MatchingRules are used by LDAP Server Implementations
to compare Attribute Values
against Assertion Values
when performing SearchRequest
and Compare Request
operations RFC 4511
MatchingRules are also used when comparing a purported Distinguished Name RFC 4512 with the name of a LDAP Entry.
MatchingRules are also used in Modify Request to identify values to be deleted and to prevent an attribute from containing two equal values.
A matching rule is a LDAP Schema element that defines how the DSA should interact with values of an specific attributeTypes. These are the standard types of matching rules:
MatchingRules are used to determine whether one attribute value is equal to another as when using the equalityMatch LDAP Filter Choice
. This determination is generally made based on the normalized value
, and ignores insignificant differences (e.g., differences in capitalization or extra spaces).
matching rules are used to determine the relative order between two values in a sorted list. This is used when performing Server Side Sort Control
, but it is also used for Greater-Or-Equal SearchFilter
and LessThan-Or-Equal SearchFilter LDAP Filter Choices
or Substring matching rules are used to determine whether a value contains a given substring.
matching rules are used to determine whether one value is approximately equal to another. The definition of "approximately equal to" may vary, but one common use is "sounds like".
The default search behaviour for any attribute is defined by its MatchingRule for the search TYPE (EQUALITY
). The default search behaviour may be overridden by using an Extensible Match LDAP SearchFilters
and specifying a matching Rule
(either by name or by OID).
These are some Extensible Match
In most cases, the Directory Server will use MatchingRules in a completely "behind the scenes" manner without the client needing to know about it. Whenever the client references a given attribute type, then the server will automatically know to use the appropriate matching rules for that attribute. However, it is also possible for the client to request that the server use a specific MatchingRule when performing an operation through the use of an Component Matching Rules
MatchingRules used by DSA#
The set of MatchingRule defined in the DSA
may be determined by retrieving the MatchingRule attribute of the Subschema Subentry
For more information about matching rules, see the Understanding matching rules
Below are MatchingRule that are required for directory operation, or that are in common use: (RFC 4517
There might be more information for this subject on one of the following: