package ldap

  1. Overview
  2. Docs

Common data types used by ocamldap. Most of these types are taken from the ASN.1 specification for LDAP as defined in rfc2251

exception LDAP_Encoder of string

An encoding error has occurred, the argument contains a description of the error This is likely a bug, so it should be reported

exception LDAP_Decoder of string

A decoding error has occurred, the argument contains a description of the error. This MAY be a bug, but it may also be that the server you are talking to is non standard. Please report these right away in any case.

type ldap_resultcode = [
  1. | `SUCCESS
  2. | `OPERATIONS_ERROR
  3. | `PROTOCOL_ERROR
  4. | `TIMELIMIT_EXCEEDED
  5. | `SIZELIMIT_EXCEEDED
  6. | `COMPARE_FALSE
  7. | `COMPARE_TRUE
  8. | `AUTH_METHOD_NOT_SUPPORTED
  9. | `STRONG_AUTH_REQUIRED
  10. | `REFERRAL
  11. | `ADMINLIMIT_EXCEEDED
  12. | `UNAVAILABLE_CRITICAL_EXTENSION
  13. | `CONFIDENTIALITY_REQUIRED
  14. | `SASL_BIND_IN_PROGRESS
  15. | `NO_SUCH_ATTRIBUTE
  16. | `UNDEFINED_TYPE
  17. | `INAPPROPRIATE_MATCHING
  18. | `CONSTRAINT_VIOLATION
  19. | `TYPE_OR_VALUE_EXISTS
  20. | `INVALID_SYNTAX
  21. | `NO_SUCH_OBJECT
  22. | `ALIAS_PROBLEM
  23. | `INVALID_DN_SYNTAX
  24. | `IS_LEAF
  25. | `ALIAS_DEREF_PROBLEM
  26. | `INAPPROPRIATE_AUTH
  27. | `INVALID_CREDENTIALS
  28. | `INSUFFICIENT_ACCESS
  29. | `BUSY
  30. | `UNAVAILABLE
  31. | `UNWILLING_TO_PERFORM
  32. | `LOOP_DETECT
  33. | `NAMING_VIOLATION
  34. | `OBJECT_CLASS_VIOLATION
  35. | `NOT_ALLOWED_ON_NONLEAF
  36. | `NOT_ALLOWED_ON_RDN
  37. | `ALREADY_EXISTS
  38. | `NO_OBJECT_CLASS_MODS
  39. | `AFFECTS_MULTIPLE_DSAS
  40. | `OTHER
  41. | `SERVER_DOWN
  42. | `LOCAL_ERROR
  43. | `ENCODING_ERROR
  44. | `DECODING_ERROR
  45. | `TIMEOUT
  46. | `AUTH_UNKNOWN
  47. | `FILTER_ERROR
  48. | `USER_CANCELLED
  49. | `PARAM_ERROR
  50. | `NO_MEMORY
  51. | `CONNECT_ERROR
  52. | `NOT_SUPPORTED
  53. | `CONTROL_NOT_FOUND
  54. | `NO_RESULTS_RETURNED
  55. | `MORE_RESULTS_TO_RETURN
  56. | `CLIENT_LOOP
  57. | `REFERRAL_LIMIT_EXCEEDED
  58. | `UNKNOWN_ERROR of int
]
type ldap_result = {
  1. result_code : ldap_resultcode;
  2. matched_dn : string;
  3. error_message : string;
  4. ldap_referral : string list option;
}
type ldap_ext_return = {
  1. ext_matched_dn : string;
  2. ext_referral : string list option;
}

extended information to return with the LDAP_Failure exception. Contains the remaining values which are defined by the protocol ext_matched_dn: the matched dn. Commonly set by `NO_SUCH_OBJECT. ext_referral: a list of ldapurls returned by the server when you attempted to do a write operation. If you use Ldap_ooclient with referrals set to follow you will never see this

exception LDAP_Failure of ldap_resultcode * string * ldap_ext_return

The exception raised to indicate all types of failure in the higher level libraries Ldap_funclient, and Ldap_ooclient. example LDAP_Failure (`NO_SUCH_OBJECT, "no such object", {ext_matched_dn=Some "o=csun";ext_referral=None})

type saslCredentials = {
  1. sasl_mechanism : string;
  2. sasl_credentials : string option;
}
type authentication =
  1. | Simple of string
  2. | Sasl of saslCredentials
type bind_request = {
  1. bind_version : int;
  2. bind_name : string;
  3. bind_authentication : authentication;
}
type bind_response = {
  1. bind_result : ldap_result;
  2. bind_serverSaslCredentials : string option;
}
type attribute = {
  1. attr_type : string;
  2. attr_vals : string list;
}
type dn = attribute list
type search_result_entry = {
  1. sr_dn : string;
  2. sr_attributes : attribute list;
}

the type used to encode and decode a search entry. Also the type returned by search_s and search_a in Ldap_funclient

