NAME
DirectoryServiceAttributes The following
standard attribute types are defined in
<DirectoryServices/DirServicesConst.h>
DESCRIPTION
This document contains well known attribute and record type constants.
They can be used with dsDataNodeAllocateString() to create a data node to pass to a Directory Services API call.
Legend:
eDS1xxxxxx Single Valued Attribute
eDSNxxxxxx Multi-Valued Attribute
NOTE: Access controls may prevent any particular client from reading/writting various attributes. In addition some attributes may not be stored at all and could represent "real-time" data generated by the directory node plug-in.
NOTE #2: Attributes in the model are available for records & directory nodes.
Type String
All Records
kDSRecordsAll "dsRecordsAll"
kDSRecordsStandardAll "dsRecordsStandardAll"
kDSRecordsNativeAll "dsRecordsNativeAll"
All Attributes
kDSAttributesAll "dsAttributesAll"
kDSAttributesStandardAll "dsAttributesStandardAll"
kDSAttributesNativeAll "dsAttributesNativeAll"
Well Known Record Types
kDSStdRecordTypePrefix "dsRecTypeStandard:"
kDSNativeRecordTypePrefix "dsRecTypeNative:"
kDSStdRecordTypeUsers "dsRecTypeStandard:Users"
kDSStdRecordTypeGroups "dsRecTypeStandard:Groups"
kDSStdRecordTypeMachines "dsRecTypeStandard:Machines"
kDSStdRecordTypeAliases "dsRecTypeStandard:Aliases"
kDSStdRecordTypeHosts "dsRecTypeStandard:Hosts"
kDSStdRecordTypePrinters "dsRecTypeStandard:Printers"
kDSStdRecordTypeNetworks "dsRecTypeStandard:Networks"
kDSStdRecordTypeServices "dsRecTypeStandard:Services"
kDSStdRecordTypeServer "dsRecTypeStandard:Server"
kDSStdRecordTypProtocols "dsRecTypeStandard:Protocols"
kDSStdRecordTypeProtocols "dsRecTypeStandard:Protocols"
kDSStdRecordTypRPC "dsRecTypeStandard:RPC"
kDSStdRecordTypeRPC "dsRecTypeStandard:RPC"
kDSStdRecordTypePrintService "dsRecTypeStandard:PrintService"
kDSStdRecordTypeConfig "dsRecTypeStandard:Config"
kDSStdRecordTypeAFPServer "dsRecTypeStandard:AFPServer"
kDSStdRecordTypeSMBServer "dsRecTypeStandard:SMBServer"
kDSStdRecordTypeFTPServer "dsRecTypeStandard:FTPServer"
kDSStdRecordTypeNFS "dsRecTypeStandard:NFS"
kDSStdRecordTypeWebServer "dsRecTypeStandard:WebServer"
kDSStdRecordTypeLDAPServer "dsRecTypeStandard:LDAPServer"
kDSStdRecordTypeQTSServer "dsRecTypeStandard:QTSServer"
kDSStdRecordTypMounts "dsRecTypeStandard:Mounts"
kDSStdRecordTypeMounts "dsRecTypeStandard:Mounts"
kDSStdRecordTypeComputerGroups "dsRecTypeStandard:ComputerGroups"
kDSStdRecordTypeComputers "dsRecTypeStandard:Computers"
kDSStdRecordTypeComputerLists "dsRecTypeStandard:ComputerLists"
kDSStdRecordTypePresetUsers "dsRecTypeStandard:PresetUsers"
kDSStdRecordTypePresetGroups "dsRecTypeStandard:PresetGroups"
kDSStdRecordTypePresetComputers "dsRecTypeStandard:PresetComputers"
kDSStdRecordTypePresetComputerGroups "dsRecTypeStandard:PresetComputerGroups"
kDSStdRecordTypePresetComputerLists "dsRecTypeStandard:PresetComputerLists"
kDSStdRecordTypeAutoServerSetup
Discussion:
Used to discover automated server setup information.
kDSStdRecordTypeAutoServerSetup "dsRecTypeStandard:AutoServerSetup"
kDSStdRecordTypePasswordServer
Discussion:
Used to discover password servers via Bonjour.
kDSStdRecordTypePasswordServer "dsRecTypeStandard:PasswordServer"
kDSStdRecordTypePeople Discussion:
Record type that contains "People" records used for contact information.
kDSStdRecordTypePeople "dsRecTypeStandard:People"
kDSStdRecordTypeSharePoints
Discussion:
Share point record type.
kDSStdRecordTypeSharePoints "dsRecTypeStandard:SharePoints"
kDSStdRecordTypePrintServiceUser
Discussion:
Record in the local node for storing quota usage for a user.
kDSStdRecordTypePrintServiceUser "dsRecTypeStandard:PrintServiceUser"
kDSStdRecordTypeAFPUserAliases "dsRecTypeStandard:AFPUserAliases"
kDSStdRecordTypeBootp Discussion:
Record in the local node for storing bootp info.
kDSStdRecordTypeBootp "dsRecTypeStandard:Bootp"
kDSStdRecordTypeNetDomains Discussion:
Record in the local node for storing net domains.
kDSStdRecordTypeNetDomains "dsRecTypeStandard:NetDomains"
kDSStdRecordTypeEthernets Discussion:
Record in the local node for storing ethernets.
