[Fedora-directory-devel] Attribute to determine allowed write attributes?
Andrew Bartlett
abartlet at samba.org
Wed Nov 1 23:11:24 UTC 2006
On Wed, 2006-11-01 at 07:05 -0700, Richard Megginson wrote:
> Andrew Bartlett wrote:
> > On Tue, 2006-10-31 at 21:05 -0700, David Boreham wrote:
> >
> >> Andrew Bartlett wrote:
> >>
> >>
> >>> Does anybody have any pointers to an existing feature request like this,
> >>> or should I file one in Bugzilla?
> >>>
> >>>
> >>>
> >> This is what is implemented :
> >>
> >> http://www.redhat.com/docs/manuals/dir-server/ag/7.1/acl.html#1216899
> >>
> >
> > That has:
> >
> >
> >> Information is not given for attributes in an entry that do not have a
> >> value; for example, if the userPassword value is removed, then a
> >> future effective rights search on the entry above would not return any
> >> effective rights for userPassword, even though self-write and
> >> self-delete rights could be allowed. Likewise, if the street attribute
> >> were added with read, compare, and search rights, then street: rsc
> >> would appear in the attributeLevelRights results.
> >>
> >
> > I need information on unknown attributes, so that MMC can show them as
> > valid, writable fields (not greyed out). My preferred format is a list
> > of writable fields, as permitted by the current schema for that entry.
> >
> This could be useful in any general purpose GUI app, to have the ability
> to perform one query and get back a list of
> 1) regular attributes available according to the schema
> 2) operational attributes - writable vs. read-only
> 3) virtual attributes - writable vs. read-only
>
> I would like to support the openldap "+" special attribute which
> retrieves all operational attributes, and I would also like to support
> the Sun DS real and virtual attrs controls.
>
> Andrew, I think it would be beneficial to me if you could post an
> example ldapsearch and an example return entry in LDIF.
Using Samba's ldbsearch:
bin/ldbsearch -H ldap://win2k3dc.win2k3.abartlet.net cn=administrator
allowedAttributes allowedAttributesEffective allowedClasses
AllowedClassesEffective -Uadministrator%penguin
(see attached).
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc. http://redhat.com
-------------- next part --------------
Unknown parameter encountered: "tls enable"
Ignoring unknown parameter "tls enable"
# record 1
dn: CN=Administrator,CN=Users,DC=win2k3,DC=abartlet,DC=net
allowedAttributes: msExchOmaAdminExtendedSettings
allowedAttributes: msExchOmaAdminWirelessEnable
allowedAttributes: msExchTUISpeed
allowedAttributes: msExchTUIVolume
allowedAttributes: msExchTUIPassword
allowedAttributes: msExchVoiceMailboxID
allowedAttributes: msExchOriginatingForest
allowedAttributes: msExchIMAPOWAURLPrefixOverride
allowedAttributes: msExchPfRootUrl
allowedAttributes: msExchMailboxUrl
allowedAttributes: msExchPoliciesExcluded
allowedAttributes: msExchPoliciesIncluded
allowedAttributes: msExchCustomProxyAddresses
allowedAttributes: msExchProxyCustomProxy
allowedAttributes: msExchPolicyEnabled
allowedAttributes: msExchPolicyOptionList
allowedAttributes: msExchQueryBaseDN
allowedAttributes: dLMemDefault
allowedAttributes: msExchRecipLimit
allowedAttributes: msExchMailboxFolderSet
allowedAttributes: msExchMailboxGuid
allowedAttributes: mDBOverHardQuotaLimit
allowedAttributes: msExchFBURL
allowedAttributes: msExchConferenceMailboxBL
allowedAttributes: msExchControllingZone
allowedAttributes: msExchResourceProperties
allowedAttributes: msExchResourceGUID
allowedAttributes: msExchIMAddress
allowedAttributes: msExchIMVirtualServer
allowedAttributes: msExchIMPhysicalURL
allowedAttributes: msExchIMMetaPhysicalURL
allowedAttributes: msExchIMACL
allowedAttributes: msExchUserAccountControl
allowedAttributes: msExchInconsistentState
