LDAPWiki: MAY

Overview#

MAY or the adjective "OPTIONAL" (RFC 2119), which are Case-sensitive (RFC 8174) mean that an item is truly optional.

One vendor may choose to include the item because a particular marketplace requires it or because the vendor feels that it enhances the product while another vendor may omit the same item.

We may use MAY in other contexts but we are implying the same interpretation as a Best Current Practice

LDAP #

MAY (also seen as OPTIONAL) indicates the Attributes that MAY contain values on an ObjectClass.

More Information#

There might be more information for this subject on one of the following:

2.16.840.1.113719.1.1.4.1.96
2.5.6.13
9,223,372,036,854,775,807
ACL (eDirectory Attribute)
ARecord
AbzillaPerson
Access Token
Access Token Validation
AccountExpires
AccountNameHistory
Address
Administrative Password Reset
AdministrativeRole
AdministratorsAddress
AllowedAttributesEffective
Assistant
AssociatedDomain
AssociatedInternetGateway
AssociatedName
AttributeSchema
AttributeSecurityGUID
AttributeSyntax
AttributeType Description
Aud
Audio
Authentication Context Class Reference
Authentication Request
AuthorityKeyIdentifier
Authorization Code Flow
Authorization Gesture
Authorization Server Authentication of the End-User
Authorization Server Request End-User Consent-Authorization
Authorization_endpoint
Authorized party
Automount
AutomountMap
AutomountMapName
Backchannel_logout_session_required
Biometric Presentation
BirthName
Birthdate
BootableDevice
BuildingName
Certificate Extensions
Certificate Policies
Certificate Subject
Certificate Version
ChangeLogEntry
ChangeNumber
Changelog
Changes
Children
City
ClassDisplayName
Client Authentication Methods
Client Device
ClientHello
Cn
Co
CollectiveAttributeSubentries
CollectiveAttributeSubentry
CollectiveExclusions
Company
Consent Receipts
Container
Content-Type
Country
Country-Code
CountryName
CountryOfCitizenship
CountryOfResidence
CreateTimestamp
Credential Service Provider
CrossRef
DC
DID Authentication
DID Document
DID Service Endpoint
DID descriptor objects
DITContentRules
DITStructureRules
DSA ObjectClass
DSE_CREATE_ENTRY
DSE_DELETE_ENTRY
Data loss
DateOfBirth
DateOfDeath
DeathDate
Default Profile Claims
DefaultHidingValue
DefaultObjectCategory
DepartmentNumber
Device
DhcpDomainName
DhcpRelayAgentInfo
DicAppData
DicAppInfo
Digital Identity
Digital Identity Acceptance Policy
DirXML-ConfigValues
DirXML-DriverFilter
DirXML-DriverStartOption
DirXML-JavaDebugPort
DirXML-NTAccountName
DirXML-NamedPasswords
DirXML-PasswordSyncStatus
DirXML-ShimAuthPassword
DirectReports
Display Parameter
DisplayName
Dmd
Domain
DomainComponent
DomainControllerFunctionality
DomainFunctionality
Draft-behera-ldap-password-policy
DsRevision
EDirCloneLock
EmailAddress
Emergency Identity
EmployeeNumber
EnhancedSearchGuide
Exp
ExtendedCharsAllowed
ExtensibleObject
FacsimileTelephoneNumber
Federated Authorization for UMA 2.0
Federation Models
FilteredReplicaUsage
ForestFunctionality
Form Post Response Mode
Frontchannel_logout_uri
FullName
Gecos
Gender
GidNumber
Google OpenID Connect
Grant Negotiation and Authorization Protocol
GroupOfNames
HTTP Status Code
HomeCity
HomeDirectory
HomeInfo
HomePhone
HomeState
HostResourceName
HttpSessionTimeout
Id_token_signing_alg_values_supported
Identity Assurance Level
Identity Token
Identity Token Claims
IndexDefinition
InetOrgPerson
Informational
Initials
IpProtocol
IpProtocolNumber
IpService
IpServicePort
IpServiceProtocol
IsDefunct
IsDeleted
IsEphemeral
IsRecycled
JWK Set
Kerberos Cryptosystem Negotiation Extension
Key words for use in RFCs to Indicate Requirement Levels
KeyShare
KeyUsage
LDAP Result Codes
LDAP policy in Active Directory
LDAPAdminLimits
LabeledUri
Language
LanguageId
Law of agency
LdapGroup
LdapGroupDN
LdapInterfaces
LdapKeyMaterialName
LdapServerIdleTimeout
LdapStdCompliance
LegacyExchangeDN
LinkID
LocalReceivedUpTo
Locale
Locality
LoginDisabled
