1 -- Module DirectoryAbstractService (X.511:08/2005)
2 DirectoryAbstractService {joint-iso-itu-t ds(5) module(1)
3 directoryAbstractService(2) 4} DEFINITIONS ::=
7 -- The types and values defined in this module are exported for use in the other ASN.1 modules contained
8 -- within the Directory Specifications, and for the use of other applications which will use them to access
9 -- Directory services. Other applications may use them for their own purposes, but this will not constrain
10 -- extensions and modifications needed to maintain or improve the Directory service.
12 -- from ITU-T Rec. X.501 | ISO/IEC 9594-2
13 attributeCertificateDefinitions, authenticationFramework, basicAccessControl,
14 dap, directoryShadowAbstractService, distributedOperations,
15 enhancedSecurity, id-at, informationFramework, selectedAttributeTypes,
16 serviceAdministration, upperBounds
17 FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1)
18 usefulDefinitions(0) 4}
19 Attribute, ATTRIBUTE, AttributeType, AttributeTypeAssertion, AttributeValue,
20 AttributeValueAssertion, CONTEXT, ContextAssertion, DistinguishedName, RDNSequence,
21 MATCHING-RULE, -- Name,-- OBJECT-CLASS, RelativeDistinguishedName,
22 SupportedAttributes, SupportedContexts
23 FROM InformationFramework {joint-iso-itu-t ds(5) module(1)
24 informationFramework(1) 4}
26 FROM ServiceAdministration {joint-iso-itu-t ds(5) module(1)
27 serviceAdministration(33) 4}
29 FROM BasicAccessControl {joint-iso-itu-t ds(5) module(1)
30 basicAccessControl(24) 4}
31 OPTIONALLY-PROTECTED{}, OPTIONALLY-PROTECTED-SEQ{}
32 FROM EnhancedSecurity {joint-iso-itu-t ds(5) module(1) enhancedSecurity(28)
34 -- from ITU-T Rec. X.518 | ISO/IEC 9594-4
35 AccessPoint, ContinuationReference, Exclusions, OperationProgress,
37 FROM DistributedOperations {joint-iso-itu-t ds(5) module(1)
38 distributedOperations(3) 4}
39 -- from ITU-T Rec. X.519 | ISO/IEC 9594-5
40 id-errcode-abandoned, id-errcode-abandonFailed, id-errcode-attributeError,
41 id-errcode-nameError, id-errcode-referral, id-errcode-securityError,
42 id-errcode-serviceError, id-errcode-updateError, id-opcode-abandon,
43 id-opcode-addEntry, id-opcode-compare, id-opcode-list, id-opcode-modifyDN,
44 id-opcode-modifyEntry, id-opcode-read, id-opcode-removeEntry,
46 FROM DirectoryAccessProtocol {joint-iso-itu-t ds(5) module(1) dap(11) 4}
47 -- from ITU-T Rec. X.520 | ISO/IEC 9594-6
49 FROM SelectedAttributeTypes {joint-iso-itu-t ds(5) module(1)
50 selectedAttributeTypes(5) 4}
52 FROM UpperBounds {joint-iso-itu-t ds(5) module(1) upperBounds(10) 4}
53 -- from ITU-T Rec. X.509 | ISO/IEC 9594-8
54 AlgorithmIdentifier, CertificationPath, ENCRYPTED{}, SIGNATURE{}, SIGNED{}
55 FROM AuthenticationFramework {joint-iso-itu-t ds(5) module(1)
56 authenticationFramework(7) 4}
57 AttributeCertificationPath
58 FROM AttributeCertificateDefinitions {joint-iso-itu-t ds(5) module(1)
59 attributeCertificateDefinitions(32) 4}
60 -- from ITU-T Rec. X.525 | ISO/IEC 9594-9
62 FROM DirectoryShadowAbstractService {joint-iso-itu-t ds(5) module(1)
63 directoryShadowAbstractService(15) 4}
64 -- from ITU-T Rec. X.880 | ISO/IEC 13712-1
65 Code, ERROR, OPERATION
66 FROM Remote-Operations-Information-Objects {joint-iso-itu-t
67 remote-operations(4) informationObjects(5) version1(0)}
69 FROM Remote-Operations-Useful-Definitions {joint-iso-itu-t
70 remote-operations(4) useful-definitions(7) version1(0)}
72 FROM Remote-Operations-Generic-ROS-PDUs {joint-iso-itu-t
73 remote-operations(4) generic-ROS-PDUs(6) version1(0)}
75 SPKM-ERROR, SPKM-REP-TI, SPKM-REQ
76 FROM SpkmGssTokens {iso(1) identified-organization(3) dod(6) internet(1)
77 security(5) mechanisms(5) spkm(1) spkmGssTokens(10)};
80 CommonArguments ::= SET {
81 serviceControls [30] ServiceControls DEFAULT {},
82 securityParameters [29] SecurityParameters OPTIONAL,
83 requestor [28] DistinguishedName OPTIONAL,
85 [27] OperationProgress DEFAULT {nameResolutionPhase notStarted},
86 aliasedRDNs [26] INTEGER OPTIONAL,
87 criticalExtensions [25] BIT STRING OPTIONAL,
88 referenceType [24] ReferenceType OPTIONAL,
89 entryOnly [23] BOOLEAN DEFAULT TRUE,
90 exclusions [22] Exclusions OPTIONAL,
91 nameResolveOnMaster [21] BOOLEAN DEFAULT FALSE,
92 operationContexts [20] ContextSelection OPTIONAL,
93 familyGrouping [19] FamilyGrouping DEFAULT entryOnly
96 FamilyGrouping ::= ENUMERATED {
97 entryOnly(1), compoundEntry(2), strands(3), multiStrand(4)}
99 CommonResults ::= SET {
100 securityParameters [30] SecurityParameters OPTIONAL,
101 performer [29] DistinguishedName OPTIONAL,
102 aliasDereferenced [28] BOOLEAN DEFAULT FALSE,
103 notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL
106 CommonResultsSeq ::= SEQUENCE {
107 securityParameters [30] SecurityParameters OPTIONAL,
108 performer [29] DistinguishedName OPTIONAL,
109 aliasDereferenced [28] BOOLEAN DEFAULT FALSE,
110 notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL
