jspωiki
LDAPControlsList

LDAP Controls#

Just a list of what we have found. No guarantees.

If You know something, add or fix it. Thanks

OIDDescriptionReference
1.2.826.0.1.334810.2.3LDAP_CONTROL_VALUESRETURNFILTER
1.2.826.0.1.3344810.2.3The matched values control
1.2.826.0.1050.11.1.1Read-Only LDAP Server
1.2.826.0.1050.11.2.1Read-Write LDAP Server
1.2.826.0.1050.11.3.1White Pages Application LDAP Server
1.2.826.0.1050.11.4.1Certificate Application LDAP Server
1.2.826.0.1050.11.5.1Single Sign On Application LDAP Server
1.2.840.113549.6.0.0Signed Operation
1.2.840.113549.6.0.1Demand Signed Result
1.2.840.113549.6.0.2Signed Result RFC 2649
1.2.840.113556.1.4.319The simple paged results control
1.2.840.113556.1.4.417Show deleted control (Stateless)
1.2.840.113556.1.4.473LDAP server-side sort control requestRFC-2891
1.2.840.113556.1.4.474LDAP server-side sort control responseRFC-2891
1.2.840.113556.1.4.521Cross-domain move control (Stateless)
1.2.840.113556.1.4.528Server search notification control (Forbidden)
1.2.840.113556.1.4.529Extended DN control (Stateless)
1.2.840.113556.1.4.616LDAP_CONTROL_REFERRALS
1.2.840.113556.1.4.619Lazy commit control (Stateless)
1.2.840.113556.1.4.800LDAP_CAP_ACTIVE_DIRECTORY_OID
1.2.840.113556.1.4.801Security descriptor flags control (Stateless)
1.2.840.113556.1.4.802Attribute Range Option
1.2.840.113556.1.4.803LDAP_MATCHING_RULE_BIT_AND
1.2.840.113556.1.4.804LDAP_MATCHING_RULE_BIT_OR
1.2.840.113556.1.4.805LDAP subtree delete control
1.2.840.113556.1.4.841Directory synchronization control (Stateless)
1.2.840.113556.1.4.906Microsoft Large Integer
1.2.840.113556.1.4.970Get stats control (Stateless)
1.2.840.113556.1.4.1302Microsoft OID used with DEN Attributes
1.2.840.113556.1.4.1338Verify name control (Stateless)
1.2.840.113556.1.4.1339LDAP_SERVER_DOMAIN_SCOPE_OID The LDAP_SERVER_DOMAIN_SCOPE_OID control is used to instruct the LDAP server not to generate any referrals when completing a request. This control also limits any search using it to a single naming context.
1.2.840.113556.1.4.1340Search options control (Stateless)
1.2.840.113556.1.4.1413LDAP ease modify restrictions Allows an LDAP modify to work under less restrictive conditions. Without it, a delete will fail if an attribute does not exist, and an add will fail if an attribute already exists.
1.2.840.113556.1.4.1504Attribute scoped query control (Stateless)
1.2.840.113556.1.4.1670LDAP_CAP_ACTIVE_DIRECTORY_V51_OID
1.2.840.113556.1.4.1781Fast concurrent bind extended operation (Forbidden)
1.2.840.113556.1.4.1791LDAP_CAP_ACTIVE_DIRECTORY_LDAP_INTEG_OID
1.2.840.113556.1.4.1852LDAP_SERVER_QUOTA_CONTROL_OID
1.3.6.1.1.7.1LCUP Sync Request Control. RFC 3928 control
1.3.6.1.1.7.2LCUP Sync Update Control. RFC 3928 control
1.3.6.1.1.7.3LCUP Sync Done Control. RFC 3928 control
1.3.6.1.1.8Cancel Operation. RFC 3909 extension
1.3.6.1.1.12The LDAP assertion control
1.3.6.1.1.13.1The LDAP pre-read control
1.3.6.1.1.13.2The LDAP post-read control
1.3.6.1.4.1.42.2.27.8.5.1LDAP password policy control Request
1.3.6.1.4.1.1466.101.119.1Dynamic Directory Services Refresh Request RFC2589
1.3.6.1.4.1.1466.20036LDAP_NOTICE_OF_DISCONNECTION
1.3.6.1.4.1.1466.20037Transport Layer Security Extension RFC 2830 This operation provides for TLS establishment in an LDAP association and is defined in terms of an LDAP extended request.
