001    /*
002     * CDDL HEADER START
003     *
004     * The contents of this file are subject to the terms of the
005     * Common Development and Distribution License, Version 1.0 only
006     * (the "License").  You may not use this file except in compliance
007     * with the License.
008     *
009     * You can obtain a copy of the license at
010     * trunk/opends/resource/legal-notices/OpenDS.LICENSE
011     * or https://OpenDS.dev.java.net/OpenDS.LICENSE.
012     * See the License for the specific language governing permissions
013     * and limitations under the License.
014     *
015     * When distributing Covered Code, include this CDDL HEADER in each
016     * file and include the License file at
017     * trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
018     * add the following below this CDDL HEADER, with the fields enclosed
019     * by brackets "[]" replaced with your own identifying information:
020     *      Portions Copyright [yyyy] [name of copyright owner]
021     *
022     * CDDL HEADER END
023     *
024     *
025     *      Copyright 2006-2008 Sun Microsystems, Inc.
026     */
027    package org.opends.server.config;
028    
029    
030    
031    import java.io.File;
032    
033    import org.opends.server.types.SSLClientAuthPolicy;
034    
035    
036    
037    /**
038     * This class defines a number of constants used by the Directory Server
039     * configuration, including configuration attribute and objectclass names,
040     * and attribute options.
041     */
042    @org.opends.server.types.PublicAPI(
043         stability=org.opends.server.types.StabilityLevel.VOLATILE,
044         mayInstantiate=false,
045         mayExtend=false,
046         mayInvoke=true)
047    public final class ConfigConstants
048    {
049      /**
050       * The prefix that will be applied to all custom attribute and objectclass
051       * names used for holding information about a Directory Server backup.
052       */
053      public static final String NAME_PREFIX_BACKUP = "ds-backup-";
054    
055    
056    
057      /**
058       * The prefix that will be applied to all custom attribute and objectclass
059       * names in the Directory Server configuration.
060       */
061      public static final String NAME_PREFIX_CFG = "ds-cfg-";
062    
063    
064    
065      /**
066       * The prefix that will be applied to all custom operational attributes used
067       * for holding password policy state information.
068       */
069      public static final String NAME_PREFIX_PWP = "ds-pwp-";
070    
071    
072    
073      /**
074       * The prefix that will be applied to all custom attributes and objectclasses
075       * for holding recurring task information.
076       */
077      public static final String NAME_PREFIX_RECURRING_TASK = "ds-recurring-task-";
078    
079    
080    
081      /**
082       * The prefix that will be applied to all custom operational attributes used
083       * for holding resource limit information.
084       */
085      public static final String NAME_PREFIX_RLIM = "ds-rlim-";
086    
087    
088    
089      /**
090       * The prefix that will be applied to all custom attributes and objectclasses
091       * for holding task information.
092       */
093      public static final String NAME_PREFIX_TASK = "ds-task-";
094    
095    
096    
097      /**
098       * The name of the configuration attribute that specifies the backlog to use
099       * when accepting new connections.
100       */
101      public static final String ATTR_ACCEPT_BACKLOG =
102           "ds-cfg-accept-backlog";
103    
104    
105    
106      /**
107       * The default accept backlog to use if no value is given.
108       */
109      public static final int DEFAULT_ACCEPT_BACKLOG = 128;
110    
111    
112    
113      /**
114       * The name of the configuration attribute that holds the fully-qualified name
115       * for the account status notification handler class.
116       */
117      public static final String ATTR_ACCT_NOTIFICATION_HANDLER_CLASS =
118           "ds-cfg-java-class";
119    
120    
121    
122      /**
123       * The name of the configuration attribute that indicates whether an account
124       * status notification handler is enabled.
125       */
126      public static final String ATTR_ACCT_NOTIFICATION_HANDLER_ENABLED =
127           "ds-cfg-enabled";
128    
129    
130    
131      /**
132       * The name of the configuration attribute that specifies the set of account
133       * status notification types that should trigger notifications.
134       */
135      public static final String ATTR_ACCT_NOTIFICATION_TYPE =
136           "ds-cfg-account-status-notification-type";
137    
138    
139    
140      /**
141       * The name of the configuration attribute that indicates whether to
142       * automatically add missing RDN attributes or to return an error response to
143       * the client.
144       */
145      public static final String ATTR_ADD_MISSING_RDN_ATTRS =
146           "ds-cfg-add-missing-rdn-attributes";
147    
148    
149    
150      /**
151       * The name of the configuration attribute that specifies the class that will
152       * be used for an alert handler.
153       */
154      public static final String ATTR_ALERT_HANDLER_CLASS =
155           "ds-cfg-java-class";
156    
157    
158    
159      /**
160       * The name of the configuration attribute that indicates whether an alert
161       * handler is enabled.
162       */
163      public static final String ATTR_ALERT_HANDLER_ENABLED =
164           "ds-cfg-enabled";
165    
166    
167    
168      /**
169       * The name of the configuration attribute that indicates whether it will be
170       * possible to allow exceptions to the strict attribute naming restrictions.
171       */
172      public static final String ATTR_ALLOW_ATTRIBUTE_NAME_EXCEPTIONS =
173           "ds-cfg-allow-attribute-name-exceptions";
174    
175    
176    
177      /**
178       * The name of the configuration attribute that indicates which clients
179       * should be allowed to establish connections.
180       */
181      public static final String ATTR_ALLOWED_CLIENT =
182           "ds-cfg-allowed-client";
183    
184    
185    
186      /**
187       * The name of the configuration attribute that indicates whether LDAPv2
188       * clients will be allowed to access the server.
189       */
190      public static final String ATTR_ALLOW_LDAPV2 =
191           "ds-cfg-allow-ldap-v2";
192    
193    
194    
195      /**
196       * The default policy that should be used for accepting LDAPv2 connections if
197       * it is not defined in the configuration.
198       */
199      public static final boolean DEFAULT_ALLOW_LDAPV2 = true;
200    
201    
202    
203      /**
204       * The name of the configuration attribute that indicates whether the server
205       * socket should have the SO_REUSEADDR socket option set.
206       */
207      public static final String ATTR_ALLOW_REUSE_ADDRESS =
208           "ds-cfg-allow-tcp-reuse-address";
209    
210    
211    
212      /**
213       * The default policy for using the SO_REUSEADDR socket option if it is not
214       * specified in the configuration.
215       */
216      public static final boolean DEFAULT_ALLOW_REUSE_ADDRESS = true;
217    
218    
219    
220      /**
221       * The name of the configuration attribute that specifies one or more
222       * alternate bind DNs for a root user.
223       */
224      public static final String ATTR_ROOTDN_ALTERNATE_BIND_DN =
225           "ds-cfg-alternate-bind-dn";
226    
227    
228    
229      /**
230       * The name of the configuration attribute that indicates whether the root DSE
231       * should treat all attributes as user attributes or if it should treat them
232       * as per their definition in the schema.
233       */
234      public static final String ATTR_ROOTDSE_SHOW_ALL_ATTRIBUTES =
235           "ds-cfg-show-all-attributes";
236    
237    
238    
239      /**
240       * The default value that will be used regarding treating all root DSE
241       * attributes as user attributes if it is not defined in the configuration.
242       */
243      public static final boolean DEFAULT_ROOTDSE_SHOW_ALL_ATTRIBUTES = false;
244    
245    
246    
247      /**
248       * The name of the configuration attribute that indicates whether the
249       * subschema entry should treat all attributes as user attributes or if it
250       * should treat them as per their definition in the schema.
251       */
252      public static final String ATTR_SCHEMA_SHOW_ALL_ATTRIBUTES =
253           "ds-cfg-show-all-attributes";
254    
255    
256    
257      /**
258       * The default value that will be used regarding treating all subschema entry
259       * attributes as user attributes if it is not defined in the configuration.
260       */
261      public static final boolean DEFAULT_SCHEMA_SHOW_ALL_ATTRIBUTES = false;
262    
263    
264    
265      /**
266       * The name of the configuration attribute that indicates whether to allow
267       * clients to use the startTLS extended operation.
268       */
269      public static final String ATTR_ALLOW_STARTTLS =
270           "ds-cfg-allow-start-tls";
271    
272    
273    
274      /**
275       * The default configuration that specifies whether to allow startTLS
276       * operations if it is not defined in the server configuration.
277       */
278      public static final boolean DEFAULT_ALLOW_STARTTLS = false;
279    
280    
281    
282      /**
283       * The name of the configuration attribute that indicates whether to allow the
284       * use of zero-length values in attributes with the directory string syntax.
285       */
286      public static final String ATTR_ALLOW_ZEROLENGTH_DIRECTORYSTRINGS =
287           "ds-cfg-allow-zero-length-values";
288    
289    
290    
291      /**
292       * The default configuration that specifies whether to allow zero-length
293       * directory string values if it is not defined in the server configuration.
294       */
295      public static final boolean DEFAULT_ALLOW_ZEROLENGTH_DIRECTORYSTRINGS = false;
296    
297    
298    
299      /**
300       * The name of the configuration attribute that holds the set of attribute
301       * type definitions in the server schema, formatted in camelCase.
302       */
303      public static final String ATTR_ATTRIBUTE_TYPES = "attributeTypes";
304    
305    
306    
307      /**
308       * The name of the configuration attribute that holds the set of attribute
309       * type definitions in the server schema, formatted in all lowercase.
310       */
311      public static final String ATTR_ATTRIBUTE_TYPES_LC = "attributetypes";
312    
313    
314    
315      /**
316       * The name of the configuration attribute that specifies the base DN(s) for a
317       * backend.
318       */
319      public static final String ATTR_BACKEND_BASE_DN =
320           "ds-cfg-base-dn";
321    
322    
323    
324      /**
325       * The name of the configuration attribute that holds the fully-qualified name
326       * of the Java class for a backend implementation.
327       */
328      public static final String ATTR_BACKEND_CLASS =
329           "ds-cfg-java-class";
330    
331    
332    
333      /**
334       * The name of the configuration attribute that indicates whether a particular
335       * backend is enabled.
336       */
337      public static final String ATTR_BACKEND_ENABLED =
338           "ds-cfg-enabled";
339    
340    
341    
342      /**
343       * The name of the configuration attribute that specifies the unique ID for a
344       * backend.
345       */
346      public static final String ATTR_BACKEND_ID = "ds-cfg-backend-id";
347    
348    
349    
350      /**
351       * The name of the configuration attribute that specifies the writability mode
352       * for a backend.
353       */
354      public static final String ATTR_BACKEND_WRITABILITY_MODE =
355           "ds-cfg-writability-mode";
356    
357    
358    
359      /**
360       * The name of the configuration attribute that holds the DN of the backend
361       * configuration entry with which a backup directory is associated.
362       */
363      public static final String ATTR_BACKUP_BACKEND_DN =
364           NAME_PREFIX_BACKUP + "backend-dn";
365    
366    
367    
368      /**
369       * The name of the configuration attribute that indicates whether a backup is
370       * compressed.
371       */
372      public static final String ATTR_BACKUP_COMPRESSED =
373           NAME_PREFIX_BACKUP + "compressed";
374    
375    
376    
377      /**
378       * The name of the configuration attribute that holds the date that a backup
379       * was made.
380       */
381      public static final String ATTR_BACKUP_DATE = NAME_PREFIX_BACKUP + "date";
382    
383    
384    
385      /**
386       * The name of the configuration attribute that holds the set of dependencies
387       * for a backup.
388       */
389      public static final String ATTR_BACKUP_DEPENDENCY =
390           NAME_PREFIX_BACKUP + "dependency";
391    
392    
393    
394      /**
395       * The name of the configuration attribute that holds the list of default
396       * backup directories to search when using the backup backend.
397       */
398      public static final String ATTR_BACKUP_DIR_LIST =
399           "ds-cfg-backup-directory";
400    
401    
402    
403      /**
404       * The name of the configuration attribute that holds the path to a backup
405       * directory.
406       */
407      public static final String ATTR_BACKUP_DIRECTORY_PATH =
408           NAME_PREFIX_BACKUP + "directory-path";
409    
410    
411    
412      /**
413       * The name of the configuration attribute that indicates whether a backup is
414       * encrypted.
415       */
416      public static final String ATTR_BACKUP_ENCRYPTED =
417           NAME_PREFIX_BACKUP + "encrypted";
418    
419    
420    
421      /**
422       * The name of the configuration attribute that holds the backup ID.
423       */
424      public static final String ATTR_BACKUP_ID = NAME_PREFIX_BACKUP + "id";
425    
426    
427    
428      /**
429       * The name of the configuration attribute that indicates whether a backup is
430       * an incremental backup.
431       */
432      public static final String ATTR_BACKUP_INCREMENTAL =
433           NAME_PREFIX_BACKUP + "incremental";
434    
435    
436    
437      /**
438       * The name of the configuration attribute that holds the signed hash for a
439       * backup.
440       */
441      public static final String ATTR_BACKUP_SIGNED_HASH =
442           NAME_PREFIX_BACKUP + "signed-hash";
443    
444    
445    
446      /**
447       * The name of the configuration attribute that holds the unsigned hash for a
448       * backup.
449       */
450      public static final String ATTR_BACKUP_UNSIGNED_HASH =
451           NAME_PREFIX_BACKUP + "unsigned-hash";
452    
453    
454    
455      /**
456       * The name of the configuration attribute that indicates whether simple binds
457       * containing a DN must also contain a password.
458       */
459      public static final String ATTR_BIND_WITH_DN_REQUIRES_PW =
460           "ds-cfg-bind-with-dn-requires-password";
461    
462    
463    
464      /**
465       * The default value for the bind with DN requires password configuration
466       * attribute.
467       */
468      public static final boolean DEFAULT_BIND_WITH_DN_REQUIRES_PW = true;
469    
470    
471    
472      /**
473       * The name of the configuration attribute that indicates whether an
474       * unauthenticated request should be rejected.
475       */
476      public static final String ATTR_REJECT_UNAUTHENTICATED_REQ =
477           "ds-cfg-reject-unauthenticated-requests";
478    
479    
480      /**
481       * The default value for the reject unauthenticated request attribute.
482       */
483      public static final boolean DEFAULT_REJECT_UNAUTHENTICATED_REQ = false;
484    
485    
486    
487      /**
488       * The name of the configuration attribute that holds the name of the
489       * attribute type that should be used when mapping a certificate fingerprint
490       * to a user entry.
491       */
492      public static final String ATTR_CERTIFICATE_FINGERPRINT_ATTR =
493           "ds-cfg-fingerprint-attribute";
494    
495    
496    
497      /**
498       * The name of the configuration attribute that holds the name of the
499       * algorithm that should be used to generate the certificate fingerprint.
500       */
501      public static final String ATTR_CERTIFICATE_FINGERPRINT_ALGORITHM =
502           "ds-cfg-fingerprint-algorithm";
503    
504    
505    
506      /**
507       * The name of the configuration attribute that holds the name of the
508       * attribute type that should be used when mapping a certificate subject to a
509       * user entry.
510       */
511      public static final String ATTR_CERTIFICATE_SUBJECT_ATTR =
512           "ds-cfg-subject-attribute";
513    
514    
515    
516      /**
517       * The name of the configuration attribute that holds the name of the
518       * attribute type that should be used when mapping attributes in a certificate
519       * subject to a user entry.
520       */
521      public static final String ATTR_CERTIFICATE_SUBJECT_ATTR_MAP =
522           "ds-cfg-subject-attribute-mapping";
523    
524    
525    
526      /**
527       * The name of the configuration attribute that holds the name of the
528       * attribute type that should be used when mapping a certificate subject to a
529       * user entry.
530       */
531      public static final String ATTR_CERTIFICATE_SUBJECT_BASEDN =
532           "ds-cfg-user-base-dn";
533    
534    
535    
536      /**
537       * The name of the configuration attribute that holds the fully-qualified name
538       * of the Java class for the certificate mapper implementation.
539       */
540      public static final String ATTR_CERTMAPPER_CLASS =
541           "ds-cfg-java-class";
542    
543    
544    
545      /**
546       * The name of the configuration attribute that holds the DN of a certificate
547       * mapper configuration entry.
548       */
549      public static final String ATTR_CERTMAPPER_DN =
550           "ds-cfg-certificate-mapper";
551    
552    
553    
554      /**
555       * The name of the configuration attribute that indicates whether the
556       * certificate mapper is enabled.
557       */
558      public static final String ATTR_CERTMAPPER_ENABLED =
559           "ds-cfg-enabled";
560    
561    
562    
563      /**
564       * The name of the configuration attribute that indicates whether schema
565       * checking should be enabled in the server.
566       */
567      public static final String ATTR_CHECK_SCHEMA =
568           "ds-cfg-check-schema";
569    
570    
571    
572      /**
573       * The name of the configuration attribute that specifies the manner in which
574       * SSL client certificates may be validated against certificates in the
575       * corresponding user's entry during SASL EXTERNAL authentication.
576       */
577      public static final String ATTR_CLIENT_CERT_VALIDATION_POLICY =
578           "ds-cfg-certificate-validation-policy";
579    
580    
581    
582      /**
583       * The name of the configuration attribute that holds the fully-qualified name
584       * of the Java class for the connection handler implementation.