allowedAttributes: msExchPreviousAccountSid
allowedAttributes: msExchUnmergedAttsPt
allowedAttributes: msExchMasterAccountSid
allowedAttributes: msExchMailboxSecurityDescriptor
allowedAttributes: msExchHideFromAddressLists
allowedAttributes: msExchUseOAB
allowedAttributes: msExchADCGlobalNames
allowedAttributes: msExchALObjectVersion
allowedAttributes: replicationSignature
allowedAttributes: msExchExpansionServerName
allowedAttributes: unmergedAtts
allowedAttributes: msExchHomeServerName
allowedAttributes: labeledURI
allowedAttributes: subSchemaSubEntry
allowedAttributes: modifyTimeStamp
allowedAttributes: createTimeStamp
allowedAttributes: structuralObjectClass
allowedAttributes: userPKCS12
allowedAttributes: preferredLanguage
allowedAttributes: thumbnailLogo
allowedAttributes: thumbnailPhoto
allowedAttributes: middleName
allowedAttributes: departmentNumber
allowedAttributes: carLicense
allowedAttributes: jpegPhoto
allowedAttributes: audio
allowedAttributes: pager
allowedAttributes: mobile
allowedAttributes: secretary
allowedAttributes: homePhone
allowedAttributes: manager
allowedAttributes: photo
allowedAttributes: roomNumber
allowedAttributes: mail
allowedAttributes: textEncodedORAddress
allowedAttributes: uid
allowedAttributes: userSMIMECertificate
allowedAttributes: msExchRequireAuthToSendTo
allowedAttributes: msDRM-IdentityCertificate
allowedAttributes: msDS-ObjectReferenceBL
allowedAttributes: msDs-masteredBy
allowedAttributes: msDS-TasksForAzRoleBL
allowedAttributes: msDS-OperationsForAzRoleBL
allowedAttributes: msDS-TasksForAzTaskBL
allowedAttributes: msDS-OperationsForAzTaskBL
allowedAttributes: msDS-MembersForAzRoleBL
allowedAttributes: msDS-NonMembersBL
allowedAttributes: msDS-AllowedToDelegateTo
allowedAttributes: msIIS-FTPDir
allowedAttributes: msIIS-FTPRoot
allowedAttributes: msDS-KeyVersionNumber
allowedAttributes: msDS-ReplValueMetaData
allowedAttributes: msDS-ReplAttributeMetaData
allowedAttributes: msDS-NCReplOutboundNeighbors
allowedAttributes: msDS-NCReplInboundNeighbors
allowedAttributes: msDS-NCReplCursors
allowedAttributes: lastLogonTimestamp
allowedAttributes: msDS-Approx-Immed-Subordinates
allowedAttributes: msDS-User-Account-Control-Computed
allowedAttributes: msDS-Site-Affinity
allowedAttributes: msDS-Cached-Membership-Time-Stamp
allowedAttributes: msDS-Cached-Membership
allowedAttributes: msCOM-UserPartitionSetLink
allowedAttributes: msCOM-UserLink
allowedAttributes: msCOM-PartitionSetLink
allowedAttributes: tokenGroupsGlobalAndUniversal
allowedAttributes: mS-DS-CreatorSID
allowedAttributes: masteredBy
allowedAttributes: mS-DS-ConsistencyChildCount
allowedAttributes: mS-DS-ConsistencyGuid
allowedAttributes: otherWellKnownObjects
allowedAttributes: dSCorePropagationData
allowedAttributes: accountNameHistory
allowedAttributes: sDRightsEffective
allowedAttributes: tokenGroupsNoGCAcceptable
allowedAttributes: tokenGroups
allowedAttributes: proxiedObjectName
allowedAttributes: msRASSavedFramedRoute
allowedAttributes: msRASSavedFramedIPAddress
allowedAttributes: msRASSavedCallbackNumber
allowedAttributes: msRADIUSServiceType
allowedAttributes: msRADIUSFramedRoute
allowedAttributes: msRADIUSFramedIPAddress
allowedAttributes: msRADIUSCallbackNumber
allowedAttributes: msNPSavedCallingStationID
allowedAttributes: msNPCallingStationID
allowedAttributes: msNPAllowDialin
allowedAttributes: mSMQSignCertificatesMig
allowedAttributes: mSMQDigestsMig
allowedAttributes: mSMQDigests
allowedAttributes: mSMQSignCertificates
allowedAttributes: canonicalName
allowedAttributes: possibleInferiors
allowedAttributes: allowedAttributesEffective
allowedAttributes: allowedAttributes
allowedAttributes: allowedChildClassesEffective
allowedAttributes: allowedChildClasses
allowedAttributes: fromEntry
allowedAttributes: uSNSource
