1-- Module DirectoryAbstractService (X.511:08/1997) 2DirectoryAbstractService {joint-iso-itu-t ds(5) module(1) 3 directoryAbstractService(2) 3} DEFINITIONS ::= 4BEGIN 5 6-- EXPORTS All 7-- The types and values defined in this module are exported for use in the other ASN.1 modules contained 8-- within the Directory Specifications, and for the use of other applications which will use them to access 9-- Directory services. Other applications may use them for their own purposes, but this will not constrain 10-- extensions and modifications needed to maintain or improve the Directory service. 11IMPORTS 12 informationFramework, distributedOperations, authenticationFramework, 13 dap, directoryShadowAbstractService, basicAccessControl, enhancedSecurity, 14 id-at 15 FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1) 16 usefulDefinitions(0) 3} 17 AttributeTypeAndValue 18 FROM BasicAccessControl basicAccessControl 19 AgreementID 20 FROM DirectoryShadowAbstractService directoryShadowAbstractService 21 Attribute, AttributeType, AttributeValue, AttributeValueAssertion, 22 DistinguishedName, Name, RelativeDistinguishedName, SupportedAttributes, 23 ATTRIBUTE, MATCHING-RULE, ContextAssertion, AttributeTypeAssertion, 24 OBJECT-CLASS, RelaxationPolicy 25 FROM InformationFramework informationFramework 26 OperationProgress, ReferenceType, Exclusions, AccessPoint, 27 ContinuationReference 28 FROM DistributedOperations distributedOperations 29 CertificationPath, SIGNED{}, SIGNATURE{}, ENCRYPTED{}, AlgorithmIdentifier, 30 AttributeCertificationPath 31 FROM AuthenticationFramework authenticationFramework 32 OPTIONALLY-PROTECTED{}, OPTIONALLY-PROTECTED-SEQ{} 33 FROM EnhancedSecurity enhancedSecurity 34 id-opcode-read, id-opcode-compare, id-opcode-abandon, id-opcode-list, 35 id-opcode-search, id-opcode-addEntry, id-opcode-removeEntry, 36 id-opcode-modifyEntry, id-opcode-modifyDN, id-errcode-abandoned, 37 id-errcode-abandonFailed, id-errcode-attributeError, id-errcode-nameError, 38 id-errcode-referral, id-errcode-securityError, id-errcode-serviceError, 39 id-errcode-updateError 40 FROM DirectoryAccessProtocol dap 41 OPERATION, ERROR, Code 42 FROM Remote-Operations-Information-Objects {joint-iso-itu-t 43 remote-operations(4) informationObjects(5) version1(0)} 44 emptyUnbind 45 FROM Remote-Operations-Useful-Definitions {joint-iso-itu-t 46 remote-operations(4) useful-definitions(7) version1(0)} 47 InvokeId 48 FROM Remote-Operations-Generic-ROS-PDUs {joint-iso-itu-t 49 remote-operations(4) generic-ROS-PDUs(6) version1(0)} 50 --PROTECTED 51 -- FROM Notation { joint-iso-itu-t genericULS (20) modules (1) notation (1) } 52 SPKM-REQ, SPKM-REP-TI, SPKM-ERROR 53 FROM SpkmGssTokens {iso(1) identified-organization(3) dod(6) internet(1) 54 security(5) mechanisms(5) spkm(1) spkmGssTokens(10)}; 55 56-- Common data types 57-- Parameterized type for representing optional signing 58OPTIONALLY-SIGNED{Type} ::= CHOICE {unsigned Type, 59 signed SIGNED{Type} 60} 61 62CommonArguments ::= SET { 63 serviceControls [30] ServiceControls DEFAULT {}, 64 securityParameters [29] SecurityParameters OPTIONAL, 65 requestor [28] DistinguishedName OPTIONAL, 66 operationProgress 67 [27] OperationProgress DEFAULT {nameResolutionPhase notStarted}, 68 aliasedRDNs [26] INTEGER OPTIONAL, 69 criticalExtensions [25] BIT STRING OPTIONAL, 70 referenceType [24] ReferenceType OPTIONAL, 71 entryOnly [23] BOOLEAN DEFAULT TRUE, 72 nameResolveOnMaste [21] BOOLEAN DEFAULT FALSE, 73 operationContexts [20] ContextSelection OPTIONAL, 74 familyGrouping [19] FamilyGrouping DEFAULT entryOnly 75} 76 77FamilyGrouping ::= ENUMERATED { 78 entryOnly(1), compoundEntry(2), strands(3), multiStrand(4)} 79 80CommonResults ::= SET { 81 securityParameters [30] SecurityParameters OPTIONAL, 82 performer [29] DistinguishedName OPTIONAL, 83 aliasDereferenced [28] BOOLEAN DEFAULT FALSE, 84 notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL 85} 86 87CommonResultsSeq ::= SEQUENCE { 88 securityParameters [30] SecurityParameters OPTIONAL, 89 performer [29] DistinguishedName OPTIONAL, 90 aliasDereferenced [28] BOOLEAN DEFAULT FALSE 91} 92 93ServiceControls ::= SET { 94 options [0] ServiceControlOptions DEFAULT {}, 95 priority [1] INTEGER {low(0), medium(1), high(2)} DEFAULT medium, 96 timeLimit [2] INTEGER OPTIONAL, 97 sizeLimit [3] INTEGER OPTIONAL, 98 scopeOfReferral [4] INTEGER {dmd(0), country(1)} OPTIONAL, 99 attributeSizeLimit [5] INTEGER OPTIONAL, 100 manageDSAITPlaneRef 101 [6] SEQUENCE {dsaName Name, 102 agreementID AgreementID} OPTIONAL, 103 serviceType [7] OBJECT IDENTIFIER OPTIONAL, 104 userClass [8] INTEGER OPTIONAL 105} 106 107ServiceControlOptions ::= BIT STRING { 108 preferChaining(0), chainingProhibited(1), localScope(2), dontUseCopy(3), 109 dontDereferenceAliases(4), subentries(5), copyShallDo(6), 110 partialNameResolution(7), manageDSAIT(8), noSubtypeMatch(9), 111 noSubtypeSelection(10), countFamily(11)} 112 113EntryInformationSelection ::= SET { 114 attributes 115 CHOICE {allUserAttributes [0] NULL, 116 select [1] SET OF AttributeType 117 -- empty set implies no attributes are requested 118 } DEFAULT allUserAttributes:NULL, 119 infoTypes 120 [2] INTEGER {attributeTypesOnly(0), attributeTypesAndValues(1)} 121 DEFAULT attributeTypesAndValues, 122 extraAttributes 123 CHOICE {allOperationalAttributes [3] NULL, 124 select [4] SET OF AttributeType} OPTIONAL, 125 contextSelection ContextSelection OPTIONAL, 126 returnContexts BOOLEAN DEFAULT FALSE, 127 familyReturn FamilyReturn DEFAULT {memberSelect contributingEntriesOnly} 128} 129 130ContextSelection ::= CHOICE { 131 allContexts NULL, 132 selectedContexts SET OF TypeAndContextAssertion 133} 134 135TypeAndContextAssertion ::= SEQUENCE { 136 type AttributeType, 137 contextAssertions 138 CHOICE {preference SEQUENCE OF ContextAssertion, 139 all SET OF ContextAssertion} 140} 141 142FamilyReturn ::= SEQUENCE { 143 memberSelect 144 ENUMERATED {contributingEntriesOnly(1), participatingEntriesOnly(2), 145 compoundEntry(3)}, 146 familySelect SEQUENCE SIZE (1..MAX) OF OBJECT-CLASS.&id OPTIONAL 147} 148 149family-information ATTRIBUTE ::= { 150 WITH SYNTAX FamilyEntries 151 USAGE directoryOperation 152 ID id-at-family-information 153} 154 155FamilyEntries ::= SEQUENCE { 156 family-class OBJECT-CLASS.