1 # dyngroup.schema -- Dynamic Group schema
3 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 ## Copyright 1998-2007 The OpenLDAP Foundation.
6 ## All rights reserved.
8 ## Redistribution and use in source and binary forms, with or without
9 ## modification, are permitted only as authorized by the OpenLDAP
12 ## A copy of this license is available in the file LICENSE in the
13 ## top-level directory of the distribution or, alternatively, at
14 ## <http://www.OpenLDAP.org/license.html>.
16 # Dynamic Group schema (experimental), as defined by Netscape. See
17 # http://www.redhat.com/docs/manuals/ent-server/pdf/esadmin611.pdf
18 # page 70 for details on how these groups were used.
20 # A description of the objectclass definition is available here:
21 # http://www.redhat.com/docs/manuals/dir-server/schema/7.1/oc_dir.html#1303745
26 # These definitions are considered experimental due to the lack of
27 # a formal specification (e.g., RFC).
29 # NOT RECOMMENDED FOR PRODUCTION USE! USE WITH CAUTION!
31 # The Netscape documentation describes this as an auxiliary objectclass
32 # but their implementations have always defined it as a structural class.
33 # The sloppiness here is because Netscape-derived servers don't actually
34 # implement the X.500 data model, and they don't honor the distinction
35 # between structural and auxiliary classes. This fact is noted here:
36 # http://forum.java.sun.com/thread.jspa?threadID=5016864&messageID=9034636
38 # In accordance with the actual usage in practice, we define it as an
41 # Our definition of memberURL also does not match theirs but again
42 # their published definition and what works in practice do not agree.
43 # In other words, the Netscape definitions are broken and interoperability
47 objectIdentifier NetscapeRoot 2.16.840.1.113730
49 objectIdentifier NetscapeLDAP NetscapeRoot:3
50 objectIdentifier NetscapeLDAPattributeType NetscapeLDAP:1
51 objectIdentifier NetscapeLDAPobjectClass NetscapeLDAP:2
53 attributetype ( NetscapeLDAPattributeType:198
55 DESC 'Identifies an URL associated with each member of a group. Any type of labeled URL can be used.'
58 objectClass ( NetscapeLDAPobjectClass:33
62 MAY ( memberURL $ businessCategory $ description $ o $ ou $