allowedAttributes: terminalServer
allowedAttributes: fRSMemberReferenceBL
allowedAttributes: frsComputerReferenceBL
allowedAttributes: isCriticalSystemObject
allowedAttributes: altSecurityIdentities
allowedAttributes: netbootSCPBL
allowedAttributes: bridgeheadServerListBL
allowedAttributes: lastKnownParent
allowedAttributes: aCSPolicyName
allowedAttributes: servicePrincipalName
allowedAttributes: userSharedFolderOther
allowedAttributes: userSharedFolder
allowedAttributes: url
allowedAttributes: otherIpPhone
allowedAttributes: ipPhone
allowedAttributes: partialAttributeDeletionList
allowedAttributes: lockoutTime
allowedAttributes: userPrincipalName
allowedAttributes: legacyExchangeDN
allowedAttributes: managedObjects
allowedAttributes: assistant
allowedAttributes: otherMailbox
allowedAttributes: mhsORAddress
allowedAttributes: primaryInternationalISDNNumber
allowedAttributes: primaryTelexNumber
allowedAttributes: otherMobile
allowedAttributes: otherFacsimileTelephoneNumber
allowedAttributes: userCert
allowedAttributes: showInAddressBook
allowedAttributes: partialAttributeSet
allowedAttributes: isPrivilegeHolder
allowedAttributes: wellKnownObjects
allowedAttributes: sIDHistory
allowedAttributes: queryPolicyBL
allowedAttributes: dynamicLDAPServer
allowedAttributes: nonSecurityMemberBL
allowedAttributes: serverReferenceBL
allowedAttributes: siteObjectBL
allowedAttributes: systemFlags
allowedAttributes: fSMORoleOwner
allowedAttributes: desktopProfile
allowedAttributes: groupPriority
allowedAttributes: groupsToIgnore
allowedAttributes: sAMAccountType
allowedAttributes: wbemPath
allowedAttributes: division
allowedAttributes: defaultClassStore
allowedAttributes: controlAccessRights
allowedAttributes: logonCount
allowedAttributes: groupMembershipSAM
allowedAttributes: lmPwdHistory
allowedAttributes: accountExpires
allowedAttributes: comment
allowedAttributes: rid
allowedAttributes: adminCount
allowedAttributes: revision
allowedAttributes: operatorCount
allowedAttributes: versionNumber
allowedAttributes: profilePath
allowedAttributes: userParameters
allowedAttributes: supplementalCredentials
allowedAttributes: securityIdentifier
allowedAttributes: primaryGroupID
allowedAttributes: preferredOU
allowedAttributes: pwdLastSet
allowedAttributes: ntPwdHistory
allowedAttributes: otherLoginWorkstations
allowedAttributes: unicodePwd
allowedAttributes: userWorkstations
allowedAttributes: maxStorage
allowedAttributes: logonWorkstation
allowedAttributes: logonHours
allowedAttributes: scriptPath
allowedAttributes: localeID
allowedAttributes: dBCSPwd
allowedAttributes: lastLogon
allowedAttributes: lastLogoff
allowedAttributes: badPasswordTime
allowedAttributes: homeDrive
allowedAttributes: homeDirectory
allowedAttributes: flags
allowedAttributes: employeeID
allowedAttributes: countryCode
allowedAttributes: codePage
allowedAttributes: badPwdCount
allowedAttributes: userAccountControl
allowedAttributes: replUpToDateVector
allowedAttributes: replPropertyMetaData
allowedAttributes: objectGUID
allowedAttributes: name
allowedAttributes: homePostalAddress
allowedAttributes: language
allowedAttributes: personalTitle
allowedAttributes: employeeType
allowedAttributes: personalPager
allowedAttributes: employeeNumber
allowedAttributes: formData
allowedAttributes: forwardingAddress
allowedAttributes: replicatedObjectVersion
allowedAttributes: extensionAttribute15
allowedAttributes: extensionAttribute14
allowedAttributes: extensionAttribute13
allowedAttributes: extensionAttribute12
allowedAttributes: extensionAttribute11
allowedAttributes: supportedAlgorithms
allowedAttributes: msExchHouseIdentifier
allowedAttributes: msExchLabeledURI
allowedAttributes: attributeCertificate
allowedAttributes: internetEncoding
allowedAttributes: protocolSettings
