UnboundID LDAP SDK for Java

LDAP SDK Home Page
Product Information
LDAP Specifications

LDAP Specifications Defined in RFCs

This page provides a listing of a number of LDAP-related specifications that are defined in RFCs. Note that some of these specifications are obsolete, and are no longer recommended for use. In addition, some of these specifications are not widely implemented in or supported by LDAP servers and/or clients. Before attempting to use any of these specifications, check the capabilities of your LDAP directory server and/or clients.



RFCs Defining the LDAP Protocol and Other Core Specifications

  • RFC 2849: The LDAP Data Interchange Format (LDIF) - Technical Specification

  • RFC 3296: Named Subordinate References in Lightweight Directory Access Protocol (LDAP) Directories

  • RFC 3671: Collective Attributes in the Lightweight Directory Access Protocol (LDAP)

  • RFC 3672: Subentries in the Lightweight Directory Access Protocol (LDAP)

  • RFC 3673: Lightweight Directory Access Protocol version 3 (LDAPv3): All Operational Attributes

  • RFC 3866: Language Tags and Ranges in the Lightweight Directory Access Protocol (LDAP)
    Obsoletes: RFC 2596

  • RFC 4511: Lightweight Directory Access Protocol (LDAP): The Protocol
    Obsoletes: RFC 2251, RFC 2830, RFC 3771

  • RFC 4512: Lightweight Directory Access Protocol (LDAP): Directory Information Models
    Obsoletes: RFC 2251, RFC 2252, RFC 2256, RFC 3674

  • RFC 4513: Lightweight Directory Access Protocol (LDAP): Authentication Methods and Security Mechanisms
    Obsoletes: RFC 2251, RFC 2829, RFC 2830

  • RFC 4514: Lightweight Directory Access Protocol (LDAP): String Representation of Distinguished Names
    Obsoletes: RFC 2253

  • RFC 4515: Lightweight Directory Access Protocol (LDAP): String Representation of Search Filters
    Obsoletes: RFC 2254

  • RFC 4516: Lightweight Directory Access Protocol (LDAP): Uniform Resource Locator
    Obsoletes: RFC 2255

  • RFC 4518: Lightweight Directory Access Protocol (LDAP): Internationalized String Preparation

  • RFC 4522: Lightweight Directory Access Protocol (LDAP): The Binary Encoding Option

  • RFC 4525: Lightweight Directory Access Protocol (LDAP) Modify-Increment Extension

  • RFC 4526: Lightweight Directory Access Protocol (LDAP) Absolute True and False Filters

  • RFC 4529: Requesting Attributes by Object Class in the Lightweight Directory Access Protocol



RFCs Containing Informational Documents, Recommendations, and Best Practices



RFCs Defining Controls and Extended Operations

  • RFC 2589: Lightweight Directory Access Protocol (v3): Extensions for Dynamic Directory Services

  • RFC 2649: An LDAP Control and Schema for Holding Operation Signatures

  • RFC 2696: LDAP Control Extension for Simple Paged Results Manipulation

  • RFC 2891: LDAP Control Extension for Server Side Sorting of Search Results

  • RFC 3062: LDAP Password Modify Extended Operation

  • RFC 3829: Lightweight Directory Access Protocol (LDAP) Authorization Identity Request and Response Controls

  • RFC 3876: Returning Matched Values with the Lightweight Directory Access Protocol version 3 (LDAPv3)

  • RFC 3909: Lightweight Directory Access Protocol (LDAP) Cancel Operation

  • RFC 3928: Lightweight Directory Access Protocol (LDAP) Client Update Protocol

  • RFC 4370: Lightweight Directory Access Protocol (LDAP) Proxied Authorization Control

  • RFC 4373: Lightweight Directory Access Protocol (LDAP) Bulk Update/Replication Protocol (LBURP)

  • RFC 4527: Lightweight Directory Access Protocol (LDAP) Read Entry Controls

  • RFC 4528: Lightweight Directory Access Protocol (LDAP) Assertion Control

  • RFC 4531: Lightweight Directory Access Protocol (LDAP) Turn Operation

  • RFC 4532: Lightweight Directory Access Protocol (LDAP) "Who am I?" Operation

  • RFC 4533: The Lightweight Directory Access Protocol (LDAP) Content Synchronization Operation

