENSION_WHO_AM_I (1.3.6.1.4.1.4203.1.11.3)
Indicates that the server supports the ``Who am I?'' extension (RFC 4532). See Net::LDAP::Extension::WhoAmI.
LDAP_EXTENSION_REFRESH (1.3.6.1.4.1.1466.101.119.1)
Indicates that the server supports the Refresh extension (RFC 2589). See Net::LDAP::Extension::Refresh.
LDAP_EXTENSION_CANCEL (1.3.6.1.1.8)
Indicates the server supports the Cancel extension (RFC 3909). See Net::LDAP::Extension::Cancel.

Active Directory Extension OIDs

See section LDAP Extended Operations in <https://winprotocoldoc.blob.core.windows.net/productionwindowsarchives/MS-ADTS/[MS-ADTS].pdf>.

LDAP_EXTENSION_FAST_BIND (1.2.840.113556.1.4.1781)
LDAP_EXTENSION_BATCH_REQUEST (1.2.840.113556.1.4.2212)

Novell eDirectory Extension OIDs

LDAP_EXTENSION_NDSTOLDAP (2.16.840.1.113719.1.27.100.2)
LDAP_EXTENSION_SPLIT_PARTITION (2.16.840.1.113719.1.27.100.3)
LDAP_EXTENSION_MERGE_PARTITION (2.16.840.1.113719.1.27.100.5)
LDAP_EXTENSION_ADD_REPLICA (2.16.840.1.113719.1.27.100.7)
LDAP_EXTENSION_REFRESH_LDAP_SERVER (2.16.840.1.113719.1.27.100.9)
LDAP_EXTENSION_REMOVE_REPLICA (2.16.840.1.113719.1.27.100.11)
LDAP_EXTENSION_PARTITION_ENTRY_COUNT (2.16.840.1.113719.1.27.100.13)
LDAP_EXTENSION_CHANGE_REPLICA_TYPE (2.16.840.1.113719.1.27.100.15)
LDAP_EXTENSION_GET_REPLICA_INFO (2.16.840.1.113719.1.27.100.17)
LDAP_EXTENSION_LIST_REPLICAS (2.16.840.1.113719.1.27.100.19)
LDAP_EXTENSION_RECEIVE_ALL_UPDATES (2.16.840.1.113719.1.27.100.21)
LDAP_EXTENSION_SEND_ALL_UPDATES (2.16.840.1.113719.1.27.100.23)
LDAP_EXTENSION_REQUEST_PARTITIONSYNC (2.16.840.1.113719.1.27.100.25)
LDAP_EXTENSION_REQUEST_SCHEMASYNC (2.16.840.1.113719.1.27.100.27)
LDAP_EXTENSION_ABORT_PARTITION_OPERATION (2.16.840.1.113719.1.27.100.29)
LDAP_EXTENSION_GET_BINDDN (2.16.840.1.113719.1.27.100.31)
LDAP_EXTENSION_GET_EFFECTIVE_PRIVILEGES (2.16.840.1.113719.1.27.100.33)
LDAP_EXTENSION_SET_REPLICATION_FILTER (2.16.840.1.113719.1.27.100.35)
LDAP_EXTENSION_GET_REPLICATION_FILTER (2.16.840.1.113719.1.27.100.37)
LDAP_EXTENSION_CREATE_ORPHAN_PARTITION (2.16.840.1.113719.1.27.100.39)
LDAP_EXTENSION_REMOVE_ORPHAN_PARTITION (2.16.840.1.113719.1.27.100.41)
LDAP_EXTENSION_TRIGGER_BACKLINKER (2.16.840.1.113719.1.27.100.43)