allowedAttributes: dnQualifier
allowedAttributes: enabledProtocols
allowedAttributes: USNIntersite
allowedAttributes: pOPCharacterSet
allowedAttributes: languageCode
allowedAttributes: pOPContentFormat
allowedAttributes: wWWHomePage
allowedAttributes: networkAddress
allowedAttributes: heuristics
allowedAttributes: mailNickname
allowedAttributes: msExchAssistantName
allowedAttributes: kMServer
allowedAttributes: directReports
allowedAttributes: extensionAttribute10
allowedAttributes: extensionAttribute9
allowedAttributes: extensionAttribute8
allowedAttributes: extensionAttribute7
allowedAttributes: extensionAttribute6
allowedAttributes: extensionAttribute5
allowedAttributes: extensionAttribute4
allowedAttributes: extensionAttribute3
allowedAttributes: extensionAttribute2
allowedAttributes: extensionAttribute1
allowedAttributes: expirationTime
allowedAttributes: mAPIRecipient
allowedAttributes: displayNamePrintable
allowedAttributes: targetAddress
allowedAttributes: folderPathname
allowedAttributes: mDBUseDefaults
allowedAttributes: garbageCollPeriod
allowedAttributes: publicDelegatesBL
allowedAttributes: altRecipientBL
allowedAttributes: dLMemRejectPermsBL
allowedAttributes: unauthOrigBL
allowedAttributes: dLMemSubmitPermsBL
allowedAttributes: authOrigBL
allowedAttributes: autoReplyMessage
allowedAttributes: autoReply
allowedAttributes: submissionContLength
allowedAttributes: otherHomePhone
allowedAttributes: mDBOverQuotaLimit
allowedAttributes: uSNDSALastObjRemoved
allowedAttributes: mDBStorageQuota
allowedAttributes: importedFrom
allowedAttributes: streetAddress
allowedAttributes: homeMDB
allowedAttributes: deliveryMechanism
allowedAttributes: publicDelegates
allowedAttributes: extensionData
allowedAttributes: extensionName
allowedAttributes: adminDescription
allowedAttributes: replicationSensitivity
allowedAttributes: unauthOrig
allowedAttributes: proxyAddresses
allowedAttributes: adminDisplayName
allowedAttributes: deliverAndRedirect
allowedAttributes: homeMTA
allowedAttributes: showInAdvancedViewOnly
allowedAttributes: company
allowedAttributes: dLMemSubmitPerms
allowedAttributes: department
allowedAttributes: delivExtContTypes
allowedAttributes: delivContLength
allowedAttributes: co
allowedAttributes: authOrig
allowedAttributes: altRecipient
allowedAttributes: uSNLastObjRem
allowedAttributes: uSNChanged
allowedAttributes: otherPager
allowedAttributes: deletedItemFlags
allowedAttributes: businessRoles
allowedAttributes: ownerBL
allowedAttributes: memberOf
allowedAttributes: repsFrom
allowedAttributes: repsTo
allowedAttributes: securityProtocol
allowedAttributes: info
allowedAttributes: telephoneAssistant
allowedAttributes: objectVersion
allowedAttributes: dSASignature
allowedAttributes: isDeleted
allowedAttributes: dLMemRejectPerms
allowedAttributes: uSNCreated
allowedAttributes: otherTelephone
allowedAttributes: displayName
allowedAttributes: subRefs
allowedAttributes: whenChanged
allowedAttributes: whenCreated
allowedAttributes: attributeCertificateAttribute
allowedAttributes: houseIdentifier
allowedAttributes: distinguishedName
allowedAttributes: x500uniqueIdentifier
allowedAttributes: generationQualifier
allowedAttributes: initials
allowedAttributes: givenName
allowedAttributes: userCertificate
allowedAttributes: userPassword
allowedAttributes: seeAlso
allowedAttributes: preferredDeliveryMethod
allowedAttributes: destinationIndicator
allowedAttributes: registeredAddress
allowedAttributes: internationalISDNNumber
allowedAttributes: x121Address
allowedAttributes: facsimileTelephoneNumber
allowedAttributes: teletexTerminalIdentifier
allowedAttributes: telexNumber
allowedAttributes: telephoneNumber
allowedAttributes: physicalDeliveryOfficeName
allowedAttributes: postOfficeBox
allowedAttributes: postalCode
