DirectoryServiceAttributes man page on Darwin

Man page or keyword search:  
man Server   23457 pages
apropos Keyword Search (all sections)
Output format
Darwin logo
[printable version]

DirectoryServiceA... BSD Miscellaneous Information Manual DirectoryServiceA...

NAME
     DirectoryServiceAttributes The following standard attribute types are
     defined in <DirectoryServices/DirServicesConst.h>

DESCRIPTION
     This document contains well known attribute and record type constants.

     They can be used with dsDataNodeAllocateString() to create a data node to
     pass to a Directory Services API call.

     Legend:

	  eDS1xxxxxx  Single Valued Attribute

	  eDSNxxxxxx  Multi-Valued Attribute

     NOTE: Access controls may prevent any particular client from read‐
     ing/writting various attributes.  In addition some attributes may not be
     stored at all and could represent "real-time" data generated by the
     directory node plug-in.

     NOTE #2: Attributes in the model are available for records & directory
     nodes.

     Type				     String

     All Records

     kDSRecordsAll			     "dsRecordsAll"

     kDSRecordsStandardAll		     "dsRecordsStandardAll"

     kDSRecordsNativeAll		     "dsRecordsNativeAll"

     All Attributes

     kDSAttributesAll			     "dsAttributesAll"

     kDSAttributesStandardAll		     "dsAttributesStandardAll"

     kDSAttributesNativeAll		     "dsAttributesNativeAll"

     Well Known Record Types

     kDSStdRecordTypePrefix		     "dsRecTypeStandard:"

     kDSNativeRecordTypePrefix		     "dsRecTypeNative:"

     kDSStdRecordTypeUsers		     "dsRecTypeStandard:Users"

     kDSStdRecordTypeGroups		     "dsRecTypeStandard:Groups"

     kDSStdRecordTypeMachines		     "dsRecTypeStandard:Machines"

     kDSStdRecordTypeAliases		     "dsRecTypeStandard:Aliases"

     kDSStdRecordTypeHosts		     "dsRecTypeStandard:Hosts"

     kDSStdRecordTypePrinters		     "dsRecTypeStandard:Printers"

     kDSStdRecordTypeNetworks		     "dsRecTypeStandard:Networks"

     kDSStdRecordTypeServices		     "dsRecTypeStandard:Services"

     kDSStdRecordTypeServer		     "dsRecTypeStandard:Server"

     kDSStdRecordTypProtocols		     "dsRecTypeStandard:Protocols"

     kDSStdRecordTypeProtocols		     "dsRecTypeStandard:Protocols"

     kDSStdRecordTypRPC			     "dsRecTypeStandard:RPC"

     kDSStdRecordTypeRPC		     "dsRecTypeStandard:RPC"

     kDSStdRecordTypePrintService	     "dsRecTypeStandard:PrintService"

     kDSStdRecordTypeConfig		     "dsRecTypeStandard:Config"

     kDSStdRecordTypeAFPServer		     "dsRecTypeStandard:AFPServer"

     kDSStdRecordTypeSMBServer		     "dsRecTypeStandard:SMBServer"

     kDSStdRecordTypeFTPServer		     "dsRecTypeStandard:FTPServer"

     kDSStdRecordTypeNFS		     "dsRecTypeStandard:NFS"

     kDSStdRecordTypeWebServer		     "dsRecTypeStandard:WebServer"

     kDSStdRecordTypeLDAPServer		     "dsRecTypeStandard:LDAPServer"

     kDSStdRecordTypeQTSServer		     "dsRecTypeStandard:QTSServer"

     kDSStdRecordTypMounts		     "dsRecTypeStandard:Mounts"

     kDSStdRecordTypeMounts		     "dsRecTypeStandard:Mounts"

     kDSStdRecordTypeComputerGroups	     "dsRecTypeStandard:Computer‐
     Groups"

     kDSStdRecordTypeComputers		     "dsRecTypeStandard:Computers"

     kDSStdRecordTypeComputerLists	     "dsRecTypeStandard:ComputerLists"

     kDSStdRecordTypePresetUsers	     "dsRecTypeStandard:PresetUsers"

     kDSStdRecordTypePresetGroups	     "dsRecTypeStandard:PresetGroups"

     kDSStdRecordTypePresetComputers	"dsRecTypeStandard:PresetComputers"

     kDSStdRecordTypePresetComputerGroups    "dsRecTypeStandard:PresetComput‐
     erGroups"

     kDSStdRecordTypePresetComputerLists     "dsRecTypeStandard:PresetComput‐
     erLists"

     kDSStdRecordTypeAutoServerSetup Discussion:

     Used to discover automated server setup information.

     kDSStdRecordTypeAutoServerSetup	     "dsRecTypeStandard:AutoServer‐
     Setup"

     kDSStdRecordTypePasswordServer Discussion:

     Used to discover password servers via Bonjour.

     kDSStdRecordTypePasswordServer	     "dsRecTypeStandard:Password‐
     Server"

     kDSStdRecordTypePeople Discussion:

     Record type that contains "People" records used for contact information.

     kDSStdRecordTypePeople	   "dsRecTypeStandard:People"

     kDSStdRecordTypeSharePoints Discussion:

     Share point record type.

     kDSStdRecordTypeSharePoints	"dsRecTypeStandard:SharePoints"

     kDSStdRecordTypePrintServiceUser Discussion:

     Record in the local node for storing quota usage for a user.

     kDSStdRecordTypePrintServiceUser	     "dsRecTypeStandard:PrintSer‐
     viceUser"

     kDSStdRecordTypeAFPUserAliases	     "dsRecTypeStandard:AFPUser‐
     Aliases"

     kDSStdRecordTypeBootp Discussion:

     Record in the local node for storing bootp info.

     kDSStdRecordTypeBootp		     "dsRecTypeStandard:Bootp"

     kDSStdRecordTypeNetDomains Discussion:

     Record in the local node for storing net domains.

