001/*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License").  You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
010 * or http://forgerock.org/license/CDDLv1.0.html.
011 * See the License for the specific language governing permissions
012 * and limitations under the License.
013 *
014 * When distributing Covered Code, include this CDDL HEADER in each
015 * file and include the License file at legal-notices/CDDLv1_0.txt.
016 * If applicable, add the following below this CDDL HEADER, with the
017 * fields enclosed by brackets "[]" replaced with your own identifying
018 * information:
019 *      Portions Copyright [yyyy] [name of copyright owner]
020 *
021 * CDDL HEADER END
022 *
023 *
024 *      Copyright 2006-2010 Sun Microsystems, Inc.
025 *      Portions copyright 2011-2015 ForgeRock AS
026 */
027package org.opends.server.config;
028
029import java.io.File;
030
031import org.opends.server.types.SSLClientAuthPolicy;
032
033/**
034 * This class defines a number of constants used by the Directory Server
035 * configuration, including configuration attribute and objectclass names,
036 * and attribute options.
037 */
038@org.opends.server.types.PublicAPI(
039     stability=org.opends.server.types.StabilityLevel.VOLATILE,
040     mayInstantiate=false,
041     mayExtend=false,
042     mayInvoke=true)
043public final class ConfigConstants
044{
045  /**
046   * The prefix that will be applied to all custom attribute and objectclass
047   * names used for holding information about a Directory Server backup.
048   */
049  public static final String NAME_PREFIX_BACKUP = "ds-backup-";
050
051
052
053  /**
054   * The prefix that will be applied to all custom attribute and objectclass
055   * names in the Directory Server configuration.
056   */
057  public static final String NAME_PREFIX_CFG = "ds-cfg-";
058
059
060
061  /**
062   * The prefix that will be applied to all custom operational attributes used
063   * for holding password policy state information.
064   */
065  public static final String NAME_PREFIX_PWP = "ds-pwp-";
066
067
068
069  /**
070   * The prefix that will be applied to all custom attributes and objectclasses
071   * for holding recurring task information.
072   */
073  public static final String NAME_PREFIX_RECURRING_TASK = "ds-recurring-task-";
074
075
076
077  /**
078   * The prefix that will be applied to all custom operational attributes used
079   * for holding resource limit information.
080   */
081  public static final String NAME_PREFIX_RLIM = "ds-rlim-";
082
083
084
085  /**
086   * The prefix that will be applied to all custom attributes and objectclasses
087   * for holding task information.
088   */
089  public static final String NAME_PREFIX_TASK = "ds-task-";
090
091
092
093  /**
094   * The name of the configuration attribute that specifies the backlog to use
095   * when accepting new connections.
096   */
097  public static final String ATTR_ACCEPT_BACKLOG =
098       "ds-cfg-accept-backlog";
099
100
101
102  /**
103   * The default accept backlog to use if no value is given.
104   */
105  public static final int DEFAULT_ACCEPT_BACKLOG = 128;
106
107
108
109  /**
110   * The name of the configuration attribute that holds the fully-qualified name
111   * for the account status notification handler class.
112   */
113  public static final String ATTR_ACCT_NOTIFICATION_HANDLER_CLASS =
114       "ds-cfg-java-class";
115
116
117
118  /**
119   * The name of the configuration attribute that indicates whether an account
120   * status notification handler is enabled.
121   */
122  public static final String ATTR_ACCT_NOTIFICATION_HANDLER_ENABLED =
123       "ds-cfg-enabled";
124
125
126
127  /**
128   * The name of the configuration attribute that specifies the set of account
129   * status notification types that should trigger notifications.
130   */
131  public static final String ATTR_ACCT_NOTIFICATION_TYPE =
132       "ds-cfg-account-status-notification-type";
133
134
135
136  /**
137   * The name of the configuration attribute that indicates whether to
138   * automatically add missing RDN attributes or to return an error response to
139   * the client.
140   */
141  public static final String ATTR_ADD_MISSING_RDN_ATTRS =
142       "ds-cfg-add-missing-rdn-attributes";
143
144
145
146  /**
147   * The name of the configuration attribute that specifies the class that will
148   * be used for an alert handler.
149   */
150  public static final String ATTR_ALERT_HANDLER_CLASS =
151       "ds-cfg-java-class";
152
153
154
155  /**
156   * The name of the configuration attribute that indicates whether an alert
157   * handler is enabled.
158   */
159  public static final String ATTR_ALERT_HANDLER_ENABLED =
160       "ds-cfg-enabled";
161
162
163
164  /**
165   * The name of the configuration attribute that indicates whether it will be
166   * possible to allow exceptions to the strict attribute naming restrictions.
167   */
168  public static final String ATTR_ALLOW_ATTRIBUTE_NAME_EXCEPTIONS =
169       "ds-cfg-allow-attribute-name-exceptions";
170
171
172
173  /**
174   * The name of the configuration attribute that indicates which clients
175   * should be allowed to establish connections.
176   */
177  public static final String ATTR_ALLOWED_CLIENT =
178       "ds-cfg-allowed-client";
179
180
181
182  /**
183   * The name of the configuration attribute that indicates whether LDAPv2
184   * clients will be allowed to access the server.
185   */
186  public static final String ATTR_ALLOW_LDAPV2 =
187       "ds-cfg-allow-ldap-v2";
188
189
190
191  /**
192   * The default policy that should be used for accepting LDAPv2 connections if
193   * it is not defined in the configuration.
194   */
195  public static final boolean DEFAULT_ALLOW_LDAPV2 = true;
196
197
198
199  /**
200   * The name of the configuration attribute that indicates whether the server
201   * socket should have the SO_REUSEADDR socket option set.
202   */
203  public static final String ATTR_ALLOW_REUSE_ADDRESS =
204       "ds-cfg-allow-tcp-reuse-address";
205
206
207
208  /**
209   * The default policy for using the SO_REUSEADDR socket option if it is not
210   * specified in the configuration.
211   */
212  public static final boolean DEFAULT_ALLOW_REUSE_ADDRESS = true;
213
214
215
216  /**
217   * The name of the configuration attribute that specifies one or more
218   * alternate bind DNs for a root user.
219   */
220  public static final String ATTR_ROOTDN_ALTERNATE_BIND_DN =
221       "ds-cfg-alternate-bind-dn";
222
223
224
225  /**
226   * The name of the configuration attribute that indicates whether the root DSE
227   * should treat all attributes as user attributes or if it should treat them
228   * as per their definition in the schema.
229   */
230  public static final String ATTR_ROOTDSE_SHOW_ALL_ATTRIBUTES =
231       "ds-cfg-show-all-attributes";
232
233
234
235  /**
236   * The default value that will be used regarding treating all root DSE
237   * attributes as user attributes if it is not defined in the configuration.
238   */
239  public static final boolean DEFAULT_ROOTDSE_SHOW_ALL_ATTRIBUTES = false;
240
241
242
243  /**
244   * The name of the configuration attribute that indicates whether the
245   * subschema entry should treat all attributes as user attributes or if it
246   * should treat them as per their definition in the schema.
247   */
248  public static final String ATTR_SCHEMA_SHOW_ALL_ATTRIBUTES =
249       "ds-cfg-show-all-attributes";
250
251
252
253  /**
254   * The default value that will be used regarding treating all subschema entry
255   * attributes as user attributes if it is not defined in the configuration.
256   */
257  public static final boolean DEFAULT_SCHEMA_SHOW_ALL_ATTRIBUTES = false;
258
259
260
261  /**
262   * The name of the configuration attribute that indicates whether to allow
263   * clients to use the startTLS extended operation.
264   */
265  public static final String ATTR_ALLOW_STARTTLS =
266       "ds-cfg-allow-start-tls";
267
268
269
270  /**
271   * The default configuration that specifies whether to allow startTLS
272   * operations if it is not defined in the server configuration.
273   */
274  public static final boolean DEFAULT_ALLOW_STARTTLS = false;
275
276
277
278  /**
279   * The name of the configuration attribute that indicates whether to allow the
280   * use of zero-length values in attributes with the directory string syntax.
281   */
282  public static final String ATTR_ALLOW_ZEROLENGTH_DIRECTORYSTRINGS =
283       "ds-cfg-allow-zero-length-values";
284
285
286
287  /**
288   * The default configuration that specifies whether to allow zero-length
289   * directory string values if it is not defined in the server configuration.
290   */
291  public static final boolean DEFAULT_ALLOW_ZEROLENGTH_DIRECTORYSTRINGS = false;
292
293
294
295  /**
296   * The name of the configuration attribute that holds the set of attribute
297   * type definitions in the server schema, formatted in camelCase.
298   */
299  public static final String ATTR_ATTRIBUTE_TYPES = "attributeTypes";
300
301
302
303  /**
304   * The name of the configuration attribute that holds the set of attribute
305   * type definitions in the server schema, formatted in all lowercase.
306   */
307  public static final String ATTR_ATTRIBUTE_TYPES_LC = "attributetypes";
308
309
310
311  /**
312   * The name of the configuration attribute that specifies the base DN(s) for a
313   * backend.
314   */
315  public static final String ATTR_BACKEND_BASE_DN =
316       "ds-cfg-base-dn";
317
318
319
320  /**
321   * The name of the configuration attribute that holds the fully-qualified name
322   * of the Java class for a backend implementation.
323   */
324  public static final String ATTR_BACKEND_CLASS =
325       "ds-cfg-java-class";
326
327
328
329  /**
330   * The name of the configuration attribute that indicates whether a particular
331   * backend is enabled.
332   */
333  public static final String ATTR_BACKEND_ENABLED =
334       "ds-cfg-enabled";
335
336
337
338  /**
339   * The name of the configuration attribute that specifies the unique ID for a
340   * backend.
341   */
342  public static final String ATTR_BACKEND_ID = "ds-cfg-backend-id";
343
344
345
346  /**
347   * The name of the configuration attribute that specifies the writability mode
348   * for a backend.
349   */
350  public static final String ATTR_BACKEND_WRITABILITY_MODE =
351       "ds-cfg-writability-mode";
352
353
354
355  /**
356   * The name of the configuration attribute that holds the DN of the backend
357   * configuration entry with which a backup directory is associated.
358   */
359  public static final String ATTR_BACKUP_BACKEND_DN =
360       NAME_PREFIX_BACKUP + "backend-dn";
361
362
363
364  /**
365   * The name of the configuration attribute that indicates whether a backup is
366   * compressed.
367   */
368  public static final String ATTR_BACKUP_COMPRESSED =
369       NAME_PREFIX_BACKUP + "compressed";
370
371
372
373  /**
374   * The name of the configuration attribute that holds the date that a backup
375   * was made.
376   */
377  public static final String ATTR_BACKUP_DATE = NAME_PREFIX_BACKUP + "date";
378
379
380
381  /**
382   * The name of the configuration attribute that holds the set of dependencies
383   * for a backup.
384   */
385  public static final String ATTR_BACKUP_DEPENDENCY =
386       NAME_PREFIX_BACKUP + "dependency";
387
388
389
390  /**
391   * The name of the configuration attribute that holds the list of default
392   * backup directories to search when using the backup backend.
393   */
394  public static final String ATTR_BACKUP_DIR_LIST =
395       "ds-cfg-backup-directory";
396
397
398
399  /**
400   * The name of the configuration attribute that holds the path to a backup
401   * directory.
402   */
403  public static final String ATTR_BACKUP_DIRECTORY_PATH =
404       NAME_PREFIX_BACKUP + "directory-path";
405
406
407
408  /**
409   * The name of the configuration attribute that indicates whether a backup is
410   * encrypted.
411   */
412  public static final String ATTR_BACKUP_ENCRYPTED =
413       NAME_PREFIX_BACKUP + "encrypted";
414
415
416
417  /**
418   * The name of the configuration attribute that holds the backup ID.
419   */
420  public static final String ATTR_BACKUP_ID = NAME_PREFIX_BACKUP + "id";
421
422
423
424  /**
425   * The name of the configuration attribute that indicates whether a backup is
426   * an incremental backup.
427   */
428  public static final String ATTR_BACKUP_INCREMENTAL =
429       NAME_PREFIX_BACKUP + "incremental";
430
431
432
433  /**
434   * The name of the configuration attribute that holds the signed hash for a
435   * backup.
436   */
437  public static final String ATTR_BACKUP_SIGNED_HASH =
438       NAME_PREFIX_BACKUP + "signed-hash";
439
440
441
442  /**
443   * The name of the configuration attribute that holds the unsigned hash for a
444   * backup.
445   */
446  public static final String ATTR_BACKUP_UNSIGNED_HASH =
447       NAME_PREFIX_BACKUP + "unsigned-hash";
448
449
450
451  /**
452   * The name of the configuration attribute that indicates whether simple binds
453   * containing a DN must also contain a password.
454   */
455  public static final String ATTR_BIND_WITH_DN_REQUIRES_PW =
456       "ds-cfg-bind-with-dn-requires-password";
457
458
459
460  /**
461   * The default value for the bind with DN requires password configuration
462   * attribute.
463   */
464  public static final boolean DEFAULT_BIND_WITH_DN_REQUIRES_PW = true;
465
466
467
468  /**
469   * The name of the configuration attribute that indicates whether an
470   * unauthenticated request should be rejected.
471   */
472  public static final String ATTR_REJECT_UNAUTHENTICATED_REQ =
473       "ds-cfg-reject-unauthenticated-requests";
474
475
476  /**
477   * The default value for the reject unauthenticated request attribute.
478   */
479  public static final boolean DEFAULT_REJECT_UNAUTHENTICATED_REQ = false;
480
481
482
483  /**
484   * The name of the configuration attribute that holds the name of the
485   * attribute type that should be used when mapping a certificate fingerprint
486   * to a user entry.
487   */
488  public static final String ATTR_CERTIFICATE_FINGERPRINT_ATTR =
489       "ds-cfg-fingerprint-attribute";
490
491
492
493  /**
494   * The name of the configuration attribute that holds the name of the
495   * algorithm that should be used to generate the certificate fingerprint.
496   */
497  public static final String ATTR_CERTIFICATE_FINGERPRINT_ALGORITHM =
498       "ds-cfg-fingerprint-algorithm";
499
500
501
502  /**
503   * The name of the configuration attribute that holds the name of the
504   * attribute type that should be used when mapping a certificate subject to a
505   * user entry.
506   */
507  public static final String ATTR_CERTIFICATE_SUBJECT_ATTR =
508       "ds-cfg-subject-attribute";
509
510
511
512  /**
513   * The name of the configuration attribute that holds the name of the
514   * attribute type that should be used when mapping attributes in a certificate
515   * subject to a user entry.
516   */
517  public static final String ATTR_CERTIFICATE_SUBJECT_ATTR_MAP =
518       "ds-cfg-subject-attribute-mapping";
519
520
521
522  /**
523   * The name of the configuration attribute that holds the name of the
524   * attribute type that should be used when mapping a certificate subject to a
525   * user entry.
526   */
527  public static final String ATTR_CERTIFICATE_SUBJECT_BASEDN =
528       "ds-cfg-user-base-dn";
529
530
531
532  /**
533   * The name of the configuration attribute that holds the fully-qualified name
534   * of the Java class for the certificate mapper implementation.
535   */
536  public static final String ATTR_CERTMAPPER_CLASS =
537       "ds-cfg-java-class";
538
539
540
541  /**
542   * The name of the configuration attribute that holds the DN of a certificate
543   * mapper configuration entry.
544   */
545  public static final String ATTR_CERTMAPPER_DN =
546       "ds-cfg-certificate-mapper";
547
548
549
550  /**
551   * The name of the configuration attribute that indicates whether the
552   * certificate mapper is enabled.
553   */
554  public static final String ATTR_CERTMAPPER_ENABLED =
555       "ds-cfg-enabled";
556
557
558
559  /**
560   * The name of the configuration attribute that indicates whether schema
561   * checking should be enabled in the server.
562   */
563  public static final String ATTR_CHECK_SCHEMA =
564       "ds-cfg-check-schema";
565
566
567
568  /**
569   * The name of the configuration attribute that specifies the manner in which
570   * SSL client certificates may be validated against certificates in the
571   * corresponding user's entry during SASL EXTERNAL authentication.
572   */
573  public static final String ATTR_CLIENT_CERT_VALIDATION_POLICY =
574       "ds-cfg-certificate-validation-policy";
575
576
577
578  /**
579   * The name of the configuration attribute that holds the fully-qualified name
580   * of the Java class for the connection handler implementation.
581   */
582  public static final String ATTR_CONNECTION_HANDLER_CLASS =
583       "ds-cfg-java-class";
584
585
586
587  /**
588   * The name of the configuration attribute that indicates whether a particular
589   * connection handler is enabled.
590   */
591  public static final String ATTR_CONNECTION_HANDLER_ENABLED =
592       "ds-cfg-enabled";
593
594
595
596  /**
597   * The name of the configuration attribute that specifies the DN of the
598   * default password policy for the Directory Server.
599   */
600  public static final String ATTR_DEFAULT_PWPOLICY_DN =
601       "ds-cfg-default-password-policy";
602
603
604
605  /**
606   * The name of the configuration attribute that specifies the set of
607   * privileges that root users should automatically be granted in the server.
