• compareResult: boolean
  Indicates the result of LDAP compare operation.
• msgType(required): string
  Allowed Values: [ "urn:ietf:params:rest:schemas:oracle:oud:1.0:SearchResponse", "urn:ietf:params:rest:schemas:oracle:oud:1.0:DeleteResponse", "urn:ietf:params:rest:schemas:oracle:oud:1.0:CompareResponse" ]

  The REST message type
• searchResultEntries(required): array searchResultEntries
  Number of search result entries returned after the LDAP operation.
• totalResults(required): integer(int32)
  Specifies the number of entries created, and returned.

{
    "type":"object",
    "required":[
        "msgType",
        "totalResults",
        "searchResultEntries"
    ],
    "properties":{
        "msgType":{
            "description":"The REST message type",
            "type":"string",
            "enum":[
                "urn:ietf:params:rest:schemas:oracle:oud:1.0:SearchResponse",
                "urn:ietf:params:rest:schemas:oracle:oud:1.0:DeleteResponse",
                "urn:ietf:params:rest:schemas:oracle:oud:1.0:CompareResponse"
            ]
        },
        "totalResults":{
            "type":"integer",
            "format":"int32",
            "description":"Specifies the number of entries created, and returned."
        },
        "searchResultEntries":{
            "type":"array",
            "description":"Number of search result entries returned after the LDAP operation.",
            "items":{
                "$ref":"#/definitions/Global Configuration SearchResultEntry"
            }
        },
        "compareResult":{
            "description":"Indicates the result of LDAP compare operation.",
            "type":"boolean"
        }
    }
}

• Array of: object Global Configuration SearchResultEntry

{
    "type":"array",
    "description":"Number of search result entries returned after the LDAP operation.",
    "items":{
        "$ref":"#/definitions/Global Configuration SearchResultEntry"
    }
}

• attributes(required): object Global Configuration Properties
• dn(required): string
  LDAP DN of the entry to be created

{
    "type":"object",
    "required":[
        "dn",
        "attributes"
    ],
    "properties":{
        "dn":{
            "description":"LDAP DN of the entry to be created",
            "type":"string"
        },
        "attributes":{
            "$ref":"#/definitions/Global Configuration Properties"
        }
    }
}

• cn: string
  CN (common name) of the entry
• ds-cfg-add-missing-rdn-attributes: boolean
  Default Value: true

  Indicates whether the Directory Server should automatically add any attribute values contained in the entry's RDN into that entry when processing an add request.
• ds-cfg-allow-attribute-name-exceptions: boolean
  Default Value: false

  Indicates whether the Directory Server should allow underscores in attribute names and allow attribute names to begin with numeric digits (both of which are violations of the LDAP standards).
• ds-cfg-allowed-task: array ds-cfg-allowed-task
  Specifies the fully-qualified name of a Java class that may be invoked in the server.
• ds-cfg-bind-with-dn-requires-password: boolean
  Default Value: true

  Indicates whether the Directory Server should reject any simple bind request that contains a DN but no password.
• ds-cfg-certificate-mapper(required): string
  Specifies the name of the certificate mapper that should be used to match client certificates to user entries.
• ds-cfg-check-schema: boolean
  Default Value: true

  Indicates whether schema enforcement is active.
• ds-cfg-default-password-policy(required): string
  Specifies the name of the password policy that is in effect for users whose entries do not specify an alternate password policy (either via a real or virtual attribute).
• ds-cfg-disabled-privilege: array ds-cfg-disabled-privilege
  Specifies the name of a privilege that should not be evaluated by the server.
• ds-cfg-entry-cache-preload: boolean
  Default Value: false

  Indicates whether or not to preload the entry cache on startup.
• ds-cfg-etime-resolution: string
  Default Value: milliseconds

  Allowed Values: [ "milliseconds", "nanoseconds" ]

  Specifies the resolution to use for operation elapsed processing time (etime) measurements.
• ds-cfg-generic-identity-mapper(required): array ds-cfg-generic-identity-mapper
  Specifies a set of generic identity mappers that will be used by Global Configuration for mapping an identity while performing all the operations except GSSAPI/SASL binds.
• ds-cfg-gssapi-identity-mapper(required): array ds-cfg-gssapi-identity-mapper
  Specifies the name of the identity mapper to map authentication and authorization ID values provided in a GSSAPI/SASL bind to the corresponding user entry.
• ds-cfg-idle-time-limit: string
  Default Value: 0 seconds

  Specifies the maximum length of time that a client connection may remain established since its last completed operation.
• ds-cfg-import-big-entries-memory-percent: integer(int32)
  Default Value: 10

  Specifies the maximum memory usage for the big entries as a percentage of the available memory at the time an import is performed.
• ds-cfg-invalid-attribute-syntax-behavior: string
  Default Value: reject

  Allowed Values: [ "accept", "reject", "warn" ]

  Specifies how the Directory Server should handle operations whenever an attribute value violates the associated attribute syntax.
• ds-cfg-lockdown-mode: boolean
  Default Value: false

