DirectoryServiceA... BSD Miscellaneous Information Manual DirectoryServiceA...
NAME
DirectoryServiceAttributes The following standard attribute types are defined in <DirectorySer-
vices/DirServicesConst.h>
DESCRIPTION
This document contains well known attribute and record type constants.
They can be used with dsDataNodeAllocateString() to create a data node to pass to a Directory Services
API call.
Legend:
eDS1xxxxxx Single Valued Attribute
eDSNxxxxxx Multi-Valued Attribute
NOTE: Access controls may prevent any particular client from reading/writting various attributes. In
addition some attributes may not be stored at all and could represent "real-time" data generated by the
directory node plug-in.
NOTE #2: Attributes in the model are available for records & directory nodes.
Type String
All Records
kDSRecordsAll "dsRecordsAll"
kDSRecordsStandardAll "dsRecordsStandardAll"
kDSRecordsNativeAll "dsRecordsNativeAll"
All Attributes
kDSAttributesAll "dsAttributesAll"
kDSAttributesStandardAll "dsAttributesStandardAll"
kDSAttributesNativeAll "dsAttributesNativeAll"
Well Known Record Types
kDSStdRecordTypePrefix "dsRecTypeStandard:"
kDSNativeRecordTypePrefix "dsRecTypeNative:"
kDSStdRecordTypeUsers "dsRecTypeStandard:Users"
kDSStdRecordTypeGroups "dsRecTypeStandard:Groups"
kDSStdRecordTypeMachines "dsRecTypeStandard:Machines"
kDSStdRecordTypeAliases "dsRecTypeStandard:Aliases"
kDSStdRecordTypeHosts "dsRecTypeStandard:Hosts"
kDSStdRecordTypePrinters "dsRecTypeStandard:Printers"
kDSStdRecordTypeNetworks "dsRecTypeStandard:Networks"
kDSStdRecordTypeServices "dsRecTypeStandard:Services"
kDSStdRecordTypeServer "dsRecTypeStandard:Server"
kDSStdRecordTypProtocols "dsRecTypeStandard:Protocols"
kDSStdRecordTypeProtocols "dsRecTypeStandard:Protocols"
kDSStdRecordTypRPC "dsRecTypeStandard:RPC"
kDSStdRecordTypeRPC "dsRecTypeStandard:RPC"
kDSStdRecordTypePrintService "dsRecTypeStandard:PrintService"
kDSStdRecordTypeConfig "dsRecTypeStandard:Config"
kDSStdRecordTypeAFPServer "dsRecTypeStandard:AFPServer"
kDSStdRecordTypeSMBServer "dsRecTypeStandard:SMBServer"
kDSStdRecordTypeFTPServer "dsRecTypeStandard:FTPServer"
kDSStdRecordTypeNFS "dsRecTypeStandard:NFS"
kDSStdRecordTypeWebServer "dsRecTypeStandard:WebServer"
kDSStdRecordTypeLDAPServer "dsRecTypeStandard:LDAPServer"
kDSStdRecordTypeQTSServer "dsRecTypeStandard:QTSServer"
kDSStdRecordTypMounts "dsRecTypeStandard:Mounts"
kDSStdRecordTypeMounts "dsRecTypeStandard:Mounts"
kDSStdRecordTypeComputerGroups "dsRecTypeStandard:ComputerGroups"
kDSStdRecordTypeComputers "dsRecTypeStandard:Computers"
kDSStdRecordTypeComputerLists "dsRecTypeStandard:ComputerLists"
kDSStdRecordTypePresetUsers "dsRecTypeStandard:PresetUsers"
kDSStdRecordTypePresetGroups "dsRecTypeStandard:PresetGroups"
kDSStdRecordTypePresetComputers "dsRecTypeStandard:PresetComputers"
kDSStdRecordTypePresetComputerGroups "dsRecTypeStandard:PresetComputerGroups"
kDSStdRecordTypePresetComputerLists "dsRecTypeStandard:PresetComputerLists"
kDSStdRecordTypeAutoServerSetup Discussion:
Used to discover automated server setup information.
kDSStdRecordTypeAutoServerSetup "dsRecTypeStandard:AutoServerSetup"
kDSStdRecordTypePasswordServer Discussion:
Used to discover password servers via Bonjour.
kDSStdRecordTypePasswordServer "dsRecTypeStandard:PasswordServer"
kDSStdRecordTypePeople Discussion:
Record type that contains "People" records used for contact information.
kDSStdRecordTypePeople "dsRecTypeStandard:People"
kDSStdRecordTypeSharePoints Discussion:
Share point record type.
kDSStdRecordTypeSharePoints "dsRecTypeStandard:SharePoints"
kDSStdRecordTypePrintServiceUser Discussion:
Record in the local node for storing quota usage for a user.
kDSStdRecordTypePrintServiceUser "dsRecTypeStandard:PrintServiceUser"
kDSStdRecordTypeAFPUserAliases "dsRecTypeStandard:AFPUserAliases"
kDSStdRecordTypeBootp Discussion:
Record in the local node for storing bootp info.
kDSStdRecordTypeBootp "dsRecTypeStandard:Bootp"
kDSStdRecordTypeNetDomains Discussion:
Record in the local node for storing net domains.
kDSStdRecordTypeNetDomains "dsRecTypeStandard:NetDomains"
kDSStdRecordTypeEthernets Discussion:
Record in the local node for storing ethernets.
kDSStdRecordTypeEthernets "dsRecTypeStandard:Ethernets"
kDSStdRecordTypeNetGroups Discussion:
Record in the local node for storing net groups.