608   */
609  public static final String ATTR_DEFAULT_ROOT_PRIVILEGE_NAME =
610       "ds-cfg-default-root-privilege-name";
611
612
613
614  /**
615   * The name of the configuration attribute that indicates which clients
616   * should not be allowed to establish connections.
617   */
618  public static final String ATTR_DENIED_CLIENT =
619       "ds-cfg-denied-client";
620
621
622
623  /**
624   * The name of the configuration attribute that specifies the realm that
625   * should be used for DIGEST-MD5 authentication.
626   */
627  public static final String ATTR_DIGESTMD5_REALM = "ds-cfg-realm";
628
629
630
631  /**
632   * The name of the attribute that is used to hold the DIT content rule
633   * definitions in the server schema, formatted in camelCase.
634   */
635  public static final String ATTR_DIT_CONTENT_RULES = "dITContentRules";
636
637
638
639  /**
640   * The name of the attribute that is used to hold the DIT content rule
641   * definitions in the server schema, formatted in all lowercase.
642   */
643  public static final String ATTR_DIT_CONTENT_RULES_LC = "ditcontentrules";
644
645
646
647  /**
648   * The name of the attribute that is used to hold the DIT structure rule
649   * definitions in the server schema, formatted in camelCase.
650   */
651  public static final String ATTR_DIT_STRUCTURE_RULES = "dITStructureRules";
652
653
654
655  /**
656   * The name of the attribute that is used to hold the DIT structure rule
657   * definitions in the server schema, formatted in all lowercase.
658   */
659  public static final String ATTR_DIT_STRUCTURE_RULES_LC = "ditstructurerules";
660
661
662
663  /**
664   * The name of the configuration attribute that holds the fully-qualified name
665   * of the Java class for the entry cache implementation.
666   */
667  public static final String ATTR_ENTRYCACHE_CLASS =
668       "ds-cfg-java-class";
669
670
671
672  /**
673   * The name of the configuration attribute that indicates whether the entry
674   * cache is enabled.
675   */
676  public static final String ATTR_ENTRYCACHE_ENABLED =
677       "ds-cfg-enabled";
678
679
680
681  /**
682   * The name of the configuration attribute that holds the fully-qualified name
683   * for the extended operation handler class.
684   */
685  public static final String ATTR_EXTOP_CLASS =
686       "ds-cfg-java-class";
687
688
689
690  /**
691   * The name of the configuration attribute that indicates whether an extended
692   * operation handler should be enabled.
693   */
694  public static final String ATTR_EXTOP_ENABLED =
695       "ds-cfg-enabled";
696
697
698
699  /**
700   * The name of the configuration attribute that contains a set of search
701   * filters to use to determine which entries should be excluded from the
702   * cache.
703   */
704  public static final String ATTR_FIFOCACHE_EXCLUDE_FILTER =
705       "ds-cfg-exclude-filter";
706
707
708
709  /**
710   * The name of the configuration attribute that contains a set of search
711   * filters to use to determine which entries should be included in the cache.
712   */
713  public static final String ATTR_FIFOCACHE_INCLUDE_FILTER =
714       "ds-cfg-include-filter";
715
716
717
718  /**
719   * The name of the configuration attribute that indicates the maximum length
720   * of time in milliseconds to spend trying to acquire a lock for an entry in
721   * the cache.
722   */
723  public static final String ATTR_FIFOCACHE_LOCK_TIMEOUT =
724       "ds-cfg-lock-timeout";
725
726
727
728  /**
729   * The default value for the entry cache lockout timeout that will be used if
730   * no other value is specified.
731   */
732  public static final long DEFAULT_FIFOCACHE_LOCK_TIMEOUT = 2000L;
733
734
735
736  /**
737   * The name of the configuration attribute that indicates the maximum number
738   * of entries that the FIFO entry cache will be allowed to hold.
739   */
740  public static final String ATTR_FIFOCACHE_MAX_ENTRIES =
741       "ds-cfg-max-entries";
742
743
744
745  /**
746   * The default value for the entry cache max entries that will be used if no
747   * other value is specified.
748   */
749  public static final long DEFAULT_FIFOCACHE_MAX_ENTRIES = Long.MAX_VALUE;
750
751
752
753  /**
754   * The name of the configuration attribute that indicates the maximum
755   * percentage of available memory in the JVM that the FIFO entry cache will be
756   * allowed to consume.
757   */
758  public static final String ATTR_FIFOCACHE_MAX_MEMORY_PCT =
759       "ds-cfg-max-memory-percent";
760
761
762
763  /**
764   * The default value for the entry cache max memory percent that will be used
765   * if no other value is specified.
766   */
767  public static final int DEFAULT_FIFOCACHE_MAX_MEMORY_PCT = 90;
768
769
770  /**
771   * The name of the configuration attribute that contains a set of search
772   * filters to use to determine which entries should be excluded from the
773   * cache.
774   */
775  public static final String ATTR_FSCACHE_EXCLUDE_FILTER =
776       "ds-cfg-exclude-filter";
777
778  /**
779   * The name of the configuration attribute that contains a set of search
780   * filters to use to determine which entries should be included in the cache.
781   */
782  public static final String ATTR_FSCACHE_INCLUDE_FILTER =
783       "ds-cfg-include-filter";
784
785  /**
786   * The name of the configuration attribute that indicates the maximum length
787   * of time in milliseconds to spend trying to acquire a lock for an entry in
788   * the cache.
789   */
790  public static final String ATTR_FSCACHE_LOCK_TIMEOUT =
791       "ds-cfg-lock-timeout";
792
793  /**
794   * The default value for the entry cache lockout timeout that will be used if
795   * no other value is specified.
796   */
797  public static final long DEFAULT_FSCACHE_LOCK_TIMEOUT = 2000L;
798
799  /**
800   * The name of the configuration attribute that indicates the maximum number
801   * of entries that the FIFO entry cache will be allowed to hold.
802   */
803  public static final String ATTR_FSCACHE_MAX_ENTRIES =
804       "ds-cfg-max-entries";
805
806  /**
807   * The default value for the entry cache max entries that will be used if no
808   * other value is specified.
809   */
810  public static final long DEFAULT_FSCACHE_MAX_ENTRIES = Long.MAX_VALUE;
811
812  /**
813   * The name of the configuration attribute that indicates the maximum
814   * memory size of the FS entry cache.
815   */
816  public static final String ATTR_FSCACHE_MAX_MEMORY_SIZE =
817       "ds-cfg-max-memory-size";
818
819  /**
820   * The name of the configuration attribute that specifies the entry cache JE
821   * environment home.
822   */
823  public static final String ATTR_FSCACHE_HOME =
824      "ds-cfg-cache-directory";
825
826  /**
827   * The default value for the entry cache JE environment home that will be used
828   * if no other value is specified.
829   */
830  public static final String DEFAULT_FSCACHE_HOME = "/tmp/OpenDS.FSCache";
831
832  /**
833   * The name of the configuration attribute that indicates the maximum
834   * available space in bytes in the file system that JE cache will be
835   * allowed to consume.
836   */
837  public static final String ATTR_FSCACHE_JE_CACHE_SIZE =
838       "ds-cfg-db-cache-size";
839
840  /**
841   * The default value for the JE cache size in bytes that will be used
842   * if no other value is specified.
843   */
844  public static final long DEFAULT_FSCACHE_JE_CACHE_SIZE = 0;
845
846  /**
847   * The name of the configuration attribute that indicates the maximum
848   * available memory percent that JE cache can consume.
849   */
850  public static final String ATTR_FSCACHE_JE_CACHE_PCT =
851       "ds-cfg-db-cache-percent";
852
853  /**
854   * The default value for the JE cache size percent that will be used
855   * if no other value is specified.
856   */
857  public static final int DEFAULT_FSCACHE_JE_CACHE_PCT = 0;
858
859  /**
860   * The name of the configuration attribute that indicates whether
861   * file system entry cache is configured as persistent or not.
862   */
863  public static final String ATTR_FSCACHE_IS_PERSISTENT =
864       "ds-cfg-persistent-cache";
865
866  /**
867   * The default value to indicate whether the cache is persistent or not.
868   */
869  public static final boolean DEFAULT_FSCACHE_IS_PERSISTENT = false;
870
871  /**
872   * The default value to indicate which cache type to use.
873   */
874  public static final String DEFAULT_FSCACHE_TYPE = "FIFO";
875
876  /**
877   * The name of the configuration attribute that indicates which
878   * cache type will be used.
879   */
880  public static final String ATTR_FSCACHE_TYPE =
881       "ds-cfg-cache-type";
882
883  /**
884   * The name of the configuration attribute that specifies the fully-qualified
885   * class name for a group implementation.
886   */
887  public static final String ATTR_GROUP_IMPLEMENTATION_CLASS =
888       "ds-cfg-java-class";
889
890
891
892  /**
893   * The name of the configuration attribute that indicates whether a group
894   * implementation should be enabled for use in the server.
895   */
896  public static final String ATTR_GROUP_IMPLEMENTATION_ENABLED =
897       "ds-cfg-enabled";
898
899
900
901  /**
902   * The name of the configuration attribute that holds the address of the KDC
903   * to use when processing SASL GSSAPI binds.
904   */
905  public static final String ATTR_GSSAPI_KDC = "ds-cfg-kdc-address";
906
907
908
909  /**
910   * The name of the configuration attribute that holds the path to the Kerberos
911   * keytab file to use when processing SASL GSSAPI binds.
912   */
913  public static final String ATTR_GSSAPI_KEYTAB_FILE =
914       "ds-cfg-keytab";
915
916
917
918  /**
919   * The name of the configuration attribute that holds the default Kerberos
920   * realm to use when processing SASL GSSAPI binds.
921   */
922  public static final String ATTR_GSSAPI_REALM = "ds-cfg-realm";
923
924
925
926  /**
927   * The name of the configuration attribute that holds the fully-qualified name
928   * of an identity mapper class.
929   */
930  public static final String ATTR_IDMAPPER_CLASS =
931       "ds-cfg-java-class";
932
933
934
935  /**
936   * The name of the configuration attribute that holds the DN of an identity
937   * mapper configuration entry.
938   */
939  public static final String ATTR_IDMAPPER_DN =
940       "ds-cfg-identity-mapper";
941
942
943
944  /**
945   * The name of the configuration attribute that indicates whether an identity
946   * mapper is enabled.
947   */
948  public static final String ATTR_IDMAPPER_ENABLED =
949       "ds-cfg-enabled";
950
951
952
953  /**
954   * The name of the configuration attribute that defines the behavior that the
955   * server should use when a value is encountered that does not conform to the
956   * associated attribute syntax.
957   */
958  public static final String ATTR_INVALID_SYNTAX_BEHAVIOR =
959       "ds-cfg-invalid-attribute-syntax-behavior";
960
961
962
963  /**
964   * The name of the configuration attribute that defines the behavior that the
965   * server should use when an entry is encountered that does not contain
966   * exactly one structural objectclass.
967   */
968  public static final String ATTR_SINGLE_STRUCTURAL_CLASS_BEHAVIOR =
969       "ds-cfg-single-structural-objectclass-behavior";
970
971
972
973  /**
974   * The name of the configuration attribute that holds the set of attribute
975   * syntax definitions in the server schema, formatted in camelCase.
976   */
977  public static final String ATTR_LDAP_SYNTAXES = "ldapSyntaxes";
978
979
980
981  /**
982   * The name of the configuration attribute that holds the set of attribute
983   * syntax definitions in the server schema, formatted in all lowercase.
984   */
985  public static final String ATTR_LDAP_SYNTAXES_LC = "ldapsyntaxes";
986
987
988
989  /**
990   * The name of the configuration attribute that indicates whether the LDAP
991   * connection handler should keep statistical information.
992   */
993  public static final String ATTR_KEEP_LDAP_STATS =
994       "ds-cfg-keep-stats";
995
996
997
998  /**
999   * Indicates whether the LDAP connection handler should keep statistical
1000   * information by default.
1001   */
1002  public static final boolean DEFAULT_KEEP_LDAP_STATS = true;
1003
1004
1005
1006  /**
1007   * The name of the configuration attribute that specifies the fully-qualified
1008   * name of the class to use as the key manager provider.
1009   */
1010  public static final String ATTR_KEYMANAGER_CLASS =
1011       "ds-cfg-java-class";
1012
1013
1014
1015  /**
1016   * The name of the configuration attribute that specifies the DN of the
1017   * configuration entry for the key manager provider.
1018   */
1019  public static final String ATTR_KEYMANAGER_DN =
1020       "ds-cfg-key-manager-provider";
1021
1022
1023
1024  /**
1025   * The name of the configuration attribute that indicates whether the key
1026   * manager provider should be enabled.
1027   */
1028  public static final String ATTR_KEYMANAGER_ENABLED =
1029       "ds-cfg-enabled";
1030
1031
1032
1033  /**
1034   * The name of the configuration attribute that specifies the path to the
1035   * keystore file.
1036   */
1037  public static final String ATTR_KEYSTORE_FILE =
1038       "ds-cfg-key-store-file";
1039
1040
1041
1042  /**
1043   * The name of the configuration attribute that specifies the PIN needed to
1044   * access the keystore.
1045   */
1046  public static final String ATTR_KEYSTORE_PIN =
1047       "ds-cfg-key-store-pin";
1048
1049
1050
1051  /**
1052   * The name of the configuration attribute that specifies the name of the
1053   * environment variable containing the PIN needed to access the keystore.
1054   */
1055  public static final String ATTR_KEYSTORE_PIN_ENVAR =
1056       "ds-cfg-key-store-pin-environment-variable";
1057
1058
1059
1060  /**
1061   * The name of the configuration attribute that specifies the path to the file
1062   * containing the PIN needed to access the keystore.
1063   */
1064  public static final String ATTR_KEYSTORE_PIN_FILE =
1065       "ds-cfg-key-store-pin-file";
1066
1067
1068
1069  /**
1070   * The name of the configuration attribute that specifies the name of the Java
1071   * property containing the PIN needed to access the keystore.
1072   */
1073  public static final String ATTR_KEYSTORE_PIN_PROPERTY =
1074  "ds-cfg-key-store-pin-property";
1075
1076
1077
1078  /**
1079   * The name of the configuration attribute that specifies the format of the
1080   * data in the keystore file.
1081   */
1082  public static final String ATTR_KEYSTORE_TYPE =
1083       "ds-cfg-key-store-type";
1084
1085
1086
1087  /**
1088   * The name of the configuration attribute that specifies the fully-qualified
1089   * name of the class to use as the trust manager provider.
1090   */
1091  public static final String ATTR_TRUSTMANAGER_CLASS =
1092       "ds-cfg-java-class";
1093
1094
1095
1096  /**
1097   * The name of the configuration attribute that specifies the DN of the
1098   * configuration entry for the trust manager provider.
1099   */
1100  public static final String ATTR_TRUSTMANAGER_DN =
1101       "ds-cfg-trust-manager-provider";
1102
1103
1104
1105  /**
1106   * The name of the configuration attribute that indicates whether the trust
1107   * manager provider should be enabled.
1108   */
1109  public static final String ATTR_TRUSTMANAGER_ENABLED =
1110       "ds-cfg-enabled";
1111
1112
1113
1114  /**
1115   * The name of the configuration attribute that specifies the path to the
1116   * trust store file.
1117   */
1118  public static final String ATTR_TRUSTSTORE_FILE =
1119       "ds-cfg-trust-store-file";
1120
1121
1122
1123  /**
1124   * The name of the configuration attribute that specifies the PIN needed to
1125   * access the trust store.
1126   */
1127  public static final String ATTR_TRUSTSTORE_PIN =
1128       "ds-cfg-trust-store-pin";
1129
1130
1131
1132  /**
1133   * The name of the configuration attribute that specifies the name of the
1134   * environment variable containing the PIN needed to access the trust store.
1135   */
1136  public static final String ATTR_TRUSTSTORE_PIN_ENVAR =
1137       "ds-cfg-trust-store-pin-environment-variable";
1138
1139
1140
1141  /**
1142   * The name of the configuration attribute that specifies the path to the file
1143   * containing the PIN needed to access the trust store.
1144   */
1145  public static final String ATTR_TRUSTSTORE_PIN_FILE =
1146       "ds-cfg-trust-store-pin-file";
1147
1148
1149
1150  /**
1151   * The name of the configuration attribute that specifies the name of the Java
1152   * property containing the PIN needed to access the trust store.
1153   */
1154  public static final String ATTR_TRUSTSTORE_PIN_PROPERTY =
1155       "ds-cfg-trust-store-pin-property";
1156
1157
1158
1159  /**
1160   * The name of the configuration attribute that specifies the format of the
1161   * data in the trust store file.
1162   */
1163  public static final String ATTR_TRUSTSTORE_TYPE =
1164       "ds-cfg-trust-store-type";
1165
1166
1167
1168  /**
1169   * The name of the configuration attribute that specifies the address or set
1170   * of addresses on which a connection handler should listen.
1171   */
1172  public static final String ATTR_LISTEN_ADDRESS =
1173       "ds-cfg-listen-address";
1174
1175
1176
1177  /**
1178   * The name of the configuration attribute that specifies the port or set of
1179   * ports on which a connection handler should listen.