  • RFC 5805: Lightweight Directory Access Protocol (LDAP) Transactions

  • RFC 6171: The Lightweight Directory Access Protocol (LDAP) Don't Use Copy Control



RFCs Defining Core LDAP Schema



RFCs Containing Additional LDAP Schema Definitions

  • RFC 2079: Definition of an X.500 Attribute Type and an Object Class to Hold Uniform Resource Identifiers (URIs)

  • RFC 2307: An Approach for Using LDAP as a Network Information Service

  • RFC 2713: Schema for Representing Java(tm) Objects in an LDAP Directory

  • RFC 2714: Schema for Representing CORBA Objects in an LDAP Directory

  • RFC 2739: Calendar Attributes for vCard and LDAP

  • RFC 3641: Generic String Encoding Rules (GSER) for ASN.1 Types
    Updated by: RFC 4792

  • RFC 3642: Common Elements of Generic String Encoding Rules (GSER) Encodings

  • RFC 3703: Policy Core Lightweight Directory Access Protocol (LDAP) Schema
    Updated by: RFC 4104

  • RFC 3712: Lightweight Directory Access Protocol (LDAP): Schema for Printer Services

  • RFC 3727: ASN.1 Module Definition for the LDAP and X.500 Component Matching Rules

  • RFC 4104: Policy Core Extension Lightweight Directory Access Protocol Schema (PCELS)
    Updates: RFC 3703

  • RFC 4403: Lightweight Directory Access Protocol (LDAP) Schema for Universal Description, Discovery, and Integration version 3 (UDDIv3)

  • RFC 4523: Lightweight Directory Access Protocol (LDAP) Schema Definitions for X.509 Certificates
    Obsoletes: RFC 2252, RFC 2256, RFC 2587

  • RFC 4792: Encoding Instructions for the Generic String Encoding Rules (GSER)
    Updates: RFC 3641

  • RFC 4876: A Configuration Profile Schema for Lightweight Directory Access Protocol (LDAP)-Based Agents

  • RFC 5803: Lightweight Directory Access Protocol (LDAP) Schema for Storing Salted Challenge Response Authentication Mechanism (SCRAM) Secrets



RFCs Containing Other Specifications Commonly Used in Conjunction with LDAP

  • RFC 1321: The MD5 Message-Digest Algorithm
    Updated by: RFC 6151

  • RFC 2104: HMAC: Keyed-Hashing for Message Authentication
    Updated by: RFC 6151

  • RFC 2605: Directory Server Monitoring MIB
    Obsoletes: RFC 1567

  • RFC 2808: The SecurID(r) SASL Mechanism

  • RFC 2831: Using Digest Authentication as a SASL Mechanism
    Obsoleted by: RFC 6331

  • RFC 3174: US Secure Hash Algorithm 1 (SHA1)
    Updated by: RFC 4634, RFC 6234

  • RFC 3454: Preparation of Internationalized Strings ("stringprep")

  • RFC 4013: SASLprep: Stringprep Profile for User Names and Passwords

  • RFC 4122: A Universally Unique IDentifier (UUID) URN Resource

  • RFC 4422: Simple Authentication and Security Layer (SASL)
    Obsoletes: RFC 2222

  • RFC 4505: Anonymous Simple Authentication and Security Layer (SASL) Mechanism
    Obsoletes: RFC 2245

  • RFC 4616: The PLAIN Simple Authentication and Security Layer (SASL) Mechanism

  • RFC 4648: The Base16, Base32, and Base64 Data Encodings

  • RFC 4752: The Kerberos V5 ("GSSAPI") Simple Authentication and Security Layer (SASL) Mechanism
    Obsoletes: RFC 2222

  • RFC 5802: Salted Challenge Response Authentication Mechanism (SCRAM) SASL and GSS-API Mechanisms

  • RFC 6151: Updated Security Considerations for the MD5 Message-Digest and the HMAC-MD5 Algorithms
    Updates: RFC 1321, RFC 2104

  • RFC 6234: US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF)
    Updates: RFC 3174
    Obsoletes: RFC 4634

  • RFC 6331: Moving DIGEST-MD5 to Historic
    Obsoletes: RFC 2831

  • RFC 6595: A Simple Authentication and Security Layer (SASL) and GSS-API Mechanism for the Security Assertion Markup Language (SAML)



Obsolete RFCs Provided for Informational Purposes