RFC 3671 (rfc3671) - Page 2 of 10


Collective Attributes in the Lightweight Directory Access Protocol (LDAP)



Alternative Format: Original Text Document



RFC 3671             Collective Attributes in LDAP         December 2003


1.2.  Collective Attributes

   Attributes shared by the entries comprising an entry collection are
   called collective attributes.  Values of collective attributes are
   visible but not updateable to clients accessing entries within the
   collection.  Collective attributes are updated (i.e., modified) via
   their associated collective attributes subentry.

   When an entry belongs to multiple entry collections, the entry's
   values of each collective attribute are combined such that
   independent sources of these values are not manifested to clients.

   Entries can specifically exclude a particular collective attribute by
   listing the attribute as a value of the collectiveExclusions
   attribute.  Like other user attributes, collective attributes are
   subject to a variety of controls including access, administrative,
   and content controls.

1.3.  Conventions

   Schema definitions are provided using LDAPv3 [RFC 2251] description
   formats [RFC 2252].  Definitions provided here are formatted (line
   wrapped) for readability.

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in BCP 14 [RFC 2119].

2.  System Schema for Collective Attributes

   The following operational attributes are used to manage Collective
   Attributes.  LDAP servers [RFC 3377] MUST act in accordance with the
   X.500 Directory Models [X.501] when providing this service.

2.1.  collectiveAttributeSubentry

   Subentries of this object class are used to administer collective
   attributes and are referred to as collective attribute subentries.

      ( 2.5.17.2 NAME 'collectiveAttributeSubentry' AUXILIARY )

   A collective attribute subentry SHOULD contain at least one
   collective attribute.  The collective attributes contained within a
   collective attribute subentry are available for finding, searching,
   and comparison at every entry within the scope of the subentry.  The
   collective attributes, however, are administered (e.g., modified) via
   the subentry.




Zeilenga                    Standards Track