package ldap

  1. Overview
  2. Docs

Common data types used by ocamldap. Most of these types are taken from the ASN.1 specification for LDAP as defined in rfc2251 @see <http://www.ietf.org/rfc/rfc2251.txt> rfc2251

exception LDAP_Encoder of string

An encoding error has occurred, the argument contains a description of the error This is likely a bug, so it should be reported

exception LDAP_Decoder of string

A decoding error has occurred, the argument contains a description of the error. This MAY be a bug, but it may also be that the server you are talking to is non standard. Please report these right away in any case.

type ldap_resultcode = [
  1. | `SUCCESS
  2. | `OPERATIONS_ERROR
  3. | `PROTOCOL_ERROR
  4. | `TIMELIMIT_EXCEEDED
  5. | `SIZELIMIT_EXCEEDED
  6. | `COMPARE_FALSE
  7. | `COMPARE_TRUE
  8. | `AUTH_METHOD_NOT_SUPPORTED
  9. | `STRONG_AUTH_REQUIRED
  10. | `REFERRAL
  11. | `ADMINLIMIT_EXCEEDED
  12. | `UNAVAILABLE_CRITICAL_EXTENSION
  13. | `CONFIDENTIALITY_REQUIRED
  14. | `SASL_BIND_IN_PROGRESS
  15. | `NO_SUCH_ATTRIBUTE
  16. | `UNDEFINED_TYPE
  17. | `INAPPROPRIATE_MATCHING
  18. | `CONSTRAINT_VIOLATION
  19. | `TYPE_OR_VALUE_EXISTS
  20. | `INVALID_SYNTAX
  21. | `NO_SUCH_OBJECT
  22. | `ALIAS_PROBLEM
  23. | `INVALID_DN_SYNTAX
  24. | `IS_LEAF
  25. | `ALIAS_DEREF_PROBLEM
  26. | `INAPPROPRIATE_AUTH
  27. | `INVALID_CREDENTIALS
  28. | `INSUFFICIENT_ACCESS
  29. | `BUSY
  30. | `UNAVAILABLE
  31. | `UNWILLING_TO_PERFORM
  32. | `LOOP_DETECT
  33. | `NAMING_VIOLATION
  34. | `OBJECT_CLASS_VIOLATION
  35. | `NOT_ALLOWED_ON_NONLEAF
  36. | `NOT_ALLOWED_ON_RDN
  37. | `ALREADY_EXISTS
  38. | `NO_OBJECT_CLASS_MODS
  39. | `AFFECTS_MULTIPLE_DSAS
  40. | `OTHER
  41. | `SERVER_DOWN
  42. | `LOCAL_ERROR
  43. | `ENCODING_ERROR
  44. | `DECODING_ERROR
  45. | `TIMEOUT
  46. | `AUTH_UNKNOWN
  47. | `FILTER_ERROR
  48. | `USER_CANCELLED
  49. | `PARAM_ERROR
  50. | `NO_MEMORY
  51. | `CONNECT_ERROR
  52. | `NOT_SUPPORTED
  53. | `CONTROL_NOT_FOUND
  54. | `NO_RESULTS_RETURNED
  55. | `MORE_RESULTS_TO_RETURN
  56. | `CLIENT_LOOP
  57. | `REFERRAL_LIMIT_EXCEEDED
  58. | `UNKNOWN_ERROR of int
]
type ldap_result = {
  1. result_code : ldap_resultcode;
  2. matched_dn : string;
  3. error_message : string;
  4. ldap_referral : string list option;
}
type ldap_ext_return = {
  1. ext_matched_dn : string;
  2. ext_referral : string list option;
}

extended information to return with the LDAP_Failure exception. Contains the remaining values which are defined by the protocol ext_matched_dn: the matched dn. Commonly set by `NO_SUCH_OBJECT. ext_referral: a list of ldapurls returned by the server when you attempted to do a write operation. If you use Ldap_ooclient with referrals set to follow you will never see this

exception LDAP_Failure of ldap_resultcode * string * ldap_ext_return

The exception raised to indicate all types of failure in the higher level libraries Ldap_funclient, and Ldap_ooclient. example LDAP_Failure (`NO_SUCH_OBJECT, "no such object", {ext_matched_dn=Some "o=csun";ext_referral=None})

type saslCredentials = {
  1. sasl_mechanism : string;
  2. sasl_credentials : string option;
}
type authentication =
  1. | Simple of string
  2. | Sasl of saslCredentials
type bind_request = {
  1. bind_version : int;
  2. bind_name : string;
  3. bind_authentication : authentication;
}
type bind_response = {
  1. bind_result : ldap_result;
  2. bind_serverSaslCredentials : string option;
}
type attribute = {
  1. attr_type : string;
  2. attr_vals : string list;
}
type dn = attribute list
type search_result_entry = {
  1. sr_dn : string;
  2. sr_attributes : attribute list;
}