LDAP_EXTENSION_TRIGGER_DRLPROCESS (2.16.840.1.113719.1.27.100.45)
LDAP_EXTENSION_TRIGGER_JANITOR (2.16.840.1.113719.1.27.100.47)
LDAP_EXTENSION_TRIGGER_LIMBER (2.16.840.1.113719.1.27.100.49)
LDAP_EXTENSION_TRIGGER_SKULKER (2.16.840.1.113719.1.27.100.51)
LDAP_EXTENSION_TRIGGER_SCHEMASYNC (2.16.840.1.113719.1.27.100.53)
LDAP_EXTENSION_TRIGGER_PARTITIONPURGE (2.16.840.1.113719.1.27.100.55)
LDAP_EXTENSION_MONITOR_EVENTS (2.16.840.1.113719.1.27.100.79)
LDAP_EXTENSION_EVENT_NOTIFICATION (2.16.840.1.113719.1.27.100.81)
LDAP_EXTENSION_FILTERED_EVENT_MONITOR (2.16.840.1.113719.1.27.100.84)
LDAP_EXTENSION_LDAPBACKUP (2.16.840.1.113719.1.27.100.96)
LDAP_EXTENSION_LDAPRESTORE (2.16.840.1.113719.1.27.100.98)
LDAP_EXTENSION_GET_EFFECTIVE_LIST_PRIVILEGES (2.16.840.1.113719.1.27.100.103)
LDAP_EXTENSION_CREATE_GROUPING (2.16.840.1.113719.1.27.103.1)
LDAP_EXTENSION_END_GROUPING (2.16.840.1.113719.1.27.103.2)
LDAP_EXTENSION_NMAS_PUT_LOGIN_CONFIGURATION (2.16.840.1.113719.1.39.42.100.1)
LDAP_EXTENSION_NMAS_GET_LOGIN_CONFIGURATION (2.16.840.1.113719.1.39.42.100.3)
LDAP_EXTENSION_NMAS_DELETE_LOGIN_CONFIGURATION (2.16.840.1.113719.1.39.42.100.5)
LDAP_EXTENSION_NMAS_PUT_LOGIN_SECRET (2.16.840.1.113719.1.39.42.100.7)
LDAP_EXTENSION_NMAS_DELETE_LOGIN_SECRET (2.16.840.1.113719.1.39.42.100.9)
LDAP_EXTENSION_NMAS_SET_PASSWORD (2.16.840.1.113719.1.39.42.100.11)
LDAP_EXTENSION_NMAS_GET_PASSWORD (2.16.840.1.113719.1.39.42.100.13)
LDAP_EXTENSION_NMAS_DELETE_PASSWORD (2.16.840.1.113719.1.39.42.100.15)
LDAP_EXTENSION_NMAS_PASSWORD_POLICYCHECK (2.16.840.1.113719.1.39.42.100.17)
LDAP_EXTENSION_NMAS_GET_PASSWORD_POLICY_INFO (2.16.840.1.113719.1.39.42.100.19)
LDAP_EXTENSION_NMAS_CHANGE_PASSWORD (2.16.840.1.113719.1.39.42.100.21)
LDAP_EXTENSION_NMAS_GAMS (2.16.840.1.113719.1.39.42.100.23)
LDAP_EXTENSION_NMAS_MANAGEMENT (2.16.840.1.113719.1.39.42.100.25)
LDAP_EXTENSION_START_FRAMED_PROTOCOL (2.16.840.1.113719.1.142.100.1)
LDAP_EXTENSION_END_FRAMED_PROTOCOL (2.16.840.1.113719.1.142.100.4)
LDAP_EXTENSION_LBURP_OPERATION (2.16.840.1.113719.1.142.100.6)
 

Feature OIDs

Feature OIDs identify LDAP features.

By announcing the respective OIDs in the operational attribute "supportedFeature" of the Root DSE an LDAP server indicates which LDAP features it supports.