kDSStdRecordTypeNetGroups "dsRecTypeStandard:NetGroups"
kDSStdRecordTypeHostServices Discussion:
Record in the local node for storing host services.
kDSStdRecordTypeHostServices "dsRecTypeStandard:HostServices"
kDSStdUserNamesMeta "dsRecTypeStandard:MetaUserNames"
kDSStdRecordTypeMeta "dsRecTypeStandard:AppleMetaRecord"
Location record type.
kDSStdRecordTypeLocations "dsRecTypeStandard:Locations"
kDSStdRecordTypeNeighborhoods Discussion: Neighborhood record type. Describes a list of computers and
other neighborhoods, used for network browsing.
kDSStdRecordTypeNeighborhoods "dsRecTypeStandard:Neighborhoods"
kDSStdRecordTypeCertificateAuthorities Discussion:
Record type that contains certificate authority information.
kDSStdRecordTypeCertificateAuthorities "dsRecTypeStandard:CertificateAuthorities"
kDSStdRecordTypeAccessControls Discussion: Record type that contains directory access control direc-tives. directives.
tives.
kDSStdRecordTypeAccessControls "dsRecTypeStandard:AccessControls"
FileMaker servers record type. Describes available FileMaker servers used for service discovery.
kDSStdRecordTypeFileMakerServers "dsRecTypeStandard:FileMakerServers"
Resource record type.
kDSStdRecordTypeResources "dsRecTypeStandard:Resources"
Well Known Attribute Types...
kDSStdAttrTypePrefix "dsAttrTypeStandard:"
kDSNativeAttrTypePrefix "dsAttrTypeNative:"
kDSAttrNone "dsNone"
Authentication Methods
kDSStdAuthMethodPrefix "dsAuthMethodStandard:"
kDSNativeAuthMethodPrefix "dsAuthMethodNative:"
kDSStdAuthClearText "dsAuthMethodStandard:dsAuthClearText"
kDSStdAuthCrypt Discussion:
Use a crypt password stored in the user record if available to do the authentication. The buffer is
packed as follows:
4 byte length of username,
username in UTF8 encoding,
4 byte length of password,
password in UTF8 encoding
This method may not be supported by all plug-ins or for all users.
kDSStdAuthCrypt "dsAuthMethodStandard:dsAuthCrypt"
kDSStdAuthSetPasswd "dsAuthMethodStandard:dsAuthSetPasswd"
kDSStdAuthChangePasswd Discussion:
Change the password for a user. Does not require prior authentication.
The buffer is packed as follows:
4 byte length of username,
username in UTF8 encoding,
4 byte length of old password,
old password in UTF8 encoding,
4 byte length of new password,
new password in UTF8 encoding
kDSStdAuthChangePasswd "dsAuthMethodStandard:dsAuthChangePasswd"
kDSStdAuthSetPasswdAsRoot "dsAuthMethodStandard:dsAuthSetPasswdAsRoot"
kDSStdAuth2WayRandomChangePasswd Discussion:
Change the password for a user using the two-way random method.
Does not require prior authentication.
The buffer is packed as follows:
4 byte length of username,
username in UTF8 encoding,
4 byte length of old password encrypted with new (should be 8),
old password encrypted with new,
4 byte length of new password encrypted with old (should be 8),
new password encrypted with old
kDSStdAuth2WayRandomChangePasswd "dsAuthMethodStandard:dsAuth2WayRandomChangePasswd"
kDSStdAuthAPOP "dsAuthMethodStandard:dsAuthAPOP"
kDSStdAuth2WayRandom "dsAuthMethodStandard:dsAuth2WayRandom"
kDSStdAuthNodeNativeClearTextOK Discussion:
The plug-in should determine which specific authentication method to use.
The buffer is packed as follows:
4 byte length of username,
username in UTF8 encoding,
4 byte length of password,
password in UTF8 encoding
The plug-in may choose to use a cleartext authentication method if necessary.
kDSStdAuthNodeNativeClearTextOK "dsAuthMethodStandard:dsAuthNodeNativeCanUseClearText"
kDSStdAuthNodeNativeNoClearText Discussion:
The plug-in should determine which specific authentication method to use.
The buffer is packed as follows:
4 byte length of username,
username in UTF8 encoding,
4 byte length of password,
password in UTF8 encoding
The plug-in must not use an authentication method that sends the password in cleartext.
kDSStdAuthNodeNativeNoClearText "dsAuthMethodStandard:dsAuthNodeNativeCannotUseClearText"
kDSStdAuthSMB_NT_Key "dsAuthMethodStandard:dsAuthSMBNTKey"
kDSStdAuthSMB_LM_Key "dsAuthMethodStandard:dsAuthSMBLMKey"
kDSStdAuthCRAM_MD5 "dsAuthMethodStandard:dsAuthNodeCRAM-MD5"
kDSStdAuthDIGEST_MD5 "dsAuthMethodStandard:dsAuthNodeDIGEST-MD5"
kDSStdAuthNTLMv2 Discussion:
If the NTLMv2 session key is supported, it is returned in the step buffer. The input buffer is packed
as follows:
4 byte length of username,
username in UTF8 encoding,
4 byte length of samba server challenge,
samba server challenge
4 byte length of the NTLMv2 client "blob"
the client "blob" which includes 16 bytes of client digest prefixed to the the blob data
4 byte length of the user name used to calculate the digest,
the user name used to calculate the digest in UTF8 encoding
4 byte length of the samba domain,
the samba domain in UTF8 encoding
kDSStdAuthNTLMv2 "dsAuthMethodStandard:dsAuthNodeNTLMv2"
Kerberized SMB Server services Discussion:
Related constants for supporting Kerberized SMB Server services. These are only used for dsGetDirNode-Info dsGetDirNodeInfo
Info requests. They are not attributes that are used otherwise.