1180   */
1181  public static final String ATTR_LISTEN_PORT = "ds-cfg-listen-port";
1182
1183  /**
1184   * The attribute that specifies if internal operations should be logged
1185   * or not.
1186   */
1187  public static final String ATTR_LOGGER_SUPPRESS_INTERNAL_OPERATIONS =
1188       "ds-cfg-suppress-internal-operations";
1189
1190
1191  /**
1192   * The policy type for rotating log files.
1193   */
1194  public static final String ATTR_LOGGER_ROTATION_POLICY =
1195       "ds-cfg-rotation-policy";
1196
1197  /**
1198   * The policy type for retaining log files.
1199   */
1200  public static final String ATTR_LOGGER_RETENTION_POLICY =
1201       "ds-cfg-retention-policy";
1202
1203  /**
1204   * The number of files to retain attribute type.
1205   */
1206  public static final String ATTR_LOGGER_RETENTION_NUMBER_OF_FILES =
1207       "ds-cfg-number-of-files";
1208
1209  /**
1210   * The disk space used attribute.
1211   */
1212  public static final String ATTR_LOGGER_RETENTION_DISK_SPACE_USED =
1213       "ds-cfg-disk-space-used";
1214
1215  /**
1216   * The free disk space attribute.
1217   */
1218  public static final String ATTR_LOGGER_RETENTION_FREE_DISK_SPACE =
1219       "ds-cfg-free-disk-space";
1220
1221
1222  /**
1223   * The size limit for the size based rotation policy.
1224   */
1225  public static final String ATTR_LOGGER_ROTATION_SIZE_LIMIT =
1226       "ds-cfg-size-limit";
1227
1228
1229  /**
1230   * The time of day for the time of day based rotation policy.
1231   */
1232  public static final String ATTR_LOGGER_ROTATION_TIME_OF_DAY =
1233       "ds-cfg-time-of-day";
1234
1235
1236
1237  /**
1238   * The action to be taken at the time of rotation.
1239   */
1240  public static final String ATTR_LOGGER_ROTATION_ACTION =
1241       "ds-cfg-rotation-action";
1242
1243
1244  /**
1245   * The time interval for the logger thread to sleep.
1246   */
1247  public static final String ATTR_LOGGER_THREAD_INTERVAL =
1248       "ds-cfg-time-interval";
1249
1250
1251  /**
1252   * The time interval for the logger thread to sleep.
1253   */
1254  public static final String ATTR_LOGGER_BUFFER_SIZE =
1255       "ds-cfg-buffer-size";
1256
1257
1258
1259  /**
1260   * The name of the configuration attribute that holds the fully-qualified name
1261   * for the logger class.
1262   */
1263  public static final String ATTR_LOGGER_CLASS =
1264       "ds-cfg-java-class";
1265
1266
1267
1268  /**
1269   * The name of the configuration attribute that indicates whether a Directory
1270   * Server logger should be enabled.
1271   */
1272  public static final String ATTR_LOGGER_ENABLED =
1273       "ds-cfg-enabled";
1274
1275
1276
1277  /**
1278   * The name of the configuration attribute that specifies the attribute or set
1279   * of attributes that should be used when attempting to map an ID string to
1280   * a user entry.
1281   */
1282  public static final String ATTR_MATCH_ATTRIBUTE =
1283       "ds-cfg-match-attribute";
1284
1285
1286
1287  /**
1288   * The name of the configuration attribute that specifies the base DN(s) that
1289   * should be used when attempting to map an ID string to a user entry.
1290   */
1291  public static final String ATTR_MATCH_BASE =
1292       "ds-cfg-match-base-dn";
1293
1294
1295
1296  /**
1297   * The name of the configuration attribute that holds the set of matching rule
1298   * definitions in the server schema, formatted in camelCase.
1299   */
1300  public static final String ATTR_MATCHING_RULES = "matchingRules";
1301
1302
1303
1304  /**
1305   * The name of the configuration attribute that holds the set of matching rule
1306   * definitions in the server schema, formatted in all lowercase.
1307   */
1308  public static final String ATTR_MATCHING_RULES_LC = "matchingrules";
1309
1310
1311
1312  /**
1313   * The name of the configuration attribute that holds the set of matching rule
1314   * use definitions in the server schema, formatted in camelCase.
1315   */
1316  public static final String ATTR_MATCHING_RULE_USE = "matchingRuleUse";
1317
1318
1319
1320  /**
1321   * The name of the configuration attribute that holds the set of matching rule
1322   * use definitions in the server schema, formatted in all lowercase.
1323   */
1324  public static final String ATTR_MATCHING_RULE_USE_LC = "matchingruleuse";
1325
1326
1327
1328  /**
1329   * The default maximum request size that should be used if none is specified
1330   * in the configuration.
1331   */
1332  public static final int DEFAULT_MAX_REQUEST_SIZE = 5 * 1024 * 1024; // 5 MB
1333
1334
1335
1336  /**
1337   * The name of the configuration attribute that specifies the fully-qualified
1338   * name of the Java class that defines a Directory Server matching rule.
1339   */
1340  public static final String ATTR_MATCHING_RULE_CLASS =
1341       "ds-cfg-java-class";
1342
1343
1344
1345  /**
1346   * The name of the configuration attribute that indicates whether a matching
1347   * rule should be enabled.
1348   */
1349  public static final String ATTR_MATCHING_RULE_ENABLED =
1350       "ds-cfg-enabled";
1351
1352
1353
1354  /**
1355   * The name of the configuration attribute that indicates the maximum allowed
1356   * size of a request in bytes.
1357   */
1358  public static final String ATTR_MAX_REQUEST_SIZE =
1359       "ds-cfg-max-request-size";
1360
1361
1362
1363  /**
1364   * The name of the configuration attribute that holds the fully-qualified name
1365   * for the monitor provider class.
1366   */
1367  public static final String ATTR_MONITOR_CLASS =
1368       "ds-cfg-java-class";
1369
1370
1371
1372  /**
1373   * The name of the configuration attribute that indicates whether a monitor
1374   * provider should be enabled.
1375   */
1376  public static final String ATTR_MONITOR_ENABLED =
1377       "ds-cfg-enabled";
1378
1379
1380
1381  /**
1382   * The name of the attribute that is used to hold the name form definitions in
1383   * the server schema, formatted in camelCase.
1384   */
1385  public static final String ATTR_NAME_FORMS = "nameForms";
1386
1387
1388
1389  /**
1390   * The name of the attribute that is used to hold the name form definitions in
1391   * the server schema, formatted in all lowercase.
1392   */
1393  public static final String ATTR_NAME_FORMS_LC = "nameforms";
1394
1395
1396
1397  /**
1398   * The name of the configuration attribute that indicates whether to send a
1399   * response to operations that have been abandoned.
1400   */
1401  public static final String ATTR_NOTIFY_ABANDONED_OPS =
1402       "ds-cfg-notify-abandoned-operations";
1403
1404
1405
1406  /**
1407   * The name of the configuration attribute that indicates the number of
1408   * request handlers that should be used to read requests from clients.
1409   */
1410  public static final String ATTR_NUM_REQUEST_HANDLERS =
1411       "ds-cfg-num-request-handlers";
1412
1413
1414
1415  /**
1416   * The default number of request handler threads to use if it is not specified
1417   * in the configuration.
1418   */
1419  public static final int DEFAULT_NUM_REQUEST_HANDLERS = 1;
1420
1421
1422
1423  /**
1424   * The name of the configuration attribute that indicates the number of worker
1425   * threads that should be used to process requests.
1426   */
1427  public static final String ATTR_NUM_WORKER_THREADS =
1428       "ds-cfg-num-worker-threads";
1429
1430
1431
1432  /**
1433   * The default number of worker threads that should be used if no value is
1434   * specified in the configuration.
1435   */
1436  public static final int DEFAULT_NUM_WORKER_THREADS = 24;
1437
1438
1439
1440  /**
1441   * The name of the standard attribute that holds the objectclass values for
1442   * the entry, formatted in camelCase.
1443   */
1444  public static final String ATTR_OBJECTCLASS = "objectClass";
1445
1446
1447
1448  /**
1449   * The name of the configuration attribute that holds the set of objectclass
1450   * definitions in the server schema, formatted in camelCase.
1451   */
1452  public static final String ATTR_OBJECTCLASSES = "objectClasses";
1453
1454
1455
1456  /**
1457   * The name of the configuration attribute that holds the set of objectclass
1458   * definitions in the server schema, formatted in all lowercase.
1459   */
1460  public static final String ATTR_OBJECTCLASSES_LC = "objectclasses";
1461
1462
1463
1464  /**
1465   * The name of the configuration attribute that specifies a character set that
1466   * can be used with a password.
1467   */
1468  public static final String ATTR_PASSWORD_CHARSET =
1469       "ds-cfg-password-character-set";
1470
1471
1472
1473  /**
1474   * The name of the configuration attribute that specifies the format that
1475   * should be used for generating a password.
1476   */
1477  public static final String ATTR_PASSWORD_FORMAT =
1478       "ds-cfg-password-format";
1479
1480
1481
1482  /**
1483   * The name of the configuration attribute that specifies the maximum allowed
1484   * length for a password.
1485   */
1486  public static final String ATTR_PASSWORD_MAX_LENGTH =
1487       "ds-cfg-max-password-length";
1488
1489
1490
1491  /**
1492   * The name of the configuration attribute that specifies the minimum allowed
1493   * length for a password.
1494   */
1495  public static final String ATTR_PASSWORD_MIN_LENGTH =
1496       "ds-cfg-min-password-length";
1497
1498  /**
1499   * The name of the configuration attribute that specifies the minimum allowed
1500   * difference for a password.
1501   */
1502  public static final String ATTR_PASSWORD_MIN_DIFFERENCE =
1503       "ds-cfg-min-password-difference";
1504
1505
1506  /**
1507   * The name of the configuration attribute that holds the fully-qualified name
1508   * of the Java class for a plugin implementation.
1509   */
1510  public static final String ATTR_PLUGIN_CLASS =
1511       "ds-cfg-java-class";
1512
1513
1514
1515  /**
1516   * The name of the configuration attribute that indicates whether a particular
1517   * plugin is enabled.
1518   */
1519  public static final String ATTR_PLUGIN_ENABLED =
1520       "ds-cfg-enabled";
1521
1522
1523
1524  /**
1525   * The name of the configuration attribute that indicates the ways in which a
1526   * plugin will be used.
1527   */
1528  public static final String ATTR_PLUGIN_TYPE =
1529       "ds-cfg-plugin-type";
1530
1531
1532
1533  /**
1534   * The name of the configuration attribute that may be modified in order to
1535   * cause the profiler to take some action (e.g., starting or stopping
1536   * collection).
1537   */
1538  public static final String ATTR_PROFILE_ACTION =
1539      "ds-cfg-profile-action";
1540
1541
1542
1543  /**
1544   * The name of the configuration attribute that indicates whether the
1545   * Directory Server profiler plugin should be automatically enabled when the
1546   * server is starting.
1547   */
1548  public static final String ATTR_PROFILE_AUTOSTART =
1549       "ds-cfg-enable-profiling-on-startup";
1550
1551
1552
1553  /**
1554   * The name of the configuration attribute that holds the path to the
1555   * directory into which profile information will be written.
1556   */
1557  public static final String ATTR_PROFILE_DIR =
1558       "ds-cfg-profile-directory";
1559
1560
1561
1562  /**
1563   * The name of the configuration attribute that holds the profile sample
1564   * interval in milliseconds.
1565   */
1566  public static final String ATTR_PROFILE_INTERVAL =
1567       "ds-cfg-profile-sample-interval";
1568
1569
1570
1571  /**
1572   * The default sample interval in milliseconds to use when profiling if no
1573   * other value is specified.
1574   */
1575  public static final long DEFAULT_PROFILE_INTERVAL = 10;
1576
1577
1578
1579  /**
1580   * The name of the read-only configuration attribute that holds the current
1581   * state of the profiler.
1582   */
1583  public static final String ATTR_PROFILE_STATE =
1584       "ds-cfg-profiler-state";
1585
1586
1587
1588  /**
1589   * The name of the configuration attribute that holds the DN of the identity
1590   * mapper configuration entry for use with the proxied authorization V2
1591   * control.
1592   */
1593  public static final String ATTR_PROXY_MAPPER_DN =
1594       "ds-cfg-proxied-authorization-identity-mapper";
1595
1596
1597
1598  /**
1599   * The name of the configuration attribute that holds the fully-qualified name
1600   * for the password generator class.
1601   */
1602  public static final String ATTR_PWGENERATOR_CLASS =
1603       "ds-cfg-java-class";
1604
1605
1606
1607  /**
1608   * The name of the configuration attribute that indicates whether a password
1609   * generator is enabled.
1610   */
1611  public static final String ATTR_PWGENERATOR_ENABLED =
1612       "ds-cfg-enabled";
1613
1614
1615
1616  /**
1617   * The name of the configuration attribute that indicates whether a user will
1618   * be allowed to change their password even if it is expired.
1619   */
1620  public static final String ATTR_PWPOLICY_ALLOW_EXPIRED_CHANGES =
1621       "ds-cfg-allow-expired-password-changes";
1622
1623
1624
1625  /**
1626   * The default value for the allowExpiredPasswordChanges configuration
1627   * attribute.
1628   */
1629  public static final boolean DEFAULT_PWPOLICY_ALLOW_EXPIRED_CHANGES = false;
1630
1631
1632
1633  /**
1634   * The name of the configuration attribute that indicates whether a user may
1635   * provide a pre-encoded password.
1636   */
1637  public static final String ATTR_PWPOLICY_ALLOW_PRE_ENCODED_PASSWORDS =
1638       "ds-cfg-allow-pre-encoded-passwords";
1639
1640
1641
1642  /**
1643   * The default value for the allowPreEncodedPasswords configuration attribute.
1644   */
1645  public static final boolean DEFAULT_PWPOLICY_ALLOW_PRE_ENCODED_PASSWORDS =
1646       false;
1647
1648
1649
1650  /**
1651   * The name of the configuration attribute that indicates whether user entries
1652   * will be allowed to have multiple values for the password attribute.
1653   */
1654  public static final String ATTR_PWPOLICY_ALLOW_MULTIPLE_PW_VALUES =
1655       "ds-cfg-allow-multiple-password-values";
1656
1657
1658
1659  /**
1660   * The default value for the allowMultiplePasswordValues configuration
1661   * attribute.
1662   */
1663  public static final boolean DEFAULT_PWPOLICY_ALLOW_MULTIPLE_PW_VALUES = false;
1664
1665
1666
1667  /**
1668   * The name of the configuration attribute that indicates whether users will
1669   * be allowed to change their own passwords.
1670   */
1671  public static final String ATTR_PWPOLICY_ALLOW_USER_CHANGE =
1672       "ds-cfg-allow-user-password-changes";
1673
1674
1675
1676  /**
1677   * The default value for the allowUserPasswordChanges configuration attribute.
1678   */
1679  public static final boolean DEFAULT_PWPOLICY_ALLOW_USER_CHANGE = true;
1680
1681
1682
1683  /**
1684   * The name of the configuration attribute that specifies the default password
1685   * storage schemes for a password policy.
1686   */
1687  public static final String ATTR_PWPOLICY_DEFAULT_SCHEME =
1688       "ds-cfg-default-password-storage-scheme";
1689
1690
1691
1692  /**
1693   * The name of the configuration attribute that indicates whether a user
1694   * password will be allowed to expire even if they have not yet seen a warning
1695   * notification.
1696   */
1697  public static final String ATTR_PWPOLICY_EXPIRE_WITHOUT_WARNING =
1698       "ds-cfg-expire-passwords-without-warning";
1699
1700
1701
1702  /**
1703   * The default value for the expirePasswordsWithoutWarning configuration
1704   * attribute.
1705   */
1706  public static final boolean DEFAULT_PWPOLICY_EXPIRE_WITHOUT_WARNING = false;
1707
1708
1709
1710  /**
1711   * The name of the configuration attribute that indicates whether a user must
1712   * change their password upon first authenticating after their account is
1713   * created.
1714   */
1715  public static final String ATTR_PWPOLICY_FORCE_CHANGE_ON_ADD =
1716       "ds-cfg-force-change-on-add";
1717
1718
1719
1720  /**
1721   * The default value for the forceChangeOnAdd configuration attribute.
1722   */
1723  public static final boolean DEFAULT_PWPOLICY_FORCE_CHANGE_ON_ADD = false;
1724
1725
1726
1727  /**
1728   * The name of the configuration attribute that indicates whether a user must
1729   * change their password after it is reset by an administrator.
1730   */
1731  public static final String ATTR_PWPOLICY_FORCE_CHANGE_ON_RESET =
1732       "ds-cfg-force-change-on-reset";
1733
1734
1735
1736  /**
1737   * The default value for the forceChangeOnReset configuration attribute.
1738   */
1739  public static final boolean DEFAULT_PWPOLICY_FORCE_CHANGE_ON_RESET = false;
1740
1741
1742
1743  /**
1744   * The name of the configuration attribute that specifies the number of fixed
1745   * grace login attempts that a user will have.