113 ServiceControls ::= SET {
114 options [0] ServiceControlOptions DEFAULT {},
115 priority [1] INTEGER {low(0), medium(1), high(2)} DEFAULT medium,
116 timeLimit [2] INTEGER OPTIONAL,
117 sizeLimit [3] INTEGER OPTIONAL,
118 scopeOfReferral [4] INTEGER {dmd(0), country(1)} OPTIONAL,
119 attributeSizeLimit [5] INTEGER OPTIONAL,
121 [6] SEQUENCE {dsaName Name,
122 agreementID AgreementID} OPTIONAL,
123 serviceType [7] OBJECT IDENTIFIER OPTIONAL,
124 userClass [8] INTEGER OPTIONAL
127 ServiceControlOptions ::= BIT STRING {
128 preferChaining(0), chainingProhibited(1), localScope(2), dontUseCopy(3),
129 dontDereferenceAliases(4), subentries(5), copyShallDo(6),
130 partialNameResolution(7), manageDSAIT(8), noSubtypeMatch(9),
131 noSubtypeSelection(10), countFamily(11), dontSelectFriends(12), dontMatchFriends(13)}
133 EntryInformationSelection ::= SET {
135 CHOICE {allUserAttributes [0] NULL,
136 select [1] SET OF AttributeType
137 -- empty set implies no attributes are requested
138 } DEFAULT allUserAttributes:NULL,
140 [2] INTEGER {attributeTypesOnly(0), attributeTypesAndValues(1)}
141 DEFAULT attributeTypesAndValues,
143 CHOICE {allOperationalAttributes [3] NULL,
144 select [4] SET SIZE (1..MAX) OF AttributeType
146 contextSelection ContextSelection OPTIONAL,
147 returnContexts BOOLEAN DEFAULT FALSE,
148 familyReturn FamilyReturn DEFAULT {memberSelect contributingEntriesOnly}
151 ContextSelection ::= CHOICE {
153 selectedContexts SET SIZE (1..MAX) OF TypeAndContextAssertion
156 TypeAndContextAssertion ::= SEQUENCE {
159 CHOICE {preference SEQUENCE OF ContextAssertion,
160 all SET OF ContextAssertion}
163 FamilyReturn ::= SEQUENCE {
165 ENUMERATED {contributingEntriesOnly(1), participatingEntriesOnly(2),
167 familySelect SEQUENCE SIZE (1..MAX) OF OBJECT-CLASS.&id OPTIONAL
171 EntryInformation ::= SEQUENCE {
173 fromEntry BOOLEAN DEFAULT TRUE,
175 SET SIZE (1..MAX) OF CHOICE {
176 attributeType AttributeType,
177 attribute Attribute} OPTIONAL,
178 incompleteEntry [3] BOOLEAN DEFAULT FALSE, -- not in 1988-edition systems
179 partialName [4] BOOLEAN DEFAULT FALSE, -- not in 1988 or 1993 edition systems
181 [5] BOOLEAN DEFAULT FALSE -- not in pre-2001 edition systems --
184 --family-information ATTRIBUTE ::= {
185 -- WITH SYNTAX FamilyEntries
186 -- USAGE directoryOperation
187 -- ID id-at-family-information
190 FamilyEntries ::= SEQUENCE {
191 family-class --OBJECT-CLASS.&id-- OBJECT IDENTIFIER, -- structural object class value
192 familyEntries SEQUENCE OF FamilyEntry
195 FamilyEntry ::= SEQUENCE {
196 rdn RelativeDistinguishedName,
198 SEQUENCE OF CHOICE {attributeType AttributeType,
199 attribute Attribute},
200 family-info SEQUENCE SIZE (1..MAX) OF FamilyEntries OPTIONAL
210 SetOfFilter ::= SET OF Filter
213 FilterItem ::= CHOICE {
214 equality [0] AttributeValueAssertion,
216 [1] SEQUENCE {type ATTRIBUTE.&id({SupportedAttributes}),
221 ({SupportedAttributes}
225 ({SupportedAttributes}
229 ({SupportedAttributes}
231 control Attribute}}, -- Used to specify interpretation of following items
232 greaterOrEqual [2] AttributeValueAssertion,
233 lessOrEqual [3] AttributeValueAssertion,
234 present [4] AttributeType,
235 approximateMatch [5] AttributeValueAssertion,
236 extensibleMatch [6] MatchingRuleAssertion,
237 contextPresent [7] AttributeTypeAssertion
240 MatchingRuleAssertion ::= SEQUENCE {
241 matchingRule [1] SET SIZE (1..MAX) OF MATCHING-RULE.&id,
242 type [2] AttributeType OPTIONAL,
244 [3] MATCHING-RULE.&AssertionType
246 -- matchValue shall be a value of type specified by the &AssertionType field of
247 -- one of the MATCHING-RULE information objects identified by matchingRule }) --,
248 dnAttributes [4] BOOLEAN DEFAULT FALSE
251 PagedResultsRequest ::= CHOICE {
253 SEQUENCE {pageSize INTEGER,
254 sortKeys SEQUENCE SIZE (1..MAX) OF SortKey OPTIONAL,
255 reverse [1] BOOLEAN DEFAULT FALSE,
256 unmerged [2] BOOLEAN DEFAULT FALSE},
257 queryReference OCTET STRING
260 SortKey ::= SEQUENCE {
262 orderingRule --MATCHING-RULE.&id-- OBJECT IDENTIFIER OPTIONAL
265 SecurityParameters ::= SET {
266 certification-path [0] CertificationPath OPTIONAL,
267 name [1] DistinguishedName OPTIONAL,
268 time [2] Time OPTIONAL,
269 random [3] BIT STRING OPTIONAL,
270 target [4] ProtectionRequest OPTIONAL,
271 response [5] BIT STRING OPTIONAL,
272 operationCode [6] Code OPTIONAL,
273 attributeCertificationPath [7] AttributeCertificationPath OPTIONAL,
274 errorProtection [8] ErrorProtectionRequest OPTIONAL,
275 errorCode [9] Code OPTIONAL
278 ProtectionRequest ::= INTEGER {
279 none(0), signed(1), encrypted(2), signed-encrypted(3)}
281 Time ::= CHOICE {utcTime UTCTime,
282 generalizedTime GeneralizedTime
285 ErrorProtectionRequest ::= INTEGER {
286 none(0), signed(1), encrypted(2), signed-encrypted(3)}
288 -- Bind and unbind operations
289 directoryBind OPERATION ::= {
290 ARGUMENT DirectoryBindArgument
