Work in progress
This site is in the process of being reviewed and updated.
Introduction
From RFC 4517 :
"Matching rules are used by directory implementations to compare attribute values against assertion values when performing Search and Compare operations RFC4511. They are also used when comparing a purported distinguished name RFC4512 with the name of an entry. When modifying entries, matching rules are used to identify values to be deleted and to prevent an attribute from containing two equal values."
Some MatchingRules are mandatory, other may be user defined.
ADS implementation
The current checking is done through normalizers and comparators in ADS. In RFC, comparators are named matchers, but we will keep talking about comparators, for clarity sake. (basically, matcher = comparator).
The procedure is that a value is first normalized and then compared using the correct matcher. Values stored into the server are already normalized, except those which has not associated with an indexed attribute
There were a discussion about the idea of storing values in both form for non indexed attributes. The advantage would be to avoid a normalization of those values each time we do a full scan. The drawback is that we will store each of those elements twice, and further more, the deserialization will be must costly, because we will have to read much more data from disk (2x more). But there is a slight optimization we could implement : a Normalized Master table, where all the entries are stored normalized. We will use this master table to do the search, and once we have found the value, we pick the original entries from the original master table... Quite complicated for an hypothetic optimization, so it needs to be tested before being implemented.
RFC 4518 Preparation
Many MatchingRules are to be applied on string values, and thos values must be mofied before we can applye the corresponding matchingRule. This peparation is described in RFC 4518.
In the next table, the matchingRule on which we should apply the preparation is marked with a
Mandatory MatchingRules
The following table describes the mandatory MatchingRules implemented in ADS for the core schema.
name |
OID |
Description |
RFC4518 |
Implemented |
Class |
---|---|---|---|---|---|
bitstringmatch |
2.5.13.16 |
RFC 4517, Chap 4.2.1 |
|
|
ComparableComparator |
booleanMatch |
2.5.13.13 |
RFC 4517, Chap 4.2.2 |
|
|
ComparableComparator |
caseExactIA5Match |
1.3.6.1.4.1.1466.109.114.1 |
RFC 4517, Chap 4.2.3 |
|
|
DeepTrimCachingNormalizingComparator |
caseExactMatch |
2.5.13.5 |
RFC 4517, Chap 4.2.4 |
|
|
DeepTrimCachingNormalizingComparator |
caseExactOrderingMatch |
2.5.13.6 |
RFC 4517, Chap 4.2.5 |
|
|
ComparableComparator |
caseExactSubstringsMatch |
2.5.13.7 |
RFC 4517, Chap 4.2.6 |
|
|
DeepTrimCachingNormalizingComparator |
caseIgnoreIA5Match |
1.3.6.1.4.1.1466.109.114.2 |
RFC 4517, Chap 4.2.7 |
|
|
DeepTrimToLowerCachingNormalizingComparator |
caseIgnoreIA5SubstringsMatch |
1.3.6.1.4.1.1466.109.114.3 |
RFC 4517, Chap 4.2.8 |
|
|
DeepTrimToLowerCachingNormalizingComparator |
caseIgnoreListMatch |
2.5.13.11 |
RFC 4517, Chap 4.2.9 |
|
|
DeepTrimToLowerCachingNormalizingComparator |
caseIgnoreListSubstringsMatch |
2.5.13.12 |
RFC 4517, Chap 4.2.10 |
|
|
DeepTrimToLowerCachingNormalizingComparator |
caseIgnoreMatch |
2.5.13.2 |
RFC 4517, Chap 4.2.11 |
|
|
DeepTrimToLowerCachingNormalizingComparator |
caseIgnoreOrderingMatch |
2.5.13.3 |
RFC 4517, Chap 4.2.12 |
|
|