allowedAttributes: postalAddress
allowedAttributes: businessCategory
allowedAttributes: description
allowedAttributes: title
allowedAttributes: ou
allowedAttributes: o
allowedAttributes: street
allowedAttributes: st
allowedAttributes: l
allowedAttributes: c
allowedAttributes: serialNumber
allowedAttributes: sn
allowedAttributes: objectCategory
allowedAttributes: sAMAccountName
allowedAttributes: objectSid
allowedAttributes: nTSecurityDescriptor
allowedAttributes: instanceType
allowedAttributes: cn
allowedAttributes: objectClass
allowedAttributesEffective: thumbnailPhoto
allowedAttributesEffective: middleName
allowedAttributesEffective: departmentNumber
allowedAttributesEffective: carLicense
allowedAttributesEffective: jpegPhoto
allowedAttributesEffective: audio
allowedAttributesEffective: pager
allowedAttributesEffective: mobile
allowedAttributesEffective: secretary
allowedAttributesEffective: homePhone
allowedAttributesEffective: manager
allowedAttributesEffective: photo
allowedAttributesEffective: roomNumber
allowedAttributesEffective: mail
allowedAttributesEffective: textEncodedORAddress
allowedAttributesEffective: uid
allowedAttributesEffective: userSMIMECertificate
allowedAttributesEffective: msExchRequireAuthToSendTo
allowedAttributesEffective: msDRM-IdentityCertificate
allowedAttributesEffective: thumbnailLogo
allowedAttributesEffective: preferredLanguage
allowedAttributesEffective: userPKCS12
allowedAttributesEffective: labeledURI
allowedAttributesEffective: msExchHomeServerName
allowedAttributesEffective: unmergedAtts
allowedAttributesEffective: msExchExpansionServerName
allowedAttributesEffective: replicationSignature
allowedAttributesEffective: msDS-AllowedToDelegateTo
allowedAttributesEffective: msIIS-FTPDir
allowedAttributesEffective: msIIS-FTPRoot
allowedAttributesEffective: msExchALObjectVersion
allowedAttributesEffective: msExchADCGlobalNames
allowedAttributesEffective: msExchUseOAB
allowedAttributesEffective: msExchHideFromAddressLists
allowedAttributesEffective: msExchMailboxSecurityDescriptor
allowedAttributesEffective: msExchMasterAccountSid
allowedAttributesEffective: lastLogonTimestamp
allowedAttributesEffective: msExchUnmergedAttsPt
allowedAttributesEffective: msExchPreviousAccountSid
allowedAttributesEffective: msDS-Site-Affinity
allowedAttributesEffective: msDS-Cached-Membership-Time-Stamp
allowedAttributesEffective: msDS-Cached-Membership
allowedAttributesEffective: msCOM-UserPartitionSetLink
allowedAttributesEffective: msExchInconsistentState
allowedAttributesEffective: msExchUserAccountControl
allowedAttributesEffective: msExchIMACL
allowedAttributesEffective: mS-DS-CreatorSID
allowedAttributesEffective: msExchIMMetaPhysicalURL
allowedAttributesEffective: mS-DS-ConsistencyChildCount
allowedAttributesEffective: mS-DS-ConsistencyGuid
allowedAttributesEffective: otherWellKnownObjects
allowedAttributesEffective: dSCorePropagationData
allowedAttributesEffective: accountNameHistory
allowedAttributesEffective: msExchIMPhysicalURL
allowedAttributesEffective: msExchIMVirtualServer
allowedAttributesEffective: msExchIMAddress
allowedAttributesEffective: proxiedObjectName
allowedAttributesEffective: msRASSavedFramedRoute
allowedAttributesEffective: msRASSavedFramedIPAddress
allowedAttributesEffective: msRASSavedCallbackNumber
allowedAttributesEffective: msRADIUSServiceType
allowedAttributesEffective: msRADIUSFramedRoute
allowedAttributesEffective: msRADIUSFramedIPAddress
allowedAttributesEffective: msRADIUSCallbackNumber
allowedAttributesEffective: msNPSavedCallingStationID
allowedAttributesEffective: msNPCallingStationID
allowedAttributesEffective: msNPAllowDialin
allowedAttributesEffective: mSMQSignCertificatesMig
allowedAttributesEffective: mSMQDigestsMig
allowedAttributesEffective: mSMQDigests
allowedAttributesEffective: mSMQSignCertificates
allowedAttributesEffective: msExchResourceGUID
allowedAttributesEffective: msExchResourceProperties
allowedAttributesEffective: msExchControllingZone
allowedAttributesEffective: msExchFBURL
allowedAttributesEffective: mDBOverHardQuotaLimit
allowedAttributesEffective: msExchMailboxGuid
allowedAttributesEffective: msExchMailboxFolderSet
allowedAttributesEffective: uSNSource
allowedAttributesEffective: terminalServer
allowedAttributesEffective: msExchRecipLimit
allowedAttributesEffective: dLMemDefault
allowedAttributesEffective: isCriticalSystemObject
allowedAttributesEffective: altSecurityIdentities
allowedAttributesEffective: msExchQueryBaseDN
allowedAttributesEffective: msExchPolicyOptionList
allowedAttributesEffective: lastKnownParent
allowedAttributesEffective: aCSPolicyName
allowedAttributesEffective: servicePrincipalName
allowedAttributesEffective: userSharedFolderOther
allowedAttributesEffective: userSharedFolder
allowedAttributesEffective: url
allowedAttributesEffective: otherIpPhone
allowedAttributesEffective: ipPhone
allowedAttributesEffective: partialAttributeDeletionList
allowedAttributesEffective: lockoutTime
allowedAttributesEffective: userPrincipalName
allowedAttributesEffective: legacyExchangeDN
allowedAttributesEffective: msExchPolicyEnabled
allowedAttributesEffective: assistant
allowedAttributesEffective: otherMailbox
allowedAttributesEffective: mhsORAddress
allowedAttributesEffective: primaryInternationalISDNNumber
allowedAttributesEffective: primaryTelexNumber
allowedAttributesEffective: otherMobile
allowedAttributesEffective: otherFacsimileTelephoneNumber
allowedAttributesEffective: userCert
allowedAttributesEffective: showInAddressBook
allowedAttributesEffective: partialAttributeSet
allowedAttributesEffective: msExchProxyCustomProxy
allowedAttributesEffective: wellKnownObjects
allowedAttributesEffective: sIDHistory
allowedAttributesEffective: msExchCustomProxyAddresses
allowedAttributesEffective: dynamicLDAPServer
allowedAttributesEffective: msExchPoliciesIncluded
allowedAttributesEffective: msExchPoliciesExcluded
allowedAttributesEffective: msExchMailboxUrl
allowedAttributesEffective: systemFlags
allowedAttributesEffective: fSMORoleOwner
allowedAttributesEffective: desktopProfile
allowedAttributesEffective: groupPriority
allowedAttributesEffective: groupsToIgnore
allowedAttributesEffective: sAMAccountType
allowedAttributesEffective: wbemPath
allowedAttributesEffective: division
allowedAttributesEffective: defaultClassStore
allowedAttributesEffective: controlAccessRights
allowedAttributesEffective: logonCount
allowedAttributesEffective: groupMembershipSAM
allowedAttributesEffective: lmPwdHistory
allowedAttributesEffective: accountExpires
allowedAttributesEffective: comment
allowedAttributesEffective: rid
allowedAttributesEffective: adminCount
allowedAttributesEffective: revision
allowedAttributesEffective: operatorCount
allowedAttributesEffective: versionNumber
allowedAttributesEffective: profilePath
allowedAttributesEffective: userParameters
allowedAttributesEffective: supplementalCredentials
allowedAttributesEffective: securityIdentifier
allowedAttributesEffective: primaryGroupID
allowedAttributesEffective: preferredOU
allowedAttributesEffective: pwdLastSet
allowedAttributesEffective: ntPwdHistory
allowedAttributesEffective: otherLoginWorkstations
allowedAttributesEffective: unicodePwd
allowedAttributesEffective: userWorkstations
allowedAttributesEffective: maxStorage
allowedAttributesEffective: logonWorkstation
allowedAttributesEffective: logonHours
allowedAttributesEffective: scriptPath
allowedAttributesEffective: localeID
allowedAttributesEffective: dBCSPwd
allowedAttributesEffective: lastLogon
allowedAttributesEffective: lastLogoff
allowedAttributesEffective: badPasswordTime