291 RESULT DirectoryBindResult
292 ERRORS {directoryBindError}
293 CODE op-ros-bind -- WS: internal operation code
296 DirectoryBindArgument ::= SET {
297 credentials [0] Credentials OPTIONAL,
298 versions [1] Versions DEFAULT {v1}
301 Credentials ::= CHOICE {
302 simple [0] SimpleCredentials,
303 strong [1] StrongCredentials,
304 externalProcedure [2] EXTERNAL,
305 spkm [3] SpkmCredentials,
306 sasl [4] SaslCredentials
309 SimpleCredentials ::= SEQUENCE {
310 name [0] DistinguishedName,
312 [1] SET {time1 [0] CHOICE {utc UTCTime,
313 gt GeneralizedTime} OPTIONAL,
314 time2 [1] CHOICE {utc UTCTime,
315 gt GeneralizedTime} OPTIONAL,
316 random1 [2] BIT STRING OPTIONAL,
317 random2 [3] BIT STRING OPTIONAL} OPTIONAL,
319 [2] CHOICE {unprotected OCTET STRING,
320 -- protected SIGNATURE{OCTET STRING}} OPTIONAL
322 protectedPassword OCTET STRING,
323 algorithmIdentifier AlgorithmIdentifier,
324 encrypted BIT STRING }} OPTIONAL
327 StrongCredentials ::= SET {
328 certification-path [0] CertificationPath OPTIONAL,
329 bind-token [1] Token,
330 name [2] DistinguishedName OPTIONAL,
331 attributeCertificationPath [3] AttributeCertificationPath OPTIONAL
334 SpkmCredentials ::= CHOICE {req [0] -- SPKM-REQ -- ANY,
335 rep [1] -- SPKM-REP-TI-- ANY
338 SaslCredentials ::= SEQUENCE {
339 mechanism [0] DirectoryString {--ub-sasIMechanism--},
340 credentials [1] OCTET STRING OPTIONAL,
341 saslAbort [2] BOOLEAN DEFAULT FALSE
346 -- { --SEQUENCE {algorithm [0] AlgorithmIdentifier,
347 name [1] DistinguishedName,
349 random [3] BIT STRING,
350 response [4] BIT STRING OPTIONAL,
352 [5] SEQUENCE SIZE (1..MAX) OF AlgorithmIdentifier OPTIONAL,
353 bindIntKeyInfo [6] BindKeyInfo OPTIONAL,
355 [7] SEQUENCE SIZE (1..MAX) OF AlgorithmIdentifier OPTIONAL,
358 OPTIONAL -- dirqop [9] OBJECT IDENTIFIER OPTIONAL--
361 -- expand SIGNED macro
364 token-data TokenData,
365 algorithm-identifier AlgorithmIdentifier,
369 Versions ::= BIT STRING {v1(0), v2(1)}
371 DirectoryBindResult ::= DirectoryBindArgument
373 directoryBindError ERROR ::= {
374 PARAMETER -- OPTIONALLY-PROTECTED -- DirectoryBindError
375 -- {SET {versions [0] Versions DEFAULT {v1},
377 -- CHOICE {serviceError [1] ServiceProblem,
378 -- securityError [2] SecurityProblem}} }
379 CODE err-ros-bind -- WS: internal error code
382 -- expand OPTIONALLY-PROTECTED macro
383 DirectoryBindError ::= CHOICE {
384 unsignedDirectoryBindError DirectoryBindErrorData,
385 signedDirectoryBindError SEQUENCE {
386 directoryBindError DirectoryBindErrorData,
387 algorithmIdentifier AlgorithmIdentifier,
392 DirectoryBindErrorData ::=
393 SET {versions [0] Versions DEFAULT {v1},
395 CHOICE {serviceError [1] ServiceProblem,
396 securityError [2] SecurityProblem},
397 securityParameters [30] SecurityParameters OPTIONAL
401 BindKeyInfo ::= -- ENCRYPTED{-- BIT STRING
403 --directoryUnbind OPERATION ::= emptyUnbind
405 -- Operations, arguments, and results
407 ARGUMENT ReadArgument
410 {attributeError | nameError | serviceError | referral | abandoned |
416 -- OPTIONALLY-PROTECTED
417 -- {-- SET {object [0] Name,
418 selection [1] EntryInformationSelection DEFAULT {},
419 modifyRightsRequest [2] BOOLEAN DEFAULT FALSE,
420 -- COMPONENTS OF CommonArguments
421 serviceControls [30] ServiceControls DEFAULT {},
422 securityParameters [29] SecurityParameters OPTIONAL,
423 requestor [28] DistinguishedName OPTIONAL,
425 [27] OperationProgress DEFAULT {nameResolutionPhase notStarted},
426 aliasedRDNs [26] INTEGER OPTIONAL,
427 criticalExtensions [25] BIT STRING OPTIONAL,
428 referenceType [24] ReferenceType OPTIONAL,
429 entryOnly [23] BOOLEAN DEFAULT TRUE,
430 exclusions [22] Exclusions OPTIONAL,
431 nameResolveOnMaster [21] BOOLEAN DEFAULT FALSE,
432 operationContexts [20] ContextSelection OPTIONAL,
433 familyGrouping [19] FamilyGrouping DEFAULT entryOnly
437 rdnSequence RDNSequence
441 -- OPTIONALLY-PROTECTED macro expansion
442 ReadArgument ::= CHOICE {
443 unsignedReadArgument ReadArgumentData,
444 signedReadArgument SEQUENCE {
445 readArgument ReadArgumentData,
446 algorithmIdentifier AlgorithmIdentifier,
452 -- OPTIONALLY-PROTECTED
453 -- {--SET {entry [0] EntryInformation,
454 modifyRights [1] ModifyRights OPTIONAL,
455 -- COMPONENTS OF CommonResults
456 securityParameters [30] SecurityParameters OPTIONAL,
457 performer [29] DistinguishedName OPTIONAL,
458 aliasDereferenced [28] BOOLEAN DEFAULT FALSE,
459 notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL
462 -- OPTIONALLY-PROTECTED macro expansion
463 ReadResult ::= CHOICE {
464 unsignedReadResult ReadResultData,
465 signedReadResult SEQUENCE {
466 readResult ReadResultData,
467 algorithmIdentifier AlgorithmIdentifier,
476 CHOICE {entry [0] NULL,
477 attribute [1] AttributeType,
478 value [2] AttributeValueAssertion},
480 [3] BIT STRING {add(0), remove(1), rename(2), move(3)}
483 compare OPERATION ::= {
484 ARGUMENT CompareArgument