585       */
586      public static final String ATTR_CONNECTION_HANDLER_CLASS =
587           "ds-cfg-java-class";
588    
589    
590    
591      /**
592       * The name of the configuration attribute that indicates whether a particular
593       * connection handler is enabled.
594       */
595      public static final String ATTR_CONNECTION_HANDLER_ENABLED =
596           "ds-cfg-enabled";
597    
598    
599    
600      /**
601       * The name of the configuration attribute that specifies the DN of the
602       * default password policy for the Directory Server.
603       */
604      public static final String ATTR_DEFAULT_PWPOLICY_DN =
605           "ds-cfg-default-password-policy";
606    
607    
608    
609      /**
610       * The name of the configuration attribute that specifies the set of
611       * privileges that root users should automatically be granted in the server.
612       */
613      public static final String ATTR_DEFAULT_ROOT_PRIVILEGE_NAME =
614           "ds-cfg-default-root-privilege-name";
615    
616    
617    
618      /**
619       * The name of the configuration attribute that indicates which clients
620       * should not be allowed to establish connections.
621       */
622      public static final String ATTR_DENIED_CLIENT =
623           "ds-cfg-denied-client";
624    
625    
626    
627      /**
628       * The name of the configuration attribute that specifies the realm that
629       * should be used for DIGEST-MD5 authentication.
630       */
631      public static final String ATTR_DIGESTMD5_REALM = "ds-cfg-realm";
632    
633    
634    
635      /**
636       * The name of the attribute that is used to hold the DIT content rule
637       * definitions in the server schema, formatted in camelCase.
638       */
639      public static final String ATTR_DIT_CONTENT_RULES = "dITContentRules";
640    
641    
642    
643      /**
644       * The name of the attribute that is used to hold the DIT content rule
645       * definitions in the server schema, formatted in all lowercase.
646       */
647      public static final String ATTR_DIT_CONTENT_RULES_LC = "ditcontentrules";
648    
649    
650    
651      /**
652       * The name of the attribute that is used to hold the DIT structure rule
653       * definitions in the server schema, formatted in camelCase.
654       */
655      public static final String ATTR_DIT_STRUCTURE_RULES = "dITStructureRules";
656    
657    
658    
659      /**
660       * The name of the attribute that is used to hold the DIT structure rule
661       * definitions in the server schema, formatted in all lowercase.
662       */
663      public static final String ATTR_DIT_STRUCTURE_RULES_LC = "ditstructurerules";
664    
665    
666    
667      /**
668       * The name of the configuration attribute that holds the fully-qualified name
669       * of the Java class for the entry cache implementation.
670       */
671      public static final String ATTR_ENTRYCACHE_CLASS =
672           "ds-cfg-java-class";
673    
674    
675    
676      /**
677       * The name of the configuration attribute that indicates whether the entry
678       * cache is enabled.
679       */
680      public static final String ATTR_ENTRYCACHE_ENABLED =
681           "ds-cfg-enabled";
682    
683    
684    
685      /**
686       * The name of the configuration attribute that holds the fully-qualified name
687       * for the extended operation handler class.
688       */
689      public static final String ATTR_EXTOP_CLASS =
690           "ds-cfg-java-class";
691    
692    
693    
694      /**
695       * The name of the configuration attribute that indicates whether an extended
696       * operation handler should be enabled.
697       */
698      public static final String ATTR_EXTOP_ENABLED =
699           "ds-cfg-enabled";
700    
701    
702    
703      /**
704       * The name of the configuration attribute that contains a set of search
705       * filters to use to determine which entries should be excluded from the
706       * cache.
707       */
708      public static final String ATTR_FIFOCACHE_EXCLUDE_FILTER =
709           "ds-cfg-exclude-filter";
710    
711    
712    
713      /**
714       * The name of the configuration attribute that contains a set of search
715       * filters to use to determine which entries should be included in the cache.
716       */
717      public static final String ATTR_FIFOCACHE_INCLUDE_FILTER =
718           "ds-cfg-include-filter";
719    
720    
721    
722      /**
723       * The name of the configuration attribute that indicates the maximum length
724       * of time in milliseconds to spend trying to acquire a lock for an entry in
725       * the cache.
726       */
727      public static final String ATTR_FIFOCACHE_LOCK_TIMEOUT =
728           "ds-cfg-lock-timeout";
729    
730    
731    
732      /**
733       * The default value for the entry cache lockout timeout that will be used if
734       * no other value is specified.
735       */
736      public static final long DEFAULT_FIFOCACHE_LOCK_TIMEOUT = 2000L;
737    
738    
739    
740      /**
741       * The name of the configuration attribute that indicates the maximum number
742       * of entries that the FIFO entry cache will be allowed to hold.
743       */
744      public static final String ATTR_FIFOCACHE_MAX_ENTRIES =
745           "ds-cfg-max-entries";
746    
747    
748    
749      /**
750       * The default value for the entry cache max entries that will be used if no
751       * other value is specified.
752       */
753      public static final long DEFAULT_FIFOCACHE_MAX_ENTRIES = Long.MAX_VALUE;
754    
755    
756    
757      /**
758       * The name of the configuration attribute that indicates the maximum
759       * percentage of available memory in the JVM that the FIFO entry cache will be
760       * allowed to consume.
761       */
762      public static final String ATTR_FIFOCACHE_MAX_MEMORY_PCT =
763           "ds-cfg-max-memory-percent";
764    
765    
766    
767      /**
768       * The default value for the entry cache max memory percent that will be used
769       * if no other value is specified.
770       */
771      public static final int DEFAULT_FIFOCACHE_MAX_MEMORY_PCT = 90;
772    
773    
774      /**
775       * The name of the configuration attribute that contains a set of search
776       * filters to use to determine which entries should be excluded from the
777       * cache.
778       */
779      public static final String ATTR_FSCACHE_EXCLUDE_FILTER =
780           "ds-cfg-exclude-filter";
781    
782      /**
783       * The name of the configuration attribute that contains a set of search
784       * filters to use to determine which entries should be included in the cache.
785       */
786      public static final String ATTR_FSCACHE_INCLUDE_FILTER =
787           "ds-cfg-include-filter";
788    
789      /**
790       * The name of the configuration attribute that indicates the maximum length
791       * of time in milliseconds to spend trying to acquire a lock for an entry in
792       * the cache.
793       */
794      public static final String ATTR_FSCACHE_LOCK_TIMEOUT =
795           "ds-cfg-lock-timeout";
796    
797      /**
798       * The default value for the entry cache lockout timeout that will be used if
799       * no other value is specified.
800       */
801      public static final long DEFAULT_FSCACHE_LOCK_TIMEOUT = 2000L;
802    
803      /**
804       * The name of the configuration attribute that indicates the maximum number
805       * of entries that the FIFO entry cache will be allowed to hold.
806       */
807      public static final String ATTR_FSCACHE_MAX_ENTRIES =
808           "ds-cfg-max-entries";
809    
810      /**
811       * The default value for the entry cache max entries that will be used if no
812       * other value is specified.
813       */
814      public static final long DEFAULT_FSCACHE_MAX_ENTRIES = Long.MAX_VALUE;
815    
816      /**
817       * The name of the configuration attribute that indicates the maximum
818       * memory size of the FS entry cache.
819       */
820      public static final String ATTR_FSCACHE_MAX_MEMORY_SIZE =
821           "ds-cfg-max-memory-size";
822    
823      /**
824       * The name of the configuration attribute that specifies the entry cache JE
825       * environment home.
826       */
827      public static final String ATTR_FSCACHE_HOME =
828          "ds-cfg-cache-directory";
829    
830      /**
831       * The default value for the entry cache JE environment home that will be used
832       * if no other value is specified.
833       */
834      public static final String DEFAULT_FSCACHE_HOME = "/tmp/OpenDS.FSCache";
835    
836      /**
837       * The name of the configuration attribute that indicates the maximum
838       * available space in bytes in the file system that JE cache will be
839       * allowed to consume.
840       */
841      public static final String ATTR_FSCACHE_JE_CACHE_SIZE =
842           "ds-cfg-db-cache-size";
843    
844      /**
845       * The default value for the JE cache size in bytes that will be used
846       * if no other value is specified.
847       */
848      public static final long DEFAULT_FSCACHE_JE_CACHE_SIZE = 0;
849    
850      /**
851       * The name of the configuration attribute that indicates the maximum
852       * available memory percent that JE cache can consume.
853       */
854      public static final String ATTR_FSCACHE_JE_CACHE_PCT =
855           "ds-cfg-db-cache-percent";
856    
857      /**
858       * The default value for the JE cache size percent that will be used
859       * if no other value is specified.
860       */
861      public static final int DEFAULT_FSCACHE_JE_CACHE_PCT = 0;
862    
863      /**
864       * The name of the configuration attribute that indicates whether
865       * file system entry cache is configured as persistent or not.
866       */
867      public static final String ATTR_FSCACHE_IS_PERSISTENT =
868           "ds-cfg-persistent-cache";
869    
870      /**
871       * The default value to indicate whether the cache is persistent or not.
872       */
873      public static final boolean DEFAULT_FSCACHE_IS_PERSISTENT = false;
874    
875      /**
876       * The default value to indicate which cache type to use.
877       */
878      public static final String DEFAULT_FSCACHE_TYPE = "FIFO";
879    
880      /**
881       * The name of the configuration attribute that indicates which
882       * cache type will be used.
883       */
884      public static final String ATTR_FSCACHE_TYPE =
885           "ds-cfg-cache-type";
886    
887      /**
888       * The name of the configuration attribute that specifies the fully-qualified
889       * class name for a group implementation.
890       */
891      public static final String ATTR_GROUP_IMPLEMENTATION_CLASS =
892           "ds-cfg-java-class";
893    
894    
895    
896      /**
897       * The name of the configuration attribute that indicates whether a group
898       * implementation should be enabled for use in the server.
899       */
900      public static final String ATTR_GROUP_IMPLEMENTATION_ENABLED =
901           "ds-cfg-enabled";
902    
903    
904    
905      /**
906       * The name of the configuration attribute that holds the address of the KDC
907       * to use when processing SASL GSSAPI binds.
908       */
909      public static final String ATTR_GSSAPI_KDC = "ds-cfg-kdc-address";
910    
911    
912    
913      /**
914       * The name of the configuration attribute that holds the path to the Kerberos
915       * keytab file to use when processing SASL GSSAPI binds.
916       */
917      public static final String ATTR_GSSAPI_KEYTAB_FILE =
918           "ds-cfg-keytab";
919    
920    
921    
922      /**
923       * The name of the configuration attribute that holds the default Kerberos
924       * realm to use when processing SASL GSSAPI binds.
925       */
926      public static final String ATTR_GSSAPI_REALM = "ds-cfg-realm";
927    
928    
929    
930      /**
931       * The name of the configuration attribute that holds the fully-qualified name
932       * of an identity mapper class.
933       */
934      public static final String ATTR_IDMAPPER_CLASS =
935           "ds-cfg-java-class";
936    
937    
938    
939      /**
940       * The name of the configuration attribute that holds the DN of an identity
941       * mapper configuration entry.
942       */
943      public static final String ATTR_IDMAPPER_DN =
944           "ds-cfg-identity-mapper";
945    
946    
947    
948      /**
949       * The name of the configuration attribute that indicates whether an identity
950       * mapper is enabled.
951       */
952      public static final String ATTR_IDMAPPER_ENABLED =
953           "ds-cfg-enabled";
954    
955    
956    
957      /**
958       * The name of the configuration attribute that defines the behavior that the
959       * server should use when a value is encountered that does not conform to the
960       * associated attribute syntax.
961       */
962      public static final String ATTR_INVALID_SYNTAX_BEHAVIOR =
963           "ds-cfg-invalid-attribute-syntax-behavior";
964    
965    
966    
967      /**
968       * The name of the configuration attribute that defines the behavior that the
969       * server should use when an entry is encountered that does not contain
970       * exactly one structural objectclass.
971       */
972      public static final String ATTR_SINGLE_STRUCTURAL_CLASS_BEHAVIOR =
973           "ds-cfg-single-structural-objectclass-behavior";
974    
975    
976    
977      /**
978       * The name of the configuration attribute that holds the set of attribute
979       * syntax definitions in the server schema, formatted in camelCase.
980       */
981      public static final String ATTR_LDAP_SYNTAXES = "ldapSyntaxes";
982    
983    
984    
985      /**
986       * The name of the configuration attribute that holds the set of attribute
987       * syntax definitions in the server schema, formatted in all lowercase.
988       */
989      public static final String ATTR_LDAP_SYNTAXES_LC = "ldapsyntaxes";
990    
991    
992    
993      /**
994       * The name of the configuration attribute that indicates whether the LDAP
995       * connection handler should keep statistical information.
996       */
997      public static final String ATTR_KEEP_LDAP_STATS =
998           "ds-cfg-keep-stats";
999    
1000    
1001    
1002      /**
1003       * Indicates whether the LDAP connection handler should keep statistical
1004       * information by default.
1005       */
1006      public static final boolean DEFAULT_KEEP_LDAP_STATS = true;
1007    
1008    
1009    
1010      /**
1011       * The name of the configuration attribute that specifies the fully-qualified
1012       * name of the class to use as the key manager provider.
1013       */
1014      public static final String ATTR_KEYMANAGER_CLASS =
1015           "ds-cfg-java-class";
1016    
1017    
1018    
1019      /**
1020       * The name of the configuration attribute that specifies the DN of the
1021       * configuration entry for the key manager provider.
1022       */
1023      public static final String ATTR_KEYMANAGER_DN =
1024           "ds-cfg-key-manager-provider";
1025    
1026    
1027    
1028      /**
1029       * The name of the configuration attribute that indicates whether the key
1030       * manager provider should be enabled.
1031       */
1032      public static final String ATTR_KEYMANAGER_ENABLED =
1033           "ds-cfg-enabled";
1034    
1035    
1036    
1037      /**
1038       * The name of the configuration attribute that specifies the path to the
1039       * keystore file.
1040       */
1041      public static final String ATTR_KEYSTORE_FILE =
1042           "ds-cfg-key-store-file";
1043    
1044    
1045    
1046      /**
1047       * The name of the configuration attribute that specifies the PIN needed to
1048       * access the keystore.
1049       */
1050      public static final String ATTR_KEYSTORE_PIN =
1051           "ds-cfg-key-store-pin";
1052    
1053    
1054    
1055      /**
1056       * The name of the configuration attribute that specifies the name of the
1057       * environment variable containing the PIN needed to access the keystore.
1058       */
1059      public static final String ATTR_KEYSTORE_PIN_ENVAR =
1060           "ds-cfg-key-store-pin-environment-variable";
1061    
1062    
1063    
1064      /**
1065       * The name of the configuration attribute that specifies the path to the file
1066       * containing the PIN needed to access the keystore.
1067       */
1068      public static final String ATTR_KEYSTORE_PIN_FILE =
1069           "ds-cfg-key-store-pin-file";
1070    
1071    
1072    
1073      /**
1074       * The name of the configuration attribute that specifies the name of the Java
1075       * property containing the PIN needed to access the keystore.
1076       */
1077      public static final String ATTR_KEYSTORE_PIN_PROPERTY =
1078      "ds-cfg-key-store-pin-property";
1079    
1080    
1081    
1082      /**
1083       * The name of the configuration attribute that specifies the format of the
1084       * data in the keystore file.
1085       */
1086      public static final String ATTR_KEYSTORE_TYPE =
1087           "ds-cfg-key-store-type";
1088    
1089    
1090    
1091      /**
1092       * The name of the configuration attribute that specifies the fully-qualified
1093       * name of the class to use as the trust manager provider.
1094       */
1095      public static final String ATTR_TRUSTMANAGER_CLASS =
1096           "ds-cfg-java-class";
1097    
1098    
1099    
1100      /**
1101       * The name of the configuration attribute that specifies the DN of the
1102       * configuration entry for the trust manager provider.
1103       */
1104      public static final String ATTR_TRUSTMANAGER_DN =
1105           "ds-cfg-trust-manager-provider";
1106    
1107    
1108    
1109      /**
1110       * The name of the configuration attribute that indicates whether the trust
1111       * manager provider should be enabled.
1112       */
1113      public static final String ATTR_TRUSTMANAGER_ENABLED =
1114           "ds-cfg-enabled";
1115    
1116    
1117    
1118      /**
1119       * The name of the configuration attribute that specifies the path to the
1120       * trust store file.
1121       */
1122      public static final String ATTR_TRUSTSTORE_FILE =
1123           "ds-cfg-trust-store-file";
1124    
1125    
1126    
1127      /**
1128       * The name of the configuration attribute that specifies the PIN needed to
1129       * access the trust store.
1130       */
1131      public static final String ATTR_TRUSTSTORE_PIN =
1132           "ds-cfg-trust-store-pin";
1133    
1134    
1135    
1136      /**
1137       * The name of the configuration attribute that specifies the name of the
1138       * environment variable containing the PIN needed to access the trust store.
