001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2006-2010 Sun Microsystems, Inc.
015 * Portions copyright 2011-2016 ForgeRock AS.
016 */
017package org.opends.server.config;
018
019import java.io.File;
020
021import org.opends.server.types.SSLClientAuthPolicy;
022
023/**
024 * This class defines a number of constants used by the Directory Server
025 * configuration, including configuration attribute and objectclass names,
026 * and attribute options.
027 */
028@org.opends.server.types.PublicAPI(
029     stability=org.opends.server.types.StabilityLevel.VOLATILE,
030     mayInstantiate=false,
031     mayExtend=false,
032     mayInvoke=true)
033public final class ConfigConstants
034{
035  /**
036   * The prefix that will be applied to all custom attribute and objectclass
037   * names used for holding information about a Directory Server backup.
038   */
039  public static final String NAME_PREFIX_BACKUP = "ds-backup-";
040
041
042
043  /**
044   * The prefix that will be applied to all custom attribute and objectclass
045   * names in the Directory Server configuration.
046   */
047  public static final String NAME_PREFIX_CFG = "ds-cfg-";
048
049
050
051  /**
052   * The prefix that will be applied to all custom operational attributes used
053   * for holding password policy state information.
054   */
055  public static final String NAME_PREFIX_PWP = "ds-pwp-";
056
057
058
059  /**
060   * The prefix that will be applied to all custom attributes and objectclasses
061   * for holding recurring task information.
062   */
063  public static final String NAME_PREFIX_RECURRING_TASK = "ds-recurring-task-";
064
065
066
067  /**
068   * The prefix that will be applied to all custom operational attributes used
069   * for holding resource limit information.
070   */
071  public static final String NAME_PREFIX_RLIM = "ds-rlim-";
072
073
074
075  /**
076   * The prefix that will be applied to all custom attributes and objectclasses
077   * for holding task information.
078   */
079  public static final String NAME_PREFIX_TASK = "ds-task-";
080
081
082
083  /**
084   * The name of the configuration attribute that specifies the backlog to use
085   * when accepting new connections.
086   */
087  public static final String ATTR_ACCEPT_BACKLOG =
088       "ds-cfg-accept-backlog";
089
090
091
092  /**
093   * The default accept backlog to use if no value is given.
094   */
095  public static final int DEFAULT_ACCEPT_BACKLOG = 128;
096
097
098
099  /**
100   * The name of the configuration attribute that holds the fully-qualified name
101   * for the account status notification handler class.
102   */
103  public static final String ATTR_ACCT_NOTIFICATION_HANDLER_CLASS =
104       "ds-cfg-java-class";
105
106
107
108  /**
109   * The name of the configuration attribute that indicates whether an account
110   * status notification handler is enabled.
111   */
112  public static final String ATTR_ACCT_NOTIFICATION_HANDLER_ENABLED =
113       "ds-cfg-enabled";
114
115
116
117  /**
118   * The name of the configuration attribute that specifies the set of account
119   * status notification types that should trigger notifications.
120   */
121  public static final String ATTR_ACCT_NOTIFICATION_TYPE =
122       "ds-cfg-account-status-notification-type";
123
124
125
126  /**
127   * The name of the configuration attribute that indicates whether to
128   * automatically add missing RDN attributes or to return an error response to
129   * the client.
130   */
131  public static final String ATTR_ADD_MISSING_RDN_ATTRS =
132       "ds-cfg-add-missing-rdn-attributes";
133
134
135
136  /**
137   * The name of the configuration attribute that specifies the class that will
138   * be used for an alert handler.
139   */
140  public static final String ATTR_ALERT_HANDLER_CLASS =
141       "ds-cfg-java-class";
142
143
144
145  /**
146   * The name of the configuration attribute that indicates whether an alert
147   * handler is enabled.
148   */
149  public static final String ATTR_ALERT_HANDLER_ENABLED =
150       "ds-cfg-enabled";
151
152
153
154  /**
155   * The name of the configuration attribute that indicates whether it will be
156   * possible to allow exceptions to the strict attribute naming restrictions.
157   */
158  public static final String ATTR_ALLOW_ATTRIBUTE_NAME_EXCEPTIONS =
159       "ds-cfg-allow-attribute-name-exceptions";
160
161
162
163  /**
164   * The name of the configuration attribute that indicates which clients
165   * should be allowed to establish connections.
166   */
167  public static final String ATTR_ALLOWED_CLIENT =
168       "ds-cfg-allowed-client";
169
170
171
172  /**
173   * The name of the configuration attribute that indicates whether LDAPv2
174   * clients will be allowed to access the server.
175   */
176  public static final String ATTR_ALLOW_LDAPV2 =
177       "ds-cfg-allow-ldap-v2";
178
179
180
181  /**
182   * The default policy that should be used for accepting LDAPv2 connections if
183   * it is not defined in the configuration.
184   */
185  public static final boolean DEFAULT_ALLOW_LDAPV2 = true;
186
187
188
189  /**
190   * The name of the configuration attribute that indicates whether the server
191   * socket should have the SO_REUSEADDR socket option set.
192   */
193  public static final String ATTR_ALLOW_REUSE_ADDRESS =
194       "ds-cfg-allow-tcp-reuse-address";
195
196
197
198  /**
199   * The default policy for using the SO_REUSEADDR socket option if it is not
200   * specified in the configuration.
201   */
202  public static final boolean DEFAULT_ALLOW_REUSE_ADDRESS = true;
203
204
205
206  /**
207   * The name of the configuration attribute that specifies one or more
208   * alternate bind DNs for a root user.
209   */
210  public static final String ATTR_ROOTDN_ALTERNATE_BIND_DN =
211       "ds-cfg-alternate-bind-dn";
212
213
214
215  /**
216   * The name of the configuration attribute that indicates whether the root DSE
217   * should treat all attributes as user attributes or if it should treat them
218   * as per their definition in the schema.
219   */
220  public static final String ATTR_ROOTDSE_SHOW_ALL_ATTRIBUTES =
221       "ds-cfg-show-all-attributes";
222
223
224
225  /**
226   * The default value that will be used regarding treating all root DSE
227   * attributes as user attributes if it is not defined in the configuration.
228   */
229  public static final boolean DEFAULT_ROOTDSE_SHOW_ALL_ATTRIBUTES = false;
230
231
232
233  /**
234   * The name of the configuration attribute that indicates whether the
235   * subschema entry should treat all attributes as user attributes or if it
236   * should treat them as per their definition in the schema.
237   */
238  public static final String ATTR_SCHEMA_SHOW_ALL_ATTRIBUTES =
239       "ds-cfg-show-all-attributes";
240
241
242
243  /**
244   * The default value that will be used regarding treating all subschema entry
245   * attributes as user attributes if it is not defined in the configuration.
246   */
247  public static final boolean DEFAULT_SCHEMA_SHOW_ALL_ATTRIBUTES = false;
248
249
250
251  /**
252   * The name of the configuration attribute that indicates whether to allow
253   * clients to use the startTLS extended operation.
254   */
255  public static final String ATTR_ALLOW_STARTTLS =
256       "ds-cfg-allow-start-tls";
257
258
259
260  /**
261   * The default configuration that specifies whether to allow startTLS
262   * operations if it is not defined in the server configuration.
263   */
264  public static final boolean DEFAULT_ALLOW_STARTTLS = false;
265
266
267
268  /**
269   * The name of the configuration attribute that indicates whether to allow the
270   * use of zero-length values in attributes with the directory string syntax.
271   */
272  public static final String ATTR_ALLOW_ZEROLENGTH_DIRECTORYSTRINGS =
273       "ds-cfg-allow-zero-length-values";
274
275
276
277  /**
278   * The default configuration that specifies whether to allow zero-length
279   * directory string values if it is not defined in the server configuration.
280   */
281  public static final boolean DEFAULT_ALLOW_ZEROLENGTH_DIRECTORYSTRINGS = false;
282
283
284
285  /**
286   * The name of the configuration attribute that holds the set of attribute
287   * type definitions in the server schema, formatted in camelCase.
288   */
289  public static final String ATTR_ATTRIBUTE_TYPES = "attributeTypes";
290
291
292
293  /**
294   * The name of the configuration attribute that holds the set of attribute
295   * type definitions in the server schema, formatted in all lowercase.
296   */
297  public static final String ATTR_ATTRIBUTE_TYPES_LC = "attributetypes";
298
299
300
301  /**
302   * The name of the configuration attribute that specifies the base DN(s) for a
303   * backend.
304   */
305  public static final String ATTR_BACKEND_BASE_DN =
306       "ds-cfg-base-dn";
307
308
309
310  /**
311   * The name of the configuration attribute that holds the fully-qualified name
312   * of the Java class for a backend implementation.
313   */
314  public static final String ATTR_BACKEND_CLASS =
315       "ds-cfg-java-class";
316
317
318
319  /**
320   * The name of the configuration attribute that indicates whether a particular
321   * backend is enabled.
322   */
323  public static final String ATTR_BACKEND_ENABLED =
324       "ds-cfg-enabled";
325
326
327
328  /**
329   * The name of the configuration attribute that specifies the unique ID for a
330   * backend.
331   */
332  public static final String ATTR_BACKEND_ID = "ds-cfg-backend-id";
333
334
335
336  /**
337   * The name of the configuration attribute that specifies the writability mode
338   * for a backend.
339   */
340  public static final String ATTR_BACKEND_WRITABILITY_MODE =
341       "ds-cfg-writability-mode";
342
343
344
345  /**
346   * The name of the configuration attribute that holds the DN of the backend
347   * configuration entry with which a backup directory is associated.
348   */
349  public static final String ATTR_BACKUP_BACKEND_DN =
350       NAME_PREFIX_BACKUP + "backend-dn";
351
352
353
354  /**
355   * The name of the configuration attribute that indicates whether a backup is
356   * compressed.
357   */
358  public static final String ATTR_BACKUP_COMPRESSED =
359       NAME_PREFIX_BACKUP + "compressed";
360
361
362
363  /**
364   * The name of the configuration attribute that holds the date that a backup
365   * was made.
366   */
367  public static final String ATTR_BACKUP_DATE = NAME_PREFIX_BACKUP + "date";
368
369
370
371  /**
372   * The name of the configuration attribute that holds the set of dependencies
373   * for a backup.
374   */
375  public static final String ATTR_BACKUP_DEPENDENCY =
376       NAME_PREFIX_BACKUP + "dependency";
377
378
379
380  /**
381   * The name of the configuration attribute that holds the list of default
382   * backup directories to search when using the backup backend.
383   */
384  public static final String ATTR_BACKUP_DIR_LIST =
385       "ds-cfg-backup-directory";
386
387
388
389  /**
390   * The name of the configuration attribute that holds the path to a backup
391   * directory.
392   */
393  public static final String ATTR_BACKUP_DIRECTORY_PATH =
394       NAME_PREFIX_BACKUP + "directory-path";
395
396
397
398  /**
399   * The name of the configuration attribute that indicates whether a backup is
400   * encrypted.
401   */
402  public static final String ATTR_BACKUP_ENCRYPTED =
403       NAME_PREFIX_BACKUP + "encrypted";
404
405
406
407  /**
408   * The name of the configuration attribute that holds the backup ID.
409   */
410  public static final String ATTR_BACKUP_ID = NAME_PREFIX_BACKUP + "id";
411
412
413
414  /**
415   * The name of the configuration attribute that indicates whether a backup is
416   * an incremental backup.
417   */
418  public static final String ATTR_BACKUP_INCREMENTAL =
419       NAME_PREFIX_BACKUP + "incremental";
420
421
422
423  /**
424   * The name of the configuration attribute that holds the signed hash for a
425   * backup.
426   */
427  public static final String ATTR_BACKUP_SIGNED_HASH =
428       NAME_PREFIX_BACKUP + "signed-hash";
429
430
431
432  /**
433   * The name of the configuration attribute that holds the unsigned hash for a
434   * backup.
435   */
436  public static final String ATTR_BACKUP_UNSIGNED_HASH =
437       NAME_PREFIX_BACKUP + "unsigned-hash";
438
439
440
441  /**
442   * The name of the configuration attribute that indicates whether simple binds
443   * containing a DN must also contain a password.
444   */
445  public static final String ATTR_BIND_WITH_DN_REQUIRES_PW =
446       "ds-cfg-bind-with-dn-requires-password";
447
448
449
450  /**
451   * The default value for the bind with DN requires password configuration
452   * attribute.
453   */
454  public static final boolean DEFAULT_BIND_WITH_DN_REQUIRES_PW = true;
455
456
457
458  /**
459   * The name of the configuration attribute that indicates whether an
460   * unauthenticated request should be rejected.
461   */
462  public static final String ATTR_REJECT_UNAUTHENTICATED_REQ =
463       "ds-cfg-reject-unauthenticated-requests";
464
465
466  /**
467   * The default value for the reject unauthenticated request attribute.
468   */
469  public static final boolean DEFAULT_REJECT_UNAUTHENTICATED_REQ = false;
470
471
472
473  /**
474   * The name of the configuration attribute that holds the name of the
475   * attribute type that should be used when mapping a certificate fingerprint
476   * to a user entry.
477   */
478  public static final String ATTR_CERTIFICATE_FINGERPRINT_ATTR =
479       "ds-cfg-fingerprint-attribute";
480
481
482
483  /**
484   * The name of the configuration attribute that holds the name of the
485   * algorithm that should be used to generate the certificate fingerprint.
486   */
487  public static final String ATTR_CERTIFICATE_FINGERPRINT_ALGORITHM =
488       "ds-cfg-fingerprint-algorithm";
489
490
491
492  /**
493   * The name of the configuration attribute that holds the name of the
494   * attribute type that should be used when mapping a certificate subject to a
495   * user entry.
496   */
497  public static final String ATTR_CERTIFICATE_SUBJECT_ATTR =
498       "ds-cfg-subject-attribute";
499
500
501
502  /**
503   * The name of the configuration attribute that holds the name of the
504   * attribute type that should be used when mapping attributes in a certificate
505   * subject to a user entry.
506   */
507  public static final String ATTR_CERTIFICATE_SUBJECT_ATTR_MAP =
508       "ds-cfg-subject-attribute-mapping";
509
510
511
512  /**
513   * The name of the configuration attribute that holds the name of the
514   * attribute type that should be used when mapping a certificate subject to a
515   * user entry.
516   */
517  public static final String ATTR_CERTIFICATE_SUBJECT_BASEDN =
518       "ds-cfg-user-base-dn";
519
520
521
522  /**
523   * The name of the configuration attribute that holds the fully-qualified name
524   * of the Java class for the certificate mapper implementation.
525   */
526  public static final String ATTR_CERTMAPPER_CLASS =
527       "ds-cfg-java-class";
528
529
530
531  /**
532   * The name of the configuration attribute that holds the DN of a certificate
533   * mapper configuration entry.
534   */
535  public static final String ATTR_CERTMAPPER_DN =
536       "ds-cfg-certificate-mapper";
537
538
539
540  /**
541   * The name of the configuration attribute that indicates whether the
542   * certificate mapper is enabled.
543   */
544  public static final String ATTR_CERTMAPPER_ENABLED =
545       "ds-cfg-enabled";
546
547
548
549  /**
550   * The name of the configuration attribute that indicates whether schema
551   * checking should be enabled in the server.
552   */
553  public static final String ATTR_CHECK_SCHEMA =
554       "ds-cfg-check-schema";
555
556
557
558  /**
559   * The name of the configuration attribute that specifies the manner in which
560   * SSL client certificates may be validated against certificates in the
561   * corresponding user's entry during SASL EXTERNAL authentication.
562   */
563  public static final String ATTR_CLIENT_CERT_VALIDATION_POLICY =
564       "ds-cfg-certificate-validation-policy";
565
566
567
568  /**
569   * The name of the configuration attribute that holds the fully-qualified name
570   * of the Java class for the connection handler implementation.
571   */
572  public static final String ATTR_CONNECTION_HANDLER_CLASS =
573       "ds-cfg-java-class";
574
575
576
577  /**
578   * The name of the configuration attribute that indicates whether a particular
579   * connection handler is enabled.
580   */
581  public static final String ATTR_CONNECTION_HANDLER_ENABLED =
582       "ds-cfg-enabled";
583
584
585
586  /**
587   * The name of the configuration attribute that specifies the DN of the
588   * default password policy for the Directory Server.
589   */
590  public static final String ATTR_DEFAULT_PWPOLICY_DN =
591       "ds-cfg-default-password-policy";
592
593
594
595  /**
596   * The name of the configuration attribute that specifies the set of
597   * privileges that root users should automatically be granted in the server.
598   */
599  public static final String ATTR_DEFAULT_ROOT_PRIVILEGE_NAME =
600       "ds-cfg-default-root-privilege-name";
601
602
603
604  /**
605   * The name of the configuration attribute that indicates which clients
606   * should not be allowed to establish connections.
607   */
608  public static final String ATTR_DENIED_CLIENT =
609       "ds-cfg-denied-client";
610
611
612
613  /**
614   * The name of the configuration attribute that specifies the realm that
615   * should be used for DIGEST-MD5 authentication.