487 {attributeError | nameError | serviceError | referral | abandoned |
489 CODE id-opcode-compare
492 CompareArgumentData ::=
493 -- OPTIONALLY-PROTECTED
494 -- {--SET {object [0] Name,
495 purported [1] AttributeValueAssertion,
496 -- COMPONENTS OF CommonArguments}}
497 serviceControls [30] ServiceControls DEFAULT {},
498 securityParameters [29] SecurityParameters OPTIONAL,
499 requestor [28] DistinguishedName OPTIONAL,
501 [27] OperationProgress DEFAULT {nameResolutionPhase notStarted},
502 aliasedRDNs [26] INTEGER OPTIONAL,
503 criticalExtensions [25] BIT STRING OPTIONAL,
504 referenceType [24] ReferenceType OPTIONAL,
505 entryOnly [23] BOOLEAN DEFAULT TRUE,
506 exclusions [22] Exclusions OPTIONAL,
507 nameResolveOnMaster [21] BOOLEAN DEFAULT FALSE,
508 operationContexts [20] ContextSelection OPTIONAL,
509 familyGrouping [19] FamilyGrouping DEFAULT entryOnly
512 -- OPTIONALLY-PROTECTED macro expansion
513 CompareArgument ::= CHOICE {
514 unsignedCompareArgument CompareArgumentData,
515 signedCompareArgument SEQUENCE {
516 compareArgument CompareArgumentData,
517 algorithmIdentifier AlgorithmIdentifier,
523 CompareResultData ::=
524 -- OPTIONALLY-PROTECTED
525 -- {--SET {name Name OPTIONAL,
527 fromEntry [1] BOOLEAN DEFAULT TRUE,
528 matchedSubtype [2] AttributeType OPTIONAL,
529 -- COMPONENTS OF CommonResults}}
530 securityParameters [30] SecurityParameters OPTIONAL,
531 performer [29] DistinguishedName OPTIONAL,
532 aliasDereferenced [28] BOOLEAN DEFAULT FALSE,
533 notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL
536 -- OPTIONALLY-PROTECTED macro expansion
537 CompareResult ::= CHOICE {
538 unsignedCompareResult CompareResultData,
539 signedCompareResult SEQUENCE {
540 compareResult CompareResultData,
541 algorithmIdentifier AlgorithmIdentifier,
547 abandon OPERATION ::= {
548 ARGUMENT AbandonArgument
550 ERRORS {abandonFailed}
551 CODE id-opcode-abandon
554 AbandonArgumentData ::=
555 -- OPTIONALLY-PROTECTED-SEQ{--SEQUENCE {invokeID [0] InvokeId}--}
557 -- OPTIONALLY-PROTECTED-SEQ macro expansion
558 AbandonArgument ::= CHOICE {
559 unsignedAbandonArgument AbandonArgumentData,
560 signedAbandonArgument [0] SEQUENCE {
561 abandonArgument AbandonArgumentData,
562 algorithmIdentifier AlgorithmIdentifier,
568 AbandonResultData ::= SEQUENCE {
570 securityParameters [30] SecurityParameters OPTIONAL,
571 performer [29] DistinguishedName OPTIONAL,
572 aliasDereferenced [28] BOOLEAN DEFAULT FALSE,
573 notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL
576 AbandonResult ::= CHOICE {
579 -- OPTIONALLY-PROTECTED-SEQ{SEQUENCE {invokeID InvokeId,
580 -- COMPONENTS OF CommonResultsSeq
583 unsignedAbandonResult AbandonResultData,
584 signedAbandonResult [0] SEQUENCE {
585 abandonResult AbandonResultData,
586 algorithmIdentifier AlgorithmIdentifier,
593 ARGUMENT ListArgument
595 ERRORS {nameError | serviceError | referral | abandoned | securityError}
600 -- OPTIONALLY-PROTECTED
601 -- {--SET {object [0] Name,
602 pagedResults [1] PagedResultsRequest OPTIONAL,
603 listFamily [2] BOOLEAN DEFAULT FALSE,
604 -- COMPONENTS OF CommonArguments}}
605 serviceControls [30] ServiceControls DEFAULT {},
606 securityParameters [29] SecurityParameters OPTIONAL,
607 requestor [28] DistinguishedName OPTIONAL,
609 [27] OperationProgress DEFAULT {nameResolutionPhase notStarted},
610 aliasedRDNs [26] INTEGER OPTIONAL,
611 criticalExtensions [25] BIT STRING OPTIONAL,
612 referenceType [24] ReferenceType OPTIONAL,
613 entryOnly [23] BOOLEAN DEFAULT TRUE,
614 exclusions [22] Exclusions OPTIONAL,
615 nameResolveOnMaster [21] BOOLEAN DEFAULT FALSE,
616 operationContexts [20] ContextSelection OPTIONAL,
617 familyGrouping [19] FamilyGrouping DEFAULT entryOnly
620 -- expand OPTIONALLY-PROTECTED macro
621 ListArgument ::= CHOICE {
622 unsignedListArgument ListArgumentData,
623 signedListArgument SEQUENCE {
624 listArgument ListArgumentData,
625 algorithmIdentifier AlgorithmIdentifier,
632 -- OPTIONALLY-PROTECTED
633 -- {--CHOICE {listInfo
634 SET {name Name OPTIONAL,
637 SEQUENCE {rdn RelativeDistinguishedName,
638 aliasEntry [0] BOOLEAN DEFAULT FALSE,
639 fromEntry [1] BOOLEAN DEFAULT TRUE
641 partialOutcomeQualifier
642 [2] PartialOutcomeQualifier OPTIONAL,
643 -- COMPONENTS OF CommonResults},
644 securityParameters [30] SecurityParameters OPTIONAL,
645 performer [29] DistinguishedName OPTIONAL,
646 aliasDereferenced [28] BOOLEAN DEFAULT FALSE,
647 notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL
649 uncorrelatedListInfo [0] SET OF ListResult}--}
651 -- expand OPTIONALLY-PROTECTED macro
652 ListResult ::= CHOICE {
653 unsignedListResult ListResultData,
654 signedListResult SEQUENCE {
655 listResult ListResultData,
656 algorithmIdentifier AlgorithmIdentifier,
662 PartialOutcomeQualifier ::= SET {
663 limitProblem [0] LimitProblem OPTIONAL,
665 [1] SET SIZE (1..MAX) OF ContinuationReference OPTIONAL,