1139       */
1140      public static final String ATTR_TRUSTSTORE_PIN_ENVAR =
1141           "ds-cfg-trust-store-pin-environment-variable";
1142    
1143    
1144    
1145      /**
1146       * The name of the configuration attribute that specifies the path to the file
1147       * containing the PIN needed to access the trust store.
1148       */
1149      public static final String ATTR_TRUSTSTORE_PIN_FILE =
1150           "ds-cfg-trust-store-pin-file";
1151    
1152    
1153    
1154      /**
1155       * The name of the configuration attribute that specifies the name of the Java
1156       * property containing the PIN needed to access the trust store.
1157       */
1158      public static final String ATTR_TRUSTSTORE_PIN_PROPERTY =
1159           "ds-cfg-trust-store-pin-property";
1160    
1161    
1162    
1163      /**
1164       * The name of the configuration attribute that specifies the format of the
1165       * data in the trust store file.
1166       */
1167      public static final String ATTR_TRUSTSTORE_TYPE =
1168           "ds-cfg-trust-store-type";
1169    
1170    
1171    
1172      /**
1173       * The name of the configuration attribute that specifies the address or set
1174       * of addresses on which a connection handler should listen.
1175       */
1176      public static final String ATTR_LISTEN_ADDRESS =
1177           "ds-cfg-listen-address";
1178    
1179    
1180    
1181      /**
1182       * The name of the configuration attribute that specifies the port or set of
1183       * ports on which a connection handler should listen.
1184       */
1185      public static final String ATTR_LISTEN_PORT = "ds-cfg-listen-port";
1186    
1187      /**
1188       * The attribute that specifies if internal operations should be logged
1189       * or not.
1190       */
1191      public static final String ATTR_LOGGER_SUPPRESS_INTERNAL_OPERATIONS =
1192           "ds-cfg-suppress-internal-operations";
1193    
1194    
1195      /**
1196       * The policy type for rotating log files.
1197       */
1198      public static final String ATTR_LOGGER_ROTATION_POLICY =
1199           "ds-cfg-rotation-policy";
1200    
1201      /**
1202       * The policy type for retaining log files.
1203       */
1204      public static final String ATTR_LOGGER_RETENTION_POLICY =
1205           "ds-cfg-retention-policy";
1206    
1207      /**
1208       * The number of files to retain attribute type.
1209       */
1210      public static final String ATTR_LOGGER_RETENTION_NUMBER_OF_FILES =
1211           "ds-cfg-number-of-files";
1212    
1213      /**
1214       * The disk space used attribute.
1215       */
1216      public static final String ATTR_LOGGER_RETENTION_DISK_SPACE_USED =
1217           "ds-cfg-disk-space-used";
1218    
1219      /**
1220       * The free disk space attribute.
1221       */
1222      public static final String ATTR_LOGGER_RETENTION_FREE_DISK_SPACE =
1223           "ds-cfg-free-disk-space";
1224    
1225    
1226      /**
1227       * The size limit for the size based rotation policy.
1228       */
1229      public static final String ATTR_LOGGER_ROTATION_SIZE_LIMIT =
1230           "ds-cfg-size-limit";
1231    
1232    
1233      /**
1234       * The time of day for the time of day based rotation policy.
1235       */
1236      public static final String ATTR_LOGGER_ROTATION_TIME_OF_DAY =
1237           "ds-cfg-time-of-day";
1238    
1239    
1240    
1241      /**
1242       * The action to be taken at the time of rotation.
1243       */
1244      public static final String ATTR_LOGGER_ROTATION_ACTION =
1245           "ds-cfg-rotation-action";
1246    
1247    
1248      /**
1249       * The time interval for the logger thread to sleep.
1250       */
1251      public static final String ATTR_LOGGER_THREAD_INTERVAL =
1252           "ds-cfg-time-interval";
1253    
1254    
1255      /**
1256       * The time interval for the logger thread to sleep.
1257       */
1258      public static final String ATTR_LOGGER_BUFFER_SIZE =
1259           "ds-cfg-buffer-size";
1260    
1261    
1262    
1263      /**
1264       * The name of the configuration attribute that holds the fully-qualified name
1265       * for the logger class.
1266       */
1267      public static final String ATTR_LOGGER_CLASS =
1268           "ds-cfg-java-class";
1269    
1270    
1271    
1272      /**
1273       * The name of the configuration attribute that indicates whether a Directory
1274       * Server logger should be enabled.
1275       */
1276      public static final String ATTR_LOGGER_ENABLED =
1277           "ds-cfg-enabled";
1278    
1279    
1280    
1281      /**
1282       * The name of the configuration attribute that specifies the attribute or set
1283       * of attributes that should be used when attempting to map an ID string to
1284       * a user entry.
1285       */
1286      public static final String ATTR_MATCH_ATTRIBUTE =
1287           "ds-cfg-match-attribute";
1288    
1289    
1290    
1291      /**
1292       * The name of the configuration attribute that specifies the base DN(s) that
1293       * should be used when attempting to map an ID string to a user entry.
1294       */
1295      public static final String ATTR_MATCH_BASE =
1296           "ds-cfg-match-base-dn";
1297    
1298    
1299    
1300      /**
1301       * The name of the configuration attribute that holds the set of matching rule
1302       * definitions in the server schema, formatted in camelCase.
1303       */
1304      public static final String ATTR_MATCHING_RULES = "matchingRules";
1305    
1306    
1307    
1308      /**
1309       * The name of the configuration attribute that holds the set of matching rule
1310       * definitions in the server schema, formatted in all lowercase.
1311       */
1312      public static final String ATTR_MATCHING_RULES_LC = "matchingrules";
1313    
1314    
1315    
1316      /**
1317       * The name of the configuration attribute that holds the set of matching rule
1318       * use definitions in the server schema, formatted in camelCase.
1319       */
1320      public static final String ATTR_MATCHING_RULE_USE = "matchingRuleUse";
1321    
1322    
1323    
1324      /**
1325       * The name of the configuration attribute that holds the set of matching rule
1326       * use definitions in the server schema, formatted in all lowercase.
1327       */
1328      public static final String ATTR_MATCHING_RULE_USE_LC = "matchingruleuse";
1329    
1330    
1331    
1332      /**
1333       * The default maximum request size that should be used if none is specified
1334       * in the configuration.
1335       */
1336      public static final int DEFAULT_MAX_REQUEST_SIZE = (5 * 1024 * 1024); // 5 MB
1337    
1338    
1339    
1340      /**
1341       * The name of the configuration attribute that specifies the fully-qualified
1342       * name of the Java class that defines a Directory Server matching rule.
1343       */
1344      public static final String ATTR_MATCHING_RULE_CLASS =
1345           "ds-cfg-java-class";
1346    
1347    
1348    
1349      /**
1350       * The name of the configuration attribute that indicates whether a matching
1351       * rule should be enabled.
1352       */
1353      public static final String ATTR_MATCHING_RULE_ENABLED =
1354           "ds-cfg-enabled";
1355    
1356    
1357    
1358      /**
1359       * The name of the configuration attribute that indicates the maximum number
1360       * of client connections that may be established at any given time.
1361       */
1362      public static final String ATTR_MAX_ALLOWED_CONNS =
1363           "ds-cfg-max-allowed-client-connections";
1364    
1365    
1366    
1367      /**
1368       * The name of the configuration attribute that indicates the maximum allowed
1369       * size of a request in bytes.
1370       */
1371      public static final String ATTR_MAX_REQUEST_SIZE =
1372           "ds-cfg-max-request-size";
1373    
1374    
1375    
1376      /**
1377       * The name of the configuration attribute that indicates the maximum number
1378       * of pending operations that may be in the work queue at any given time.
1379       */
1380      public static final String ATTR_MAX_WORK_QUEUE_CAPACITY =
1381           "ds-cfg-max-work-queue-capacity";
1382    
1383    
1384    
1385      /**
1386       * The default maximum capacity that should be used for the work queue if none
1387       * is specified in the configuration.
1388       */
1389      public static final int DEFAULT_MAX_WORK_QUEUE_CAPACITY = 0;
1390    
1391    
1392    
1393      /**
1394       * The name of the configuration attribute that holds the fully-qualified name
1395       * for the monitor provider class.
1396       */
1397      public static final String ATTR_MONITOR_CLASS =
1398           "ds-cfg-java-class";
1399    
1400    
1401    
1402      /**
1403       * The name of the configuration attribute that indicates whether a monitor
1404       * provider should be enabled.
1405       */
1406      public static final String ATTR_MONITOR_ENABLED =
1407           "ds-cfg-enabled";
1408    
1409    
1410    
1411      /**
1412       * The name of the attribute that is used to hold the name form definitions in
1413       * the server schema, formatted in camelCase.
1414       */
1415      public static final String ATTR_NAME_FORMS = "nameForms";
1416    
1417    
1418    
1419      /**
1420       * The name of the attribute that is used to hold the name form definitions in
1421       * the server schema, formatted in all lowercase.
1422       */
1423      public static final String ATTR_NAME_FORMS_LC = "nameforms";
1424    
1425    
1426    
1427      /**
1428       * The name of the configuration attribute that indicates whether to send a
1429       * response to operations that have been abandoned.
1430       */
1431      public static final String ATTR_NOTIFY_ABANDONED_OPS =
1432           "ds-cfg-notify-abandoned-operations";
1433    
1434    
1435    
1436      /**
1437       * The name of the configuration attribute that indicates the number of
1438       * request handlers that should be used to read requests from clients.
1439       */
1440      public static final String ATTR_NUM_REQUEST_HANDLERS =
1441           "ds-cfg-num-request-handlers";
1442    
1443    
1444    
1445      /**
1446       * The default number of request handler threads to use if it is not specified
1447       * in the configuration.
1448       */
1449      public static final int DEFAULT_NUM_REQUEST_HANDLERS = 1;
1450    
1451    
1452    
1453      /**
1454       * The name of the configuration attribute that indicates the number of worker
1455       * threads that should be used to process requests.
1456       */
1457      public static final String ATTR_NUM_WORKER_THREADS =
1458           "ds-cfg-num-worker-threads";
1459    
1460    
1461    
1462      /**
1463       * The default number of worker threads that should be used if no value is
1464       * specified in the configuration.
1465       */
1466      public static final int DEFAULT_NUM_WORKER_THREADS = 24;
1467    
1468    
1469    
1470      /**
1471       * The name of the standard attribute that holds the objectclass values for
1472       * the entry, formatted in camelCase.
1473       */
1474      public static final String ATTR_OBJECTCLASS = "objectClass";
1475    
1476    
1477    
1478      /**
1479       * The name of the configuration attribute that holds the set of objectclass
1480       * definitions in the server schema, formatted in camelCase.
1481       */
1482      public static final String ATTR_OBJECTCLASSES = "objectClasses";
1483    
1484    
1485    
1486      /**
1487       * The name of the configuration attribute that holds the set of objectclass
1488       * definitions in the server schema, formatted in all lowercase.
1489       */
1490      public static final String ATTR_OBJECTCLASSES_LC = "objectclasses";
1491    
1492    
1493    
1494      /**
1495       * The name of the configuration attribute that specifies a character set that
1496       * can be used with a password.
1497       */
1498      public static final String ATTR_PASSWORD_CHARSET =
1499           "ds-cfg-password-character-set";
1500    
1501    
1502    
1503      /**
1504       * The name of the configuration attribute that specifies the format that
1505       * should be used for generating a password.
1506       */
1507      public static final String ATTR_PASSWORD_FORMAT =
1508           "ds-cfg-password-format";
1509    
1510    
1511    
1512      /**
1513       * The name of the configuration attribute that specifies the maximum allowed
1514       * length for a password.
1515       */
1516      public static final String ATTR_PASSWORD_MAX_LENGTH =
1517           "ds-cfg-max-password-length";
1518    
1519    
1520    
1521      /**
1522       * The name of the configuration attribute that specifies the minimum allowed
1523       * length for a password.
1524       */
1525      public static final String ATTR_PASSWORD_MIN_LENGTH =
1526           "ds-cfg-min-password-length";
1527    
1528      /**
1529       * The name of the configuration attribute that specifies the minimum allowed
1530       * difference for a password.
1531       */
1532      public static final String ATTR_PASSWORD_MIN_DIFFERENCE =
1533           "ds-cfg-min-password-difference";
1534    
1535    
1536      /**
1537       * The name of the configuration attribute that holds the fully-qualified name
1538       * of the Java class for a plugin implementation.
1539       */
1540      public static final String ATTR_PLUGIN_CLASS =
1541           "ds-cfg-java-class";
1542    
1543    
1544    
1545      /**
1546       * The name of the configuration attribute that indicates whether a particular
1547       * plugin is enabled.
1548       */
1549      public static final String ATTR_PLUGIN_ENABLED =
1550           "ds-cfg-enabled";
1551    
1552    
1553    
1554      /**
1555       * The name of the configuration attribute that indicates the ways in which a
1556       * plugin will be used.
1557       */
1558      public static final String ATTR_PLUGIN_TYPE =
1559           "ds-cfg-plugin-type";
1560    
1561    
1562    
1563      /**
1564       * The name of the configuration attribute that may be modified in order to
1565       * cause the profiler to take some action (e.g., starting or stopping
1566       * collection).
1567       */
1568      public static final String ATTR_PROFILE_ACTION =
1569          "ds-cfg-profile-action";
1570    
1571    
1572    
1573      /**
1574       * The name of the configuration attribute that indicates whether the
1575       * Directory Server profiler plugin should be automatically enabled when the
1576       * server is starting.
1577       */
1578      public static final String ATTR_PROFILE_AUTOSTART =
1579           "ds-cfg-enable-profiling-on-startup";
1580    
1581    
1582    
1583      /**
1584       * The name of the configuration attribute that holds the path to the
1585       * directory into which profile information will be written.
1586       */
1587      public static final String ATTR_PROFILE_DIR =
1588           "ds-cfg-profile-directory";
1589    
1590    
1591    
1592      /**
1593       * The name of the configuration attribute that holds the profile sample
1594       * interval in milliseconds.
1595       */
1596      public static final String ATTR_PROFILE_INTERVAL =
1597           "ds-cfg-profile-sample-interval";
1598    
1599    
1600    
1601      /**
1602       * The default sample interval in milliseconds to use when profiling if no
1603       * other value is specified.
1604       */
1605      public static final long DEFAULT_PROFILE_INTERVAL = 10;
1606    
1607    
1608    
1609      /**
1610       * The name of the read-only configuration attribute that holds the current
1611       * state of the profiler.
1612       */
1613      public static final String ATTR_PROFILE_STATE =
1614           "ds-cfg-profiler-state";
1615    
1616    
1617    
1618      /**
1619       * The name of the configuration attribute that holds the DN of the identity
1620       * mapper configuration entry for use with the proxied authorization V2
1621       * control.
1622       */
1623      public static final String ATTR_PROXY_MAPPER_DN =
1624           "ds-cfg-proxied-authorization-identity-mapper";
1625    
1626    
1627    
1628      /**
1629       * The name of the configuration attribute that holds the fully-qualified name
1630       * for the password generator class.
1631       */
1632      public static final String ATTR_PWGENERATOR_CLASS =
1633           "ds-cfg-java-class";
1634    
1635    
1636    
1637      /**
1638       * The name of the configuration attribute that indicates whether a password
1639       * generator is enabled.
1640       */
1641      public static final String ATTR_PWGENERATOR_ENABLED =
1642           "ds-cfg-enabled";
1643    
1644    
1645    
1646      /**
1647       * The name of the configuration attribute that indicates whether a user will
1648       * be allowed to change their password even if it is expired.
1649       */
1650      public static final String ATTR_PWPOLICY_ALLOW_EXPIRED_CHANGES =
1651           "ds-cfg-allow-expired-password-changes";
1652    
1653    
1654    
1655      /**
1656       * The default value for the allowExpiredPasswordChanges configuration
1657       * attribute.
1658       */
1659      public static final boolean DEFAULT_PWPOLICY_ALLOW_EXPIRED_CHANGES = false;
1660    
1661    
1662    
1663      /**
1664       * The name of the configuration attribute that indicates whether a user may
1665       * provide a pre-encoded password.
1666       */
1667      public static final String ATTR_PWPOLICY_ALLOW_PRE_ENCODED_PASSWORDS =
1668           "ds-cfg-allow-pre-encoded-passwords";
1669    
1670    
1671    
1672      /**
1673       * The default value for the allowPreEncodedPasswords configuration attribute.
1674       */
1675      public static final boolean DEFAULT_PWPOLICY_ALLOW_PRE_ENCODED_PASSWORDS =
1676           false;
1677    
1678    
1679    
1680      /**
1681       * The name of the configuration attribute that indicates whether user entries
1682       * will be allowed to have multiple values for the password attribute.
1683       */
1684      public static final String ATTR_PWPOLICY_ALLOW_MULTIPLE_PW_VALUES =
1685           "ds-cfg-allow-multiple-password-values";
1686    
1687    
1688    
1689      /**
1690       * The default value for the allowMultiplePasswordValues configuration
1691       * attribute.
1692       */
1693      public static final boolean DEFAULT_PWPOLICY_ALLOW_MULTIPLE_PW_VALUES = false;
1694    
1695    
1696    
1697      /**
1698       * The name of the configuration attribute that indicates whether users will
1699       * be allowed to change their own passwords.