1746   */
1747  public static final String ATTR_PWPOLICY_GRACE_LOGIN_COUNT =
1748       "ds-cfg-grace-login-count";
1749
1750
1751
1752  /**
1753   * The default value for the graceLoginCount configuration attribute.
1754   */
1755  public static final int DEFAULT_PWPOLICY_GRACE_LOGIN_COUNT = 0;
1756
1757
1758
1759  /**
1760   * The default value for the password history count configuration attribute.
1761   */
1762  public static final int DEFAULT_PWPOLICY_HISTORY_COUNT = 0;
1763
1764
1765
1766  /**
1767   * The default value for the password history duration configuration
1768   * attribute, in seconds.
1769   */
1770  public static final int DEFAULT_PWPOLICY_HISTORY_DURATION = 0;
1771
1772
1773
1774  /**
1775   * The name of the configuration attribute that specifies the maximum length
1776   * of time an account may remain idle.
1777   */
1778  public static final String ATTR_PWPOLICY_IDLE_LOCKOUT_INTERVAL =
1779       "ds-cfg-idle-lockout-interval";
1780
1781
1782
1783  /**
1784   * The default value for the idleLockoutInterval configuration attribute.
1785   */
1786  public static final int DEFAULT_PWPOLICY_IDLE_LOCKOUT_INTERVAL = 0;
1787
1788
1789
1790  /**
1791   * The name of the configuration attribute that specifies the attribute used
1792   * to hold the last login time.
1793   */
1794  public static final String ATTR_PWPOLICY_LAST_LOGIN_TIME_ATTRIBUTE =
1795       "ds-cfg-last-login-time-attribute";
1796
1797
1798
1799  /**
1800   * The name of the configuration attribute that specifies the format string
1801   * used to generate the last login time.
1802   */
1803  public static final String ATTR_PWPOLICY_LAST_LOGIN_TIME_FORMAT =
1804       "ds-cfg-last-login-time-format";
1805
1806
1807
1808  /**
1809   * The name of the configuration attribute that specifies the length of time
1810   * that a user will remain locked out.
1811   */
1812  public static final String ATTR_PWPOLICY_LOCKOUT_DURATION =
1813       "ds-cfg-lockout-duration";
1814
1815
1816
1817  /**
1818   * The default value for the lockoutDuration configuration attribute.
1819   */
1820  public static final int DEFAULT_PWPOLICY_LOCKOUT_DURATION = 0;
1821
1822
1823
1824  /**
1825   * The name of the configuration attribute that specifies the number of
1826   * authentication failures required to lock out a user account.
1827   */
1828  public static final String ATTR_PWPOLICY_LOCKOUT_FAILURE_COUNT =
1829       "ds-cfg-lockout-failure-count";
1830
1831
1832
1833  /**
1834   * The default value for the lockoutFailureCount configuration attribute.
1835   */
1836  public static final int DEFAULT_PWPOLICY_LOCKOUT_FAILURE_COUNT = 0;
1837
1838
1839
1840  /**
1841   * The name of the configuration attribute that specifies the length of time
1842   * in seconds that an authentication failure will be counted against a user
1843   * for lockout purposes.
1844   */
1845  public static final String ATTR_PWPOLICY_LOCKOUT_FAILURE_EXPIRATION_INTERVAL =
1846       "ds-cfg-lockout-failure-expiration-interval";
1847
1848
1849
1850  /**
1851   * The default value for the lockoutFailureExpirationInterval configuration
1852   * attribute.
1853   */
1854  public static final int DEFAULT_PWPOLICY_LOCKOUT_FAILURE_EXPIRATION_INTERVAL =
1855       0;
1856
1857
1858
1859  /**
1860   * The name of the configuration attribute that specifies the maximum length
1861   * of time allowed between password changes.
1862   */
1863  public static final String ATTR_PWPOLICY_MAXIMUM_PASSWORD_AGE =
1864       "ds-cfg-max-password-age";
1865
1866
1867
1868  /**
1869   * The default value for the maximumPasswordAge configuration attribute.
1870   */
1871  public static final int DEFAULT_PWPOLICY_MAXIMUM_PASSWORD_AGE = 0;
1872
1873
1874
1875  /**
1876   * The name of the configuration attribute that specifies the maximum length
1877   * of time that a user has to change their password after it has been
1878   * administratively reset.
1879   */
1880  public static final String ATTR_PWPOLICY_MAXIMUM_PASSWORD_RESET_AGE =
1881       "ds-cfg-max-password-reset-age";
1882
1883
1884
1885  /**
1886   * The default value for the maximumPasswordResetAge configuration attribute.
1887   */
1888  public static final int DEFAULT_PWPOLICY_MAXIMUM_PASSWORD_RESET_AGE = 0;
1889
1890
1891
1892  /**
1893   * The name of the configuration attribute that specifies the minimum length
1894   * of time allowed between password changes.
1895   */
1896  public static final String ATTR_PWPOLICY_MINIMUM_PASSWORD_AGE =
1897       "ds-cfg-min-password-age";
1898
1899
1900
1901  /**
1902   * The default value for the minimumPasswordAge configuration attribute.
1903   */
1904  public static final int DEFAULT_PWPOLICY_MINIMUM_PASSWORD_AGE = 0;
1905
1906
1907
1908  /**
1909   * The name of the configuration attribute that specifies the DN(s) of the
1910   * configuration entries for the account status notification handlers for use
1911   * with the password policy.
1912   */
1913  public static final String ATTR_PWPOLICY_NOTIFICATION_HANDLER =
1914       "ds-cfg-account-status-notification-handler";
1915
1916
1917
1918  /**
1919   * The name of the configuration attribute that specifies the attribute used
1920   * to hold user passwords.
1921   */
1922  public static final String ATTR_PWPOLICY_PASSWORD_ATTRIBUTE =
1923       "ds-cfg-password-attribute";
1924
1925
1926
1927  /**
1928   * The name of the configuration attribute that specifies the DN of
1929   * configuration entry for the password generator to use with a password
1930   * policy.
1931   */
1932  public static final String ATTR_PWPOLICY_PASSWORD_GENERATOR =
1933       "ds-cfg-password-generator";
1934
1935
1936
1937  /**
1938   * The name of the configuration attribute that specifies the DN(s) of the
1939   * configuration entries that will hold the password validators for use with
1940   * the password policy.
1941   */
1942  public static final String ATTR_PWPOLICY_PASSWORD_VALIDATOR =
1943       "ds-cfg-password-validator";
1944
1945
1946
1947  /**
1948   * The name of the configuration attribute that specifies the format strings
1949   * that may have been used in the past to generate last login time values.
1950   */
1951  public static final String ATTR_PWPOLICY_PREVIOUS_LAST_LOGIN_TIME_FORMAT =
1952       "ds-cfg-previous-last-login-time-format";
1953
1954
1955
1956  /**
1957   * The name of the configuration attribute that holds the time by which all
1958   * users must have changed their passwords.
1959   */
1960  public static final String ATTR_PWPOLICY_REQUIRE_CHANGE_BY_TIME =
1961       "ds-cfg-require-change-by-time";
1962
1963
1964
1965  /**
1966   * The name of the configuration attribute that indicates whether users will
1967   * be required to provide their current password when they choose a new
1968   * password.
1969   */
1970  public static final String ATTR_PWPOLICY_REQUIRE_CURRENT_PASSWORD =
1971       "ds-cfg-password-change-requires-current-password";
1972
1973
1974
1975  /**
1976   * The default value for the passwordChangeRequiresCurrentPassword
1977   * configuration attribute.
1978   */
1979  public static final boolean DEFAULT_PWPOLICY_REQUIRE_CURRENT_PASSWORD = false;
1980
1981
1982
1983  /**
1984   * The name of the configuration attribute that indicates whether users will
1985   * be required to authenticate using a secure mechanism.
1986   */
1987  public static final String ATTR_PWPOLICY_REQUIRE_SECURE_AUTHENTICATION =
1988       "ds-cfg-require-secure-authentication";
1989
1990
1991
1992  /**
1993   * The default value for the requireSecureAuthentication configuration
1994   * attribute.
1995   */
1996  public static final boolean DEFAULT_PWPOLICY_REQUIRE_SECURE_AUTHENTICATION =
1997       false;
1998
1999
2000
2001  /**
2002   * The name of the configuration attribute that indicates whether users will
2003   * be required to change their passwords using a secure mechanism.
2004   */
2005  public static final String ATTR_PWPOLICY_REQUIRE_SECURE_PASSWORD_CHANGES =
2006       "ds-cfg-require-secure-password-changes";
2007
2008
2009
2010  /**
2011   * The default value for the requireSecurePasswordChanges configuration
2012   * attribute.
2013   */
2014  public static final boolean DEFAULT_PWPOLICY_REQUIRE_SECURE_PASSWORD_CHANGES =
2015       false;
2016
2017
2018
2019  /**
2020   * The name of the configuration attribute that indicates whether the server
2021   * should perform validation on passwords set by administrators.
2022   */
2023  public static final String ATTR_PWPOLICY_SKIP_ADMIN_VALIDATION =
2024       "ds-cfg-skip-validation-for-administrators";
2025
2026
2027
2028  /**
2029   * The default value for the skipValidationForAdministrators configuration
2030   * attribute.
2031   */
2032  public static final boolean DEFAULT_PWPOLICY_SKIP_ADMIN_VALIDATION = false;
2033
2034
2035
2036  /**
2037   * The name of the configuration attribute that specifies the maximum length
2038   * of time before expiration that a user should start to receive warning
2039   * notifications.
2040   */
2041  public static final String ATTR_PWPOLICY_WARNING_INTERVAL =
2042       "ds-cfg-password-expiration-warning-interval";
2043
2044
2045
2046  /**
2047   * The default value for the passwordExpirationWarningInterval configuration
2048   * attribute.
2049   */
2050  public static final int DEFAULT_PWPOLICY_WARNING_INTERVAL = 604800;
2051
2052
2053
2054  /**
2055   * The name of the configuration attribute that holds the fully-qualified name
2056   * for the password storage scheme class.
2057   */
2058  public static final String ATTR_PWSCHEME_CLASS =
2059       "ds-cfg-java-class";
2060
2061
2062
2063  /**
2064   * The name of the configuration attribute that indicates whether a password
2065   * storage scheme is enabled.
2066   */
2067  public static final String ATTR_PWSCHEME_ENABLED =
2068       "ds-cfg-enabled";
2069
2070
2071
2072  /**
2073   * The name of the configuration attribute that holds the fully-qualified name
2074   * for the password validator class.
2075   */
2076  public static final String ATTR_PWVALIDATOR_CLASS =
2077       "ds-cfg-java-class";
2078
2079
2080
2081  /**
2082   * The name of the configuration attribute that indicates whether a password
2083   * validator is enabled.
2084   */
2085  public static final String ATTR_PWVALIDATOR_ENABLED =
2086       "ds-cfg-enabled";
2087
2088
2089
2090  /**
2091   * The name of the configuration attribute that holds the
2092   * schedule for a recurring task.
2093   */
2094  public static final String ATTR_RECURRING_TASK_SCHEDULE =
2095       NAME_PREFIX_RECURRING_TASK + "schedule";
2096
2097
2098
2099  /**
2100   * The name of the configuration attribute that holds the recurring task ID
2101   * for a recurring task that may be associated with a task.
2102   */
2103  public static final String ATTR_RECURRING_TASK_ID =
2104       NAME_PREFIX_RECURRING_TASK + "id";
2105
2106
2107
2108  /**
2109   * The name of the configuration attribute that indicates whether the
2110   * Directory Server should be restarted instead of shut down.
2111   */
2112  public static final String ATTR_RESTART_SERVER =
2113       NAME_PREFIX_TASK + "restart-server";
2114
2115
2116
2117  /**
2118   * The name of the configuration attribute that specifies the set of
2119   * subordinate base DNs that should be used for non-base-level searches
2120   * against the root DSE.
2121   */
2122  public static final String ATTR_ROOT_DSE_SUBORDINATE_BASE_DN =
2123       "ds-cfg-subordinate-base-dn";
2124
2125
2126
2127  /**
2128   * The name of the configuration attribute that holds the fully-qualified name
2129   * for the SASL mechanism handler class.
2130   */
2131  public static final String ATTR_SASL_CLASS =
2132       "ds-cfg-java-class";
2133
2134
2135
2136  /**
2137   * The name of the configuration attribute that indicates whether a SASL
2138   * mechanism handler should be enabled.
2139   */
2140  public static final String ATTR_SASL_ENABLED =
2141       "ds-cfg-enabled";
2142
2143
2144
2145  /**
2146   * The name of the configuration attribute that specifies the location(s) of
2147   * the entries used to publish the Directory Server schema information.
2148   */
2149  public static final String ATTR_SCHEMA_ENTRY_DN =
2150       "ds-cfg-schema-entry-dn";
2151
2152
2153
2154  /**
2155   * The name of the configuration attribute that indicates whether to send
2156   * rejected client connections a notice of disconnection explaining why the
2157   * connection was not accepted.
2158   */
2159  public static final String ATTR_SEND_REJECTION_NOTICE =
2160       "ds-cfg-send-rejection-notice";
2161
2162
2163
2164  /**
2165   * The default policy that will be used for deciding whether to send a
2166   * rejection notice to clients if it is not specified in the configuration.
2167   */
2168  public static final boolean DEFAULT_SEND_REJECTION_NOTICE = true;
2169
2170
2171
2172  /**
2173   * The name of the configuration attribute that will be used to indicate the
2174   * result code that should be used for operations that fail because of an
2175   * internal server error.
2176   */
2177  public static final String ATTR_SERVER_ERROR_RESULT_CODE =
2178       "ds-cfg-server-error-result-code";
2179
2180
2181
2182  /**
2183   * The name of the configuration attribute that holds the fully-qualified
2184   * domain name that should be used by the server when that information is
2185   * needed.
2186   */
2187  public static final String ATTR_SERVER_FQDN = "ds-cfg-server-fqdn";
2188
2189
2190
2191  /**
2192   * The name of the configuration attribute that holds a message that may be
2193   * provided for the reason the Directory Server has been requested to shut
2194   * down.
2195   */
2196  public static final String ATTR_SHUTDOWN_MESSAGE =
2197       NAME_PREFIX_TASK + "shutdown-message";
2198
2199
2200
2201  /**
2202   * The name of the configuration attribute that holds the password that must
2203   * be provided in order to shut down the server through the tasks interface.
2204   */
2205  public static final String ATTR_SHUTDOWN_PASSWORD =
2206       NAME_PREFIX_TASK + "shutdown-password";
2207
2208
2209
2210  /**
2211   * The name of the configuration attribute that holds the server size limit.
2212   */
2213  public static final String ATTR_SIZE_LIMIT = "ds-cfg-size-limit";
2214
2215
2216
2217  /**
2218   * The default value that will be used for the server size limit if no other
2219   * value is given.
2220   */
2221  public static final int DEFAULT_SIZE_LIMIT = 1000;
2222
2223    /**
2224   * The name of the configuration attribute that holds the server lookthrough
2225   * limit.
2226   */
2227  public static final String ATTR_LOOKTHROUGH_LIMIT =
2228        "ds-cfg-lookthrough-limit";
2229
2230
2231
2232  /**
2233   * The default value that will be used for the server lookthrough limit if
2234   * no other value is given.
2235   */
2236  public static final int DEFAULT_LOOKTHROUGH_LIMIT = 5000;
2237
2238
2239
2240  /**
2241   * The name of the configuration attribute that contains a set of search
2242   * filters to use to determine which entries should be excluded from the
2243   * cache.
2244   */
2245  public static final String ATTR_SOFTREFCACHE_EXCLUDE_FILTER =
2246       "ds-cfg-exclude-filter";
2247
2248
2249
2250  /**
2251   * The name of the configuration attribute that contains a set of search
2252   * filters to use to determine which entries should be included in the cache.
2253   */
2254  public static final String ATTR_SOFTREFCACHE_INCLUDE_FILTER =
2255       "ds-cfg-include-filter";
2256
2257
2258
2259  /**
2260   * The name of the configuration attribute that indicates the maximum length
2261   * of time in milliseconds to spend trying to acquire a lock for an entry in
2262   * the cache.
2263   */
2264  public static final String ATTR_SOFTREFCACHE_LOCK_TIMEOUT =
2265       "ds-cfg-lock-timeout";
2266
2267
2268
2269  /**
2270   * The name of the configuration attribute that holds information about the
2271   * policy that should be used when requesting/requiring SSL client
2272   * authentication.
2273   */
2274  public static final String ATTR_SSL_CLIENT_AUTH_POLICY =
2275       "ds-cfg-ssl-client-auth-policy";
2276
2277
2278
2279  /**
2280   * The default SSL client authentication policy that should be used if it is
2281   * not defined in the configuration.
2282   */
2283  public static final SSLClientAuthPolicy DEFAULT_SSL_CLIENT_AUTH_POLICY =
2284       SSLClientAuthPolicy.OPTIONAL;
2285
2286
2287
2288  /**
2289   * The name of the configuration attribute that holds the nickname of the
2290   * certificate that should be used for accepting SSL/TLS connections.