616   */
617  public static final String ATTR_DIGESTMD5_REALM = "ds-cfg-realm";
618
619
620
621  /**
622   * The name of the attribute that is used to hold the DIT content rule
623   * definitions in the server schema, formatted in camelCase.
624   */
625  public static final String ATTR_DIT_CONTENT_RULES = "dITContentRules";
626
627
628
629  /**
630   * The name of the attribute that is used to hold the DIT content rule
631   * definitions in the server schema, formatted in all lowercase.
632   */
633  public static final String ATTR_DIT_CONTENT_RULES_LC = "ditcontentrules";
634
635
636
637  /**
638   * The name of the attribute that is used to hold the DIT structure rule
639   * definitions in the server schema, formatted in camelCase.
640   */
641  public static final String ATTR_DIT_STRUCTURE_RULES = "dITStructureRules";
642
643
644
645  /**
646   * The name of the attribute that is used to hold the DIT structure rule
647   * definitions in the server schema, formatted in all lowercase.
648   */
649  public static final String ATTR_DIT_STRUCTURE_RULES_LC = "ditstructurerules";
650
651
652
653  /**
654   * The name of the configuration attribute that holds the fully-qualified name
655   * of the Java class for the entry cache implementation.
656   */
657  public static final String ATTR_ENTRYCACHE_CLASS =
658       "ds-cfg-java-class";
659
660
661
662  /**
663   * The name of the configuration attribute that indicates whether the entry
664   * cache is enabled.
665   */
666  public static final String ATTR_ENTRYCACHE_ENABLED =
667       "ds-cfg-enabled";
668
669
670
671  /**
672   * The name of the configuration attribute that holds the fully-qualified name
673   * for the extended operation handler class.
674   */
675  public static final String ATTR_EXTOP_CLASS =
676       "ds-cfg-java-class";
677
678
679
680  /**
681   * The name of the configuration attribute that indicates whether an extended
682   * operation handler should be enabled.
683   */
684  public static final String ATTR_EXTOP_ENABLED =
685       "ds-cfg-enabled";
686
687
688
689  /**
690   * The name of the configuration attribute that contains a set of search
691   * filters to use to determine which entries should be excluded from the
692   * cache.
693   */
694  public static final String ATTR_FIFOCACHE_EXCLUDE_FILTER =
695       "ds-cfg-exclude-filter";
696
697
698
699  /**
700   * The name of the configuration attribute that contains a set of search
701   * filters to use to determine which entries should be included in the cache.
702   */
703  public static final String ATTR_FIFOCACHE_INCLUDE_FILTER =
704       "ds-cfg-include-filter";
705
706
707
708  /**
709   * The name of the configuration attribute that indicates the maximum length
710   * of time in milliseconds to spend trying to acquire a lock for an entry in
711   * the cache.
712   */
713  public static final String ATTR_FIFOCACHE_LOCK_TIMEOUT =
714       "ds-cfg-lock-timeout";
715
716
717
718  /**
719   * The default value for the entry cache lockout timeout that will be used if
720   * no other value is specified.
721   */
722  public static final long DEFAULT_FIFOCACHE_LOCK_TIMEOUT = 2000L;
723
724
725
726  /**
727   * The name of the configuration attribute that indicates the maximum number
728   * of entries that the FIFO entry cache will be allowed to hold.
729   */
730  public static final String ATTR_FIFOCACHE_MAX_ENTRIES =
731       "ds-cfg-max-entries";
732
733
734
735  /**
736   * The default value for the entry cache max entries that will be used if no
737   * other value is specified.
738   */
739  public static final long DEFAULT_FIFOCACHE_MAX_ENTRIES = Long.MAX_VALUE;
740
741
742
743  /**
744   * The name of the configuration attribute that indicates the maximum
745   * percentage of available memory in the JVM that the FIFO entry cache will be
746   * allowed to consume.
747   */
748  public static final String ATTR_FIFOCACHE_MAX_MEMORY_PCT =
749       "ds-cfg-max-memory-percent";
750
751
752
753  /**
754   * The default value for the entry cache max memory percent that will be used
755   * if no other value is specified.
756   */
757  public static final int DEFAULT_FIFOCACHE_MAX_MEMORY_PCT = 90;
758
759
760  /**
761   * The name of the configuration attribute that contains a set of search
762   * filters to use to determine which entries should be excluded from the
763   * cache.
764   */
765  public static final String ATTR_FSCACHE_EXCLUDE_FILTER =
766       "ds-cfg-exclude-filter";
767
768  /**
769   * The name of the configuration attribute that contains a set of search
770   * filters to use to determine which entries should be included in the cache.
771   */
772  public static final String ATTR_FSCACHE_INCLUDE_FILTER =
773       "ds-cfg-include-filter";
774
775  /**
776   * The name of the configuration attribute that indicates the maximum length
777   * of time in milliseconds to spend trying to acquire a lock for an entry in
778   * the cache.
779   */
780  public static final String ATTR_FSCACHE_LOCK_TIMEOUT =
781       "ds-cfg-lock-timeout";
782
783  /**
784   * The default value for the entry cache lockout timeout that will be used if
785   * no other value is specified.
786   */
787  public static final long DEFAULT_FSCACHE_LOCK_TIMEOUT = 2000L;
788
789  /**
790   * The name of the configuration attribute that indicates the maximum number
791   * of entries that the FIFO entry cache will be allowed to hold.
792   */
793  public static final String ATTR_FSCACHE_MAX_ENTRIES =
794       "ds-cfg-max-entries";
795
796  /**
797   * The default value for the entry cache max entries that will be used if no
798   * other value is specified.
799   */
800  public static final long DEFAULT_FSCACHE_MAX_ENTRIES = Long.MAX_VALUE;
801
802  /**
803   * The name of the configuration attribute that indicates the maximum
804   * memory size of the FS entry cache.
805   */
806  public static final String ATTR_FSCACHE_MAX_MEMORY_SIZE =
807       "ds-cfg-max-memory-size";
808
809  /**
810   * The name of the configuration attribute that specifies the entry cache JE
811   * environment home.
812   */
813  public static final String ATTR_FSCACHE_HOME =
814      "ds-cfg-cache-directory";
815
816  /**
817   * The default value for the entry cache JE environment home that will be used
818   * if no other value is specified.
819   */
820  public static final String DEFAULT_FSCACHE_HOME = "/tmp/OpenDS.FSCache";
821
822  /**
823   * The name of the configuration attribute that indicates the maximum
824   * available space in bytes in the file system that JE cache will be
825   * allowed to consume.
826   */
827  public static final String ATTR_FSCACHE_JE_CACHE_SIZE =
828       "ds-cfg-db-cache-size";
829
830  /**
831   * The default value for the JE cache size in bytes that will be used
832   * if no other value is specified.
833   */
834  public static final long DEFAULT_FSCACHE_JE_CACHE_SIZE = 0;
835
836  /**
837   * The name of the configuration attribute that indicates the maximum
838   * available memory percent that JE cache can consume.
839   */
840  public static final String ATTR_FSCACHE_JE_CACHE_PCT =
841       "ds-cfg-db-cache-percent";
842
843  /**
844   * The default value for the JE cache size percent that will be used
845   * if no other value is specified.
846   */
847  public static final int DEFAULT_FSCACHE_JE_CACHE_PCT = 0;
848
849  /**
850   * The name of the configuration attribute that indicates whether
851   * file system entry cache is configured as persistent or not.
852   */
853  public static final String ATTR_FSCACHE_IS_PERSISTENT =
854       "ds-cfg-persistent-cache";
855
856  /**
857   * The default value to indicate whether the cache is persistent or not.
858   */
859  public static final boolean DEFAULT_FSCACHE_IS_PERSISTENT = false;
860
861  /**
862   * The default value to indicate which cache type to use.
863   */
864  public static final String DEFAULT_FSCACHE_TYPE = "FIFO";
865
866  /**
867   * The name of the configuration attribute that indicates which
868   * cache type will be used.
869   */
870  public static final String ATTR_FSCACHE_TYPE =
871       "ds-cfg-cache-type";
872
873  /**
874   * The name of the configuration attribute that specifies the fully-qualified
875   * class name for a group implementation.
876   */
877  public static final String ATTR_GROUP_IMPLEMENTATION_CLASS =
878       "ds-cfg-java-class";
879
880
881
882  /**
883   * The name of the configuration attribute that indicates whether a group
884   * implementation should be enabled for use in the server.
885   */
886  public static final String ATTR_GROUP_IMPLEMENTATION_ENABLED =
887       "ds-cfg-enabled";
888
889
890
891  /**
892   * The name of the configuration attribute that holds the address of the KDC
893   * to use when processing SASL GSSAPI binds.
894   */
895  public static final String ATTR_GSSAPI_KDC = "ds-cfg-kdc-address";
896
897
898
899  /**
900   * The name of the configuration attribute that holds the path to the Kerberos
901   * keytab file to use when processing SASL GSSAPI binds.
902   */
903  public static final String ATTR_GSSAPI_KEYTAB_FILE =
904       "ds-cfg-keytab";
905
906
907
908  /**
909   * The name of the configuration attribute that holds the default Kerberos
910   * realm to use when processing SASL GSSAPI binds.
911   */
912  public static final String ATTR_GSSAPI_REALM = "ds-cfg-realm";
913
914
915
916  /**
917   * The name of the configuration attribute that holds the fully-qualified name
918   * of an identity mapper class.
919   */
920  public static final String ATTR_IDMAPPER_CLASS =
921       "ds-cfg-java-class";
922
923
924
925  /**
926   * The name of the configuration attribute that holds the DN of an identity
927   * mapper configuration entry.
928   */
929  public static final String ATTR_IDMAPPER_DN =
930       "ds-cfg-identity-mapper";
931
932
933
934  /**
935   * The name of the configuration attribute that indicates whether an identity
936   * mapper is enabled.
937   */
938  public static final String ATTR_IDMAPPER_ENABLED =
939       "ds-cfg-enabled";
940
941
942
943  /**
944   * The name of the configuration attribute that defines the behavior that the
945   * server should use when a value is encountered that does not conform to the
946   * associated attribute syntax.
947   */
948  public static final String ATTR_INVALID_SYNTAX_BEHAVIOR =
949       "ds-cfg-invalid-attribute-syntax-behavior";
950
951
952
953  /**
954   * The name of the configuration attribute that defines the behavior that the
955   * server should use when an entry is encountered that does not contain
956   * exactly one structural objectclass.
957   */
958  public static final String ATTR_SINGLE_STRUCTURAL_CLASS_BEHAVIOR =
959       "ds-cfg-single-structural-objectclass-behavior";
960
961
962
963  /**
964   * The name of the configuration attribute that holds the set of attribute
965   * syntax definitions in the server schema, formatted in camelCase.
966   */
967  public static final String ATTR_LDAP_SYNTAXES = "ldapSyntaxes";
968
969
970
971  /**
972   * The name of the configuration attribute that holds the set of attribute
973   * syntax definitions in the server schema, formatted in all lowercase.
974   */
975  public static final String ATTR_LDAP_SYNTAXES_LC = "ldapsyntaxes";
976
977
978
979  /**
980   * The name of the configuration attribute that indicates whether the LDAP
981   * connection handler should keep statistical information.
982   */
983  public static final String ATTR_KEEP_LDAP_STATS =
984       "ds-cfg-keep-stats";
985
986
987
988  /**
989   * Indicates whether the LDAP connection handler should keep statistical
990   * information by default.
991   */
992  public static final boolean DEFAULT_KEEP_LDAP_STATS = true;
993
994
995
996  /**
997   * The name of the configuration attribute that specifies the fully-qualified
998   * name of the class to use as the key manager provider.
999   */
1000  public static final String ATTR_KEYMANAGER_CLASS =
1001       "ds-cfg-java-class";
1002
1003
1004
1005  /**
1006   * The name of the configuration attribute that specifies the DN of the
1007   * configuration entry for the key manager provider.
1008   */
1009  public static final String ATTR_KEYMANAGER_DN =
1010       "ds-cfg-key-manager-provider";
1011
1012
1013
1014  /**
1015   * The name of the configuration attribute that indicates whether the key
1016   * manager provider should be enabled.
1017   */
1018  public static final String ATTR_KEYMANAGER_ENABLED =
1019       "ds-cfg-enabled";
1020
1021
1022
1023  /**
1024   * The name of the configuration attribute that specifies the path to the
1025   * keystore file.
1026   */
1027  public static final String ATTR_KEYSTORE_FILE =
1028       "ds-cfg-key-store-file";
1029
1030
1031
1032  /**
1033   * The name of the configuration attribute that specifies the PIN needed to
1034   * access the keystore.
1035   */
1036  public static final String ATTR_KEYSTORE_PIN =
1037       "ds-cfg-key-store-pin";
1038
1039
1040
1041  /**
1042   * The name of the configuration attribute that specifies the name of the
1043   * environment variable containing the PIN needed to access the keystore.
1044   */
1045  public static final String ATTR_KEYSTORE_PIN_ENVAR =
1046       "ds-cfg-key-store-pin-environment-variable";
1047
1048
1049
1050  /**
1051   * The name of the configuration attribute that specifies the path to the file
1052   * containing the PIN needed to access the keystore.
1053   */
1054  public static final String ATTR_KEYSTORE_PIN_FILE =
1055       "ds-cfg-key-store-pin-file";
1056
1057
1058
1059  /**
1060   * The name of the configuration attribute that specifies the name of the Java
1061   * property containing the PIN needed to access the keystore.
1062   */
1063  public static final String ATTR_KEYSTORE_PIN_PROPERTY =
1064  "ds-cfg-key-store-pin-property";
1065
1066
1067
1068  /**
1069   * The name of the configuration attribute that specifies the format of the
1070   * data in the keystore file.
1071   */
1072  public static final String ATTR_KEYSTORE_TYPE =
1073       "ds-cfg-key-store-type";
1074
1075
1076
1077  /**
1078   * The name of the configuration attribute that specifies the fully-qualified
1079   * name of the class to use as the trust manager provider.
1080   */
1081  public static final String ATTR_TRUSTMANAGER_CLASS =
1082       "ds-cfg-java-class";
1083
1084
1085
1086  /**
1087   * The name of the configuration attribute that specifies the DN of the
1088   * configuration entry for the trust manager provider.
1089   */
1090  public static final String ATTR_TRUSTMANAGER_DN =
1091       "ds-cfg-trust-manager-provider";
1092
1093
1094
1095  /**
1096   * The name of the configuration attribute that indicates whether the trust
1097   * manager provider should be enabled.
1098   */
1099  public static final String ATTR_TRUSTMANAGER_ENABLED =
1100       "ds-cfg-enabled";
1101
1102
1103
1104  /**
1105   * The name of the configuration attribute that specifies the path to the
1106   * trust store file.
1107   */
1108  public static final String ATTR_TRUSTSTORE_FILE =
1109       "ds-cfg-trust-store-file";
1110
1111
1112
1113  /**
1114   * The name of the configuration attribute that specifies the PIN needed to
1115   * access the trust store.
1116   */
1117  public static final String ATTR_TRUSTSTORE_PIN =
1118       "ds-cfg-trust-store-pin";
1119
1120
1121
1122  /**
1123   * The name of the configuration attribute that specifies the name of the
1124   * environment variable containing the PIN needed to access the trust store.
1125   */
1126  public static final String ATTR_TRUSTSTORE_PIN_ENVAR =
1127       "ds-cfg-trust-store-pin-environment-variable";
1128
1129
1130
1131  /**
1132   * The name of the configuration attribute that specifies the path to the file
1133   * containing the PIN needed to access the trust store.
1134   */
1135  public static final String ATTR_TRUSTSTORE_PIN_FILE =
1136       "ds-cfg-trust-store-pin-file";
1137
1138
1139
1140  /**
1141   * The name of the configuration attribute that specifies the name of the Java
1142   * property containing the PIN needed to access the trust store.
1143   */
1144  public static final String ATTR_TRUSTSTORE_PIN_PROPERTY =
1145       "ds-cfg-trust-store-pin-property";
1146
1147
1148
1149  /**
1150   * The name of the configuration attribute that specifies the format of the
1151   * data in the trust store file.
1152   */
1153  public static final String ATTR_TRUSTSTORE_TYPE =
1154       "ds-cfg-trust-store-type";
1155
1156
1157
1158  /**
1159   * The name of the configuration attribute that specifies the address or set
1160   * of addresses on which a connection handler should listen.
1161   */
1162  public static final String ATTR_LISTEN_ADDRESS =
1163       "ds-cfg-listen-address";
1164
1165
1166
1167  /**
1168   * The name of the configuration attribute that specifies the port or set of
1169   * ports on which a connection handler should listen.
1170   */
1171  public static final String ATTR_LISTEN_PORT = "ds-cfg-listen-port";
1172
1173  /**
1174   * The attribute that specifies if internal operations should be logged
1175   * or not.
1176   */
1177  public static final String ATTR_LOGGER_SUPPRESS_INTERNAL_OPERATIONS =
1178       "ds-cfg-suppress-internal-operations";
1179
1180
1181  /**
1182   * The policy type for rotating log files.