DeepTrimToLowerCachingNormalizingComparator |
caseIgnoreSubstringsMatch |
2.5.13.4 |
RFC 4517, Chap 4.2.13 |
|
|
DeepTrimToLowerCachingNormalizingComparator |
directoryStringFirstComponentMatch |
2.5.13.31 |
RFC 4517, Chap 4.2.14 |
|
|
ComparableComparator |
distinguishedNameMatch |
2.5.13.1 |
RFC 4517, Chap 4.2.15 |
|
|
DnComparator |
generalizedTimeMatch |
2.5.13.27 |
RFC 4517, Chap 4.2.16 |
|
|
ComparableComparator |
generalizedTimeOrderingMatch |
2.5.13.28 |
RFC 4517, Chap 4.2.17 |
|
|
ComparableComparator |
integerFirstComponentMatch |
2.5.13.29 |
RFC 4517, Chap 4.2.18 |
|
|
ComparableComparator |
integerMatch |
2.5.13.14 |
RFC 4517, Chap 4.2.19 |
|
|
ComparableComparator |
integerOrderingMatch |
2.5.13.15 |
RFC 4517, Chap 4.2.20 |
|
|
IntegerOrderingComparator |
keywordMatch |
2.5.13.33 |
RFC 4517, Chap 4.2.21 |
|
|
ComparableComparator |
numericStringMatch |
2.5.13.8 |
RFC 4517, Chap 4.2.22 |
|
|
ComparableComparator |
numericStringOrderingMatch |
2.5.13.9 |
RFC 4517, Chap 4.2.23 |
|
|
ComparableComparator- |
numericStringSubstringsMatch |
2.5.13.10 |
RFC 4517, Chap 4.2.24 |
|
|
ComparableComparator |
objectIdentifierFirstComponentMatch |
2.5.13.30 |
RFC 4517, Chap 4.2.25 |
|
|
ComparableComparator |
objectIdentifierMatch |
2.5.13.0 |
RFC 4517, Chap 4.2.26 |
|
|
ObjectIdentifierComparator |
octetStringMatch |
2.5.13.17 |
RFC 4517, Chap 4.2.27 |
|
|
ByteArrayComparator |
octetStringOrderingMatch |
2.5.13.18 |
RFC 4517, Chap 4.2.28 |
|
|
ByteArrayComparator |
octetStringSubstringMatch |
2.5.13.19 |
RFC 3698 |
|
|
ByteArrayComparator |
presentationAddressMatch |
2.5.13.22 |
RFC 2252 |
|
|
ComparableComparator |
protocolInformationMatch |
2.5.13.24 |
RFC 2252 |
|
|
ComparableComparator |
telephoneNumberMatch |
2.5.13.20 |
RFC 4517, Chap 4.2.29 |
|
|
TelephoneNumberComparator |
telephoneNumberSubstringsMatch |
2.5.13.21 |
RFC 4517, Chap 4.2.30 |
|
|
ComparableComparator |
uniqueMemberMatch |
2.5.13.23 |
RFC 4517, Chap 4.2.31 |
|
|
NameAndOptionalUIDComparator |
wordMatch |
2.5.13.32 |
RFC 4517, Chap 4.2.32 |
|
|
ComparableComparator |
exactDnAsStringMatch |
1.3.6.1.4.1.18060.0.4.1.1.1 |
Apache |
|
|
ComparableComparator |
bigIntegerMatch |
1.3.6.1.4.1.18060.0.4.1.1.2 |
Apache |
|
|
LongComparator |
jdbmStringMatch |
1.3.6.1.4.1.18060.0.4.1.1.3 |
Apache |
|
|
StringComparator |
uuidMatch |
1.3.6.1.1.16.2 |
RFC 4530, Chap 2.2 |
|
|
UUIDComparator |
uuidOrderingMatch |
1.3.6.1.1.16.3 |
RFC 4530, Chap 2.3 |
|
|
UUIDComparator |
CSNMatch |
1.3.6.1.4.1.4203.666.11.2.2 |
|
|
CsnComparator |
|
CSNOrderingMatch |
1.3.6.1.4.1.4203.666.11.2.3 |
|
|
CsnComparator |
|
CSNSIDMatch |
1.3.6.1.4.1.4203.666.11.2.5 |
|
|
CsnSidComparator |
|
nameOrNumericIdMatch |
1.3.6.1.4.1.18060.0.4.0.1.0 |
Apache meta |
|
|
NameOrNumericIdComparator |
objectClassTypeMatch |
1.3.6.1.4.1.18060.0.4.0.1.1 |
Apache meta |
|
|
ObjectClassTypeComparator |
numericOidMatch |
1.3.6.1.4.1.18060.0.4.0.1.2 |
Apache meta |
|
|
StringComparator |
supDITStructureRuleMatch |
1.3.6.1.4.1.18060.0.4.0.1.3 |
Apache meta |
|
|
DeepTrimToLowerNormalizingComparator |
ruleIDMatch |
1.3.6.1.4.1.18060.0.4.0.1.4 |
Apache meta |
|
|
DeepTrimToLowerNormalizingComparator |
comparatorMatch |
1.3.6.1.4.1.18060.0.4.1.1.5 |
Apache |
|
|
objectIdentifierFirstComponentComparator |
normalizerMatch |
1.3.6.1.4.1.18060.0.4.1.1.6 |
Apache |
|
|
objectIdentifierFirstComponentComparator |
syntaxCheckerMatch |
1.3.6.1.4.1.18060.0.4.1.1.7 |
Apache |
|
|
objectIdentifierFirstComponentComparator |