kDS1AttrKerberosRealm "dsAttrTypeStandard:KerberosRealm"
kDS1AttrPrimaryNTDomain "dsAttrTypeStandard:PrimaryNTDomain"
kDS1AttrNTDomainComputerAccount
"dsAttrTypeStandard:NTDomainComputerAccount"
Attribute type for the owner of a record. Typically the value is a LDAP distinguished name.
kDS1AttrOwner "dsAttrTypeStandard:Owner"
PDC_SMB_Constants Discussion:
Related constants for supporting PDC SMB interaction with DS.
kDSStdAuthSMB_NT_UserSessionKey "dsAuthMethodStandard:dsAuthSMBNTUserSessionKey"
kDSStdAuthSMBWorkstationCredentialSessionKey "dsAuthMethodStandard:dsAuthSMBWorkstationCredentialSes-sionKey" "dsAuthMethodStandard:dsAuthSMBWorkstationCredentialSessionKey"
sionKey"
kDSStdAuthSetWorkstationPasswd "dsAuthMethodStandard:dsAuthSetWorkstation-Passwd" "dsAuthMethodStandard:dsAuthSetWorkstationPasswd"
Passwd"
kDS1AttrSMBRID "dsAttrTypeStandard:smb_rid"
kDS1AttrSMBGroupRID "dsAttrTypeStandard:smb_group_rid"
kDS1AttrSMBHomeDrive Discussion:
Drive letter for homedirectory mount point.
kDS1AttrSMBHomeDrive "dsAttrTypeStandard:SMBHomeDrive"
kDS1AttrSMBHome Discussion:
UNC address of Windows homedirectory mount point (\server\sharepoint).
kDS1AttrSMBHome "dsAttrTypeStandard:SMBHome"
kDS1AttrSMBScriptPath Discussion:
Login script path.
kDS1AttrSMBScriptPath "dsAttrTypeStandard:SMBScriptPath"
kDS1AttrSMBProfilePath Discussion:
Desktop management info (dock, desktop links, etc).
kDS1AttrSMBProfilePath "dsAttrTypeStandard:SMBProfilePath"
kDS1AttrSMBUserWorkstations Discussion:
List of workstations user can login from (machine account names).
kDS1AttrSMBUserWorkstations "dsAttrTypeStandard:SMBUserWorkstations"
Account_Control_Flags Discussion:
Set of account control flags.
kDS1AttrSMBAcctFlags "dsAttrTypeStandard:SMBAccountFlags"
kDS1AttrSMBPWDLastSet "dsAttrTypeStandard:SMBPasswordLastSet"
kDS1AttrSMBLogonTime "dsAttrTypeStandard:SMBLogonTime"
kDS1AttrSMBLogoffTime "dsAttrTypeStandard:SMBLogoffTime"
kDS1AttrSMBKickoffTime "dsAttrTypeStandard:SMBKickoffTime"
kDS1AttrSMBSID Discussion:
SMB Security ID, stored as a string attribute of up to 64 bytes. Found in user, group, and computer
records (kDSStdRecordTypeUsers, kDSStdRecordTypeGroups, kDSStdRecordTypeComputers).
kDS1AttrSMBSID "dsAttrTypeStandard:SMBSID"
kDS1AttrSMBPrimaryGroupSID Discussion:
SMB Primary Group Security ID, stored as a string attribute of up to 64 bytes. Found in user, group,
and computer records (kDSStdRecordTypeUsers, kDSStdRecordTypeGroups, kDSStdRecordTypeComputers).
kDS1AttrSMBPrimaryGroupSID "dsAttrTypeStandard:SMBPrimaryGroupSID"
kDS1AttrPasswordServerList Discussion:
Represents the attribute for storing the password server's replication information.
kDS1AttrPasswordServerList "dsAttrTypeStandard:PasswordServerList"
kDS1AttrAlternateDatastoreLocation Discussion:
Unix path used for determining where a user's email is stored.
kDS1AttrAlternateDatastoreLocation "dsAttrTypeStandard:AlternateDatastoreLocation"
kDSStdAuthMSCHAP2 Discussion:
MS-CHAP2 is a mutual authentication method. The plug-in will generate the data to send back to the
client and put it in the step buffer.
The input buffer format:
4 byte length,
username,
4 byte length,
server challenge,
4 byte length,
peer challenge,
4 byte length,
client's digest,
The output buffer format:
4 byte length,
return digest for the client's challenge
kDSStdAuthMSCHAP2 "dsAuthMethodStandard:dsAuthMSCHAP2"
kDSStdAuthMASKE_A "dsAuthMethodStandard:dsAuthMASKE-A"
kDSStdAuthMASKE_B "dsAuthMethodStandard:dsAuthMASKE-B"
kDSStdAuthWithAuthorizationRef Discussion:
Allows access to local directories as root with a valid AuthorizationRef.
The input buffer format:
externalized AuthorizationRef
kDSStdAuthWithAuthorizationRef "dsAuthMethodStandard:dsAuthWithAuthorizationRef"
kDSStdAuthNewUser Discussion:
Create a new user record with the authentication authority
The buffer is packed as follows:
4 byte length of authenticator's UserID,
authenticator's UserID in UTF8 encoding,
4 byte length of authenticator's password,
authenticator's password in UTF8 encoding
4 byte length of new user's short-name,
user's short-name,
4 byte length of new user's password,
user's password
kDSStdAuthNewUser "dsAuthMethodStandard:dsAuthNewUser"
kDSStdAuthGetPolicy Discussion:
The plug-in should determine which specific authentication method to use.