1183   */
1184  public static final String ATTR_LOGGER_ROTATION_POLICY =
1185       "ds-cfg-rotation-policy";
1186
1187  /**
1188   * The policy type for retaining log files.
1189   */
1190  public static final String ATTR_LOGGER_RETENTION_POLICY =
1191       "ds-cfg-retention-policy";
1192
1193  /**
1194   * The number of files to retain attribute type.
1195   */
1196  public static final String ATTR_LOGGER_RETENTION_NUMBER_OF_FILES =
1197       "ds-cfg-number-of-files";
1198
1199  /**
1200   * The disk space used attribute.
1201   */
1202  public static final String ATTR_LOGGER_RETENTION_DISK_SPACE_USED =
1203       "ds-cfg-disk-space-used";
1204
1205  /**
1206   * The free disk space attribute.
1207   */
1208  public static final String ATTR_LOGGER_RETENTION_FREE_DISK_SPACE =
1209       "ds-cfg-free-disk-space";
1210
1211
1212  /**
1213   * The size limit for the size based rotation policy.
1214   */
1215  public static final String ATTR_LOGGER_ROTATION_SIZE_LIMIT =
1216       "ds-cfg-size-limit";
1217
1218
1219  /**
1220   * The time of day for the time of day based rotation policy.
1221   */
1222  public static final String ATTR_LOGGER_ROTATION_TIME_OF_DAY =
1223       "ds-cfg-time-of-day";
1224
1225
1226
1227  /**
1228   * The action to be taken at the time of rotation.
1229   */
1230  public static final String ATTR_LOGGER_ROTATION_ACTION =
1231       "ds-cfg-rotation-action";
1232
1233
1234  /**
1235   * The time interval for the logger thread to sleep.
1236   */
1237  public static final String ATTR_LOGGER_THREAD_INTERVAL =
1238       "ds-cfg-time-interval";
1239
1240
1241  /**
1242   * The time interval for the logger thread to sleep.
1243   */
1244  public static final String ATTR_LOGGER_BUFFER_SIZE =
1245       "ds-cfg-buffer-size";
1246
1247
1248
1249  /**
1250   * The name of the configuration attribute that holds the fully-qualified name
1251   * for the logger class.
1252   */
1253  public static final String ATTR_LOGGER_CLASS =
1254       "ds-cfg-java-class";
1255
1256
1257
1258  /**
1259   * The name of the configuration attribute that indicates whether a Directory
1260   * Server logger should be enabled.
1261   */
1262  public static final String ATTR_LOGGER_ENABLED =
1263       "ds-cfg-enabled";
1264
1265
1266
1267  /**
1268   * The name of the configuration attribute that specifies the attribute or set
1269   * of attributes that should be used when attempting to map an ID string to
1270   * a user entry.
1271   */
1272  public static final String ATTR_MATCH_ATTRIBUTE =
1273       "ds-cfg-match-attribute";
1274
1275
1276
1277  /**
1278   * The name of the configuration attribute that specifies the base DN(s) that
1279   * should be used when attempting to map an ID string to a user entry.
1280   */
1281  public static final String ATTR_MATCH_BASE =
1282       "ds-cfg-match-base-dn";
1283
1284
1285
1286  /**
1287   * The name of the configuration attribute that holds the set of matching rule
1288   * definitions in the server schema, formatted in camelCase.
1289   */
1290  public static final String ATTR_MATCHING_RULES = "matchingRules";
1291
1292
1293
1294  /**
1295   * The name of the configuration attribute that holds the set of matching rule
1296   * definitions in the server schema, formatted in all lowercase.
1297   */
1298  public static final String ATTR_MATCHING_RULES_LC = "matchingrules";
1299
1300
1301
1302  /**
1303   * The name of the configuration attribute that holds the set of matching rule
1304   * use definitions in the server schema, formatted in camelCase.
1305   */
1306  public static final String ATTR_MATCHING_RULE_USE = "matchingRuleUse";
1307
1308
1309
1310  /**
1311   * The name of the configuration attribute that holds the set of matching rule
1312   * use definitions in the server schema, formatted in all lowercase.
1313   */
1314  public static final String ATTR_MATCHING_RULE_USE_LC = "matchingruleuse";
1315
1316
1317
1318  /**
1319   * The default maximum request size that should be used if none is specified
1320   * in the configuration.
1321   */
1322  public static final int DEFAULT_MAX_REQUEST_SIZE = 5 * 1024 * 1024; // 5 MB
1323
1324
1325
1326  /**
1327   * The name of the configuration attribute that specifies the fully-qualified
1328   * name of the Java class that defines a Directory Server matching rule.
1329   */
1330  public static final String ATTR_MATCHING_RULE_CLASS =
1331       "ds-cfg-java-class";
1332
1333
1334
1335  /**
1336   * The name of the configuration attribute that indicates whether a matching
1337   * rule should be enabled.
1338   */
1339  public static final String ATTR_MATCHING_RULE_ENABLED =
1340       "ds-cfg-enabled";
1341
1342
1343
1344  /**
1345   * The name of the configuration attribute that indicates the maximum allowed
1346   * size of a request in bytes.
1347   */
1348  public static final String ATTR_MAX_REQUEST_SIZE =
1349       "ds-cfg-max-request-size";
1350
1351
1352
1353  /**
1354   * The name of the configuration attribute that holds the fully-qualified name
1355   * for the monitor provider class.
1356   */
1357  public static final String ATTR_MONITOR_CLASS =
1358       "ds-cfg-java-class";
1359
1360
1361
1362  /**
1363   * The name of the configuration attribute that indicates whether a monitor
1364   * provider should be enabled.
1365   */
1366  public static final String ATTR_MONITOR_ENABLED =
1367       "ds-cfg-enabled";
1368
1369
1370
1371  /**
1372   * The name of the attribute that is used to hold the name form definitions in
1373   * the server schema, formatted in camelCase.
1374   */
1375  public static final String ATTR_NAME_FORMS = "nameForms";
1376
1377
1378
1379  /**
1380   * The name of the attribute that is used to hold the name form definitions in
1381   * the server schema, formatted in all lowercase.
1382   */
1383  public static final String ATTR_NAME_FORMS_LC = "nameforms";
1384
1385
1386
1387  /**
1388   * The name of the configuration attribute that indicates whether to send a
1389   * response to operations that have been abandoned.
1390   */
1391  public static final String ATTR_NOTIFY_ABANDONED_OPS =
1392       "ds-cfg-notify-abandoned-operations";
1393
1394
1395
1396  /**
1397   * The name of the configuration attribute that indicates the number of
1398   * request handlers that should be used to read requests from clients.
1399   */
1400  public static final String ATTR_NUM_REQUEST_HANDLERS =
1401       "ds-cfg-num-request-handlers";
1402
1403
1404
1405  /**
1406   * The default number of request handler threads to use if it is not specified
1407   * in the configuration.
1408   */
1409  public static final int DEFAULT_NUM_REQUEST_HANDLERS = 1;
1410
1411
1412
1413  /**
1414   * The name of the configuration attribute that indicates the number of worker
1415   * threads that should be used to process requests.
1416   */
1417  public static final String ATTR_NUM_WORKER_THREADS =
1418       "ds-cfg-num-worker-threads";
1419
1420
1421
1422  /**
1423   * The default number of worker threads that should be used if no value is
1424   * specified in the configuration.
1425   */
1426  public static final int DEFAULT_NUM_WORKER_THREADS = 24;
1427
1428
1429
1430  /**
1431   * The name of the standard attribute that holds the objectclass values for
1432   * the entry, formatted in camelCase.
1433   */
1434  public static final String ATTR_OBJECTCLASS = "objectClass";
1435
1436
1437
1438  /**
1439   * The name of the configuration attribute that holds the set of objectclass
1440   * definitions in the server schema, formatted in camelCase.
1441   */
1442  public static final String ATTR_OBJECTCLASSES = "objectClasses";
1443
1444
1445
1446  /**
1447   * The name of the configuration attribute that holds the set of objectclass
1448   * definitions in the server schema, formatted in all lowercase.
1449   */
1450  public static final String ATTR_OBJECTCLASSES_LC = "objectclasses";
1451
1452
1453
1454  /**
1455   * The name of the configuration attribute that specifies a character set that
1456   * can be used with a password.
1457   */
1458  public static final String ATTR_PASSWORD_CHARSET =
1459       "ds-cfg-password-character-set";
1460
1461
1462
1463  /**
1464   * The name of the configuration attribute that specifies the format that
1465   * should be used for generating a password.
1466   */
1467  public static final String ATTR_PASSWORD_FORMAT =
1468       "ds-cfg-password-format";
1469
1470
1471
1472  /**
1473   * The name of the configuration attribute that specifies the maximum allowed
1474   * length for a password.
1475   */
1476  public static final String ATTR_PASSWORD_MAX_LENGTH =
1477       "ds-cfg-max-password-length";
1478
1479
1480
1481  /**
1482   * The name of the configuration attribute that specifies the minimum allowed
1483   * length for a password.
1484   */
1485  public static final String ATTR_PASSWORD_MIN_LENGTH =
1486       "ds-cfg-min-password-length";
1487
1488  /**
1489   * The name of the configuration attribute that specifies the minimum allowed
1490   * difference for a password.
1491   */
1492  public static final String ATTR_PASSWORD_MIN_DIFFERENCE =
1493       "ds-cfg-min-password-difference";
1494
1495
1496  /**
1497   * The name of the configuration attribute that holds the fully-qualified name
1498   * of the Java class for a plugin implementation.
1499   */
1500  public static final String ATTR_PLUGIN_CLASS =
1501       "ds-cfg-java-class";
1502
1503
1504
1505  /**
1506   * The name of the configuration attribute that indicates whether a particular
1507   * plugin is enabled.
1508   */
1509  public static final String ATTR_PLUGIN_ENABLED =
1510       "ds-cfg-enabled";
1511
1512
1513
1514  /**
1515   * The name of the configuration attribute that indicates the ways in which a
1516   * plugin will be used.
1517   */
1518  public static final String ATTR_PLUGIN_TYPE =
1519       "ds-cfg-plugin-type";
1520
1521
1522
1523  /**
1524   * The name of the configuration attribute that may be modified in order to
1525   * cause the profiler to take some action (e.g., starting or stopping
1526   * collection).
1527   */
1528  public static final String ATTR_PROFILE_ACTION =
1529      "ds-cfg-profile-action";
1530
1531
1532
1533  /**
1534   * The name of the configuration attribute that indicates whether the
1535   * Directory Server profiler plugin should be automatically enabled when the
1536   * server is starting.
1537   */
1538  public static final String ATTR_PROFILE_AUTOSTART =
1539       "ds-cfg-enable-profiling-on-startup";
1540
1541
1542
1543  /**
1544   * The name of the configuration attribute that holds the path to the
1545   * directory into which profile information will be written.
1546   */
1547  public static final String ATTR_PROFILE_DIR =
1548       "ds-cfg-profile-directory";
1549
1550
1551
1552  /**
1553   * The name of the configuration attribute that holds the profile sample
1554   * interval in milliseconds.
1555   */
1556  public static final String ATTR_PROFILE_INTERVAL =
1557       "ds-cfg-profile-sample-interval";
1558
1559
1560
1561  /**
1562   * The default sample interval in milliseconds to use when profiling if no
1563   * other value is specified.
1564   */
1565  public static final long DEFAULT_PROFILE_INTERVAL = 10;
1566
1567
1568
1569  /**
1570   * The name of the read-only configuration attribute that holds the current
1571   * state of the profiler.
1572   */
1573  public static final String ATTR_PROFILE_STATE =
1574       "ds-cfg-profiler-state";
1575
1576
1577
1578  /**
1579   * The name of the configuration attribute that holds the DN of the identity
1580   * mapper configuration entry for use with the proxied authorization V2
1581   * control.
1582   */
1583  public static final String ATTR_PROXY_MAPPER_DN =
1584       "ds-cfg-proxied-authorization-identity-mapper";
1585
1586
1587
1588  /**
1589   * The name of the configuration attribute that holds the fully-qualified name
1590   * for the password generator class.
1591   */
1592  public static final String ATTR_PWGENERATOR_CLASS =
1593       "ds-cfg-java-class";
1594
1595
1596
1597  /**
1598   * The name of the configuration attribute that indicates whether a password
1599   * generator is enabled.
1600   */
1601  public static final String ATTR_PWGENERATOR_ENABLED =
1602       "ds-cfg-enabled";
1603
1604
1605
1606  /**
1607   * The name of the configuration attribute that indicates whether a user will
1608   * be allowed to change their password even if it is expired.
1609   */
1610  public static final String ATTR_PWPOLICY_ALLOW_EXPIRED_CHANGES =
1611       "ds-cfg-allow-expired-password-changes";
1612
1613
1614
1615  /**
1616   * The default value for the allowExpiredPasswordChanges configuration
1617   * attribute.
1618   */
1619  public static final boolean DEFAULT_PWPOLICY_ALLOW_EXPIRED_CHANGES = false;
1620
1621
1622
1623  /**
1624   * The name of the configuration attribute that indicates whether a user may
1625   * provide a pre-encoded password.
1626   */
1627  public static final String ATTR_PWPOLICY_ALLOW_PRE_ENCODED_PASSWORDS =
1628       "ds-cfg-allow-pre-encoded-passwords";
1629
1630
1631
1632  /**
1633   * The default value for the allowPreEncodedPasswords configuration attribute.
1634   */
1635  public static final boolean DEFAULT_PWPOLICY_ALLOW_PRE_ENCODED_PASSWORDS =
1636       false;
1637
1638
1639
1640  /**
1641   * The name of the configuration attribute that indicates whether user entries
1642   * will be allowed to have multiple values for the password attribute.
1643   */
1644  public static final String ATTR_PWPOLICY_ALLOW_MULTIPLE_PW_VALUES =
1645       "ds-cfg-allow-multiple-password-values";
1646
1647
1648
1649  /**
1650   * The default value for the allowMultiplePasswordValues configuration
1651   * attribute.
1652   */
1653  public static final boolean DEFAULT_PWPOLICY_ALLOW_MULTIPLE_PW_VALUES = false;
1654
1655
1656
1657  /**
1658   * The name of the configuration attribute that indicates whether users will
1659   * be allowed to change their own passwords.
1660   */
1661  public static final String ATTR_PWPOLICY_ALLOW_USER_CHANGE =
1662       "ds-cfg-allow-user-password-changes";
1663
1664
1665
1666  /**
1667   * The default value for the allowUserPasswordChanges configuration attribute.
1668   */
1669  public static final boolean DEFAULT_PWPOLICY_ALLOW_USER_CHANGE = true;
1670
1671
1672
1673  /**
1674   * The name of the configuration attribute that specifies the default password
1675   * storage schemes for a password policy.
1676   */
1677  public static final String ATTR_PWPOLICY_DEFAULT_SCHEME =
1678       "ds-cfg-default-password-storage-scheme";
1679
1680
1681
1682  /**
1683   * The name of the configuration attribute that indicates whether a user
1684   * password will be allowed to expire even if they have not yet seen a warning
1685   * notification.
1686   */
1687  public static final String ATTR_PWPOLICY_EXPIRE_WITHOUT_WARNING =
1688       "ds-cfg-expire-passwords-without-warning";
1689
1690
1691
1692  /**
1693   * The default value for the expirePasswordsWithoutWarning configuration
1694   * attribute.
1695   */
1696  public static final boolean DEFAULT_PWPOLICY_EXPIRE_WITHOUT_WARNING = false;
1697
1698
1699
1700  /**
1701   * The name of the configuration attribute that indicates whether a user must
1702   * change their password upon first authenticating after their account is
1703   * created.
1704   */
1705  public static final String ATTR_PWPOLICY_FORCE_CHANGE_ON_ADD =
1706       "ds-cfg-force-change-on-add";
1707
1708
1709
1710  /**
1711   * The default value for the forceChangeOnAdd configuration attribute.
1712   */
1713  public static final boolean DEFAULT_PWPOLICY_FORCE_CHANGE_ON_ADD = false;
1714
1715
1716
1717  /**
1718   * The name of the configuration attribute that indicates whether a user must
1719   * change their password after it is reset by an administrator.
1720   */
1721  public static final String ATTR_PWPOLICY_FORCE_CHANGE_ON_RESET =
1722       "ds-cfg-force-change-on-reset";
1723
1724
1725
1726  /**
1727   * The default value for the forceChangeOnReset configuration attribute.
1728   */
1729  public static final boolean DEFAULT_PWPOLICY_FORCE_CHANGE_ON_RESET = false;
1730
1731
1732
1733  /**
1734   * The name of the configuration attribute that specifies the number of fixed
1735   * grace login attempts that a user will have.
1736   */
1737  public static final String ATTR_PWPOLICY_GRACE_LOGIN_COUNT =
1738       "ds-cfg-grace-login-count";
1739
1740
1741
1742  /**
1743   * The default value for the graceLoginCount configuration attribute.
1744   */
1745  public static final int DEFAULT_PWPOLICY_GRACE_LOGIN_COUNT = 0;
1746
1747
1748
1749  /**
1750   * The default value for the password history count configuration attribute.