kDSStdRecordTypeEthernets "dsRecTypeStandard:Ethernets"
kDSStdRecordTypeNetGroups Discussion:
Record in the local node for storing net groups.
kDSStdRecordTypeNetGroups "dsRecTypeStandard:NetGroups"
kDSStdRecordTypeHostServices
Discussion:
Record in the local node for storing host services.
kDSStdRecordTypeHostServices "dsRecTypeStandard:HostServices"
kDSStdUserNamesMeta "dsRecTypeStandard:MetaUserNames"
kDSStdRecordTypeMeta "dsRecTypeStandard:AppleMetaRecord"
Location record type.
kDSStdRecordTypeLocations "dsRecTypeStandard:Locations"
kDSStdRecordTypeNeighborhoods Discussion:
Neighborhood record type. Describes a list of computers and other
neighborhoods, used for network browsing.
kDSStdRecordTypeNeighborhoods "dsRecTypeStandard:Neighborhoods"
kDSStdRecordTypeCertificateAuthorities
Discussion:
Record type that contains certificate authority information.
kDSStdRecordTypeCertificateAuthorities "dsRecTypeStandard:CertificateAuthorities"
kDSStdRecordTypeAccessControls Discussion:
Record type that contains directory access control directives.
kDSStdRecordTypeAccessControls "dsRecTypeStandard:AccessControls"
FileMaker servers record type. Describes available FileMaker servers used for service discovery.
kDSStdRecordTypeFileMakerServers "dsRecTypeStandard:FileMakerServers"
Resource record type.
kDSStdRecordTypeResources "dsRecTypeStandard:Resources"
Well Known Attribute Types...
kDSStdAttrTypePrefix "dsAttrTypeStandard:"
kDSNativeAttrTypePrefix "dsAttrTypeNative:"
kDSAttrNone "dsNone"
Authentication Methods
kDSStdAuthMethodPrefix "dsAuthMethodStandard:"
kDSNativeAuthMethodPrefix "dsAuthMethodNative:"
kDSStdAuthClearText "dsAuthMethodStandard:dsAuthClearText"
kDSStdAuthCrypt Discussion:
Use a crypt password stored in the user record if available to do the authentication. The buffer is packed as follows:
4 byte length of username,
username in UTF8 encoding,
4 byte length of password,
password in UTF8 encoding
This method may not be supported by all plug-ins or for all users.
kDSStdAuthCrypt "dsAuthMethodStandard:dsAuthCrypt"
kDSStdAuthSetPasswd "dsAuthMethodStandard:dsAuthSetPasswd"
kDSStdAuthChangePasswd Discussion:
Change the password for a user. Does not require prior authentication.
The buffer is packed as follows:
4 byte length of username,
username in UTF8 encoding,
4 byte length of old password,
old password in UTF8 encoding,
4 byte length of new password,
new password in UTF8 encoding
kDSStdAuthChangePasswd "dsAuthMethodStandard:dsAuthChangePasswd"
kDSStdAuthSetPasswdAsRoot "dsAuthMethodStandard:dsAuthSetPasswdAsRoot"
kDSStdAuth2WayRandomChangePasswd
Discussion:
Change the password for a user using the two-way random method.
Does not require prior authentication.
The buffer is packed as follows:
4 byte length of username,
username in UTF8 encoding,
4 byte length of old password encrypted with new (should be 8),
old password encrypted with new,
4 byte length of new password encrypted with old (should be 8),
new password encrypted with old
kDSStdAuth2WayRandomChangePasswd "dsAuthMethodStandard:dsAuth2WayRandomChangePasswd"
kDSStdAuthAPOP "dsAuthMethodStandard:dsAuthAPOP"
kDSStdAuth2WayRandom "dsAuthMethodStandard:dsAuth2WayRandom"
kDSStdAuthNodeNativeClearTextOK
Discussion:
The plug-in should determine which specific authentication method to use.
The buffer is packed as follows:
4 byte length of username,
username in UTF8 encoding,
4 byte length of password,
password in UTF8 encoding
The plug-in may choose to use a cleartext authentication method if necessary.
kDSStdAuthNodeNativeClearTextOK "dsAuthMethodStandard:dsAuthNodeNativeCanUseClearText"
kDSStdAuthNodeNativeNoClearText
Discussion:
The plug-in should determine which specific authentication method to use.
The buffer is packed as follows:
4 byte length of username,
username in UTF8 encoding,
4 byte length of password,
password in UTF8 encoding
The plug-in must not use an authentication method that sends the password in cleartext.
kDSStdAuthNodeNativeNoClearText "dsAuthMethodStandard:dsAuthNodeNativeCannotUseClearText"
kDSStdAuthSMB_NT_Key "dsAuthMethodStandard:dsAuthSMBNTKey"
kDSStdAuthSMB_LM_Key "dsAuthMethodStandard:dsAuthSMBLMKey"
kDSStdAuthCRAM_MD5 "dsAuthMethodStandard:dsAuthNodeCRAM-MD5"
kDSStdAuthDIGEST_MD5 "dsAuthMethodStandard:dsAuthNodeDIGEST-MD5"
kDSStdAuthNTLMv2 Discussion:
If the NTLMv2 session key is supported, it is returned in the step buffer. The input buffer is packed as follows:
4 byte length of username,
username in UTF8 encoding,
4 byte length of samba server challenge,
samba server challenge
4 byte length of the NTLMv2 client "blob"
the client "blob" which includes 16 bytes of client digest prefixed to the the blob data
4 byte length of the user name used to calculate the digest,
the user name used to calculate the digest in UTF8 encoding
4 byte length of the samba domain,
the samba domain in UTF8 encoding
kDSStdAuthNTLMv2 "dsAuthMethodStandard:dsAuthNodeNTLMv2"
Kerberized SMB Server services
Discussion:
Related constants for supporting Kerberized SMB Server services. These are only used for dsGetDirNodeInfo requests. They are not attributes that are used otherwise.