  Indicates whether the Directory Server should reject all connections and requests unless they are from loopback clients with the CONFIG_WRITE or BYPASS_LOCKDOWN privilege.
• ds-cfg-lookthrough-limit: integer(int32)
  Default Value: 5000

  Specifies the maximum number of entries that the Directory Server should "look through" in the course of processing a search request.
• ds-cfg-maintain-authenticated-users: boolean
  Default Value: false

  Indicates whether or not the server should maintain authenticated users.
• ds-cfg-max-allowed-client-connections: integer(int32)
  Default Value: 0

  Specifies the maximum number of client connections that may be established at any given time
• ds-cfg-max-nested-filter-depth: integer(int32)
  Default Value: 100

  The maximum depth to which nested search filters will be processed.
• ds-cfg-max-psearches: integer(int32)
  Default Value: -1

  Defines the maximum number of concurrent persistent searches that can be performed on Directory Server
• ds-cfg-member-lookthrough-limit: integer(int32)
  Default Value: 100000

  Specifies the maximum number of members that the Directory Server should "look through" in the course of processing an operation on a static group.
• ds-cfg-non-dn-simple-bind-allowed: boolean
  Default Value: false

  Indicates whether the directory server will accept a simple bind request that may contain a value with non-dn syntax.
• ds-cfg-notify-abandoned-operations: boolean
  Default Value: false

  Indicates whether the Directory Server should send a response to any operation that is interrupted via an abandon request.
• ds-cfg-publish-operational-ldap-v2: boolean
  Default Value: false

  Indicates whether the server should, for LDAP V2 clients, ignore that an attribute is specified as operational and process it as a user attribute.
• ds-cfg-publish-options-ldap-v2: boolean
  Default Value: false

  Indicates whether the server should, for LDAP V2 clients, returns options while it normally merges all options.
• ds-cfg-reject-unauthenticated-requests: boolean
  Default Value: false

  Indicates whether the Directory Server should reject any request (other than bind or StartTLS requests) received from a client that has not yet been authenticated, whose last authentication attempt was unsuccessful, or whose last authentication attempt used anonymous authentication.
• ds-cfg-return-bind-error-messages: boolean
  Default Value: false

  Indicates whether responses for failed bind operations should include a message string providing the reason for the authentication failure.
• ds-cfg-return-lowercase-attribute-type: boolean
  Default Value: false

  Specifies whether attribute types are returned as lowercase or as defined by the schema.
• ds-cfg-returned-attribute-value-limit: integer(int32)
  Default Value: 100000

  Specifies the maximum number of values for an attribute that the Directory Server can return per entry while processing a search request.
• ds-cfg-save-config-on-successful-startup: boolean
  Default Value: true

  Indicates whether the Directory Server should save a copy of its configuration whenever the startup process completes successfully.
• ds-cfg-server-error-result-code: integer(int32)
  Default Value: 80

  Specifies the numeric value of the result code when request processing fails due to an internal server error.
• ds-cfg-single-structural-objectclass-behavior: string
  Default Value: reject

  Allowed Values: [ "accept", "reject", "warn" ]

  Specifies how the Directory Server should handle operations whenever an entry does not contain a structural object class or contains multiple structural classes.
• ds-cfg-size-limit: integer(int32)
  Default Value: 1000

  Specifies the maximum number of entries that can be returned to the client during a single search operation.
• ds-cfg-smtp-server: array ds-cfg-smtp-server
  Specifies the address (and optional port number) for a mail server that can be used to send email messages via SMTP.
• ds-cfg-time-limit: string
  Default Value: 60 seconds

  Specifies the maximum length of time that should be spent processing a single search operation.
• ds-cfg-writability-mode: string
  Default Value: enabled

  Allowed Values: [ "disabled", "enabled", "internal-only" ]

  Specifies the kinds of write operations the Directory Server can process.
• objectclass(required): array objectclass
  Objectclass(es) which this entry belongs to.