2291   */
2292  public static final String ATTR_SSL_CERT_NICKNAME =
2293       "ds-cfg-ssl-cert-nickname";
2294
2295
2296
2297  /**
2298   * The default SSL server certificate nickname to use if it is not defined in
2299   * the configuration.
2300   */
2301  public static final String DEFAULT_SSL_CERT_NICKNAME = "server-cert";
2302
2303
2304
2305  /**
2306   * The name of the configuration attribute that holds the nickname of the SSL
2307   * cipher suites that should be allowed for use in SSL/TLS sessions.
2308   */
2309  public static final String ATTR_SSL_CIPHERS =
2310       "ds-cfg-ssl-cipher-suite";
2311
2312
2313
2314  /**
2315   * The name of the configuration attribute that holds the nickname of the SSL
2316   * protocols that should be allowed for use in SSL/TLS sessions.
2317   */
2318  public static final String ATTR_SSL_PROTOCOLS =
2319       "ds-cfg-ssl-protocol";
2320
2321
2322
2323  /**
2324   * The name of the configuration attribute that specifies the fully-qualified
2325   * name of the Java class that defines a Directory Server synchronization
2326   * provider.
2327   */
2328  public static final String ATTR_SYNCHRONIZATION_PROVIDER_CLASS =
2329       "ds-cfg-java-class";
2330
2331
2332
2333  /**
2334   * The name of the configuration attribute that indicates whether a
2335   * synchronization provider should be enabled.
2336   */
2337  public static final String ATTR_SYNCHRONIZATION_PROVIDER_ENABLED =
2338       "ds-cfg-enabled";
2339
2340
2341
2342  /**
2343   * The name of the configuration attribute that specifies the
2344   * fully-qualified name of the Java class that defines a Directory
2345   * Server access control handler.
2346   */
2347  public static final String ATTR_AUTHZ_HANDLER_CLASS =
2348       "ds-cfg-java-class";
2349
2350
2351
2352  /**
2353   * The name of the configuration attribute that indicates whether
2354   * access control should be enabled.
2355   */
2356  public static final String ATTR_AUTHZ_HANDLER_ENABLED =
2357       "ds-cfg-enabled";
2358
2359
2360    /**
2361     * The name of the configuration attribute that specifies a global
2362     * attribute access control instruction.
2363     */
2364    public static final String ATTR_AUTHZ_GLOBAL_ACI =
2365        "ds-cfg-global-aci";
2366
2367
2368  /**
2369   * The name of the configuration attribute that specifies the fully-qualified
2370   * name of the Java class that defines a Directory Server attribute syntax.
2371   */
2372  public static final String ATTR_SYNTAX_CLASS =
2373       "ds-cfg-java-class";
2374
2375
2376
2377  /**
2378   * The name of the configuration attribute that indicates whether an attribute
2379   * syntax should be enabled.
2380   */
2381  public static final String ATTR_SYNTAX_ENABLED =
2382       "ds-cfg-enabled";
2383
2384
2385
2386  /**
2387   * The name of the configuration attribute that holds the actual start time
2388   * for a task.
2389   */
2390  public static final String ATTR_TASK_ACTUAL_START_TIME =
2391       NAME_PREFIX_TASK + "actual-start-time";
2392
2393
2394
2395  /**
2396   * The name of the configuration attribute that holds the path to the backing
2397   * file for task information.
2398   */
2399  public static final String ATTR_TASK_BACKING_FILE =
2400       "ds-cfg-task-backing-file";
2401
2402
2403
2404  /**
2405   * The name of the configuration attribute that holds the name of the class
2406   * providing the task logic.
2407   */
2408  public static final String ATTR_TASK_CLASS =
2409       NAME_PREFIX_TASK + "class-name";
2410
2411
2412
2413  /**
2414   * The name of the configuration attribute that holds the completion time for
2415   * a task.
2416   */
2417  public static final String ATTR_TASK_COMPLETION_TIME =
2418       NAME_PREFIX_TASK + "completion-time";
2419
2420
2421
2422  /**
2423   * The name of the configuration attribute that holds task IDs of any tasks on
2424   * which a given task is dependent.
2425   */
2426  public static final String ATTR_TASK_DEPENDENCY_IDS =
2427       NAME_PREFIX_TASK + "dependency-id";
2428
2429
2430
2431  /**
2432   * The name of the configuration attribute that holds the indication of what
2433   * to do in the event that one of the dependencies for a task has failed.
2434   */
2435  public static final String ATTR_TASK_FAILED_DEPENDENCY_ACTION =
2436       NAME_PREFIX_TASK + "failed-dependency-action";
2437
2438
2439
2440  /**
2441   * The name of the configuration attribute that holds the set of log messages
2442   * for a task.
2443   */
2444  public static final String ATTR_TASK_LOG_MESSAGES =
2445       NAME_PREFIX_TASK + "log-message";
2446
2447
2448
2449  /**
2450   * The name of the configuration attribute that holds the set of e-mail
2451   * addresses of the users to notify when a task has completed.
2452   */
2453  public static final String ATTR_TASK_NOTIFY_ON_COMPLETION =
2454       NAME_PREFIX_TASK + "notify-on-completion";
2455
2456
2457
2458  /**
2459   * The name of the configuration attribute that holds the set of e-mail
2460   * addresses of the users to notify if a task fails.
2461   */
2462  public static final String ATTR_TASK_NOTIFY_ON_ERROR =
2463       NAME_PREFIX_TASK + "notify-on-error";
2464
2465
2466
2467  /**
2468   * The name of the configuration attribute that holds the length of time in
2469   * seconds that task information should be retained after processing on the
2470   * task has completed.
2471   */
2472  public static final String ATTR_TASK_RETENTION_TIME =
2473       "ds-cfg-task-retention-time";
2474
2475
2476
2477  /**
2478   * The default task retention time that will be used if no value is provided.
2479   */
2480  public static final long DEFAULT_TASK_RETENTION_TIME = 86400;
2481
2482
2483
2484  /**
2485   * The name of the configuration attribute that holds the scheduled start time
2486   * for a task.
2487   */
2488  public static final String ATTR_TASK_SCHEDULED_START_TIME =
2489       NAME_PREFIX_TASK + "scheduled-start-time";
2490
2491
2492
2493  /**
2494   * The name of the configuration attribute that holds the task ID for a task.
2495   */
2496  public static final String ATTR_TASK_ID = NAME_PREFIX_TASK + "id";
2497
2498
2499
2500  /**
2501   * The name of the configuration attribute that holds the current state for a
2502   * task.
2503   */
2504  public static final String ATTR_TASK_STATE = NAME_PREFIX_TASK + "state";
2505
2506
2507
2508  /**
2509   * The name of the configuration attribute that indicates whether the
2510   * telephone number attribute syntax should use a strict compliance mode when
2511   * determining whether a value is acceptable.
2512   */
2513  public static final String ATTR_TELEPHONE_STRICT_MODE =
2514       "ds-cfg-strict-format";
2515
2516
2517
2518  /**
2519   * The name of the configuration attribute that holds the server time limit.
2520   */
2521  public static final String ATTR_TIME_LIMIT = "ds-cfg-time-limit";
2522
2523
2524
2525  /**
2526   * The default value that will be used for the server time limit if no other
2527   * value is given.
2528   */
2529  public static final int DEFAULT_TIME_LIMIT = 60;
2530
2531
2532
2533  /**
2534   * The name of the configuration attribute that specifies the DN to use as the
2535   * search base when trying to find entries that match a provided username.
2536   */
2537  public static final String ATTR_USER_BASE_DN =
2538       "ds-cfg-user-base-dn";
2539
2540
2541
2542  /**
2543   * The name of the configuration attribute that specifies which attribute
2544   * should be used to map usernames to their corresponding entries.
2545   */
2546  public static final String ATTR_USERNAME_ATTRIBUTE =
2547       "ds-cfg-user-name-attribute";
2548
2549
2550
2551  /**
2552   * The default attribute type that will be used for username lookups if none
2553   * is provided.
2554   */
2555  public static final String DEFAULT_USERNAME_ATTRIBUTE = "uid";
2556
2557
2558
2559  /**
2560   * The name of the configuration attribute that indicates whether to use SSL
2561   * when accepting client connections.
2562   */
2563  public static final String ATTR_USE_SSL = "ds-cfg-use-ssl";
2564
2565
2566
2567  /**
2568   * The default configuration that specifies whether to use SSL if it is not
2569   * defined in the server configuration.
2570   */
2571  public static final boolean DEFAULT_USE_SSL = false;
2572
2573
2574
2575  /**
2576   * The name of the configuration attribute that indicates whether connections
2577   * to clients should use the TCP_KEEPALIVE socket option.
2578   */
2579  public static final String ATTR_USE_TCP_KEEPALIVE =
2580       "ds-cfg-use-tcp-keep-alive";
2581
2582
2583
2584  /**
2585   * The default policy for using the TCP_KEEPALIVE socket option if it is not
2586   * specified in the configuration.
2587   */
2588  public static final boolean DEFAULT_USE_TCP_KEEPALIVE = true;
2589
2590
2591
2592  /**
2593   * The name of the configuration attribute that indicates whether connections
2594   * to clients should use the TCP_NODELAY socket option.
2595   */
2596  public static final String ATTR_USE_TCP_NODELAY =
2597       "ds-cfg-use-tcp-no-delay";
2598
2599
2600
2601  /**
2602   * The default policy for using the TCP_NODELAY socket option if it is not
2603   * specified in the configuration.
2604   */
2605  public static final boolean DEFAULT_USE_TCP_NODELAY = true;
2606
2607
2608
2609  /**
2610   * The name of the configuration attribute that is used to hold the name of
2611   * the user attribute that holds user certificates that can be used for
2612   * validation.
2613   */
2614  public static final String ATTR_VALIDATION_CERT_ATTRIBUTE =
2615       "ds-cfg-certificate-attribute";
2616
2617
2618
2619  /**
2620   * The default attribute name for holding certificate information if no value
2621   * is specified.
2622   */
2623  public static final String DEFAULT_VALIDATION_CERT_ATTRIBUTE =
2624       "usercertificate";
2625
2626
2627
2628  /**
2629   * The name of the configuration attribute that specifies the class providing
2630   * the logic for the work queue implementation.
2631   */
2632  public static final String ATTR_WORKQ_CLASS =
2633       "ds-cfg-java-class";
2634
2635
2636
2637  /**
2638   * The name of the configuration attribute that specifies the writability mode
2639   * for the Directory Server.
2640   */
2641  public static final String ATTR_WRITABILITY_MODE =
2642       "ds-cfg-writability-mode";
2643
2644
2645
2646  /**
2647   * The base name (with no path information) of the file that will be used to
2648   * hold schema tokens used for compressed schema elements.
2649   */
2650  public static final String COMPRESSED_SCHEMA_FILE_NAME =
2651       "schematokens.dat";
2652
2653
2654
2655  /**
2656   * The base name (with no path information) of the directory that will hold
2657   * the archived versions of previous configurations.
2658   */
2659  public static final String CONFIG_ARCHIVE_DIR_NAME = "archived-configs";
2660
2661
2662
2663  /**
2664   * The base name (with no path information) of the file that may contain
2665   * changes in LDIF form to apply to the configuration before the configuration
2666   * is loaded and initialized.
2667   */
2668  public static final String CONFIG_CHANGES_NAME = "config-changes.ldif";
2669
2670
2671
2672  /**
2673   * The name of the directory that will hold the configuration file for the
2674   * Directory Server.
2675   */
2676  public static final String CONFIG_DIR_NAME = "config";
2677
2678
2679
2680  /**
2681   * The default name of the file that holds the configuration for the Directory
2682   * Server.  It should exist below the directory specified by the
2683   * {@code CONFIG_DIR_NAME}.
2684   */
2685  public static final String CONFIG_FILE_NAME = "config.ldif";
2686
2687
2688
2689  /**
2690   * The DN of the entry that will serve as the root for the Directory Server
2691   * configuration.
2692   */
2693  public static final String DN_CONFIG_ROOT = "cn=config";
2694
2695
2696
2697  /**
2698   * The DN of the entry that will serve as the base for all Directory Server
2699   * account status notification handlers.
2700   */
2701  public static final String DN_ACCT_NOTIFICATION_HANDLER_CONFIG_BASE =
2702       "cn=Account Status Notification Handlers," + DN_CONFIG_ROOT;
2703
2704
2705
2706  /**
2707   * The DN of the entry that will serve as the base for all Directory Server
2708   * backends.
2709   */
2710  public static final String DN_BACKEND_BASE = "cn=Backends," + DN_CONFIG_ROOT;
2711
2712
2713
2714  /**
2715   * The DN of the entry that will serve as the base for all Directory Server
2716   * backup information.
2717   */
2718  public static final String DN_BACKUP_ROOT = "cn=backups";
2719
2720
2721
2722  /**
2723   * The DN of the entry that will serve as the base for all Directory Server
2724   * connection handlers.
2725   */
2726  public static final String DN_CONNHANDLER_BASE =
2727       "cn=Connection Handlers," + DN_CONFIG_ROOT;
2728
2729
2730
2731  /**
2732   * The DN of the entry that will serve as the default root for the Directory
2733   * Server schema information, unless an alternate location is defined in the
2734   * configuration.
2735   */
2736  public static final String DN_DEFAULT_SCHEMA_ROOT = "cn=schema";
2737
2738
2739
2740  /**
2741   * The DN of the entry that will hold the configuration for the Directory
2742   * Server entry cache.
2743   */
2744  public static final String DN_ENTRY_CACHE_BASE =
2745       "cn=Entry Caches," + DN_CONFIG_ROOT;
2746
2747
2748
2749  /**
2750   * The DN of the entry that will serve as the base for the configuration
2751   * for all Directory Server extended operation handlers.
2752   */
2753  public static final String DN_EXTENDED_OP_CONFIG_BASE =
2754       "cn=Extended Operations," + DN_CONFIG_ROOT;
2755
2756
2757
2758  /**
2759   * The DN of the entry that will serve as the base for the configuration
2760   * for all Directory Server group implementations.
2761   */
2762  public static final String DN_GROUP_IMPLEMENTATION_CONFIG_BASE =
2763       "cn=Group Implementations," + DN_CONFIG_ROOT;
2764
2765
2766
2767  /**
2768   * The DN of the entry that will serve as the base for the configuration
2769   * for all Directory Server identity mappers.
2770   */
2771  public static final String DN_IDMAPPER_CONFIG_BASE =
2772       "cn=Identity Mappers," + DN_CONFIG_ROOT;
2773
2774
2775
2776  /**
2777   * The DN of the entry that will be the base of the configuration information
2778   * for the Directory Server certificate mappers.
2779   */
2780  public static final String DN_CERTMAPPER_CONFIG_BASE =
2781       "cn=Certificate Mappers," + DN_CONFIG_ROOT;
2782
2783
2784
2785  /**
2786   * The DN of the entry that be the base of the configuration information for
2787   * the Directory Server key manager providers.
2788   */
2789  public static final String DN_KEYMANAGER_PROVIDER_CONFIG_BASE =
2790       "cn=Key Manager Providers," + DN_CONFIG_ROOT;
2791
2792
2793
2794  /**
2795   * The DN of the entry that is the base of the configuration information for
2796   * the Directory Server trust manager providers.
2797   */
2798  public static final String DN_TRUSTMANAGER_PROVIDER_CONFIG_BASE =
2799       "cn=Trust Manager Providers," + DN_CONFIG_ROOT;
2800
2801
2802
2803  /**
2804   * The ADS trust store backend id.
2805   */
2806  public static final String ID_ADS_TRUST_STORE_BACKEND = "ads-truststore";
2807
2808
2809
2810  /**
2811   * The DN of the trust store backend configuration entry.
2812   */
2813  public static final String DN_TRUST_STORE_BACKEND =
2814       ATTR_BACKEND_ID + "=" + ID_ADS_TRUST_STORE_BACKEND +
2815            "," + DN_BACKEND_BASE;
2816
2817
2818
2819  /**
2820   * Alias of the local instance certificate in the ADS keystore.
2821   */
2822  public static final String ADS_CERTIFICATE_ALIAS = "ads-certificate";
2823
2824
2825
2826  /**
2827   * The DN of the entry that will serve as the base for local ADS trust store
2828   * information.
2829   */
2830  public static final String DN_TRUST_STORE_ROOT = "cn=ads-truststore";
2831
2832
2833
2834  /**
2835   * The name of the attribute that holds a cryptographic cipher-key identifier.
2836   */
2837  public static final String ATTR_CRYPTO_KEY_ID = "ds-cfg-key-id";
2838
2839
2840
2841  /**
2842   * The name of the objectclass that will be used for a server
2843   * certificate entry.
2844   */
2845  public static final String OC_CRYPTO_INSTANCE_KEY =
2846       "ds-cfg-instance-key";
2847
2848
2849
2850  /**
2851   * The name of the objectclass that will be used for a self-signed
2852   * certificate request.