1.3.6.1.4.1.1466.29539.1LDAP_CONTROL_ATTR_SIZELIMIT
1.3.6.1.4.1.1466.29539.2LDAP_CONTROL_NO_COPY
1.3.6.1.4.1.1466.29539.3LDAP_CONTROL_PARTIAL_COPY
1.3.6.1.4.1.1466.29539.5LDAP_CONTROL_NO_CHAINING
1.3.6.1.4.1.1466.29539.7LDAP_CONTROL_ALIAS_ON_UPDATE
1.3.6.1.4.1.1466.29539.10LDAP_CONTROL_TRIGGER
1.3.6.1.4.1.1466.29539.12nsTransmittedControl
1.3.6.1.4.1.4203.1.5.1All Operational Attribute RFC 3673 An LDAP extension which clients may use to request the return of all operational attributes.
1.3.6.1.4.1.4203.1.5.2Requesting Attributes by Object Class draft-zeilenga-ldap-adlist-10.txt Extends LDAP to support a mechanism that LDAP clients may use to request the return of all attributes of an object class.
1.3.6.1.4.1.4203.1.5.3LDAP Absolute True and False Filters draft-zeilenga-ldap-t-f-10.txt Implementations of this extension SHALL allow 'and' and 'or' choices with zero filter elements.
1.3.6.1.4.1.4203.1.5.4Language Tags RFC 3866 Supports storing attributes with language tag options in the DIT
1.3.6.1.4.1.4203.1.5.5Language Ranges RFC 3866 Supports language range matching of attributes with language tag options stored in the DIT
1.3.6.1.4.1.4203.1.10.1Subentries in LDAP RFC 3672 The subentries control MAY be sent with a searchRequest to control the visibility of entries and subentries which are within scope. Non-visible entries or subentries are not returned in response to the request.
1.3.6.1.4.1.4203.1.10.2The LDAP no-op control
1.3.6.1.4.1.4203.1.11.1LDAP Password Modify Extended Operation RFC 3062 An LDAP extended operation to allow modification of user passwords which is not dependent upon the form of the authentication identity nor the password storage mechanism used.
1.3.6.1.4.1.4203.1.11.2LDAP Cancel Extended Operation
1.3.6.1.4.1.4203.1.11.3Who Am I? Extended Operation draft-zeilenga-ldap-authzid-10.txt This specification provides a mechanism for Lightweight Directory Access Protocol (LDAP) clients to obtain the authorization identity which the server has associated with the user or application entity.
1.3.6.1.4.1.4203.666.5.1Subentries Control-AFAIK- OLD
1.3.6.1.4.1.4203.666.5.2NO OP Control-AFAIK- OLD
1.3.6.1.4.1.7628.5.101.1The LDAP Subentry Request Control
1.3.18.0.2.12.1The ACL credential controls provide a method to flow a subject's credentials associated with a bind.