1700       */
1701      public static final String ATTR_PWPOLICY_ALLOW_USER_CHANGE =
1702           "ds-cfg-allow-user-password-changes";
1703    
1704    
1705    
1706      /**
1707       * The default value for the allowUserPasswordChanges configuration attribute.
1708       */
1709      public static final boolean DEFAULT_PWPOLICY_ALLOW_USER_CHANGE = true;
1710    
1711    
1712    
1713      /**
1714       * The name of the configuration attribute that specifies the default password
1715       * storage schemes for a password policy.
1716       */
1717      public static final String ATTR_PWPOLICY_DEFAULT_SCHEME =
1718           "ds-cfg-default-password-storage-scheme";
1719    
1720    
1721    
1722      /**
1723       * The name of the configuration attribute that indicates whether a user
1724       * password will be allowed to expire even if they have not yet seen a warning
1725       * notification.
1726       */
1727      public static final String ATTR_PWPOLICY_EXPIRE_WITHOUT_WARNING =
1728           "ds-cfg-expire-passwords-without-warning";
1729    
1730    
1731    
1732      /**
1733       * The default value for the expirePasswordsWithoutWarning configuration
1734       * attribute.
1735       */
1736      public static final boolean DEFAULT_PWPOLICY_EXPIRE_WITHOUT_WARNING = false;
1737    
1738    
1739    
1740      /**
1741       * The name of the configuration attribute that indicates whether a user must
1742       * change their password upon first authenticating after their account is
1743       * created.
1744       */
1745      public static final String ATTR_PWPOLICY_FORCE_CHANGE_ON_ADD =
1746           "ds-cfg-force-change-on-add";
1747    
1748    
1749    
1750      /**
1751       * The default value for the forceChangeOnAdd configuration attribute.
1752       */
1753      public static final boolean DEFAULT_PWPOLICY_FORCE_CHANGE_ON_ADD = false;
1754    
1755    
1756    
1757      /**
1758       * The name of the configuration attribute that indicates whether a user must
1759       * change their password after it is reset by an administrator.
1760       */
1761      public static final String ATTR_PWPOLICY_FORCE_CHANGE_ON_RESET =
1762           "ds-cfg-force-change-on-reset";
1763    
1764    
1765    
1766      /**
1767       * The default value for the forceChangeOnReset configuration attribute.
1768       */
1769      public static final boolean DEFAULT_PWPOLICY_FORCE_CHANGE_ON_RESET = false;
1770    
1771    
1772    
1773      /**
1774       * The name of the configuration attribute that specifies the number of fixed
1775       * grace login attempts that a user will have.
1776       */
1777      public static final String ATTR_PWPOLICY_GRACE_LOGIN_COUNT =
1778           "ds-cfg-grace-login-count";
1779    
1780    
1781    
1782      /**
1783       * The default value for the graceLoginCount configuration attribute.
1784       */
1785      public static final int DEFAULT_PWPOLICY_GRACE_LOGIN_COUNT = 0;
1786    
1787    
1788    
1789      /**
1790       * The default value for the password history count configuration attribute.
1791       */
1792      public static final int DEFAULT_PWPOLICY_HISTORY_COUNT = 0;
1793    
1794    
1795    
1796      /**
1797       * The default value for the password history duration configuration
1798       * attribute, in seconds.
1799       */
1800      public static final int DEFAULT_PWPOLICY_HISTORY_DURATION = 0;
1801    
1802    
1803    
1804      /**
1805       * The name of the configuration attribute that specifies the maximum length
1806       * of time an account may remain idle.
1807       */
1808      public static final String ATTR_PWPOLICY_IDLE_LOCKOUT_INTERVAL =
1809           "ds-cfg-idle-lockout-interval";
1810    
1811    
1812    
1813      /**
1814       * The default value for the idleLockoutInterval configuration attribute.
1815       */
1816      public static final int DEFAULT_PWPOLICY_IDLE_LOCKOUT_INTERVAL = 0;
1817    
1818    
1819    
1820      /**
1821       * The name of the configuration attribute that specifies the attribute used
1822       * to hold the last login time.
1823       */
1824      public static final String ATTR_PWPOLICY_LAST_LOGIN_TIME_ATTRIBUTE =
1825           "ds-cfg-last-login-time-attribute";
1826    
1827    
1828    
1829      /**
1830       * The name of the configuration attribute that specifies the format string
1831       * used to generate the last login time.
1832       */
1833      public static final String ATTR_PWPOLICY_LAST_LOGIN_TIME_FORMAT =
1834           "ds-cfg-last-login-time-format";
1835    
1836    
1837    
1838      /**
1839       * The name of the configuration attribute that specifies the length of time
1840       * that a user will remain locked out.
1841       */
1842      public static final String ATTR_PWPOLICY_LOCKOUT_DURATION =
1843           "ds-cfg-lockout-duration";
1844    
1845    
1846    
1847      /**
1848       * The default value for the lockoutDuration configuration attribute.
1849       */
1850      public static final int DEFAULT_PWPOLICY_LOCKOUT_DURATION = 0;
1851    
1852    
1853    
1854      /**
1855       * The name of the configuration attribute that specifies the number of
1856       * authentication failures required to lock out a user account.
1857       */
1858      public static final String ATTR_PWPOLICY_LOCKOUT_FAILURE_COUNT =
1859           "ds-cfg-lockout-failure-count";
1860    
1861    
1862    
1863      /**
1864       * The default value for the lockoutFailureCount configuration attribute.
1865       */
1866      public static final int DEFAULT_PWPOLICY_LOCKOUT_FAILURE_COUNT = 0;
1867    
1868    
1869    
1870      /**
1871       * The name of the configuration attribute that specifies the length of time
1872       * in seconds that an authentication failure will be counted against a user
1873       * for lockout purposes.
1874       */
1875      public static final String ATTR_PWPOLICY_LOCKOUT_FAILURE_EXPIRATION_INTERVAL =
1876           "ds-cfg-lockout-failure-expiration-interval";
1877    
1878    
1879    
1880      /**
1881       * The default value for the lockoutFailureExpirationInterval configuration
1882       * attribute.
1883       */
1884      public static final int DEFAULT_PWPOLICY_LOCKOUT_FAILURE_EXPIRATION_INTERVAL =
1885           0;
1886    
1887    
1888    
1889      /**
1890       * The name of the configuration attribute that specifies the maximum length
1891       * of time allowed between password changes.
1892       */
1893      public static final String ATTR_PWPOLICY_MAXIMUM_PASSWORD_AGE =
1894           "ds-cfg-max-password-age";
1895    
1896    
1897    
1898      /**
1899       * The default value for the maximumPasswordAge configuration attribute.
1900       */
1901      public static final int DEFAULT_PWPOLICY_MAXIMUM_PASSWORD_AGE = 0;
1902    
1903    
1904    
1905      /**
1906       * The name of the configuration attribute that specifies the maximum length
1907       * of time that a user has to change their password after it has been
1908       * administratively reset.
1909       */
1910      public static final String ATTR_PWPOLICY_MAXIMUM_PASSWORD_RESET_AGE =
1911           "ds-cfg-max-password-reset-age";
1912    
1913    
1914    
1915      /**
1916       * The default value for the maximumPasswordResetAge configuration attribute.
1917       */
1918      public static final int DEFAULT_PWPOLICY_MAXIMUM_PASSWORD_RESET_AGE = 0;
1919    
1920    
1921    
1922      /**
1923       * The name of the configuration attribute that specifies the minimum length
1924       * of time allowed between password changes.
1925       */
1926      public static final String ATTR_PWPOLICY_MINIMUM_PASSWORD_AGE =
1927           "ds-cfg-min-password-age";
1928    
1929    
1930    
1931      /**
1932       * The default value for the minimumPasswordAge configuration attribute.
1933       */
1934      public static final int DEFAULT_PWPOLICY_MINIMUM_PASSWORD_AGE = 0;
1935    
1936    
1937    
1938      /**
1939       * The name of the configuration attribute that specifies the DN(s) of the
1940       * configuration entries for the account status notification handlers for use
1941       * with the password policy.
1942       */
1943      public static final String ATTR_PWPOLICY_NOTIFICATION_HANDLER =
1944           "ds-cfg-account-status-notification-handler";
1945    
1946    
1947    
1948      /**
1949       * The name of the configuration attribute that specifies the attribute used
1950       * to hold user passwords.
1951       */
1952      public static final String ATTR_PWPOLICY_PASSWORD_ATTRIBUTE =
1953           "ds-cfg-password-attribute";
1954    
1955    
1956    
1957      /**
1958       * The name of the configuration attribute that specifies the DN of
1959       * configuration entry for the password generator to use with a password
1960       * policy.
1961       */
1962      public static final String ATTR_PWPOLICY_PASSWORD_GENERATOR =
1963           "ds-cfg-password-generator";
1964    
1965    
1966    
1967      /**
1968       * The name of the configuration attribute that specifies the DN(s) of the
1969       * configuration entries that will hold the password validators for use with
1970       * the password policy.
1971       */
1972      public static final String ATTR_PWPOLICY_PASSWORD_VALIDATOR =
1973           "ds-cfg-password-validator";
1974    
1975    
1976    
1977      /**
1978       * The name of the configuration attribute that specifies the format strings
1979       * that may have been used in the past to generate last login time values.
1980       */
1981      public static final String ATTR_PWPOLICY_PREVIOUS_LAST_LOGIN_TIME_FORMAT =
1982           "ds-cfg-previous-last-login-time-format";
1983    
1984    
1985    
1986      /**
1987       * The name of the configuration attribute that holds the time by which all
1988       * users must have changed their passwords.
1989       */
1990      public static final String ATTR_PWPOLICY_REQUIRE_CHANGE_BY_TIME =
1991           "ds-cfg-require-change-by-time";
1992    
1993    
1994    
1995      /**
1996       * The name of the configuration attribute that indicates whether users will
1997       * be required to provide their current password when they choose a new
1998       * password.
1999       */
2000      public static final String ATTR_PWPOLICY_REQUIRE_CURRENT_PASSWORD =
2001           "ds-cfg-password-change-requires-current-password";
2002    
2003    
2004    
2005      /**
2006       * The default value for the passwordChangeRequiresCurrentPassword
2007       * configuration attribute.
2008       */
2009      public static final boolean DEFAULT_PWPOLICY_REQUIRE_CURRENT_PASSWORD = false;
2010    
2011    
2012    
2013      /**
2014       * The name of the configuration attribute that indicates whether users will
2015       * be required to authenticate using a secure mechanism.
2016       */
2017      public static final String ATTR_PWPOLICY_REQUIRE_SECURE_AUTHENTICATION =
2018           "ds-cfg-require-secure-authentication";
2019    
2020    
2021    
2022      /**
2023       * The default value for the requireSecureAuthentication configuration
2024       * attribute.
2025       */
2026      public static final boolean DEFAULT_PWPOLICY_REQUIRE_SECURE_AUTHENTICATION =
2027           false;
2028    
2029    
2030    
2031      /**
2032       * The name of the configuration attribute that indicates whether users will
2033       * be required to change their passwords using a secure mechanism.
2034       */
2035      public static final String ATTR_PWPOLICY_REQUIRE_SECURE_PASSWORD_CHANGES =
2036           "ds-cfg-require-secure-password-changes";
2037    
2038    
2039    
2040      /**
2041       * The default value for the requireSecurePasswordChanges configuration
2042       * attribute.
2043       */
2044      public static final boolean DEFAULT_PWPOLICY_REQUIRE_SECURE_PASSWORD_CHANGES =
2045           false;
2046    
2047    
2048    
2049      /**
2050       * The name of the configuration attribute that indicates whether the server
2051       * should perform validation on passwords set by administrators.
2052       */
2053      public static final String ATTR_PWPOLICY_SKIP_ADMIN_VALIDATION =
2054           "ds-cfg-skip-validation-for-administrators";
2055    
2056    
2057    
2058      /**
2059       * The default value for the skipValidationForAdministrators configuration
2060       * attribute.
2061       */
2062      public static final boolean DEFAULT_PWPOLICY_SKIP_ADMIN_VALIDATION = false;
2063    
2064    
2065    
2066      /**
2067       * The name of the configuration attribute that specifies the maximum length
2068       * of time before expiration that a user should start to receive warning
2069       * notifications.
2070       */
2071      public static final String ATTR_PWPOLICY_WARNING_INTERVAL =
2072           "ds-cfg-password-expiration-warning-interval";
2073    
2074    
2075    
2076      /**
2077       * The default value for the passwordExpirationWarningInterval configuration
2078       * attribute.
2079       */
2080      public static final int DEFAULT_PWPOLICY_WARNING_INTERVAL = 604800;
2081    
2082    
2083    
2084      /**
2085       * The name of the configuration attribute that holds the fully-qualified name
2086       * for the password storage scheme class.
2087       */
2088      public static final String ATTR_PWSCHEME_CLASS =
2089           "ds-cfg-java-class";
2090    
2091    
2092    
2093      /**
2094       * The name of the configuration attribute that indicates whether a password
2095       * storage scheme is enabled.
2096       */
2097      public static final String ATTR_PWSCHEME_ENABLED =
2098           "ds-cfg-enabled";
2099    
2100    
2101    
2102      /**
2103       * The name of the configuration attribute that holds the fully-qualified name
2104       * for the password validator class.
2105       */
2106      public static final String ATTR_PWVALIDATOR_CLASS =
2107           "ds-cfg-java-class";
2108    
2109    
2110    
2111      /**
2112       * The name of the configuration attribute that indicates whether a password
2113       * validator is enabled.
2114       */
2115      public static final String ATTR_PWVALIDATOR_ENABLED =
2116           "ds-cfg-enabled";
2117    
2118    
2119    
2120      /**
2121       * The name of the configuration attribute that holds the name of the class
2122       * used to provide the implementation logic for a recurring task.
2123       */
2124      public static final String ATTR_RECURRING_TASK_CLASS_NAME =
2125           NAME_PREFIX_RECURRING_TASK + "class-name";
2126    
2127    
2128    
2129      /**
2130       * The name of the configuration attribute that holds the recurring task ID
2131       * for a recurring task that may be associated with a task.
2132       */
2133      public static final String ATTR_RECURRING_TASK_ID =
2134           NAME_PREFIX_RECURRING_TASK + "id";
2135    
2136    
2137    
2138      /**
2139       * The name of the configuration attribute that indicates whether the
2140       * Directory Server should be restarted instead of shut down.
2141       */
2142      public static final String ATTR_RESTART_SERVER =
2143           NAME_PREFIX_TASK + "restart-server";
2144    
2145    
2146    
2147      /**
2148       * The name of the configuration attribute that specifies the set of
2149       * subordinate base DNs that should be used for non-base-level searches
2150       * against the root DSE.
2151       */
2152      public static final String ATTR_ROOT_DSE_SUBORDINATE_BASE_DN =
2153           "ds-cfg-subordinate-base-dn";
2154    
2155    
2156    
2157      /**
2158       * The name of the configuration attribute that holds the fully-qualified name
2159       * for the SASL mechanism handler class.
2160       */
2161      public static final String ATTR_SASL_CLASS =
2162           "ds-cfg-java-class";
2163    
2164    
2165    
2166      /**
2167       * The name of the configuration attribute that indicates whether a SASL
2168       * mechanism handler should be enabled.
2169       */
2170      public static final String ATTR_SASL_ENABLED =
2171           "ds-cfg-enabled";
2172    
2173    
2174    
2175      /**
2176       * The name of the configuration attribute that specifies the location(s) of
2177       * the entries used to publish the Directory Server schema information.
2178       */
2179      public static final String ATTR_SCHEMA_ENTRY_DN =
2180           "ds-cfg-schema-entry-dn";
2181    
2182    
2183    
2184      /**
2185       * The name of the configuration attribute that indicates whether to send
2186       * rejected client connections a notice of disconnection explaining why the
2187       * connection was not accepted.
2188       */
2189      public static final String ATTR_SEND_REJECTION_NOTICE =
2190           "ds-cfg-send-rejection-notice";
2191    
2192    
2193    
2194      /**
2195       * The default policy that will be used for deciding whether to send a
2196       * rejection notice to clients if it is not specified in the configuration.
2197       */
2198      public static final boolean DEFAULT_SEND_REJECTION_NOTICE = true;
2199    
2200    
2201    
2202      /**
2203       * The name of the configuration attribute that will be used to indicate the
2204       * result code that should be used for operations that fail because of an
2205       * internal server error.
2206       */
2207      public static final String ATTR_SERVER_ERROR_RESULT_CODE =
2208           "ds-cfg-server-error-result-code";
2209    
2210    
2211    
2212      /**
2213       * The name of the configuration attribute that holds the fully-qualified
2214       * domain name that should be used by the server when that information is
2215       * needed.
2216       */
2217      public static final String ATTR_SERVER_FQDN = "ds-cfg-server-fqdn";
2218    
2219    
2220    
2221      /**
2222       * The name of the configuration attribute that holds a message that may be
2223       * provided for the reason the Directory Server has been requested to shut
2224       * down.