2853   */
2854  public static final String OC_SELF_SIGNED_CERT_REQUEST =
2855       "ds-cfg-self-signed-cert-request";
2856
2857
2858
2859  /**
2860   * The name of the objectclass that will be used for a cipher key.
2861   */
2862  public static final String OC_CRYPTO_CIPHER_KEY = "ds-cfg-cipher-key";
2863
2864
2865
2866  /**
2867   * The name of the objectclass that will be used for a mac key.
2868   */
2869  public static final String OC_CRYPTO_MAC_KEY = "ds-cfg-mac-key";
2870
2871
2872
2873  /**
2874   * The name of the attribute that is used to hold a cryptographic
2875   * public key certificate.
2876   */
2877  public static final String ATTR_CRYPTO_PUBLIC_KEY_CERTIFICATE =
2878       "ds-cfg-public-key-certificate";
2879
2880
2881  /**
2882   * The name of the attribute that is used to hold the name of a
2883   * cryptographic cipher transformation.
2884   */
2885  public static final String ATTR_CRYPTO_CIPHER_TRANSFORMATION_NAME =
2886       "ds-cfg-cipher-transformation-name";
2887
2888  /**
2889   * The name of the attribute that is used to hold the key wrapping
2890   * transformation used by the Crypto Manager.
2891   */
2892  public static final String ATTR_CRYPTO_CIPHER_KEY_WRAPPING_TRANSFORMATION =
2893    "ds-cfg-key-wrapping-transformation";
2894
2895  /**
2896   * The name of the attribute that is used to hold the name of a
2897   * cryptographic message authentication code (MAC) algorithm.
2898   */
2899  public static final String ATTR_CRYPTO_MAC_ALGORITHM_NAME =
2900       "ds-cfg-mac-algorithm-name";
2901
2902
2903  /**
2904   * The name of the attribute that is used to hold the length of a
2905   * cryptographic secret key.
2906   */
2907  public static final String ATTR_CRYPTO_KEY_LENGTH_BITS =
2908       "ds-cfg-key-length-bits";
2909
2910
2911  /**
2912   * The name of the attribute that is used to hold the length of a
2913   * cryptographic cipher initialization vector.
2914   */
2915  public static final String ATTR_CRYPTO_INIT_VECTOR_LENGTH_BITS =
2916       "ds-cfg-initialization-vector-length-bits";
2917
2918
2919  /**
2920   * The name of the attribute that is used to hold a cryptographic
2921   * cipher-key wrapped by a public-key.
2922   */
2923  public static final String ATTR_CRYPTO_SYMMETRIC_KEY = "ds-cfg-symmetric-key";
2924
2925
2926  /**
2927   * The name of the attribute that is used to hold time a cryptographic key
2928   * was suspected to be compromised.
2929   */
2930  public static final String ATTR_CRYPTO_KEY_COMPROMISED_TIME =
2931       "ds-cfg-key-compromised-time";
2932
2933
2934  /**
2935   * The DN of the entry that will serve as the base for all Directory Server
2936   * loggers.
2937   */
2938  public static final String DN_LOGGER_BASE = "cn=Loggers," + DN_CONFIG_ROOT;
2939
2940
2941
2942  /**
2943   * The DN of the entry that will serve as the base for all Directory Server
2944   * matching rules.
2945   */
2946  public static final String DN_MATCHING_RULE_CONFIG_BASE =
2947       "cn=Matching Rules," + DN_CONFIG_ROOT;
2948
2949
2950
2951  /**
2952   * The DN of the entry that will serve as the base for the configuration
2953   * for all Directory Server monitors.
2954   */
2955  public static final String DN_MONITOR_CONFIG_BASE =
2956       "cn=Monitor Providers," + DN_CONFIG_ROOT;
2957
2958
2959
2960  /**
2961   * The DN of the entry that will serve as the entry cache monitor provider
2962   * configuration for all Directory Server entry cache monitors.
2963   */
2964  public static final String DN_ENTRY_CACHE_MONITOR_CONFIG =
2965       "cn=Entry Caches," + DN_MONITOR_CONFIG_BASE;
2966
2967
2968
2969  /**
2970   * The DN of the entry that will serve as the base for all Directory Server
2971   * monitor information.
2972   */
2973  public static final String DN_MONITOR_ROOT = "cn=monitor";
2974
2975
2976
2977  /**
2978   * The DN of the entry that will serve as the base for all Directory Server
2979   * plugin information.
2980   */
2981  public static final String DN_PLUGIN_BASE = "cn=Plugins," + DN_CONFIG_ROOT;
2982
2983
2984
2985  /**
2986   * The DN of the entry that will serve as the base for the configuration
2987   * for all Directory Server password generators.
2988   */
2989  public static final String DN_PWGENERATOR_CONFIG_BASE =
2990       "cn=Password Generators," + DN_CONFIG_ROOT;
2991
2992
2993
2994  /**
2995   * The DN of the entry that will serve as the base for the configuration
2996   * for all Directory Server password policies.
2997   */
2998  public static final String DN_PWPOLICY_CONFIG_BASE =
2999       "cn=Password Policies," + DN_CONFIG_ROOT;
3000
3001
3002
3003  /**
3004   * The DN of the entry that will serve as the base for the configuration
3005   * for all Directory Server password storage schemes.
3006   */
3007  public static final String DN_PWSCHEME_CONFIG_BASE =
3008       "cn=Password Storage Schemes," + DN_CONFIG_ROOT;
3009
3010
3011
3012  /**
3013   * The DN of the entry that will serve as the base for the configuration
3014   * for all Directory Server password validators.
3015   */
3016  public static final String DN_PWVALIDATOR_CONFIG_BASE =
3017       "cn=Password Validators," + DN_CONFIG_ROOT;
3018
3019
3020
3021  /**
3022   * The DN of the entry that will serve as the parent for all root DN
3023   * configuration entries.
3024   */
3025  public static final String DN_ROOT_DN_CONFIG_BASE =
3026       "cn=Root DNs," + DN_CONFIG_ROOT;
3027
3028
3029
3030  /**
3031   * The DN of the entry that will hold the configuration information for the
3032   * Directory Server root DSE.
3033   */
3034  public static final String DN_ROOT_DSE_CONFIG =
3035       "cn=Root DSE," + DN_CONFIG_ROOT;
3036
3037
3038
3039  /**
3040   * The DN of the entry that will serve as the base for the configuration
3041   * for all Directory Server SASL mechanism handlers.
3042   */
3043  public static final String DN_SASL_CONFIG_BASE =
3044       "cn=SASL Mechanisms," + DN_CONFIG_ROOT;
3045
3046
3047
3048  /**
3049   * The DN of the entry that will serve as the base for the configuration for
3050   * all Directory Server synchronization providers.
3051   */
3052  public static final String DN_SYNCHRONIZATION_PROVIDER_BASE =
3053       "cn=Synchronization Providers," + DN_CONFIG_ROOT;
3054
3055
3056  /**
3057   * The DN of the entry containing the access control handler configuration.
3058   */
3059  public static final String DN_AUTHZ_HANDLER_CONFIG =
3060       "cn=Access Control Handler," + DN_CONFIG_ROOT;
3061
3062
3063  /**
3064   * The DN of the entry that will serve as the base for all Directory Server
3065   * attribute syntaxes.
3066   */
3067  public static final String DN_SYNTAX_CONFIG_BASE =
3068       "cn=Syntaxes," + DN_CONFIG_ROOT;
3069
3070
3071
3072  /**
3073   * The DN of the entry that will serve as the base for all Directory Server
3074   * task information.
3075   */
3076  public static final String DN_TASK_ROOT = "cn=Tasks";
3077
3078
3079
3080  /**
3081   * The DN of the entry that will hold information about the Directory Server
3082   * work queue configuration.
3083   */
3084  public static final String DN_WORK_QUEUE_CONFIG =
3085       "cn=Work Queue," + DN_CONFIG_ROOT;
3086
3087
3088
3089  /**
3090   * The name of the environment variable that the Directory Server may check to
3091   * determine the installation root.
3092   */
3093  public static final String ENV_VAR_INSTALL_ROOT = "INSTALL_ROOT";
3094
3095
3096
3097  /**
3098   * The class name string that should be used in JMX MBeanAttributeInfo objects
3099   * whose value is a Boolean array.
3100   */
3101  public static final String JMX_TYPE_BOOLEAN_ARRAY = "[Z";
3102
3103
3104
3105  /**
3106   * The class name string that should be used in JMX MBeanAttributeInfo objects
3107   * whose value is a byte array.
3108   */
3109  public static final String JMX_TYPE_BYTE_ARRAY = "[B";
3110
3111
3112
3113  /**
3114   * The class name string that should be used in JMX MBeanAttributeInfo objects
3115   * whose value is a character array.
3116   */
3117  public static final String JMX_TYPE_CHARACTER_ARRAY = "[C";
3118
3119
3120
3121  /**
3122   * The class name string that should be used in JMX MBeanAttributeInfo objects
3123   * whose value is a double array.
3124   */
3125  public static final String JMX_TYPE_DOUBLE_ARRAY = "[D";
3126
3127
3128
3129  /**
3130   * The class name string that should be used in JMX MBeanAttributeInfo objects
3131   * whose value is a float array.
3132   */
3133  public static final String JMX_TYPE_FLOAT_ARRAY = "[F";
3134
3135
3136
3137  /**
3138   * The class name string that should be used in JMX MBeanAttributeInfo objects
3139   * whose value is an integer array.
3140   */
3141  public static final String JMX_TYPE_INT_ARRAY = "[I";
3142
3143
3144
3145  /**
3146   * The class name string that should be used in JMX MBeanAttributeInfo objects
3147   * whose value is a long array.
3148   */
3149  public static final String JMX_TYPE_LONG_ARRAY = "[J";
3150
3151
3152
3153  /**
3154   * The class name string that should be used in JMX MBeanAttributeInfo objects
3155   * whose value is a short array.
3156   */
3157  public static final String JMX_TYPE_SHORT_ARRAY = "[S";
3158
3159
3160
3161  /**
3162   * The class name string that should be used in JMX MBeanAttributeInfo objects
3163   * whose value is a string array.  Note that this format is significantly
3164   * different from the format used for arrays of primitive types.
3165   */
3166  public static final String JMX_TYPE_STRING_ARRAY =
3167       "[L" + String.class.getName() + ";";
3168
3169
3170
3171  /**
3172   * The name of the objectclass that will be used for a Directory Server
3173   * access logger.
3174   */
3175  public static final String OC_ACCESS_LOGGER =
3176       "ds-cfg-access-log-publisher";
3177
3178
3179
3180  /**
3181   * The name of the objectclass that will be used for a Directory Server
3182   * account status notification handler.
3183   */
3184  public static final String OC_ACCT_NOTIFICATION_HANDLER =
3185       "ds-cfg-account-status-notification-handler";
3186
3187
3188
3189  /**
3190   * The name of the objectclass that will be used for a Directory Server alert
3191   * handler.
3192   */
3193  public static final String OC_ALERT_HANDLER =
3194       "ds-cfg-alert-handler";
3195
3196
3197
3198  /**
3199   * The name of the objectclass that will be used for a Directory Server
3200   * attribute syntaxes.
3201   */
3202  public static final String OC_ATTRIBUTE_SYNTAX =
3203       "ds-cfg-attribute-syntax";
3204
3205
3206
3207  /**
3208   * The name of the objectclass that will be used for a Directory Server
3209   * backend.
3210   */
3211  public static final String OC_BACKEND = "ds-cfg-backend";
3212
3213
3214
3215  /**
3216   * The name of the objectclass that will be used for a directory server backup
3217   * directory.
3218   */
3219  public static final String OC_BACKUP_DIRECTORY =
3220       NAME_PREFIX_BACKUP + "directory";
3221
3222
3223
3224  /**
3225   * The name of the objectclass that will be used for a directory server backup
3226   * information entry.
3227   */
3228  public static final String OC_BACKUP_INFO = NAME_PREFIX_BACKUP + "info";
3229
3230
3231
3232  /**
3233   * The name of the objectclass that will be used for a Directory Server
3234   * certificate mapper.
3235   */
3236  public static final String OC_CERTIFICATE_MAPPER =
3237       "ds-cfg-certificate-mapper";
3238
3239
3240
3241  /**
3242   * The name of the objectclass that will be used for a Directory Server
3243   * connection handler.
3244   */
3245  public static final String OC_CONNECTION_HANDLER =
3246       "ds-cfg-connection-handler";
3247
3248
3249
3250  /**
3251   * The name of the objectclass that will be used for a Directory Server
3252   * debug logger.
3253   */
3254  public static final String OC_DEBUG_LOGGER = "ds-cfg-debug-log-publisher";
3255
3256
3257
3258  /**
3259   * The name of the objectclass that will be used for a Directory Server
3260   * error logger.
3261   */
3262  public static final String OC_ERROR_LOGGER = "ds-cfg-error-log-publisher";
3263
3264
3265
3266  /**
3267   * The name of the objectclass that will be used for a Directory Server
3268   * extended operation handler.
3269   */
3270  public static final String OC_EXTENDED_OPERATION_HANDLER =
3271       "ds-cfg-extended-operation-handler";
3272
3273
3274
3275  /**
3276   * The name of the objectclass that will be used for a Directory Server group
3277   * implementation.
3278   */
3279  public static final String OC_GROUP_IMPLEMENTATION =
3280       "ds-cfg-group-implementation";
3281
3282
3283
3284  /**
3285   * The name of the objectclass that will be used for a Directory Server
3286   * identity mapper.
3287   */
3288  public static final String OC_IDENTITY_MAPPER =
3289       "ds-cfg-identity-mapper";
3290
3291
3292
3293  /**
3294   * The name of the objectclass that will be used for a Directory Server key
3295   * manager provider.
3296   */
3297  public static final String OC_KEY_MANAGER_PROVIDER =
3298       "ds-cfg-key-manager-provider";
3299
3300
3301
3302  /**
3303   * The name of the objectclass that will be used for a Directory Server
3304   * matching rules.
3305   */
3306  public static final String OC_MATCHING_RULE =
3307       "ds-cfg-matching-rule";
3308
3309
3310
3311  /**
3312   * The name of the objectclass that will be used for a Directory Server
3313   * monitor provider.
3314   */
3315  public static final String OC_MONITOR_PROVIDER =
3316       "ds-cfg-monitor-provider";
3317
3318
3319
3320  /**
3321   * The name of the objectclass that will be used for a Directory Server
3322   * password generator.
3323   */
3324  public static final String OC_PASSWORD_GENERATOR =
3325       "ds-cfg-password-generator";
3326
3327
3328
3329  /**
3330   * The name of the objectclass that will be used for a Directory Server
3331   * password policy.
3332   */
3333  public static final String OC_PASSWORD_POLICY =
3334       "ds-cfg-password-policy";
3335
3336
3337
3338  /**
3339   * The name of the objectclass that will be used for a Directory Server
3340   * password storage scheme.
3341   */
3342  public static final String OC_PASSWORD_STORAGE_SCHEME =
3343       "ds-cfg-password-storage-scheme";
3344
3345
3346
3347  /**
3348   * The name of the objectclass that will be used for a Directory Server
3349   * password validator.
3350   */
3351  public static final String OC_PASSWORD_VALIDATOR =
3352       "ds-cfg-password-validator";
3353
3354
3355
3356  /**
3357   * The name of the objectclass that will be used for a Directory Server
3358   * plugin.
3359   */
3360  public static final String OC_PLUGIN = "ds-cfg-plugin";
3361
3362
3363
3364  /**
3365   * The name of the objectclass that will be used for a Directory Server
3366   * recurring task definition.
3367   */
3368  public static final String OC_RECURRING_TASK = "ds-recurring-task";
3369
3370
3371
3372  /**
3373   * The name of the objectclass that will be used for a Directory Server root
3374   * DN configuration entry.
3375   */
3376  public static final String OC_ROOT_DN = "ds-cfg-root-dn-user";
3377
3378
3379
3380  /**
3381   * The name of the objectclass that will be used for a Directory Server SASL
3382   * mechanism handler.
3383   */
3384  public static final String OC_SASL_MECHANISM_HANDLER =
3385       "ds-cfg-sasl-mechanism-handler";
3386
3387
3388
3389  /**
3390   * The name of the objectclass that will be used for a Directory Server
3391   * synchronization provider.
3392   */
3393  public static final String OC_SYNCHRONIZATION_PROVIDER =
3394       "ds-cfg-synchronization-provider";
3395
3396
3397
3398  /**
3399   * The name of the objectclass that will be used for the Directory Server
3400   * access control configuration.
3401   */
3402  public static final String OC_AUTHZ_HANDLER_CONFIG =
3403       "ds-cfg-access-control-handler";
3404
3405
3406
3407  /**
3408   * The name of the objectclass that will be used for a Directory Server task
3409   * definition.
3410   */
3411  public static final String OC_TASK = "ds-task";
3412
3413
3414
3415  /**
3416   * The name of the objectclass that will be used for a Directory Server trust
3417   * manager provider.
3418   */
3419  public static final String OC_TRUST_MANAGER_PROVIDER =
3420       "ds-cfg-trust-manager-provider";
3421
3422
3423
3424  /**
3425   * The name of the operational attribute that will appear in a user's entry to
3426   * indicate whether the account has been disabled.