the type used to encode and decode a search entry. Also the type returned by search_s and search_a in Ldap_funclient

type search_scope = [
  1. | `BASE
    (*

    search only at the base

    *)
  2. | `ONELEVEL
    (*

    search one level below the base

    *)
  3. | `SUBTREE
    (*

    search the entire tree under the base

    *)
]

a type defining the scope of a search filter

type alias_deref = [
  1. | `NEVERDEREFALIASES
  2. | `DEREFINSEARCHING
  3. | `DEREFFINDINGBASE
  4. | `DEREFALWAYS
]
type attribute_value_assertion = {
  1. attributeDesc : string;
  2. assertionValue : string;
}
type matching_rule_assertion = {
  1. matchingRule : string option;
  2. ruletype : string option;
  3. matchValue : string;
  4. dnAttributes : bool;
}
type substring_component = {
  1. substr_initial : string list;
  2. substr_any : string list;
  3. substr_final : string list;
}
type substring_filter = {
  1. attrtype : string;
  2. substrings : substring_component;
}
type filter = [
  1. | `And of filter list
  2. | `Or of filter list
  3. | `Not of filter
  4. | `EqualityMatch of attribute_value_assertion
  5. | `Substrings of substring_filter
  6. | `GreaterOrEqual of attribute_value_assertion
  7. | `LessOrEqual of attribute_value_assertion
  8. | `Present of string
  9. | `ApproxMatch of attribute_value_assertion
  10. | `ExtensibleMatch of matching_rule_assertion
]
type search_request = {
  1. baseObject : string;
  2. scope : search_scope;
  3. derefAliases : alias_deref;
  4. sizeLimit : int32;
  5. timeLimit : int32;
  6. typesOnly : bool;
  7. filter : filter;
  8. s_attributes : string list;
}
type modify_optype = [
  1. | `ADD
  2. | `DELETE
  3. | `REPLACE
]
type modify_op = {
  1. mod_op : modify_optype;
  2. mod_value : attribute;
}
type modify_request = {
  1. mod_dn : string;
  2. modification : modify_op list;
}
type modify_dn_request = {
  1. modn_dn : string;
  2. modn_newrdn : string;
  3. modn_deleteoldrdn : bool;
  4. modn_newSuperior : string option;
}
type compare_request = {
  1. cmp_dn : string;
  2. cmp_ava : attribute_value_assertion;
}
type extended_request = {
  1. ext_requestName : string;
  2. ext_requestValue : string option;
}
type extended_response = {
  1. ext_result : ldap_result;
  2. ext_responseName : string option;
  3. ext_response : string option;
}
type protocol_op =
  1. | Bind_request of bind_request
  2. | Bind_response of bind_response
  3. | Unbind_request
  4. | Search_request of search_request
  5. | Search_result_entry of search_result_entry
  6. | Search_result_reference of string list
  7. | Search_result_done of ldap_result
  8. | Modify_request of modify_request
  9. | Modify_response of ldap_result
  10. | Add_request of search_result_entry
  11. | Add_response of ldap_result
  12. | Delete_request of string
  13. | Delete_response of ldap_result
  14. | Modify_dn_request of modify_dn_request
  15. | Modify_dn_response of ldap_result
  16. | Compare_request of compare_request
  17. | Compare_response of ldap_result
  18. | Abandon_request of Int32.t
  19. | Extended_request of extended_request
  20. | Extended_response of extended_response
type paged_results_control_value = {
  1. size : int;
  2. cookie : string;
}
type control_details = [
  1. | `Paged_results_control of paged_results_control_value
  2. | `Unknown_value of string
]
type ldap_control = {
  1. criticality : bool;
  2. control_details : control_details;
}
type ldap_controls = ldap_control list
type ldap_message = {
  1. messageID : Int32.t;
  2. protocolOp : protocol_op;
  3. controls : ldap_controls option;
}
type con_mech = [
  1. | `SSL
  2. | `PLAIN
]
type ldap_url = {
  1. url_mech : con_mech;
  2. url_host : string option;
  3. url_port : string option;
  4. url_dn : string option;
  5. url_attributes : string list option;
  6. url_scope : search_scope option;
  7. url_filter : filter option;
  8. url_ext : (bool * string * string) list option;
}
type ldap_grouping_type = [
  1. | `LDAP_GROUP_TXN
]

see draft-zeilenga-ldap-grouping-xx Ldap grouping is a way of telling the server that a set of ldap operations is related, its most interesting application is transactions across multiple objects. This draft is not yet implemented by any present day ldap server

a cookie that is sent with every ldap operation which is part of a group

OCaml

Innovation. Community. Security.