| 9 |
- |
1 |
# $OpenLDAP$
|
| 4 |
- |
2 |
## This work is part of OpenLDAP Software <http://www.openldap.org/>.
|
|
|
3 |
##
|
| 9 |
- |
4 |
## Copyright 1998-2014 The OpenLDAP Foundation.
|
| 4 |
- |
5 |
## All rights reserved.
|
|
|
6 |
##
|
|
|
7 |
## Redistribution and use in source and binary forms, with or without
|
|
|
8 |
## modification, are permitted only as authorized by the OpenLDAP
|
|
|
9 |
## Public License.
|
|
|
10 |
##
|
|
|
11 |
## A copy of this license is available in the file LICENSE in the
|
|
|
12 |
## top-level directory of the distribution or, alternatively, at
|
|
|
13 |
## <http://www.OpenLDAP.org/license.html>.
|
|
|
14 |
|
|
|
15 |
# Definitions from RFC2307 (Experimental)
|
|
|
16 |
# An Approach for Using LDAP as a Network Information Service
|
|
|
17 |
|
|
|
18 |
# Depends upon core.schema and cosine.schema
|
|
|
19 |
|
|
|
20 |
# Note: The definitions in RFC2307 are given in syntaxes closely related
|
|
|
21 |
# to those in RFC2252, however, some liberties are taken that are not
|
|
|
22 |
# supported by RFC2252. This file has been written following RFC2252
|
|
|
23 |
# strictly.
|
|
|
24 |
|
|
|
25 |
# OID Base is iso(1) org(3) dod(6) internet(1) directory(1) nisSchema(1).
|
|
|
26 |
# i.e. nisSchema in RFC2307 is 1.3.6.1.1.1
|
|
|
27 |
#
|
|
|
28 |
# Syntaxes are under 1.3.6.1.1.1.0 (two new syntaxes are defined)
|
|
|
29 |
# validaters for these syntaxes are incomplete, they only
|
|
|
30 |
# implement printable string validation (which is good as the
|
|
|
31 |
# common use of these syntaxes violates the specification).
|
|
|
32 |
# Attribute types are under 1.3.6.1.1.1.1
|
|
|
33 |
# Object classes are under 1.3.6.1.1.1.2
|
|
|
34 |
|
|
|
35 |
# Attribute Type Definitions
|
|
|
36 |
|
|
|
37 |
# builtin
|
|
|
38 |
#attributetype ( 1.3.6.1.1.1.1.0 NAME 'uidNumber'
|
|
|
39 |
# DESC 'An integer uniquely identifying a user in an administrative domain'
|
|
|
40 |
# EQUALITY integerMatch
|
|
|
41 |
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
|
42 |
|
|
|
43 |
# builtin
|
|
|
44 |
#attributetype ( 1.3.6.1.1.1.1.1 NAME 'gidNumber'
|
|
|
45 |
# DESC 'An integer uniquely identifying a group in an administrative domain'
|
|
|
46 |
# EQUALITY integerMatch
|
|
|
47 |
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
|
48 |
|
|
|
49 |
attributetype ( 1.3.6.1.1.1.1.2 NAME 'gecos'
|
|
|
50 |
DESC 'The GECOS field; the common name'
|
|
|
51 |
EQUALITY caseIgnoreIA5Match
|
|
|
52 |
SUBSTR caseIgnoreIA5SubstringsMatch
|
|
|
53 |
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
|
|
|
54 |
|
|
|
55 |
attributetype ( 1.3.6.1.1.1.1.3 NAME 'homeDirectory'
|
|
|
56 |
DESC 'The absolute path to the home directory'
|
|
|
57 |
EQUALITY caseExactIA5Match
|
|
|
58 |
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
|
|
|
59 |
|
|
|
60 |
attributetype ( 1.3.6.1.1.1.1.4 NAME 'loginShell'
|
|
|
61 |
DESC 'The path to the login shell'
|
|
|
62 |
EQUALITY caseExactIA5Match
|
|
|
63 |
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
|
|
|
64 |
|
|
|
65 |
attributetype ( 1.3.6.1.1.1.1.5 NAME 'shadowLastChange'
|
|
|
66 |
EQUALITY integerMatch
|
|
|
67 |
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
|
68 |
|
|
|
69 |
attributetype ( 1.3.6.1.1.1.1.6 NAME 'shadowMin'
|
|
|
70 |
EQUALITY integerMatch
|
|
|
71 |
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
|
72 |
|
|
|
73 |
attributetype ( 1.3.6.1.1.1.1.7 NAME 'shadowMax'
|
|
|
74 |
