2 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 ## Copyright 1998-2005 The OpenLDAP Foundation.
5 ## All rights reserved.
7 ## Redistribution and use in source and binary forms, with or without
8 ## modification, are permitted only as authorized by the OpenLDAP
11 ## A copy of this license is available in the file LICENSE in the
12 ## top-level directory of the distribution or, alternatively, at
13 ## <http://www.OpenLDAP.org/license.html>.
15 # Definitions from RFC2307 (Experimental)
16 # An Approach for Using LDAP as a Network Information Service
18 # Depends upon core.schema and cosine.schema
20 # Note: The definitions in RFC2307 are given in syntaxes closely related
21 # to those in RFC2252, however, some liberties are taken that are not
22 # supported by RFC2252. This file has been written following RFC2252
25 # OID Base is iso(1) org(3) dod(6) internet(1) directory(1) nisSchema(1).
26 # i.e. nisSchema in RFC2307 is 1.3.6.1.1.1
28 # Syntaxes are under 1.3.6.1.1.1.0 (two new syntaxes are defined)
29 # validaters for these syntaxes are incomplete, they only
30 # implement printable string validation (which is good as the
31 # common use of these syntaxes violates the specification).
32 # Attribute types are under 1.3.6.1.1.1.1
33 # Object classes are under 1.3.6.1.1.1.2
35 # Attribute Type Definitions
37 attributetype ( 1.3.6.1.1.1.1.0 NAME 'uidNumber'
38 DESC 'An integer uniquely identifying a user in an administrative domain'
40 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
42 attributetype ( 1.3.6.1.1.1.1.1 NAME 'gidNumber'
43 DESC 'An integer uniquely identifying a group in an administrative domain'
45 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
47 attributetype ( 1.3.6.1.1.1.1.2 NAME 'gecos'
48 DESC 'The GECOS field; the common name'
49 EQUALITY caseIgnoreIA5Match
50 SUBSTR caseIgnoreIA5SubstringsMatch
51 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
53 attributetype ( 1.3.6.1.1.1.1.3 NAME 'homeDirectory'
54 DESC 'The absolute path to the home directory'
55 EQUALITY caseExactIA5Match
56 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
58 attributetype ( 1.3.6.1.1.1.1.4 NAME 'loginShell'
59 DESC 'The path to the login shell'
60 EQUALITY caseExactIA5Match
61 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
63 attributetype ( 1.3.6.1.1.1.1.5 NAME 'shadowLastChange'
65 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
67 attributetype ( 1.3.6.1.1.1.1.6 NAME 'shadowMin'
69 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
71 attributetype ( 1.3.6.1.1.1.1.7 NAME 'shadowMax'
73 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
75 attributetype ( 1.3.6.1.1.1.1.8 NAME 'shadowWarning'
77 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
79 attributetype ( 1.3.6.1.1.1.1.9 NAME 'shadowInactive'
81 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
83 attributetype ( 1.3.6.1.1.1.1.10 NAME 'shadowExpire'
85 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
87 attributetype ( 1.3.6.1.1.1.1.11 NAME 'shadowFlag'
89 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
91 attributetype ( 1.3.6.1.1.1.1.12 NAME 'memberUid'
92 EQUALITY caseExactIA5Match
93 SUBSTR caseExactIA5SubstringsMatch
94 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
96 attributetype ( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup'
97 EQUALITY caseExactIA5Match
98 SUBSTR caseExactIA5SubstringsMatch
99 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
101 attributetype ( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple'
102 DESC 'Netgroup triple'
103 SYNTAX 1.3.6.1.1.1.0.0 )
105 attributetype ( 1.3.6.1.1.1.1.15 NAME 'ipServicePort'
106 EQUALITY integerMatch