The buffer is packed as follows:
4 byte length of authenticator's UserID,
authenticator's UserID in UTF8 encoding,
4 byte length of authenticator's password,
authenticator's password in UTF8 encoding
4 byte length of UserID of the account to get policies,
UserID of the account to get policies in UTF8 encoding
The Password Server does not require authentication for this auth method. The first two fields are to
cover us for future policy changes and to keep the buffer format as standardized as possible.
kDSStdAuthGetPolicy "dsAuthMethodStandard:dsAuthGetPolicy"
kDSStdAuthSetPolicy Discussion:
The plug-in should determine which specific authentication method to use.
The buffer is packed as follows:
4 byte length of authenticator's UserID,
authenticator's UserID in UTF8 encoding,
4 byte length of authenticator's password,
authenticator's password in UTF8 encoding
4 byte length of UserID of the account to set policies,
UserID of the account to set policies in UTF8 encoding
4 byte length of policy data,
policy data
kDSStdAuthSetPolicy "dsAuthMethodStandard:dsAuthSetPolicy"
kDSStdAuthGetGlobalPolicy "dsAuthMethodStandard:dsAuthGetGlobalPolicy"
kDSStdAuthSetGlobalPolicy "dsAuthMethodStandard:dsAuthSetGlobalPolicy"
kDSStdAuthGetUserName "dsAuthMethodStandard:dsAuthGetUserName"
kDSStdAuthSetUserName "dsAuthMethodStandard:dsAuthSetUserName"
kDSStdAuthGetUserData "dsAuthMethodStandard:dsAuthGetUserData"
kDSStdAuthSetUserData "dsAuthMethodStandard:dsAuthSetUserData"
kDSStdAuthDeleteUser "dsAuthMethodStandard:dsAuthDeleteUser"
Users Distinguished or Real Name
kDS1AttrDistinguishedName "dsAttrTypeStandard:RealName"
kDS1AttrFirstName "dsAttrTypeStandard:FirstName"
kDS1AttrMiddleName "dsAttrTypeStandard:MiddleName"
kDS1AttrLastName "dsAttrTypeStandard:LastName"
All possible names for a record
kDSNAttrAllNames "dsAttrTypeStandard:AllNames"
Set password methods
kDSSetPasswdBestOf "dsSetPasswdBestOf"
kDSNAttrAuthenticationAuthority Discussion:
Determines what mechanism is used to verify or set a user's password. If multiple values are present,
the first attributes returned take precedence. Typically found in User records (kDSStdRecordTypeUsers).
kDSNAttrAuthenticationAuthority "dsAttrTypeStandard:AuthenticationAuthority"
kDS1AttrPasswordPolicyOptions Discussion:
Collection of password policy options in single attribute. Used in user presets record.
kDS1AttrPasswordPolicyOptions "dsAttrTypeStandard:PasswordPolicyOptions"
kDSValueDefaultAuthAuthority Discussion:
The default value to use for the kDSNAttrAuthenticationAuthority attribute. When creating a user
record, set this value for authentication authority before setting the password with dsDoDirNodeAuth.
kDSValueAuthAuthorityDefault kDSValueAuthAuthorityShadowHash
kDSValueAuthAuthorityBasic ";basic;"
kDSTagAuthAuthorityBasic "basic"
kDSValueAuthAuthorityLocalWindowsHash ";LocalWindowsHash;"
kDSTagAuthAuthorityLocalWindowsHash "LocalWindowsHash"
kDSValueAuthAuthorityShadowHash ";ShadowHash;"
kDSTagAuthAuthorityShadowHash "ShadowHash"
kDSTagAuthAuthorityBetterHashOnly "BetterHashOnly"
kDSValueAuthAuthorityPasswordServerPrefix ";ApplePasswordServer;"
kDSTagAuthAuthorityPasswordServer "ApplePasswordServer"
kDSValueAuthAuthorityKerberosv5 ";Kerberosv5;"
kDSTagAuthAuthorityKerberosv5 "Kerberosv5"
kDSValueAuthAuthorityLocalCachedUser ";LocalCachedUser;"
kDSTagAuthAuthorityLocalCachedUser "LocalCachedUser"
Single Valued Attribute
kDS1AttrPassword "dsAttrTypeStandard:Password"
kDS1AttrPasswordPlus "dsAttrTypeStandard:PasswordPlus"
kDS1AttrAuthenticationHint "dsAttrTypeStandard:AuthenticationHint"
kDS1AttrInternetAlias "dsAttrTypeStandard:InetAlias"
kDS1AttrNFSHomeDirectory "dsAttrTypeStandard:NFSHomeDirectory"
kDS1AttrUniqueID "dsAttrTypeStandard:UniqueID"
kDS1AttrPrimaryGroupID "dsAttrTypeStandard:PrimaryComputerList"
kDS1AttrPrimaryGroupID "dsAttrTypeStandard:PrimaryGroupID"
kDS1AttrMailAttribute "dsAttrTypeStandard:MailAttribute"
kDS1AttrComment "dsAttrTypeStandard:Comment"
kDS1AttrRARA "dsAttrTypeStandard:RARA"
kDS1AttrGeneratedUID "dsAttrTypeStandard:GeneratedUID"
kDS1AttrAdminStatus "dsAttrTypeStandard:AdminStatus"
kDS1AttrPwdAgingPolicy "dsAttrTypeStandard:PwdAgingPolicy"
kDS1AttrUserShell "dsAttrTypeStandard:UserShell"
kDS1AttrVFSType "dsAttrTypeStandard:VFSType"
kDS1AttrVFSPassNo "dsAttrTypeStandard:VFSPassNo"
kDS1AttrVFSDumpFreq "dsAttrTypeStandard:VFSDumpFreq"
kDS1AttrVFSLinkDir "dsAttrTypeStandard:VFSLinkDir"
kDS1AttrChange "dsAttrTypeStandard:Change"
kDS1AttrExpire "dsAttrTypeStandard:Expire"
kDSNAttrGroupMembership "dsAttrTypeStandard:GroupMembership"
kDSNAttrHomeDirectory "dsAttrTypeStandard:HomeDirectory"
kDSNAttrKeywords "dsAttrTypeStandard:Keywords"
kDS1AttrXMLPlist Discussion: SA config settings plist.