EQUALITY integerMatch
|
|
|
75 |
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
|
76 |
|
|
|
77 |
attributetype ( 1.3.6.1.1.1.1.8 NAME 'shadowWarning'
|
|
|
78 |
EQUALITY integerMatch
|
|
|
79 |
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
|
80 |
|
|
|
81 |
attributetype ( 1.3.6.1.1.1.1.9 NAME 'shadowInactive'
|
|
|
82 |
EQUALITY integerMatch
|
|
|
83 |
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
|
84 |
|
|
|
85 |
attributetype ( 1.3.6.1.1.1.1.10 NAME 'shadowExpire'
|
|
|
86 |
EQUALITY integerMatch
|
|
|
87 |
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
|
88 |
|
|
|
89 |
attributetype ( 1.3.6.1.1.1.1.11 NAME 'shadowFlag'
|
|
|
90 |
EQUALITY integerMatch
|
|
|
91 |
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
|
92 |
|
|
|
93 |
attributetype ( 1.3.6.1.1.1.1.12 NAME 'memberUid'
|
|
|
94 |
EQUALITY caseExactIA5Match
|
|
|
95 |
SUBSTR caseExactIA5SubstringsMatch
|
|
|
96 |
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
|
|
|
97 |
|
|
|
98 |
attributetype ( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup'
|
|
|
99 |
EQUALITY caseExactIA5Match
|
|
|
100 |
SUBSTR caseExactIA5SubstringsMatch
|
|
|
101 |
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
|
|
|
102 |
|
|
|
103 |
attributetype ( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple'
|
|
|
104 |
DESC 'Netgroup triple'
|
|
|
105 |
SYNTAX 1.3.6.1.1.1.0.0 )
|
|
|
106 |
|
|
|
107 |
attributetype ( 1.3.6.1.1.1.1.15 NAME 'ipServicePort'
|
|
|
108 |
EQUALITY integerMatch
|
|
|
109 |
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
|
110 |
|
|
|
111 |
attributetype ( 1.3.6.1.1.1.1.16 NAME 'ipServiceProtocol'
|
|
|
112 |
SUP name )
|
|
|
113 |
|
|
|
114 |
attributetype ( 1.3.6.1.1.1.1.17 NAME 'ipProtocolNumber'
|
|
|
115 |
EQUALITY integerMatch
|
|
|
116 |
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
|
117 |
|
|
|
118 |
attributetype ( 1.3.6.1.1.1.1.18 NAME 'oncRpcNumber'
|
|
|
119 |
EQUALITY integerMatch
|
|
|
120 |
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
|
121 |
|
|
|
122 |
attributetype ( 1.3.6.1.1.1.1.19 NAME 'ipHostNumber'
|
|
|
123 |
DESC 'IP address'
|
|
|
124 |
EQUALITY caseIgnoreIA5Match
|
|
|
125 |
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
|
|
|
126 |
|
|
|
127 |
attributetype ( 1.3.6.1.1.1.1.20 NAME 'ipNetworkNumber'
|
|
|
128 |
DESC 'IP network'
|
|
|
129 |
EQUALITY caseIgnoreIA5Match
|
|
|
130 |
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE )
|
|
|
131 |
|
|
|
132 |
attributetype ( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber'
|
|
|
133 |
DESC 'IP netmask'
|
|
|
134 |
EQUALITY caseIgnoreIA5Match
|
|
|
135 |
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE )
|
|
|
136 |
|
|
|
137 |
attributetype ( 1.3.6.1.1.1.1.22 NAME 'macAddress'
|
|
|
138 |
DESC 'MAC address'
|
|
|
139 |
EQUALITY caseIgnoreIA5Match
|
|
|
140 |
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
|
|
|
141 |
|
|
|
142 |
attributetype ( 1.3.6.1.1.1.1.23 NAME 'bootParameter'
|
|
|
143 |
DESC 'rpc.bootparamd parameter'
|
|
|
144 |
SYNTAX 1.3.6.1.1.1.0.1 )
|
|
|
145 |
|
|
|
146 |
attributetype ( 1.3.6.1.1.1.1.24 NAME 'bootFile'
|
|
|
147 |
DESC 'Boot image name'
|
|
|
148 |
EQUALITY caseExactIA5Match
|
|
|
149 |
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
|
|
|
150 |
|
|
|
151 |
attributetype ( 1.3.6.1.1.1.1.26 NAME 'nisMapName'
|
|
|
152 |
SUP name )
|
|
|
153 |
|
|
|
154 |
attributetype ( 1.3.6.1.1.1.1.27 NAME 'nisMapEntry'
|