3427   */
3428  public static final String OP_ATTR_ACCOUNT_DISABLED =
3429       NAME_PREFIX_PWP + "account-disabled";
3430
3431
3432
3433  /**
3434   * The name of the operational attribute that may appear in a user's entry to
3435   * indicate when that account will expire (and therefore may no longer be used
3436   * to authenticate).
3437   */
3438  public static final String OP_ATTR_ACCOUNT_EXPIRATION_TIME =
3439       NAME_PREFIX_PWP + "account-expiration-time";
3440
3441
3442
3443  /**
3444   * The name of the operational attribute that will appear in an entry to
3445   * indicate when it was created.
3446   */
3447  public static final String OP_ATTR_CREATE_TIMESTAMP = "createTimestamp";
3448
3449
3450
3451  /**
3452   * The name of the create timestamp attribute, in all lowercase characters.
3453   */
3454  public static final String OP_ATTR_CREATE_TIMESTAMP_LC = "createtimestamp";
3455
3456
3457
3458  /**
3459   * The name of the operational attribute that will appear in an entry to
3460   * indicate who created it.
3461   */
3462  public static final String OP_ATTR_CREATORS_NAME = "creatorsName";
3463
3464
3465
3466  /**
3467   * The name of the creatorsName attribute, in all lowercase characters.
3468   */
3469  public static final String OP_ATTR_CREATORS_NAME_LC = "creatorsname";
3470
3471
3472
3473  /**
3474   * The name of the operational attribute that will appear in a user's entry to
3475   * hold the last login time.
3476   */
3477  public static final String OP_ATTR_LAST_LOGIN_TIME =
3478       NAME_PREFIX_PWP + "last-login-time";
3479
3480
3481
3482  /**
3483   * The name of the operational attribute that will appear in an entry to
3484   * indicate who last updated it.
3485   */
3486  public static final String OP_ATTR_MODIFIERS_NAME = "modifiersName";
3487
3488
3489
3490  /**
3491   * The name of the modifiersName attribute, in all lowercase characters.
3492   */
3493  public static final String OP_ATTR_MODIFIERS_NAME_LC = "modifiersname";
3494
3495
3496
3497  /**
3498   * The name of the operational attribute that will appear in an entry to
3499   * indicate when it was last updated.
3500   */
3501  public static final String OP_ATTR_MODIFY_TIMESTAMP = "modifyTimestamp";
3502
3503
3504
3505  /**
3506   * The name of the modify timestamp attribute, in all lowercase characters.
3507   */
3508  public static final String OP_ATTR_MODIFY_TIMESTAMP_LC = "modifytimestamp";
3509
3510
3511
3512  /**
3513   * The name of the operational attribute that will appear in a user's entry to
3514   * specify the set of privileges assigned to that user.
3515   */
3516  public static final String OP_ATTR_PRIVILEGE_NAME = "ds-privilege-name";
3517
3518
3519
3520  /**
3521   * The name of the operational attribute that will appear in a user's entry
3522   * to indicate the time that the password was last changed.
3523   */
3524  public static final String OP_ATTR_PWPOLICY_CHANGED_TIME = "pwdChangedTime";
3525
3526
3527
3528  /**
3529   * The name of the password changed time attribute, in all lowercase
3530   * characters.
3531   */
3532  public static final String OP_ATTR_PWPOLICY_CHANGED_TIME_LC =
3533       "pwdchangedtime";
3534
3535
3536
3537  /**
3538   * The name of the operational attribute that will appear in a user's entry to
3539   * indicate the times of the grace logins by that user.
3540   */
3541  public static final String OP_ATTR_PWPOLICY_GRACE_LOGIN_TIME =
3542       "pwdGraceUseTime";
3543
3544
3545
3546  /**
3547   * The name of the grace login time attribute, in all lowercase characters.
3548   */
3549  public static final String OP_ATTR_PWPOLICY_GRACE_LOGIN_TIME_LC =
3550       "pwdgraceusetime";
3551
3552
3553
3554  /**
3555   * The name of the operational attribute that specifies the time that an
3556   * authentication attempt failed.
3557   */
3558  public static final String OP_ATTR_PWPOLICY_FAILURE_TIME = "pwdFailureTime";
3559
3560
3561
3562  /**
3563   * The name of the failure time attribute, in all lowercase characters.
3564   */
3565  public static final String OP_ATTR_PWPOLICY_FAILURE_TIME_LC =
3566       "pwdfailuretime";
3567
3568
3569
3570  /**
3571   * The name of the operational attribute that is used to maintain the password
3572   * history for the user.
3573   */
3574  public static final String OP_ATTR_PWPOLICY_HISTORY = "pwdHistory";
3575
3576
3577
3578  /**
3579   * The name of the operational attribute that is used to maintain the password
3580   * history for the user, in all lowercase characters.
3581   */
3582  public static final String OP_ATTR_PWPOLICY_HISTORY_LC = "pwdhistory";
3583
3584
3585
3586  /**
3587   * The name of the operational attribute that specifies the time that the
3588   * account was locked due to too many failed attempts.
3589   */
3590  public static final String OP_ATTR_PWPOLICY_LOCKED_TIME =
3591       "pwdAccountLockedTime";
3592
3593
3594
3595  /**
3596   * The name of the locked time attribute, in all lowercase characters.
3597   */
3598  public static final String OP_ATTR_PWPOLICY_LOCKED_TIME_LC =
3599       "pwdaccountlockedtime";
3600
3601
3602
3603  /**
3604   * The name of the operational attribute that will appear in a user's entry to
3605   * indicate the time that the user changed their password as a result of a
3606   * policy-wide required change.
3607   */
3608  public static final String OP_ATTR_PWPOLICY_CHANGED_BY_REQUIRED_TIME =
3609       NAME_PREFIX_PWP + "password-changed-by-required-time";
3610
3611
3612
3613  /**
3614   * The name of the operational attribute that will appear in a user's entry
3615   * to indicate whether the password must be changed at the next
3616   * authentication.
3617   */
3618  public static final String OP_ATTR_PWPOLICY_RESET_REQUIRED = "pwdReset";
3619
3620
3621
3622  /**
3623   * The name of the password reset attribute, in all lowercase characters.
3624   */
3625  public static final String OP_ATTR_PWPOLICY_RESET_REQUIRED_LC = "pwdreset";
3626
3627
3628
3629  /**
3630   * The name of the operational attribute that will appear in a user's entry to
3631   * indicate which password policy should be used.
3632   */
3633  public static final String OP_ATTR_PWPOLICY_POLICY_DN =
3634       "ds-pwp-password-policy-dn";
3635
3636
3637
3638  /**
3639   * The name of the operational attribute that indicates when the user was
3640   * first warned about an upcoming password expiration.
3641   */
3642  public static final String OP_ATTR_PWPOLICY_WARNED_TIME =
3643       NAME_PREFIX_PWP + "warned-time";
3644
3645
3646
3647  /**
3648   * The name of the operational attribute that may be included in user entries
3649   * to specify an idle time limit to be applied for that user.
3650   */
3651  public static final String OP_ATTR_USER_IDLE_TIME_LIMIT =
3652      NAME_PREFIX_RLIM + "idle-time-limit";
3653
3654
3655
3656  /**
3657   * The name of the operational attribute that may be included in user
3658   * entries to specify a size limit to be applied for that user.
3659   */
3660  public static final String OP_ATTR_USER_SIZE_LIMIT =
3661       NAME_PREFIX_RLIM + "size-limit";
3662
3663
3664
3665  /**
3666   * The name of the operational attribute that may be included in user
3667   * entries to specify a time limit to be applied for that user.
3668   */
3669  public static final String OP_ATTR_USER_TIME_LIMIT =
3670       NAME_PREFIX_RLIM + "time-limit";
3671
3672
3673
3674  /**
3675   * The name of the operational attribute that may be included in user
3676   * entries to specify a lookthrough limit for that user.
3677   */
3678  public static final String OP_ATTR_USER_LOOKTHROUGH_LIMIT =
3679      NAME_PREFIX_RLIM + "lookthrough-limit";
3680
3681
3682
3683  /**
3684   * The name of the operational attribute which will be put in user's entry in
3685   * order to cache a copy of their password for pass through authentication.
3686   */
3687  public static final String OP_ATTR_PTAPOLICY_CACHED_PASSWORD =
3688       "ds-pta-cached-password";
3689
3690
3691
3692  /**
3693   * The name of the operational attribute which will be put in user's entry in
3694   * order to record the time at which their password was cached for pass
3695   * through authentication.
3696   */
3697  public static final String OP_ATTR_PTAPOLICY_CACHED_PASSWORD_TIME =
3698       "ds-pta-cached-password-time";
3699
3700
3701
3702  /**
3703   * The name of the attribute option used to indicate that a configuration
3704   * attribute has one or more pending values.
3705   */
3706  public static final String OPTION_PENDING_VALUES = "pending";
3707
3708
3709
3710  /**
3711   * The path to the directory that should serve as the MakeLDIF resource
3712   * directory.  It is relative to the server root.
3713   */
3714  public static final String PATH_MAKELDIF_RESOURCE_DIR =
3715       "config" + File.separator + "MakeLDIF";
3716
3717
3718
3719  /**
3720   * The path to the directory containing the server schema definitions.  It is
3721   * relative to the server root.
3722   */
3723  public static final String PATH_SCHEMA_DIR =
3724       "config" + File.separator + "schema";
3725
3726
3727
3728  /**
3729   * The name (with no path information) of the file in the schema directory
3730   * that will contain user-defined schema definitions.
3731   */
3732  public static final String FILE_USER_SCHEMA_ELEMENTS = "99-user.ldif";
3733
3734
3735
3736  /**
3737   * The name of the configuration attribute that indicates the log file
3738   * where the loggers will log the information.
3739   */
3740  public static final String ATTR_LOGGER_FILE =
3741         "ds-cfg-log-file";
3742
3743
3744
3745  /**
3746   * The name of the configuration attribute that indicates the default
3747   * severity levels for the logger.
3748   */
3749  public static final String ATTR_LOGGER_DEFAULT_SEVERITY =
3750        "ds-cfg-default-severity";
3751
3752
3753
3754  /**
3755   * The name of the configuration attribute that indicates the override
3756   * severity levels for the logger.
3757   */
3758  public static final String ATTR_LOGGER_OVERRIDE_SEVERITY =
3759        "ds-cfg-override-severity";
3760
3761
3762  /**
3763   * The name of the configuration attribute that indicates the backend database
3764   * location on disk.
3765   */
3766  public static final String ATTR_BACKEND_DIRECTORY =
3767       "ds-cfg-db-directory";
3768
3769
3770
3771  /**
3772   * The name of the attribute which configures the file permission mode
3773   * for the database direction.
3774   */
3775  public static final String ATTR_BACKEND_MODE =
3776      "ds-cfg-db-directory-permissions";
3777
3778
3779
3780  /**
3781   * The name of the file (with no path information) that will be used as the
3782   * backing file for holding the tasks defined in the Directory Server.
3783   */
3784  public static final String TASK_FILE_NAME = "tasks.ldif";
3785
3786
3787
3788  /**
3789   * The string representation of the RDN that should be used for the entry that
3790   * is the immediate parent of all recurring task definitions in the server.
3791   */
3792  public static final String RECURRING_TASK_BASE_RDN = "cn=Recurring Tasks";
3793
3794
3795
3796  /**
3797   * The string representation of the RDN that should be used for the entry that
3798   * is the immediate parent of all scheduled task definitions in the server.
3799   */
3800  public static final String SCHEDULED_TASK_BASE_RDN = "cn=Scheduled Tasks";
3801
3802
3803
3804  /**
3805   * The name of the objectclass that will be used for a Directory Server
3806   * import task definition.
3807   */
3808  public static final String OC_IMPORT_TASK = NAME_PREFIX_TASK + "import";
3809
3810
3811
3812  /**
3813   * The name of the attribute in an import task definition that specifies the
3814   * path to the file containing the LDIF data to import.
3815   */
3816  public static final String ATTR_IMPORT_LDIF_FILE =
3817       NAME_PREFIX_TASK + "import-ldif-file";
3818
3819
3820  /**
3821   * The name of the attribute in an import task definition that specifies the
3822   * path to the file containing the template data to import.
3823   */
3824  public static final String ATTR_IMPORT_TEMPLATE_FILE =
3825       NAME_PREFIX_TASK + "import-template-file";
3826
3827
3828  /**
3829   * The name of the attribute in an import task definition that specifies the
3830   * random seed to be used when we pass a template file to the import.
3831   */
3832  public static final String ATTR_IMPORT_RANDOM_SEED =
3833       NAME_PREFIX_TASK + "import-random-seed";
3834
3835
3836  /**
3837   * The name of the attribute in an import task definition that specifies the
3838   * thread count to be used during the import.
3839   */
3840  public static final String ATTR_IMPORT_THREAD_COUNT =
3841       NAME_PREFIX_TASK + "import-thread-count";
3842
3843  /**
3844   * The name of the attribute in an import task definition that specifies
3845   * whether the import process should append to the existing database rather
3846   * than overwriting it.
3847   */
3848  public static final String ATTR_IMPORT_APPEND =
3849       NAME_PREFIX_TASK + "import-append";
3850
3851
3852
3853  /**
3854   * The name of the attribute in an import task definition that specifies
3855   * whether an existing entry should be replaced when appending to an existing
3856   * database.
3857   */
3858  public static final String ATTR_IMPORT_REPLACE_EXISTING =
3859       NAME_PREFIX_TASK + "import-replace-existing";
3860
3861
3862
3863  /**
3864   * The name of the attribute in an import task definition that specifies the
3865   * backend ID for the backend into which the date should be imported.
3866   */
3867  public static final String ATTR_IMPORT_BACKEND_ID =
3868       NAME_PREFIX_TASK + "import-backend-id";
3869
3870
3871
3872  /**
3873   * The name of the attribute in an import task definition that specifies the
3874   * base DN of a branch that should be included in the LDIF import.
3875   */
3876  public static final String ATTR_IMPORT_INCLUDE_BRANCH =
3877       NAME_PREFIX_TASK + "import-include-branch";
3878
3879
3880
3881  /**
3882   * The name of the attribute in an import task definition that specifies the
3883   * base DN of a branch that should be excluded from the LDIF import.
3884   */
3885  public static final String ATTR_IMPORT_EXCLUDE_BRANCH =
3886       NAME_PREFIX_TASK + "import-exclude-branch";
3887
3888
3889
3890  /**
3891   * The name of the attribute in an import task definition that specifies an
3892   * attribute that should be included in the LDIF import.
3893   */
3894  public static final String ATTR_IMPORT_INCLUDE_ATTRIBUTE =
3895       NAME_PREFIX_TASK + "import-include-attribute";
3896
3897
3898
3899  /**
3900   * The name of the attribute in an import task definition that specifies an
3901   * attribute that should be excluded from the LDIF import.
3902   */
3903  public static final String ATTR_IMPORT_EXCLUDE_ATTRIBUTE =
3904       NAME_PREFIX_TASK + "import-exclude-attribute";
3905
3906
3907
3908  /**
3909   * The name of the attribute in an import task definition that specifies
3910   * a search filter that may be used to control which entries are included
3911   * in the import.
3912   */
3913  public static final String ATTR_IMPORT_INCLUDE_FILTER =
3914       NAME_PREFIX_TASK + "import-include-filter";
3915
3916
3917
3918  /**
3919   * The name of the attribute in an import task definition that specifies
3920   * a search filter that may be used to control which entries are excluded
3921   * from the import.
3922   */
3923  public static final String ATTR_IMPORT_EXCLUDE_FILTER =
3924       NAME_PREFIX_TASK + "import-exclude-filter";
3925
3926
3927
3928  /**
3929   * The name of the attribute in an import task definition that specifies
3930   * the path to a file into which rejected entries may be written if they
3931   * are not accepted during the import process.
3932   */
3933  public static final String ATTR_IMPORT_REJECT_FILE =
3934       NAME_PREFIX_TASK + "import-reject-file";
3935
3936
3937  /**
3938   * The name of the attribute in an import task definition that specifies
3939   * the path to a file into which skipped entries may be written if they
3940   * do not match criteria during the import process.
3941   */
3942  public static final String ATTR_IMPORT_SKIP_FILE =
3943       NAME_PREFIX_TASK + "import-skip-file";
3944
3945
3946  /**
3947   * The name of the attribute in an import task definition that specifies
3948   * whether to overwrite an existing rejects and/or skip file when performing
3949   * an LDIF import rather than appending to it.
3950   */
3951  public static final String ATTR_IMPORT_OVERWRITE =
3952       NAME_PREFIX_TASK + "import-overwrite-rejects";
3953
3954
3955  /**
3956   * The name of the attribute in an import task definition that specifies
3957   * whether to skip schema validation during the import.
3958   */
3959  public static final String ATTR_IMPORT_SKIP_SCHEMA_VALIDATION =
3960       NAME_PREFIX_TASK + "import-skip-schema-validation";
3961
3962
3963
3964  /**
3965   * The name of the attribute in an import task definition that specifies
3966   * whether the LDIF file containing the data to import is compressed.