kDS1AttrKerberosRealm "dsAttrTypeStandard:KerberosRealm"
kDS1AttrPrimaryNTDomain "dsAttrTypeStandard:PrimaryNTDomain"
kDS1AttrNTDomainComputerAccount
"dsAttrTypeStandard:NTDomainComputerAccount"
Attribute type for the owner of a record. Typically the value is a LDAP distinguished name.
kDS1AttrOwner "dsAttrTypeStandard:Owner"
PDC_SMB_Constants Discussion:
Related constants for supporting PDC SMB interaction with DS.
kDSStdAuthSMB_NT_UserSessionKey "dsAuthMethodStandard:dsAuthSMBNTUserSessionKey"
kDSStdAuthSMBWorkstationCredentialSessionKey "dsAuthMethodStandard:dsAuthSMBWorkstationCredentialSessionKey"
kDSStdAuthSetWorkstationPasswd "dsAuthMethodStandard:dsAuthSetWorkstationPasswd"
kDS1AttrSMBRID "dsAttrTypeStandard:smb_rid"
kDS1AttrSMBGroupRID "dsAttrTypeStandard:smb_group_rid"
kDS1AttrSMBHomeDrive Discussion:
Drive letter for homedirectory mount point.
kDS1AttrSMBHomeDrive "dsAttrTypeStandard:SMBHomeDrive"
kDS1AttrSMBHome Discussion:
UNC address of Windows homedirectory mount point (\server\sharepoint).
kDS1AttrSMBHome "dsAttrTypeStandard:SMBHome"
kDS1AttrSMBScriptPath Discussion:
Login script path.
kDS1AttrSMBScriptPath "dsAttrTypeStandard:SMBScriptPath"
kDS1AttrSMBProfilePath Discussion:
Desktop management info (dock, desktop links, etc).
kDS1AttrSMBProfilePath "dsAttrTypeStandard:SMBProfilePath"
kDS1AttrSMBUserWorkstations
Discussion:
List of workstations user can login from (machine account names).
kDS1AttrSMBUserWorkstations "dsAttrTypeStandard:SMBUserWorkstations"
Account_Control_Flags Discussion:
Set of account control flags.
kDS1AttrSMBAcctFlags "dsAttrTypeStandard:SMBAccountFlags"
kDS1AttrSMBPWDLastSet "dsAttrTypeStandard:SMBPasswordLastSet"
kDS1AttrSMBLogonTime "dsAttrTypeStandard:SMBLogonTime"
kDS1AttrSMBLogoffTime "dsAttrTypeStandard:SMBLogoffTime"
kDS1AttrSMBKickoffTime "dsAttrTypeStandard:SMBKickoffTime"
kDS1AttrSMBSID Discussion:
SMB Security ID, stored as a string attribute of up to 64 bytes. Found in user, group, and computer records (kDSStdRecordTypeUsers, kDSStdRecordTypeGroups, kDSStdRecordTypeComputers).
kDS1AttrSMBSID "dsAttrTypeStandard:SMBSID"
kDS1AttrSMBPrimaryGroupSID Discussion:
SMB Primary Group Security ID, stored as a string attribute of up to 64 bytes. Found in user, group, and computer records (kDSStdRecordTypeUsers, kDSStdRecordTypeGroups, kDSStdRecordTypeComputers).
kDS1AttrSMBPrimaryGroupSID "dsAttrTypeStandard:SMBPrimaryGroupSID"
kDS1AttrPasswordServerList Discussion:
Represents the attribute for storing the password server's replication information.
kDS1AttrPasswordServerList "dsAttrTypeStandard:PasswordServerList"
kDS1AttrAlternateDatastoreLocation
Discussion:
Unix path used for determining where a user's email is stored.
kDS1AttrAlternateDatastoreLocation "dsAttrTypeStandard:AlternateDatastoreLocation"
kDSStdAuthMSCHAP2 Discussion:
MS-CHAP2 is a mutual authentication method. The plug-in will generate the data to send back to the client and put it in the step buffer.
The input buffer format:
4 byte length,
username,
4 byte length,
server challenge,
4 byte length,
peer challenge,
4 byte length,
client's digest,
The output buffer format:
4 byte length,
return digest for the client's challenge
kDSStdAuthMSCHAP2 "dsAuthMethodStandard:dsAuthMSCHAP2"
kDSStdAuthMASKE_A "dsAuthMethodStandard:dsAuthMASKE-A"
kDSStdAuthMASKE_B "dsAuthMethodStandard:dsAuthMASKE-B"
kDSStdAuthWithAuthorizationRef
Discussion:
Allows access to local directories as root with a valid AuthorizationRef.