kDS1AttrXMLPlist "dsAttrTypeStandard:XMLPlist"
kDS1AttrDateRecordCreated Discussion: Date of record creation.
kDS1AttrDateRecordCreated "dsAttrTypeStandard:DateRecordCreated"
kDS1AttrCreationTimestamp Discussion: Attribute showing date/time of record creation. Format is x.208
standard YYYYMMDDHHMMSSZ which we will require as GMT time.
kDS1AttrCreationTimestamp "dsAttrTypeStandard:CreationTimestamp"
kDS1AttrModificationTimestamp Discussion: Attribute showing date/time of record modification. Format
is x.208 standard YYYYMMDDHHMMSSZ which we will require as GMT time.
kDS1AttrModificationTimestamp "dsAttrTypeStandard:ModificationTimestamp"
kDS1AttrTimeToLive Discussion: Attribute recommending how long to cache the record's attribute values.
Format is an unsigned 32 bit representing seconds. ie. 300 is 5 minutes.
kDS1AttrTimeToLive "dsAttrTypeStandard:TimeToLive"
kDS1AttrHomeDirectoryQuota Discussion:
Represents the allowed usage for a user's home directory in bytes. Found in user records (kDSStdRecord-TypeUsers). (kDSStdRecordTypeUsers).
TypeUsers).
kDS1AttrHomeDirectoryQuota "dsAttrTypeStandard:HomeDirectoryQuota"
kDS1AttrHomeDirectorySoftQuota "dsAttrTypeStandard:HomeDirectorySoftQuota"
kDS1AttrAdminLimits Discussion:
XML plist indicating what an admin user can edit. Found in kDSStdRecordTypeUsers records.
kDS1AttrAdminLimits "dsAttrTypeStandard:AdminLimits"
kDS1AttrPresetUserIsAdmin Discussion:
Flag to indicate whether users created from this preset are administrators by default. Found in kDSSt-dRecordTypePresetUsers kDSStdRecordTypePresetUsers
dRecordTypePresetUsers records.
kDS1AttrPresetUserIsAdmin "dsAttrTypeStandard:PresetUserIsAdmin"
kDS1StandardAttrHomeLocOwnerkDS1AttrHomeLocOwner
kDS1AttrHomeLocOwner Discussion:
Represents the owner of a workgroup's shared home directory. Typically found in kDSStdRecordTypeGroups
records.
kDS1AttrHomeLocOwner "dsAttrTypeStandard:HomeLocOwner"
kDSNAttrProtocols "dsAttrTypeStandard:Protocols"
kDSNAttrVFSOpts "dsAttrTypeStandard:VFSOpts"
kDS1AttrPasswordServerLocation Discussion:
Specifies the IP address or domain name of the Password Server associated with a given directory node.
Found in a config record named PasswordServer.
kDS1AttrPasswordServerLocation "dsAttrTypeStandard:PasswordServerLocation"
kDS1AttrPort Discussion:
Represents the port number a service is available on. Typically found in service record types including
kDSStdRecordTypeAFPServer, kDSStdRecordTypeLDAPServer, and kDSStdRecordTypeWebServer.
kDS1AttrPort "dsAttrTypeStandard:Port"
kDS1AttrLocation Discussion:
Represents the location a service is available from (usually domain name). Typically found in service
record types including kDSStdRecordTypeAFPServer, kDSStdRecordTypeLDAPServer, and kDSStdRecordTypeWeb-Server. kDSStdRecordTypeWebServer.
Server.
kDS1AttrLocation "dsAttrTypeStandard:Location"
kDS1AttrServiceType Discussion:
Represents the service type for the service. This is the raw service type of the service. For example
a service record type of kDSStdRecordTypeWebServer might have a service type of "http" or "https".
kDS1AttrServiceType "dsAttrTypeStandard:ServiceType"
kDS1AttrPicture Discussion:
Represents the path of the picture for each user displayed in the login window. Found in user records
(kDSStdRecordTypeUsers).
kDS1AttrPicture "dsAttrTypeStandard:Picture"
kDSNAttrJPEGPhoto Discussion:
Used to store binary picture data in JPEG format. Found in user, people, and group records (kDSSt-dRecordTypeUsers, (kDSStdRecordTypeUsers,
dRecordTypeUsers, kDSStdRecordTypePeople, kDSStdRecordTypeGroups).