{
    "type":"object",
    "required":[
        "objectclass",
        "ds-cfg-default-password-policy",
        "ds-cfg-generic-identity-mapper",
        "ds-cfg-certificate-mapper",
        "ds-cfg-gssapi-identity-mapper"
    ],
    "properties":{
        "objectclass":{
            "type":"array",
            "description":"Objectclass(es) which this entry belongs to.",
            "items":{
                "type":"string"
            }
        },
        "cn":{
            "type":"string",
            "description":"CN (common name) of the entry"
        },
        "ds-cfg-time-limit":{
            "description":"Specifies the maximum length of time that should be spent processing a single search operation. ",
            "readOnly":false,
            "default":"60 seconds",
            "type":"string"
        },
        "ds-cfg-entry-cache-preload":{
            "description":"Indicates whether or not to preload the entry cache on startup. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-default-password-policy":{
            "description":"Specifies the name of the password policy that is in effect for users whose entries do not specify an alternate password policy (either via a real or virtual attribute). ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-etime-resolution":{
            "description":"Specifies the resolution to use for operation elapsed processing time (etime) measurements. ",
            "readOnly":false,
            "default":"milliseconds",
            "type":"string",
            "enum":[
                "milliseconds",
                "nanoseconds"
            ]
        },
        "ds-cfg-allowed-task":{
            "description":"Specifies the fully-qualified name of a Java class that may be invoked in the server. ",
            "readOnly":false,
            "type":"array",
            "items":{
                "type":"string"
            }
        },
        "ds-cfg-invalid-attribute-syntax-behavior":{
            "description":"Specifies how the Directory Server should handle operations whenever an attribute value violates the associated attribute syntax. ",
            "readOnly":false,
            "default":"reject",
            "type":"string",
            "enum":[
                "accept",
                "reject",
                "warn"
            ]
        },
        "ds-cfg-max-psearches":{
            "description":"Defines the maximum number of concurrent persistent searches that can be performed on Directory Server ",
            "readOnly":false,
            "default":"-1",
            "type":"integer",
            "format":"int32"
        },
        "ds-cfg-check-schema":{
            "description":"Indicates whether schema enforcement is active. ",
            "readOnly":false,
            "default":true,
            "type":"boolean"
        },
        "ds-cfg-maintain-authenticated-users":{
            "description":"Indicates whether or not the server should maintain authenticated users. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-non-dn-simple-bind-allowed":{
            "description":"Indicates whether the directory server will accept a simple bind request that may contain a value with non-dn syntax. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-publish-operational-ldap-v2":{
            "description":"Indicates whether the server should, for LDAP V2 clients, ignore that an attribute is specified as operational and process it as a user attribute. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-add-missing-rdn-attributes":{
            "description":"Indicates whether the Directory Server should automatically add any attribute values contained in the entry's RDN into that entry when processing an add request. ",
            "readOnly":false,
            "default":true,
            "type":"boolean"
        },
        "ds-cfg-generic-identity-mapper":{
            "description":"Specifies a set of generic identity mappers that will be used by Global Configuration for mapping an identity while performing all the operations except GSSAPI/SASL binds. ",
            "readOnly":false,
            "type":"array",
            "items":{
                "type":"string"
            }
        },
        "ds-cfg-certificate-mapper":{
            "description":"Specifies the name of the certificate mapper that should be used to match client certificates to user entries. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-publish-options-ldap-v2":{
            "description":"Indicates whether the server should, for LDAP V2 clients, returns options while it normally merges all options. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-return-lowercase-attribute-type":{
            "description":"Specifies whether attribute types are returned as lowercase or as defined by the schema. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-single-structural-objectclass-behavior":{
            "description":"Specifies how the Directory Server should handle operations whenever an entry does not contain a structural object class or contains multiple structural classes. ",
            "readOnly":false,
            "default":"reject",
            "type":"string",
            "enum":[
                "accept",
                "reject",
                "warn"
            ]
        },
        "ds-cfg-size-limit":{
            "description":"Specifies the maximum number of entries that can be returned to the client during a single search operation. ",
            "readOnly":false,
            "default":"1000",
            "type":"integer",
            "format":"int32"
        },
        "ds-cfg-gssapi-identity-mapper":{
            "description":"Specifies the name of the identity mapper to map authentication and authorization ID values provided in a GSSAPI/SASL bind to the corresponding user entry. ",
            "readOnly":false,
            "type":"array",
            "items":{
                "type":"string"
            }
        },
        "ds-cfg-lockdown-mode":{
            "description":"Indicates whether the Directory Server should reject all connections and requests unless they are from loopback clients with the CONFIG_WRITE or BYPASS_LOCKDOWN privilege. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-returned-attribute-value-limit":{
            "description":"Specifies the maximum number of values for an attribute that the Directory Server can return per entry while processing a search request. ",
            "readOnly":false,
            "default":"100000",
            "type":"integer",
            "format":"int32"
        },
        "ds-cfg-max-nested-filter-depth":{
            "description":"The maximum depth to which nested search filters will be processed. ",
            "readOnly":false,
            "default":"100",
            "type":"integer",
            "format":"int32"
        },
        "ds-cfg-smtp-server":{
            "description":"Specifies the address (and optional port number) for a mail server that can be used to send email messages via SMTP. ",
            "readOnly":false,
            "type":"array",
            "items":{
                "type":"string"
            }
        },
        "ds-cfg-bind-with-dn-requires-password":{
            "description":"Indicates whether the Directory Server should reject any simple bind request that contains a DN but no password. ",
            "readOnly":false,
            "default":true,
            "type":"boolean"
        },
        "ds-cfg-server-error-result-code":{
            "description":"Specifies the numeric value of the result code when request processing fails due to an internal server error. ",
            "readOnly":false,
            "default":"80",
            "type":"integer",
            "format":"int32"
        },
        "ds-cfg-max-allowed-client-connections":{
            "description":"Specifies the maximum number of client connections that may be established at any given time ",
            "readOnly":false,
            "default":"0",
            "type":"integer",
            "format":"int32"
        },
        "ds-cfg-member-lookthrough-limit":{
            "description":"Specifies the maximum number of members that the Directory Server should \"look through\" in the course of processing an operation on a static group. ",
            "readOnly":false,
            "default":"100000",
            "type":"integer",
            "format":"int32"
        },
        "ds-cfg-writability-mode":{
            "description":"Specifies the kinds of write operations the Directory Server can process. ",
            "readOnly":false,
            "default":"enabled",
            "type":"string",
            "enum":[
                "disabled",
                "enabled",
                "internal-only"
            ]
        },
        "ds-cfg-save-config-on-successful-startup":{
            "description":"Indicates whether the Directory Server should save a copy of its configuration whenever the startup process completes successfully. ",
            "readOnly":false,
            "default":true,
            "type":"boolean"
        },
        "ds-cfg-disabled-privilege":{
            "description":"Specifies the name of a privilege that should not be evaluated by the server. ",
            "readOnly":false,
            "type":"array",
            "items":{
                "type":"string"
            },
            "enum":[
                "backend-backup",
                "backend-restore",
                "bypass-acl",
                "bypass-lockdown",
                "cancel-request",
                "config-read",
                "config-write",
                "disconnect-client",
                "jmx-notify",
                "jmx-read",
                "jmx-write",
                "ldif-export",
                "ldif-import",
                "modify-acl",
                "password-reset",
                "privilege-change",
                "proxied-auth",
                "server-restart",
                "server-shutdown",
                "subentry-write",
                "unindexed-search",
                "update-schema"
            ]
        },
        "ds-cfg-return-bind-error-messages":{
            "description":"Indicates whether responses for failed bind operations should include a message string providing the reason for the authentication failure. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-reject-unauthenticated-requests":{
            "description":"Indicates whether the Directory Server should reject any request (other than bind or StartTLS requests) received from a client that has not yet been authenticated, whose last authentication attempt was unsuccessful, or whose last authentication attempt used anonymous authentication. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-import-big-entries-memory-percent":{
            "description":"Specifies the maximum memory usage for the big entries as a percentage of the available memory at the time an import is performed. ",
            "readOnly":false,
            "default":"10",
            "type":"integer",
            "format":"int32"
        },
        "ds-cfg-idle-time-limit":{
            "description":"Specifies the maximum length of time that a client connection may remain established since its last completed operation. ",
            "readOnly":false,
            "default":"0 seconds",
            "type":"string"
        },
        "ds-cfg-lookthrough-limit":{
            "description":"Specifies the maximum number of entries that the Directory Server should \"look through\" in the course of processing a search request. ",
            "readOnly":false,
            "default":"5000",
            "type":"integer",
            "format":"int32"
        },
        "ds-cfg-notify-abandoned-operations":{
            "description":"Indicates whether the Directory Server should send a response to any operation that is interrupted via an abandon request. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-allow-attribute-name-exceptions":{
            "description":"Indicates whether the Directory Server should allow underscores in attribute names and allow attribute names to begin with numeric digits (both of which are violations of the LDAP standards). ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        }
    }
}