The input buffer format:
externalized AuthorizationRef
kDSStdAuthWithAuthorizationRef "dsAuthMethodStandard:dsAuthWithAuthorizationRef"
kDSStdAuthNewUser Discussion:
Create a new user record with the authentication authority
The buffer is packed as follows:
4 byte length of authenticator's UserID,
authenticator's UserID in UTF8 encoding,
4 byte length of authenticator's password,
authenticator's password in UTF8 encoding
4 byte length of new user's short-name,
user's short-name,
4 byte length of new user's password,
user's password
kDSStdAuthNewUser "dsAuthMethodStandard:dsAuthNewUser"
kDSStdAuthGetPolicy Discussion:
The plug-in should determine which specific authentication method to use.
The buffer is packed as follows:
4 byte length of authenticator's UserID,
authenticator's UserID in UTF8 encoding,
4 byte length of authenticator's password,
authenticator's password in UTF8 encoding
4 byte length of UserID of the account to get policies,
UserID of the account to get policies in UTF8 encoding
The Password Server does not require authentication for this auth method. The first two fields are to cover us for future policy changes and to keep the buffer format as standardized as possible.
kDSStdAuthGetPolicy "dsAuthMethodStandard:dsAuthGetPolicy"
kDSStdAuthSetPolicy Discussion:
The plug-in should determine which specific authentication method to use.
The buffer is packed as follows:
4 byte length of authenticator's UserID,
authenticator's UserID in UTF8 encoding,
4 byte length of authenticator's password,
authenticator's password in UTF8 encoding
4 byte length of UserID of the account to set policies,
UserID of the account to set policies in UTF8 encoding
4 byte length of policy data,
policy data
kDSStdAuthSetPolicy "dsAuthMethodStandard:dsAuthSetPolicy"
kDSStdAuthGetGlobalPolicy "dsAuthMethodStandard:dsAuthGetGlobalPolicy"
kDSStdAuthSetGlobalPolicy "dsAuthMethodStandard:dsAuthSetGlobalPolicy"
kDSStdAuthGetUserName "dsAuthMethodStandard:dsAuthGetUserName"
kDSStdAuthSetUserName "dsAuthMethodStandard:dsAuthSetUserName"
kDSStdAuthGetUserData "dsAuthMethodStandard:dsAuthGetUserData"
kDSStdAuthSetUserData "dsAuthMethodStandard:dsAuthSetUserData"
kDSStdAuthDeleteUser "dsAuthMethodStandard:dsAuthDeleteUser"
Users Distinguished or Real Name
kDS1AttrDistinguishedName "dsAttrTypeStandard:RealName"
kDS1AttrFirstName "dsAttrTypeStandard:FirstName"
kDS1AttrMiddleName "dsAttrTypeStandard:MiddleName"
kDS1AttrLastName "dsAttrTypeStandard:LastName"
All possible names for a record
kDSNAttrAllNames "dsAttrTypeStandard:AllNames"
Set password methods
kDSSetPasswdBestOf "dsSetPasswdBestOf"
kDSNAttrAuthenticationAuthority
Discussion:
Determines what mechanism is used to verify or set a user's password. If multiple values are present, the first attributes returned take precedence. Typically found in User records (kDSStdRecordTypeUsers).
kDSNAttrAuthenticationAuthority "dsAttrTypeStandard:AuthenticationAuthority"
kDS1AttrPasswordPolicyOptions
Discussion:
Collection of password policy options in single attribute. Used in user presets record.
kDS1AttrPasswordPolicyOptions "dsAttrTypeStandard:PasswordPolicyOptions"
kDSValueDefaultAuthAuthority
Discussion:
The default value to use for the kDSNAttrAuthenticationAuthority attribute. When creating a user record, set this value for authentication authority before setting the password with dsDoDirNodeAuth.
kDSValueAuthAuthorityDefault kDSValueAuthAuthorityShadowHash
kDSValueAuthAuthorityBasic ";basic;"
kDSTagAuthAuthorityBasic "basic"
kDSValueAuthAuthorityLocalWindowsHash ";LocalWindowsHash;"
kDSTagAuthAuthorityLocalWindowsHash "LocalWindowsHash"
kDSValueAuthAuthorityShadowHash ";ShadowHash;"
kDSTagAuthAuthorityShadowHash "ShadowHash"
kDSTagAuthAuthorityBetterHashOnly "BetterHashOnly"
kDSValueAuthAuthorityPasswordServerPrefix ";ApplePasswordServer;"
kDSTagAuthAuthorityPasswordServer "ApplePasswordServer"
kDSValueAuthAuthorityKerberosv5 ";Kerberosv5;"
kDSTagAuthAuthorityKerberosv5 "Kerberosv5"
kDSValueAuthAuthorityLocalCachedUser ";LocalCachedUser;"
kDSTagAuthAuthorityLocalCachedUser "LocalCachedUser"
Single Valued Attribute
kDS1AttrPassword "dsAttrTypeStandard:Password"
kDS1AttrPasswordPlus "dsAttrTypeStandard:PasswordPlus"
kDS1AttrAuthenticationHint "dsAttrTypeStandard:AuthenticationHint"
kDS1AttrInternetAlias "dsAttrTypeStandard:InetAlias"
kDS1AttrNFSHomeDirectory "dsAttrTypeStandard:NFSHomeDirectory"
kDS1AttrUniqueID "dsAttrTypeStandard:UniqueID"
kDS1AttrPrimaryGroupID "dsAttrTypeStandard:PrimaryComputerList"
kDS1AttrPrimaryGroupID "dsAttrTypeStandard:PrimaryGroupID"
kDS1AttrMailAttribute "dsAttrTypeStandard:MailAttribute"
kDS1AttrComment "dsAttrTypeStandard:Comment"
kDS1AttrRARA "dsAttrTypeStandard:RARA"
kDS1AttrGeneratedUID "dsAttrTypeStandard:GeneratedUID"
kDS1AttrAdminStatus "dsAttrTypeStandard:AdminStatus"
kDS1AttrPwdAgingPolicy "dsAttrTypeStandard:PwdAgingPolicy"
kDS1AttrUserShell "dsAttrTypeStandard:UserShell"
kDS1AttrVFSType "dsAttrTypeStandard:VFSType"
kDS1AttrVFSPassNo "dsAttrTypeStandard:VFSPassNo"
kDS1AttrVFSDumpFreq "dsAttrTypeStandard:VFSDumpFreq"
kDS1AttrVFSLinkDir "dsAttrTypeStandard:VFSLinkDir"
kDS1AttrChange "dsAttrTypeStandard:Change"
kDS1AttrExpire "dsAttrTypeStandard:Expire"
kDSNAttrGroupMembership "dsAttrTypeStandard:GroupMembership"
kDSNAttrHomeDirectory "dsAttrTypeStandard:HomeDirectory"
kDSNAttrKeywords "dsAttrTypeStandard:Keywords"
kDS1AttrXMLPlist Discussion: SA config
settings plist.