kDSNAttrJPEGPhoto "dsAttrTypeStandard:JPEGPhoto"
Mutivalued meta attribute data
kDSNAttrMetaNodeLocation "dsAttrTypeStandard:AppleMetaNodeLocation"
kDS1AttrAliasData "dsAttrTypeStandard:AppleAliasData"
Single Valued - checksum/meta data
kDS1AttrDataStamp "dsAttrTypeStandard:DataStamp"
kDS1AttrTotalSize "dsAttrTypeStandard:TotalSize"
Single Valued - data of Create, Modify, Backup time in UTC
kDS1AttrTimePackage "dsAttrTypeStandard:TimePackage"
Single Valued - alias attribute, contain pointer to another node/record/attribute
kDS1AttrAlias "dsAttrTypeStandard:Alias"
Single valued - used to get a "auth" credential, to be used to authenticate to other Directory nodes.
kDS1AttrAuthCredential "dsAttrTypeStandard:AuthCredential"
Single valued - Note attribute. Commonly used in printer records.
kDS1AttrNote "dsAttrTypeStandard:Note"
Single-valued attribute for definition of the Printer Make and Model. An example Value would be "HP
LaserJet 2200". This would be used to determine the proper PPD file to be used when configuring a
printer from the Directory. This attribute is based on the IPP Printing Specification RFC and IETF
IPP-LDAP Printer Record.
kDS1AttrPrinterMakeAndModel "dsAttrTypeStandard:PrinterMakeAndModel"
Single-valued attribute that defines the URI of a printer "ipp://address" or "smb://server/queue".
This is used when configuring a printer. This attribute is based on the IPP Printing Specification RFC
and IETF IPP-LDAP Printer Record.
kDS1AttrPrinterURI "dsAttrTypeStandard:PrinterURI"
Multi-valued attribute that defines additional URIs supported by a printer. This is used when config-uring configuring
uring a printer. This attribute is based on the IPP Printing Specification RFC and IETF IPP-LDAP
Printer Record.
kDSNAttrPrinterXRISupported "dsAttrTypeStandard:PrinterXRISupported"
Single-valued attribute that defines the IEEE 1284 DeviceID of a printer.
This is used when configuring a printer.
kDS1AttrPrinter1284DeviceID "dsAttrTypeStandard:Printer1284DeviceID"
Single valued - DNS Resolver domain attribute.
kDS1AttrDNSDomain "dsAttrTypeStandard:DNSDomain"
Single valued - DNS Resolver nameserver attribute.
kDS1AttrDNSNameServer "dsAttrTypeStandard:DNSNameServer"
KDC master key RSA encrypted with realm public key.
kDSNAttrKDCAuthKey "dsAttrTypeStandard:KDCAuthKey"
Contents of the kdc.conf file.
kDS1AttrKDCConfigData "dsAttrTypeStandard:KDCConfigData"
Used with directory nodes so that clients can discover the API capabilities for this Directory Node.
kDS1AttrUserCertificate Discussion: Attribute containing the binary of the user's certificate. Usually
found in user records. The certificate is data which identifies a user. This data is attested to by a
known party, and can be independently verified by a third party.
kDS1AttrUserCertificate "dsAttrTypeStandard:UserCertificate"
kDS1AttrUserSMIMECertificate Discussion: Attribute containing the binary of the user's SMIME certifi-cate. certificate.
cate. Usually found in user records. The certificate is data which identifies a user. This data is
attested to by a known party, and can be independently verified by a third party. SMIME certificates
are often used for signed or encrypted emails.
kDS1AttrUserSMIMECertificate "dsAttrTypeStandard:UserSMIMECertificate"
kDS1AttrUserPKCS12Data Discussion: Attribute containing binary data in PKCS #12 format. Usually found
in user records. The value can contain keys, certificates, and other related information and is
encrypted with a passphrase.
kDS1AttrUserPKCS12Data "dsAttrTypeStandard:UserPKCS12Data"
kDS1AttrCACertificate Discussion: Attribute containing the binary of the certificate of a certificate
authority. Its corresponding private key is used to sign certificates. Usually found in kDSStdRecord-TypeCertificateAuthority kDSStdRecordTypeCertificateAuthority
TypeCertificateAuthority records.
kDS1AttrCACertificate "dsAttrTypeStandard:CACertificate"
kDS1AttrAuthorityRevocationList Discussion: Attribute containing the binary of the authority revocation
list. A certificate revocation list that defines certificate authority certificates which are no longer
trusted. No user certificates are included in this list.Usually found in kDSStdRecordTypeCertifi-cateAuthority kDSStdRecordTypeCertificateAuthority
cateAuthority records.
kDS1AttrAuthorityRevocationList "dsAttrTypeStandard:AuthorityRevocationList"
kDS1AttrCertificateRevocationList Discussion: Attribute containing the binary of the certificate revo-cation revocation
cation list. This is a list of certificates which are no longer trusted. Usually found in kDSStdRecord-TypeCertificateAuthority kDSStdRecordTypeCertificateAuthority
TypeCertificateAuthority records.
kDS1AttrCertificateRevocationList "dsAttrTypeStandard:CertificateRevocationList"
kDS1AttrCrossCertificatePair Discussion: Attribute containing the binary of a pair of certificates
which verify each other. Both certificates have the same level of authority. Usually found in kDSSt-dRecordTypeCertificateAuthority kDSStdRecordTypeCertificateAuthority
dRecordTypeCertificateAuthority records.
kDS1AttrCrossCertificatePair "dsAttrTypeStandard:CrossCertificatePair"
kDSNAttrAccessControlEntry Discussion: Attribute type which stores directory access control directives.