• Array of: string

{
    "description":"Specifies the fully-qualified name of a Java class that may be invoked in the server. ",
    "readOnly":false,
    "type":"array",
    "items":{
        "type":"string"
    }
}

• Array of: string

{
    "description":"Specifies the name of a privilege that should not be evaluated by the server. ",
    "readOnly":false,
    "type":"array",
    "items":{
        "type":"string"
    },
    "enum":[
        "backend-backup",
        "backend-restore",
        "bypass-acl",
        "bypass-lockdown",
        "cancel-request",
        "config-read",
        "config-write",
        "disconnect-client",
        "jmx-notify",
        "jmx-read",
        "jmx-write",
        "ldif-export",
        "ldif-import",
        "modify-acl",
        "password-reset",
        "privilege-change",
        "proxied-auth",
        "server-restart",
        "server-shutdown",
        "subentry-write",
        "unindexed-search",
        "update-schema"
    ]
}

• Array of: string

{
    "description":"Specifies a set of generic identity mappers that will be used by Global Configuration for mapping an identity while performing all the operations except GSSAPI/SASL binds. ",
    "readOnly":false,
    "type":"array",
    "items":{
        "type":"string"
    }
}

• Array of: string

{
    "description":"Specifies the name of the identity mapper to map authentication and authorization ID values provided in a GSSAPI/SASL bind to the corresponding user entry. ",
    "readOnly":false,
    "type":"array",
    "items":{
        "type":"string"
    }
}

• Array of: string

{
    "description":"Specifies the address (and optional port number) for a mail server that can be used to send email messages via SMTP. ",
    "readOnly":false,
    "type":"array",
    "items":{
        "type":"string"
    }
}

• Array of: string

{
    "type":"array",
    "description":"Objectclass(es) which this entry belongs to.",
    "items":{
        "type":"string"
    }
}

• msgType(required): string
  Default Value: urn:ietf:params:rest:schemas:oracle:oud:1.0:AddResponse

  The REST message type
• searchResultEntries(required): array searchResultEntries
• totalResults(required): integer(int32)
  Specifies the number of entries created, and returned.