666 unavailableCriticalExtensions [2] BOOLEAN DEFAULT FALSE,
668 [3] SET SIZE (1..MAX) OF --ABSTRACT-SYNTAX.&Type-- OBJECT IDENTIFIER OPTIONAL,
669 queryReference [4] OCTET STRING OPTIONAL,
670 overspecFilter [5] Filter OPTIONAL,
672 [6] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL,
674 CHOICE {bestEstimate [7] INTEGER,
675 lowEstimate [8] INTEGER,
676 exact [9] INTEGER} OPTIONAL,
677 streamedResult [10] BOOLEAN DEFAULT FALSE
680 LimitProblem ::= INTEGER {
681 timeLimitExceeded(0), sizeLimitExceeded(1), administrativeLimitExceeded(2)
684 search OPERATION ::= {
685 ARGUMENT SearchArgument
688 {attributeError | nameError | serviceError | referral | abandoned |
690 CODE id-opcode-search
693 SearchArgumentData ::=
694 -- OPTIONALLY-PROTECTED
695 -- {--SET {baseObject [0] Name,
697 [1] INTEGER {baseObject(0), oneLevel(1), wholeSubtree(2)}
699 filter [2] Filter DEFAULT and:{},
700 searchAliases [3] BOOLEAN DEFAULT TRUE,
701 selection [4] EntryInformationSelection DEFAULT {},
702 pagedResults [5] PagedResultsRequest OPTIONAL,
703 matchedValuesOnly [6] BOOLEAN DEFAULT FALSE,
704 extendedFilter [7] Filter OPTIONAL,
705 checkOverspecified [8] BOOLEAN DEFAULT FALSE,
706 relaxation [9] RelaxationPolicy OPTIONAL,
707 extendedArea [10] INTEGER OPTIONAL,
708 hierarchySelections [11] HierarchySelections DEFAULT {self},
710 [12] SearchControlOptions DEFAULT {searchAliases},
712 [13] SEQUENCE SIZE (1..MAX) OF JoinArgument OPTIONAL,
714 [14] ENUMERATED {innerJoin(0), leftOuterJoin(1), fullOuterJoin(2)}
715 DEFAULT leftOuterJoin,
716 -- COMPONENTS OF CommonArguments}}
717 serviceControls [30] ServiceControls DEFAULT {},
718 securityParameters [29] SecurityParameters OPTIONAL,
719 requestor [28] DistinguishedName OPTIONAL,
721 [27] OperationProgress DEFAULT {nameResolutionPhase notStarted},
722 aliasedRDNs [26] INTEGER OPTIONAL,
723 criticalExtensions [25] BIT STRING OPTIONAL,
724 referenceType [24] ReferenceType OPTIONAL,
725 entryOnly [23] BOOLEAN DEFAULT TRUE,
726 exclusions [22] Exclusions OPTIONAL,
727 nameResolveOnMaster [21] BOOLEAN DEFAULT FALSE,
728 operationContexts [20] ContextSelection OPTIONAL,
729 familyGrouping [19] FamilyGrouping DEFAULT entryOnly
732 -- expand OPTIONALLY-PROTECTED macro
733 SearchArgument ::= CHOICE {
734 unsignedSearchArgument SearchArgumentData,
735 signedSearchArgument SEQUENCE {
736 searchArgument SearchArgumentData,
737 algorithmIdentifier AlgorithmIdentifier,
742 HierarchySelections ::= BIT STRING {
743 self(0), children(1), parent(2), hierarchy(3), top(4), subtree(5),
744 siblings(6), siblingChildren(7), siblingSubtree(8), all(9)}
746 SearchControlOptions ::= BIT STRING {
747 searchAliases(0), matchedValuesOnly(1), checkOverspecified(2),
748 performExactly(3), includeAllAreas(4), noSystemRelaxation(5), dnAttribute(6),
749 matchOnResidualName(7), entryCount(8), useSubset(9),
750 separateFamilyMembers(10), searchFamily(11)}
752 JoinArgument ::= SEQUENCE {
753 joinBaseObject [0] Name,
754 domainLocalID [1] DomainLocalID OPTIONAL,
756 [2] ENUMERATED {baseObject(0), oneLevel(1), wholeSubtree(2)}
758 joinFilter [3] Filter OPTIONAL,
759 joinAttributes [4] SEQUENCE SIZE (1..MAX) OF JoinAttPair OPTIONAL,
760 joinSelection [5] EntryInformationSelection
763 DomainLocalID ::= DirectoryString --{ub-domainLocalID}--
765 JoinAttPair ::= SEQUENCE {
766 baseAtt AttributeType,
767 joinAtt AttributeType,
768 joinContext SEQUENCE SIZE (1..MAX) OF JoinContextType OPTIONAL
771 JoinContextType ::= --CONTEXT.&id({SupportedContexts})-- OBJECT IDENTIFIER
774 -- OPTIONALLY-PROTECTED
775 -- {--CHOICE {searchInfo
776 SET {name Name OPTIONAL,
777 entries [0] SET OF EntryInformation,
778 partialOutcomeQualifier
779 [2] PartialOutcomeQualifier OPTIONAL,
780 altMatching [3] BOOLEAN DEFAULT FALSE,
781 -- COMPONENTS OF CommonResults},
782 securityParameters [30] SecurityParameters OPTIONAL,
783 performer [29] DistinguishedName OPTIONAL,
784 aliasDereferenced [28] BOOLEAN DEFAULT FALSE,
785 notification [27] SEQUENCE SIZE (1..MAX)OF Attribute OPTIONAL},
786 uncorrelatedSearchInfo [0] SET OF SearchResult}--}
788 -- expand OPTIONALLY-PROTECTED macro
789 SearchResult ::= CHOICE {
790 unsignedSearchResult SearchResultData,
791 signedSearchResult SEQUENCE {
792 searchResult SearchResultData,
793 algorithmIdentifier AlgorithmIdentifier,
799 addEntry OPERATION ::= {
800 ARGUMENT AddEntryArgument
801 RESULT AddEntryResult
803 {attributeError | nameError | serviceError | referral | securityError |
805 CODE id-opcode-addEntry
808 AddEntryArgumentData ::=
809 -- OPTIONALLY-PROTECTED
810 -- {--SET {object [0] Name,
811 entry [1] SET OF Attribute,
812 targetSystem [2] AccessPoint OPTIONAL,
813 -- COMPONENTS OF CommonArguments}}
814 serviceControls [30] ServiceControls DEFAULT {},
815 securityParameters [29] SecurityParameters OPTIONAL,
816 requestor [28] DistinguishedName OPTIONAL,