2225       */
2226      public static final String ATTR_SHUTDOWN_MESSAGE =
2227           NAME_PREFIX_TASK + "shutdown-message";
2228    
2229    
2230    
2231      /**
2232       * The name of the configuration attribute that holds the password that must
2233       * be provided in order to shut down the server through the tasks interface.
2234       */
2235      public static final String ATTR_SHUTDOWN_PASSWORD =
2236           NAME_PREFIX_TASK + "shutdown-password";
2237    
2238    
2239    
2240      /**
2241       * The name of the configuration attribute that holds the server size limit.
2242       */
2243      public static final String ATTR_SIZE_LIMIT = "ds-cfg-size-limit";
2244    
2245    
2246    
2247      /**
2248       * The default value that will be used for the server size limit if no other
2249       * value is given.
2250       */
2251      public static final int DEFAULT_SIZE_LIMIT = 1000;
2252    
2253        /**
2254       * The name of the configuration attribute that holds the server lookthrough
2255       * limit.
2256       */
2257      public static final String ATTR_LOOKTHROUGH_LIMIT =
2258            "ds-cfg-lookthrough-limit";
2259    
2260    
2261    
2262      /**
2263       * The default value that will be used for the server lookthrough limit if
2264       * no other value is given.
2265       */
2266      public static final int DEFAULT_LOOKTHROUGH_LIMIT = 5000;
2267    
2268    
2269    
2270      /**
2271       * The name of the configuration attribute that contains a set of search
2272       * filters to use to determine which entries should be excluded from the
2273       * cache.
2274       */
2275      public static final String ATTR_SOFTREFCACHE_EXCLUDE_FILTER =
2276           "ds-cfg-exclude-filter";
2277    
2278    
2279    
2280      /**
2281       * The name of the configuration attribute that contains a set of search
2282       * filters to use to determine which entries should be included in the cache.
2283       */
2284      public static final String ATTR_SOFTREFCACHE_INCLUDE_FILTER =
2285           "ds-cfg-include-filter";
2286    
2287    
2288    
2289      /**
2290       * The name of the configuration attribute that indicates the maximum length
2291       * of time in milliseconds to spend trying to acquire a lock for an entry in
2292       * the cache.
2293       */
2294      public static final String ATTR_SOFTREFCACHE_LOCK_TIMEOUT =
2295           "ds-cfg-lock-timeout";
2296    
2297    
2298    
2299      /**
2300       * The name of the configuration attribute that holds information about the
2301       * policy that should be used when requesting/requiring SSL client
2302       * authentication.
2303       */
2304      public static final String ATTR_SSL_CLIENT_AUTH_POLICY =
2305           "ds-cfg-ssl-client-auth-policy";
2306    
2307    
2308    
2309      /**
2310       * The default SSL client authentication policy that should be used if it is
2311       * not defined in the configuration.
2312       */
2313      public static final SSLClientAuthPolicy DEFAULT_SSL_CLIENT_AUTH_POLICY =
2314           SSLClientAuthPolicy.OPTIONAL;
2315    
2316    
2317    
2318      /**
2319       * The name of the configuration attribute that holds the nickname of the
2320       * certificate that should be used for accepting SSL/TLS connections.
2321       */
2322      public static final String ATTR_SSL_CERT_NICKNAME =
2323           "ds-cfg-ssl-cert-nickname";
2324    
2325    
2326    
2327      /**
2328       * The default SSL server certificate nickname to use if it is not defined in
2329       * the configuration.
2330       */
2331      public static final String DEFAULT_SSL_CERT_NICKNAME = "server-cert";
2332    
2333    
2334    
2335      /**
2336       * The name of the configuration attribute that holds the nickname of the SSL
2337       * cipher suites that should be allowed for use in SSL/TLS sessions.
2338       */
2339      public static final String ATTR_SSL_CIPHERS =
2340           "ds-cfg-ssl-cipher-suite";
2341    
2342    
2343    
2344      /**
2345       * The name of the configuration attribute that holds the nickname of the SSL
2346       * protocols that should be allowed for use in SSL/TLS sessions.
2347       */
2348      public static final String ATTR_SSL_PROTOCOLS =
2349           "ds-cfg-ssl-protocol";
2350    
2351    
2352    
2353      /**
2354       * The name of the configuration attribute that specifies the fully-qualified
2355       * name of the Java class that defines a Directory Server synchronization
2356       * provider.
2357       */
2358      public static final String ATTR_SYNCHRONIZATION_PROVIDER_CLASS =
2359           "ds-cfg-java-class";
2360    
2361    
2362    
2363      /**
2364       * The name of the configuration attribute that indicates whether a
2365       * synchronization provider should be enabled.
2366       */
2367      public static final String ATTR_SYNCHRONIZATION_PROVIDER_ENABLED =
2368           "ds-cfg-enabled";
2369    
2370    
2371    
2372      /**
2373       * The name of the configuration attribute that specifies the
2374       * fully-qualified name of the Java class that defines a Directory
2375       * Server access control handler.
2376       */
2377      public static final String ATTR_AUTHZ_HANDLER_CLASS =
2378           "ds-cfg-java-class";
2379    
2380    
2381    
2382      /**
2383       * The name of the configuration attribute that indicates whether
2384       * access control should be enabled.
2385       */
2386      public static final String ATTR_AUTHZ_HANDLER_ENABLED =
2387           "ds-cfg-enabled";
2388    
2389    
2390        /**
2391         * The name of the configuration attribute that specifies a global
2392         * attribute access control instruction.
2393         */
2394        public static final String ATTR_AUTHZ_GLOBAL_ACI =
2395            "ds-cfg-global-aci";
2396    
2397    
2398      /**
2399       * The name of the configuration attribute that specifies the fully-qualified
2400       * name of the Java class that defines a Directory Server attribute syntax.
2401       */
2402      public static final String ATTR_SYNTAX_CLASS =
2403           "ds-cfg-java-class";
2404    
2405    
2406    
2407      /**
2408       * The name of the configuration attribute that indicates whether an attribute
2409       * syntax should be enabled.
2410       */
2411      public static final String ATTR_SYNTAX_ENABLED =
2412           "ds-cfg-enabled";
2413    
2414    
2415    
2416      /**
2417       * The name of the configuration attribute that holds the actual start time
2418       * for a task.
2419       */
2420      public static final String ATTR_TASK_ACTUAL_START_TIME =
2421           NAME_PREFIX_TASK + "actual-start-time";
2422    
2423    
2424    
2425      /**
2426       * The name of the configuration attribute that holds the path to the backing
2427       * file for task information.
2428       */
2429      public static final String ATTR_TASK_BACKING_FILE =
2430           "ds-cfg-task-backing-file";
2431    
2432    
2433    
2434      /**
2435       * The name of the configuration attribute that holds the name of the class
2436       * providing the task logic.
2437       */
2438      public static final String ATTR_TASK_CLASS =
2439           NAME_PREFIX_TASK + "class-name";
2440    
2441    
2442    
2443      /**
2444       * The name of the configuration attribute that holds the completion time for
2445       * a task.
2446       */
2447      public static final String ATTR_TASK_COMPLETION_TIME =
2448           NAME_PREFIX_TASK + "completion-time";
2449    
2450    
2451    
2452      /**
2453       * The name of the configuration attribute that holds task IDs of any tasks on
2454       * which a given task is dependent.
2455       */
2456      public static final String ATTR_TASK_DEPENDENCY_IDS =
2457           NAME_PREFIX_TASK + "dependency-id";
2458    
2459    
2460    
2461      /**
2462       * The name of the configuration attribute that holds the indication of what
2463       * to do in the event that one of the dependencies for a task has failed.
2464       */
2465      public static final String ATTR_TASK_FAILED_DEPENDENCY_ACTION =
2466           NAME_PREFIX_TASK + "failed-dependency-action";
2467    
2468    
2469    
2470      /**
2471       * The name of the configuration attribute that holds the set of log messages
2472       * for a task.
2473       */
2474      public static final String ATTR_TASK_LOG_MESSAGES =
2475           NAME_PREFIX_TASK + "log-message";
2476    
2477    
2478    
2479      /**
2480       * The name of the configuration attribute that holds the set of e-mail
2481       * addresses of the users to notify when a task has completed.
2482       */
2483      public static final String ATTR_TASK_NOTIFY_ON_COMPLETION =
2484           NAME_PREFIX_TASK + "notify-on-completion";
2485    
2486    
2487    
2488      /**
2489       * The name of the configuration attribute that holds the set of e-mail
2490       * addresses of the users to notify if a task fails.
2491       */
2492      public static final String ATTR_TASK_NOTIFY_ON_ERROR =
2493           NAME_PREFIX_TASK + "notify-on-error";
2494    
2495    
2496    
2497      /**
2498       * The name of the configuration attribute that holds the length of time in
2499       * seconds that task information should be retained after processing on the
2500       * task has completed.
2501       */
2502      public static final String ATTR_TASK_RETENTION_TIME =
2503           "ds-cfg-task-retention-time";
2504    
2505    
2506    
2507      /**
2508       * The default task retention time that will be used if no value is provided.
2509       */
2510      public static final long DEFAULT_TASK_RETENTION_TIME = 86400;
2511    
2512    
2513    
2514      /**
2515       * The name of the configuration attribute that holds the scheduled start time
2516       * for a task.
2517       */
2518      public static final String ATTR_TASK_SCHEDULED_START_TIME =
2519           NAME_PREFIX_TASK + "scheduled-start-time";
2520    
2521    
2522    
2523      /**
2524       * The name of the configuration attribute that holds the task ID for a task.
2525       */
2526      public static final String ATTR_TASK_ID = NAME_PREFIX_TASK + "id";
2527    
2528    
2529    
2530      /**
2531       * The name of the configuration attribute that holds the current state for a
2532       * task.
2533       */
2534      public static final String ATTR_TASK_STATE = NAME_PREFIX_TASK + "state";
2535    
2536    
2537    
2538      /**
2539       * The name of the configuration attribute that indicates whether the
2540       * telephone number attribute syntax should use a strict compliance mode when
2541       * determining whether a value is acceptable.
2542       */
2543      public static final String ATTR_TELEPHONE_STRICT_MODE =
2544           "ds-cfg-strict-format";
2545    
2546    
2547    
2548      /**
2549       * The name of the configuration attribute that holds the server time limit.
2550       */
2551      public static final String ATTR_TIME_LIMIT = "ds-cfg-time-limit";
2552    
2553    
2554    
2555      /**
2556       * The default value that will be used for the server time limit if no other
2557       * value is given.
2558       */
2559      public static final int DEFAULT_TIME_LIMIT = 60;
2560    
2561    
2562    
2563      /**
2564       * The name of the configuration attribute that specifies the DN to use as the
2565       * search base when trying to find entries that match a provided username.
2566       */
2567      public static final String ATTR_USER_BASE_DN =
2568           "ds-cfg-user-base-dn";
2569    
2570    
2571    
2572      /**
2573       * The name of the configuration attribute that specifies which attribute
2574       * should be used to map usernames to their corresponding entries.
2575       */
2576      public static final String ATTR_USERNAME_ATTRIBUTE =
2577           "ds-cfg-user-name-attribute";
2578    
2579    
2580    
2581      /**
2582       * The default attribute type that will be used for username lookups if none
2583       * is provided.
2584       */
2585      public static final String DEFAULT_USERNAME_ATTRIBUTE = "uid";
2586    
2587    
2588    
2589      /**
2590       * The name of the configuration attribute that indicates whether to use SSL
2591       * when accepting client connections.
2592       */
2593      public static final String ATTR_USE_SSL = "ds-cfg-use-ssl";
2594    
2595    
2596    
2597      /**
2598       * The default configuration that specifies whether to use SSL if it is not
2599       * defined in the server configuration.
2600       */
2601      public static final boolean DEFAULT_USE_SSL = false;
2602    
2603    
2604    
2605      /**
2606       * The name of the configuration attribute that indicates whether connections
2607       * to clients should use the TCP_KEEPALIVE socket option.
2608       */
2609      public static final String ATTR_USE_TCP_KEEPALIVE =
2610           "ds-cfg-use-tcp-keep-alive";
2611    
2612    
2613    
2614      /**
2615       * The default policy for using the TCP_KEEPALIVE socket option if it is not
2616       * specified in the configuration.
2617       */
2618      public static final boolean DEFAULT_USE_TCP_KEEPALIVE = true;
2619    
2620    
2621    
2622      /**
2623       * The name of the configuration attribute that indicates whether connections
2624       * to clients should use the TCP_NODELAY socket option.
2625       */
2626      public static final String ATTR_USE_TCP_NODELAY =
2627           "ds-cfg-use-tcp-no-delay";
2628    
2629    
2630    
2631      /**
2632       * The default policy for using the TCP_NODELAY socket option if it is not
2633       * specified in the configuration.
2634       */
2635      public static final boolean DEFAULT_USE_TCP_NODELAY = true;
2636    
2637    
2638    
2639      /**
2640       * The name of the configuration attribute that is used to hold the name of
2641       * the user attribute that holds user certificates that can be used for
2642       * validation.
2643       */
2644      public static final String ATTR_VALIDATION_CERT_ATTRIBUTE =
2645           "ds-cfg-certificate-attribute";
2646    
2647    
2648    
2649      /**
2650       * The default attribute name for holding certificate information if no value
2651       * is specified.
2652       */
2653      public static final String DEFAULT_VALIDATION_CERT_ATTRIBUTE =
2654           "usercertificate";
2655    
2656    
2657    
2658      /**
2659       * The name of the configuration attribute that specifies the class providing
2660       * the logic for the work queue implementation.
2661       */
2662      public static final String ATTR_WORKQ_CLASS =
2663           "ds-cfg-java-class";
2664    
2665    
2666    
2667      /**
2668       * The name of the configuration attribute that specifies the writability mode
2669       * for the Directory Server.
2670       */
2671      public static final String ATTR_WRITABILITY_MODE =
2672           "ds-cfg-writability-mode";
2673    
2674    
2675    
2676      /**
2677       * The base name (with no path information) of the file that will be used to
2678       * hold schema tokens used for compressed schema elements.
2679       */
2680      public static final String COMPRESSED_SCHEMA_FILE_NAME =
2681           "schematokens.dat";
2682    
2683    
2684    
2685      /**
2686       * The base name (with no path information) of the directory that will hold
2687       * the archived versions of previous configurations.
2688       */
2689      public static final String CONFIG_ARCHIVE_DIR_NAME = "archived-configs";
2690    
2691    
2692    
2693      /**
2694       * The base name (with no path information) of the file that may contain
2695       * changes in LDIF form to apply to the configuration before the configuration
2696       * is loaded and initialized.
2697       */
2698      public static final String CONFIG_CHANGES_NAME = "config-changes.ldif";
2699    
2700    
2701    
2702      /**
2703       * The name of the directory that will hold the configuration file for the
2704       * Directory Server.
2705       */
2706      public static final String CONFIG_DIR_NAME = "config";
2707    
2708    
2709    
2710      /**
2711       * The default name of the file that holds the configuration for the Directory
2712       * Server.  It should exist below the directory specified by the
2713       * {@code CONFIG_DIR_NAME}.
2714       */
2715      public static final String CONFIG_FILE_NAME = "config.ldif";
2716    
2717    
2718    
2719      /**
2720       * The DN of the entry that will serve as the root for the Directory Server
2721       * configuration.
2722       */
2723      public static final String DN_CONFIG_ROOT = "cn=config";
2724    
2725    
2726    
2727      /**
2728       * The DN of the entry that will serve as the base for all Directory Server
2729       * account status notification handlers.
2730       */
2731      public static final String DN_ACCT_NOTIFICATION_HANDLER_CONFIG_BASE =
2732           "cn=Account Status Notification Handlers," + DN_CONFIG_ROOT;
2733    
2734    
2735    
2736      /**
2737       * The DN of the entry that will serve as the base for all Directory Server
2738       * backends.
2739       */
2740      public static final String DN_BACKEND_BASE = "cn=Backends," + DN_CONFIG_ROOT;
2741    
2742    
2743    
2744      /**
2745       * The DN of the entry that will serve as the base for all Directory Server
2746       * backup information.
2747       */
2748      public static final String DN_BACKUP_ROOT = "cn=backups";
2749    
2750    
2751    
2752      /**
2753       * The DN of the entry that will serve as the base for all Directory Server
2754       * connection handlers.
2755       */
2756      public static final String DN_CONNHANDLER_BASE =
2757           "cn=Connection Handlers," + DN_CONFIG_ROOT;
2758    
2759    
2760    
2761      /**
2762       * The DN of the entry that will serve as the default root for the Directory
2763       * Server schema information, unless an alternate location is defined in the
2764       * configuration.
2765       */
2766      public static final String DN_DEFAULT_SCHEMA_ROOT = "cn=schema";
2767    
2768    
2769    
2770      /**
2771       * The DN of the entry that will hold the configuration for the Directory
2772       * Server entry cache.
2773       */
2774      public static final String DN_ENTRY_CACHE_BASE =
2775           "cn=Entry Caches," + DN_CONFIG_ROOT;
2776    
2777    
2778    
2779      /**
2780       * The DN of the entry that will serve as the base for the configuration
2781       * for all Directory Server extended operation handlers.