{
    "type":"object",
    "required":[
        "msgType",
        "totalResults",
        "searchResultEntries"
    ],
    "properties":{
        "msgType":{
            "description":"The REST message type",
            "default":"urn:ietf:params:rest:schemas:oracle:oud:1.0:AddResponse",
            "type":"string"
        },
        "totalResults":{
            "type":"integer",
            "format":"int32",
            "description":"Specifies the number of entries created, and returned."
        },
        "searchResultEntries":{
            "type":"array",
            "items":{
                "$ref":"#/definitions/Global Configuration SearchResultEntry"
            }
        }
    }
}

• Array of: object Global Configuration SearchResultEntry

{
    "type":"array",
    "items":{
        "$ref":"#/definitions/Global Configuration SearchResultEntry"
    }
}

• attributes(required): object Global Configuration Properties
• dn(required): string
  LDAP DN of the entry to be created

{
    "type":"object",
    "required":[
        "dn",
        "attributes"
    ],
    "properties":{
        "dn":{
            "description":"LDAP DN of the entry to be created",
            "type":"string"
        },
        "attributes":{
            "$ref":"#/definitions/Global Configuration Properties"
        }
    }
}

• cn: string
  CN (common name) of the entry
• ds-cfg-add-missing-rdn-attributes: boolean
  Default Value: true

  Indicates whether the Directory Server should automatically add any attribute values contained in the entry's RDN into that entry when processing an add request.
• ds-cfg-allow-attribute-name-exceptions: boolean
  Default Value: false

  Indicates whether the Directory Server should allow underscores in attribute names and allow attribute names to begin with numeric digits (both of which are violations of the LDAP standards).
• ds-cfg-allowed-task: array ds-cfg-allowed-task
  Specifies the fully-qualified name of a Java class that may be invoked in the server.
• ds-cfg-bind-with-dn-requires-password: boolean
  Default Value: true

  Indicates whether the Directory Server should reject any simple bind request that contains a DN but no password.
• ds-cfg-certificate-mapper(required): string
  Specifies the name of the certificate mapper that should be used to match client certificates to user entries.
• ds-cfg-check-schema: boolean
  Default Value: true

  Indicates whether schema enforcement is active.
• ds-cfg-default-password-policy(required): string
  Specifies the name of the password policy that is in effect for users whose entries do not specify an alternate password policy (either via a real or virtual attribute).
• ds-cfg-disabled-privilege: array ds-cfg-disabled-privilege
  Specifies the name of a privilege that should not be evaluated by the server.
• ds-cfg-entry-cache-preload: boolean
  Default Value: false

  Indicates whether or not to preload the entry cache on startup.
• ds-cfg-etime-resolution: string
  Default Value: milliseconds

  Allowed Values: [ "milliseconds", "nanoseconds" ]

  Specifies the resolution to use for operation elapsed processing time (etime) measurements.
• ds-cfg-generic-identity-mapper(required): array ds-cfg-generic-identity-mapper
  Specifies a set of generic identity mappers that will be used by Global Configuration for mapping an identity while performing all the operations except GSSAPI/SASL binds.
• ds-cfg-gssapi-identity-mapper(required): array ds-cfg-gssapi-identity-mapper
  Specifies the name of the identity mapper to map authentication and authorization ID values provided in a GSSAPI/SASL bind to the corresponding user entry.
• ds-cfg-idle-time-limit: string
  Default Value: 0 seconds

  Specifies the maximum length of time that a client connection may remain established since its last completed operation.
• ds-cfg-import-big-entries-memory-percent: integer(int32)
  Default Value: 10

  Specifies the maximum memory usage for the big entries as a percentage of the available memory at the time an import is performed.
• ds-cfg-invalid-attribute-syntax-behavior: string
  Default Value: reject

  Allowed Values: [ "accept", "reject", "warn" ]

  Specifies how the Directory Server should handle operations whenever an attribute value violates the associated attribute syntax.
• ds-cfg-lockdown-mode: boolean
  Default Value: false

  Indicates whether the Directory Server should reject all connections and requests unless they are from loopback clients with the CONFIG_WRITE or BYPASS_LOCKDOWN privilege.
• ds-cfg-lookthrough-limit: integer(int32)
  Default Value: 5000

  Specifies the maximum number of entries that the Directory Server should "look through" in the course of processing a search request.
• ds-cfg-maintain-authenticated-users: boolean
  Default Value: false

  Indicates whether or not the server should maintain authenticated users.
• ds-cfg-max-allowed-client-connections: integer(int32)
  Default Value: 0

  Specifies the maximum number of client connections that may be established at any given time
• ds-cfg-max-nested-filter-depth: integer(int32)
  Default Value: 100