&id, -- structural object class value 157 familyEntries SEQUENCE OF FamilyEntry 158} 159 160FamilyEntry ::= SEQUENCE { 161 rdn RelativeDistinguishedName, 162 information 163 SEQUENCE OF CHOICE {attributeType AttributeType, 164 attribute Attribute}, 165 family-info SEQUENCE SIZE (1..MAX) OF FamilyEntries OPTIONAL 166} 167 168EntryInformation ::= SEQUENCE { 169 name Name, 170 fromEntry BOOLEAN DEFAULT TRUE, 171 information 172 SET SIZE (1..MAX) OF 173 CHOICE {attributeType AttributeType, 174 attribute Attribute} OPTIONAL, 175 incompleteEntry [3] BOOLEAN DEFAULT FALSE, -- not in 1988-edition systems 176 partialNameResolution 177 [4] BOOLEAN DEFAULT FALSE -- not in 1988 or 1993 edition systems -- 178} 179 180Filter ::= CHOICE { 181 item [0] FilterItem, 182 and [1] SET OF Filter, 183 or [2] SET OF Filter, 184 not [3] Filter 185} 186 187FilterItem ::= CHOICE { 188 equality [0] AttributeValueAssertion, 189 substrings 190 [1] SEQUENCE {type ATTRIBUTE.&id({SupportedAttributes}), 191 strings 192 SEQUENCE OF 193 CHOICE {initial 194 [0] ATTRIBUTE.&Type 195 ({SupportedAttributes} 196 {@substrings.type}), 197 any 198 [1] ATTRIBUTE.&Type 199 ({SupportedAttributes} 200 {@substrings.type}), 201 final 202 [2] ATTRIBUTE.&Type 203 ({SupportedAttributes} 204 {@substrings.type}), 205 control Attribute -- Used to specify interpretation of following items 206 }}, 207 greaterOrEqual [2] AttributeValueAssertion, 208 lessOrEqual [3] AttributeValueAssertion, 209 present [4] AttributeType, 210 approximateMatch [5] AttributeValueAssertion, 211 extensibleMatch [6] MatchingRuleAssertion, 212 contextPresent [7] AttributeTypeAssertion 213} 214 215MatchingRuleAssertion ::= SEQUENCE { 216 matchingRule [1] SET SIZE (1..MAX) OF MATCHING-RULE.&id, 217 type [2] AttributeType OPTIONAL, 218 matchValue 219 [3] MATCHING-RULE.&AssertionType 220 (CONSTRAINED BY { 221 -- matchValue must be a value of type specified by the &AssertionType field of 222 -- one of the MATCHING-RULE information objects identified by matchingRule -- }), 223 dnAttributes [4] BOOLEAN DEFAULT FALSE 224} 225 226PagedResultsRequest ::= CHOICE { 227 newRequest 228 SEQUENCE {pageSize INTEGER, 229 sortKeys SEQUENCE SIZE (1..MAX) OF SortKey OPTIONAL, 230 reverse [1] BOOLEAN DEFAULT FALSE, 231 unmerged [2] BOOLEAN DEFAULT FALSE}, 232 queryReference OCTET STRING 233} 234 235SortKey ::= SEQUENCE { 236 type AttributeType, 237 orderingRule MATCHING-RULE.&id OPTIONAL 238} 239 240SecurityParameters ::= SET { 241 certification-path [0] CertificationPath OPTIONAL, 242 name [1] DistinguishedName OPTIONAL, 243 time [2] Time OPTIONAL, 244 random [3] BIT STRING OPTIONAL, 245 target [4] ProtectionRequest OPTIONAL, 246 response [5] BIT STRING OPTIONAL, 247 operationCode [6] Code OPTIONAL, 248 attributeCertificationPath [7] AttributeCertificationPath OPTIONAL, 249 errorProtection [8] ErrorProtectionRequest OPTIONAL, 250 errorCode [9] Code OPTIONAL 251} 252 253ProtectionRequest ::= INTEGER { 254 none(0), signed(1), encrypted(2), signed-encrypted(3)} 255 256Time ::= CHOICE {utcTime UTCTime, 257 generalizedTime GeneralizedTime 258} 259 260ErrorProtectionRequest ::= INTEGER { 261 none(0), signed(1), encrypted(2), signed-encrypted(3)} 262 263-- Bind and unbind operations 264directoryBind OPERATION ::= { 265 ARGUMENT DirectoryBindArgument 266 RESULT DirectoryBindResult 267 ERRORS {directoryBindError} 268} 269 270DirectoryBindArgument ::= SET { 271 credentials [0] Credentials OPTIONAL, 272 versions [1] Versions DEFAULT {v1} 273} 274 