Named Subordinate References in Lightweight Directory Access Protocol (LDAP) Directories
RFC 3296

Document Type RFC - Proposed Standard (July 2002; No errata)
Was draft-zeilenga-ldap-namedref (individual in app area)
Author Kurt Zeilenga 
Last updated 2015-10-14
Stream Internent Engineering Task Force (IETF)
Formats plain text html pdf htmlized (tools) htmlized bibtex
Stream WG state (None)
Document shepherd No shepherd assigned
IESG IESG state RFC 3296 (Proposed Standard)
Action Holders
Consensus Boilerplate Unknown
Telechat date
Responsible AD Patrik Fältström
IESG note Approved
Responsible: Finished
Send notices to (None)
Network Working Group                                        K. Zeilenga
Request for Comments: 3296                           OpenLDAP Foundation
Category: Standards Track                                      July 2002

                    Named Subordinate References in
        Lightweight Directory Access Protocol (LDAP) Directories

Status of this Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2002).  All Rights Reserved.


   This document details schema and protocol elements for representing
   and managing named subordinate references in Lightweight Directory
   Access Protocol (LDAP) Directories.


   Schema definitions are provided using LDAPv3 description formats
   [RFC2252].  Definitions provided here are formatted (line wrapped)
   for readability.

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   this document are to be interpreted as described in BCP 14 [RFC2119].

1.  Background and Intended Usage

   The broadening of interest in LDAP (Lightweight Directory Access
   Protocol) [RFC2251] directories beyond their use as front ends to
   X.500 [X.500] directories has created a need to represent knowledge
   information in a more general way.  Knowledge information is
   information about one or more servers maintained in another server,
   used to link servers and services together.

   This document details schema and protocol elements for representing
   and manipulating named subordinate references in LDAP directories.  A
   referral object is used to hold subordinate reference information in

Zeilenga                    Standards Track                     [Page 1]
RFC 3296    Named Subordinate References in LDAP Directories   July 2002

   the directory.  These referral objects hold one or more URIs
   [RFC2396] contained in values of the ref attribute type and are used
   to generate protocol referrals and continuations.

   A control, ManageDsaIT, is defined to allow manipulation of referral
   and other special objects as normal objects.  As the name of control
   implies, it is intended to be analogous to the ManageDsaIT service
   option described in X.511(97) [X.511].

   Other forms of knowledge information are not detailed by this
   document.  These forms may be described in subsequent documents.

   This document details subordinate referral processing requirements
   for servers.  This document does not describe protocol syntax and
   semantics.  This is detailed in RFC 2251 [RFC2251].

   This document does not detail use of subordinate knowledge references
   to support replicated environments nor distributed operations (e.g.,
   chaining of operations from one server to other servers).

2.  Schema

2.1.  The referral Object Class

   A referral object is a directory entry whose structural object class
   is (or is derived from) the referral object class.

      ( 2.16.840.1.113730.3.2.6
          NAME 'referral'
          DESC 'named subordinate reference object'
          MUST ref )

   The referral object class is a structural object class used to
   represent a subordinate reference in the directory.  The referral
   object class SHOULD be used in conjunction with the extensibleObject
   object class to support the naming attributes used in the entry's
   Distinguished Name (DN) [RFC2253].

   Referral objects are normally instantiated at DSEs immediately
   subordinate to object entries within a naming context held by the
   DSA.  Referral objects are analogous to X.500 subordinate knowledge
   (subr) DSEs [X.501].

Zeilenga                    Standards Track                     [Page 2]
RFC 3296    Named Subordinate References in LDAP Directories   July 2002

   In the presence of a ManageDsaIT control, referral objects are
   treated as normal entries as described in section 3.  Note that the
   ref attribute is operational and will only be returned in a search
   entry response when requested.

   In the absence of a ManageDsaIT control, the content of referral
   objects are used to construct referrals and search references as
   described in Section 4 and, as such, the referral entries are not
   themselves visible to clients.

2.2  The ref Attribute Type

      ( 2.16.840.1.113730.3.1.34
          NAME 'ref'
          DESC 'named reference - a labeledURI'
          EQUALITY caseExactMatch
          USAGE distributedOperation )

   The ref attribute type has directoryString syntax and is case
   sensitive.  The ref attribute is multi-valued.  Values placed in the
Show full document text