     kDSStdRecordTypeNetDomains		     "dsRecTypeStandard:NetDomains"

     kDSStdRecordTypeEthernets Discussion:

     Record in the local node for storing ethernets.

     kDSStdRecordTypeEthernets		     "dsRecTypeStandard:Ethernets"

     kDSStdRecordTypeNetGroups Discussion:

     Record in the local node for storing net groups.

     kDSStdRecordTypeNetGroups		     "dsRecTypeStandard:NetGroups"

     kDSStdRecordTypeHostServices Discussion:

     Record in the local node for storing host services.

     kDSStdRecordTypeHostServices	     "dsRecTypeStandard:HostServices"

     kDSStdUserNamesMeta		     "dsRecTypeStandard:MetaUserNames"

     kDSStdRecordTypeMeta		     "dsRecTypeS‐
     tandard:AppleMetaRecord"

     Location record type.

     kDSStdRecordTypeLocations		     "dsRecTypeStandard:Locations"

     kDSStdRecordTypeNeighborhoods Discussion: Neighborhood record type.
     Describes a list of computers and other neighborhoods, used for network
     browsing.

     kDSStdRecordTypeNeighborhoods   "dsRecTypeStandard:Neighborhoods"

     kDSStdRecordTypeCertificateAuthorities Discussion:

     Record type that contains certificate authority information.

     kDSStdRecordTypeCertificateAuthorities	  "dsRecTypeStandard:Certifi‐
     cateAuthorities"

     kDSStdRecordTypeAccessControls Discussion: Record type that contains
     directory access control directives.

     kDSStdRecordTypeAccessControls	     "dsRecTypeStandard:AccessCon‐
     trols"

     FileMaker servers record type. Describes available FileMaker servers used
     for service discovery.

     kDSStdRecordTypeFileMakerServers	"dsRecTypeStandard:FileMakerServers"

     Resource record type.

     kDSStdRecordTypeResources		     "dsRecTypeStandard:Resources"

     Well Known Attribute Types...

     kDSStdAttrTypePrefix		     "dsAttrTypeStandard:"

     kDSNativeAttrTypePrefix		     "dsAttrTypeNative:"

     kDSAttrNone			     "dsNone"

     Authentication Methods

     kDSStdAuthMethodPrefix		     "dsAuthMethodStandard:"

     kDSNativeAuthMethodPrefix		     "dsAuthMethodNative:"

     kDSStdAuthClearText		     "dsAuthMethodStandard:dsAuth‐
     ClearText"

     kDSStdAuthCrypt Discussion:

     Use a crypt password stored in the user record if available to do the
     authentication. The buffer is packed as follows:

	  4 byte length of username,

	  username in UTF8 encoding,

	  4 byte length of password,

	  password in UTF8 encoding

	  This method may not be supported by all plug-ins or for all users.

     kDSStdAuthCrypt			     "dsAuthMethodStan‐
     dard:dsAuthCrypt"

     kDSStdAuthSetPasswd		     "dsAuthMethodStandard:dsAuthSet‐
     Passwd"

     kDSStdAuthChangePasswd Discussion:

     Change the password for a user. Does not require prior authentication.

	  The buffer is packed as follows:

	  4 byte length of username,

	  username in UTF8 encoding,

	  4 byte length of old password,

	  old password in UTF8 encoding,

	  4 byte length of new password,

	  new password in UTF8 encoding

     kDSStdAuthChangePasswd		"dsAuthMethodStan‐
     dard:dsAuthChangePasswd"

     kDSStdAuthSetPasswdAsRoot		"dsAuthMethodStandard:dsAuthSetPass‐
     wdAsRoot"

     kDSStdAuth2WayRandomChangePasswd Discussion:

     Change the password for a user using the two-way random method.

	  Does not require prior authentication.

	  The buffer is packed as follows:

	  4 byte length of username,

	  username in UTF8 encoding,

	  4 byte length of old password encrypted with new (should be 8),

	  old password encrypted with new,

	  4 byte length of new password encrypted with old (should be 8),

	  new password encrypted with old

     kDSStdAuth2WayRandomChangePasswd	"dsAuthMethodStandard:dsAuth2WayRan‐
     domChangePasswd"

     kDSStdAuthAPOP			"dsAuthMethodStandard:dsAuthAPOP"

     kDSStdAuth2WayRandom		"dsAuthMethodStandard:dsAuth2WayRan‐
     dom"

     kDSStdAuthNodeNativeClearTextOK Discussion:

     The plug-in should determine which specific authentication method to use.

	  The buffer is packed as follows:

	  4 byte length of username,

	  username in UTF8 encoding,

	  4 byte length of password,

	  password in UTF8 encoding

     The plug-in may choose to use a cleartext authentication method if neces‐
     sary.

     kDSStdAuthNodeNativeClearTextOK	     "dsAuthMethodStandard:dsAuthNode‐
     NativeCanUseClearText"

     kDSStdAuthNodeNativeNoClearText Discussion:

     The plug-in should determine which specific authentication method to use.

	  The buffer is packed as follows:

	  4 byte length of username,

	  username in UTF8 encoding,

	  4 byte length of password,

	  password in UTF8 encoding

     The plug-in must not use an authentication method that sends the password
     in cleartext.

     kDSStdAuthNodeNativeNoClearText	     "dsAuthMethodStandard:dsAuthNode‐
     NativeCannotUseClearText"

     kDSStdAuthSMB_NT_Key		     "dsAuthMethodStandard:dsAuthSMBN‐
     TKey"

     kDSStdAuthSMB_LM_Key		     "dsAuthMethodStandard:dsAuthSM‐
     BLMKey"

     kDSStdAuthCRAM_MD5			     "dsAuthMethodStandard:dsAuthNode‐
     CRAM-MD5"

     kDSStdAuthDIGEST_MD5		     "dsAuthMethodStandard:dsAuthN‐
     odeDIGEST-MD5"

     kDSStdAuthNTLMv2 Discussion:

     If the NTLMv2 session key is supported, it is returned in the step buf‐
     fer. The input buffer is packed as follows:

	  4 byte length of username,

	  username in UTF8 encoding,

	  4 byte length of samba server challenge,

	  samba server challenge

	  4 byte length of the NTLMv2 client "blob"

	  the client "blob" which includes 16 bytes of client digest prefixed
     to the the blob data

	  4 byte length of the user name used to calculate the digest,

	  the user name used to calculate the digest in UTF8 encoding

	  4 byte length of the samba domain,

	  the samba domain in UTF8 encoding

     kDSStdAuthNTLMv2			     "dsAuthMethodStandard:dsAuthN‐
     odeNTLMv2"

     Kerberized SMB Server services Discussion:

     Related constants for supporting Kerberized SMB Server services.  These
     are only used for dsGetDirNodeInfo requests.  They are not attributes
     that are used otherwise.

     kDS1AttrKerberosRealm		"dsAttrTypeStandard:KerberosRealm"

     kDS1AttrPrimaryNTDomain	      "dsAttrTypeStandard:PrimaryNTDomain"

     kDS1AttrNTDomainComputerAccount
			      "dsAttrTypeStandard:NTDomainComputerAccount"

     Attribute type for the owner of a record. Typically the value is a LDAP
     distinguished name.

     kDS1AttrOwner	 "dsAttrTypeStandard:Owner"

     PDC_SMB_Constants Discussion:

     Related constants for supporting PDC SMB interaction with DS.

     kDSStdAuthSMB_NT_UserSessionKey			    "dsAuthMethodStan‐
     dard:dsAuthSMBNTUserSessionKey"

     kDSStdAuthSMBWorkstationCredentialSessionKey "dsAuthMethodStan‐
     dard:dsAuthSMBWorkstationCredentialSessionKey"

     kDSStdAuthSetWorkstationPasswd			    "dsAuthMethodStan‐
     dard:dsAuthSetWorkstationPasswd"

     kDS1AttrSMBRID					    "dsAttrTypeS‐
     tandard:smb_rid"

     kDS1AttrSMBGroupRID				    "dsAttrTypeS‐
     tandard:smb_group_rid"

     kDS1AttrSMBHomeDrive Discussion:

     Drive letter for homedirectory mount point.

     kDS1AttrSMBHomeDrive		"dsAttrTypeStandard:SMBHomeDrive"

     kDS1AttrSMBHome Discussion:

     UNC address of Windows homedirectory mount point (\server\sharepoint).

     kDS1AttrSMBHome			     "dsAttrTypeStandard:SMBHome"

     kDS1AttrSMBScriptPath Discussion:

     Login script path.

     kDS1AttrSMBScriptPath		"dsAttrTypeStandard:SMBScriptPath"

     kDS1AttrSMBProfilePath Discussion:

     Desktop management info (dock, desktop links, etc).

     kDS1AttrSMBProfilePath		"dsAttrTypeStandard:SMBProfilePath"

     kDS1AttrSMBUserWorkstations Discussion:

     List of workstations user can login from (machine account names).

     kDS1AttrSMBUserWorkstations   "dsAttrTypeStandard:SMBUserWorkstations"

     Account_Control_Flags Discussion:

     Set of account control flags.

     kDS1AttrSMBAcctFlags		"dsAttrTypeStandard:SMBAccountFlags"

     kDS1AttrSMBPWDLastSet		"dsAttrTypeStandard:SMBPasswordLast‐
     Set"

     kDS1AttrSMBLogonTime		"dsAttrTypeStandard:SMBLogonTime"

     kDS1AttrSMBLogoffTime		"dsAttrTypeStandard:SMBLogoffTime"

     kDS1AttrSMBKickoffTime		"dsAttrTypeStandard:SMBKickoffTime"

     kDS1AttrSMBSID Discussion:

     SMB Security ID, stored as a string attribute of up to 64 bytes.  Found
     in user, group, and computer records (kDSStdRecordTypeUsers, kDSSt‐
     dRecordTypeGroups, kDSStdRecordTypeComputers).

     kDS1AttrSMBSID			"dsAttrTypeStandard:SMBSID"

     kDS1AttrSMBPrimaryGroupSID Discussion:

     SMB Primary Group Security ID, stored as a string attribute of up to 64
     bytes. Found in user, group, and computer records (kDSStdRecordTypeUsers,
     kDSStdRecordTypeGroups, kDSStdRecordTypeComputers).

     kDS1AttrSMBPrimaryGroupSID		"dsAttrTypeStandard:SMBPrimaryGroup‐
     SID"

     kDS1AttrPasswordServerList Discussion:

     Represents the attribute for storing the password server's replication
     information.

     kDS1AttrPasswordServerList	   "dsAttrTypeStandard:PasswordServerList"

     kDS1AttrAlternateDatastoreLocation Discussion:

     Unix path used for determining where a user's email is stored.

     kDS1AttrAlternateDatastoreLocation	     "dsAttrTypeStandard:Alternate‐
     DatastoreLocation"

     kDSStdAuthMSCHAP2 Discussion:

     MS-CHAP2 is a mutual authentication method. The plug-in will generate the
     data to send back to the client and put it in the step buffer.

	  The input buffer format:

	  4 byte length,

	  username,

	  4 byte length,

	  server challenge,

	  4 byte length,

	  peer challenge,

	  4 byte length,

	  client's digest,

	  The output buffer format:

	  4 byte length,

	  return digest for the client's challenge

     kDSStdAuthMSCHAP2			"dsAuthMethodStandard:dsAuthMSCHAP2"

     kDSStdAuthMASKE_A			"dsAuthMethodStandard:dsAuthMASKE-A"

     kDSStdAuthMASKE_B			"dsAuthMethodStandard:dsAuthMASKE-B"

     kDSStdAuthWithAuthorizationRef Discussion:

     Allows access to local directories as root with a valid AuthorizationRef.

