Overview#

Attribute Value Assertion (AVA) in LDAP is a combination of an Attribute-Names and an Attribute Value.

Attribute Value Assertion contains an Attribute-Name and a matching Rule Assertion Value suitable for that type. RFC 4511

The Assertion Value is used in conjunction with a matchingRule in order to make the match determination:

• If the matching Rule is an equality matching rule, then it will be used to determine whether the attribute contains a given value.
• If it is an ordering matching rule, then the Attribute Value Assertion will be used to determine whether the attribute contains a value that is greater than or equal to, or less than or equal to, the assertion value.
• If it is an approximate matching rule, then the Attribute Value Assertion will be used to determine whether the attribute contains a value that is approximately equal to the assertion value.
• Substring matching is more complex and uses a Substring Assertion rather than a simple Attribute Value Assertion.

Attribute Value Assertion are used in Compare Request, as well as LDAP SearchFilters:

• Equality SearchFilter
• Greater-Or-Equal SearchFilter
• LessThan-Or-Equal SearchFilter
• approximate match

More Information#

There might be more information for this subject on one of the following:

• APPROXIMATE
• AVA
• Assertion Value
• Attribute Value Assertion
• BooleanMatch
• Compare Request
• Data Accuracy
• Distinguished Names
• DistinguishedNameMatch
• Glossary Of LDAP And Directory Terminology
• IntegerMatch
• TypesOnly Flag