818 [27] OperationProgress DEFAULT {nameResolutionPhase notStarted},
819 aliasedRDNs [26] INTEGER OPTIONAL,
820 criticalExtensions [25] BIT STRING OPTIONAL,
821 referenceType [24] ReferenceType OPTIONAL,
822 entryOnly [23] BOOLEAN DEFAULT TRUE,
823 exclusions [22] Exclusions OPTIONAL,
824 nameResolveOnMaster [21] BOOLEAN DEFAULT FALSE,
825 operationContexts [20] ContextSelection OPTIONAL,
826 familyGrouping [19] FamilyGrouping DEFAULT entryOnly
829 -- expand OPTIONALLY-PROTECTED macro
830 AddEntryArgument ::= CHOICE {
831 unsignedAddEntryArgument AddEntryArgumentData,
832 signedAddEntryArgument SEQUENCE {
833 addEntryArgument AddEntryArgumentData,
834 algorithmIdentifier AlgorithmIdentifier,
839 AddEntryResultData ::= SEQUENCE {
840 securityParameters [30] SecurityParameters OPTIONAL,
841 performer [29] DistinguishedName OPTIONAL,
842 aliasDereferenced [28] BOOLEAN DEFAULT FALSE,
843 notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL
846 AddEntryResult ::= CHOICE {
849 -- OPTIONALLY-PROTECTED-SEQ{SEQUENCE {COMPONENTS OF CommonResultsSeq}}
851 unsignedAddEntryResult AddEntryResultData,
852 signedAddEntryResult [0] SEQUENCE {
853 addEntryResult AddEntryResultData,
854 algorithmIdentifier AlgorithmIdentifier,
860 removeEntry OPERATION ::= {
861 ARGUMENT RemoveEntryArgument
862 RESULT RemoveEntryResult
863 ERRORS {nameError | serviceError | referral | securityError | updateError}
864 CODE id-opcode-removeEntry
867 RemoveEntryArgumentData ::=
868 -- OPTIONALLY-PROTECTED{--SET {object [0] Name,
869 -- COMPONENTS OF CommonArguments}}
870 serviceControls [30] ServiceControls DEFAULT {},
871 securityParameters [29] SecurityParameters OPTIONAL,
872 requestor [28] DistinguishedName OPTIONAL,
874 [27] OperationProgress DEFAULT {nameResolutionPhase notStarted},
875 aliasedRDNs [26] INTEGER OPTIONAL,
876 criticalExtensions [25] BIT STRING OPTIONAL,
877 referenceType [24] ReferenceType OPTIONAL,
878 entryOnly [23] BOOLEAN DEFAULT TRUE,
879 exclusions [22] Exclusions OPTIONAL,
880 nameResolveOnMaster [21] BOOLEAN DEFAULT FALSE,
881 operationContexts [20] ContextSelection OPTIONAL,
882 familyGrouping [19] FamilyGrouping DEFAULT entryOnly
885 -- OPTIONALLY-PROTECTED macro expansion
886 RemoveEntryArgument ::= CHOICE {
887 unsignedRemoveEntryArgument RemoveEntryArgumentData,
888 signedRemoveEntryArgument SEQUENCE {
889 removeEntryArgument RemoveEntryArgumentData,
890 algorithmIdentifier AlgorithmIdentifier,
896 RemoveEntryResultData ::= SEQUENCE {
897 securityParameters [30] SecurityParameters OPTIONAL,
898 performer [29] DistinguishedName OPTIONAL,
899 aliasDereferenced [28] BOOLEAN DEFAULT FALSE,
900 notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL
903 RemoveEntryResult ::= CHOICE {
906 -- OPTIONALLY-PROTECTED-SEQ{SEQUENCE {COMPONENTS OF CommonResultsSeq}}
908 unsignedRemoveEntryResult RemoveEntryResultData,
909 signedRemoveEntryResult [0] SEQUENCE {
910 removeEntryResult RemoveEntryResultData,
911 algorithmIdentifier AlgorithmIdentifier,
917 modifyEntry OPERATION ::= {
918 ARGUMENT ModifyEntryArgument
919 RESULT ModifyEntryResult
921 {attributeError | nameError | serviceError | referral | securityError |
923 CODE id-opcode-modifyEntry
926 ModifyEntryArgumentData ::=
927 -- OPTIONALLY-PROTECTED
928 -- {--SET {object [0] Name,
929 changes [1] SEQUENCE OF EntryModification,
930 selection [2] EntryInformationSelection OPTIONAL,
931 -- COMPONENTS OF CommonArguments}}
932 serviceControls [30] ServiceControls DEFAULT {},
933 securityParameters [29] SecurityParameters OPTIONAL,
934 requestor [28] DistinguishedName OPTIONAL,
936 [27] OperationProgress DEFAULT {nameResolutionPhase notStarted},
937 aliasedRDNs [26] INTEGER OPTIONAL,
938 criticalExtensions [25] BIT STRING OPTIONAL,
939 referenceType [24] ReferenceType OPTIONAL,
940 entryOnly [23] BOOLEAN DEFAULT TRUE,
941 exclusions [22] Exclusions OPTIONAL,
942 nameResolveOnMaster [21] BOOLEAN DEFAULT FALSE,
943 operationContexts [20] ContextSelection OPTIONAL,
944 familyGrouping [19] FamilyGrouping DEFAULT entryOnly
947 -- OPTIONALLY-PROTECTED macro expansion
948 ModifyEntryArgument ::= CHOICE {
949 unsignedModifyEntryArgument ModifyEntryArgumentData,
950 signedModifyEntryArgument SEQUENCE {
951 modifyEntryArgument ModifyEntryArgumentData,
952 algorithmIdentifier AlgorithmIdentifier,
958 ModifyEntryResultData ::= SEQUENCE {
959 entry [0] EntryInformation OPTIONAL,
960 securityParameters [30] SecurityParameters OPTIONAL,
961 performer [29] DistinguishedName OPTIONAL,
962 aliasDereferenced [28] BOOLEAN DEFAULT FALSE,
963 notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL
966 ModifyEntryResult ::= CHOICE {
969 -- OPTIONALLY-PROTECTED-SEQ{SEQUENCE {COMPONENTS OF CommonResultsSeq}}
971 unsignedModifyEntryResult ModifyEntryResultData,
972 signedModifyEntryResult [0] SEQUENCE {
973 modifyEntryResult ModifyEntryResultData,
974 algorithmIdentifier AlgorithmIdentifier,