  The maximum depth to which nested search filters will be processed.
• ds-cfg-max-psearches: integer(int32)
  Default Value: -1

  Defines the maximum number of concurrent persistent searches that can be performed on Directory Server
• ds-cfg-member-lookthrough-limit: integer(int32)
  Default Value: 100000

  Specifies the maximum number of members that the Directory Server should "look through" in the course of processing an operation on a static group.
• ds-cfg-non-dn-simple-bind-allowed: boolean
  Default Value: false

  Indicates whether the directory server will accept a simple bind request that may contain a value with non-dn syntax.
• ds-cfg-notify-abandoned-operations: boolean
  Default Value: false

  Indicates whether the Directory Server should send a response to any operation that is interrupted via an abandon request.
• ds-cfg-publish-operational-ldap-v2: boolean
  Default Value: false

  Indicates whether the server should, for LDAP V2 clients, ignore that an attribute is specified as operational and process it as a user attribute.
• ds-cfg-publish-options-ldap-v2: boolean
  Default Value: false

  Indicates whether the server should, for LDAP V2 clients, returns options while it normally merges all options.
• ds-cfg-reject-unauthenticated-requests: boolean
  Default Value: false

  Indicates whether the Directory Server should reject any request (other than bind or StartTLS requests) received from a client that has not yet been authenticated, whose last authentication attempt was unsuccessful, or whose last authentication attempt used anonymous authentication.
• ds-cfg-return-bind-error-messages: boolean
  Default Value: false

  Indicates whether responses for failed bind operations should include a message string providing the reason for the authentication failure.
• ds-cfg-return-lowercase-attribute-type: boolean
  Default Value: false

  Specifies whether attribute types are returned as lowercase or as defined by the schema.
• ds-cfg-returned-attribute-value-limit: integer(int32)
  Default Value: 100000

  Specifies the maximum number of values for an attribute that the Directory Server can return per entry while processing a search request.
• ds-cfg-save-config-on-successful-startup: boolean
  Default Value: true

  Indicates whether the Directory Server should save a copy of its configuration whenever the startup process completes successfully.
• ds-cfg-server-error-result-code: integer(int32)
  Default Value: 80

  Specifies the numeric value of the result code when request processing fails due to an internal server error.
• ds-cfg-single-structural-objectclass-behavior: string
  Default Value: reject

  Allowed Values: [ "accept", "reject", "warn" ]

  Specifies how the Directory Server should handle operations whenever an entry does not contain a structural object class or contains multiple structural classes.
• ds-cfg-size-limit: integer(int32)
  Default Value: 1000

  Specifies the maximum number of entries that can be returned to the client during a single search operation.
• ds-cfg-smtp-server: array ds-cfg-smtp-server
  Specifies the address (and optional port number) for a mail server that can be used to send email messages via SMTP.
• ds-cfg-time-limit: string
  Default Value: 60 seconds

  Specifies the maximum length of time that should be spent processing a single search operation.
• ds-cfg-writability-mode: string
  Default Value: enabled

  Allowed Values: [ "disabled", "enabled", "internal-only" ]

  Specifies the kinds of write operations the Directory Server can process.
• objectclass(required): array objectclass
  Objectclass(es) which this entry belongs to.