1.3.18.0.2.12.5tranExtOpInit
1.3.18.0.2.12.6tranExtOpInit
2.16.840.1.113531.18.2.1LDAP_C_SETOPTIONS_OID
2.16.840.1.113531.18.2.2LDAP_C_SETDONTUSECOPY_OID
2.16.840.1.113531.18.2.3LDAP_C_SETLOCALSCOPE_OID
2.16.840.1.113531.18.2.4Return operational attributes as well as user attributes
2.16.840.1.113531.18.2.5Return only subentries
2.16.840.1.113531.18.2.6LDAP_C_SETUSEALIAS_OID
2.16.840.1.113531.18.2.7LDAP_C_SETPREFERCHAIN_OID
2.16.840.1.113531.18.2.8LDAP_C_SETX500DN_OID
2.16.840.1.113531.18.2.9LDAP_C_SETCOPYSHALLDO_OID
2.16.840.1.113531.18.2.10LDAP_C_SETDONTMAPATTRS_OID
2.16.840.1.113531.18.2.11Return normal entries as well as sub-entries
2.16.840.1.113719.1.27.99.1Superior References
2.16.840.1.113719.1.27.100.1ndsToLdapResponse
2.16.840.1.113719.1.27.100.2ndsToLdapRequest
2.16.840.1.113719.1.27.100.3createNamingContextRequest
2.16.840.1.113719.1.27.100.4createNamingContextResponse
2.16.840.1.113719.1.27.100.5mergeNamingContextRequest
2.16.840.1.113719.1.27.100.6mergeNamingContextResponse
2.16.840.1.113719.1.27.100.7addReplicaRequest
2.16.840.1.113719.1.27.100.8addReplicaResponse
2.16.840.1.113719.1.27.100.9refreshLDAPServerRequest
2.16.840.1.113719.1.27.100.10refreshLDAPServerResponse
2.16.840.1.113719.1.27.100.11removeReplicaRequest
2.16.840.1.113719.1.27.100.12removeReplicaResponse
2.16.840.1.113719.1.27.100.13namingContextEntryCountRequest
2.16.840.1.113719.1.27.100.14namingContextEntryCountResponse
2.16.840.1.113719.1.27.100.15changeReplicaTypeRequest
2.16.840.1.113719.1.27.100.16changeReplicaTypeResponse
2.16.840.1.113719.1.27.100.17getReplicaInfoRequest
2.16.840.1.113719.1.27.100.18getReplicaInfoResponse
2.16.840.1.113719.1.27.100.19listReplicaRequest
2.16.840.1.113719.1.27.100.20listReplicaResponse
2.16.840.1.113719.1.27.100.21receiveAllUpdatesRequest
2.16.840.1.113719.1.27.100.22receiveAllUpdatesResponse
2.16.840.1.113719.1.27.100.23sendAllUpdatesRequest
2.16.840.1.113719.1.27.100.24sendAllUpdatesResponse
2.16.840.1.113719.1.27.100.25requestNamingContextSyncRequest
2.16.840.1.113719.1.27.100.26requestNamingContextSyncResponse
2.16.840.1.113719.1.27.100.27requestSchemaSyncRequest
2.16.840.1.113719.1.27.100.28requestSchemaSyncResponse
2.16.840.1.113719.1.27.100.29abortNamingContextOperationRequest
2.16.840.1.113719.1.27.100.30abortNamingContextOperationResponse
2.16.840.1.113719.1.27.100.31Get Bind DN Request
2.16.840.1.113719.1.27.100.32Get Bind DN Response
2.16.840.1.113719.1.27.100.33Get Effective Privileges Request
2.16.840.1.113719.1.27.100.34Get Effective Privileges Response
2.16.840.1.113719.1.27.100.35Set Replication Filter Request
2.16.840.1.113719.1.27.100.36Set Replication Filter Response
2.16.840.1.113719.1.27.100.37Get Replication Filter Request
2.16.840.1.113719.1.27.100.38Get Replication Filter Response
2.16.840.1.113719.1.27.100.39Create Orphan Partition Request
2.16.840.1.113719.1.27.100.40Create Orphan Partition Response
2.16.840.1.113719.1.27.100.41Remove Orphan Partition Request
2.16.840.1.113719.1.27.100.42Remove Orphan Partition Response
2.16.840.1.113719.1.27.100.43Trigger Backlinker Request
2.16.840.1.113719.1.27.100.44Trigger Backlinker Response