	  The input buffer format:

	  externalized AuthorizationRef

     kDSStdAuthWithAuthorizationRef	     "dsAuthMethodStandard:dsAuthWith‐
     AuthorizationRef"

     kDSStdAuthNewUser Discussion:

     Create a new user record with the authentication authority

	  The buffer is packed as follows:

	  4 byte length of authenticator's UserID,

	  authenticator's UserID in UTF8 encoding,

	  4 byte length of authenticator's password,

	  authenticator's password in UTF8 encoding

	  4 byte length of new user's short-name,

	  user's short-name,

	  4 byte length of new user's password,

	  user's password

     kDSStdAuthNewUser			     "dsAuthMethodStandard:dsAuth‐
     NewUser"

     kDSStdAuthGetPolicy Discussion:

     The plug-in should determine which specific authentication method to use.

	  The buffer is packed as follows:

	  4 byte length of authenticator's UserID,

	  authenticator's UserID in UTF8 encoding,

	  4 byte length of authenticator's password,

	  authenticator's password in UTF8 encoding

	  4 byte length of UserID of the account to get policies,

	  UserID of the account to get policies in UTF8 encoding

     The Password Server does not require authentication for this auth method.
     The first two fields are to cover us for future policy changes and to
     keep the buffer format as standardized as possible.

     kDSStdAuthGetPolicy		     "dsAuthMethodStandard:dsAuthGet‐
     Policy"

     kDSStdAuthSetPolicy Discussion:

     The plug-in should determine which specific authentication method to use.

	  The buffer is packed as follows:

	  4 byte length of authenticator's UserID,

	  authenticator's UserID in UTF8 encoding,

	  4 byte length of authenticator's password,

	  authenticator's password in UTF8 encoding

	  4 byte length of UserID of the account to set policies,

	  UserID of the account to set policies in UTF8 encoding

	  4 byte length of policy data,

	  policy data

     kDSStdAuthSetPolicy		     "dsAuthMethodStandard:dsAuthSet‐
     Policy"

     kDSStdAuthGetGlobalPolicy		     "dsAuthMethodStandard:dsAuthGet‐
     GlobalPolicy"

     kDSStdAuthSetGlobalPolicy		     "dsAuthMethodStandard:dsAuthSet‐
     GlobalPolicy"

     kDSStdAuthGetUserName		     "dsAuthMethodStandard:dsAuthGe‐
     tUserName"

     kDSStdAuthSetUserName		     "dsAuthMethodStandard:dsAuthSe‐
     tUserName"

     kDSStdAuthGetUserData		     "dsAuthMethodStandard:dsAuthGe‐
     tUserData"

     kDSStdAuthSetUserData		     "dsAuthMethodStandard:dsAuthSe‐
     tUserData"

     kDSStdAuthDeleteUser		     "dsAuthMethodStandard:dsAuthDele‐
     teUser"

     Users Distinguished or Real Name

     kDS1AttrDistinguishedName		"dsAttrTypeStandard:RealName"

     kDS1AttrFirstName			"dsAttrTypeStandard:FirstName"

     kDS1AttrMiddleName			"dsAttrTypeStandard:MiddleName"

     kDS1AttrLastName			"dsAttrTypeStandard:LastName"

     All possible names for a record

     kDSNAttrAllNames			"dsAttrTypeStandard:AllNames"

     Set password methods

     kDSSetPasswdBestOf			"dsSetPasswdBestOf"

     kDSNAttrAuthenticationAuthority Discussion:

     Determines what mechanism is used to verify or set a user's password. If
     multiple values are present, the first attributes returned take prece‐
     dence. Typically found in User records (kDSStdRecordTypeUsers).

     kDSNAttrAuthenticationAuthority	"dsAttrTypeStandard:AuthenticationAu‐
     thority"

     kDS1AttrPasswordPolicyOptions Discussion:

     Collection of password policy options in single attribute. Used in user
     presets record.

     kDS1AttrPasswordPolicyOptions "dsAttrTypeStandard:PasswordPolicyOptions"

     kDSValueDefaultAuthAuthority Discussion:

     The default value to use for the kDSNAttrAuthenticationAuthority
     attribute. When creating a user record, set this value for authentication
     authority before setting the password with dsDoDirNodeAuth.

     kDSValueAuthAuthorityDefault		  kDSValueAuthAuthorityShad‐
     owHash

     kDSValueAuthAuthorityBasic			       ";basic;"

     kDSTagAuthAuthorityBasic			  "basic"

     kDSValueAuthAuthorityLocalWindowsHash	  ";LocalWindowsHash;"

     kDSTagAuthAuthorityLocalWindowsHash	       "LocalWindowsHash"

     kDSValueAuthAuthorityShadowHash		       ";ShadowHash;"

     kDSTagAuthAuthorityShadowHash		  "ShadowHash"

     kDSTagAuthAuthorityBetterHashOnly		  "BetterHashOnly"

     kDSValueAuthAuthorityPasswordServerPrefix	  ";ApplePasswordServer;"

     kDSTagAuthAuthorityPasswordServer		  "ApplePasswordServer"

     kDSValueAuthAuthorityKerberosv5		       ";Kerberosv5;"

     kDSTagAuthAuthorityKerberosv5		  "Kerberosv5"

     kDSValueAuthAuthorityLocalCachedUser	  ";LocalCachedUser;"

     kDSTagAuthAuthorityLocalCachedUser		  "LocalCachedUser"