{
    "type":"object",
    "required":[
        "objectclass",
        "ds-cfg-default-password-policy",
        "ds-cfg-generic-identity-mapper",
        "ds-cfg-certificate-mapper",
        "ds-cfg-gssapi-identity-mapper"
    ],
    "properties":{
        "objectclass":{
            "type":"array",
            "description":"Objectclass(es) which this entry belongs to.",
            "items":{
                "type":"string"
            }
        },
        "cn":{
            "type":"string",
            "description":"CN (common name) of the entry"
        },
        "ds-cfg-time-limit":{
            "description":"Specifies the maximum length of time that should be spent processing a single search operation. ",
            "readOnly":false,
            "default":"60 seconds",
            "type":"string"
        },
        "ds-cfg-entry-cache-preload":{
            "description":"Indicates whether or not to preload the entry cache on startup. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-default-password-policy":{
            "description":"Specifies the name of the password policy that is in effect for users whose entries do not specify an alternate password policy (either via a real or virtual attribute). ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-etime-resolution":{
            "description":"Specifies the resolution to use for operation elapsed processing time (etime) measurements. ",
            "readOnly":false,
            "default":"milliseconds",
            "type":"string",
            "enum":[
                "milliseconds",
                "nanoseconds"
            ]
        },
        "ds-cfg-allowed-task":{
            "description":"Specifies the fully-qualified name of a Java class that may be invoked in the server. ",
            "readOnly":false,
            "type":"array",
            "items":{
                "type":"string"
            }
        },
        "ds-cfg-invalid-attribute-syntax-behavior":{
            "description":"Specifies how the Directory Server should handle operations whenever an attribute value violates the associated attribute syntax. ",
            "readOnly":false,
            "default":"reject",
            "type":"string",
            "enum":[
                "accept",
                "reject",
                "warn"
            ]
        },
        "ds-cfg-max-psearches":{
            "description":"Defines the maximum number of concurrent persistent searches that can be performed on Directory Server ",
            "readOnly":false,
            "default":"-1",
            "type":"integer",
            "format":"int32"
        },
        "ds-cfg-check-schema":{
            "description":"Indicates whether schema enforcement is active. ",
            "readOnly":false,
            "default":true,
            "type":"boolean"
        },
        "ds-cfg-maintain-authenticated-users":{
            "description":"Indicates whether or not the server should maintain authenticated users. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-non-dn-simple-bind-allowed":{
            "description":"Indicates whether the directory server will accept a simple bind request that may contain a value with non-dn syntax. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-publish-operational-ldap-v2":{
            "description":"Indicates whether the server should, for LDAP V2 clients, ignore that an attribute is specified as operational and process it as a user attribute. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-add-missing-rdn-attributes":{
            "description":"Indicates whether the Directory Server should automatically add any attribute values contained in the entry's RDN into that entry when processing an add request. ",
            "readOnly":false,
            "default":true,
            "type":"boolean"
        },
        "ds-cfg-generic-identity-mapper":{
            "description":"Specifies a set of generic identity mappers that will be used by Global Configuration for mapping an identity while performing all the operations except GSSAPI/SASL binds. ",
            "readOnly":false,
            "type":"array",
            "items":{
                "type":"string"
            }
        },
        "ds-cfg-certificate-mapper":{
            "description":"Specifies the name of the certificate mapper that should be used to match client certificates to user entries. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-publish-options-ldap-v2":{
            "description":"Indicates whether the server should, for LDAP V2 clients, returns options while it normally merges all options. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-return-lowercase-attribute-type":{
            "description":"Specifies whether attribute types are returned as lowercase or as defined by the schema. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-single-structural-objectclass-behavior":{
            "description":"Specifies how the Directory Server should handle operations whenever an entry does not contain a structural object class or contains multiple structural classes. ",
            "readOnly":false,
            "default":"reject",
            "type":"string",
            "enum":[
                "accept",
                "reject",
                "warn"
            ]
        },
        "ds-cfg-size-limit":{
            "description":"Specifies the maximum number of entries that can be returned to the client during a single search operation. ",
            "readOnly":false,
            "default":"1000",
            "type":"integer",
            "format":"int32"
        },
        "ds-cfg-gssapi-identity-mapper":{
            "description":"Specifies the name of the identity mapper to map authentication and authorization ID values provided in a GSSAPI/SASL bind to the corresponding user entry. ",
            "readOnly":false,
            "type":"array",
            "items":{
                "type":"string"
            }
        },
        "ds-cfg-lockdown-mode":{
            "description":"Indicates whether the Directory Server should reject all connections and requests unless they are from loopback clients with the CONFIG_WRITE or BYPASS_LOCKDOWN privilege. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-returned-attribute-value-limit":{
            "description":"Specifies the maximum number of values for an attribute that the Directory Server can return per entry while processing a search request. ",
            "readOnly":false,
            "default":"100000",
            "type":"integer",
            "format":"int32"
        },
        "ds-cfg-max-nested-filter-depth":{
            "description":"The maximum depth to which nested search filters will be processed. ",
            "readOnly":false,
            "default":"100",
            "type":"integer",
            "format":"int32"
        },
        "ds-cfg-smtp-server":{
            "description":"Specifies the address (and optional port number) for a mail server that can be used to send email messages via SMTP. ",
            "readOnly":false,
            "type":"array",
            "items":{
                "type":"string"
            }
        },
        "ds-cfg-bind-with-dn-requires-password":{
            "description":"Indicates whether the Directory Server should reject any simple bind request that contains a DN but no password. ",
            "readOnly":false,
            "default":true,
            "type":"boolean"
        },
        "ds-cfg-server-error-result-code":{
            "description":"Specifies the numeric value of the result code when request processing fails due to an internal server error. ",
            "readOnly":false,
            "default":"80",
            "type":"integer",
            "format":"int32"
        },
        "ds-cfg-max-allowed-client-connections":{
            "description":"Specifies the maximum number of client connections that may be established at any given time ",
            "readOnly":false,
            "default":"0",
            "type":"integer",
            "format":"int32"
        },
        "ds-cfg-member-lookthrough-limit":{
            "description":"Specifies the maximum number of members that the Directory Server should \"look through\" in the course of processing an operation on a static group. ",
            "readOnly":false,
            "default":"100000",
            "type":"integer",
            "format":"int32"
        },
        "ds-cfg-writability-mode":{
            "description":"Specifies the kinds of write operations the Directory Server can process. ",
            "readOnly":false,
            "default":"enabled",
            "type":"string",
            "enum":[
                "disabled",
                "enabled",
                "internal-only"
            ]
        },
        "ds-cfg-save-config-on-successful-startup":{
            "description":"Indicates whether the Directory Server should save a copy of its configuration whenever the startup process completes successfully. ",
            "readOnly":false,
            "default":true,
            "type":"boolean"
        },
        "ds-cfg-disabled-privilege":{
            "description":"Specifies the name of a privilege that should not be evaluated by the server. ",
            "readOnly":false,
            "type":"array",
            "items":{
                "type":"string"
            },
            "enum":[
                "backend-backup",
                "backend-restore",
                "bypass-acl",
                "bypass-lockdown",
                "cancel-request",
                "config-read",
                "config-write",
                "disconnect-client",
                "jmx-notify",
                "jmx-read",
                "jmx-write",
                "ldif-export",
                "ldif-import",
                "modify-acl",
                "password-reset",
                "privilege-change",
                "proxied-auth",
                "server-restart",
                "server-shutdown",
                "subentry-write",
                "unindexed-search",
                "update-schema"
            ]
        },
        "ds-cfg-return-bind-error-messages":{
            "description":"Indicates whether responses for failed bind operations should include a message string providing the reason for the authentication failure. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-reject-unauthenticated-requests":{
            "description":"Indicates whether the Directory Server should reject any request (other than bind or StartTLS requests) received from a client that has not yet been authenticated, whose last authentication attempt was unsuccessful, or whose last authentication attempt used anonymous authentication. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-import-big-entries-memory-percent":{
            "description":"Specifies the maximum memory usage for the big entries as a percentage of the available memory at the time an import is performed. ",
            "readOnly":false,
            "default":"10",
            "type":"integer",
            "format":"int32"
        },
        "ds-cfg-idle-time-limit":{
            "description":"Specifies the maximum length of time that a client connection may remain established since its last completed operation. ",
            "readOnly":false,
            "default":"0 seconds",
            "type":"string"
        },
        "ds-cfg-lookthrough-limit":{
            "description":"Specifies the maximum number of entries that the Directory Server should \"look through\" in the course of processing a search request. ",
            "readOnly":false,
            "default":"5000",
            "type":"integer",
            "format":"int32"
        },
        "ds-cfg-notify-abandoned-operations":{
            "description":"Indicates whether the Directory Server should send a response to any operation that is interrupted via an abandon request. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-allow-attribute-name-exceptions":{
            "description":"Indicates whether the Directory Server should allow underscores in attribute names and allow attribute names to begin with numeric digits (both of which are violations of the LDAP standards). ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        }
    }
}

