Introduction

Operational attributes are special attributes which are internal to the server. As stated in RFC 4512, par. 3.4 :

Some attributes, termed operational attributes, are used or
maintained by servers for administrative and operational purposes.
As stated in [X.501]: "There are three varieties of operational
attributes: Directory operational attributes, DSA-shared operational
attributes, and DSA-specific operational attributes". 

Some operational attributes will be user modifiable, other won't. In this case, the attributes will be marked usuing the NO-USER-MODIFICATION flag

Operational Attributes in ADS

The following table expose the list of currently used Operational Attributes in  ADS

name ADS description User modifiable
comment
creatorsName This attribute is added to every entry just created. It contains
the principal DN of the creator 		mandatory
createTimestamp This attribute is added to every entry just created. It contains
the date of creation
mandatory
modifiersName This attribute is added to every entry which has been modified.
It contains the principal DN of the modifier 		mandatory
modifyTimestamp  This attribute is added to every entry which has been modified.
It contains the last modificationdate 		mandatory
subschemaSubentry      
objectClasses      
attributeTypes      
matchingRules      
matchingRuleUse      
ldapSyntaxes      
dITContentRules      
dITStructureRules      
nameForms      
structuralObjectClass      
governingStructureRule      

TO BE CONTINUED ...

The interceptor

The OperationalAttribute interceptor is used to manipulate those operational attributes. It currently update the added, modified, renamed or moved entries.

Add operation

Adding an entry into the server is done by a principal. This information will be stored into the added entry using two operational attributes :

  1. creatorsName : the principal who creates the entry
  2. createTimestamp : the current date

This is managed in the add() method