1751   */
1752  public static final int DEFAULT_PWPOLICY_HISTORY_COUNT = 0;
1753
1754
1755
1756  /**
1757   * The default value for the password history duration configuration
1758   * attribute, in seconds.
1759   */
1760  public static final int DEFAULT_PWPOLICY_HISTORY_DURATION = 0;
1761
1762
1763
1764  /**
1765   * The name of the configuration attribute that specifies the maximum length
1766   * of time an account may remain idle.
1767   */
1768  public static final String ATTR_PWPOLICY_IDLE_LOCKOUT_INTERVAL =
1769       "ds-cfg-idle-lockout-interval";
1770
1771
1772
1773  /**
1774   * The default value for the idleLockoutInterval configuration attribute.
1775   */
1776  public static final int DEFAULT_PWPOLICY_IDLE_LOCKOUT_INTERVAL = 0;
1777
1778
1779
1780  /**
1781   * The name of the configuration attribute that specifies the attribute used
1782   * to hold the last login time.
1783   */
1784  public static final String ATTR_PWPOLICY_LAST_LOGIN_TIME_ATTRIBUTE =
1785       "ds-cfg-last-login-time-attribute";
1786
1787
1788
1789  /**
1790   * The name of the configuration attribute that specifies the format string
1791   * used to generate the last login time.
1792   */
1793  public static final String ATTR_PWPOLICY_LAST_LOGIN_TIME_FORMAT =
1794       "ds-cfg-last-login-time-format";
1795
1796
1797
1798  /**
1799   * The name of the configuration attribute that specifies the length of time
1800   * that a user will remain locked out.
1801   */
1802  public static final String ATTR_PWPOLICY_LOCKOUT_DURATION =
1803       "ds-cfg-lockout-duration";
1804
1805
1806
1807  /**
1808   * The default value for the lockoutDuration configuration attribute.
1809   */
1810  public static final int DEFAULT_PWPOLICY_LOCKOUT_DURATION = 0;
1811
1812
1813
1814  /**
1815   * The name of the configuration attribute that specifies the number of
1816   * authentication failures required to lock out a user account.
1817   */
1818  public static final String ATTR_PWPOLICY_LOCKOUT_FAILURE_COUNT =
1819       "ds-cfg-lockout-failure-count";
1820
1821
1822
1823  /**
1824   * The default value for the lockoutFailureCount configuration attribute.
1825   */
1826  public static final int DEFAULT_PWPOLICY_LOCKOUT_FAILURE_COUNT = 0;
1827
1828
1829
1830  /**
1831   * The name of the configuration attribute that specifies the length of time
1832   * in seconds that an authentication failure will be counted against a user
1833   * for lockout purposes.
1834   */
1835  public static final String ATTR_PWPOLICY_LOCKOUT_FAILURE_EXPIRATION_INTERVAL =
1836       "ds-cfg-lockout-failure-expiration-interval";
1837
1838
1839
1840  /**
1841   * The default value for the lockoutFailureExpirationInterval configuration
1842   * attribute.
1843   */
1844  public static final int DEFAULT_PWPOLICY_LOCKOUT_FAILURE_EXPIRATION_INTERVAL =
1845       0;
1846
1847
1848
1849  /**
1850   * The name of the configuration attribute that specifies the maximum length
1851   * of time allowed between password changes.
1852   */
1853  public static final String ATTR_PWPOLICY_MAXIMUM_PASSWORD_AGE =
1854       "ds-cfg-max-password-age";
1855
1856
1857
1858  /**
1859   * The default value for the maximumPasswordAge configuration attribute.
1860   */
1861  public static final int DEFAULT_PWPOLICY_MAXIMUM_PASSWORD_AGE = 0;
1862
1863
1864
1865  /**
1866   * The name of the configuration attribute that specifies the maximum length
1867   * of time that a user has to change their password after it has been
1868   * administratively reset.
1869   */
1870  public static final String ATTR_PWPOLICY_MAXIMUM_PASSWORD_RESET_AGE =
1871       "ds-cfg-max-password-reset-age";
1872
1873
1874
1875  /**
1876   * The default value for the maximumPasswordResetAge configuration attribute.
1877   */
1878  public static final int DEFAULT_PWPOLICY_MAXIMUM_PASSWORD_RESET_AGE = 0;
1879
1880
1881
1882  /**
1883   * The name of the configuration attribute that specifies the minimum length
1884   * of time allowed between password changes.
1885   */
1886  public static final String ATTR_PWPOLICY_MINIMUM_PASSWORD_AGE =
1887       "ds-cfg-min-password-age";
1888
1889
1890
1891  /**
1892   * The default value for the minimumPasswordAge configuration attribute.
1893   */
1894  public static final int DEFAULT_PWPOLICY_MINIMUM_PASSWORD_AGE = 0;
1895
1896
1897
1898  /**
1899   * The name of the configuration attribute that specifies the DN(s) of the
1900   * configuration entries for the account status notification handlers for use
1901   * with the password policy.
1902   */
1903  public static final String ATTR_PWPOLICY_NOTIFICATION_HANDLER =
1904       "ds-cfg-account-status-notification-handler";
1905
1906
1907
1908  /**
1909   * The name of the configuration attribute that specifies the attribute used
1910   * to hold user passwords.
1911   */
1912  public static final String ATTR_PWPOLICY_PASSWORD_ATTRIBUTE =
1913       "ds-cfg-password-attribute";
1914
1915
1916
1917  /**
1918   * The name of the configuration attribute that specifies the DN of
1919   * configuration entry for the password generator to use with a password
1920   * policy.
1921   */
1922  public static final String ATTR_PWPOLICY_PASSWORD_GENERATOR =
1923       "ds-cfg-password-generator";
1924
1925
1926
1927  /**
1928   * The name of the configuration attribute that specifies the DN(s) of the
1929   * configuration entries that will hold the password validators for use with
1930   * the password policy.
1931   */
1932  public static final String ATTR_PWPOLICY_PASSWORD_VALIDATOR =
1933       "ds-cfg-password-validator";
1934
1935
1936
1937  /**
1938   * The name of the configuration attribute that specifies the format strings
1939   * that may have been used in the past to generate last login time values.
1940   */
1941  public static final String ATTR_PWPOLICY_PREVIOUS_LAST_LOGIN_TIME_FORMAT =
1942       "ds-cfg-previous-last-login-time-format";
1943
1944
1945
1946  /**
1947   * The name of the configuration attribute that holds the time by which all
1948   * users must have changed their passwords.
1949   */
1950  public static final String ATTR_PWPOLICY_REQUIRE_CHANGE_BY_TIME =
1951       "ds-cfg-require-change-by-time";
1952
1953
1954
1955  /**
1956   * The name of the configuration attribute that indicates whether users will
1957   * be required to provide their current password when they choose a new
1958   * password.
1959   */
1960  public static final String ATTR_PWPOLICY_REQUIRE_CURRENT_PASSWORD =
1961       "ds-cfg-password-change-requires-current-password";
1962
1963
1964
1965  /**
1966   * The default value for the passwordChangeRequiresCurrentPassword
1967   * configuration attribute.
1968   */
1969  public static final boolean DEFAULT_PWPOLICY_REQUIRE_CURRENT_PASSWORD = false;
1970
1971
1972
1973  /**
1974   * The name of the configuration attribute that indicates whether users will
1975   * be required to authenticate using a secure mechanism.
1976   */
1977  public static final String ATTR_PWPOLICY_REQUIRE_SECURE_AUTHENTICATION =
1978       "ds-cfg-require-secure-authentication";
1979
1980
1981
1982  /**
1983   * The default value for the requireSecureAuthentication configuration
1984   * attribute.
1985   */
1986  public static final boolean DEFAULT_PWPOLICY_REQUIRE_SECURE_AUTHENTICATION =
1987       false;
1988
1989
1990
1991  /**
1992   * The name of the configuration attribute that indicates whether users will
1993   * be required to change their passwords using a secure mechanism.
1994   */
1995  public static final String ATTR_PWPOLICY_REQUIRE_SECURE_PASSWORD_CHANGES =
1996       "ds-cfg-require-secure-password-changes";
1997
1998
1999
2000  /**
2001   * The default value for the requireSecurePasswordChanges configuration
2002   * attribute.
2003   */
2004  public static final boolean DEFAULT_PWPOLICY_REQUIRE_SECURE_PASSWORD_CHANGES =
2005       false;
2006
2007
2008
2009  /**
2010   * The name of the configuration attribute that indicates whether the server
2011   * should perform validation on passwords set by administrators.
2012   */
2013  public static final String ATTR_PWPOLICY_SKIP_ADMIN_VALIDATION =
2014       "ds-cfg-skip-validation-for-administrators";
2015
2016
2017
2018  /**
2019   * The default value for the skipValidationForAdministrators configuration
2020   * attribute.
2021   */
2022  public static final boolean DEFAULT_PWPOLICY_SKIP_ADMIN_VALIDATION = false;
2023
2024
2025
2026  /**
2027   * The name of the configuration attribute that specifies the maximum length
2028   * of time before expiration that a user should start to receive warning
2029   * notifications.
2030   */
2031  public static final String ATTR_PWPOLICY_WARNING_INTERVAL =
2032       "ds-cfg-password-expiration-warning-interval";
2033
2034
2035
2036  /**
2037   * The default value for the passwordExpirationWarningInterval configuration
2038   * attribute.
2039   */
2040  public static final int DEFAULT_PWPOLICY_WARNING_INTERVAL = 604800;
2041
2042
2043
2044  /**
2045   * The name of the configuration attribute that holds the fully-qualified name
2046   * for the password storage scheme class.
2047   */
2048  public static final String ATTR_PWSCHEME_CLASS =
2049       "ds-cfg-java-class";
2050
2051
2052
2053  /**
2054   * The name of the configuration attribute that indicates whether a password
2055   * storage scheme is enabled.
2056   */
2057  public static final String ATTR_PWSCHEME_ENABLED =
2058       "ds-cfg-enabled";
2059
2060
2061
2062  /**
2063   * The name of the configuration attribute that holds the fully-qualified name
2064   * for the password validator class.
2065   */
2066  public static final String ATTR_PWVALIDATOR_CLASS =
2067       "ds-cfg-java-class";
2068
2069
2070
2071  /**
2072   * The name of the configuration attribute that indicates whether a password
2073   * validator is enabled.
2074   */
2075  public static final String ATTR_PWVALIDATOR_ENABLED =
2076       "ds-cfg-enabled";
2077
2078
2079
2080  /**
2081   * The name of the configuration attribute that holds the
2082   * schedule for a recurring task.
2083   */
2084  public static final String ATTR_RECURRING_TASK_SCHEDULE =
2085       NAME_PREFIX_RECURRING_TASK + "schedule";
2086
2087
2088
2089  /**
2090   * The name of the configuration attribute that holds the recurring task ID
2091   * for a recurring task that may be associated with a task.
2092   */
2093  public static final String ATTR_RECURRING_TASK_ID =
2094       NAME_PREFIX_RECURRING_TASK + "id";
2095
2096
2097
2098  /**
2099   * The name of the configuration attribute that indicates whether the
2100   * Directory Server should be restarted instead of shut down.
2101   */
2102  public static final String ATTR_RESTART_SERVER =
2103       NAME_PREFIX_TASK + "restart-server";
2104
2105
2106
2107  /**
2108   * The name of the configuration attribute that specifies the set of
2109   * subordinate base DNs that should be used for non-base-level searches
2110   * against the root DSE.
2111   */
2112  public static final String ATTR_ROOT_DSE_SUBORDINATE_BASE_DN =
2113       "ds-cfg-subordinate-base-dn";
2114
2115
2116
2117  /**
2118   * The name of the configuration attribute that holds the fully-qualified name
2119   * for the SASL mechanism handler class.
2120   */
2121  public static final String ATTR_SASL_CLASS =
2122       "ds-cfg-java-class";
2123
2124
2125
2126  /**
2127   * The name of the configuration attribute that indicates whether a SASL
2128   * mechanism handler should be enabled.
2129   */
2130  public static final String ATTR_SASL_ENABLED =
2131       "ds-cfg-enabled";
2132
2133
2134
2135  /**
2136   * The name of the configuration attribute that specifies the location(s) of
2137   * the entries used to publish the Directory Server schema information.
2138   */
2139  public static final String ATTR_SCHEMA_ENTRY_DN =
2140       "ds-cfg-schema-entry-dn";
2141
2142
2143
2144  /**
2145   * The name of the configuration attribute that indicates whether to send
2146   * rejected client connections a notice of disconnection explaining why the
2147   * connection was not accepted.
2148   */
2149  public static final String ATTR_SEND_REJECTION_NOTICE =
2150       "ds-cfg-send-rejection-notice";
2151
2152
2153
2154  /**
2155   * The default policy that will be used for deciding whether to send a
2156   * rejection notice to clients if it is not specified in the configuration.
2157   */
2158  public static final boolean DEFAULT_SEND_REJECTION_NOTICE = true;
2159
2160
2161
2162  /**
2163   * The name of the configuration attribute that will be used to indicate the
2164   * result code that should be used for operations that fail because of an
2165   * internal server error.
2166   */
2167  public static final String ATTR_SERVER_ERROR_RESULT_CODE =
2168       "ds-cfg-server-error-result-code";
2169
2170
2171
2172  /**
2173   * The name of the configuration attribute that holds the fully-qualified
2174   * domain name that should be used by the server when that information is
2175   * needed.
2176   */
2177  public static final String ATTR_SERVER_FQDN = "ds-cfg-server-fqdn";
2178
2179
2180
2181  /**
2182   * The name of the configuration attribute that holds a message that may be
2183   * provided for the reason the Directory Server has been requested to shut
2184   * down.
2185   */
2186  public static final String ATTR_SHUTDOWN_MESSAGE =
2187       NAME_PREFIX_TASK + "shutdown-message";
2188
2189
2190
2191  /**
2192   * The name of the configuration attribute that holds the password that must
2193   * be provided in order to shut down the server through the tasks interface.
2194   */
2195  public static final String ATTR_SHUTDOWN_PASSWORD =
2196       NAME_PREFIX_TASK + "shutdown-password";
2197
2198
2199
2200  /**
2201   * The name of the configuration attribute that holds the server size limit.
2202   */
2203  public static final String ATTR_SIZE_LIMIT = "ds-cfg-size-limit";
2204
2205
2206
2207  /**
2208   * The default value that will be used for the server size limit if no other
2209   * value is given.
2210   */
2211  public static final int DEFAULT_SIZE_LIMIT = 1000;
2212
2213    /**
2214   * The name of the configuration attribute that holds the server lookthrough
2215   * limit.
2216   */
2217  public static final String ATTR_LOOKTHROUGH_LIMIT =
2218        "ds-cfg-lookthrough-limit";
2219
2220
2221
2222  /**
2223   * The default value that will be used for the server lookthrough limit if
2224   * no other value is given.
2225   */
2226  public static final int DEFAULT_LOOKTHROUGH_LIMIT = 5000;
2227
2228
2229
2230  /**
2231   * The name of the configuration attribute that contains a set of search
2232   * filters to use to determine which entries should be excluded from the
2233   * cache.
2234   */
2235  public static final String ATTR_SOFTREFCACHE_EXCLUDE_FILTER =
2236       "ds-cfg-exclude-filter";
2237
2238
2239
2240  /**
2241   * The name of the configuration attribute that contains a set of search
2242   * filters to use to determine which entries should be included in the cache.
2243   */
2244  public static final String ATTR_SOFTREFCACHE_INCLUDE_FILTER =
2245       "ds-cfg-include-filter";
2246
2247
2248
2249  /**
2250   * The name of the configuration attribute that indicates the maximum length
2251   * of time in milliseconds to spend trying to acquire a lock for an entry in
2252   * the cache.
2253   */
2254  public static final String ATTR_SOFTREFCACHE_LOCK_TIMEOUT =
2255       "ds-cfg-lock-timeout";
2256
2257
2258
2259  /**
2260   * The name of the configuration attribute that holds information about the
2261   * policy that should be used when requesting/requiring SSL client
2262   * authentication.
2263   */
2264  public static final String ATTR_SSL_CLIENT_AUTH_POLICY =
2265       "ds-cfg-ssl-client-auth-policy";
2266
2267
2268
2269  /**
2270   * The default SSL client authentication policy that should be used if it is
2271   * not defined in the configuration.
2272   */
2273  public static final SSLClientAuthPolicy DEFAULT_SSL_CLIENT_AUTH_POLICY =
2274       SSLClientAuthPolicy.OPTIONAL;
2275
2276
2277
2278  /**
2279   * The name of the configuration attribute that holds the nickname of the
2280   * certificate that should be used for accepting SSL/TLS connections.
2281   */
2282  public static final String ATTR_SSL_CERT_NICKNAME =
2283       "ds-cfg-ssl-cert-nickname";
2284
2285
2286
2287  /**
2288   * The default SSL server certificate nickname to use if it is not defined in
2289   * the configuration.
2290   */
2291  public static final String DEFAULT_SSL_CERT_NICKNAME = "server-cert";
2292
2293
2294
2295  /**
2296   * The name of the configuration attribute that holds the nickname of the SSL
2297   * cipher suites that should be allowed for use in SSL/TLS sessions.