kDSNAttrAccessControlEntry "dsAttrTypeStandard:AccessControlsEntry"
kDS1AttrCapabilities "dsAttrTypeStandard:Capabilities"
kDS1AttrCategory Discussion: The category of an item used for browsing.
kDS1AttrCategory "dsAttrTypeStandard:Category"
can be found using dsGetDirNodeInfo and will return one of ReadOnly, ReadWrite, or WriteOnly strings
note that ReadWrite does not imply fully readable or writable
kDS1AttrReadOnlyNode "dsAttrTypeStandard:ReadOnlyNode"
used with Search Node to "discover" the search path for this node
kDS1AttrSearchPath "dsAttrTypeStandard:SearchPath"
kDSNAttrSearchPath "dsAttrTypeStandard:SearchPath" used with Search Node to "discover" the
search policy for this node
kDS1AttrSearchPolicy "dsAttrTypeStandard:SearchPolicy" used with Search Node to "dis-cover" "discover"
cover" the possible search paths for this node
kDS1AttrNSPSearchPath "dsAttrTypeStandard:NSPSearchPath"
kDSNAttrNSPSearchPath "dsAttrTypeStandard:NSPSearchPath"
kDS1AttrLSPSearchPath "dsAttrTypeStandard:LSPSearchPath"
kDSNAttrLSPSearchPath "dsAttrTypeStandard:LSPSearchPath"
kDS1AttrCSPSearchPath "dsAttrTypeStandard:CSPSearchPath"
kDSNAttrCSPSearchPath "dsAttrTypeStandard:CSPSearchPath"
force the directory service to generate a binary image of the record and all it's attributes.
kDS1AttrRecordImage "dsAttrTypeStandard:RecordImage"
Information (version, signature, about, credits..ect.) about the plug-in that is actually servicing a
particular directory node.
kDSNAttrPlugInInfo "dsAttrTypeStandard:PlugInInfo"
Multivalued Attribute, list of names/keys for this record
kDSNAttrRecordName "dsAttrTypeStandard:RecordName"
Multivalued - list of attribute types
kDSNAttrSchema "dsAttrTypeStandard:Scheama"
Single Valued for a Record, Multi-valued for a Directory Node
kDSNAttrRecordType "dsAttrTypeStandard:RecordType"
kDSNAttrNodePath "dsAttrTypeStandard:NodePath"
kDSNAttrAuthMethod "dsAttrTypeStandard:AuthMethod"
kDSNAttrSetPasswdMethod "dsAttrTypeStandard:SetPasswdMethod"
// Multivalued - list of group records
kDSNAttrGroup "dsAttrTypeStandard:Group"
Multivalued - list of member records
kDSNAttrMember "dsAttrTypeStandard:Member"
kDSNAttrNestedGroups Discussion: Attribute type in group records for the list of GUID values for nested
groups.
kDSNAttrNestedGroups "dsAttrTypeStandard:NestedGroups"
kDSNAttrGroupMembers Discussion: Attribute type in group records containing lists of GUID values for
members other than groups.
kDSNAttrGroupMembers "dsAttrTypeStandard:GroupMembers"
kDSNAttrURL "dsAttrTypeStandard:URL"
data contained in this attribute type is a fully qualified MIME Type.
kDSNAttrMIME "dsAttrTypeStandard:MIME"
kDSNAttrHTML "dsAttrTypeStandard:HTML"
kDSNAttrNBPEntry "dsAttrTypeStandard:NBPEntry"
kDSNAttrDNSName "dsAttrTypeStandard:DNSName"
kDSNAttrIPAddress "dsAttrTypeStandard:IPAddress"
kDSNAttrIPv6Address "dsAttrTypeStandard:IPv6Address"
kDS1AttrENetAddress Discussion:
Single-valued attribute for hardware Ethernet address (MAC address). Found in machine records (kDSSt-dRecordTypeMachines) (kDSStdRecordTypeMachines)
dRecordTypeMachines) and computer records (kDSStdRecordTypeComputers).
kDS1AttrENetAddress "dsAttrTypeStandard:ENetAddress"
kDS1AttrBootFile Discussion:
Attribute type in host or machine records for the name of the kernel that this machine will use by
default when NetBooting.
kDS1AttrBootFile "dsAttrTypeStandard:BootFile"
kDSNAttrBootParams Discussion:
Attribute type in host or machine records for storing boot params.
kDSNAttrBootParams "dsAttrTypeStandard:BootParams"
kDS1AttrContactPerson Discussion:
Attribute type for the contact person of the machine. Found in host or machine records.
kDS1AttrContactPerson "dsAttrTypeStandard:ContactPerson"
kDSNAttrMachineServes Discussion
Attribute type in host or machine records for storing NetInfo domains served.
kDSNAttrMachineServes "dsAttrTypeStandard:MachineServes"
kDSNAttrNetGroups Discussion:
Attribute type that indicates which netgroups its record is a member of. Found in user, host, and net-domain netdomain
domain records.