LoginMaximumSimultaneous
LoginShell
Login_hint_token
Logout Token
MacAddress
Mail
MailboxRelatedObject
ManagedBy
Manager
MapiID
Member
MemberOf
MemberQueryURL
MemberUid
Memory
Mobile
ModifiersName
ModifyTimestamp
MsDS-AdditionalSamAccountName
MsDS-GroupManagedServiceAccount
MsDS-HasInstantiatedNCs
MsDS-LockoutDuration
MsDS-LockoutObservationWindow
MsDS-LockoutThreshold
MsDS-MaximumPasswordAge
MsDS-MinimumPasswordAge
MsDS-MinimumPasswordLength
MsDS-PSOAppliesTo
MsDS-PasswordComplexityEnabled
MsDS-PasswordHistoryLength
MsDS-PasswordReversibleEncryptionEnabled
MsDS-PasswordSettings
MsDS-PasswordSettingsContainer
MsDS-PasswordSettingsPrecedence
MsDS-PhoneticCompanyName
MsDS-PhoneticDepartment
MsDS-SupportedEncryptionTypes
MsDS-TrustForestTrustInfo
MsDS-User-Account-Control-Computed
Mutability
NDSPKIKeyMaterialDN
NDSPKISDKeyAccessPartition
NDSRightsToMonitor
NTDSDSA
NTDSService
NTDSSiteSettings
Name Form Description
NameForms
NdsLoginProperties
NdsStatusLimber
NdspkiIssueTime
NetworkAddress
NewRDN
NewSuperior
NisDomain
NisDomainObject
NisMap
NisMapEntry
NisNetgroup
NisNetgroupTriple
NisObject
NspmAdminsDoNotExpirePassword
NspmComplexityRules
NspmConfigurationOptions
NspmDistributionPassword
NspmDoNotExpirePassword
NspmMaximumLength
NspmPassword
NspmPasswordAux
NspmPasswordKey
NspmPasswordPolicy
NspmPasswordPolicyDN
NspmPolicyAgentAIX
NspmSpecialAsLastCharacter
Null
OAuth 2.0 Client Registration
OAuth 2.0 Token Revocation
OAuth Dynamic Client Registration Metadata
OAuth Scope Validation
OAuth Scopes
OMObjectClass
OMSyntax
OPTIONAL
Obituary
Object Class Description
ObjectClasses
ObjectGUID
Offline_access
OncRpc
OpenID Connect Back-Channel Logout
OpenID Connect Claims
OpenID Connect Front-Channel Logout
OpenID Connect Scopes
OpenID Connect Standard Claims
Openid-configuration
Organization
OrganizationalUnit
Ou
Owner
Partition
PartitionStatus
Password Change
Password Grace Authentication
Password Validator
PasswordExpirationTime
PasswordMinimumLength
Passwordless SMS Authentication
PasswordsUsed
Payment Token
Person
Phone
Photo
PhysicalDeliveryOfficeName
PlaceOfBirth
PosixAccount
PostalCode
PreferredServerList
PresentationAddress
PrimaryGroupID
Proof Key for Code Exchange by OAuth Public Clients
Proof of Control
Proof of Ownership
ProxyAddresses
PurgeVector
PwdAccountLockedTime
PwdChangedTime
PwdExpireWarning
PwdInHistory
PwdMinAge
QueryPolicy
QueryPolicyObject
Queue
RFC 2119
RdnAttId
Record Protocol
Reference
Refresh Token
Replica
ReplicaUpTo
Requesting Party
Resolution_AttrubuteType
Resource
Response_type
Revision
Revocation Request
Revocation_endpoint
SASLoginPolicy
SASService
SCIM Common Attribute
SCIM Password Management Extension
SCIM Replace Request
SCIM externalId
SUP
SamAccountName
SambaLMPassword
SapAddOnUM
SchemaFlagsEx
SearchFlags
SearchGuide
SearchRequest
SearchSizeLimit
SearchTimeLimit
SecurityPrincipal
SeeAlso
Select_account
SerialNumber
ServerHolds
ServiceConnectionPoint
ServiceDNSName
ShadowAccount
ShadowExpire
ShadowFlag
ShadowInactive
ShadowMax
ShadowMin
ShadowWarning
SignatureAlgorithm
Site
SslEnableMutualAuthentication
Street
Sub
Subject Alternative Name
Subschema
SupportedAuthPasswordSchemes
Supported_versions
SynchronizedUpTo
System-Id-Guid
TargetDN
TelephoneNumber
The Laws of Relationships
Time To Live
Timezone
TokenGroups
Token_type_hint
TombstoneLifetime
TransitiveVector
TrustedDomain
URI Authorities
URI Query
UidNumber
UidObject
Understanding DIT Content Rules
UniqueIdentifier
UniqueMember
UniversalPasswordSecretBits
UnixHomeDirectory
UnknownBaseClass
User
UsnChanged
VPIMUser
Vector of Trust Request
Web Authentication API
Web host-meta data
WebAuthn Attestation Statement Format Identifier
WebAuthn Client Device
WebAuthn Extension Identifiers
WhenChanged
X-NDS_NAMING
X500UniqueIdentifier
nrfInheritedRoles
shadowLastChange

Active Sessions	980
Uptime	245d, 5h 47m 52s
Number of pages	16125

Overview#

LDAP#

More Information#

Lead Pages#

LDAP #