• Array of: string

{
    "description":"Specifies the fully-qualified name of a Java class that may be invoked in the server. ",
    "readOnly":false,
    "type":"array",
    "items":{
        "type":"string"
    }
}

• Array of: string

{
    "description":"Specifies the name of a privilege that should not be evaluated by the server. ",
    "readOnly":false,
    "type":"array",
    "items":{
        "type":"string"
    },
    "enum":[
        "backend-backup",
        "backend-restore",
        "bypass-acl",
        "bypass-lockdown",
        "cancel-request",
        "config-read",
        "config-write",
        "disconnect-client",
        "jmx-notify",
        "jmx-read",
        "jmx-write",
        "ldif-export",
        "ldif-import",
        "modify-acl",
        "password-reset",
        "privilege-change",
        "proxied-auth",
        "server-restart",
        "server-shutdown",
        "subentry-write",
        "unindexed-search",
        "update-schema"
    ]
}

• Array of: string

{
    "description":"Specifies a set of generic identity mappers that will be used by Global Configuration for mapping an identity while performing all the operations except GSSAPI/SASL binds. ",
    "readOnly":false,
    "type":"array",
    "items":{
        "type":"string"
    }
}

• Array of: string

{
    "description":"Specifies the name of the identity mapper to map authentication and authorization ID values provided in a GSSAPI/SASL bind to the corresponding user entry. ",
    "readOnly":false,
    "type":"array",
    "items":{
        "type":"string"
    }
}

• Array of: string

{
    "description":"Specifies the address (and optional port number) for a mail server that can be used to send email messages via SMTP. ",
    "readOnly":false,
    "type":"array",
    "items":{
        "type":"string"
    }
}

• Array of: string

{
    "type":"array",
    "description":"Objectclass(es) which this entry belongs to.",
    "items":{
        "type":"string"
    }
}

• ldapErrorCode: integer(int32)
  Specifies the LDAP error code returned for the operation.
• message(required): string
  Error message returned returned for the operation.
• msgType(required): string
  Default Value: urn:ietf:params:rest:schemas:oracle:oud:1.0:ErrorResponse

  The REST message type

{
    "type":"object",
    "required":[
        "msgType",
        "message"
    ],
    "properties":{
        "msgType":{
            "description":"The REST message type",
            "default":"urn:ietf:params:rest:schemas:oracle:oud:1.0:ErrorResponse",
            "type":"string"
        },
        "message":{
            "description":"Error message returned returned for the operation.",
            "type":"string"
        },
        "ldapErrorCode":{
            "type":"integer",
            "format":"int32",
            "description":"Specifies the LDAP error code returned for the operation."
        }
    }
}