2298   */
2299  public static final String ATTR_SSL_CIPHERS =
2300       "ds-cfg-ssl-cipher-suite";
2301
2302
2303
2304  /**
2305   * The name of the configuration attribute that holds the nickname of the SSL
2306   * protocols that should be allowed for use in SSL/TLS sessions.
2307   */
2308  public static final String ATTR_SSL_PROTOCOLS =
2309       "ds-cfg-ssl-protocol";
2310
2311
2312
2313  /**
2314   * The name of the configuration attribute that specifies the fully-qualified
2315   * name of the Java class that defines a Directory Server synchronization
2316   * provider.
2317   */
2318  public static final String ATTR_SYNCHRONIZATION_PROVIDER_CLASS =
2319       "ds-cfg-java-class";
2320
2321
2322
2323  /**
2324   * The name of the configuration attribute that indicates whether a
2325   * synchronization provider should be enabled.
2326   */
2327  public static final String ATTR_SYNCHRONIZATION_PROVIDER_ENABLED =
2328       "ds-cfg-enabled";
2329
2330
2331
2332  /**
2333   * The name of the configuration attribute that specifies the
2334   * fully-qualified name of the Java class that defines a Directory
2335   * Server access control handler.
2336   */
2337  public static final String ATTR_AUTHZ_HANDLER_CLASS =
2338       "ds-cfg-java-class";
2339
2340
2341
2342  /**
2343   * The name of the configuration attribute that indicates whether
2344   * access control should be enabled.
2345   */
2346  public static final String ATTR_AUTHZ_HANDLER_ENABLED =
2347       "ds-cfg-enabled";
2348
2349
2350    /**
2351     * The name of the configuration attribute that specifies a global
2352     * attribute access control instruction.
2353     */
2354    public static final String ATTR_AUTHZ_GLOBAL_ACI =
2355        "ds-cfg-global-aci";
2356
2357
2358  /**
2359   * The name of the configuration attribute that specifies the fully-qualified
2360   * name of the Java class that defines a Directory Server attribute syntax.
2361   */
2362  public static final String ATTR_SYNTAX_CLASS =
2363       "ds-cfg-java-class";
2364
2365
2366
2367  /**
2368   * The name of the configuration attribute that indicates whether an attribute
2369   * syntax should be enabled.
2370   */
2371  public static final String ATTR_SYNTAX_ENABLED =
2372       "ds-cfg-enabled";
2373
2374
2375
2376  /**
2377   * The name of the configuration attribute that holds the actual start time
2378   * for a task.
2379   */
2380  public static final String ATTR_TASK_ACTUAL_START_TIME =
2381       NAME_PREFIX_TASK + "actual-start-time";
2382
2383
2384
2385  /**
2386   * The name of the configuration attribute that holds the path to the backing
2387   * file for task information.
2388   */
2389  public static final String ATTR_TASK_BACKING_FILE =
2390       "ds-cfg-task-backing-file";
2391
2392
2393
2394  /**
2395   * The name of the configuration attribute that holds the name of the class
2396   * providing the task logic.
2397   */
2398  public static final String ATTR_TASK_CLASS =
2399       NAME_PREFIX_TASK + "class-name";
2400
2401
2402
2403  /**
2404   * The name of the configuration attribute that holds the completion time for
2405   * a task.
2406   */
2407  public static final String ATTR_TASK_COMPLETION_TIME =
2408       NAME_PREFIX_TASK + "completion-time";
2409
2410
2411
2412  /**
2413   * The name of the configuration attribute that holds task IDs of any tasks on
2414   * which a given task is dependent.
2415   */
2416  public static final String ATTR_TASK_DEPENDENCY_IDS =
2417       NAME_PREFIX_TASK + "dependency-id";
2418
2419
2420
2421  /**
2422   * The name of the configuration attribute that holds the indication of what
2423   * to do in the event that one of the dependencies for a task has failed.
2424   */
2425  public static final String ATTR_TASK_FAILED_DEPENDENCY_ACTION =
2426       NAME_PREFIX_TASK + "failed-dependency-action";
2427
2428
2429
2430  /**
2431   * The name of the configuration attribute that holds the set of log messages
2432   * for a task.
2433   */
2434  public static final String ATTR_TASK_LOG_MESSAGES =
2435       NAME_PREFIX_TASK + "log-message";
2436
2437
2438
2439  /**
2440   * The name of the configuration attribute that holds the set of e-mail
2441   * addresses of the users to notify when a task has completed.
2442   */
2443  public static final String ATTR_TASK_NOTIFY_ON_COMPLETION =
2444       NAME_PREFIX_TASK + "notify-on-completion";
2445
2446
2447
2448  /**
2449   * The name of the configuration attribute that holds the set of e-mail
2450   * addresses of the users to notify if a task fails.
2451   */
2452  public static final String ATTR_TASK_NOTIFY_ON_ERROR =
2453       NAME_PREFIX_TASK + "notify-on-error";
2454
2455
2456
2457  /**
2458   * The name of the configuration attribute that holds the length of time in
2459   * seconds that task information should be retained after processing on the
2460   * task has completed.
2461   */
2462  public static final String ATTR_TASK_RETENTION_TIME =
2463       "ds-cfg-task-retention-time";
2464
2465
2466
2467  /**
2468   * The default task retention time that will be used if no value is provided.
2469   */
2470  public static final long DEFAULT_TASK_RETENTION_TIME = 86400;
2471
2472
2473
2474  /**
2475   * The name of the configuration attribute that holds the scheduled start time
2476   * for a task.
2477   */
2478  public static final String ATTR_TASK_SCHEDULED_START_TIME =
2479       NAME_PREFIX_TASK + "scheduled-start-time";
2480
2481
2482
2483  /**
2484   * The name of the configuration attribute that holds the task ID for a task.
2485   */
2486  public static final String ATTR_TASK_ID = NAME_PREFIX_TASK + "id";
2487
2488
2489
2490  /**
2491   * The name of the configuration attribute that holds the current state for a
2492   * task.
2493   */
2494  public static final String ATTR_TASK_STATE = NAME_PREFIX_TASK + "state";
2495
2496
2497
2498  /**
2499   * The name of the configuration attribute that indicates whether the
2500   * telephone number attribute syntax should use a strict compliance mode when
2501   * determining whether a value is acceptable.
2502   */
2503  public static final String ATTR_TELEPHONE_STRICT_MODE =
2504       "ds-cfg-strict-format";
2505
2506
2507
2508  /**
2509   * The name of the configuration attribute that holds the server time limit.
2510   */
2511  public static final String ATTR_TIME_LIMIT = "ds-cfg-time-limit";
2512
2513
2514
2515  /**
2516   * The default value that will be used for the server time limit if no other
2517   * value is given.
2518   */
2519  public static final int DEFAULT_TIME_LIMIT = 60;
2520
2521
2522
2523  /**
2524   * The name of the configuration attribute that specifies the DN to use as the
2525   * search base when trying to find entries that match a provided username.
2526   */
2527  public static final String ATTR_USER_BASE_DN =
2528       "ds-cfg-user-base-dn";
2529
2530
2531
2532  /**
2533   * The name of the configuration attribute that specifies which attribute
2534   * should be used to map usernames to their corresponding entries.
2535   */
2536  public static final String ATTR_USERNAME_ATTRIBUTE =
2537       "ds-cfg-user-name-attribute";
2538
2539
2540
2541  /**
2542   * The default attribute type that will be used for username lookups if none
2543   * is provided.
2544   */
2545  public static final String DEFAULT_USERNAME_ATTRIBUTE = "uid";
2546
2547
2548
2549  /**
2550   * The name of the configuration attribute that indicates whether to use SSL
2551   * when accepting client connections.
2552   */
2553  public static final String ATTR_USE_SSL = "ds-cfg-use-ssl";
2554
2555
2556
2557  /**
2558   * The default configuration that specifies whether to use SSL if it is not
2559   * defined in the server configuration.
2560   */
2561  public static final boolean DEFAULT_USE_SSL = false;
2562
2563
2564
2565  /**
2566   * The name of the configuration attribute that indicates whether connections
2567   * to clients should use the TCP_KEEPALIVE socket option.
2568   */
2569  public static final String ATTR_USE_TCP_KEEPALIVE =
2570       "ds-cfg-use-tcp-keep-alive";
2571
2572
2573
2574  /**
2575   * The default policy for using the TCP_KEEPALIVE socket option if it is not
2576   * specified in the configuration.
2577   */
2578  public static final boolean DEFAULT_USE_TCP_KEEPALIVE = true;
2579
2580
2581
2582  /**
2583   * The name of the configuration attribute that indicates whether connections
2584   * to clients should use the TCP_NODELAY socket option.
2585   */
2586  public static final String ATTR_USE_TCP_NODELAY =
2587       "ds-cfg-use-tcp-no-delay";
2588
2589
2590
2591  /**
2592   * The default policy for using the TCP_NODELAY socket option if it is not
2593   * specified in the configuration.
2594   */
2595  public static final boolean DEFAULT_USE_TCP_NODELAY = true;
2596
2597
2598
2599  /**
2600   * The name of the configuration attribute that is used to hold the name of
2601   * the user attribute that holds user certificates that can be used for
2602   * validation.
2603   */
2604  public static final String ATTR_VALIDATION_CERT_ATTRIBUTE =
2605       "ds-cfg-certificate-attribute";
2606
2607
2608
2609  /**
2610   * The default attribute name for holding certificate information if no value
2611   * is specified.
2612   */
2613  public static final String DEFAULT_VALIDATION_CERT_ATTRIBUTE =
2614       "usercertificate";
2615
2616
2617
2618  /**
2619   * The name of the configuration attribute that specifies the class providing
2620   * the logic for the work queue implementation.
2621   */
2622  public static final String ATTR_WORKQ_CLASS =
2623       "ds-cfg-java-class";
2624
2625
2626
2627  /**
2628   * The name of the configuration attribute that specifies the writability mode
2629   * for the Directory Server.
2630   */
2631  public static final String ATTR_WRITABILITY_MODE =
2632       "ds-cfg-writability-mode";
2633
2634
2635
2636  /**
2637   * The base name (with no path information) of the file that will be used to
2638   * hold schema tokens used for compressed schema elements.
2639   */
2640  public static final String COMPRESSED_SCHEMA_FILE_NAME =
2641       "schematokens.dat";
2642
2643
2644
2645  /**
2646   * The base name (with no path information) of the directory that will hold
2647   * the archived versions of previous configurations.
2648   */
2649  public static final String CONFIG_ARCHIVE_DIR_NAME = "archived-configs";
2650
2651
2652
2653  /**
2654   * The base name (with no path information) of the file that may contain
2655   * changes in LDIF form to apply to the configuration before the configuration
2656   * is loaded and initialized.
2657   */
2658  public static final String CONFIG_CHANGES_NAME = "config-changes.ldif";
2659
2660
2661
2662  /**
2663   * The name of the directory that will hold the configuration file for the
2664   * Directory Server.
2665   */
2666  public static final String CONFIG_DIR_NAME = "config";
2667
2668
2669
2670  /**
2671   * The default name of the file that holds the configuration for the Directory
2672   * Server.  It should exist below the directory specified by the
2673   * {@code CONFIG_DIR_NAME}.
2674   */
2675  public static final String CONFIG_FILE_NAME = "config.ldif";
2676
2677
2678
2679  /**
2680   * The DN of the entry that will serve as the root for the Directory Server
2681   * configuration.
2682   */
2683  public static final String DN_CONFIG_ROOT = "cn=config";
2684
2685
2686
2687  /**
2688   * The DN of the entry that will serve as the base for all Directory Server
2689   * account status notification handlers.
2690   */
2691  public static final String DN_ACCT_NOTIFICATION_HANDLER_CONFIG_BASE =
2692       "cn=Account Status Notification Handlers," + DN_CONFIG_ROOT;
2693
2694
2695
2696  /**
2697   * The DN of the entry that will serve as the base for all Directory Server
2698   * backends.
2699   */
2700  public static final String DN_BACKEND_BASE = "cn=Backends," + DN_CONFIG_ROOT;
2701
2702
2703
2704  /**
2705   * The DN of the entry that will serve as the base for all Directory Server
2706   * backup information.
2707   */
2708  public static final String DN_BACKUP_ROOT = "cn=backups";
2709
2710
2711
2712  /**
2713   * The DN of the entry that will serve as the base for all Directory Server
2714   * connection handlers.
2715   */
2716  public static final String DN_CONNHANDLER_BASE =
2717       "cn=Connection Handlers," + DN_CONFIG_ROOT;
2718
2719
2720
2721  /**
2722   * The DN of the entry that will serve as the default root for the Directory
2723   * Server schema information, unless an alternate location is defined in the
2724   * configuration.
2725   */
2726  public static final String DN_DEFAULT_SCHEMA_ROOT = "cn=schema";
2727
2728
2729
2730  /**
2731   * The DN of the entry that will hold the configuration for the Directory
2732   * Server entry cache.
2733   */
2734  public static final String DN_ENTRY_CACHE_BASE =
2735       "cn=Entry Caches," + DN_CONFIG_ROOT;
2736
2737
2738
2739  /**
2740   * The DN of the entry that will serve as the base for the configuration
2741   * for all Directory Server extended operation handlers.
2742   */
2743  public static final String DN_EXTENDED_OP_CONFIG_BASE =
2744       "cn=Extended Operations," + DN_CONFIG_ROOT;
2745
2746
2747
2748  /**
2749   * The DN of the entry that will serve as the base for the configuration
2750   * for all Directory Server group implementations.
2751   */
2752  public static final String DN_GROUP_IMPLEMENTATION_CONFIG_BASE =
2753       "cn=Group Implementations," + DN_CONFIG_ROOT;
2754
2755
2756
2757  /**
2758   * The DN of the entry that will serve as the base for the configuration
2759   * for all Directory Server identity mappers.
2760   */
2761  public static final String DN_IDMAPPER_CONFIG_BASE =
2762       "cn=Identity Mappers," + DN_CONFIG_ROOT;
2763
2764
2765
2766  /**
2767   * The DN of the entry that will be the base of the configuration information
2768   * for the Directory Server certificate mappers.
2769   */
2770  public static final String DN_CERTMAPPER_CONFIG_BASE =
2771       "cn=Certificate Mappers," + DN_CONFIG_ROOT;
2772
2773
2774
2775  /**
2776   * The DN of the entry that be the base of the configuration information for
2777   * the Directory Server key manager providers.
2778   */
2779  public static final String DN_KEYMANAGER_PROVIDER_CONFIG_BASE =
2780       "cn=Key Manager Providers," + DN_CONFIG_ROOT;
2781
2782
2783
2784  /**
2785   * The DN of the entry that is the base of the configuration information for
2786   * the Directory Server trust manager providers.
2787   */
2788  public static final String DN_TRUSTMANAGER_PROVIDER_CONFIG_BASE =
2789       "cn=Trust Manager Providers," + DN_CONFIG_ROOT;
2790
2791
2792
2793  /**
2794   * The ADS trust store backend id.
2795   */
2796  public static final String ID_ADS_TRUST_STORE_BACKEND = "ads-truststore";
2797
2798
2799
2800  /**
2801   * The DN of the trust store backend configuration entry.
2802   */
2803  public static final String DN_TRUST_STORE_BACKEND =
2804       ATTR_BACKEND_ID + "=" + ID_ADS_TRUST_STORE_BACKEND +
2805            "," + DN_BACKEND_BASE;
2806
2807
2808
2809  /**
2810   * Alias of the local instance certificate in the ADS keystore.
2811   */
2812  public static final String ADS_CERTIFICATE_ALIAS = "ads-certificate";
2813
2814  /**
2815   * The DN of the entry that will serve as the base for local ADS trust store
2816   * information.
2817   */
2818  public static final String DN_TRUST_STORE_ROOT = "cn=ads-truststore";
2819
2820
2821
2822  /**
2823   * The name of the attribute that holds a cryptographic cipher-key identifier.
2824   */
2825  public static final String ATTR_CRYPTO_KEY_ID = "ds-cfg-key-id";
2826
2827
2828
2829  /**
2830   * The name of the objectclass that will be used for a server
2831   * certificate entry.
2832   */
2833  public static final String OC_CRYPTO_INSTANCE_KEY =
2834       "ds-cfg-instance-key";
2835
2836
2837
2838  /**
2839   * The name of the objectclass that will be used for a self-signed
2840   * certificate request.
2841   */
2842  public static final String OC_SELF_SIGNED_CERT_REQUEST =
2843       "ds-cfg-self-signed-cert-request";
2844
2845
2846
2847  /**
2848   * The name of the objectclass that will be used for a cipher key.
2849   */
2850  public static final String OC_CRYPTO_CIPHER_KEY = "ds-cfg-cipher-key";
2851
2852
2853
2854  /**
2855   * The name of the objectclass that will be used for a mac key.
2856   */
2857  public static final String OC_CRYPTO_MAC_KEY = "ds-cfg-mac-key";
2858
2859
2860
2861  /**
2862   * The name of the attribute that is used to hold a cryptographic
2863   * public key certificate.