kDS1AttrXMLPlist "dsAttrTypeStandard:XMLPlist"
kDS1AttrDateRecordCreated Discussion: Date
of record creation.
kDS1AttrDateRecordCreated "dsAttrTypeStandard:DateRecordCreated"
kDS1AttrCreationTimestamp Discussion:
Attribute showing date/time of record creation. Format is x.208 standard
YYYYMMDDHHMMSSZ which we will require as GMT time.
kDS1AttrCreationTimestamp "dsAttrTypeStandard:CreationTimestamp"
kDS1AttrModificationTimestamp Discussion:
Attribute showing date/time of record modification. Format is x.208 standard
YYYYMMDDHHMMSSZ which we will require as GMT time.
kDS1AttrModificationTimestamp "dsAttrTypeStandard:ModificationTimestamp"
kDS1AttrTimeToLive Discussion: Attribute
recommending how long to cache the record's attribute values. Format is an
unsigned 32 bit representing seconds. ie. 300 is 5 minutes.
kDS1AttrTimeToLive "dsAttrTypeStandard:TimeToLive"
kDS1AttrHomeDirectoryQuota Discussion:
Represents the allowed usage for a user's home directory in bytes. Found in user records (kDSStdRecordTypeUsers).
kDS1AttrHomeDirectoryQuota "dsAttrTypeStandard:HomeDirectoryQuota"
kDS1AttrHomeDirectorySoftQuota "dsAttrTypeStandard:HomeDirectorySoftQuota"
kDS1AttrAdminLimits Discussion:
XML plist indicating what an admin user can edit. Found in kDSStdRecordTypeUsers records.
kDS1AttrAdminLimits "dsAttrTypeStandard:AdminLimits"
kDS1AttrPresetUserIsAdmin Discussion:
Flag to indicate whether users created from this preset are administrators by default. Found in kDSStdRecordTypePresetUsers records.
kDS1AttrPresetUserIsAdmin "dsAttrTypeStandard:PresetUserIsAdmin"
kDS1StandardAttrHomeLocOwnerkDS1AttrHomeLocOwner
kDS1AttrHomeLocOwner Discussion:
Represents the owner of a workgroup's shared home directory. Typically found in kDSStdRecordTypeGroups records.
kDS1AttrHomeLocOwner "dsAttrTypeStandard:HomeLocOwner"
kDSNAttrProtocols "dsAttrTypeStandard:Protocols"
kDSNAttrVFSOpts "dsAttrTypeStandard:VFSOpts"
kDS1AttrPasswordServerLocation
Discussion:
Specifies the IP address or domain name of the Password Server associated with a given directory node. Found in a config record named PasswordServer.
kDS1AttrPasswordServerLocation "dsAttrTypeStandard:PasswordServerLocation"
kDS1AttrPort Discussion:
Represents the port number a service is available on. Typically found in service record types including kDSStdRecordTypeAFPServer, kDSStdRecordTypeLDAPServer, and kDSStdRecordTypeWebServer.
kDS1AttrPort "dsAttrTypeStandard:Port"
kDS1AttrLocation Discussion:
Represents the location a service is available from (usually domain name). Typically found in service record types including kDSStdRecordTypeAFPServer, kDSStdRecordTypeLDAPServer, and kDSStdRecordTypeWebServer.
kDS1AttrLocation "dsAttrTypeStandard:Location"
kDS1AttrServiceType Discussion:
Represents the service type for the service. This is the raw service type of the service. For example a service record type of kDSStdRecordTypeWebServer might have a service type of "http" or "https".
kDS1AttrServiceType "dsAttrTypeStandard:ServiceType"
kDS1AttrPicture Discussion:
Represents the path of the picture for each user displayed in the login window. Found in user records (kDSStdRecordTypeUsers).
kDS1AttrPicture "dsAttrTypeStandard:Picture"
kDSNAttrJPEGPhoto Discussion:
Used to store binary picture data in JPEG format. Found in user, people, and group records (kDSStdRecordTypeUsers, kDSStdRecordTypePeople, kDSStdRecordTypeGroups).