allowedAttributesEffective: homeDrive
allowedAttributesEffective: homeDirectory
allowedAttributesEffective: flags
allowedAttributesEffective: employeeID
allowedAttributesEffective: countryCode
allowedAttributesEffective: codePage
allowedAttributesEffective: badPwdCount
allowedAttributesEffective: userAccountControl
allowedAttributesEffective: replUpToDateVector
allowedAttributesEffective: replPropertyMetaData
allowedAttributesEffective: objectGUID
allowedAttributesEffective: name
allowedAttributesEffective: homePostalAddress
allowedAttributesEffective: language
allowedAttributesEffective: personalTitle
allowedAttributesEffective: employeeType
allowedAttributesEffective: personalPager
allowedAttributesEffective: employeeNumber
allowedAttributesEffective: formData
allowedAttributesEffective: forwardingAddress
allowedAttributesEffective: replicatedObjectVersion
allowedAttributesEffective: extensionAttribute15
allowedAttributesEffective: extensionAttribute14
allowedAttributesEffective: extensionAttribute13
allowedAttributesEffective: extensionAttribute12
allowedAttributesEffective: extensionAttribute11
allowedAttributesEffective: supportedAlgorithms
allowedAttributesEffective: msExchHouseIdentifier
allowedAttributesEffective: msExchLabeledURI
allowedAttributesEffective: attributeCertificate
allowedAttributesEffective: internetEncoding
allowedAttributesEffective: protocolSettings
allowedAttributesEffective: dnQualifier
allowedAttributesEffective: enabledProtocols
allowedAttributesEffective: USNIntersite
allowedAttributesEffective: pOPCharacterSet
allowedAttributesEffective: languageCode
allowedAttributesEffective: pOPContentFormat
allowedAttributesEffective: wWWHomePage
allowedAttributesEffective: networkAddress
allowedAttributesEffective: heuristics
allowedAttributesEffective: mailNickname
allowedAttributesEffective: msExchAssistantName
allowedAttributesEffective: kMServer
allowedAttributesEffective: msExchPfRootUrl
allowedAttributesEffective: extensionAttribute10
allowedAttributesEffective: extensionAttribute9
allowedAttributesEffective: extensionAttribute8
allowedAttributesEffective: extensionAttribute7
allowedAttributesEffective: extensionAttribute6
allowedAttributesEffective: extensionAttribute5
allowedAttributesEffective: extensionAttribute4
allowedAttributesEffective: extensionAttribute3
allowedAttributesEffective: extensionAttribute2
allowedAttributesEffective: extensionAttribute1
allowedAttributesEffective: expirationTime
allowedAttributesEffective: mAPIRecipient
allowedAttributesEffective: displayNamePrintable
allowedAttributesEffective: targetAddress
allowedAttributesEffective: folderPathname
allowedAttributesEffective: mDBUseDefaults
allowedAttributesEffective: garbageCollPeriod
allowedAttributesEffective: msExchIMAPOWAURLPrefixOverride
allowedAttributesEffective: msExchOriginatingForest
allowedAttributesEffective: msExchVoiceMailboxID
allowedAttributesEffective: msExchTUIPassword
allowedAttributesEffective: msExchTUIVolume
allowedAttributesEffective: msExchTUISpeed
allowedAttributesEffective: autoReplyMessage
allowedAttributesEffective: autoReply
allowedAttributesEffective: submissionContLength
allowedAttributesEffective: otherHomePhone
allowedAttributesEffective: mDBOverQuotaLimit
allowedAttributesEffective: uSNDSALastObjRemoved
allowedAttributesEffective: mDBStorageQuota
allowedAttributesEffective: importedFrom
allowedAttributesEffective: streetAddress
allowedAttributesEffective: homeMDB
allowedAttributesEffective: deliveryMechanism
allowedAttributesEffective: publicDelegates
allowedAttributesEffective: extensionData
allowedAttributesEffective: extensionName
allowedAttributesEffective: adminDescription
allowedAttributesEffective: replicationSensitivity
allowedAttributesEffective: unauthOrig