     Single Valued Attribute

     kDS1AttrPassword			"dsAttrTypeStandard:Password"

     kDS1AttrPasswordPlus		"dsAttrTypeStandard:PasswordPlus"

     kDS1AttrAuthenticationHint		"dsAttrTypeStandard:Authentication‐
     Hint"

     kDS1AttrInternetAlias		"dsAttrTypeStandard:InetAlias"

     kDS1AttrNFSHomeDirectory		"dsAttrTypeStandard:NFSHomeDirectory"

     kDS1AttrUniqueID			"dsAttrTypeStandard:UniqueID"

     kDS1AttrPrimaryGroupID		"dsAttrTypeStandard:PrimaryComput‐
     erList"

     kDS1AttrPrimaryGroupID		"dsAttrTypeStandard:PrimaryGroupID"

     kDS1AttrMailAttribute		"dsAttrTypeStandard:MailAttribute"

     kDS1AttrComment			"dsAttrTypeStandard:Comment"

     kDS1AttrRARA			"dsAttrTypeStandard:RARA"

     kDS1AttrGeneratedUID		"dsAttrTypeStandard:GeneratedUID"

     kDS1AttrAdminStatus		"dsAttrTypeStandard:AdminStatus"

     kDS1AttrPwdAgingPolicy		"dsAttrTypeStandard:PwdAgingPolicy"

     kDS1AttrUserShell			"dsAttrTypeStandard:UserShell"

     kDS1AttrVFSType			"dsAttrTypeStandard:VFSType"

     kDS1AttrVFSPassNo			"dsAttrTypeStandard:VFSPassNo"

     kDS1AttrVFSDumpFreq		"dsAttrTypeStandard:VFSDumpFreq"

     kDS1AttrVFSLinkDir			"dsAttrTypeStandard:VFSLinkDir"

     kDS1AttrChange			"dsAttrTypeStandard:Change"

     kDS1AttrExpire			"dsAttrTypeStandard:Expire"

     kDSNAttrGroupMembership		"dsAttrTypeStandard:GroupMembership"

     kDSNAttrHomeDirectory		"dsAttrTypeStandard:HomeDirectory"

     kDSNAttrKeywords			"dsAttrTypeStandard:Keywords"

     kDS1AttrXMLPlist Discussion: SA config settings plist.

     kDS1AttrXMLPlist			"dsAttrTypeStandard:XMLPlist"

     kDS1AttrDateRecordCreated Discussion: Date of record creation.

     kDS1AttrDateRecordCreated	    "dsAttrTypeStandard:DateRecordCreated"

     kDS1AttrCreationTimestamp Discussion: Attribute showing date/time of
     record creation.  Format is x.208 standard YYYYMMDDHHMMSSZ which we will
     require as GMT time.

     kDS1AttrCreationTimestamp		"dsAttrTypeStandard:CreationTimestamp"

     kDS1AttrModificationTimestamp Discussion: Attribute showing date/time of
     record modification.  Format is x.208 standard YYYYMMDDHHMMSSZ which we
     will require as GMT time.

     kDS1AttrModificationTimestamp   "dsAttrTypeStandard:ModificationTimes‐
     tamp"

     kDS1AttrTimeToLive Discussion: Attribute recommending how long to cache
     the record's attribute values.  Format is an unsigned 32 bit representing
     seconds. ie. 300 is 5 minutes.

     kDS1AttrTimeToLive			"dsAttrTypeStandard:TimeToLive"

     kDS1AttrHomeDirectoryQuota Discussion:

     Represents the allowed usage for a user's home directory in bytes. Found
     in user records (kDSStdRecordTypeUsers).

     kDS1AttrHomeDirectoryQuota		"dsAttrTypeStandard:HomeDirecto‐
     ryQuota"

     kDS1AttrHomeDirectorySoftQuota	"dsAttrTypeStandard:HomeDirectorySoft‐
     Quota"

     kDS1AttrAdminLimits Discussion:

     XML plist indicating what an admin user can edit. Found in kDSStdRecord‐
     TypeUsers records.

     kDS1AttrAdminLimits		"dsAttrTypeStandard:AdminLimits"

     kDS1AttrPresetUserIsAdmin Discussion:

     Flag to indicate whether users created from this preset are administra‐
     tors by default. Found in kDSStdRecordTypePresetUsers records.

     kDS1AttrPresetUserIsAdmin		"dsAttrTypeStandard:PresetUserIsAdmin"

     kDS1StandardAttrHomeLocOwnerkDS1AttrHomeLocOwner

     kDS1AttrHomeLocOwner Discussion:

     Represents the owner of a workgroup's shared home directory. Typically
     found in kDSStdRecordTypeGroups records.

     kDS1AttrHomeLocOwner		"dsAttrTypeStandard:HomeLocOwner"

     kDSNAttrProtocols			"dsAttrTypeStandard:Protocols"

     kDSNAttrVFSOpts			     "dsAttrTypeStandard:VFSOpts"

     kDS1AttrPasswordServerLocation Discussion:

     Specifies the IP address or domain name of the Password Server associated
     with a given directory node. Found in a config record named Password‐
     Server.

     kDS1AttrPasswordServerLocation	"dsAttrTypeStandard:PasswordServer‐
     Location"

     kDS1AttrPort Discussion:

     Represents the port number a service is available on. Typically found in
     service record types including kDSStdRecordTypeAFPServer, kDSStdRecord‐
     TypeLDAPServer, and kDSStdRecordTypeWebServer.

     kDS1AttrPort			"dsAttrTypeStandard:Port"

     kDS1AttrLocation Discussion:

     Represents the location a service is available from (usually domain
     name). Typically found in service record types including kDSStdRecordTy‐
     peAFPServer, kDSStdRecordTypeLDAPServer, and kDSStdRecordTypeWebServer.

     kDS1AttrLocation			"dsAttrTypeStandard:Location"

     kDS1AttrServiceType Discussion:

     Represents the service type for the service.  This is the raw service
     type of the service.  For example a service record type of kDSStdRecord‐
     TypeWebServer might have a service type of "http" or "https".

     kDS1AttrServiceType		"dsAttrTypeStandard:ServiceType"

     kDS1AttrPicture Discussion:

     Represents the path of the picture for each user displayed in the login
     window. Found in user records (kDSStdRecordTypeUsers).

     kDS1AttrPicture			     "dsAttrTypeStandard:Picture"

     kDSNAttrJPEGPhoto Discussion:

     Used to store binary picture data in JPEG format. Found in user, people,
     and group records (kDSStdRecordTypeUsers, kDSStdRecordTypePeople, kDSSt‐
     dRecordTypeGroups).

     kDSNAttrJPEGPhoto			     "dsAttrTypeStandard:JPEGPhoto"

     Mutivalued meta attribute data

     kDSNAttrMetaNodeLocation	   "dsAttrTypeStandard:AppleMetaNodeLocation"

     kDS1AttrAliasData		   "dsAttrTypeStandard:AppleAliasData"

     Single Valued - checksum/meta data

     kDS1AttrDataStamp		   "dsAttrTypeStandard:DataStamp"

     kDS1AttrTotalSize		   "dsAttrTypeStandard:TotalSize"

     Single Valued - data of Create, Modify, Backup time in UTC

     kDS1AttrTimePackage	   "dsAttrTypeStandard:TimePackage"

     Single Valued - alias attribute, contain pointer to another
     node/record/attribute

     kDS1AttrAlias		   "dsAttrTypeStandard:Alias"

     Single valued - used to get a "auth" credential, to be used to authenti‐
     cate to other Directory nodes.

     kDS1AttrAuthCredential	   "dsAttrTypeStandard:AuthCredential"

     Single valued - Note attribute. Commonly used in printer records.

     kDS1AttrNote		   "dsAttrTypeStandard:Note"

     Single-valued attribute for definition of the Printer Make and Model.  An
     example Value would be "HP LaserJet 2200".	 This would be used to deter‐
     mine the proper PPD file to be used when configuring a printer from the
     Directory.	 This attribute is based on the IPP Printing Specification RFC
     and IETF IPP-LDAP Printer Record.

     kDS1AttrPrinterMakeAndModel "dsAttrTypeStandard:PrinterMakeAndModel"

     Single-valued attribute that defines the URI of a printer "ipp://address"
     or "smb://server/queue".  This is used when configuring a printer. This
     attribute is based on the IPP Printing Specification RFC and IETF IPP-
     LDAP Printer Record.

     kDS1AttrPrinterURI		   "dsAttrTypeStandard:PrinterURI"

     Multi-valued attribute that defines additional URIs supported by a
     printer.  This is used when configuring a printer. This attribute is
     based on the IPP Printing Specification RFC and IETF IPP-LDAP Printer
     Record.

     kDSNAttrPrinterXRISupported "dsAttrTypeStandard:PrinterXRISupported"

     Single-valued attribute that defines the IEEE 1284 DeviceID of a printer.
      This is used when configuring a printer.

     kDS1AttrPrinter1284DeviceID "dsAttrTypeStandard:Printer1284DeviceID"

     Single valued - DNS Resolver domain attribute.

     kDS1AttrDNSDomain		   "dsAttrTypeStandard:DNSDomain"

     Single valued - DNS Resolver nameserver attribute.

     kDS1AttrDNSNameServer	   "dsAttrTypeStandard:DNSNameServer"

     KDC master key RSA encrypted with realm public key.

     kDSNAttrKDCAuthKey		   "dsAttrTypeStandard:KDCAuthKey"

     Contents of the kdc.conf file.

     kDS1AttrKDCConfigData	   "dsAttrTypeStandard:KDCConfigData"

     Used with directory nodes so that clients can discover the API
     capabilities for this Directory Node.

     kDS1AttrUserCertificate Discussion: Attribute containing the binary of
     the user's certificate. Usually found in user records. The certificate is
     data which identifies a user. This data is attested to by a known party,
     and can be independently verified by a third party.

     kDS1AttrUserCertificate	   "dsAttrTypeStandard:UserCertificate"

     kDS1AttrUserSMIMECertificate Discussion: Attribute containing the binary
     of the user's SMIME certificate.  Usually found in user records. The cer‐
     tificate is data which identifies a user.	This data is attested to by a
     known party, and can be independently verified by a third party. SMIME
     certificates are often used for signed or encrypted emails.

     kDS1AttrUserSMIMECertificate	"dsAttrTypeStandard:UserSMIMECertifi‐
     cate"

     kDS1AttrUserPKCS12Data Discussion: Attribute containing binary data in
     PKCS #12 format.  Usually found in user records. The value can contain
     keys, certificates, and other related information and is encrypted with a
     passphrase.

     kDS1AttrUserPKCS12Data	   "dsAttrTypeStandard:UserPKCS12Data"

     kDS1AttrCACertificate Discussion: Attribute containing the binary of the
     certificate of a certificate authority. Its corresponding private key is
     used to sign certificates. Usually found in kDSStdRecordTypeCertifi‐
     cateAuthority records.

     kDS1AttrCACertificate	   "dsAttrTypeStandard:CACertificate"

     kDS1AttrAuthorityRevocationList Discussion: Attribute containing the
     binary of the authority revocation list. A certificate revocation list
     that defines certificate authority certificates which are no longer
     trusted.  No user certificates are included in this list.Usually found in
     kDSStdRecordTypeCertificateAuthority records.

     kDS1AttrAuthorityRevocationList	     "dsAttrTypeStandard:AuthorityRe‐
     vocationList"

     kDS1AttrCertificateRevocationList Discussion: Attribute containing the
     binary of the certificate revocation list. This is a list of certificates
     which are no longer trusted. Usually found in kDSStdRecordTypeCertifi‐
     cateAuthority records.

     kDS1AttrCertificateRevocationList	 "dsAttrTypeStandard:CertificateRevo‐
     cationList"

     kDS1AttrCrossCertificatePair Discussion: Attribute containing the binary
     of a pair of certificates which verify each other.	 Both certificates
     have the same level of authority. Usually found in kDSStdRecordTypeCer‐
     tificateAuthority records.

     kDS1AttrCrossCertificatePair		  "dsAttrTypeStandard:Cross‐
     CertificatePair"

     kDSNAttrAccessControlEntry Discussion: Attribute type which stores direc‐
     tory access control directives.