2864   */
2865  public static final String ATTR_CRYPTO_PUBLIC_KEY_CERTIFICATE =
2866       "ds-cfg-public-key-certificate";
2867
2868
2869  /**
2870   * The name of the attribute that is used to hold the name of a
2871   * cryptographic cipher transformation.
2872   */
2873  public static final String ATTR_CRYPTO_CIPHER_TRANSFORMATION_NAME =
2874       "ds-cfg-cipher-transformation-name";
2875
2876  /**
2877   * The name of the attribute that is used to hold the key wrapping
2878   * transformation used by the Crypto Manager.
2879   */
2880  public static final String ATTR_CRYPTO_CIPHER_KEY_WRAPPING_TRANSFORMATION =
2881    "ds-cfg-key-wrapping-transformation";
2882
2883  /**
2884   * The name of the attribute that is used to hold the name of a
2885   * cryptographic message authentication code (MAC) algorithm.
2886   */
2887  public static final String ATTR_CRYPTO_MAC_ALGORITHM_NAME =
2888       "ds-cfg-mac-algorithm-name";
2889
2890
2891  /**
2892   * The name of the attribute that is used to hold the length of a
2893   * cryptographic secret key.
2894   */
2895  public static final String ATTR_CRYPTO_KEY_LENGTH_BITS =
2896       "ds-cfg-key-length-bits";
2897
2898
2899  /**
2900   * The name of the attribute that is used to hold the length of a
2901   * cryptographic cipher initialization vector.
2902   */
2903  public static final String ATTR_CRYPTO_INIT_VECTOR_LENGTH_BITS =
2904       "ds-cfg-initialization-vector-length-bits";
2905
2906
2907  /**
2908   * The name of the attribute that is used to hold a cryptographic
2909   * cipher-key wrapped by a public-key.
2910   */
2911  public static final String ATTR_CRYPTO_SYMMETRIC_KEY = "ds-cfg-symmetric-key";
2912
2913
2914  /**
2915   * The name of the attribute that is used to hold time a cryptographic key
2916   * was suspected to be compromised.
2917   */
2918  public static final String ATTR_CRYPTO_KEY_COMPROMISED_TIME =
2919       "ds-cfg-key-compromised-time";
2920
2921
2922  /**
2923   * The DN of the entry that will serve as the base for all Directory Server
2924   * loggers.
2925   */
2926  public static final String DN_LOGGER_BASE = "cn=Loggers," + DN_CONFIG_ROOT;
2927
2928
2929
2930  /**
2931   * The DN of the entry that will serve as the base for all Directory Server
2932   * matching rules.
2933   */
2934  public static final String DN_MATCHING_RULE_CONFIG_BASE =
2935       "cn=Matching Rules," + DN_CONFIG_ROOT;
2936
2937
2938
2939  /**
2940   * The DN of the entry that will serve as the base for the configuration
2941   * for all Directory Server monitors.
2942   */
2943  public static final String DN_MONITOR_CONFIG_BASE =
2944       "cn=Monitor Providers," + DN_CONFIG_ROOT;
2945
2946
2947
2948  /**
2949   * The DN of the entry that will serve as the entry cache monitor provider
2950   * configuration for all Directory Server entry cache monitors.
2951   */
2952  public static final String DN_ENTRY_CACHE_MONITOR_CONFIG =
2953       "cn=Entry Caches," + DN_MONITOR_CONFIG_BASE;
2954
2955
2956
2957  /**
2958   * The DN of the entry that will serve as the base for all Directory Server
2959   * monitor information.
2960   */
2961  public static final String DN_MONITOR_ROOT = "cn=monitor";
2962
2963
2964
2965  /**
2966   * The DN of the entry that will serve as the base for all Directory Server
2967   * plugin information.
2968   */
2969  public static final String DN_PLUGIN_BASE = "cn=Plugins," + DN_CONFIG_ROOT;
2970
2971
2972
2973  /**
2974   * The DN of the entry that will serve as the base for the configuration
2975   * for all Directory Server password generators.
2976   */
2977  public static final String DN_PWGENERATOR_CONFIG_BASE =
2978       "cn=Password Generators," + DN_CONFIG_ROOT;
2979
2980
2981
2982  /**
2983   * The DN of the entry that will serve as the base for the configuration
2984   * for all Directory Server password policies.
2985   */
2986  public static final String DN_PWPOLICY_CONFIG_BASE =
2987       "cn=Password Policies," + DN_CONFIG_ROOT;
2988
2989
2990
2991  /**
2992   * The DN of the entry that will serve as the base for the configuration
2993   * for all Directory Server password storage schemes.
2994   */
2995  public static final String DN_PWSCHEME_CONFIG_BASE =
2996       "cn=Password Storage Schemes," + DN_CONFIG_ROOT;
2997
2998
2999
3000  /**
3001   * The DN of the entry that will serve as the base for the configuration
3002   * for all Directory Server password validators.
3003   */
3004  public static final String DN_PWVALIDATOR_CONFIG_BASE =
3005       "cn=Password Validators," + DN_CONFIG_ROOT;
3006
3007
3008
3009  /**
3010   * The DN of the entry that will serve as the parent for all root DN
3011   * configuration entries.
3012   */
3013  public static final String DN_ROOT_DN_CONFIG_BASE =
3014       "cn=Root DNs," + DN_CONFIG_ROOT;
3015
3016
3017
3018  /**
3019   * The DN of the entry that will hold the configuration information for the
3020   * Directory Server root DSE.
3021   */
3022  public static final String DN_ROOT_DSE_CONFIG =
3023       "cn=Root DSE," + DN_CONFIG_ROOT;
3024
3025
3026
3027  /**
3028   * The DN of the entry that will serve as the base for the configuration
3029   * for all Directory Server SASL mechanism handlers.
3030   */
3031  public static final String DN_SASL_CONFIG_BASE =
3032       "cn=SASL Mechanisms," + DN_CONFIG_ROOT;
3033
3034
3035
3036  /**
3037   * The DN of the entry that will serve as the base for the configuration for
3038   * all Directory Server synchronization providers.
3039   */
3040  public static final String DN_SYNCHRONIZATION_PROVIDER_BASE =
3041       "cn=Synchronization Providers," + DN_CONFIG_ROOT;
3042
3043
3044  /**
3045   * The DN of the entry containing the access control handler configuration.
3046   */
3047  public static final String DN_AUTHZ_HANDLER_CONFIG =
3048       "cn=Access Control Handler," + DN_CONFIG_ROOT;
3049
3050
3051  /**
3052   * The DN of the entry that will serve as the base for all Directory Server
3053   * attribute syntaxes.
3054   */
3055  public static final String DN_SYNTAX_CONFIG_BASE =
3056       "cn=Syntaxes," + DN_CONFIG_ROOT;
3057
3058
3059
3060  /**
3061   * The DN of the entry that will serve as the base for all Directory Server
3062   * task information.
3063   */
3064  public static final String DN_TASK_ROOT = "cn=Tasks";
3065
3066
3067
3068  /**
3069   * The DN of the entry that will hold information about the Directory Server
3070   * work queue configuration.
3071   */
3072  public static final String DN_WORK_QUEUE_CONFIG =
3073       "cn=Work Queue," + DN_CONFIG_ROOT;
3074
3075
3076
3077  /**
3078   * The name of the environment variable that the Directory Server may check to
3079   * determine the installation root.
3080   */
3081  public static final String ENV_VAR_INSTALL_ROOT = "INSTALL_ROOT";
3082
3083
3084
3085  /**
3086   * The class name string that should be used in JMX MBeanAttributeInfo objects
3087   * whose value is a Boolean array.
3088   */
3089  public static final String JMX_TYPE_BOOLEAN_ARRAY = "[Z";
3090
3091
3092
3093  /**
3094   * The class name string that should be used in JMX MBeanAttributeInfo objects
3095   * whose value is a byte array.
3096   */
3097  public static final String JMX_TYPE_BYTE_ARRAY = "[B";
3098
3099
3100
3101  /**
3102   * The class name string that should be used in JMX MBeanAttributeInfo objects
3103   * whose value is a character array.
3104   */
3105  public static final String JMX_TYPE_CHARACTER_ARRAY = "[C";
3106
3107
3108
3109  /**
3110   * The class name string that should be used in JMX MBeanAttributeInfo objects
3111   * whose value is a double array.
3112   */
3113  public static final String JMX_TYPE_DOUBLE_ARRAY = "[D";
3114
3115
3116
3117  /**
3118   * The class name string that should be used in JMX MBeanAttributeInfo objects
3119   * whose value is a float array.
3120   */
3121  public static final String JMX_TYPE_FLOAT_ARRAY = "[F";
3122
3123
3124
3125  /**
3126   * The class name string that should be used in JMX MBeanAttributeInfo objects
3127   * whose value is an integer array.
3128   */
3129  public static final String JMX_TYPE_INT_ARRAY = "[I";
3130
3131
3132
3133  /**
3134   * The class name string that should be used in JMX MBeanAttributeInfo objects
3135   * whose value is a long array.
3136   */
3137  public static final String JMX_TYPE_LONG_ARRAY = "[J";
3138
3139
3140
3141  /**
3142   * The class name string that should be used in JMX MBeanAttributeInfo objects
3143   * whose value is a short array.
3144   */
3145  public static final String JMX_TYPE_SHORT_ARRAY = "[S";
3146
3147
3148
3149  /**
3150   * The class name string that should be used in JMX MBeanAttributeInfo objects
3151   * whose value is a string array.  Note that this format is significantly
3152   * different from the format used for arrays of primitive types.
3153   */
3154  public static final String JMX_TYPE_STRING_ARRAY =
3155       "[L" + String.class.getName() + ";";
3156
3157
3158
3159  /**
3160   * The name of the objectclass that will be used for a Directory Server
3161   * access logger.
3162   */
3163  public static final String OC_ACCESS_LOGGER =
3164       "ds-cfg-access-log-publisher";
3165
3166
3167
3168  /**
3169   * The name of the objectclass that will be used for a Directory Server
3170   * account status notification handler.
3171   */
3172  public static final String OC_ACCT_NOTIFICATION_HANDLER =
3173       "ds-cfg-account-status-notification-handler";
3174
3175
3176
3177  /**
3178   * The name of the objectclass that will be used for a Directory Server alert
3179   * handler.
3180   */
3181  public static final String OC_ALERT_HANDLER =
3182       "ds-cfg-alert-handler";
3183
3184
3185
3186  /**
3187   * The name of the objectclass that will be used for a Directory Server
3188   * attribute syntaxes.
3189   */
3190  public static final String OC_ATTRIBUTE_SYNTAX =
3191       "ds-cfg-attribute-syntax";
3192
3193
3194
3195  /**
3196   * The name of the objectclass that will be used for a Directory Server
3197   * backend.
3198   */
3199  public static final String OC_BACKEND = "ds-cfg-backend";
3200
3201
3202
3203  /**
3204   * The name of the objectclass that will be used for a directory server backup
3205   * directory.
3206   */
3207  public static final String OC_BACKUP_DIRECTORY =
3208       NAME_PREFIX_BACKUP + "directory";
3209
3210
3211
3212  /**
3213   * The name of the objectclass that will be used for a directory server backup
3214   * information entry.
3215   */
3216  public static final String OC_BACKUP_INFO = NAME_PREFIX_BACKUP + "info";
3217
3218
3219
3220  /**
3221   * The name of the objectclass that will be used for a Directory Server
3222   * certificate mapper.
3223   */
3224  public static final String OC_CERTIFICATE_MAPPER =
3225       "ds-cfg-certificate-mapper";
3226
3227
3228
3229  /**
3230   * The name of the objectclass that will be used for a Directory Server
3231   * connection handler.
3232   */
3233  public static final String OC_CONNECTION_HANDLER =
3234       "ds-cfg-connection-handler";
3235
3236
3237
3238  /**
3239   * The name of the objectclass that will be used for a Directory Server
3240   * debug logger.
3241   */
3242  public static final String OC_DEBUG_LOGGER = "ds-cfg-debug-log-publisher";
3243
3244
3245
3246  /**
3247   * The name of the objectclass that will be used for a Directory Server
3248   * error logger.
3249   */
3250  public static final String OC_ERROR_LOGGER = "ds-cfg-error-log-publisher";
3251
3252
3253
3254  /**
3255   * The name of the objectclass that will be used for a Directory Server
3256   * extended operation handler.
3257   */
3258  public static final String OC_EXTENDED_OPERATION_HANDLER =
3259       "ds-cfg-extended-operation-handler";
3260
3261
3262
3263  /**
3264   * The name of the objectclass that will be used for a Directory Server group
3265   * implementation.
3266   */
3267  public static final String OC_GROUP_IMPLEMENTATION =
3268       "ds-cfg-group-implementation";
3269
3270
3271
3272  /**
3273   * The name of the objectclass that will be used for a Directory Server
3274   * identity mapper.
3275   */
3276  public static final String OC_IDENTITY_MAPPER =
3277       "ds-cfg-identity-mapper";
3278
3279
3280
3281  /**
3282   * The name of the objectclass that will be used for a Directory Server key
3283   * manager provider.
3284   */
3285  public static final String OC_KEY_MANAGER_PROVIDER =
3286       "ds-cfg-key-manager-provider";
3287
3288
3289
3290  /**
3291   * The name of the objectclass that will be used for a Directory Server
3292   * matching rules.
3293   */
3294  public static final String OC_MATCHING_RULE =
3295       "ds-cfg-matching-rule";
3296
3297
3298
3299  /**
3300   * The name of the objectclass that will be used for a Directory Server
3301   * monitor provider.
3302   */
3303  public static final String OC_MONITOR_PROVIDER =
3304       "ds-cfg-monitor-provider";
3305
3306
3307
3308  /**
3309   * The name of the objectclass that will be used for a Directory Server
3310   * password generator.
3311   */
3312  public static final String OC_PASSWORD_GENERATOR =
3313       "ds-cfg-password-generator";
3314
3315
3316
3317  /**
3318   * The name of the objectclass that will be used for a Directory Server
3319   * password policy.
3320   */
3321  public static final String OC_PASSWORD_POLICY =
3322       "ds-cfg-password-policy";
3323
3324
3325
3326  /**
3327   * The name of the objectclass that will be used for a Directory Server
3328   * password storage scheme.
3329   */
3330  public static final String OC_PASSWORD_STORAGE_SCHEME =
3331       "ds-cfg-password-storage-scheme";
3332
3333
3334
3335  /**
3336   * The name of the objectclass that will be used for a Directory Server
3337   * password validator.
3338   */
3339  public static final String OC_PASSWORD_VALIDATOR =
3340       "ds-cfg-password-validator";
3341
3342
3343
3344  /**
3345   * The name of the objectclass that will be used for a Directory Server
3346   * plugin.
3347   */
3348  public static final String OC_PLUGIN = "ds-cfg-plugin";
3349
3350
3351
3352  /**
3353   * The name of the objectclass that will be used for a Directory Server
3354   * recurring task definition.
3355   */
3356  public static final String OC_RECURRING_TASK = "ds-recurring-task";
3357
3358
3359
3360  /**
3361   * The name of the objectclass that will be used for a Directory Server root
3362   * DN configuration entry.
3363   */
3364  public static final String OC_ROOT_DN = "ds-cfg-root-dn-user";
3365
3366
3367
3368  /**
3369   * The name of the objectclass that will be used for a Directory Server SASL
3370   * mechanism handler.
3371   */
3372  public static final String OC_SASL_MECHANISM_HANDLER =
3373       "ds-cfg-sasl-mechanism-handler";
3374
3375
3376
3377  /**
3378   * The name of the objectclass that will be used for a Directory Server
3379   * synchronization provider.
3380   */
3381  public static final String OC_SYNCHRONIZATION_PROVIDER =
3382       "ds-cfg-synchronization-provider";
3383
3384
3385
3386  /**
3387   * The name of the objectclass that will be used for the Directory Server
3388   * access control configuration.
3389   */
3390  public static final String OC_AUTHZ_HANDLER_CONFIG =
3391       "ds-cfg-access-control-handler";
3392
3393
3394
3395  /**
3396   * The name of the objectclass that will be used for a Directory Server task
3397   * definition.
3398   */
3399  public static final String OC_TASK = "ds-task";
3400
3401
3402
3403  /**
3404   * The name of the objectclass that will be used for a Directory Server trust
3405   * manager provider.
3406   */
3407  public static final String OC_TRUST_MANAGER_PROVIDER =
3408       "ds-cfg-trust-manager-provider";
3409
3410
3411
3412  /**
3413   * The name of the operational attribute that will appear in a user's entry to
3414   * indicate whether the account has been disabled.
3415   */
3416  public static final String OP_ATTR_ACCOUNT_DISABLED =
3417       NAME_PREFIX_PWP + "account-disabled";
3418
3419
3420
3421  /**
3422   * The name of the operational attribute that may appear in a user's entry to
3423   * indicate when that account will expire (and therefore may no longer be used
3424   * to authenticate).
3425   */
3426  public static final String OP_ATTR_ACCOUNT_EXPIRATION_TIME =
3427       NAME_PREFIX_PWP + "account-expiration-time";
3428
3429
3430
3431  /**
3432   * The name of the operational attribute that will appear in an entry to
3433   * indicate when it was created.