kDSNAttrNetGroups "dsAttrTypeStandard:NetGroups"
kDSNAttrPGPPublicKey "dsAttrTypeStandard:PGPPublicKey"
kDSNAttrEMailAddress "dsAttrTypeStandard:EMailAddress"
kDSNAttrAreaCode "dsAttrTypeStandard:AreaCode"
kDSNAttrPhoneNumber "dsAttrTypeStandard:PhoneNumber"
kDSNAttrHomePhoneNumber "dsAttrTypeStandard:HomePhoneNumber"
kDSNAttrPostalAddress "dsAttrTypeStandard:PostalAddress"
kDSNAttrOrganizationName "dsAttrTypeStandard:OrganizationName"
kDSNAttrAddressLine1 "dsAttrTypeStandard:AddressLine1"
kDSNAttrAddressLine2 "dsAttrTypeStandard:AddressLine2"
kDSNAttrAddressLine3 "dsAttrTypeStandard:AddressLine3"
kDSNAttrCity "dsAttrTypeStandard:City"
kDSNAttrState "dsAttrTypeStandard:State"
kDSNAttrPostalCode "dsAttrTypeStandard:PostalCode"
used for Setup Assistant automatic population
kDS1AttrSetupOccupation "dsAttrTypeStandard:Occupation"
kDS1AttrSetupLocation "dsAttrTypeStandard:SetupAssistantLocation"
kDS1AttrSetupAdvertising "dsAttrTypeStandard:SetupAssistantAdvertising"
kDS1AttrSetupAutoRegister "dsAttrTypeStandard:SetupAssistantAutoRegister"
kDS1AttrMCXSettings "dsAttrTypeStandard:MCXSettings"
kDSNAttrMCXSettings "dsAttrTypeStandard:MCXSettings"
kDS1AttrMCXFlags "dsAttrTypeStandard:MCXFlags"
kDSNAttrComputers "dsAttrTypeStandard:Computers"
Print
kDS1AttrPrintServiceInfoXML "dsAttrTypeStandard:PrintServiceInfoXML"
kDS1AttrPrintServiceInfoText "dsAttrTypeStandard:PrintServiceInfoText"
kDS1AttrPrintServiceUserData Discussion:
Single-valued attribute for print quota configuration or statistics (XML data). Found in user records
(kDSStdRecordTypeUsers) or print service statistics records (kDSStdRecordTypePrintServiceUser).
kDS1AttrPrintServiceUserData "dsAttrTypeStandard:PrintServiceUserData"
kDS1AttrNeighborhoodType Discussion: Attribute type in Neighborhood records describing their function.
kDS1AttrNeighborhoodType "dsAttrTypeStandard:NeighborhoodType"
kDS1AttrNetworkView Discussion: The name of the managed network view a computer should use for brows-ing. browsing.
ing.
kDS1AttrNetworkView "dsAttrTypeStandard:NetworkView"
kDSNAttrNeighborhoodAlias Discussion: Attribute type in Neighborhood records describing sub-neighbor-hood sub-neighborhood
hood records.
kDSNAttrNeighborhoodAlias "dsAttrTypeStandard:NeighborhoodAlias"
kDSNAttrComputerAlias Discussion: Attribute type in Neighborhood records describing computer records
pointed to by this neighborhood.
kDSNAttrComputerAlias "dsAttrTypeStandard:ComputerAlias"
kDS1AttrWeblogURI Discussion: Single-valued attribute that defines the URI of a user's weblog. Usually
found in user or person records (kDSStdRecordTypeUsers, kDSStdRecordTypePeople). Example: http://exam-
ple.com/blog/jsmith
kDS1AttrWeblogURI "dsAttrTypeStandard:WeblogURI"
kDSNAttrNodePathXMLPlist Discussion: Attribute type in Neighborhood records describing the DS Node to
search while looking up aliases in this neighborhood.
kDSNAttrNodePathXMLPlist "dsAttrTypeStandard:NodePathXMLPlist"
kDSValueNSLTopLevelNeighborhoodType Discussion: Value type of Neighborhood record
kDSValueNSLTopLevelNeighborhoodType "NSLTopLevelNeighborhoodType"
kDSValueNSLStaticNeighborhoodType Discussion: Value type of Neighborhood record
kDSValueNSLStaticNeighborhoodType "NSLStaticNeighborhoodType"
kDSValueNSLDynamicNeighborhoodType Discussion: Value type of Neighborhood record
kDSValueNSLDynamicNeighborhoodType "NSLDynamicNeighborhoodType"
kDSValueNSLLocalNeighborhoodType Discussion: Value type of Neighborhood record
kDSValueNSLLocalNeighborhoodType "NSLLocalNeighborhoodType"
kDS1AttrBirthday "dsAttrTypeStandard:Birthday"
kDS1AttrCapacity "dsAttrTypeStandard:Capacity"
kDS1AttrContactGUID "dsAttrTypeStandard:ContactGUID"
kDS1AttrOwnerGUID "dsAttrTypeStandard:OwnerGUID"
kDSNAttrCompany "dsAttrTypeStandard:Company"
kDSNAttrEMailContacts "dsAttrTypeStandard:EMailContacts"
kDSNAttrGroupServices "dsAttrTypeStandard:GroupServices"
kDSNAttrMapCoordinates "dsAttrTypeStandard:MapCoordinates"
kDS1AttrMapGUID "dsAttrTypeStandard:MapGUID"
kDSNAttrMapURI "dsAttrTypeStandard:MapURI"
kDSNAttrPhoneContacts "dsAttrTypeStandard:PhoneContacts"
kDSNAttrPostalAddressContacts "dsAttrTypeStandard:PostalAddressContacts"
kDSNAttrRelationships "dsAttrTypeStandard:Relationships"
kDSNAttrResourceInfo "dsAttrTypeStandard:ResourceInfo"
kDSNAttrResourceType "dsAttrTypeStandard:ResourceType"
kDSNAttrServicesLocator "dsAttrTypeStandard:ServicesLocator"
kDSNAttrOrganizationInfo "dsAttrTypeStandard:OrganizationInfo"
SEE ALSO
DirectoryService(8), dscl(1)
MacOSX Feb 21, 2003 MacOSX
|