     kDSNAttrAccessControlEntry		     "dsAttrTypeStandard:AccessCon‐
     trolsEntry"

     kDS1AttrCapabilities	   "dsAttrTypeStandard:Capabilities"

     kDS1AttrCategory Discussion: The category of an item used for browsing.

     kDS1AttrCategory		   "dsAttrTypeStandard:Category"

     can be found using dsGetDirNodeInfo and will return one of ReadOnly,
     ReadWrite, or WriteOnly strings note that ReadWrite does not imply fully
     readable or writable

     kDS1AttrReadOnlyNode	   "dsAttrTypeStandard:ReadOnlyNode"

     used with Search Node to  "discover" the search path for this node

     kDS1AttrSearchPath		   "dsAttrTypeStandard:SearchPath"

     kDSNAttrSearchPath		   "dsAttrTypeStandard:SearchPath" used with
     Search Node to "discover" the search policy for this node

     kDS1AttrSearchPolicy		"dsAttrTypeStandard:SearchPolicy" used
     with Search Node to "discover" the possible search paths for this node

     kDS1AttrNSPSearchPath		"dsAttrTypeStandard:NSPSearchPath"

     kDSNAttrNSPSearchPath		"dsAttrTypeStandard:NSPSearchPath"

     kDS1AttrLSPSearchPath		"dsAttrTypeStandard:LSPSearchPath"

     kDSNAttrLSPSearchPath		"dsAttrTypeStandard:LSPSearchPath"

     kDS1AttrCSPSearchPath		"dsAttrTypeStandard:CSPSearchPath"

     kDSNAttrCSPSearchPath		"dsAttrTypeStandard:CSPSearchPath"

     force the directory service to generate a binary image of the record and
     all it's attributes.

     kDS1AttrRecordImage	   "dsAttrTypeStandard:RecordImage"

     Information (version, signature, about, credits..ect.) about the plug-in
     that is actually servicing a particular directory node.

     kDSNAttrPlugInInfo		   "dsAttrTypeStandard:PlugInInfo"

     Multivalued Attribute, list of names/keys for this record

     kDSNAttrRecordName		   "dsAttrTypeStandard:RecordName"

     Multivalued - list of attribute types

     kDSNAttrSchema		   "dsAttrTypeStandard:Scheama"

     Single Valued for a Record, Multi-valued for a Directory Node

     kDSNAttrRecordType		   "dsAttrTypeStandard:RecordType"

     kDSNAttrNodePath		   "dsAttrTypeStandard:NodePath"

     kDSNAttrAuthMethod		   "dsAttrTypeStandard:AuthMethod"

     kDSNAttrSetPasswdMethod	   "dsAttrTypeStandard:SetPasswdMethod"

     //	  Multivalued - list of group records

     kDSNAttrGroup		   "dsAttrTypeStandard:Group"

     Multivalued - list of member records

     kDSNAttrMember		   "dsAttrTypeStandard:Member"

     kDSNAttrNestedGroups Discussion: Attribute type in group records for the
     list of GUID values for nested groups.

     kDSNAttrNestedGroups	   "dsAttrTypeStandard:NestedGroups"

     kDSNAttrGroupMembers Discussion: Attribute type in group records contain‐
     ing lists of GUID values for members other than groups.

     kDSNAttrGroupMembers	   "dsAttrTypeStandard:GroupMembers"

     kDSNAttrURL			"dsAttrTypeStandard:URL"

     data contained in this attribute type is a fully qualified MIME Type.

     kDSNAttrMIME		   "dsAttrTypeStandard:MIME"

     kDSNAttrHTML		   "dsAttrTypeStandard:HTML"

     kDSNAttrNBPEntry		   "dsAttrTypeStandard:NBPEntry"

     kDSNAttrDNSName			"dsAttrTypeStandard:DNSName"

     kDSNAttrIPAddress		   "dsAttrTypeStandard:IPAddress"

     kDSNAttrIPv6Address	   "dsAttrTypeStandard:IPv6Address"

     kDS1AttrENetAddress Discussion:

     Single-valued attribute for hardware Ethernet address (MAC address).
     Found in machine records (kDSStdRecordTypeMachines) and computer records
     (kDSStdRecordTypeComputers).

     kDS1AttrENetAddress	   "dsAttrTypeStandard:ENetAddress"

     kDS1AttrBootFile Discussion:

     Attribute type in host or machine records for the name of the kernel that
     this machine will use by default when NetBooting.

     kDS1AttrBootFile		   "dsAttrTypeStandard:BootFile"

     kDSNAttrBootParams Discussion:

     Attribute type in host or machine records for storing boot params.

     kDSNAttrBootParams		   "dsAttrTypeStandard:BootParams"

     kDS1AttrContactPerson Discussion:

     Attribute type for the contact person of the machine. Found in host or
     machine records.

     kDS1AttrContactPerson	   "dsAttrTypeStandard:ContactPerson"

     kDSNAttrMachineServes Discussion

     Attribute type in host or machine records for storing NetInfo domains
     served.

     kDSNAttrMachineServes	   "dsAttrTypeStandard:MachineServes"

     kDSNAttrNetGroups Discussion:

     Attribute type that indicates which netgroups its record is a member of.
     Found in user, host, and netdomain records.

