An attribute type determines the important properties related to an attribute, such as specifying the matching and syntax rules used in value comparisons. An attribute description consists of an attribute type and a set of zero or more options. Options are short, case-insensitive text strings that differentiate between attribute descriptions. For example, the LDAPv3 specification defines only one type of option, the tagging option, which can be used to tag language options, such as cn;lang-de;lang-sp or binary data, such as userCertificate;binary. You can also extend the schema by adding your own attribute definitions.

Attributes have the following properties:
  • Attributes can be user attributes that hold information for client applications, or operational attributes that are used for administrative or server-related purposes. You can specify the purpose of the attribute by the USAGE element.
  • Attributes are multi-valued by default. Multi-valued means that attributes can contain more than one value within an entry. Include the SINGLE-VALUE element if the attribute should contain at most one value within an entry.
  • Attributes can inherit properties from a parent attribute as long as they both have the same USAGE, and the child attribute has the same SYNTAX or its SYNTAX allows values which are a subset of the values allowed by the SYNTAX of the parent attribute. For example, the surname (sn) attribute is a child of the name attribute.