|
|
155 |
EQUALITY caseExactIA5Match
|
|
|
156 |
SUBSTR caseExactIA5SubstringsMatch
|
|
|
157 |
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{1024} SINGLE-VALUE )
|
|
|
158 |
|
|
|
159 |
# Object Class Definitions
|
|
|
160 |
|
|
|
161 |
objectclass ( 1.3.6.1.1.1.2.0 NAME 'posixAccount'
|
|
|
162 |
DESC 'Abstraction of an account with POSIX attributes'
|
|
|
163 |
SUP top AUXILIARY
|
|
|
164 |
MUST ( cn $ uid $ uidNumber $ gidNumber $ homeDirectory )
|
|
|
165 |
MAY ( userPassword $ loginShell $ gecos $ description ) )
|
|
|
166 |
|
|
|
167 |
objectclass ( 1.3.6.1.1.1.2.1 NAME 'shadowAccount'
|
|
|
168 |
DESC 'Additional attributes for shadow passwords'
|
|
|
169 |
SUP top AUXILIARY
|
|
|
170 |
MUST uid
|
|
|
171 |
MAY ( userPassword $ shadowLastChange $ shadowMin $
|
|
|
172 |
shadowMax $ shadowWarning $ shadowInactive $
|
|
|
173 |
shadowExpire $ shadowFlag $ description ) )
|
|
|
174 |
|
|
|
175 |
objectclass ( 1.3.6.1.1.1.2.2 NAME 'posixGroup'
|
|
|
176 |
DESC 'Abstraction of a group of accounts'
|
|
|
177 |
SUP top STRUCTURAL
|
|
|
178 |
MUST ( cn $ gidNumber )
|
|
|
179 |
MAY ( userPassword $ memberUid $ description ) )
|
|
|
180 |
|
|
|
181 |
objectclass ( 1.3.6.1.1.1.2.3 NAME 'ipService'
|
|
|
182 |
DESC 'Abstraction an Internet Protocol service'
|
|
|
183 |
SUP top STRUCTURAL
|
|
|
184 |
MUST ( cn $ ipServicePort $ ipServiceProtocol )
|
|
|
185 |
MAY ( description ) )
|
|
|
186 |
|
|
|
187 |
objectclass ( 1.3.6.1.1.1.2.4 NAME 'ipProtocol'
|
|
|
188 |
DESC 'Abstraction of an IP protocol'
|
|
|
189 |
SUP top STRUCTURAL
|
|
|
190 |
MUST ( cn $ ipProtocolNumber $ description )
|
|
|
191 |
MAY description )
|
|
|
192 |
|
|
|
193 |
objectclass ( 1.3.6.1.1.1.2.5 NAME 'oncRpc'
|
|
|
194 |
DESC 'Abstraction of an ONC/RPC binding'
|
|
|
195 |
SUP top STRUCTURAL
|
|
|
196 |
MUST ( cn $ oncRpcNumber $ description )
|
|
|
197 |
MAY description )
|
|
|
198 |
|
|
|
199 |
objectclass ( 1.3.6.1.1.1.2.6 NAME 'ipHost'
|
|
|
200 |
DESC 'Abstraction of a host, an IP device'
|
|
|
201 |
SUP top AUXILIARY
|
|
|
202 |
MUST ( cn $ ipHostNumber )
|
|
|
203 |
MAY ( l $ description $ manager ) )
|
|
|
204 |
|
|
|
205 |
objectclass ( 1.3.6.1.1.1.2.7 NAME 'ipNetwork'
|
|
|
206 |
DESC 'Abstraction of an IP network'
|
|
|
207 |
SUP top STRUCTURAL
|
|
|
208 |
MUST ( cn $ ipNetworkNumber )
|
|
|
209 |
MAY ( ipNetmaskNumber $ l $ description $ manager ) )
|
|
|
210 |
|
|
|
211 |
objectclass ( 1.3.6.1.1.1.2.8 NAME 'nisNetgroup'
|
|
|
212 |
DESC 'Abstraction of a netgroup'
|
|
|
213 |
SUP top STRUCTURAL
|
|
|
214 |
MUST cn
|
|
|
215 |
MAY ( nisNetgroupTriple $ memberNisNetgroup $ description ) )
|
|
|
216 |
|
|
|
217 |
objectclass ( 1.3.6.1.1.1.2.9 NAME 'nisMap'
|
|
|
218 |
DESC 'A generic abstraction of a NIS map'
|
|
|
219 |
SUP top STRUCTURAL
|
|
|
220 |
MUST nisMapName
|
|
|
221 |
MAY description )
|
|
|
222 |
|
|
|
223 |
objectclass ( 1.3.6.1.1.1.2.10 NAME 'nisObject'
|
|
|
224 |
DESC 'An entry in a NIS map'
|
|
|
225 |
SUP top STRUCTURAL
|
|
|
226 |
MUST ( cn $ nisMapEntry $ nisMapName )
|
|
|
227 |
MAY description )
|
|
|
228 |
|
|
|
229 |
objectclass ( 1.3.6.1.1.1.2.11 NAME 'ieee802Device'
|
|
|
230 |
DESC 'A device with a MAC address'
|
|
|
231 |
SUP top AUXILIARY
|
|
|
232 |
MAY macAddress )
|
|
|
233 |
|
|
|
234 |
objectclass ( 1.3.6.1.1.1.2.12 NAME 'bootableDevice'
|
|
|
235 |
DESC 'A device with boot parameters'
|
|
|
236 |
SUP top AUXILIARY
|
|
|
237 |
MAY ( bootFile $ bootParameter ) )
|