2782       */
2783      public static final String DN_EXTENDED_OP_CONFIG_BASE =
2784           "cn=Extended Operations," + DN_CONFIG_ROOT;
2785    
2786    
2787    
2788      /**
2789       * The DN of the entry that will serve as the base for the configuration
2790       * for all Directory Server group implementations.
2791       */
2792      public static final String DN_GROUP_IMPLEMENTATION_CONFIG_BASE =
2793           "cn=Group Implementations," + DN_CONFIG_ROOT;
2794    
2795    
2796    
2797      /**
2798       * The DN of the entry that will serve as the base for the configuration
2799       * for all Directory Server identity mappers.
2800       */
2801      public static final String DN_IDMAPPER_CONFIG_BASE =
2802           "cn=Identity Mappers," + DN_CONFIG_ROOT;
2803    
2804    
2805    
2806      /**
2807       * The DN of the entry that will be the base of the configuration information
2808       * for the Directory Server certificate mappers.
2809       */
2810      public static final String DN_CERTMAPPER_CONFIG_BASE =
2811           "cn=Certificate Mappers," + DN_CONFIG_ROOT;
2812    
2813    
2814    
2815      /**
2816       * The DN of the entry that be the base of the configuration information for
2817       * the Directory Server key manager providers.
2818       */
2819      public static final String DN_KEYMANAGER_PROVIDER_CONFIG_BASE =
2820           "cn=Key Manager Providers," + DN_CONFIG_ROOT;
2821    
2822    
2823    
2824      /**
2825       * The DN of the entry that is the base of the configuration information for
2826       * the Directory Server trust manager providers.
2827       */
2828      public static final String DN_TRUSTMANAGER_PROVIDER_CONFIG_BASE =
2829           "cn=Trust Manager Providers," + DN_CONFIG_ROOT;
2830    
2831    
2832    
2833      /**
2834       * The ADS trust store backend id.
2835       */
2836      public static final String ID_ADS_TRUST_STORE_BACKEND = "ads-truststore";
2837    
2838    
2839    
2840      /**
2841       * The DN of the trust store backend configuration entry.
2842       */
2843      public static final String DN_TRUST_STORE_BACKEND =
2844           ATTR_BACKEND_ID + "=" + ID_ADS_TRUST_STORE_BACKEND +
2845                "," + DN_BACKEND_BASE;
2846    
2847    
2848    
2849      /**
2850       * Alias of the local instance certificate in the ADS keystore.
2851       */
2852      public static final String ADS_CERTIFICATE_ALIAS = "ads-certificate";
2853    
2854    
2855    
2856      /**
2857       * The DN of the entry that will serve as the base for local ADS trust store
2858       * information.
2859       */
2860      public static final String DN_TRUST_STORE_ROOT = "cn=ads-truststore";
2861    
2862    
2863    
2864      /**
2865       * The name of the attribute that holds a cryptographic cipher-key identifier.
2866       */
2867      public static final String ATTR_CRYPTO_KEY_ID = "ds-cfg-key-id";
2868    
2869    
2870    
2871      /**
2872       * The name of the objectclass that will be used for a server
2873       * certificate entry.
2874       */
2875      public static final String OC_CRYPTO_INSTANCE_KEY =
2876           "ds-cfg-instance-key";
2877    
2878    
2879    
2880      /**
2881       * The name of the objectclass that will be used for a self-signed
2882       * certificate request.
2883       */
2884      public static final String OC_SELF_SIGNED_CERT_REQUEST =
2885           "ds-cfg-self-signed-cert-request";
2886    
2887    
2888    
2889      /**
2890       * The name of the objectclass that will be used for a cipher key.
2891       */
2892      public static final String OC_CRYPTO_CIPHER_KEY = "ds-cfg-cipher-key";
2893    
2894    
2895    
2896      /**
2897       * The name of the objectclass that will be used for a mac key.
2898       */
2899      public static final String OC_CRYPTO_MAC_KEY = "ds-cfg-mac-key";
2900    
2901    
2902    
2903      /**
2904       * The name of the attribute that is used to hold a cryptographic
2905       * public key certificate.
2906       */
2907      public static final String ATTR_CRYPTO_PUBLIC_KEY_CERTIFICATE =
2908           "ds-cfg-public-key-certificate";
2909    
2910    
2911      /**
2912       * The name of the attribute that is used to hold the name of a
2913       * cryptographic cipher transformation.
2914       */
2915      public static final String ATTR_CRYPTO_CIPHER_TRANSFORMATION_NAME =
2916           "ds-cfg-cipher-transformation-name";
2917    
2918      /**
2919       * The name of the attribute that is used to hold the key wrapping
2920       * transformation used by the Crypto Manager.
2921       */
2922      public static final String ATTR_CRYPTO_CIPHER_KEY_WRAPPING_TRANSFORMATION =
2923        "ds-cfg-key-wrapping-transformation";
2924    
2925      /**
2926       * The name of the attribute that is used to hold the name of a
2927       * cryptographic message authentication code (MAC) algorithm.
2928       */
2929      public static final String ATTR_CRYPTO_MAC_ALGORITHM_NAME =
2930           "ds-cfg-mac-algorithm-name";
2931    
2932    
2933      /**
2934       * The name of the attribute that is used to hold the length of a
2935       * cryptographic secret key.
2936       */
2937      public static final String ATTR_CRYPTO_KEY_LENGTH_BITS =
2938           "ds-cfg-key-length-bits";
2939    
2940    
2941      /**
2942       * The name of the attribute that is used to hold the length of a
2943       * cryptographic cipher initialization vector.
2944       */
2945      public static final String ATTR_CRYPTO_INIT_VECTOR_LENGTH_BITS =
2946           "ds-cfg-initialization-vector-length-bits";
2947    
2948    
2949      /**
2950       * The name of the attribute that is used to hold a cryptographic
2951       * cipher-key wrapped by a public-key.
2952       */
2953      public static final String ATTR_CRYPTO_SYMMETRIC_KEY = "ds-cfg-symmetric-key";
2954    
2955    
2956      /**
2957       * The name of the attribute that is used to hold time a cryptographic key
2958       * was suspected to be compromised.
2959       */
2960      public static final String ATTR_CRYPTO_KEY_COMPROMISED_TIME =
2961           "ds-cfg-key-compromised-time";
2962    
2963    
2964      /**
2965       * The DN of the entry that will serve as the base for all Directory Server
2966       * loggers.
2967       */
2968      public static final String DN_LOGGER_BASE = "cn=Loggers," + DN_CONFIG_ROOT;
2969    
2970    
2971    
2972      /**
2973       * The DN of the entry that will serve as the base for all Directory Server
2974       * matching rules.
2975       */
2976      public static final String DN_MATCHING_RULE_CONFIG_BASE =
2977           "cn=Matching Rules," + DN_CONFIG_ROOT;
2978    
2979    
2980    
2981      /**
2982       * The DN of the entry that will serve as the base for the configuration
2983       * for all Directory Server monitors.
2984       */
2985      public static final String DN_MONITOR_CONFIG_BASE =
2986           "cn=Monitor Providers," + DN_CONFIG_ROOT;
2987    
2988    
2989    
2990      /**
2991       * The DN of the entry that will serve as the entry cache monitor provider
2992       * configuration for all Directory Server entry cache monitors.
2993       */
2994      public static final String DN_ENTRY_CACHE_MONITOR_CONFIG =
2995           "cn=Entry Caches," + DN_MONITOR_CONFIG_BASE;
2996    
2997    
2998    
2999      /**
3000       * The DN of the entry that will serve as the base for all Directory Server
3001       * monitor information.
3002       */
3003      public static final String DN_MONITOR_ROOT = "cn=monitor";
3004    
3005    
3006    
3007      /**
3008       * The DN of the entry that will serve as the base for all Directory Server
3009       * plugin information.
3010       */
3011      public static final String DN_PLUGIN_BASE = "cn=Plugins," + DN_CONFIG_ROOT;
3012    
3013    
3014    
3015      /**
3016       * The DN of the entry that will serve as the base for the configuration
3017       * for all Directory Server password generators.
3018       */
3019      public static final String DN_PWGENERATOR_CONFIG_BASE =
3020           "cn=Password Generators," + DN_CONFIG_ROOT;
3021    
3022    
3023    
3024      /**
3025       * The DN of the entry that will serve as the base for the configuration
3026       * for all Directory Server password policies.
3027       */
3028      public static final String DN_PWPOLICY_CONFIG_BASE =
3029           "cn=Password Policies," + DN_CONFIG_ROOT;
3030    
3031    
3032    
3033      /**
3034       * The DN of the entry that will serve as the base for the configuration
3035       * for all Directory Server password storage schemes.
3036       */
3037      public static final String DN_PWSCHEME_CONFIG_BASE =
3038           "cn=Password Storage Schemes," + DN_CONFIG_ROOT;
3039    
3040    
3041    
3042      /**
3043       * The DN of the entry that will serve as the base for the configuration
3044       * for all Directory Server password validators.
3045       */
3046      public static final String DN_PWVALIDATOR_CONFIG_BASE =
3047           "cn=Password Validators," + DN_CONFIG_ROOT;
3048    
3049    
3050    
3051      /**
3052       * The DN of the entry that will serve as the parent for all root DN
3053       * configuration entries.
3054       */
3055      public static final String DN_ROOT_DN_CONFIG_BASE =
3056           "cn=Root DNs," + DN_CONFIG_ROOT;
3057    
3058    
3059    
3060      /**
3061       * The DN of the entry that will hold the configuration information for the
3062       * Directory Server root DSE.
3063       */
3064      public static final String DN_ROOT_DSE_CONFIG =
3065           "cn=Root DSE," + DN_CONFIG_ROOT;
3066    
3067    
3068    
3069      /**
3070       * The DN of the entry that will serve as the base for the configuration
3071       * for all Directory Server SASL mechanism handlers.
3072       */
3073      public static final String DN_SASL_CONFIG_BASE =
3074           "cn=SASL Mechanisms," + DN_CONFIG_ROOT;
3075    
3076    
3077    
3078      /**
3079       * The DN of the entry that will serve as the base for the configuration for
3080       * all Directory Server synchronization providers.
3081       */
3082      public static final String DN_SYNCHRONIZATION_PROVIDER_BASE =
3083           "cn=Synchronization Providers," + DN_CONFIG_ROOT;
3084    
3085    
3086      /**
3087       * The DN of the entry containing the access control handler configuration.
3088       */
3089      public static final String DN_AUTHZ_HANDLER_CONFIG =
3090           "cn=Access Control Handler," + DN_CONFIG_ROOT;
3091    
3092    
3093      /**
3094       * The DN of the entry that will serve as the base for all Directory Server
3095       * attribute syntaxes.
3096       */
3097      public static final String DN_SYNTAX_CONFIG_BASE =
3098           "cn=Syntaxes," + DN_CONFIG_ROOT;
3099    
3100    
3101    
3102      /**
3103       * The DN of the entry that will serve as the base for all Directory Server
3104       * task information.
3105       */
3106      public static final String DN_TASK_ROOT = "cn=Tasks";
3107    
3108    
3109    
3110      /**
3111       * The DN of the entry that will hold information about the Directory Server
3112       * work queue configuration.
3113       */
3114      public static final String DN_WORK_QUEUE_CONFIG =
3115           "cn=Work Queue," + DN_CONFIG_ROOT;
3116    
3117    
3118    
3119      /**
3120       * The name of the environment variable that the Directory Server may check to
3121       * determine the installation root.
3122       */
3123      public static final String ENV_VAR_INSTANCE_ROOT = "INSTANCE_ROOT";
3124    
3125    
3126    
3127      /**
3128       * The class name string that should be used in JMX MBeanAttributeInfo objects
3129       * whose value is a Boolean array.
3130       */
3131      public static final String JMX_TYPE_BOOLEAN_ARRAY = "[Z";
3132    
3133    
3134    
3135      /**
3136       * The class name string that should be used in JMX MBeanAttributeInfo objects
3137       * whose value is a byte array.
3138       */
3139      public static final String JMX_TYPE_BYTE_ARRAY = "[B";
3140    
3141    
3142    
3143      /**
3144       * The class name string that should be used in JMX MBeanAttributeInfo objects
3145       * whose value is a character array.
3146       */
3147      public static final String JMX_TYPE_CHARACTER_ARRAY = "[C";
3148    
3149    
3150    
3151      /**
3152       * The class name string that should be used in JMX MBeanAttributeInfo objects
3153       * whose value is a double array.
3154       */
3155      public static final String JMX_TYPE_DOUBLE_ARRAY = "[D";
3156    
3157    
3158    
3159      /**
3160       * The class name string that should be used in JMX MBeanAttributeInfo objects
3161       * whose value is a float array.
3162       */
3163      public static final String JMX_TYPE_FLOAT_ARRAY = "[F";
3164    
3165    
3166    
3167      /**
3168       * The class name string that should be used in JMX MBeanAttributeInfo objects
3169       * whose value is an integer array.
3170       */
3171      public static final String JMX_TYPE_INT_ARRAY = "[I";
3172    
3173    
3174    
3175      /**
3176       * The class name string that should be used in JMX MBeanAttributeInfo objects
3177       * whose value is a long array.
3178       */
3179      public static final String JMX_TYPE_LONG_ARRAY = "[J";
3180    
3181    
3182    
3183      /**
3184       * The class name string that should be used in JMX MBeanAttributeInfo objects
3185       * whose value is a short array.
3186       */
3187      public static final String JMX_TYPE_SHORT_ARRAY = "[S";
3188    
3189    
3190    
3191      /**
3192       * The class name string that should be used in JMX MBeanAttributeInfo objects
3193       * whose value is a string array.  Note that this format is significantly
3194       * different from the format used for arrays of primitive types.
3195       */
3196      public static final String JMX_TYPE_STRING_ARRAY =
3197           "[L" + String.class.getName() + ";";
3198    
3199    
3200    
3201      /**
3202       * The name of the objectclass that will be used for a Directory Server
3203       * access logger.
3204       */
3205      public static final String OC_ACCESS_LOGGER =
3206           "ds-cfg-access-log-publisher";
3207    
3208    
3209    
3210      /**
3211       * The name of the objectclass that will be used for a Directory Server
3212       * account status notification handler.
3213       */
3214      public static final String OC_ACCT_NOTIFICATION_HANDLER =
3215           "ds-cfg-account-status-notification-handler";
3216    
3217    
3218    
3219      /**
3220       * The name of the objectclass that will be used for a Directory Server alert
3221       * handler.
3222       */
3223      public static final String OC_ALERT_HANDLER =
3224           "ds-cfg-alert-handler";
3225    
3226    
3227    
3228      /**
3229       * The name of the objectclass that will be used for a Directory Server
3230       * attribute syntaxes.
3231       */
3232      public static final String OC_ATTRIBUTE_SYNTAX =
3233           "ds-cfg-attribute-syntax";
3234    
3235    
3236    
3237      /**
3238       * The name of the objectclass that will be used for a Directory Server
3239       * backend.
3240       */
3241      public static final String OC_BACKEND = "ds-cfg-backend";
3242    
3243    
3244    
3245      /**
3246       * The name of the objectclass that will be used for a directory server backup
3247       * directory.
3248       */
3249      public static final String OC_BACKUP_DIRECTORY =
3250           NAME_PREFIX_BACKUP + "directory";
3251    
3252    
3253    
3254      /**
3255       * The name of the objectclass that will be used for a directory server backup
3256       * information entry.
3257       */
3258      public static final String OC_BACKUP_INFO = NAME_PREFIX_BACKUP + "info";
3259    
3260    
3261    
3262      /**
3263       * The name of the objectclass that will be used for a Directory Server
3264       * certificate mapper.
3265       */
3266      public static final String OC_CERTIFICATE_MAPPER =
3267           "ds-cfg-certificate-mapper";
3268    
3269    
3270    
3271      /**
3272       * The name of the objectclass that will be used for a Directory Server
3273       * connection handler.
3274       */
3275      public static final String OC_CONNECTION_HANDLER =
3276           "ds-cfg-connection-handler";
3277    
3278    
3279    
3280      /**
3281       * The name of the objectclass that will be used for a Directory Server
3282       * debug logger.
3283       */
3284      public static final String OC_DEBUG_LOGGER = "ds-cfg-debug-log-publisher";
3285    
3286    
3287    
3288      /**
3289       * The name of the objectclass that will be used for a Directory Server
3290       * error logger.
3291       */
3292      public static final String OC_ERROR_LOGGER = "ds-cfg-error-log-publisher";
3293    
3294    
3295    
3296      /**
3297       * The name of the objectclass that will be used for a Directory Server
3298       * extended operation handler.
3299       */
3300      public static final String OC_EXTENDED_OPERATION_HANDLER =
3301           "ds-cfg-extended-operation-handler";
3302    
3303    
3304    
3305      /**
3306       * The name of the objectclass that will be used for a Directory Server group
3307       * implementation.
