4 |
- |
1 |
# inetorgperson.schema -- InetOrgPerson (RFC2798)
|
9 |
- |
2 |
# $OpenLDAP$
|
4 |
- |
3 |
## This work is part of OpenLDAP Software <http://www.openldap.org/>.
|
|
|
4 |
##
|
9 |
- |
5 |
## Copyright 1998-2014 The OpenLDAP Foundation.
|
4 |
- |
6 |
## All rights reserved.
|
|
|
7 |
##
|
|
|
8 |
## Redistribution and use in source and binary forms, with or without
|
|
|
9 |
## modification, are permitted only as authorized by the OpenLDAP
|
|
|
10 |
## Public License.
|
|
|
11 |
##
|
|
|
12 |
## A copy of this license is available in the file LICENSE in the
|
|
|
13 |
## top-level directory of the distribution or, alternatively, at
|
|
|
14 |
## <http://www.OpenLDAP.org/license.html>.
|
|
|
15 |
#
|
|
|
16 |
# InetOrgPerson (RFC2798)
|
|
|
17 |
#
|
|
|
18 |
# Depends upon
|
|
|
19 |
# Definition of an X.500 Attribute Type and an Object Class to Hold
|
|
|
20 |
# Uniform Resource Identifiers (URIs) [RFC2079]
|
|
|
21 |
# (core.schema)
|
|
|
22 |
#
|
|
|
23 |
# A Summary of the X.500(96) User Schema for use with LDAPv3 [RFC2256]
|
|
|
24 |
# (core.schema)
|
|
|
25 |
#
|
|
|
26 |
# The COSINE and Internet X.500 Schema [RFC1274] (cosine.schema)
|
|
|
27 |
|
|
|
28 |
# carLicense
|
|
|
29 |
# This multivalued field is used to record the values of the license or
|
|
|
30 |
# registration plate associated with an individual.
|
|
|
31 |
attributetype ( 2.16.840.1.113730.3.1.1
|
|
|
32 |
NAME 'carLicense'
|
|
|
33 |
DESC 'RFC2798: vehicle license or registration plate'
|
|
|
34 |
EQUALITY caseIgnoreMatch
|
|
|
35 |
SUBSTR caseIgnoreSubstringsMatch
|
|
|
36 |
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
|
|
|
37 |
|
|
|
38 |
# departmentNumber
|
|
|
39 |
# Code for department to which a person belongs. This can also be
|
|
|
40 |
# strictly numeric (e.g., 1234) or alphanumeric (e.g., ABC/123).
|
|
|
41 |
attributetype ( 2.16.840.1.113730.3.1.2
|
|
|
42 |
NAME 'departmentNumber'
|
|
|
43 |
DESC 'RFC2798: identifies a department within an organization'
|
|
|
44 |
EQUALITY caseIgnoreMatch
|
|
|
45 |
SUBSTR caseIgnoreSubstringsMatch
|
|
|
46 |
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
|
|
|
47 |
|
|
|
48 |
# displayName
|
|
|
49 |
# When displaying an entry, especially within a one-line summary list, it
|
|
|
50 |
# is useful to be able to identify a name to be used. Since other attri-
|
|
|
51 |
# bute types such as 'cn' are multivalued, an additional attribute type is
|
|
|
52 |
# needed. Display name is defined for this purpose.
|
|
|
53 |
attributetype ( 2.16.840.1.113730.3.1.241
|
|
|
54 |
NAME 'displayName'
|
|
|
55 |
DESC 'RFC2798: preferred name to be used when displaying entries'
|
|
|
56 |
EQUALITY caseIgnoreMatch
|
|
|
57 |
SUBSTR caseIgnoreSubstringsMatch
|
|
|
58 |
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
|
|
|
59 |
SINGLE-VALUE )
|
|
|
60 |
|
|
|
61 |
# employeeNumber
|
|
|
62 |
# Numeric or alphanumeric identifier assigned to a person, typically based
|
|
|
63 |
# on order of hire or association with an organization. Single valued.
|
|
|
64 |
attributetype ( 2.16.840.1.113730.3.1.3
|
|
|
65 |
NAME 'employeeNumber'
|
|
|
66 |
DESC 'RFC2798: numerically identifies an employee within an organization'
|
|
|
67 |
EQUALITY caseIgnoreMatch
|
|
|
68 |
SUBSTR caseIgnoreSubstringsMatch
|
|
|
69 |
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
|
|
|
70 |
SINGLE-VALUE )
|
|
|
71 |
|
|
|
72 |
# employeeType
|
|
|
73 |
# Used to identify the employer to employee relationship. Typical values
|
|
|
74 |
# used will be "Contractor", "Employee", "Intern", "Temp", "External", and
|
|
|
75 |
# "Unknown" but any value may be used.
|
|
|
76 |
attributetype ( 2.16.840.1.113730.3.1.4
|
|
|
77 |
NAME 'employeeType'
|
|
|
78 |
DESC 'RFC2798: type of employment for a person'