275Credentials ::= CHOICE { 276 simple [0] SimpleCredentials, 277 strong [1] StrongCredentials, 278 externalProcedure [2] EXTERNAL, 279 spkm [3] SpkmCredentials 280} 281 282SimpleCredentials ::= SEQUENCE { 283 name [0] DistinguishedName, 284 validity 285 [1] SET {time1 [0] CHOICE {utc UTCTime, 286 gt GeneralizedTime} OPTIONAL, 287 time2 [1] CHOICE {utc UTCTime, 288 gt GeneralizedTime} OPTIONAL, 289 random1 [2] BIT STRING OPTIONAL, 290 random2 [3] BIT STRING OPTIONAL}, 291 password 292 [2] CHOICE {unprotected OCTET STRING, 293 protected SIGNATURE{OCTET STRING}} OPTIONAL 294} 295 296StrongCredentials ::= SET { 297 certification-path [0] CertificationPath OPTIONAL, 298 bind-token [1] Token, 299 name [2] DistinguishedName OPTIONAL, 300 attributeCertificationPath [3] AttributeCertificationPath OPTIONAL 301} 302 303SpkmCredentials ::= CHOICE {req [0] SPKM-REQ, 304 rep [1] SPKM-REP-TI 305} 306 307Token ::= 308 SIGNED 309 {SEQUENCE {algorithm [0] AlgorithmIdentifier, 310 name [1] DistinguishedName, 311 time [2] Time, 312 random [3] BIT STRING, 313 response [4] BIT STRING OPTIONAL, 314 bindIntAlgorithm 315 [5] SEQUENCE SIZE (1..MAX) OF AlgorithmIdentifier OPTIONAL, 316 bindIntKeyInfo [6] BindKeyInfo OPTIONAL, 317 bindConfAlgorithm 318 [7] SEQUENCE SIZE (1..MAX) OF AlgorithmIdentifier OPTIONAL, 319 bindConfKeyInfo [8] BindKeyInfo OPTIONAL}} 320 321Versions ::= BIT STRING {v1(0), v2(1)} 322 323DirectoryBindResult ::= DirectoryBindArgument 324 325directoryBindError ERROR ::= { 326 PARAMETER OPTIONALLY-PROTECTED 327 {SET {versions [0] Versions DEFAULT {v1}, 328 error 329 CHOICE {serviceError [1] ServiceProblem, 330 securityError [2] SecurityProblem}}} 331} 332 333BindKeyInfo ::= ENCRYPTED{BIT STRING} 334 335directoryUnbind OPERATION ::= emptyUnbind 336 337-- Operations, arguments, and results 338read OPERATION ::= { 339 ARGUMENT ReadArgument 340 RESULT ReadResult 341 ERRORS 342 {attributeError | nameError | serviceError | referral | abandoned | 343 securityError} 344 CODE id-opcode-read 345} 346 347ReadArgument ::= 348 OPTIONALLY-PROTECTED 349 {SET {object [0] Name, 350 selection [1] EntryInformationSelection DEFAULT {}, 351 modifyRightsRequest [2] BOOLEAN DEFAULT FALSE, 352 COMPONENTS OF CommonArguments}} 353 354ReadResult ::= 355 OPTIONALLY-PROTECTED 356 {SET {entry [0] EntryInformation, 357 modifyRights [1] ModifyRights OPTIONAL, 358 COMPONENTS OF CommonResults}} 359 360ModifyRights ::= 361 SET OF 362 SEQUENCE {item 363 CHOICE {entry [0] NULL, 364 attribute [1] AttributeType, 365 value [2] AttributeValueAssertion}, 366 permission 367 [3] BIT STRING {add(0), remove(1), rename(2), move(3)} 368 } 369 370compare OPERATION ::= { 371 ARGUMENT CompareArgument 372 RESULT CompareResult 373 ERRORS 374 {attributeError | nameError | serviceError | referral | abandoned | 375 securityError} 376 CODE id-opcode-compare 377} 378 379CompareArgument ::= 380 OPTIONALLY-PROTECTED 381 {SET {object [0] Name, 382 purported [1] AttributeValueAssertion, 383 COMPONENTS OF CommonArguments}} 384 385CompareResult ::= 386 OPTIONALLY-PROTECTED 387 {SET {name Name OPTIONAL, 388 matched [0] BOOLEAN, 389 fromEntry [1] BOOLEAN DEFAULT TRUE, 390 matchedSubtype [2] AttributeType OPTIONAL, 391 COMPONENTS OF CommonResults}} 392 393abandon OPERATION ::= { 394 ARGUMENT AbandonArgument 395 RESULT AbandonResult 396 ERRORS {abandonFailed} 397 CODE id-opcode-abandon 398} 399 400AbandonArgument ::= 401 OPTIONALLY-PROTECTED-SEQ{SEQUENCE {invokeID [0] InvokeId}} 402 403AbandonResult ::= CHOICE { 404 null NULL, 405 information 406 OPTIONALLY-PROTECTED-SEQ{SEQUENCE {invokeID InvokeId, 407 COMPONENTS OF CommonResultsSeq 408 }} 409} 410 411list OPERATION ::= { 412 ARGUMENT ListArgument 413 RESULT ListResult 414 ERRORS {nameError | serviceError | referral | abandoned | securityError} 415 CODE id-opcode-list 416} 417 418ListArgument ::= 419 OPTIONALLY-PROTECTED 420 {SET {object [0] Name, 421 pagedResults [1] PagedResultsRequest OPTIONAL, 422 listFamily [2] BOOLEAN DEFAULT FALSE, 423 COMPONENTS OF CommonArguments}} 424 425ListResult ::= 426 OPTIONALLY-PROTECTED 427 {CHOICE {listInfo 428 SET {name Name OPTIONAL, 429 subordinates 430 [1] SET OF 431 SEQUENCE {rdn RelativeDistinguishedName, 432 aliasEntry [0] BOOLEAN DEFAULT FALSE, 433 fromEntry [1] BOOLEAN DEFAULT TRUE 434 }, 435 partialOutcomeQualifier 436 [2] PartialOutcomeQualifier OPTIONAL, 437 COMPONENTS OF CommonResults}, 438 uncorrelatedListInfo [0] SET OF ListResult}} 439 440PartialOutcomeQualifier ::= SET { 441 limitProblem [0] LimitProblem OPTIONAL, 442 unexplored 443 [1] SET SIZE (1..MAX) OF ContinuationReference OPTIONAL, 444 unavailableCriticalExtensions [2] BOOLEAN DEFAULT FALSE, 445 unknownErrors 446 [3] SET SIZE (1..MAX) OF ABSTRACT-SYNTAX.&Type OPTIONAL, 447 queryReference [4] OCTET STRING OPTIONAL, 448 overspecFilter [5] Filter OPTIONAL, 449 notification 450 [6] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL, 451 entryCount 452 CHOICE {bestEstimate [7] INTEGER, 453 lowEstimate [8] INTEGER} OPTIONAL 454} 455 456LimitProblem ::= INTEGER { 457 timeLimitExceeded(0), sizeLimitExceeded(1), administrativeLimitExceeded(2) 458} 459 460search OPERATION ::= { 461 ARGUMENT SearchArgument 462 RESULT SearchResult 463 ERRORS 464 {attributeError | nameError | serviceError | referral | abandoned | 465 securityError} 466 CODE id-opcode-search 467} 468 469SearchArgument ::= 470 OPTIONALLY-PROTECTED 471 {SET {baseObject [0] Name, 472 subset 473 [1] INTEGER {baseObject(0), oneLevel(1), wholeSubtree(2)} 474 DEFAULT baseObject, 475 filter [2] Filter DEFAULT and:{}, 476 searchAliases [3] BOOLEAN DEFAULT TRUE, 477 selection [4] EntryInformationSelection DEFAULT {}, 478 pagedResults [5] PagedResultsRequest OPTIONAL, 479 matchedValuesOnly [6] BOOLEAN DEFAULT FALSE, 480 extendedFilter [7] Filter OPTIONAL, 481 checkOverspecified [8] BOOLEAN DEFAULT FALSE, 482 relaxation [9] RelaxationPolicy OPTIONAL, 483 extendedArea [10] INTEGER OPTIONAL, 484 hierarchySelections [11] HierarchySelections DEFAULT {self}, 485 searchControlOptions 486 [12] SearchControlOptions DEFAULT {searchAliases}, 487 COMPONENTS OF CommonArguments}} 488 489HierarchySelections ::= BIT STRING { 490 self(0), children(1), parent(2), hierarchy(3), top(4), subtree(5), 491 siblings(6), siblingChildren(7), siblingSubtree(8), all(9)} 492 493SearchControlOptions ::= BIT STRING { 494 searchAliases(0), matchedValuesOnly(1), checkOverspecified(2), 495 performExactly(3), includeAllAreas(4), noSystemRelaxation(5), dnAttribute(6), 496 matchOnResidualName(7), entryCount(8), useSubset(9), 