kDSNAttrJPEGPhoto "dsAttrTypeStandard:JPEGPhoto"
Mutivalued meta attribute data
kDSNAttrMetaNodeLocation "dsAttrTypeStandard:AppleMetaNodeLocation"
kDS1AttrAliasData "dsAttrTypeStandard:AppleAliasData"
Single Valued - checksum/meta data
kDS1AttrDataStamp "dsAttrTypeStandard:DataStamp"
kDS1AttrTotalSize "dsAttrTypeStandard:TotalSize"
Single Valued - data of Create, Modify, Backup time in UTC
kDS1AttrTimePackage "dsAttrTypeStandard:TimePackage"
Single Valued - alias attribute, contain pointer to another node/record/attribute
kDS1AttrAlias "dsAttrTypeStandard:Alias"
Single valued - used to get a "auth" credential, to be used to authenticate to other Directory nodes.
kDS1AttrAuthCredential "dsAttrTypeStandard:AuthCredential"
Single valued - Note attribute. Commonly used in printer records.
kDS1AttrNote "dsAttrTypeStandard:Note"
Single-valued attribute for definition of the Printer Make and Model. An example Value would be "HP LaserJet 2200". This would be used to determine the proper PPD file to be used when configuring a printer from the Directory. This attribute is based on the IPP Printing Specification RFC and IETF IPP-LDAP Printer Record.
kDS1AttrPrinterMakeAndModel "dsAttrTypeStandard:PrinterMakeAndModel"
Single-valued attribute that defines the URI of a printer "ipp://address" or "smb://server/queue". This is used when configuring a printer. This attribute is based on the IPP Printing Specification RFC and IETF IPP-LDAP Printer Record.
kDS1AttrPrinterURI "dsAttrTypeStandard:PrinterURI"
Multi-valued attribute that defines additional URIs supported by a printer. This is used when configuring a printer. This attribute is based on the IPP Printing Specification RFC and IETF IPP-LDAP Printer Record.
kDSNAttrPrinterXRISupported "dsAttrTypeStandard:PrinterXRISupported"
Single-valued attribute that defines the IEEE 1284 DeviceID of a
printer.
This is used when configuring a printer.
kDS1AttrPrinter1284DeviceID "dsAttrTypeStandard:Printer1284DeviceID"
Single valued - DNS Resolver domain attribute.
kDS1AttrDNSDomain "dsAttrTypeStandard:DNSDomain"
Single valued - DNS Resolver nameserver attribute.
kDS1AttrDNSNameServer "dsAttrTypeStandard:DNSNameServer"
KDC master key RSA encrypted with realm public
key.
kDSNAttrKDCAuthKey "dsAttrTypeStandard:KDCAuthKey"
Contents of the kdc.conf file.
kDS1AttrKDCConfigData "dsAttrTypeStandard:KDCConfigData"
Used with directory nodes so that clients can
discover the API capabilities for this Directory Node.
kDS1AttrUserCertificate Discussion:
Attribute containing the binary of the user's certificate. Usually found in
user records. The certificate is data which identifies a user. This data is
attested to by a known party, and can be independently verified by a third
party.
kDS1AttrUserCertificate "dsAttrTypeStandard:UserCertificate"
kDS1AttrUserSMIMECertificate Discussion:
Attribute containing the binary of the user's SMIME certificate. Usually
found in user records. The certificate is data which identifies a user. This
data is attested to by a known party, and can be independently verified by a
third party. SMIME certificates are often used for signed or encrypted
emails.
kDS1AttrUserSMIMECertificate "dsAttrTypeStandard:UserSMIMECertificate"
kDS1AttrUserPKCS12Data Discussion:
Attribute containing binary data in PKCS #12 format. Usually found in user
records. The value can contain keys, certificates, and other related
information and is encrypted with a passphrase.
kDS1AttrUserPKCS12Data "dsAttrTypeStandard:UserPKCS12Data"
kDS1AttrCACertificate Discussion:
Attribute containing the binary of the certificate of a certificate
authority. Its corresponding private key is used to sign certificates.
Usually found in kDSStdRecordTypeCertificateAuthority records.
kDS1AttrCACertificate "dsAttrTypeStandard:CACertificate"
kDS1AttrAuthorityRevocationList
Discussion: Attribute containing the binary of the authority
revocation list. A certificate revocation list that defines certificate
authority certificates which are no longer trusted. No user certificates are
included in this list.Usually found in kDSStdRecordTypeCertificateAuthority
records.
kDS1AttrAuthorityRevocationList "dsAttrTypeStandard:AuthorityRevocationList"
kDS1AttrCertificateRevocationList
Discussion: Attribute containing the binary of the certificate
revocation list. This is a list of certificates which are no longer trusted.