107 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
109 attributetype ( 1.3.6.1.1.1.1.16 NAME 'ipServiceProtocol'
112 attributetype ( 1.3.6.1.1.1.1.17 NAME 'ipProtocolNumber'
113 EQUALITY integerMatch
114 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
116 attributetype ( 1.3.6.1.1.1.1.18 NAME 'oncRpcNumber'
117 EQUALITY integerMatch
118 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
120 attributetype ( 1.3.6.1.1.1.1.19 NAME 'ipHostNumber'
122 EQUALITY caseIgnoreIA5Match
123 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
125 attributetype ( 1.3.6.1.1.1.1.20 NAME 'ipNetworkNumber'
127 EQUALITY caseIgnoreIA5Match
128 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE )
130 attributetype ( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber'
132 EQUALITY caseIgnoreIA5Match
133 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE )
135 attributetype ( 1.3.6.1.1.1.1.22 NAME 'macAddress'
137 EQUALITY caseIgnoreIA5Match
138 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
140 attributetype ( 1.3.6.1.1.1.1.23 NAME 'bootParameter'
141 DESC 'rpc.bootparamd parameter'
142 SYNTAX 1.3.6.1.1.1.0.1 )
144 attributetype ( 1.3.6.1.1.1.1.24 NAME 'bootFile'
145 DESC 'Boot image name'
146 EQUALITY caseExactIA5Match
147 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
149 attributetype ( 1.3.6.1.1.1.1.26 NAME 'nisMapName'
152 attributetype ( 1.3.6.1.1.1.1.27 NAME 'nisMapEntry'
153 EQUALITY caseExactIA5Match
154 SUBSTR caseExactIA5SubstringsMatch
155 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{1024} SINGLE-VALUE )
157 # Object Class Definitions
159 objectclass ( 1.3.6.1.1.1.2.0 NAME 'posixAccount'
160 DESC 'Abstraction of an account with POSIX attributes'
162 MUST ( cn $ uid $ uidNumber $ gidNumber $ homeDirectory )
163 MAY ( userPassword $ loginShell $ gecos $ description ) )
165 objectclass ( 1.3.6.1.1.1.2.1 NAME 'shadowAccount'
166 DESC 'Additional attributes for shadow passwords'
169 MAY ( userPassword $ shadowLastChange $ shadowMin $
170 shadowMax $ shadowWarning $ shadowInactive $
171 shadowExpire $ shadowFlag $ description ) )
173 objectclass ( 1.3.6.1.1.1.2.2 NAME 'posixGroup'
174 DESC 'Abstraction of a group of accounts'
176 MUST ( cn $ gidNumber )
177 MAY ( userPassword $ memberUid $ description ) )
179 objectclass ( 1.3.6.1.1.1.2.3 NAME 'ipService'
180 DESC 'Abstraction an Internet Protocol service'
182 MUST ( cn $ ipServicePort $ ipServiceProtocol )
183 MAY ( description ) )
185 objectclass ( 1.3.6.1.1.1.2.4 NAME 'ipProtocol'
186 DESC 'Abstraction of an IP protocol'
188 MUST ( cn $ ipProtocolNumber $ description )
191 objectclass ( 1.3.6.1.1.1.2.5 NAME 'oncRpc'
192 DESC 'Abstraction of an ONC/RPC binding'
194 MUST ( cn $ oncRpcNumber $ description )
197 objectclass ( 1.3.6.1.1.1.2.6 NAME 'ipHost'
198 DESC 'Abstraction of a host, an IP device'
200 MUST ( cn $ ipHostNumber )
201 MAY ( l $ description $ manager ) )
203 objectclass ( 1.3.6.1.1.1.2.7 NAME 'ipNetwork'
204 DESC 'Abstraction of an IP network'
206 MUST ( cn $ ipNetworkNumber )
207 MAY ( ipNetmaskNumber $ l $ description $ manager ) )
209 objectclass ( 1.3.6.1.1.1.2.8 NAME 'nisNetgroup'
210 DESC 'Abstraction of a netgroup'
213 MAY ( nisNetgroupTriple $ memberNisNetgroup $ description ) )
215 objectclass ( 1.3.6.1.1.1.2.9 NAME 'nisMap'
216 DESC 'A generic abstraction of a NIS map'
221 objectclass ( 1.3.6.1.1.1.2.10 NAME 'nisObject'
222 DESC 'An entry in a NIS map'
224 MUST ( cn $ nisMapEntry $ nisMapName )
227 objectclass ( 1.3.6.1.1.1.2.11 NAME 'ieee802Device'
228 DESC 'A device with a MAC address'
232 objectclass ( 1.3.6.1.1.1.2.12 NAME 'bootableDevice'
233 DESC 'A device with boot parameters'
235 MAY ( bootFile $ bootParameter ) )