allowedAttributesEffective: proxyAddresses
allowedAttributesEffective: adminDisplayName
allowedAttributesEffective: deliverAndRedirect
allowedAttributesEffective: homeMTA
allowedAttributesEffective: showInAdvancedViewOnly
allowedAttributesEffective: company
allowedAttributesEffective: dLMemSubmitPerms
allowedAttributesEffective: department
allowedAttributesEffective: delivExtContTypes
allowedAttributesEffective: delivContLength
allowedAttributesEffective: co
allowedAttributesEffective: authOrig
allowedAttributesEffective: altRecipient
allowedAttributesEffective: uSNLastObjRem
allowedAttributesEffective: uSNChanged
allowedAttributesEffective: otherPager
allowedAttributesEffective: deletedItemFlags
allowedAttributesEffective: businessRoles
allowedAttributesEffective: msExchOmaAdminWirelessEnable
allowedAttributesEffective: msExchOmaAdminExtendedSettings
allowedAttributesEffective: repsFrom
allowedAttributesEffective: repsTo
allowedAttributesEffective: securityProtocol
allowedAttributesEffective: info
allowedAttributesEffective: telephoneAssistant
allowedAttributesEffective: objectVersion
allowedAttributesEffective: dSASignature
allowedAttributesEffective: isDeleted
allowedAttributesEffective: dLMemRejectPerms
allowedAttributesEffective: uSNCreated
allowedAttributesEffective: otherTelephone
allowedAttributesEffective: displayName
allowedAttributesEffective: subRefs
allowedAttributesEffective: whenChanged
allowedAttributesEffective: whenCreated
allowedAttributesEffective: attributeCertificateAttribute
allowedAttributesEffective: houseIdentifier
allowedAttributesEffective: distinguishedName
allowedAttributesEffective: x500uniqueIdentifier
allowedAttributesEffective: generationQualifier
allowedAttributesEffective: initials
allowedAttributesEffective: givenName
allowedAttributesEffective: userCertificate
allowedAttributesEffective: userPassword
allowedAttributesEffective: seeAlso
allowedAttributesEffective: preferredDeliveryMethod
allowedAttributesEffective: destinationIndicator
allowedAttributesEffective: registeredAddress
allowedAttributesEffective: internationalISDNNumber
allowedAttributesEffective: x121Address
allowedAttributesEffective: facsimileTelephoneNumber
allowedAttributesEffective: teletexTerminalIdentifier
allowedAttributesEffective: telexNumber
allowedAttributesEffective: telephoneNumber
allowedAttributesEffective: physicalDeliveryOfficeName
allowedAttributesEffective: postOfficeBox
allowedAttributesEffective: postalCode
allowedAttributesEffective: postalAddress
allowedAttributesEffective: businessCategory
allowedAttributesEffective: description
allowedAttributesEffective: title
allowedAttributesEffective: ou
allowedAttributesEffective: o
allowedAttributesEffective: street
allowedAttributesEffective: st
allowedAttributesEffective: l
allowedAttributesEffective: c
allowedAttributesEffective: serialNumber
allowedAttributesEffective: sn
allowedAttributesEffective: objectCategory
allowedAttributesEffective: sAMAccountName
allowedAttributesEffective: objectSid
allowedAttributesEffective: nTSecurityDescriptor
allowedAttributesEffective: instanceType
allowedAttributesEffective: cn
allowedAttributesEffective: objectClass
# Referral
ref: ldap://exchange.win2k3.abartlet.net/DC=exchange,DC=win2k3,DC=abartlet,DC=net
# Referral
ref: ldap://ForestDnsZones.win2k3.abartlet.net/DC=ForestDnsZones,DC=win2k3,DC=abartlet,DC=net
# Referral
ref: ldap://DomainDnsZones.win2k3.abartlet.net/DC=DomainDnsZones,DC=win2k3,DC=abartlet,DC=net
# Referral
ref: ldap://win2k3.abartlet.net/CN=Configuration,DC=win2k3,DC=abartlet,DC=net
# returned 5 records
# 1 entries
# 4 referrals
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-directory-devel/attachments/20061102/be4fe8c6/attachment.sig>
More information about the Fedora-directory-devel
mailing list