Usually found in kDSStdRecordTypeCertificateAuthority records.
kDS1AttrCertificateRevocationList "dsAttrTypeStandard:CertificateRevocationList"
kDS1AttrCrossCertificatePair Discussion:
Attribute containing the binary of a pair of certificates which verify each
other. Both certificates have the same level of authority. Usually found in
kDSStdRecordTypeCertificateAuthority records.
kDS1AttrCrossCertificatePair "dsAttrTypeStandard:CrossCertificatePair"
kDSNAttrAccessControlEntry Discussion:
Attribute type which stores directory access control directives.
kDSNAttrAccessControlEntry "dsAttrTypeStandard:AccessControlsEntry"
kDS1AttrCapabilities "dsAttrTypeStandard:Capabilities"
kDS1AttrCategory Discussion: The category
of an item used for browsing.
kDS1AttrCategory "dsAttrTypeStandard:Category"
can be found using dsGetDirNodeInfo and will return one of ReadOnly, ReadWrite, or WriteOnly strings note that ReadWrite does not imply fully readable or writable
kDS1AttrReadOnlyNode "dsAttrTypeStandard:ReadOnlyNode"
used with Search Node to "discover" the search path for this node
kDS1AttrSearchPath "dsAttrTypeStandard:SearchPath"
kDSNAttrSearchPath "dsAttrTypeStandard:SearchPath" used with Search Node to "discover" the search policy for this node
kDS1AttrSearchPolicy "dsAttrTypeStandard:SearchPolicy" used with Search Node to "discover" the possible search paths for this node
kDS1AttrNSPSearchPath "dsAttrTypeStandard:NSPSearchPath"
kDSNAttrNSPSearchPath "dsAttrTypeStandard:NSPSearchPath"
kDS1AttrLSPSearchPath "dsAttrTypeStandard:LSPSearchPath"
kDSNAttrLSPSearchPath "dsAttrTypeStandard:LSPSearchPath"
kDS1AttrCSPSearchPath "dsAttrTypeStandard:CSPSearchPath"
kDSNAttrCSPSearchPath "dsAttrTypeStandard:CSPSearchPath"
force the directory service to generate a binary
image of the record and all it's attributes.
kDS1AttrRecordImage "dsAttrTypeStandard:RecordImage"
Information (version, signature, about, credits..ect.) about the plug-in that is actually servicing a particular directory node.
kDSNAttrPlugInInfo "dsAttrTypeStandard:PlugInInfo"
Multivalued Attribute, list of names/keys for this record
kDSNAttrRecordName "dsAttrTypeStandard:RecordName"
Multivalued - list of attribute types
kDSNAttrSchema "dsAttrTypeStandard:Scheama"
Single Valued for a Record, Multi-valued for a Directory Node
kDSNAttrRecordType "dsAttrTypeStandard:RecordType"
kDSNAttrNodePath "dsAttrTypeStandard:NodePath"
kDSNAttrAuthMethod "dsAttrTypeStandard:AuthMethod"
kDSNAttrSetPasswdMethod "dsAttrTypeStandard:SetPasswdMethod"
// Multivalued - list of group records
kDSNAttrGroup "dsAttrTypeStandard:Group"
Multivalued - list of member records
kDSNAttrMember "dsAttrTypeStandard:Member"
kDSNAttrNestedGroups Discussion: Attribute
type in group records for the list of GUID values for nested groups.
kDSNAttrNestedGroups "dsAttrTypeStandard:NestedGroups"
kDSNAttrGroupMembers Discussion: Attribute
type in group records containing lists of GUID values for members other than
groups.
kDSNAttrGroupMembers "dsAttrTypeStandard:GroupMembers"
kDSNAttrURL "dsAttrTypeStandard:URL"
data contained in this attribute type is a fully qualified MIME Type.
kDSNAttrMIME "dsAttrTypeStandard:MIME"
kDSNAttrHTML "dsAttrTypeStandard:HTML"
kDSNAttrNBPEntry "dsAttrTypeStandard:NBPEntry"
kDSNAttrDNSName "dsAttrTypeStandard:DNSName"
kDSNAttrIPAddress "dsAttrTypeStandard:IPAddress"
kDSNAttrIPv6Address "dsAttrTypeStandard:IPv6Address"
kDS1AttrENetAddress Discussion:
Single-valued attribute for hardware Ethernet address (MAC address). Found in machine records (kDSStdRecordTypeMachines) and computer records (kDSStdRecordTypeComputers).
kDS1AttrENetAddress "dsAttrTypeStandard:ENetAddress"
kDS1AttrBootFile Discussion:
Attribute type in host or machine records for the name of the kernel that this machine will use by default when NetBooting.
kDS1AttrBootFile "dsAttrTypeStandard:BootFile"
kDSNAttrBootParams Discussion:
Attribute type in host or machine records for storing boot params.
kDSNAttrBootParams "dsAttrTypeStandard:BootParams"
kDS1AttrContactPerson Discussion:
Attribute type for the contact person of the machine. Found in host or machine records.
kDS1AttrContactPerson "dsAttrTypeStandard:ContactPerson"
kDSNAttrMachineServes Discussion
Attribute type in host or machine records for storing NetInfo domains served.
kDSNAttrMachineServes "dsAttrTypeStandard:MachineServes"
kDSNAttrNetGroups Discussion:
Attribute type that indicates which netgroups its record is a member of. Found in user, host, and netdomain records.