|
|
|
79 |
EQUALITY caseIgnoreMatch
|
|
|
80 |
SUBSTR caseIgnoreSubstringsMatch
|
|
|
81 |
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
|
|
|
82 |
|
|
|
83 |
# jpegPhoto
|
|
|
84 |
# Used to store one or more images of a person using the JPEG File
|
|
|
85 |
# Interchange Format [JFIF].
|
|
|
86 |
# Note that the jpegPhoto attribute type was defined for use in the
|
|
|
87 |
# Internet X.500 pilots but no referencable definition for it could be
|
|
|
88 |
# located.
|
|
|
89 |
attributetype ( 0.9.2342.19200300.100.1.60
|
|
|
90 |
NAME 'jpegPhoto'
|
|
|
91 |
DESC 'RFC2798: a JPEG image'
|
|
|
92 |
SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 )
|
|
|
93 |
|
|
|
94 |
# preferredLanguage
|
|
|
95 |
# Used to indicate an individual's preferred written or spoken
|
|
|
96 |
# language. This is useful for international correspondence or human-
|
|
|
97 |
# computer interaction. Values for this attribute type MUST conform to
|
|
|
98 |
# the definition of the Accept-Language header field defined in
|
|
|
99 |
# [RFC2068] with one exception: the sequence "Accept-Language" ":"
|
|
|
100 |
# should be omitted. This is a single valued attribute type.
|
|
|
101 |
attributetype ( 2.16.840.1.113730.3.1.39
|
|
|
102 |
NAME 'preferredLanguage'
|
|
|
103 |
DESC 'RFC2798: preferred written or spoken language for a person'
|
|
|
104 |
EQUALITY caseIgnoreMatch
|
|
|
105 |
SUBSTR caseIgnoreSubstringsMatch
|
|
|
106 |
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
|
|
|
107 |
SINGLE-VALUE )
|
|
|
108 |
|
|
|
109 |
# userSMIMECertificate
|
|
|
110 |
# A PKCS#7 [RFC2315] SignedData, where the content that is signed is
|
|
|
111 |
# ignored by consumers of userSMIMECertificate values. It is
|
|
|
112 |
# recommended that values have a `contentType' of data with an absent
|
|
|
113 |
# `content' field. Values of this attribute contain a person's entire
|
|
|
114 |
# certificate chain and an smimeCapabilities field [RFC2633] that at a
|
|
|
115 |
# minimum describes their SMIME algorithm capabilities. Values for
|
|
|
116 |
# this attribute are to be stored and requested in binary form, as
|
|
|
117 |
# 'userSMIMECertificate;binary'. If available, this attribute is
|
|
|
118 |
# preferred over the userCertificate attribute for S/MIME applications.
|
|
|
119 |
## OpenLDAP note: ";binary" transfer should NOT be used as syntax is binary
|
|
|
120 |
attributetype ( 2.16.840.1.113730.3.1.40
|
|
|
121 |
NAME 'userSMIMECertificate'
|
|
|
122 |
DESC 'RFC2798: PKCS#7 SignedData used to support S/MIME'
|
|
|
123 |
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )
|
|
|
124 |
|
|
|
125 |
# userPKCS12
|
|
|
126 |
# PKCS #12 [PKCS12] provides a format for exchange of personal identity
|
|
|
127 |
# information. When such information is stored in a directory service,
|
|
|
128 |
# the userPKCS12 attribute should be used. This attribute is to be stored
|
|
|
129 |
# and requested in binary form, as 'userPKCS12;binary'. The attribute
|
|
|
130 |
# values are PFX PDUs stored as binary data.
|
|
|
131 |
## OpenLDAP note: ";binary" transfer should NOT be used as syntax is binary
|
|
|
132 |
attributetype ( 2.16.840.1.113730.3.1.216
|
|
|
133 |
NAME 'userPKCS12'
|
|
|
134 |
DESC 'RFC2798: personal identity information, a PKCS #12 PFX'
|
|
|
135 |
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )
|
|
|
136 |
|
|
|
137 |
|
|
|
138 |
# inetOrgPerson
|
|
|
139 |
# The inetOrgPerson represents people who are associated with an
|
|
|
140 |
# organization in some way. It is a structural class and is derived
|
|
|
141 |
# from the organizationalPerson which is defined in X.521 [X521].
|
|
|
142 |
objectclass ( 2.16.840.1.113730.3.2.2
|
|
|
143 |
NAME 'inetOrgPerson'
|
|
|
144 |
DESC 'RFC2798: Internet Organizational Person'
|
|
|
145 |
SUP organizationalPerson
|
|
|
146 |
STRUCTURAL
|
|
|
147 |
MAY (
|
|
|
148 |
audio $ businessCategory $ carLicense $ departmentNumber $
|
|
|
149 |
displayName $ employeeNumber $ employeeType $ givenName $
|
|
|
150 |
homePhone $ homePostalAddress $ initials $ jpegPhoto $
|
|
|
151 |
labeledURI $ mail $ manager $ mobile $ o $ pager $
|
|
|
152 |
photo $ roomNumber $ secretary $ uid $ userCertificate $
|
|
|
153 |
x500uniqueIdentifier $ preferredLanguage $
|
|
|
154 |
userSMIMECertificate $ userPKCS12 )
|
|
|
155 |
)
|