LDAP_FEATURE_ALL_OPATTS (1.3.6.1.4.1.4203.1.5.1)
Indicates if the server allows "+" for returning all operational attributes (RFC 3673)
LDAP_FEATURE_OBJECTCLASS_ATTRS (1.3.6.1.4.1.4203.1.5.2)
Indicates that the server allows "@objectclass" for returning all attributes used to represent a particular class of object (RFC 4529)
LDAP_FEATURE_ABSOLUTE_FILTERS (1.3.6.1.4.1.4203.1.5.3)
Indicates that the server supports "(&)" for the absolute True filter, and "(|)" for the absolute False filter (RFC 4526).
LDAP_FEATURE_LANGUAGE_TAG_OPTIONS (1.3.6.1.4.1.4203.1.5.4)
Indicates the server supports language tag options of the form "lang-language-tag" with attributes (RFC 3866)
LDAP_FEATURE_LANGUAGE_RANGE_OPTIONS (1.3.6.1.4.1.4203.1.5.5)
Indicates that the server supports language tag range options (RFC 3866)
LDAP_FEATURE_MODIFY_INCREMENT (1.3.6.1.1.14)
Indicates if the server supports the Modify Increment extension (RFC 4525). See ``modify'' in Net::LDAP.
 

Active Directory Capability OIDs

The following constants are specific to Microsoft Active Directory. They serve to denote capabilities via the non-standard operational attribute "supportedCapabilities" in the Root DSE of an an LDAP server.
LDAP_CAP_ACTIVE_DIRECTORY (1.2.840.113556.1.4.800)
Indicates that the LDAP server is running Active Directory and is running as AD DS.
LDAP_CAP_ACTIVE_DIRECTORY_LDAP_INTEG (1.2.840.113556.1.4.1791)
Indicates that the LDAP server on the DC is capable of signing and sealing on an NTLM authenticated connection, and that the server is capable of performing subsequent binds on a signed or sealed connection.
LDAP_CAP_ACTIVE_DIRECTORY_V51 (1.2.840.113556.1.4.1670)
On an Active Directory DC operating as AD DS, the presence of this capability indicates that the LDAP server is running at least the Windows 2003.

On an Active Directory DC operating as AD LDS, the presence of this capability indicates that the LDAP server is running at least the Windows 2008.

LDAP_CAP_ACTIVE_DIRECTORY_ADAM (1.2.840.113556.1.4.1851)
Indicates that the LDAP server is running Active Directory as AD LDS.
LDAP_CAP_ACTIVE_DIRECTORY_ADAM_DIGEST (1.2.840.113556.1.4.1880)
Indicates on a DC operating as AD LDS, that the DC accepts DIGEST-MD5 binds for AD LDS security principals.
LDAP_CAP_ACTIVE_DIRECTORY_PARTIAL_SECRETS (1.2.840.113556.1.4.1920)
Indicates that the Active Directory DC operating as AD DS, is an RODC.
LDAP_CAP_ACTIVE_DIRECTORY_V60 (1.2.840.113556.1.4.1935)
Indicates that the LDAP server is running at least the Windows 2008.
LDAP_CAP_ACTIVE_DIRECTORY_V61_R2 (1.2.840.113556.1.4.2080)
Indicates that the LDAP server is running at least the Windows 2008 R2.
LDAP_CAP_ACTIVE_DIRECTORY_W8 (1.2.840.113556.1.4.2237)
Indicates that the LDAP server is running at least the Windows 2012.
 

SEE ALSO

Net::LDAP, Net::LDAP::Message  

AUTHOR

Graham Barr <gbarr@pobox.com>

Please report any bugs, or post any suggestions, to the perl-ldap mailing list <perl-ldap@perl.org>  

COPYRIGHT

Copyright (c) 1998-2009 Graham Barr. All rights reserved. This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.


 

Index

NAME
SYNOPSIS
DESCRIPTION
Protocol Constants
Control OIDs
Control constants
Extension OIDs
Feature OIDs
Active Directory Capability OIDs
SEE ALSO
AUTHOR
COPYRIGHT