980 EntryModification ::= CHOICE {
981 addAttribute [0] Attribute,
982 removeAttribute [1] AttributeType,
983 addValues [2] Attribute,
984 removeValues [3] Attribute,
985 alterValues [4] AttributeTypeAndValue,
986 resetValue [5] AttributeType
989 modifyDN OPERATION ::= {
990 ARGUMENT ModifyDNArgument
991 RESULT ModifyDNResult
992 ERRORS {nameError | serviceError | referral | securityError | updateError}
993 CODE id-opcode-modifyDN
997 -- OPTIONALLY-PROTECTED
998 -- {--SET {object [0] DistinguishedName,
999 newRDN [1] RelativeDistinguishedName,
1000 deleteOldRDN [2] BOOLEAN DEFAULT FALSE,
1001 newSuperior [3] DistinguishedName OPTIONAL,
1002 -- COMPONENTS OF CommonArguments}}
1003 serviceControls [30] ServiceControls DEFAULT {},
1004 securityParameters [29] SecurityParameters OPTIONAL,
1005 requestor [28] DistinguishedName OPTIONAL,
1007 [27] OperationProgress DEFAULT {nameResolutionPhase notStarted},
1008 aliasedRDNs [26] INTEGER OPTIONAL,
1009 criticalExtensions [25] BIT STRING OPTIONAL,
1010 referenceType [24] ReferenceType OPTIONAL,
1011 entryOnly [23] BOOLEAN DEFAULT TRUE,
1012 exclusions [22] Exclusions OPTIONAL,
1013 nameResolveOnMaster [21] BOOLEAN DEFAULT FALSE,
1014 operationContexts [20] ContextSelection OPTIONAL,
1015 familyGrouping [19] FamilyGrouping DEFAULT entryOnly
1018 ModifyDNResultData ::= SEQUENCE {
1019 newRDN RelativeDistinguishedName,
1020 securityParameters [30] SecurityParameters OPTIONAL,
1021 performer [29] DistinguishedName OPTIONAL,
1022 aliasDereferenced [28] BOOLEAN DEFAULT FALSE,
1023 notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL
1027 ModifyDNResult ::= CHOICE {
1030 -- OPTIONALLY-PROTECTED-SEQ{SEQUENCE {COMPONENTS OF CommonResultsSeq}}
1032 unsignedModifyDNResult ModifyDNResultData,
1033 signedModifyDNResult [0] SEQUENCE {
1034 modifyDNResult ModifyDNResultData,
1035 algorithmIdentifier AlgorithmIdentifier,
1036 encrypted BIT STRING
1042 -- Errors and parameters
1044 abandoned ERROR ::= { -- not literally an "error"
1045 PARAMETER --OPTIONALLY-PROTECTED {SET {COMPONENTS OF CommonResults}}-- Abandoned
1046 CODE id-errcode-abandoned
1049 AbandonedData ::= SET {
1050 securityParameters [30] SecurityParameters OPTIONAL,
1051 performer [29] DistinguishedName OPTIONAL,
1052 aliasDereferenced [28] BOOLEAN DEFAULT FALSE,
1053 notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL
1056 Abandoned ::= CHOICE {
1057 unsignedAbandoned AbandonedData,
1058 signedAbandoned SEQUENCE {
1059 abandoned AbandonedData,
1060 algorithmIdentifier AlgorithmIdentifier,
1061 encrypted BIT STRING
1065 abandonFailed ERROR ::= {
1066 PARAMETER --OPTIONALLY-PROTECTED-- AbandonFailedError
1067 -- {SET {problem [0] AbandonProblem,
1068 -- operation [1] InvokeId,
1069 -- COMPONENTS OF CommonResults}}
1070 CODE id-errcode-abandonFailed
1073 AbandonFailedErrorData ::= SET {
1074 problem [0] AbandonProblem,
1075 operation [1] InvokeId,
1076 securityParameters [30] SecurityParameters OPTIONAL,
1077 performer [29] DistinguishedName OPTIONAL,
1078 aliasDereferenced [28] BOOLEAN DEFAULT FALSE,
1079 notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL
1082 AbandonFailedError ::= CHOICE {
1083 unsignedAbandonFailedError AbandonFailedErrorData,
1084 signedAbandonFailedError SEQUENCE {
1085 abandonFailedError AbandonFailedErrorData,
1086 algorithmIdentifier AlgorithmIdentifier,
1087 encrypted BIT STRING
1091 AbandonProblem ::= INTEGER {noSuchOperation(1), tooLate(2), cannotAbandon(3)}
1093 attributeError ERROR ::= {
1094 PARAMETER --OPTIONALLY-PROTECTED-- AttributeError
1095 -- {SET {object [0] Name,
1098 -- SEQUENCE {problem [0] AttributeProblem,
1099 -- type [1] AttributeType,
1100 -- value [2] AttributeValue OPTIONAL},
1101 -- COMPONENTS OF CommonResults}}
1102 CODE id-errcode-attributeError
1105 AttributeErrorData ::= SET {
1109 SEQUENCE {problem [0] AttributeProblem,
1110 type [1] AttributeType,
1111 value [2] AttributeValue OPTIONAL},
1112 securityParameters [30] SecurityParameters OPTIONAL,
1113 performer [29] DistinguishedName OPTIONAL,
1114 aliasDereferenced [28] BOOLEAN DEFAULT FALSE,
1115 notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL
1118 AttributeError ::= CHOICE {
1119 unsignedAttributeError AttributeErrorData,
1120 signedAttributeError SEQUENCE {
1121 attributeError AttributeErrorData,
1122 algorithmIdentifier AlgorithmIdentifier,
1123 encrypted BIT STRING
1127 AttributeProblem ::= INTEGER {
1128 noSuchAttributeOrValue(1), invalidAttributeSyntax(2),
1129 undefinedAttributeType(3), inappropriateMatching(4), constraintViolation(5),
1130 attributeOrValueAlreadyExists(6), contextViolation(7)}
1132 nameError ERROR ::= {
1133 PARAMETER --OPTIONALLY-PROTECTED-- NameError
1134 -- {SET {problem [0] NameProblem,
1135 -- matched [1] Name,
1136 -- COMPONENTS OF CommonResults}}
1137 CODE id-errcode-nameError
1140 NameErrorData ::= SET {
1141 problem [0] NameProblem,