type search_scope = [
  1. | `BASE
    (*

    search only at the base

    *)
  2. | `ONELEVEL
    (*

    search one level below the base

    *)
  3. | `SUBTREE
    (*

    search the entire tree under the base

    *)
]

a type defining the scope of a search filter

type alias_deref = [
  1. | `NEVERDEREFALIASES
  2. | `DEREFINSEARCHING
  3. | `DEREFFINDINGBASE
  4. | `DEREFALWAYS
]
type attribute_value_assertion = {
  1. attributeDesc : string;
  2. assertionValue : string;
}
type matching_rule_assertion = {
  1. matchingRule : string option;
  2. ruletype : string option;
  3. matchValue : string;
  4. dnAttributes : bool;
}
type substring_component = {
  1. substr_initial : string list;
  2. substr_any : string list;
  3. substr_final : string list;
}
type substring_filter = {
  1. attrtype : string;
  2. substrings : substring_component;
}
type filter = [
  1. | `And of filter list
  2. | `Or of filter list
  3. | `Not of filter
  4. | `EqualityMatch of attribute_value_assertion
  5. | `Substrings of substring_filter
  6. | `GreaterOrEqual of attribute_value_assertion
  7. | `LessOrEqual of attribute_value_assertion
  8. | `Present of string
  9. | `ApproxMatch of attribute_value_assertion
  10. | `ExtensibleMatch of matching_rule_assertion
]
type search_request = {
  1. baseObject : string;
  2. scope : search_scope;
  3. derefAliases : alias_deref;
  4. sizeLimit : int32;
  5. timeLimit : int32;
  6. typesOnly : bool;
  7. filter : filter;
  8. s_attributes : string list;
}
type modify_optype = [
  1. | `ADD
  2. | `DELETE
  3. | `REPLACE
]
type modify_op = {
  1. mod_op : modify_optype;
  2. mod_value : attribute;
}
type modify_request = {
  1. mod_dn : string;
  2. modification : modify_op list;
}
type modify_dn_request = {
  1. modn_dn : string;
  2. modn_newrdn : string;
  3. modn_deleteoldrdn : bool;
  4. modn_newSuperior : string option;
}
type compare_request = {
  1. cmp_dn : string;
  2. cmp_ava : attribute_value_assertion;
}
type extended_request = {
  1. ext_requestName : string;
  2. ext_requestValue : string option;
}
type extended_response = {
  1. ext_result : ldap_result;
  2. ext_responseName : string option;
  3. ext_response : string option;
}
type protocol_op =
  1. | Bind_request of bind_request
  2. | Bind_response of bind_response
  3. | Unbind_request
  4. | Search_request of search_request
  5. | Search_result_entry of search_result_entry
  6. | Search_result_reference of string list
  7. | Search_result_done of ldap_result
  8. | Modify_request of modify_request
  9. | Modify_response of ldap_result
  10. | Add_request of search_result_entry
  11. | Add_response of ldap_result
  12. | Delete_request of string
  13. | Delete_response of ldap_result
  14. | Modify_dn_request of modify_dn_request
  15. | Modify_dn_response of ldap_result
  16. | Compare_request of compare_request
  17. | Compare_response of ldap_result
  18. | Abandon_request of Int32.t
  19. | Extended_request of extended_request
  20. | Extended_response of extended_response
type paged_results_control_value = {
  1. size : int;
  2. cookie : string;
}
type control_details = [
  1. | `Paged_results_control of paged_results_control_value
  2. | `Unknown_value of string
]
type ldap_control = {
  1. criticality : bool;
  2. control_details : control_details;
}
type ldap_controls = ldap_control list
type ldap_message = {
  1. messageID : Int32.t;
  2. protocolOp : protocol_op;
  3. controls : ldap_controls option;
}
type con_mech = [
  1. | `SSL
  2. | `PLAIN
]
type ldap_url = {
  1. url_mech : con_mech;
  2. url_host : string option;
  3. url_port : string option;
  4. url_dn : string option;
  5. url_attributes : string list option;
  6. url_scope : search_scope option;
  7. url_filter : filter option;
  8. url_ext : (bool * string * string) list option;
}
type ldap_grouping_type = [
  1. | `LDAP_GROUP_TXN
]

see draft-zeilenga-ldap-grouping-xx Ldap grouping is a way of telling the server that a set of ldap operations is related, its most interesting application is transactions across multiple objects. This draft is not yet implemented by any present day ldap server

a cookie that is sent with every ldap operation which is part of a group

OCaml

Innovation. Community. Security.

GitHub Discord Twitter Peertube RSS
About
Changelog Releases Industrial Users Academic Users Why OCaml
Ecosystem
Packages Community Events OCaml Planet Jobs
Resources
Install OCaml Get Started Platform Tools Language Manual Standard Library API Books Exercises Papers OCaml Playground Logo
Policies
Carbon Footprint Governance Privacy Code of Conduct