     kDSNAttrNetGroups		   "dsAttrTypeStandard:NetGroups"

     kDSNAttrPGPPublicKey	   "dsAttrTypeStandard:PGPPublicKey"

     kDSNAttrEMailAddress	   "dsAttrTypeStandard:EMailAddress"

     kDSNAttrAreaCode		   "dsAttrTypeStandard:AreaCode"

     kDSNAttrPhoneNumber	   "dsAttrTypeStandard:PhoneNumber"

     kDSNAttrHomePhoneNumber		"dsAttrTypeStandard:HomePhoneNumber"

     kDSNAttrPostalAddress	   "dsAttrTypeStandard:PostalAddress"

     kDSNAttrOrganizationName "dsAttrTypeStandard:OrganizationName"

     kDSNAttrAddressLine1	   "dsAttrTypeStandard:AddressLine1"

     kDSNAttrAddressLine2	   "dsAttrTypeStandard:AddressLine2"

     kDSNAttrAddressLine3	   "dsAttrTypeStandard:AddressLine3"

     kDSNAttrCity		   "dsAttrTypeStandard:City"

     kDSNAttrState		   "dsAttrTypeStandard:State"

     kDSNAttrPostalCode		   "dsAttrTypeStandard:PostalCode"

     used for Setup Assistant automatic population

     kDS1AttrSetupOccupation	   "dsAttrTypeStandard:Occupation"

     kDS1AttrSetupLocation	   "dsAttrTypeStandard:SetupAssistantLocation"

     kDS1AttrSetupAdvertising "dsAttrTypeStandard:SetupAssistantAdvertising"

     kDS1AttrSetupAutoRegister	   "dsAttrTypeStandard:SetupAssistantAutoReg‐
     ister"

     kDS1AttrMCXSettings	   "dsAttrTypeStandard:MCXSettings"

     kDSNAttrMCXSettings	   "dsAttrTypeStandard:MCXSettings"

     kDS1AttrMCXFlags		   "dsAttrTypeStandard:MCXFlags"

     kDSNAttrComputers		   "dsAttrTypeStandard:Computers"

     Print

     kDS1AttrPrintServiceInfoXML	"dsAttrTypeStandard:PrintServiceIn‐
     foXML"

     kDS1AttrPrintServiceInfoText  "dsAttrTypeStandard:PrintServiceInfoText"

     kDS1AttrPrintServiceUserData Discussion:

     Single-valued attribute for print quota configuration or statistics (XML
     data). Found in user records (kDSStdRecordTypeUsers) or print service
     statistics records (kDSStdRecordTypePrintServiceUser).

     kDS1AttrPrintServiceUserData  "dsAttrTypeStandard:PrintServiceUserData"

     kDS1AttrNeighborhoodType Discussion: Attribute type in Neighborhood
     records describing their function.

     kDS1AttrNeighborhoodType	   "dsAttrTypeStandard:NeighborhoodType"

     kDS1AttrNetworkView Discussion: The name of the managed network view a
     computer should use for browsing.

     kDS1AttrNetworkView		"dsAttrTypeStandard:NetworkView"

     kDSNAttrNeighborhoodAlias Discussion: Attribute type in Neighborhood
     records describing sub-neighborhood records.

     kDSNAttrNeighborhoodAlias		"dsAttrTypeStandard:NeighborhoodAlias"

     kDSNAttrComputerAlias Discussion: Attribute type in Neighborhood records
     describing computer records pointed to by this neighborhood.

     kDSNAttrComputerAlias		"dsAttrTypeStandard:ComputerAlias"

     kDS1AttrWeblogURI Discussion: Single-valued attribute that defines the
     URI of a user's weblog.  Usually found in user or person records (kDSSt‐
     dRecordTypeUsers, kDSStdRecordTypePeople).	 Example: http://exam‐
     ple.com/blog/jsmith

     kDS1AttrWeblogURI			"dsAttrTypeStandard:WeblogURI"

     kDSNAttrNodePathXMLPlist Discussion: Attribute type in Neighborhood
     records describing the DS Node to search while looking up aliases in this
     neighborhood.

     kDSNAttrNodePathXMLPlist	   "dsAttrTypeStandard:NodePathXMLPlist"

     kDSValueNSLTopLevelNeighborhoodType Discussion: Value type of Neighbor‐
     hood record

     kDSValueNSLTopLevelNeighborhoodType	  "NSLTopLevelNeighborhood‐
     Type"

     kDSValueNSLStaticNeighborhoodType Discussion: Value type of Neighborhood
     record

     kDSValueNSLStaticNeighborhoodType	     "NSLStaticNeighborhoodType"

     kDSValueNSLDynamicNeighborhoodType Discussion: Value type of Neighborhood
     record

     kDSValueNSLDynamicNeighborhoodType	     "NSLDynamicNeighborhoodType"

     kDSValueNSLLocalNeighborhoodType Discussion: Value type of Neighborhood
     record

     kDSValueNSLLocalNeighborhoodType	     "NSLLocalNeighborhoodType"

     kDS1AttrBirthday			"dsAttrTypeStandard:Birthday"

     kDS1AttrCapacity			"dsAttrTypeStandard:Capacity"

     kDS1AttrContactGUID		"dsAttrTypeStandard:ContactGUID"

     kDS1AttrOwnerGUID			"dsAttrTypeStandard:OwnerGUID"

     kDSNAttrCompany			     "dsAttrTypeStandard:Company"

     kDSNAttrEMailContacts		"dsAttrTypeStandard:EMailContacts"

     kDSNAttrGroupServices		"dsAttrTypeStandard:GroupServices"

     kDSNAttrMapCoordinates		"dsAttrTypeStandard:MapCoordinates"

     kDS1AttrMapGUID			     "dsAttrTypeStandard:MapGUID"

     kDSNAttrMapURI			"dsAttrTypeStandard:MapURI"

     kDSNAttrPhoneContacts		"dsAttrTypeStandard:PhoneContacts"

     kDSNAttrPostalAddressContacts "dsAttrTypeStandard:PostalAddressContacts"

     kDSNAttrRelationships		"dsAttrTypeStandard:Relationships"

     kDSNAttrResourceInfo		"dsAttrTypeStandard:ResourceInfo"

     kDSNAttrResourceType		"dsAttrTypeStandard:ResourceType"

     kDSNAttrServicesLocator  "dsAttrTypeStandard:ServicesLocator"

     kDSNAttrOrganizationInfo	   "dsAttrTypeStandard:OrganizationInfo"

SEE ALSO
     opendirectoryd(8), dscl(1)

MacOSX				 Feb 21, 2003				MacOSX
[top]

List of man pages available for Darwin

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net