3308       */
3309      public static final String OC_GROUP_IMPLEMENTATION =
3310           "ds-cfg-group-implementation";
3311    
3312    
3313    
3314      /**
3315       * The name of the objectclass that will be used for a Directory Server
3316       * identity mapper.
3317       */
3318      public static final String OC_IDENTITY_MAPPER =
3319           "ds-cfg-identity-mapper";
3320    
3321    
3322    
3323      /**
3324       * The name of the objectclass that will be used for a Directory Server key
3325       * manager provider.
3326       */
3327      public static final String OC_KEY_MANAGER_PROVIDER =
3328           "ds-cfg-key-manager-provider";
3329    
3330    
3331    
3332      /**
3333       * The name of the objectclass that will be used for a Directory Server
3334       * matching rules.
3335       */
3336      public static final String OC_MATCHING_RULE =
3337           "ds-cfg-matching-rule";
3338    
3339    
3340    
3341      /**
3342       * The name of the objectclass that will be used for a Directory Server
3343       * monitor provider.
3344       */
3345      public static final String OC_MONITOR_PROVIDER =
3346           "ds-cfg-monitor-provider";
3347    
3348    
3349    
3350      /**
3351       * The name of the objectclass that will be used for a Directory Server
3352       * password generator.
3353       */
3354      public static final String OC_PASSWORD_GENERATOR =
3355           "ds-cfg-password-generator";
3356    
3357    
3358    
3359      /**
3360       * The name of the objectclass that will be used for a Directory Server
3361       * password policy.
3362       */
3363      public static final String OC_PASSWORD_POLICY =
3364           "ds-cfg-password-policy";
3365    
3366    
3367    
3368      /**
3369       * The name of the objectclass that will be used for a Directory Server
3370       * password storage scheme.
3371       */
3372      public static final String OC_PASSWORD_STORAGE_SCHEME =
3373           "ds-cfg-password-storage-scheme";
3374    
3375    
3376    
3377      /**
3378       * The name of the objectclass that will be used for a Directory Server
3379       * password validator.
3380       */
3381      public static final String OC_PASSWORD_VALIDATOR =
3382           "ds-cfg-password-validator";
3383    
3384    
3385    
3386      /**
3387       * The name of the objectclass that will be used for a Directory Server
3388       * plugin.
3389       */
3390      public static final String OC_PLUGIN = "ds-cfg-plugin";
3391    
3392    
3393    
3394      /**
3395       * The name of the objectclass that will be used for a Directory Server
3396       * recurring task definition.
3397       */
3398      public static final String OC_RECURRING_TASK = "ds-recurring-task";
3399    
3400    
3401    
3402      /**
3403       * The name of the objectclass that will be used for a Directory Server root
3404       * DN configuration entry.
3405       */
3406      public static final String OC_ROOT_DN = "ds-cfg-root-dn-user";
3407    
3408    
3409    
3410      /**
3411       * The name of the objectclass that will be used for a Directory Server SASL
3412       * mechanism handler.
3413       */
3414      public static final String OC_SASL_MECHANISM_HANDLER =
3415           "ds-cfg-sasl-mechanism-handler";
3416    
3417    
3418    
3419      /**
3420       * The name of the objectclass that will be used for a Directory Server
3421       * synchronization provider.
3422       */
3423      public static final String OC_SYNCHRONIZATION_PROVIDER =
3424           "ds-cfg-synchronization-provider";
3425    
3426    
3427    
3428      /**
3429       * The name of the objectclass that will be used for the Directory Server
3430       * access control configuration.
3431       */
3432      public static final String OC_AUTHZ_HANDLER_CONFIG =
3433           "ds-cfg-access-control-handler";
3434    
3435    
3436    
3437      /**
3438       * The name of the objectclass that will be used for a Directory Server task
3439       * definition.
3440       */
3441      public static final String OC_TASK = "ds-task";
3442    
3443    
3444    
3445      /**
3446       * The name of the objectclass that will be used for a Directory Server trust
3447       * manager provider.
3448       */
3449      public static final String OC_TRUST_MANAGER_PROVIDER =
3450           "ds-cfg-trust-manager-provider";
3451    
3452    
3453    
3454      /**
3455       * The name of the operational attribute that will appear in a user's entry to
3456       * indicate whether the account has been disabled.
3457       */
3458      public static final String OP_ATTR_ACCOUNT_DISABLED =
3459           NAME_PREFIX_PWP + "account-disabled";
3460    
3461    
3462    
3463      /**
3464       * The name of the operational attribute that may appear in a user's entry to
3465       * indicate when that account will expire (and therefore may no longer be used
3466       * to authenticate).
3467       */
3468      public static final String OP_ATTR_ACCOUNT_EXPIRATION_TIME =
3469           NAME_PREFIX_PWP + "account-expiration-time";
3470    
3471    
3472    
3473      /**
3474       * The name of the operational attribute that will appear in an entry to
3475       * indicate when it was created.
3476       */
3477      public static final String OP_ATTR_CREATE_TIMESTAMP = "createTimestamp";
3478    
3479    
3480    
3481      /**
3482       * The name of the create timestamp attribute, in all lowercase characters.
3483       */
3484      public static final String OP_ATTR_CREATE_TIMESTAMP_LC = "createtimestamp";
3485    
3486    
3487    
3488      /**
3489       * The name of the operational attribute that will appear in an entry to
3490       * indicate who created it.
3491       */
3492      public static final String OP_ATTR_CREATORS_NAME = "creatorsName";
3493    
3494    
3495    
3496      /**
3497       * The name of the creatorsName attribute, in all lowercase characters.
3498       */
3499      public static final String OP_ATTR_CREATORS_NAME_LC = "creatorsname";
3500    
3501    
3502    
3503      /**
3504       * The name of the operational attribute that will appear in a user's entry to
3505       * hold the last login time.
3506       */
3507      public static final String OP_ATTR_LAST_LOGIN_TIME =
3508           NAME_PREFIX_PWP + "last-login-time";
3509    
3510    
3511    
3512      /**
3513       * The name of the operational attribute that will appear in an entry to
3514       * indicate who last updated it.
3515       */
3516      public static final String OP_ATTR_MODIFIERS_NAME = "modifiersName";
3517    
3518    
3519    
3520      /**
3521       * The name of the modifiersName attribute, in all lowercase characters.
3522       */
3523      public static final String OP_ATTR_MODIFIERS_NAME_LC = "modifiersname";
3524    
3525    
3526    
3527      /**
3528       * The name of the operational attribute that will appear in an entry to
3529       * indicate when it was last updated.
3530       */
3531      public static final String OP_ATTR_MODIFY_TIMESTAMP = "modifyTimestamp";
3532    
3533    
3534    
3535      /**
3536       * The name of the modify timestamp attribute, in all lowercase characters.
3537       */
3538      public static final String OP_ATTR_MODIFY_TIMESTAMP_LC = "modifytimestamp";
3539    
3540    
3541    
3542      /**
3543       * The name of the operational attribute that will appear in a user's entry to
3544       * specify the set of privileges assigned to that user.
3545       */
3546      public static final String OP_ATTR_PRIVILEGE_NAME = "ds-privilege-name";
3547    
3548    
3549    
3550      /**
3551       * The name of the operational attribute that will appear in a user's entry
3552       * to indicate the time that the password was last changed.
3553       */
3554      public static final String OP_ATTR_PWPOLICY_CHANGED_TIME = "pwdChangedTime";
3555    
3556    
3557    
3558      /**
3559       * The name of the password changed time attribute, in all lowercase
3560       * characters.
3561       */
3562      public static final String OP_ATTR_PWPOLICY_CHANGED_TIME_LC =
3563           "pwdchangedtime";
3564    
3565    
3566    
3567      /**
3568       * The name of the operational attribute that will appear in a user's entry to
3569       * indicate the times of the grace logins by that user.
3570       */
3571      public static final String OP_ATTR_PWPOLICY_GRACE_LOGIN_TIME =
3572           "pwdGraceUseTime";
3573    
3574    
3575    
3576      /**
3577       * The name of the grace login time attribute, in all lowercase characters.
3578       */
3579      public static final String OP_ATTR_PWPOLICY_GRACE_LOGIN_TIME_LC =
3580           "pwdgraceusetime";
3581    
3582    
3583    
3584      /**
3585       * The name of the operational attribute that specifies the time that an
3586       * authentication attempt failed.
3587       */
3588      public static final String OP_ATTR_PWPOLICY_FAILURE_TIME = "pwdFailureTime";
3589    
3590    
3591    
3592      /**
3593       * The name of the failure time attribute, in all lowercase characters.
3594       */
3595      public static final String OP_ATTR_PWPOLICY_FAILURE_TIME_LC =
3596           "pwdfailuretime";
3597    
3598    
3599    
3600      /**
3601       * The name of the operational attribute that is used to maintain the password
3602       * history for the user.
3603       */
3604      public static final String OP_ATTR_PWPOLICY_HISTORY = "pwdHistory";
3605    
3606    
3607    
3608      /**
3609       * The name of the operational attribute that is used to maintain the password
3610       * history for the user, in all lowercase characters.
3611       */
3612      public static final String OP_ATTR_PWPOLICY_HISTORY_LC = "pwdhistory";
3613    
3614    
3615    
3616      /**
3617       * The name of the operational attribute that specifies the time that the
3618       * account was locked due to too many failed attempts.
3619       */
3620      public static final String OP_ATTR_PWPOLICY_LOCKED_TIME =
3621           "pwdAccountLockedTime";
3622    
3623    
3624    
3625      /**
3626       * The name of the locked time attribute, in all lowercase characters.
3627       */
3628      public static final String OP_ATTR_PWPOLICY_LOCKED_TIME_LC =
3629           "pwdaccountlockedtime";
3630    
3631    
3632    
3633      /**
3634       * The name of the operational attribute that will appear in a user's entry to
3635       * indicate the time that the user changed their password as a result of a
3636       * policy-wide required change.
3637       */
3638      public static final String OP_ATTR_PWPOLICY_CHANGED_BY_REQUIRED_TIME =
3639           NAME_PREFIX_PWP + "password-changed-by-required-time";
3640    
3641    
3642    
3643      /**
3644       * The name of the operational attribute that will appear in a user's entry
3645       * to indicate whether the password must be changed at the next
3646       * authentication.
3647       */
3648      public static final String OP_ATTR_PWPOLICY_RESET_REQUIRED = "pwdReset";
3649    
3650    
3651    
3652      /**
3653       * The name of the password reset attribute, in all lowercase characters.
3654       */
3655      public static final String OP_ATTR_PWPOLICY_RESET_REQUIRED_LC = "pwdreset";
3656    
3657    
3658    
3659      /**
3660       * The name of the operational attribute that will appear in a user's entry to
3661       * indicate which password policy should be used.
3662       */
3663      public static final String OP_ATTR_PWPOLICY_POLICY_DN =
3664           "ds-pwp-password-policy-dn";
3665    
3666    
3667    
3668      /**
3669       * The name of the operational attribute that indicates when the user was
3670       * first warned about an upcoming password expiration.
3671       */
3672      public static final String OP_ATTR_PWPOLICY_WARNED_TIME =
3673           NAME_PREFIX_PWP + "warned-time";
3674    
3675    
3676    
3677      /**
3678       * The name of the operational attribute that may be included in user entries
3679       * to specify an idle time limit to be applied for that user.
3680       */
3681      public static final String OP_ATTR_USER_IDLE_TIME_LIMIT =
3682          NAME_PREFIX_RLIM + "idle-time-limit";
3683    
3684    
3685    
3686      /**
3687       * The name of the operational attribute that may be included in user
3688       * entries to specify a size limit to be applied for that user.
3689       */
3690      public static final String OP_ATTR_USER_SIZE_LIMIT =
3691           NAME_PREFIX_RLIM + "size-limit";
3692    
3693    
3694    
3695      /**
3696       * The name of the operational attribute that may be included in user
3697       * entries to specify a time limit to be applied for that user.
3698       */
3699      public static final String OP_ATTR_USER_TIME_LIMIT =
3700           NAME_PREFIX_RLIM + "time-limit";
3701    
3702    
3703    
3704      /**
3705       * The name of the operational attribute that may be included in user
3706       * entries to specify a lookthrough limit for that user.
3707       */
3708      public static final String OP_ATTR_USER_LOOKTHROUGH_LIMIT =
3709          NAME_PREFIX_RLIM + "lookthrough-limit";
3710    
3711    
3712    
3713      /**
3714       * The name of the attribute option used to indicate that a configuration
3715       * attribute has one or more pending values.
3716       */
3717      public static final String OPTION_PENDING_VALUES = "pending";
3718    
3719    
3720    
3721      /**
3722       * The path to the directory that should serve as the MakeLDIF resource
3723       * directory.  It is relative to the server root.
3724       */
3725      public static final String PATH_MAKELDIF_RESOURCE_DIR =
3726           "config" + File.separator + "MakeLDIF";
3727    
3728    
3729    
3730      /**
3731       * The path to the directory containing the server schema definitions.  It is
3732       * relative to the server root.
3733       */
3734      public static final String PATH_SCHEMA_DIR =
3735           "config" + File.separator + "schema";
3736    
3737    
3738    
3739      /**
3740       * The name (with no path information) of the file in the schema directory
3741       * that will contain user-defined schema definitions.
3742       */
3743      public static final String FILE_USER_SCHEMA_ELEMENTS = "99-user.ldif";
3744    
3745    
3746    
3747      /**
3748       * The name of the configuration attribute that indicates the log file
3749       * where the loggers will log the information.
3750       */
3751      public static final String ATTR_LOGGER_FILE =
3752             "ds-cfg-log-file";
3753    
3754    
3755    
3756      /**
3757       * The name of the configuration attribute that indicates the default
3758       * severity levels for the logger.
3759       */
3760      public static final String ATTR_LOGGER_DEFAULT_SEVERITY =
3761            "ds-cfg-default-severity";
3762    
3763    
3764    
3765      /**
3766       * The name of the configuration attribute that indicates the override
3767       * severity levels for the logger.
3768       */
3769      public static final String ATTR_LOGGER_OVERRIDE_SEVERITY =
3770            "ds-cfg-override-severity";
3771    
3772    
3773      /**
3774       * The name of the configuration attribute that indicates the backend database
3775       * location on disk.
3776       */
3777      public static final String ATTR_BACKEND_DIRECTORY =
3778           "ds-cfg-db-directory";
3779    
3780    
3781    
3782      /**
3783       * The name of the attribute which configures the file permission mode
3784       * for the database direction.
3785       */
3786      public static final String ATTR_BACKEND_MODE =
3787          "ds-cfg-db-directory-permissions";
3788    
3789    
3790    
3791      /**
3792       * The name of the file (with no path information) that will be used as the
3793       * backing file for holding the tasks defined in the Directory Server.
3794       */
3795      public static final String TASK_FILE_NAME = "tasks.ldif";
3796    
3797    
3798    
3799      /**
3800       * The string representation of the RDN that should be used for the entry that
3801       * is the immediate parent of all recurring task definitions in the server.
3802       */
3803      public static final String RECURRING_TASK_BASE_RDN = "cn=Recurring Tasks";
3804    
3805    
3806    
3807      /**
3808       * The string representation of the RDN that should be used for the entry that
3809       * is the immediate parent of all scheduled task definitions in the server.
3810       */
3811      public static final String SCHEDULED_TASK_BASE_RDN = "cn=Scheduled Tasks";
3812    
3813    
3814    
3815      /**
3816       * The name of the objectclass that will be used for a Directory Server
3817       * import task definition.
3818       */
3819      public static final String OC_IMPORT_TASK = NAME_PREFIX_TASK + "import";
3820    
3821    
3822    
3823      /**
3824       * The name of the attribute in an import task definition that specifies the
3825       * path to the file containing the LDIF data to import.
3826       */
3827      public static final String ATTR_IMPORT_LDIF_FILE =
3828           NAME_PREFIX_TASK + "import-ldif-file";
3829    
3830    
3831    
3832      /**
3833       * The name of the attribute in an import task definition that specifies
3834       * whether the import process should append to the existing database rather
3835       * than overwriting it.
3836       */
3837      public static final String ATTR_IMPORT_APPEND =
3838           NAME_PREFIX_TASK + "import-append";
3839    
3840    
3841    
3842      /**
3843       * The name of the attribute in an import task definition that specifies
3844       * whether an existing entry should be replaced when appending to an existing
3845       * database.
3846       */
3847      public static final String ATTR_IMPORT_REPLACE_EXISTING =
3848           NAME_PREFIX_TASK + "import-replace-existing";
3849    
3850    
3851    
3852      /**
3853       * The name of the attribute in an import task definition that specifies the
3854       * backend ID for the backend into which the date should be imported.
3855       */
3856      public static final String ATTR_IMPORT_BACKEND_ID =
3857           NAME_PREFIX_TASK + "import-backend-id";
3858    
3859    
3860    
3861      /**
3862       * The name of the attribute in an import task definition that specifies the
3863       * base DN of a branch that should be included in the LDIF import.
3864       */
3865      public static final String ATTR_IMPORT_INCLUDE_BRANCH =
3866           NAME_PREFIX_TASK + "import-include-branch";
3867    
3868    
3869    
3870      /**
3871       * The name of the attribute in an import task definition that specifies the
3872       * base DN of a branch that should be excluded from the LDIF import.