kDSNAttrNetGroups "dsAttrTypeStandard:NetGroups"
kDSNAttrPGPPublicKey "dsAttrTypeStandard:PGPPublicKey"
kDSNAttrEMailAddress "dsAttrTypeStandard:EMailAddress"
kDSNAttrAreaCode "dsAttrTypeStandard:AreaCode"
kDSNAttrPhoneNumber "dsAttrTypeStandard:PhoneNumber"
kDSNAttrHomePhoneNumber "dsAttrTypeStandard:HomePhoneNumber"
kDSNAttrPostalAddress "dsAttrTypeStandard:PostalAddress"
kDSNAttrOrganizationName "dsAttrTypeStandard:OrganizationName"
kDSNAttrAddressLine1 "dsAttrTypeStandard:AddressLine1"
kDSNAttrAddressLine2 "dsAttrTypeStandard:AddressLine2"
kDSNAttrAddressLine3 "dsAttrTypeStandard:AddressLine3"
kDSNAttrCity "dsAttrTypeStandard:City"
kDSNAttrState "dsAttrTypeStandard:State"
kDSNAttrPostalCode "dsAttrTypeStandard:PostalCode"
used for Setup Assistant automatic population
kDS1AttrSetupOccupation "dsAttrTypeStandard:Occupation"
kDS1AttrSetupLocation "dsAttrTypeStandard:SetupAssistantLocation"
kDS1AttrSetupAdvertising "dsAttrTypeStandard:SetupAssistantAdvertising"
kDS1AttrSetupAutoRegister "dsAttrTypeStandard:SetupAssistantAutoRegister"
kDS1AttrMCXSettings "dsAttrTypeStandard:MCXSettings"
kDSNAttrMCXSettings "dsAttrTypeStandard:MCXSettings"
kDS1AttrMCXFlags "dsAttrTypeStandard:MCXFlags"
kDSNAttrComputers "dsAttrTypeStandard:Computers"
kDS1AttrPrintServiceInfoXML "dsAttrTypeStandard:PrintServiceInfoXML"
kDS1AttrPrintServiceInfoText "dsAttrTypeStandard:PrintServiceInfoText"
kDS1AttrPrintServiceUserData
Discussion:
Single-valued attribute for print quota configuration or statistics (XML data). Found in user records (kDSStdRecordTypeUsers) or print service statistics records (kDSStdRecordTypePrintServiceUser).
kDS1AttrPrintServiceUserData "dsAttrTypeStandard:PrintServiceUserData"
kDS1AttrNeighborhoodType Discussion:
Attribute type in Neighborhood records describing their function.
kDS1AttrNeighborhoodType "dsAttrTypeStandard:NeighborhoodType"
kDS1AttrNetworkView Discussion: The name
of the managed network view a computer should use for browsing.
kDS1AttrNetworkView "dsAttrTypeStandard:NetworkView"
kDSNAttrNeighborhoodAlias Discussion:
Attribute type in Neighborhood records describing sub-neighborhood
records.
kDSNAttrNeighborhoodAlias "dsAttrTypeStandard:NeighborhoodAlias"
kDSNAttrComputerAlias Discussion:
Attribute type in Neighborhood records describing computer records pointed
to by this neighborhood.
kDSNAttrComputerAlias "dsAttrTypeStandard:ComputerAlias"
kDS1AttrWeblogURI Discussion:
Single-valued attribute that defines the URI of a user's weblog. Usually
found in user or person records (kDSStdRecordTypeUsers,
kDSStdRecordTypePeople). Example: http://example.com/blog/jsmith
kDS1AttrWeblogURI "dsAttrTypeStandard:WeblogURI"
kDSNAttrNodePathXMLPlist Discussion:
Attribute type in Neighborhood records describing the DS Node to search
while looking up aliases in this neighborhood.
kDSNAttrNodePathXMLPlist "dsAttrTypeStandard:NodePathXMLPlist"
kDSValueNSLTopLevelNeighborhoodType
Discussion: Value type of Neighborhood record
kDSValueNSLTopLevelNeighborhoodType "NSLTopLevelNeighborhoodType"
kDSValueNSLStaticNeighborhoodType
Discussion: Value type of Neighborhood record
kDSValueNSLStaticNeighborhoodType "NSLStaticNeighborhoodType"
kDSValueNSLDynamicNeighborhoodType
Discussion: Value type of Neighborhood record
kDSValueNSLDynamicNeighborhoodType "NSLDynamicNeighborhoodType"
kDSValueNSLLocalNeighborhoodType
Discussion: Value type of Neighborhood record
kDSValueNSLLocalNeighborhoodType "NSLLocalNeighborhoodType"
kDS1AttrBirthday "dsAttrTypeStandard:Birthday"
kDS1AttrCapacity "dsAttrTypeStandard:Capacity"
kDS1AttrContactGUID "dsAttrTypeStandard:ContactGUID"
kDS1AttrOwnerGUID "dsAttrTypeStandard:OwnerGUID"
kDSNAttrCompany "dsAttrTypeStandard:Company"
kDSNAttrEMailContacts "dsAttrTypeStandard:EMailContacts"
kDSNAttrGroupServices "dsAttrTypeStandard:GroupServices"
kDSNAttrMapCoordinates "dsAttrTypeStandard:MapCoordinates"
kDS1AttrMapGUID "dsAttrTypeStandard:MapGUID"
kDSNAttrMapURI "dsAttrTypeStandard:MapURI"
kDSNAttrPhoneContacts "dsAttrTypeStandard:PhoneContacts"
kDSNAttrPostalAddressContacts "dsAttrTypeStandard:PostalAddressContacts"
kDSNAttrRelationships "dsAttrTypeStandard:Relationships"
kDSNAttrResourceInfo "dsAttrTypeStandard:ResourceInfo"
kDSNAttrResourceType "dsAttrTypeStandard:ResourceType"
kDSNAttrServicesLocator "dsAttrTypeStandard:ServicesLocator"
kDSNAttrOrganizationInfo "dsAttrTypeStandard:OrganizationInfo"