3434   */
3435  public static final String OP_ATTR_CREATE_TIMESTAMP = "createTimestamp";
3436
3437
3438
3439  /**
3440   * The name of the create timestamp attribute, in all lowercase characters.
3441   */
3442  public static final String OP_ATTR_CREATE_TIMESTAMP_LC = "createtimestamp";
3443
3444
3445
3446  /**
3447   * The name of the operational attribute that will appear in an entry to
3448   * indicate who created it.
3449   */
3450  public static final String OP_ATTR_CREATORS_NAME = "creatorsName";
3451
3452
3453
3454  /**
3455   * The name of the creatorsName attribute, in all lowercase characters.
3456   */
3457  public static final String OP_ATTR_CREATORS_NAME_LC = "creatorsname";
3458
3459
3460
3461  /**
3462   * The name of the operational attribute that will appear in a user's entry to
3463   * hold the last login time.
3464   */
3465  public static final String OP_ATTR_LAST_LOGIN_TIME =
3466       NAME_PREFIX_PWP + "last-login-time";
3467
3468
3469
3470  /**
3471   * The name of the operational attribute that will appear in an entry to
3472   * indicate who last updated it.
3473   */
3474  public static final String OP_ATTR_MODIFIERS_NAME = "modifiersName";
3475
3476
3477
3478  /**
3479   * The name of the modifiersName attribute, in all lowercase characters.
3480   */
3481  public static final String OP_ATTR_MODIFIERS_NAME_LC = "modifiersname";
3482
3483
3484
3485  /**
3486   * The name of the operational attribute that will appear in an entry to
3487   * indicate when it was last updated.
3488   */
3489  public static final String OP_ATTR_MODIFY_TIMESTAMP = "modifyTimestamp";
3490
3491
3492
3493  /**
3494   * The name of the modify timestamp attribute, in all lowercase characters.
3495   */
3496  public static final String OP_ATTR_MODIFY_TIMESTAMP_LC = "modifytimestamp";
3497
3498
3499
3500  /**
3501   * The name of the operational attribute that will appear in a user's entry to
3502   * specify the set of privileges assigned to that user.
3503   */
3504  public static final String OP_ATTR_PRIVILEGE_NAME = "ds-privilege-name";
3505
3506
3507
3508  /**
3509   * The name of the operational attribute that will appear in a user's entry
3510   * to indicate the time that the password was last changed.
3511   */
3512  public static final String OP_ATTR_PWPOLICY_CHANGED_TIME = "pwdChangedTime";
3513
3514
3515
3516  /**
3517   * The name of the password changed time attribute, in all lowercase
3518   * characters.
3519   */
3520  public static final String OP_ATTR_PWPOLICY_CHANGED_TIME_LC =
3521       "pwdchangedtime";
3522
3523
3524
3525  /**
3526   * The name of the operational attribute that will appear in a user's entry to
3527   * indicate the times of the grace logins by that user.
3528   */
3529  public static final String OP_ATTR_PWPOLICY_GRACE_LOGIN_TIME =
3530       "pwdGraceUseTime";
3531
3532
3533
3534  /**
3535   * The name of the grace login time attribute, in all lowercase characters.
3536   */
3537  public static final String OP_ATTR_PWPOLICY_GRACE_LOGIN_TIME_LC =
3538       "pwdgraceusetime";
3539
3540
3541
3542  /**
3543   * The name of the operational attribute that specifies the time that an
3544   * authentication attempt failed.
3545   */
3546  public static final String OP_ATTR_PWPOLICY_FAILURE_TIME = "pwdFailureTime";
3547
3548
3549
3550  /**
3551   * The name of the failure time attribute, in all lowercase characters.
3552   */
3553  public static final String OP_ATTR_PWPOLICY_FAILURE_TIME_LC =
3554       "pwdfailuretime";
3555
3556
3557
3558  /**
3559   * The name of the operational attribute that is used to maintain the password
3560   * history for the user.
3561   */
3562  public static final String OP_ATTR_PWPOLICY_HISTORY = "pwdHistory";
3563
3564
3565
3566  /**
3567   * The name of the operational attribute that is used to maintain the password
3568   * history for the user, in all lowercase characters.
3569   */
3570  public static final String OP_ATTR_PWPOLICY_HISTORY_LC = "pwdhistory";
3571
3572
3573
3574  /**
3575   * The name of the operational attribute that specifies the time that the
3576   * account was locked due to too many failed attempts.
3577   */
3578  public static final String OP_ATTR_PWPOLICY_LOCKED_TIME =
3579       "pwdAccountLockedTime";
3580
3581
3582
3583  /**
3584   * The name of the locked time attribute, in all lowercase characters.
3585   */
3586  public static final String OP_ATTR_PWPOLICY_LOCKED_TIME_LC =
3587       "pwdaccountlockedtime";
3588
3589
3590
3591  /**
3592   * The name of the operational attribute that will appear in a user's entry to
3593   * indicate the time that the user changed their password as a result of a
3594   * policy-wide required change.
3595   */
3596  public static final String OP_ATTR_PWPOLICY_CHANGED_BY_REQUIRED_TIME =
3597       NAME_PREFIX_PWP + "password-changed-by-required-time";
3598
3599
3600
3601  /**
3602   * The name of the operational attribute that will appear in a user's entry
3603   * to indicate whether the password must be changed at the next
3604   * authentication.
3605   */
3606  public static final String OP_ATTR_PWPOLICY_RESET_REQUIRED = "pwdReset";
3607
3608
3609
3610  /**
3611   * The name of the password reset attribute, in all lowercase characters.
3612   */
3613  public static final String OP_ATTR_PWPOLICY_RESET_REQUIRED_LC = "pwdreset";
3614
3615
3616
3617  /**
3618   * The name of the operational attribute that will appear in a user's entry to
3619   * indicate which password policy should be used.
3620   */
3621  public static final String OP_ATTR_PWPOLICY_POLICY_DN =
3622       "ds-pwp-password-policy-dn";
3623
3624
3625
3626  /**
3627   * The name of the operational attribute that indicates when the user was
3628   * first warned about an upcoming password expiration.
3629   */
3630  public static final String OP_ATTR_PWPOLICY_WARNED_TIME =
3631       NAME_PREFIX_PWP + "warned-time";
3632
3633
3634
3635  /**
3636   * The name of the operational attribute that may be included in user entries
3637   * to specify an idle time limit to be applied for that user.
3638   */
3639  public static final String OP_ATTR_USER_IDLE_TIME_LIMIT =
3640      NAME_PREFIX_RLIM + "idle-time-limit";
3641
3642
3643
3644  /**
3645   * The name of the operational attribute that may be included in user
3646   * entries to specify a size limit to be applied for that user.
3647   */
3648  public static final String OP_ATTR_USER_SIZE_LIMIT =
3649       NAME_PREFIX_RLIM + "size-limit";
3650
3651
3652
3653  /**
3654   * The name of the operational attribute that may be included in user
3655   * entries to specify a time limit to be applied for that user.
3656   */
3657  public static final String OP_ATTR_USER_TIME_LIMIT =
3658       NAME_PREFIX_RLIM + "time-limit";
3659
3660
3661
3662  /**
3663   * The name of the operational attribute that may be included in user
3664   * entries to specify a lookthrough limit for that user.
3665   */
3666  public static final String OP_ATTR_USER_LOOKTHROUGH_LIMIT =
3667      NAME_PREFIX_RLIM + "lookthrough-limit";
3668
3669
3670
3671  /**
3672   * The name of the operational attribute which will be put in user's entry in
3673   * order to cache a copy of their password for pass through authentication.
3674   */
3675  public static final String OP_ATTR_PTAPOLICY_CACHED_PASSWORD =
3676       "ds-pta-cached-password";
3677
3678
3679
3680  /**
3681   * The name of the operational attribute which will be put in user's entry in
3682   * order to record the time at which their password was cached for pass
3683   * through authentication.
3684   */
3685  public static final String OP_ATTR_PTAPOLICY_CACHED_PASSWORD_TIME =
3686       "ds-pta-cached-password-time";
3687
3688
3689
3690  /**
3691   * The name of the attribute option used to indicate that a configuration
3692   * attribute has one or more pending values.
3693   */
3694  public static final String OPTION_PENDING_VALUES = "pending";
3695
3696
3697
3698  /**
3699   * The path to the directory that should serve as the MakeLDIF resource
3700   * directory.  It is relative to the server root.
3701   */
3702  public static final String PATH_MAKELDIF_RESOURCE_DIR =
3703       "config" + File.separator + "MakeLDIF";
3704
3705
3706
3707  /**
3708   * The path to the directory containing the server schema definitions.  It is
3709   * relative to the server root.
3710   */
3711  public static final String PATH_SCHEMA_DIR =
3712       "config" + File.separator + "schema";
3713
3714
3715
3716  /**
3717   * The name (with no path information) of the file in the schema directory
3718   * that will contain user-defined schema definitions.
3719   */
3720  public static final String FILE_USER_SCHEMA_ELEMENTS = "99-user.ldif";
3721
3722
3723
3724  /**
3725   * The name of the configuration attribute that indicates the log file
3726   * where the loggers will log the information.
3727   */
3728  public static final String ATTR_LOGGER_FILE =
3729         "ds-cfg-log-file";
3730
3731
3732
3733  /**
3734   * The name of the configuration attribute that indicates the default
3735   * severity levels for the logger.
3736   */
3737  public static final String ATTR_LOGGER_DEFAULT_SEVERITY =
3738        "ds-cfg-default-severity";
3739
3740
3741
3742  /**
3743   * The name of the configuration attribute that indicates the override
3744   * severity levels for the logger.
3745   */
3746  public static final String ATTR_LOGGER_OVERRIDE_SEVERITY =
3747        "ds-cfg-override-severity";
3748
3749
3750  /**
3751   * The name of the configuration attribute that indicates the backend database
3752   * location on disk.
3753   */
3754  public static final String ATTR_BACKEND_DIRECTORY =
3755       "ds-cfg-db-directory";
3756
3757
3758
3759  /**
3760   * The name of the attribute which configures the file permission mode
3761   * for the database direction.
3762   */
3763  public static final String ATTR_BACKEND_MODE =
3764      "ds-cfg-db-directory-permissions";
3765
3766
3767
3768  /**
3769   * The name of the file (with no path information) that will be used as the
3770   * backing file for holding the tasks defined in the Directory Server.
3771   */
3772  public static final String TASK_FILE_NAME = "tasks.ldif";
3773
3774
3775
3776  /**
3777   * The string representation of the RDN that should be used for the entry that
3778   * is the immediate parent of all recurring task definitions in the server.
3779   */
3780  public static final String RECURRING_TASK_BASE_RDN = "cn=Recurring Tasks";
3781
3782
3783
3784  /**
3785   * The string representation of the RDN that should be used for the entry that
3786   * is the immediate parent of all scheduled task definitions in the server.
3787   */
3788  public static final String SCHEDULED_TASK_BASE_RDN = "cn=Scheduled Tasks";
3789
3790
3791
3792  /**
3793   * The name of the objectclass that will be used for a Directory Server
3794   * import task definition.
3795   */
3796  public static final String OC_IMPORT_TASK = NAME_PREFIX_TASK + "import";
3797
3798
3799
3800  /**
3801   * The name of the attribute in an import task definition that specifies the
3802   * path to the file containing the LDIF data to import.
3803   */
3804  public static final String ATTR_IMPORT_LDIF_FILE =
3805       NAME_PREFIX_TASK + "import-ldif-file";
3806
3807
3808  /**
3809   * The name of the attribute in an import task definition that specifies the
3810   * path to the file containing the template data to import.
3811   */
3812  public static final String ATTR_IMPORT_TEMPLATE_FILE =
3813       NAME_PREFIX_TASK + "import-template-file";
3814
3815
3816  /**
3817   * The name of the attribute in an import task definition that specifies the
3818   * random seed to be used when we pass a template file to the import.
3819   */
3820  public static final String ATTR_IMPORT_RANDOM_SEED =
3821       NAME_PREFIX_TASK + "import-random-seed";
3822
3823
3824  /**
3825   * The name of the attribute in an import task definition that specifies the
3826   * thread count to be used during the import.
3827   */
3828  public static final String ATTR_IMPORT_THREAD_COUNT =
3829       NAME_PREFIX_TASK + "import-thread-count";
3830
3831  /**
3832   * The name of the attribute in an import task definition that specifies
3833   * whether the import process should append to the existing database rather
3834   * than overwriting it.
3835   */
3836  public static final String ATTR_IMPORT_APPEND =
3837       NAME_PREFIX_TASK + "import-append";
3838
3839
3840
3841  /**
3842   * The name of the attribute in an import task definition that specifies
3843   * whether an existing entry should be replaced when appending to an existing
3844   * database.
3845   */
3846  public static final String ATTR_IMPORT_REPLACE_EXISTING =
3847       NAME_PREFIX_TASK + "import-replace-existing";
3848
3849
3850
3851  /**
3852   * The name of the attribute in an import task definition that specifies the
3853   * backend ID for the backend into which the date should be imported.
3854   */
3855  public static final String ATTR_IMPORT_BACKEND_ID =
3856       NAME_PREFIX_TASK + "import-backend-id";
3857
3858
3859
3860  /**
3861   * The name of the attribute in an import task definition that specifies the
3862   * base DN of a branch that should be included in the LDIF import.
3863   */
3864  public static final String ATTR_IMPORT_INCLUDE_BRANCH =
3865       NAME_PREFIX_TASK + "import-include-branch";
3866
3867
3868
3869  /**
3870   * The name of the attribute in an import task definition that specifies the
3871   * base DN of a branch that should be excluded from the LDIF import.
3872   */
3873  public static final String ATTR_IMPORT_EXCLUDE_BRANCH =
3874       NAME_PREFIX_TASK + "import-exclude-branch";
3875
3876
3877
3878  /**
3879   * The name of the attribute in an import task definition that specifies an
3880   * attribute that should be included in the LDIF import.
3881   */
3882  public static final String ATTR_IMPORT_INCLUDE_ATTRIBUTE =
3883       NAME_PREFIX_TASK + "import-include-attribute";
3884
3885
3886
3887  /**
3888   * The name of the attribute in an import task definition that specifies an
3889   * attribute that should be excluded from the LDIF import.
3890   */
3891  public static final String ATTR_IMPORT_EXCLUDE_ATTRIBUTE =
3892       NAME_PREFIX_TASK + "import-exclude-attribute";
3893
3894
3895
3896  /**
3897   * The name of the attribute in an import task definition that specifies
3898   * a search filter that may be used to control which entries are included
3899   * in the import.
3900   */
3901  public static final String ATTR_IMPORT_INCLUDE_FILTER =
3902       NAME_PREFIX_TASK + "import-include-filter";
3903
3904
3905
3906  /**
3907   * The name of the attribute in an import task definition that specifies
3908   * a search filter that may be used to control which entries are excluded
3909   * from the import.
3910   */
3911  public static final String ATTR_IMPORT_EXCLUDE_FILTER =
3912       NAME_PREFIX_TASK + "import-exclude-filter";
3913
3914
3915
3916  /**
3917   * The name of the attribute in an import task definition that specifies
3918   * the path to a file into which rejected entries may be written if they
3919   * are not accepted during the import process.
3920   */
3921  public static final String ATTR_IMPORT_REJECT_FILE =
3922       NAME_PREFIX_TASK + "import-reject-file";
3923
3924
3925  /**
3926   * The name of the attribute in an import task definition that specifies
3927   * the path to a file into which skipped entries may be written if they
3928   * do not match criteria during the import process.
3929   */
3930  public static final String ATTR_IMPORT_SKIP_FILE =
3931       NAME_PREFIX_TASK + "import-skip-file";
3932
3933
3934  /**
3935   * The name of the attribute in an import task definition that specifies
3936   * whether to overwrite an existing rejects and/or skip file when performing
3937   * an LDIF import rather than appending to it.
3938   */
3939  public static final String ATTR_IMPORT_OVERWRITE =
3940       NAME_PREFIX_TASK + "import-overwrite-rejects";
3941
3942
3943  /**
3944   * The name of the attribute in an import task definition that specifies
3945   * whether to skip schema validation during the import.
3946   */
3947  public static final String ATTR_IMPORT_SKIP_SCHEMA_VALIDATION =
3948       NAME_PREFIX_TASK + "import-skip-schema-validation";
3949
3950
3951
3952  /**
3953   * The name of the attribute in an import task definition that specifies
3954   * whether the LDIF file containing the data to import is compressed.
3955   */
3956  public static final String ATTR_IMPORT_IS_COMPRESSED =
3957       NAME_PREFIX_TASK + "import-is-compressed";
3958
3959
3960
3961  /**
3962   * The name of the attribute in an import task definition that specifies
3963   * whether the LDIF file containing the data to import is encrypted.
3964   */
3965  public static final String ATTR_IMPORT_IS_ENCRYPTED =
3966       NAME_PREFIX_TASK + "import-is-encrypted";
3967
3968   /**
3969   * The name of the attribute in an import task definition that specifies
3970   * the temp directory path.