1143 securityParameters [30] SecurityParameters OPTIONAL,
1144 performer [29] DistinguishedName OPTIONAL,
1145 aliasDereferenced [28] BOOLEAN DEFAULT FALSE,
1146 notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL
1150 NameError ::= CHOICE {
1151 unsignedNameError NameErrorData,
1152 signedNameError SEQUENCE {
1153 nameError NameErrorData,
1154 algorithmIdentifier AlgorithmIdentifier,
1155 encrypted BIT STRING
1159 NameProblem ::= INTEGER {
1160 noSuchObject(1), aliasProblem(2), invalidAttributeSyntax(3),
1161 aliasDereferencingProblem(4), contextProblem(5)}
1163 referral ERROR ::= { -- not literally an "error"
1164 PARAMETER --OPTIONALLY-PROTECTED-- Referral
1165 -- {SET {candidate [0] ContinuationReference,
1166 -- COMPONENTS OF CommonResults}}
1167 CODE id-errcode-referral
1170 ReferralData ::= SET {
1171 candidate [0] ContinuationReference,
1172 securityParameters [30] SecurityParameters OPTIONAL,
1173 performer [29] DistinguishedName OPTIONAL,
1174 aliasDereferenced [28] BOOLEAN DEFAULT FALSE,
1175 notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL
1179 Referral ::= CHOICE {
1180 unsignedReferral ReferralData,
1181 signedReferral SEQUENCE {
1182 referral ReferralData,
1183 algorithmIdentifier AlgorithmIdentifier,
1184 encrypted BIT STRING
1188 securityError ERROR ::= {
1189 PARAMETER --OPTIONALLY-PROTECTED-- SecurityError
1190 -- {SET {problem [0] SecurityProblem,
1191 -- spkmInfo [1] SPKM-ERROR,
1192 -- COMPONENTS OF CommonResults}}
1193 CODE id-errcode-securityError
1196 SecurityErrorData ::= SET {
1197 problem [0] SecurityProblem,
1198 spkmInfo [1] -- SPKM-ERROR -- ANY,
1199 securityParameters [30] SecurityParameters OPTIONAL,
1200 performer [29] DistinguishedName OPTIONAL,
1201 aliasDereferenced [28] BOOLEAN DEFAULT FALSE,
1202 notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL
1205 SecurityError ::= CHOICE {
1206 unsignedSecurityError SecurityErrorData,
1207 signedSecurityError SEQUENCE {
1208 securityError SecurityErrorData,
1209 algorithmIdentifier AlgorithmIdentifier,
1210 encrypted BIT STRING
1215 SecurityProblem ::= INTEGER {
1216 inappropriateAuthentication(1), invalidCredentials(2),
1217 insufficientAccessRights(3), invalidSignature(4), protectionRequired(5),
1218 noInformation(6), blockedCredentials(7), invalidQOPMatch(8), spkmError(9)
1222 serviceError ERROR ::= {
1223 PARAMETER --OPTIONALLY-PROTECTED-- ServiceError
1224 -- {SET {problem [0] ServiceProblem,
1225 -- COMPONENTS OF CommonResults}}
1226 CODE id-errcode-serviceError
1229 ServiceErrorData ::= SET {
1230 problem [0] ServiceProblem,
1231 securityParameters [30] SecurityParameters OPTIONAL,
1232 performer [29] DistinguishedName OPTIONAL,
1233 aliasDereferenced [28] BOOLEAN DEFAULT FALSE,
1234 notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL
1237 ServiceError ::= CHOICE {
1238 unsignedServiceError ServiceErrorData,
1239 signedServiceError SEQUENCE {
1240 serviceError ServiceErrorData,
1241 algorithmIdentifier AlgorithmIdentifier,
1242 encrypted BIT STRING
1247 ServiceProblem ::= INTEGER {
1248 busy(1), unavailable(2), unwillingToPerform(3), chainingRequired(4),
1249 unableToProceed(5), invalidReference(6), timeLimitExceeded(7),
1250 administrativeLimitExceeded(8), loopDetected(9),
1251 unavailableCriticalExtension(10), outOfScope(11), ditError(12),
1252 invalidQueryReference(13), requestedServiceNotAvailable(14),
1253 unsupportedMatchingUse(15), ambiguousKeyAttributes(16),
1254 saslBindInProgress(17)
1258 updateError ERROR ::= {
1259 PARAMETER --OPTIONALLY-PROTECTED-- UpdateError
1260 -- {SET {problem [0] UpdateProblem,
1262 -- [1] SET SIZE (1..MAX) OF
1263 -- CHOICE {attributeType AttributeType,
1264 -- attribute Attribute} OPTIONAL,
1265 -- COMPONENTS OF CommonResults}}
1266 CODE id-errcode-updateError
1269 UpdateErrorData ::= SET {
1270 problem [0] UpdateProblem,
1272 [1] SET SIZE (1..MAX) OF
1273 CHOICE {attributeType AttributeType,
1274 attribute Attribute} OPTIONAL,
1275 securityParameters [30] SecurityParameters OPTIONAL,
1276 performer [29] DistinguishedName OPTIONAL,
1277 aliasDereferenced [28] BOOLEAN DEFAULT FALSE,
1278 notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL
1281 UpdateError ::= CHOICE {
1282 unsignedUpdateError UpdateErrorData,
1283 signedUpdateError SEQUENCE {
1284 updateError UpdateErrorData,
1285 algorithmIdentifier AlgorithmIdentifier,
1286 encrypted BIT STRING
1291 UpdateProblem ::= INTEGER {
1292 namingViolation(1), objectClassViolation(2), notAllowedOnNonLeaf(3),
1293 notAllowedOnRDN(4), entryAlreadyExists(5), affectsMultipleDSAs(6),
1294 objectClassModificationProhibited(7), noSuchSuperior(8), notAncestor(9),
1295 parentNotAncestor(10), hierarchyRuleViolation(11), familyRuleViolation(12)
1299 --id-at-family-information OBJECT IDENTIFIER ::= {id-at 64}
1301 END -- DirectoryAbstractService
1303 -- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D