3967   */
3968  public static final String ATTR_IMPORT_IS_COMPRESSED =
3969       NAME_PREFIX_TASK + "import-is-compressed";
3970
3971
3972
3973  /**
3974   * The name of the attribute in an import task definition that specifies
3975   * whether the LDIF file containing the data to import is encrypted.
3976   */
3977  public static final String ATTR_IMPORT_IS_ENCRYPTED =
3978       NAME_PREFIX_TASK + "import-is-encrypted";
3979
3980   /**
3981   * The name of the attribute in an import task definition that specifies
3982   * the temp directory path.
3983   */
3984
3985  public static final String ATTR_IMPORT_TMP_DIRECTORY =
3986       NAME_PREFIX_TASK + "import-tmp-directory";
3987
3988    /**
3989   * The name of the attribute in an import task definition that specifies
3990   * that minimal DN validation should be done during phase 2.
3991   */
3992
3993   public static final String ATTR_IMPORT_SKIP_DN_VALIDATION =
3994       NAME_PREFIX_TASK + "import-skip-dn-validation";
3995
3996  /**
3997   * The name of the objectclass that will be used for a Directory Server
3998   * initialize task definition.
3999   */
4000  public static final String OC_INITIALIZE_TASK =
4001    NAME_PREFIX_TASK + "initialize-from-remote-replica";
4002
4003  /**
4004   * The name of the attribute in an initialize task definition that specifies
4005   * the base dn related to the synchonization domain to initialize.
4006   */
4007  public static final String ATTR_TASK_INITIALIZE_DOMAIN_DN =
4008       NAME_PREFIX_TASK + "initialize-domain-dn";
4009
4010  /**
4011   * The name of the attribute in an initialize target task definition that
4012   * specifies the source in terms of source server from which to initialize.
4013   */
4014  public static final String ATTR_TASK_INITIALIZE_SOURCE =
4015       NAME_PREFIX_TASK + "initialize-replica-server-id";
4016
4017  /**
4018   * The name of the objectclass that will be used for a Directory Server
4019   * initialize target task definition.
4020   */
4021  public static final String OC_INITIALIZE_TARGET_TASK =
4022    NAME_PREFIX_TASK + "initialize-remote-replica";
4023
4024  /**
4025   * The name of the attribute in an initialize target task definition that
4026   * specifies the base dn related to the synchonization domain to initialize.
4027   */
4028  public static final String ATTR_TASK_INITIALIZE_TARGET_DOMAIN_DN =
4029       NAME_PREFIX_TASK + "initialize-domain-dn";
4030
4031  /**
4032   * The name of the attribute in an initialize target task definition that
4033   * specifies the scope in terms of servers to initialize.
4034   */
4035  public static final String ATTR_TASK_INITIALIZE_TARGET_SCOPE =
4036       NAME_PREFIX_TASK + "initialize-replica-server-id";
4037
4038  /**
4039   * The name of the attribute in an initialize target task definition that
4040   * specifies the scope in terms of servers to initialize.
4041   */
4042  public static final String ATTR_TASK_INITIALIZE_LEFT =
4043       NAME_PREFIX_TASK + "unprocessed-entry-count";
4044
4045  /**
4046   * The name of the attribute in an initialize target task definition that
4047   * specifies the scope in terms of servers to initialize.
4048   */
4049  public static final String ATTR_TASK_INITIALIZE_DONE =
4050       NAME_PREFIX_TASK + "processed-entry-count";
4051
4052
4053  /**
4054   * The name of the objectclass that will be used for a Directory Server
4055   * export task definition.
4056   */
4057  public static final String OC_EXPORT_TASK = NAME_PREFIX_TASK + "export";
4058
4059
4060
4061  /**
4062   * The name of the attribute in an export task definition that specifies the
4063   * path to the file to which the LDIF data should be written.
4064   */
4065  public static final String ATTR_TASK_EXPORT_LDIF_FILE =
4066       NAME_PREFIX_TASK + "export-ldif-file";
4067
4068
4069
4070  /**
4071   * The name of the attribute in an export task definition that specifies
4072   * whether the export process should append to an existing LDIF file rather
4073   * than overwrite it.
4074   */
4075  public static final String ATTR_TASK_EXPORT_APPEND_TO_LDIF =
4076       NAME_PREFIX_TASK + "export-append-to-ldif";
4077
4078
4079
4080  /**
4081   * The name of the attribute in an export task definition that specifies the
4082   * backend ID for the backend from which the data should be exported.
4083   */
4084  public static final String ATTR_TASK_EXPORT_BACKEND_ID =
4085       NAME_PREFIX_TASK + "export-backend-id";
4086
4087
4088
4089  /**
4090   * The name of the attribute in an export task definition that specifies the
4091   * base DN of a branch that should be included in the LDIF export.
4092   */
4093  public static final String ATTR_TASK_EXPORT_INCLUDE_BRANCH =
4094       NAME_PREFIX_TASK + "export-include-branch";
4095
4096
4097
4098  /**
4099   * The name of the attribute in an export task definition that specifies the
4100   * base DN of a branch that should be excluded from the LDIF export.
4101   */
4102  public static final String ATTR_TASK_EXPORT_EXCLUDE_BRANCH =
4103       NAME_PREFIX_TASK + "export-exclude-branch";
4104
4105
4106
4107  /**
4108   * The name of the attribute in an export task definition that specifies an
4109   * attribute that should be included in the LDIF export.
4110   */
4111  public static final String ATTR_TASK_EXPORT_INCLUDE_ATTRIBUTE =
4112       NAME_PREFIX_TASK + "export-include-attribute";
4113
4114
4115
4116  /**
4117   * The name of the attribute in an export task definition that specifies an
4118   * attribute that should be excluded from the LDIF export.
4119   */
4120  public static final String ATTR_TASK_EXPORT_EXCLUDE_ATTRIBUTE =
4121       NAME_PREFIX_TASK + "export-exclude-attribute";
4122
4123
4124
4125  /**
4126   * The name of the attribute in an export task definition that specifies
4127   * a search filter that may be used to control which entries are included
4128   * in the export.
4129   */
4130  public static final String ATTR_TASK_EXPORT_INCLUDE_FILTER =
4131       NAME_PREFIX_TASK + "export-include-filter";
4132
4133
4134
4135  /**
4136   * The name of the attribute in an export task definition that specifies
4137   * a search filter that may be used to control which entries are excluded
4138   * from the export.
4139   */
4140  public static final String ATTR_TASK_EXPORT_EXCLUDE_FILTER =
4141       NAME_PREFIX_TASK + "export-exclude-filter";
4142
4143
4144
4145  /**
4146   * The name of the attribute in an export task definition that specifies
4147   * the column at which long lines should be wrapped.
4148   */
4149  public static final String ATTR_TASK_EXPORT_WRAP_COLUMN =
4150       NAME_PREFIX_TASK + "export-wrap-column";
4151
4152  /**
4153   * The name of the attribute in an export task definition that specifies
4154   * that operational attributes have to be included.
4155   */
4156  public static final String ATTR_TASK_EXPORT_INCLUDE_OPERATIONAL_ATTRIBUTES =
4157       NAME_PREFIX_TASK + "export-include-operational-attributes";
4158
4159
4160  /**
4161   * The name of the attribute in an export task definition that specifies
4162   * whether the LDIF data should be compressed as it is exported.
4163   */
4164  public static final String ATTR_TASK_EXPORT_COMPRESS_LDIF =
4165       NAME_PREFIX_TASK + "export-compress-ldif";
4166
4167
4168
4169  /**
4170   * The name of the attribute in an export task definition that specifies
4171   * whether the LDIF data should be encrypted as it is exported.
4172   */
4173  public static final String ATTR_TASK_EXPORT_ENCRYPT_LDIF =
4174       NAME_PREFIX_TASK + "export-encrypt-ldif";
4175
4176
4177
4178  /**
4179   * The name of the attribute in an export task definition that specifies
4180   * whether a signed hash of the export data should be appended to the LDIF
4181   * file.
4182   */
4183  public static final String ATTR_TASK_EXPORT_SIGN_HASH =
4184       NAME_PREFIX_TASK + "export-sign-hash";
4185
4186
4187
4188  /**
4189   * The name of the objectclass that will be used for a Directory Server
4190   * restore task definition.
4191   */
4192  public static final String OC_RESTORE_TASK = NAME_PREFIX_TASK + "restore";
4193
4194
4195
4196  /**
4197   * The name of the attribute in a restore task definition that specifies
4198   * whether the contents of the backup should be verified but not restored.
4199   */
4200  public static final String ATTR_TASK_RESTORE_VERIFY_ONLY =
4201       NAME_PREFIX_TASK + "restore-verify-only";
4202
4203
4204
4205  /**
4206   * The name of the objectclass that will be used for a Directory Server
4207   * backup task definition.
4208   */
4209  public static final String OC_BACKUP_TASK = NAME_PREFIX_TASK + "backup";
4210
4211
4212
4213  /**
4214   * The name of the attribute in a backup task definition that specifies
4215   * the backend ID for a backend that should be archived.
4216   */
4217  public static final String ATTR_TASK_BACKUP_BACKEND_ID =
4218       NAME_PREFIX_TASK + "backup-backend-id";
4219
4220
4221
4222  /**
4223   * The name of the attribute in a backup task definition that specifies
4224   * whether all backends defined in the server should be backed up.
4225   */
4226  public static final String ATTR_TASK_BACKUP_ALL =
4227       NAME_PREFIX_TASK + "backup-all";
4228
4229
4230
4231  /**
4232   * The name of the attribute in a backup task definition that specifies
4233   * whether to generate and incremental backup or a full backup.
4234   */
4235  public static final String ATTR_TASK_BACKUP_INCREMENTAL =
4236       NAME_PREFIX_TASK + "backup-incremental";
4237
4238
4239
4240  /**
4241   * The name of the attribute in a backup task definition that specifies
4242   * the backup ID of the backup against which an incremental backup should
4243   * be taken.
4244   */
4245  public static final String ATTR_TASK_BACKUP_INCREMENTAL_BASE_ID =
4246       NAME_PREFIX_TASK + "backup-incremental-base-id";
4247
4248
4249
4250  /**
4251   * The name of the attribute in a backup task definition that specifies
4252   * whether the backup file(s) should be compressed.
4253   */
4254  public static final String ATTR_TASK_BACKUP_COMPRESS =
4255       NAME_PREFIX_TASK + "backup-compress";
4256
4257
4258
4259  /**
4260   * The name of the attribute in a backup task definition that specifies
4261   * whether the backup file(s) should be compressed.
4262   */
4263  public static final String ATTR_TASK_BACKUP_ENCRYPT =
4264       NAME_PREFIX_TASK + "backup-encrypt";
4265
4266
4267
4268  /**
4269   * The name of the attribute in a backup task definition that specifies
4270   * whether to generate a hash of the backup file(s) for integrity
4271   * verification during restore.
4272   */
4273  public static final String ATTR_TASK_BACKUP_HASH =
4274       NAME_PREFIX_TASK + "backup-hash";
4275
4276
4277
4278  /**
4279   * The name of the attribute in a backup task definition that specifies
4280   * whether the hash of the archive file(s) should be digitally signed to
4281   * provide tamper detection.
4282   */
4283  public static final String ATTR_TASK_BACKUP_SIGN_HASH =
4284       NAME_PREFIX_TASK + "backup-sign-hash";
4285  /**
4286   * The name of the attribute in the add schema file task definition that
4287   * specifies the name of the schema file to be added.
4288   */
4289  public static final String ATTR_TASK_ADDSCHEMAFILE_FILENAME =
4290       NAME_PREFIX_TASK + "schema-file-name";
4291
4292
4293  /**
4294   * The name of the attribute in a debug target configuration for a debug
4295   * logger that specifies the scope of the debug target.
4296   */
4297  public static final String ATTR_LOGGER_DEBUG_SCOPE =
4298      NAME_PREFIX_TASK + "debug-scope";
4299
4300  /**
4301   * The name of the attribute in a logger configuration that spcifies the
4302   * log level.
4303   */
4304  public static final String ATTR_LOGGER_LEVEL =
4305      NAME_PREFIX_TASK + "log-level";
4306
4307  /**
4308   * The name of the attribute in a logger configuration that specifies
4309   * whether to asyncornously writes log records to disk.
4310   */
4311  public static final String ATTR_LOGGER_ASYNC_WRITE =
4312      NAME_PREFIX_TASK + "async-write";
4313
4314
4315  /**
4316   * The name of the attribute in an rebuild task definition that specifies the
4317   * base DN of the indexes to do the rebuild in.
4318   */
4319  public static final String ATTR_REBUILD_BASE_DN =
4320       NAME_PREFIX_TASK + "rebuild-base-dn";
4321
4322
4323  /**
4324   * The name of the attribute in an rebuild task definition that specifies the
4325   * indexes to rebuild.
4326   */
4327  public static final String ATTR_REBUILD_INDEX =
4328       NAME_PREFIX_TASK + "rebuild-index";
4329
4330  /**
4331   * The name of the attribute in an rebuild task definition that specifies the
4332   * degraded index which needs to be clear.
4333   */
4334  public static final String ATTR_REBUILD_INDEX_CLEARDEGRADEDSTATE =
4335      ATTR_REBUILD_INDEX + "-clear-degraded-state";
4336
4337
4338  /**
4339   * The name of the attribute in an rebuild task definition that specifies the
4340   * temporary scratch file.
4341   */
4342  public static final String ATTR_REBUILD_TMP_DIRECTORY =
4343       NAME_PREFIX_TASK + "rebuild-tmp-directory";
4344
4345  /**
4346   * Used to specify that the rebuild all boolean should be set.
4347   */
4348  public static final String REBUILD_ALL = "rebuildall";
4349
4350  /**
4351   * Used to specify that the rebuild degraded boolean should be set.
4352   */
4353  public static final String REBUILD_DEGRADED = "rebuilddegraded";
4354
4355  /**
4356   * The name of the objectclass that will be used for a Directory Server
4357   * reset generationId task definition.
4358   */
4359  public static final String OC_RESET_GENERATION_ID_TASK =
4360       NAME_PREFIX_TASK + "reset-generation-id";
4361
4362
4363  /**
4364   * The name of the attribute containing the baseDn related to the replication
4365   * domain to which applies the task.
4366   */
4367  public static final String ATTR_TASK_SET_GENERATION_ID_DOMAIN_DN =
4368    OC_RESET_GENERATION_ID_TASK + "-domain-base-dn";
4369
4370  /**
4371   * The name of the attribute containing the new value of the generation ID
4372   * related to the replication domain to which applies the task.
4373   */
4374  public static final String ATTR_TASK_SET_GENERATION_ID_NEW_VALUE =
4375    OC_RESET_GENERATION_ID_TASK + "-new-value";
4376
4377  /**
4378   * The name of the attribute in an import task definition that specifies
4379   * whether the backend should be cleared before the import.
4380   */
4381  public static final String ATTR_IMPORT_CLEAR_BACKEND =
4382       NAME_PREFIX_TASK + "import-clear-backend";
4383
4384  /**
4385   * The name of the attribute in a purge conflicts historical task definition
4386   * that specifies the base dn related to the synchonization domain to purge.
4387   */
4388  public static final String ATTR_TASK_CONFLICTS_HIST_PURGE_DOMAIN_DN =
4389       NAME_PREFIX_TASK + "purge-conflicts-historical-domain-dn";
4390
4391  /**
4392   * The name of the attribute in a purge conflicts historical task definition
4393   * that specifies the maximum duration of the task.
4394   */
4395  public static final String ATTR_TASK_CONFLICTS_HIST_PURGE_MAX_DURATION =
4396       NAME_PREFIX_TASK + "purge-conflicts-historical-maximum-duration";
4397
4398  /**
4399   * The name of the attribute in a purge conflicts historical task definition
4400   * that specifies the maximum duration of the task.
4401   */
4402  public static final String ATTR_TASK_CONFLICTS_HIST_PURGE_FIRST_CSN =
4403     NAME_PREFIX_TASK + "purge-conflicts-historical-first-purged-changenumber";
4404
4405  /**
4406   * The name of the attribute in a purge conflicts historical task definition
4407   * that specifies the maximum duration of the task.
4408   */
4409  public static final String ATTR_TASK_CONFLICTS_HIST_PURGE_LAST_CSN =
4410       NAME_PREFIX_TASK + "purge-conflicts-historical-last-purged-changenumber";
4411
4412  /**
4413   * The name of the attribute in a purge conflicts historical task definition
4414   * that specifies the maximum duration of the task.
4415   */
4416  public static final String ATTR_TASK_CONFLICTS_HIST_PURGE_COMPLETED_IN_TIME =
4417       NAME_PREFIX_TASK + "purge-conflicts-historical-purge-completed-in-time";
4418
4419  /**
4420   * The name of the attribute in a purge conflicts historical task definition
4421   * that specifies the maximum duration of the task.
4422   */
4423  public static final String ATTR_TASK_CONFLICTS_HIST_PURGE_COUNT =
4424       NAME_PREFIX_TASK + "purge-conflicts-historical-purged-values-count";
4425
4426}
4427