3873       */
3874      public static final String ATTR_IMPORT_EXCLUDE_BRANCH =
3875           NAME_PREFIX_TASK + "import-exclude-branch";
3876    
3877    
3878    
3879      /**
3880       * The name of the attribute in an import task definition that specifies an
3881       * attribute that should be included in the LDIF import.
3882       */
3883      public static final String ATTR_IMPORT_INCLUDE_ATTRIBUTE =
3884           NAME_PREFIX_TASK + "import-include-attribute";
3885    
3886    
3887    
3888      /**
3889       * The name of the attribute in an import task definition that specifies an
3890       * attribute that should be excluded from the LDIF import.
3891       */
3892      public static final String ATTR_IMPORT_EXCLUDE_ATTRIBUTE =
3893           NAME_PREFIX_TASK + "import-exclude-attribute";
3894    
3895    
3896    
3897      /**
3898       * The name of the attribute in an import task definition that specifies
3899       * a search filter that may be used to control which entries are included
3900       * in the import.
3901       */
3902      public static final String ATTR_IMPORT_INCLUDE_FILTER =
3903           NAME_PREFIX_TASK + "import-include-filter";
3904    
3905    
3906    
3907      /**
3908       * The name of the attribute in an import task definition that specifies
3909       * a search filter that may be used to control which entries are excluded
3910       * from the import.
3911       */
3912      public static final String ATTR_IMPORT_EXCLUDE_FILTER =
3913           NAME_PREFIX_TASK + "import-exclude-filter";
3914    
3915    
3916    
3917      /**
3918       * The name of the attribute in an import task definition that specifies
3919       * the path to a file into which rejected entries may be written if they
3920       * are not accepted during the import process.
3921       */
3922      public static final String ATTR_IMPORT_REJECT_FILE =
3923           NAME_PREFIX_TASK + "import-reject-file";
3924    
3925    
3926      /**
3927       * The name of the attribute in an import task definition that specifies
3928       * the path to a file into which skipped entries may be written if they
3929       * do not match criteria during the import process.
3930       */
3931      public static final String ATTR_IMPORT_SKIP_FILE =
3932           NAME_PREFIX_TASK + "import-skip-file";
3933    
3934    
3935      /**
3936       * The name of the attribute in an import task definition that specifies
3937       * whether to overwrite an existing rejects and/or skip file when performing
3938       * an LDIF import rather than appending to it.
3939       */
3940      public static final String ATTR_IMPORT_OVERWRITE =
3941           NAME_PREFIX_TASK + "import-overwrite-rejects";
3942    
3943    
3944      /**
3945       * The name of the attribute in an import task definition that specifies
3946       * whether to skip schema validation during the import.
3947       */
3948      public static final String ATTR_IMPORT_SKIP_SCHEMA_VALIDATION =
3949           NAME_PREFIX_TASK + "import-skip-schema-validation";
3950    
3951    
3952    
3953      /**
3954       * The name of the attribute in an import task definition that specifies
3955       * whether the LDIF file containing the data to import is compressed.
3956       */
3957      public static final String ATTR_IMPORT_IS_COMPRESSED =
3958           NAME_PREFIX_TASK + "import-is-compressed";
3959    
3960    
3961    
3962      /**
3963       * The name of the attribute in an import task definition that specifies
3964       * whether the LDIF file containing the data to import is encrypted.
3965       */
3966      public static final String ATTR_IMPORT_IS_ENCRYPTED =
3967           NAME_PREFIX_TASK + "import-is-encrypted";
3968    
3969    
3970      /**
3971       * The name of the objectclass that will be used for a Directory Server
3972       * initialize task definition.
3973       */
3974      public static final String OC_INITIALIZE_TASK =
3975        NAME_PREFIX_TASK + "initialize-from-remote-replica";
3976    
3977      /**
3978       * The name of the attribute in an initialize task definition that specifies
3979       * the base dn related to the synchonization domain to initialize.
3980       */
3981      public static final String ATTR_TASK_INITIALIZE_DOMAIN_DN =
3982           NAME_PREFIX_TASK + "initialize-domain-dn";
3983    
3984      /**
3985       * The name of the attribute in an initialize target task definition that
3986       * specifies the source in terms of source server from which to initialize.
3987       */
3988      public static final String ATTR_TASK_INITIALIZE_SOURCE =
3989           NAME_PREFIX_TASK + "initialize-replica-server-id";
3990    
3991      /**
3992       * The name of the objectclass that will be used for a Directory Server
3993       * initialize target task definition.
3994       */
3995      public static final String OC_INITIALIZE_TARGET_TASK =
3996        NAME_PREFIX_TASK + "initialize-remote-replica";
3997    
3998      /**
3999       * The name of the attribute in an initialize target task definition that
4000       * specifies the base dn related to the synchonization domain to initialize.
4001       */
4002      public static final String ATTR_TASK_INITIALIZE_TARGET_DOMAIN_DN =
4003           NAME_PREFIX_TASK + "initialize-domain-dn";
4004    
4005      /**
4006       * The name of the attribute in an initialize target task definition that
4007       * specifies the scope in terms of servers to initialize.
4008       */
4009      public static final String ATTR_TASK_INITIALIZE_TARGET_SCOPE =
4010           NAME_PREFIX_TASK + "initialize-replica-server-id";
4011    
4012      /**
4013       * The name of the attribute in an initialize target task definition that
4014       * specifies the scope in terms of servers to initialize.
4015       */
4016      public static final String ATTR_TASK_INITIALIZE_LEFT =
4017           NAME_PREFIX_TASK + "unprocessed-entry-count";
4018    
4019      /**
4020       * The name of the attribute in an initialize target task definition that
4021       * specifies the scope in terms of servers to initialize.
4022       */
4023      public static final String ATTR_TASK_INITIALIZE_DONE =
4024           NAME_PREFIX_TASK + "processed-entry-count";
4025    
4026    
4027      /**
4028       * The name of the objectclass that will be used for a Directory Server
4029       * export task definition.
4030       */
4031      public static final String OC_EXPORT_TASK = NAME_PREFIX_TASK + "export";
4032    
4033    
4034    
4035      /**
4036       * The name of the attribute in an export task definition that specifies the
4037       * path to the file to which the LDIF data should be written.
4038       */
4039      public static final String ATTR_TASK_EXPORT_LDIF_FILE =
4040           NAME_PREFIX_TASK + "export-ldif-file";
4041    
4042    
4043    
4044      /**
4045       * The name of the attribute in an export task definition that specifies
4046       * whether the export process should append to an existing LDIF file rather
4047       * than overwrite it.
4048       */
4049      public static final String ATTR_TASK_EXPORT_APPEND_TO_LDIF =
4050           NAME_PREFIX_TASK + "export-append-to-ldif";
4051    
4052    
4053    
4054      /**
4055       * The name of the attribute in an export task definition that specifies the
4056       * backend ID for the backend from which the data should be exported.
4057       */
4058      public static final String ATTR_TASK_EXPORT_BACKEND_ID =
4059           NAME_PREFIX_TASK + "export-backend-id";
4060    
4061    
4062    
4063      /**
4064       * The name of the attribute in an export task definition that specifies the
4065       * base DN of a branch that should be included in the LDIF export.
4066       */
4067      public static final String ATTR_TASK_EXPORT_INCLUDE_BRANCH =
4068           NAME_PREFIX_TASK + "export-include-branch";
4069    
4070    
4071    
4072      /**
4073       * The name of the attribute in an export task definition that specifies the
4074       * base DN of a branch that should be excluded from the LDIF export.
4075       */
4076      public static final String ATTR_TASK_EXPORT_EXCLUDE_BRANCH =
4077           NAME_PREFIX_TASK + "export-exclude-branch";
4078    
4079    
4080    
4081      /**
4082       * The name of the attribute in an export task definition that specifies an
4083       * attribute that should be included in the LDIF export.
4084       */
4085      public static final String ATTR_TASK_EXPORT_INCLUDE_ATTRIBUTE =
4086           NAME_PREFIX_TASK + "export-include-attribute";
4087    
4088    
4089    
4090      /**
4091       * The name of the attribute in an export task definition that specifies an
4092       * attribute that should be excluded from the LDIF export.
4093       */
4094      public static final String ATTR_TASK_EXPORT_EXCLUDE_ATTRIBUTE =
4095           NAME_PREFIX_TASK + "export-exclude-attribute";
4096    
4097    
4098    
4099      /**
4100       * The name of the attribute in an export task definition that specifies
4101       * a search filter that may be used to control which entries are included
4102       * in the export.
4103       */
4104      public static final String ATTR_TASK_EXPORT_INCLUDE_FILTER =
4105           NAME_PREFIX_TASK + "export-include-filter";
4106    
4107    
4108    
4109      /**
4110       * The name of the attribute in an export task definition that specifies
4111       * a search filter that may be used to control which entries are excluded
4112       * from the export.
4113       */
4114      public static final String ATTR_TASK_EXPORT_EXCLUDE_FILTER =
4115           NAME_PREFIX_TASK + "export-exclude-filter";
4116    
4117    
4118    
4119      /**
4120       * The name of the attribute in an export task definition that specifies
4121       * the column at which long lines should be wrapped.
4122       */
4123      public static final String ATTR_TASK_EXPORT_WRAP_COLUMN =
4124           NAME_PREFIX_TASK + "export-wrap-column";
4125    
4126      /**
4127       * The name of the attribute in an export task definition that specifies
4128       * that operational attributes have to be included.
4129       */
4130      public static final String ATTR_TASK_EXPORT_INCLUDE_OPERATIONAL_ATTRIBUTES =
4131           NAME_PREFIX_TASK + "export-include-operational-attributes";
4132    
4133    
4134      /**
4135       * The name of the attribute in an export task definition that specifies
4136       * whether the LDIF data should be compressed as it is exported.
4137       */
4138      public static final String ATTR_TASK_EXPORT_COMPRESS_LDIF =
4139           NAME_PREFIX_TASK + "export-compress-ldif";
4140    
4141    
4142    
4143      /**
4144       * The name of the attribute in an export task definition that specifies
4145       * whether the LDIF data should be encrypted as it is exported.
4146       */
4147      public static final String ATTR_TASK_EXPORT_ENCRYPT_LDIF =
4148           NAME_PREFIX_TASK + "export-encrypt-ldif";
4149    
4150    
4151    
4152      /**
4153       * The name of the attribute in an export task definition that specifies
4154       * whether a signed hash of the export data should be appended to the LDIF
4155       * file.
4156       */
4157      public static final String ATTR_TASK_EXPORT_SIGN_HASH =
4158           NAME_PREFIX_TASK + "export-sign-hash";
4159    
4160    
4161    
4162      /**
4163       * The name of the objectclass that will be used for a Directory Server
4164       * restore task definition.
4165       */
4166      public static final String OC_RESTORE_TASK = NAME_PREFIX_TASK + "restore";
4167    
4168    
4169    
4170      /**
4171       * The name of the attribute in a restore task definition that specifies
4172       * whether the contents of the backup should be verified but not restored.
4173       */
4174      public static final String ATTR_TASK_RESTORE_VERIFY_ONLY =
4175           NAME_PREFIX_TASK + "restore-verify-only";
4176    
4177    
4178    
4179      /**
4180       * The name of the objectclass that will be used for a Directory Server
4181       * backup task definition.
4182       */
4183      public static final String OC_BACKUP_TASK = NAME_PREFIX_TASK + "backup";
4184    
4185    
4186    
4187      /**
4188       * The name of the attribute in a backup task definition that specifies
4189       * the backend ID for a backend that should be archived.
4190       */
4191      public static final String ATTR_TASK_BACKUP_BACKEND_ID =
4192           NAME_PREFIX_TASK + "backup-backend-id";
4193    
4194    
4195    
4196      /**
4197       * The name of the attribute in a backup task definition that specifies
4198       * whether all backends defined in the server should be backed up.
4199       */
4200      public static final String ATTR_TASK_BACKUP_ALL =
4201           NAME_PREFIX_TASK + "backup-all";
4202    
4203    
4204    
4205      /**
4206       * The name of the attribute in a backup task definition that specifies
4207       * whether to generate and incremental backup or a full backup.
4208       */
4209      public static final String ATTR_TASK_BACKUP_INCREMENTAL =
4210           NAME_PREFIX_TASK + "backup-incremental";
4211    
4212    
4213    
4214      /**
4215       * The name of the attribute in a backup task definition that specifies
4216       * the backup ID of the backup against which an incremental backup should
4217       * be taken.
4218       */
4219      public static final String ATTR_TASK_BACKUP_INCREMENTAL_BASE_ID =
4220           NAME_PREFIX_TASK + "backup-incremental-base-id";
4221    
4222    
4223    
4224      /**
4225       * The name of the attribute in a backup task definition that specifies
4226       * whether the backup file(s) should be compressed.
4227       */
4228      public static final String ATTR_TASK_BACKUP_COMPRESS =
4229           NAME_PREFIX_TASK + "backup-compress";
4230    
4231    
4232    
4233      /**
4234       * The name of the attribute in a backup task definition that specifies
4235       * whether the backup file(s) should be compressed.
4236       */
4237      public static final String ATTR_TASK_BACKUP_ENCRYPT =
4238           NAME_PREFIX_TASK + "backup-encrypt";
4239    
4240    
4241    
4242      /**
4243       * The name of the attribute in a backup task definition that specifies
4244       * whether to generate a hash of the backup file(s) for integrity
4245       * verification during restore.
4246       */
4247      public static final String ATTR_TASK_BACKUP_HASH =
4248           NAME_PREFIX_TASK + "backup-hash";
4249    
4250    
4251    
4252      /**
4253       * The name of the attribute in a backup task definition that specifies
4254       * whether the hash of the archive file(s) should be digitally signed to
4255       * provide tamper detection.
4256       */
4257      public static final String ATTR_TASK_BACKUP_SIGN_HASH =
4258           NAME_PREFIX_TASK + "backup-sign-hash";
4259      /**
4260       * The name of the attribute in the add schema file task definition that
4261       * specifies the name of the schema file to be added.
4262       */
4263      public static final String ATTR_TASK_ADDSCHEMAFILE_FILENAME =
4264           NAME_PREFIX_TASK + "schema-file-name";
4265    
4266    
4267      /**
4268       * The name of the attribute in a debug target configuration for a debug
4269       * logger that specifies the scope of the debug target.
4270       */
4271      public static final String ATTR_LOGGER_DEBUG_SCOPE =
4272          NAME_PREFIX_TASK + "debug-scope";
4273    
4274      /**
4275       * The name of the attribute in a logger configuration that spcifies the
4276       * log level.
4277       */
4278      public static final String ATTR_LOGGER_LEVEL =
4279          NAME_PREFIX_TASK + "log-level";
4280    
4281      /**
4282       * The name of the attribute in a logger configuration that specifies
4283       * whether to asyncornously writes log records to disk.
4284       */
4285      public static final String ATTR_LOGGER_ASYNC_WRITE =
4286          NAME_PREFIX_TASK + "async-write";
4287    
4288    
4289      /**
4290       * The name of the attribute in an rebuild task definition that specifies the
4291       * base DN of the indexes to do the rebuild in.
4292       */
4293      public static final String ATTR_REBUILD_BASE_DN =
4294           NAME_PREFIX_TASK + "rebuild-base-dn";
4295    
4296    
4297      /**
4298       * The name of the attribute in an rebuild task definition that specifies the
4299       * indexes to rebuild.
4300       */
4301      public static final String ATTR_REBUILD_INDEX =
4302           NAME_PREFIX_TASK + "rebuild-index";
4303    
4304    
4305      /**
4306       * The name of the attribute in an rebuild task definition that specifies the
4307       * maximum number of threads.
4308       */
4309      public static final String ATTR_REBUILD_MAX_THREADS =
4310           NAME_PREFIX_TASK + "rebuild-max-threads";
4311    
4312      /**
4313       * The name of the objectclass that will be used for a Directory Server
4314       * reset generationId task definition.
4315       */
4316      public static final String OC_RESET_GENERATION_ID_TASK =
4317           NAME_PREFIX_TASK + "reset-generation-id";
4318    
4319    
4320      /**
4321       * The name of the attribute containing the baseDn related to the replication
4322       * domain to which applies the task.
4323       */
4324      public static final String ATTR_TASK_SET_GENERATION_ID_DOMAIN_DN =
4325        OC_RESET_GENERATION_ID_TASK + "-domain-base-dn";
4326    
4327      /**
4328       * The name of the attribute containing the new value of the generation ID
4329       * related to the replication domain to which applies the task.
4330       */
4331      public static final String ATTR_TASK_SET_GENERATION_ID_NEW_VALUE =
4332        OC_RESET_GENERATION_ID_TASK + "-new-value";
4333    
4334      /**
4335       * The name of the attribute in an import task definition that specifies
4336       * whether the backend should be cleared before the import.
4337       */
4338      public static final String ATTR_IMPORT_CLEAR_BACKEND =
4339           NAME_PREFIX_TASK + "import-clear-backend";
4340    }
4341