497 separateFamilyMembers(10), searchFamily(11)} 498 499SearchResult ::= 500 OPTIONALLY-PROTECTED 501 {CHOICE {searchInfo 502 SET {name Name OPTIONAL, 503 entries [0] SET OF EntryInformation, 504 partialOutcomeQualifier 505 [2] PartialOutcomeQualifier OPTIONAL, 506 altMatching [3] BOOLEAN DEFAULT FALSE, 507 COMPONENTS OF CommonResults}, 508 uncorrelatedSearchInfo [0] SET OF SearchResult}} 509 510addEntry OPERATION ::= { 511 ARGUMENT AddEntryArgument 512 RESULT AddEntryResult 513 ERRORS 514 {attributeError | nameError | serviceError | referral | securityError | 515 updateError} 516 CODE id-opcode-addEntry 517} 518 519AddEntryArgument ::= 520 OPTIONALLY-PROTECTED 521 {SET {object [0] Name, 522 entry [1] SET OF Attribute, 523 targetSystem [2] AccessPoint OPTIONAL, 524 COMPONENTS OF CommonArguments}} 525 526AddEntryResult ::= CHOICE { 527 null NULL, 528 information 529 OPTIONALLY-PROTECTED-SEQ{SEQUENCE {COMPONENTS OF CommonResultsSeq}} 530} 531 532removeEntry OPERATION ::= { 533 ARGUMENT RemoveEntryArgument 534 RESULT RemoveEntryResult 535 ERRORS {nameError | serviceError | referral | securityError | updateError} 536 CODE id-opcode-removeEntry 537} 538 539RemoveEntryArgument ::= 540 OPTIONALLY-PROTECTED{SET {object [0] Name, 541 COMPONENTS OF CommonArguments}} 542 543RemoveEntryResult ::= CHOICE { 544 null NULL, 545 information 546 OPTIONALLY-PROTECTED-SEQ{SEQUENCE {COMPONENTS OF CommonResultsSeq}} 547} 548 549modifyEntry OPERATION ::= { 550 ARGUMENT ModifyEntryArgument 551 RESULT ModifyEntryResult 552 ERRORS 553 {attributeError | nameError | serviceError | referral | securityError | 554 updateError} 555 CODE id-opcode-modifyEntry 556} 557 558ModifyEntryArgument ::= 559 OPTIONALLY-PROTECTED 560 {SET {object [0] Name, 561 changes [1] SEQUENCE OF EntryModification, 562 selection [2] EntryInformationSelection OPTIONAL, 563 COMPONENTS OF CommonArguments}} 564 565ModifyEntryResult ::= CHOICE { 566 null NULL, 567 information 568 OPTIONALLY-PROTECTED-SEQ{SEQUENCE {entry [0] EntryInformation OPTIONAL, 569 COMPONENTS OF CommonResultsSeq 570 }} 571} 572 573EntryModification ::= CHOICE { 574 addAttribute [0] Attribute, 575 removeAttribute [1] AttributeType, 576 addValues [2] Attribute, 577 removeValues [3] Attribute, 578 alterValues [4] AttributeTypeAndValue, 579 resetValue [5] AttributeType 580} 581 582modifyDN OPERATION ::= { 583 ARGUMENT ModifyDNArgument 584 RESULT ModifyDNResult 585 ERRORS {nameError | serviceError | referral | securityError | updateError} 586 CODE id-opcode-modifyDN 587} 588 589ModifyDNArgument ::= 590 OPTIONALLY-PROTECTED 591 {SET {object [0] DistinguishedName, 592 newRDN [1] RelativeDistinguishedName, 593 deleteOldRDN [2] BOOLEAN DEFAULT FALSE, 594 newSuperior [3] DistinguishedName OPTIONAL, 595 COMPONENTS OF CommonArguments}} 596 597ModifyDNResult ::= CHOICE { 598 null NULL, 599 information 600 OPTIONALLY-PROTECTED-SEQ{SEQUENCE {newRDN RelativeDistinguishedName, 601 COMPONENTS OF CommonResultsSeq 602 }} 603} 604 605-- Errors and parameters 606abandoned ERROR ::= { -- not literally an "error" 607 PARAMETER OPTIONALLY-PROTECTED {SET {COMPONENTS OF CommonResults}} 608 CODE id-errcode-abandoned 609} 610 611abandonFailed ERROR ::= { 612 PARAMETER OPTIONALLY-PROTECTED 613 {SET {problem [0] AbandonProblem, 614 operation [1] InvokeId, 615 COMPONENTS OF CommonResults}} 616 CODE id-errcode-abandonFailed 617} 618 619AbandonProblem ::= INTEGER {noSuchOperation(1), tooLate(2), cannotAbandon(3)} 620 621attributeError ERROR ::= { 622 PARAMETER OPTIONALLY-PROTECTED 623 {SET {object [0] Name, 624 problems 625 [1] SET OF 626 SEQUENCE {problem [0] AttributeProblem, 627 type [1] AttributeType, 628 value [2] AttributeValue OPTIONAL}, 629 COMPONENTS OF CommonResults}} 630 CODE id-errcode-attributeError 631} 632 633AttributeProblem ::= INTEGER { 634 noSuchAttributeOrValue(1), invalidAttributeSyntax(2), 635 undefinedAttributeType(3), inappropriateMatching(4), constraintViolation(5), 636 attributeOrValueAlreadyExists(6), contextViolation(7)} 637 638nameError ERROR ::= { 639 PARAMETER OPTIONALLY-PROTECTED 640 {SET {problem [0] NameProblem, 641 matched [1] Name, 642 COMPONENTS OF CommonResults}} 643 CODE id-errcode-nameError 644} 645 646NameProblem ::= INTEGER { 647 noSuchObject(1), aliasProblem(2), invalidAttributeSyntax(3), 648 aliasDereferencingProblem(4), contextProblem(5)} 649 650referral ERROR ::= { -- not literally an "error" 651 PARAMETER OPTIONALLY-PROTECTED 652 {SET {candidate [0] ContinuationReference, 653 COMPONENTS OF CommonResults}} 654 CODE id-errcode-referral 655} 656 657securityError ERROR ::= { 658 PARAMETER OPTIONALLY-PROTECTED 659 {SET {problem [0] SecurityProblem, 660 spkmInfo [1] SPKM-ERROR, 661 COMPONENTS OF CommonResults}} 662 CODE id-errcode-securityError 663} 664 665SecurityProblem ::= INTEGER { 666 inappropriateAuthentication(1), invalidCredentials(2), 667 insufficientAccessRights(3), invalidSignature(4), protectionRequired(5), 668 noInformation(6), blockedCredentials(7), invalidQOPMatch(8), spkmError(9) 669} 670 671serviceError ERROR ::= { 672 PARAMETER OPTIONALLY-PROTECTED 673 {SET {problem [0] ServiceProblem, 674 COMPONENTS OF CommonResults}} 675 CODE id-errcode-serviceError 676} 677 678ServiceProblem ::= INTEGER { 679 busy(1), unavailable(2), unwillingToPerform(3), chainingRequired(4), 680 unableToProceed(5), invalidReference(6), timeLimitExceeded(7), 681 administrativeLimitExceeded(8), loopDetected(9), 682 unavailableCriticalExtension(10), outOfScope(11), ditError(12), 683 invalidQueryReference(13), requestedServiceNotAvailable(14), 684 relaxationNotSupported(15), unavailableRelaxationLevel(16), 685 unsupportedMatchingUse(17), unmatchedKeyAttributes(18), 686 ambiguousKeyAttributes(19)} 687 688updateError ERROR ::= { 689 PARAMETER OPTIONALLY-PROTECTED 690 {SET {problem [0] UpdateProblem, 691 attributeInfo 692 [1] SET SIZE (1..MAX) OF 693 CHOICE {attributeType AttributeType, 694 attribute Attribute} OPTIONAL, 695 COMPONENTS OF CommonResults}} 696 CODE id-errcode-updateError 697} 698 699UpdateProblem ::= INTEGER { 700 namingViolation(1), objectClassViolation(2), notAllowedOnNonLeaf(3), 701 notAllowedOnRDN(4), entryAlreadyExists(5), affectsMultipleDSAs(6), 702 objectClassModificationProhibited(7), notAncestor(8), parentNotAncestor(9), 703 hierarchyRuleViolation(10), familyRuleViolation(11)} 704 705id-at-family-information OBJECT IDENTIFIER ::= {id-at 64} 706 707END -- DirectoryAbstractService 708 709-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D 710 711