3971   */
3972
3973  public static final String ATTR_IMPORT_TMP_DIRECTORY =
3974       NAME_PREFIX_TASK + "import-tmp-directory";
3975
3976  /**
3977   * The name of the objectclass that will be used for a Directory Server
3978   * initialize task definition.
3979   */
3980  public static final String OC_INITIALIZE_TASK =
3981    NAME_PREFIX_TASK + "initialize-from-remote-replica";
3982
3983  /**
3984   * The name of the attribute in an initialize task definition that specifies
3985   * the base dn related to the synchonization domain to initialize.
3986   */
3987  public static final String ATTR_TASK_INITIALIZE_DOMAIN_DN =
3988       NAME_PREFIX_TASK + "initialize-domain-dn";
3989
3990  /**
3991   * The name of the attribute in an initialize target task definition that
3992   * specifies the source in terms of source server from which to initialize.
3993   */
3994  public static final String ATTR_TASK_INITIALIZE_SOURCE =
3995       NAME_PREFIX_TASK + "initialize-replica-server-id";
3996
3997  /**
3998   * The name of the objectclass that will be used for a Directory Server
3999   * initialize target task definition.
4000   */
4001  public static final String OC_INITIALIZE_TARGET_TASK =
4002    NAME_PREFIX_TASK + "initialize-remote-replica";
4003
4004  /**
4005   * The name of the attribute in an initialize target task definition that
4006   * specifies the base dn related to the synchonization domain to initialize.
4007   */
4008  public static final String ATTR_TASK_INITIALIZE_TARGET_DOMAIN_DN =
4009       NAME_PREFIX_TASK + "initialize-domain-dn";
4010
4011  /**
4012   * The name of the attribute in an initialize target task definition that
4013   * specifies the scope in terms of servers to initialize.
4014   */
4015  public static final String ATTR_TASK_INITIALIZE_TARGET_SCOPE =
4016       NAME_PREFIX_TASK + "initialize-replica-server-id";
4017
4018  /**
4019   * The name of the attribute in an initialize target task definition that
4020   * specifies the scope in terms of servers to initialize.
4021   */
4022  public static final String ATTR_TASK_INITIALIZE_LEFT =
4023       NAME_PREFIX_TASK + "unprocessed-entry-count";
4024
4025  /**
4026   * The name of the attribute in an initialize target task definition that
4027   * specifies the scope in terms of servers to initialize.
4028   */
4029  public static final String ATTR_TASK_INITIALIZE_DONE =
4030       NAME_PREFIX_TASK + "processed-entry-count";
4031
4032
4033  /**
4034   * The name of the objectclass that will be used for a Directory Server
4035   * export task definition.
4036   */
4037  public static final String OC_EXPORT_TASK = NAME_PREFIX_TASK + "export";
4038
4039
4040
4041  /**
4042   * The name of the attribute in an export task definition that specifies the
4043   * path to the file to which the LDIF data should be written.
4044   */
4045  public static final String ATTR_TASK_EXPORT_LDIF_FILE =
4046       NAME_PREFIX_TASK + "export-ldif-file";
4047
4048
4049
4050  /**
4051   * The name of the attribute in an export task definition that specifies
4052   * whether the export process should append to an existing LDIF file rather
4053   * than overwrite it.
4054   */
4055  public static final String ATTR_TASK_EXPORT_APPEND_TO_LDIF =
4056       NAME_PREFIX_TASK + "export-append-to-ldif";
4057
4058
4059
4060  /**
4061   * The name of the attribute in an export task definition that specifies the
4062   * backend ID for the backend from which the data should be exported.
4063   */
4064  public static final String ATTR_TASK_EXPORT_BACKEND_ID =
4065       NAME_PREFIX_TASK + "export-backend-id";
4066
4067
4068
4069  /**
4070   * The name of the attribute in an export task definition that specifies the
4071   * base DN of a branch that should be included in the LDIF export.
4072   */
4073  public static final String ATTR_TASK_EXPORT_INCLUDE_BRANCH =
4074       NAME_PREFIX_TASK + "export-include-branch";
4075
4076
4077
4078  /**
4079   * The name of the attribute in an export task definition that specifies the
4080   * base DN of a branch that should be excluded from the LDIF export.
4081   */
4082  public static final String ATTR_TASK_EXPORT_EXCLUDE_BRANCH =
4083       NAME_PREFIX_TASK + "export-exclude-branch";
4084
4085
4086
4087  /**
4088   * The name of the attribute in an export task definition that specifies an
4089   * attribute that should be included in the LDIF export.
4090   */
4091  public static final String ATTR_TASK_EXPORT_INCLUDE_ATTRIBUTE =
4092       NAME_PREFIX_TASK + "export-include-attribute";
4093
4094
4095
4096  /**
4097   * The name of the attribute in an export task definition that specifies an
4098   * attribute that should be excluded from the LDIF export.
4099   */
4100  public static final String ATTR_TASK_EXPORT_EXCLUDE_ATTRIBUTE =
4101       NAME_PREFIX_TASK + "export-exclude-attribute";
4102
4103
4104
4105  /**
4106   * The name of the attribute in an export task definition that specifies
4107   * a search filter that may be used to control which entries are included
4108   * in the export.
4109   */
4110  public static final String ATTR_TASK_EXPORT_INCLUDE_FILTER =
4111       NAME_PREFIX_TASK + "export-include-filter";
4112
4113
4114
4115  /**
4116   * The name of the attribute in an export task definition that specifies
4117   * a search filter that may be used to control which entries are excluded
4118   * from the export.
4119   */
4120  public static final String ATTR_TASK_EXPORT_EXCLUDE_FILTER =
4121       NAME_PREFIX_TASK + "export-exclude-filter";
4122
4123
4124
4125  /**
4126   * The name of the attribute in an export task definition that specifies
4127   * the column at which long lines should be wrapped.
4128   */
4129  public static final String ATTR_TASK_EXPORT_WRAP_COLUMN =
4130       NAME_PREFIX_TASK + "export-wrap-column";
4131
4132  /**
4133   * The name of the attribute in an export task definition that specifies
4134   * that operational attributes have to be included.
4135   */
4136  public static final String ATTR_TASK_EXPORT_INCLUDE_OPERATIONAL_ATTRIBUTES =
4137       NAME_PREFIX_TASK + "export-include-operational-attributes";
4138
4139
4140  /**
4141   * The name of the attribute in an export task definition that specifies
4142   * whether the LDIF data should be compressed as it is exported.
4143   */
4144  public static final String ATTR_TASK_EXPORT_COMPRESS_LDIF =
4145       NAME_PREFIX_TASK + "export-compress-ldif";
4146
4147
4148
4149  /**
4150   * The name of the attribute in an export task definition that specifies
4151   * whether the LDIF data should be encrypted as it is exported.
4152   */
4153  public static final String ATTR_TASK_EXPORT_ENCRYPT_LDIF =
4154       NAME_PREFIX_TASK + "export-encrypt-ldif";
4155
4156
4157
4158  /**
4159   * The name of the attribute in an export task definition that specifies
4160   * whether a signed hash of the export data should be appended to the LDIF
4161   * file.
4162   */
4163  public static final String ATTR_TASK_EXPORT_SIGN_HASH =
4164       NAME_PREFIX_TASK + "export-sign-hash";
4165
4166
4167
4168  /**
4169   * The name of the objectclass that will be used for a Directory Server
4170   * restore task definition.
4171   */
4172  public static final String OC_RESTORE_TASK = NAME_PREFIX_TASK + "restore";
4173
4174
4175
4176  /**
4177   * The name of the attribute in a restore task definition that specifies
4178   * whether the contents of the backup should be verified but not restored.
4179   */
4180  public static final String ATTR_TASK_RESTORE_VERIFY_ONLY =
4181       NAME_PREFIX_TASK + "restore-verify-only";
4182
4183
4184
4185  /**
4186   * The name of the objectclass that will be used for a Directory Server
4187   * backup task definition.
4188   */
4189  public static final String OC_BACKUP_TASK = NAME_PREFIX_TASK + "backup";
4190
4191
4192
4193  /**
4194   * The name of the attribute in a backup task definition that specifies
4195   * the backend ID for a backend that should be archived.
4196   */
4197  public static final String ATTR_TASK_BACKUP_BACKEND_ID =
4198       NAME_PREFIX_TASK + "backup-backend-id";
4199
4200
4201
4202  /**
4203   * The name of the attribute in a backup task definition that specifies
4204   * whether all backends defined in the server should be backed up.
4205   */
4206  public static final String ATTR_TASK_BACKUP_ALL =
4207       NAME_PREFIX_TASK + "backup-all";
4208
4209
4210
4211  /**
4212   * The name of the attribute in a backup task definition that specifies
4213   * whether to generate and incremental backup or a full backup.
4214   */
4215  public static final String ATTR_TASK_BACKUP_INCREMENTAL =
4216       NAME_PREFIX_TASK + "backup-incremental";
4217
4218
4219
4220  /**
4221   * The name of the attribute in a backup task definition that specifies
4222   * the backup ID of the backup against which an incremental backup should
4223   * be taken.
4224   */
4225  public static final String ATTR_TASK_BACKUP_INCREMENTAL_BASE_ID =
4226       NAME_PREFIX_TASK + "backup-incremental-base-id";
4227
4228
4229
4230  /**
4231   * The name of the attribute in a backup task definition that specifies
4232   * whether the backup file(s) should be compressed.
4233   */
4234  public static final String ATTR_TASK_BACKUP_COMPRESS =
4235       NAME_PREFIX_TASK + "backup-compress";
4236
4237
4238
4239  /**
4240   * The name of the attribute in a backup task definition that specifies
4241   * whether the backup file(s) should be compressed.
4242   */
4243  public static final String ATTR_TASK_BACKUP_ENCRYPT =
4244       NAME_PREFIX_TASK + "backup-encrypt";
4245
4246
4247
4248  /**
4249   * The name of the attribute in a backup task definition that specifies
4250   * whether to generate a hash of the backup file(s) for integrity
4251   * verification during restore.
4252   */
4253  public static final String ATTR_TASK_BACKUP_HASH =
4254       NAME_PREFIX_TASK + "backup-hash";
4255
4256
4257
4258  /**
4259   * The name of the attribute in a backup task definition that specifies
4260   * whether the hash of the archive file(s) should be digitally signed to
4261   * provide tamper detection.
4262   */
4263  public static final String ATTR_TASK_BACKUP_SIGN_HASH =
4264       NAME_PREFIX_TASK + "backup-sign-hash";
4265  /**
4266   * The name of the attribute in the add schema file task definition that
4267   * specifies the name of the schema file to be added.
4268   */
4269  public static final String ATTR_TASK_ADDSCHEMAFILE_FILENAME =
4270       NAME_PREFIX_TASK + "schema-file-name";
4271
4272
4273  /**
4274   * The name of the attribute in a debug target configuration for a debug
4275   * logger that specifies the scope of the debug target.
4276   */
4277  public static final String ATTR_LOGGER_DEBUG_SCOPE =
4278      NAME_PREFIX_TASK + "debug-scope";
4279
4280  /**
4281   * The name of the attribute in a logger configuration that spcifies the
4282   * log level.
4283   */
4284  public static final String ATTR_LOGGER_LEVEL =
4285      NAME_PREFIX_TASK + "log-level";
4286
4287  /**
4288   * The name of the attribute in a logger configuration that specifies
4289   * whether to asyncornously writes log records to disk.
4290   */
4291  public static final String ATTR_LOGGER_ASYNC_WRITE =
4292      NAME_PREFIX_TASK + "async-write";
4293
4294
4295  /**
4296   * The name of the attribute in an rebuild task definition that specifies the
4297   * base DN of the indexes to do the rebuild in.
4298   */
4299  public static final String ATTR_REBUILD_BASE_DN =
4300       NAME_PREFIX_TASK + "rebuild-base-dn";
4301
4302
4303  /**
4304   * The name of the attribute in an rebuild task definition that specifies the
4305   * indexes to rebuild.
4306   */
4307  public static final String ATTR_REBUILD_INDEX =
4308       NAME_PREFIX_TASK + "rebuild-index";
4309
4310  /**
4311   * The name of the attribute in an rebuild task definition that specifies the
4312   * degraded index which needs to be clear.
4313   */
4314  public static final String ATTR_REBUILD_INDEX_CLEARDEGRADEDSTATE =
4315      ATTR_REBUILD_INDEX + "-clear-degraded-state";
4316
4317
4318  /**
4319   * The name of the attribute in an rebuild task definition that specifies the
4320   * temporary scratch file.
4321   */
4322  public static final String ATTR_REBUILD_TMP_DIRECTORY =
4323       NAME_PREFIX_TASK + "rebuild-tmp-directory";
4324
4325  /**
4326   * Used to specify that the rebuild all boolean should be set.
4327   */
4328  public static final String REBUILD_ALL = "rebuildall";
4329
4330  /**
4331   * Used to specify that the rebuild degraded boolean should be set.
4332   */
4333  public static final String REBUILD_DEGRADED = "rebuilddegraded";
4334
4335  /**
4336   * The name of the objectclass that will be used for a Directory Server
4337   * reset generationId task definition.
4338   */
4339  public static final String OC_RESET_GENERATION_ID_TASK =
4340       NAME_PREFIX_TASK + "reset-generation-id";
4341
4342
4343  /**
4344   * The name of the attribute containing the baseDn related to the replication
4345   * domain to which applies the task.
4346   */
4347  public static final String ATTR_TASK_SET_GENERATION_ID_DOMAIN_DN =
4348    OC_RESET_GENERATION_ID_TASK + "-domain-base-dn";
4349
4350  /**
4351   * The name of the attribute containing the new value of the generation ID
4352   * related to the replication domain to which applies the task.
4353   */
4354  public static final String ATTR_TASK_SET_GENERATION_ID_NEW_VALUE =
4355    OC_RESET_GENERATION_ID_TASK + "-new-value";
4356
4357  /**
4358   * The name of the attribute in an import task definition that specifies
4359   * whether the backend should be cleared before the import.
4360   */
4361  public static final String ATTR_IMPORT_CLEAR_BACKEND =
4362       NAME_PREFIX_TASK + "import-clear-backend";
4363
4364  /**
4365   * The name of the attribute in a purge conflicts historical task definition
4366   * that specifies the base dn related to the synchonization domain to purge.
4367   */
4368  public static final String ATTR_TASK_CONFLICTS_HIST_PURGE_DOMAIN_DN =
4369       NAME_PREFIX_TASK + "purge-conflicts-historical-domain-dn";
4370
4371  /**
4372   * The name of the attribute in a purge conflicts historical task definition
4373   * that specifies the maximum duration of the task.
4374   */
4375  public static final String ATTR_TASK_CONFLICTS_HIST_PURGE_MAX_DURATION =
4376       NAME_PREFIX_TASK + "purge-conflicts-historical-maximum-duration";
4377
4378  /**
4379   * The name of the attribute in a purge conflicts historical task definition
4380   * that specifies the maximum duration of the task.
4381   */
4382  public static final String ATTR_TASK_CONFLICTS_HIST_PURGE_FIRST_CSN =
4383     NAME_PREFIX_TASK + "purge-conflicts-historical-first-purged-changenumber";
4384
4385  /**
4386   * The name of the attribute in a purge conflicts historical task definition
4387   * that specifies the maximum duration of the task.
4388   */
4389  public static final String ATTR_TASK_CONFLICTS_HIST_PURGE_LAST_CSN =
4390       NAME_PREFIX_TASK + "purge-conflicts-historical-last-purged-changenumber";
4391
4392  /**
4393   * The name of the attribute in a purge conflicts historical task definition
4394   * that specifies the maximum duration of the task.
4395   */
4396  public static final String ATTR_TASK_CONFLICTS_HIST_PURGE_COMPLETED_IN_TIME =
4397       NAME_PREFIX_TASK + "purge-conflicts-historical-purge-completed-in-time";
4398
4399  /**
4400   * The name of the attribute in a purge conflicts historical task definition
4401   * that specifies the maximum duration of the task.
4402   */
4403  public static final String ATTR_TASK_CONFLICTS_HIST_PURGE_COUNT =
4404       NAME_PREFIX_TASK + "purge-conflicts-historical-purged-values-count";
4405
4406  /** The name of the objectclass that will be used for a Directory Server reset change number task definition. */
4407  public static final String OC_RESET_CHANGE_NUMBER_TASK = NAME_PREFIX_TASK + "reset-change-number";
4408
4409  /** The name of the attribute in a reset change number task that specifies the change number for the first change. */
4410  public static final String ATTR_TASK_RESET_CHANGE_NUMBER_TO= NAME_PREFIX_TASK + "reset-change-number-to";
4411
4412  /** The name of the attribute in a reset change number task that specifies the csn of the new first change. */
4413  public static final String ATTR_TASK_RESET_CHANGE_NUMBER_CSN = NAME_PREFIX_TASK + "reset-change-number-csn";
4414
4415  /** The name of the attribute in a reset change number task that specifies the basedn where the csn applies. */
4416  public static final String ATTR_TASK_RESET_CHANGE_NUMBER_BASE_DN = NAME_PREFIX_TASK + "reset-change-number-base-dn";
4417}
4418