2.16.840.1.113719.1.27.100.47Trigger Janitor Request
2.16.840.1.113719.1.27.100.48Trigger Janitor Response
2.16.840.1.113719.1.27.100.49Trigger Limber Request
2.16.840.1.113719.1.27.100.50Trigger Limber Response
2.16.840.1.113719.1.27.100.51Trigger Skulker Request
2.16.840.1.113719.1.27.100.52Trigger Skulker Response
2.16.840.1.113719.1.27.100.53Trigger Schema Synch Request
2.16.840.1.113719.1.27.100.54Trigger Schema Synch Response
2.16.840.1.113719.1.27.100.55Trigger Partition Purge Request
2.16.840.1.113719.1.27.100.56Trigger Partition Purge Response
2.16.840.1.113719.1.27.100.79Monitor Events Request
2.16.840.1.113719.1.27.100.80Monitor Events Response
2.16.840.1.113719.1.27.100.81Event Notification
2.16.840.1.113719.1.27.101.1Duplicate Entry Request
2.16.840.1.113719.1.27.101.2DuplicateSearchResult
2.16.840.1.113719.1.27.101.3DuplicateEntryResponseDone
2.16.840.1.113719.1.27.101.5Simple Password Control
2.16.840.1.113719.1.27.101.6Forward Reference
2.16.840.1.113719.1.27.101.40
2.16.840.1.113719.1.27.101.41
2.16.840.1.113719.1.27.103.7
2.16.840.1.113719.1.142.100.1startFramedProtocolRequest
2.16.840.1.113719.1.142.100.2startFramedProtocolResponse
2.16.840.1.113719.1.142.100.3ReplicationUpdate
2.16.840.1.113719.1.142.100.4endFramedProtocolRequest
2.16.840.1.113719.1.142.100.5endFramedProtocolResponse
2.16.840.1.113719.1.142.100.6lburpOperationRequest
2.16.840.1.113719.1.142.100.7lburpOperationResponse
2.16.840.1.113730.3.4Netscape LDAPv3 controls
2.16.840.1.113730.3.4.2LDAP ManageDSA IT Control
2.16.840.1.113730.3.4.3Persistent Search LDAPv3 control
2.16.840.1.113730.3.4.4Netscape Password Expired LDAPv3 control
2.16.840.1.113730.3.4.5Netscape Password Expiring LDAPv3 control
2.16.840.1.113730.3.4.6Netscape NT Synchronization Client LDAPv3 control
2.16.840.1.113730.3.4.7Entry Change Notification LDAPv3 control
2.16.840.1.113730.3.4.8Transaction ID Request Control
2.16.840.1.113730.3.4.9VLV Request LDAPv3 control
2.16.840.1.113730.3.4.10VLV Response LDAPv3 control
2.16.840.1.113730.3.4.11Transaction ID Response Control
2.16.840.1.113730.3.4.12The proxied authorization v1 control
2.16.840.1.113730.3.4.13iPlanet Directory Server Replication Update Information Control
2.16.840.1.113730.3.4.14iPlanet Directory Server 'search on specific backend' control
2.16.840.1.113730.3.4.15Authentication Response Control
2.16.840.1.113730.3.4.16The authorization identity control
2.16.840.1.113730.3.4.17The real attributes only control
2.16.840.1.113730.3.4.18The proxied authorization v2 control
2.16.840.1.113730.3.4.19The virtual attributes only control
2.16.840.1.113730.3.4.999iPlanet Replication Modrdn Extra Mods Control
2.16.840.1.113730.3.5.3iPlanet Start Replication Request Extended Operation
2.16.840.1.113730.3.5.4iPlanet Replication Response Extended Operation
2.16.840.1.113730.3.5.5iPlanet End Replication Request Extended Operation
2.16.840.1.113730.3.5.6iPlanet Replication Entry Request Extended Operation
2.16.840.1.113730.3.5.7iPlanet Bulk Import Start Extended Operation
2.16.840.1.113730.3.5.8iPlanet Bulk Import Finished Extended Operation