2 # Definitions from RFC2307 (Experimental)
3 # An Approach for Using LDAP as a Network Information Service
5 # Note: The definitions in RFC2307 are given in syntaxes closely related
6 # to those in RFC2252, however, some liberties are taken that are not
7 # supported by RFC2252. This file has been written following RFC2252
10 # OID Base is iso(1) org(3) dod(6) internet(1) directory(1) nisSchema(1).
11 # i.e. nisSchema in RFC2307 is 1.3.6.1.1.1
13 # Syntaxes are under 1.3.6.1.1.1.0 (two new syntaxes are defined)
14 # validaters for these syntaxes are incomplete, they only
15 # implement printable string validation (which is good as the
16 # common use of these syntaxes violates the specification).
17 # Attribute types are under 1.3.6.1.1.1.1
18 # Object classes are under 1.3.6.1.1.1.2
20 # Attribute Type Definitions
22 attributetype ( 1.3.6.1.1.1.1.0 NAME 'uidNumber'
23 DESC 'An integer uniquely identifying a user in an administrative domain'
25 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
27 attributetype ( 1.3.6.1.1.1.1.1 NAME 'gidNumber'
28 DESC 'An integer uniquely identifying a group in an administrative domain'
30 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
32 attributetype ( 1.3.6.1.1.1.1.2 NAME 'gecos'
33 DESC 'The GECOS field; the common name'
34 EQUALITY caseIgnoreIA5Match
35 SUBSTR caseIgnoreIA5SubstringsMatch
36 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
38 attributetype ( 1.3.6.1.1.1.1.3 NAME 'homeDirectory'
39 DESC 'The absolute path to the home directory'
40 EQUALITY caseExactIA5Match
41 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
43 attributetype ( 1.3.6.1.1.1.1.4 NAME 'loginShell'
44 DESC 'The path to the login shell'
45 EQUALITY caseExactIA5Match
46 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
48 attributetype ( 1.3.6.1.1.1.1.5 NAME 'shadowLastChange'
50 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
52 attributetype ( 1.3.6.1.1.1.1.6 NAME 'shadowMin'
54 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
56 attributetype ( 1.3.6.1.1.1.1.7 NAME 'shadowMax'
58 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
60 attributetype ( 1.3.6.1.1.1.1.8 NAME 'shadowWarning'
62 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
64 attributetype ( 1.3.6.1.1.1.1.9 NAME 'shadowInactive'
66 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
68 attributetype ( 1.3.6.1.1.1.1.10 NAME 'shadowExpire'
70 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
72 attributetype ( 1.3.6.1.1.1.1.11 NAME 'shadowFlag'
74 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
76 attributetype ( 1.3.6.1.1.1.1.12 NAME 'memberUid'
77 EQUALITY caseExactIA5Match
78 SUBSTR caseExactIA5SubstringsMatch
79 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
81 attributetype ( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup'
82 EQUALITY caseExactIA5Match
83 SUBSTR caseExactIA5SubstringsMatch
84 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
86 attributetype ( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple'
87 DESC 'Netgroup triple'
88 SYNTAX 1.3.6.1.1.1.0.0 )
90 attributetype ( 1.3.6.1.1.1.1.15 NAME 'ipServicePort'
92 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
94 attributetype ( 1.3.6.1.1.1.1.16 NAME 'ipServiceProtocol'
97 attributetype ( 1.3.6.1.1.1.1.17 NAME 'ipProtocolNumber'
99 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
101 attributetype ( 1.3.6.1.1.1.1.18 NAME 'oncRpcNumber'
102 EQUALITY integerMatch
103 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
105 attributetype ( 1.3.6.1.1.1.1.19 NAME 'ipHostNumber'
106 DESC 'IP address as a dotted decimal, eg. 192.168.1.1, omitting leading zeros'
107 EQUALITY caseIgnoreIA5Match
108 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
110 attributetype ( 1.3.6.1.1.1.1.20 NAME 'ipNetworkNumber'
111 DESC 'IP network as a dotted decimal, eg. 192.168, omitting leading zeros'
112 EQUALITY caseIgnoreIA5Match
113 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE )
115 attributetype ( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber'
116 DESC 'IP netmask as a dotted decimal, eg. 255.255.255.0, omitting leading zeros'
117 EQUALITY caseIgnoreIA5Match
118 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE )
120 attributetype ( 1.3.6.1.1.1.1.22 NAME 'macAddress'
121 DESC 'MAC address in maximal, colon separated hex notation, eg. 00:00:92:90:ee:e2'
122 EQUALITY caseIgnoreIA5Match
123 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
125 attributetype ( 1.3.6.1.1.1.1.23 NAME 'bootParameter'
126 DESC 'rpc.bootparamd parameter'
127 SYNTAX 1.3.6.1.1.1.0.1 )
129 attributetype ( 1.3.6.1.1.1.1.24 NAME 'bootFile'
130 DESC 'Boot image name'
131 EQUALITY caseExactIA5Match
132 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
134 attributetype ( 1.3.6.1.1.1.1.26 NAME 'nisMapName'
137 attributetype ( 1.3.6.1.1.1.1.27 NAME 'nisMapEntry'
138 EQUALITY caseExactIA5Match
139 SUBSTR caseExactIA5SubstringsMatch
140 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{1024} SINGLE-VALUE )
142 # Object Class Definitions
144 objectclass ( 1.3.6.1.1.1.2.0 NAME 'posixAccount' SUP top AUXILIARY
145 DESC 'Abstraction of an account with POSIX attributes'
146 MUST ( cn $ uid $ uidNumber $ gidNumber $ homeDirectory )
147 MAY ( userPassword $ loginShell $ gecos $ description ) )
149 objectclass ( 1.3.6.1.1.1.2.1 NAME 'shadowAccount' SUP top AUXILIARY
150 DESC 'Additional attributes for shadow passwords'
152 MAY ( userPassword $ shadowLastChange $ shadowMin $
153 shadowMax $ shadowWarning $ shadowInactive $
154 shadowExpire $ shadowFlag $ description ) )
156 objectclass ( 1.3.6.1.1.1.2.2 NAME 'posixGroup' SUP top STRUCTURAL
157 DESC 'Abstraction of a group of accounts'
158 MUST ( cn $ gidNumber )
159 MAY ( userPassword $ memberUid $ description ) )
161 objectclass ( 1.3.6.1.1.1.2.3 NAME 'ipService' SUP top STRUCTURAL
162 DESC 'Abstraction an Internet Protocol service.
163 Maps an IP port and protocol (such as tcp or udp)
164 to one or more names; the distinguished value of
165 the cn attribute denotes the service"s canonical
167 MUST ( cn $ ipServicePort $ ipServiceProtocol )
168 MAY ( description ) )
170 objectclass ( 1.3.6.1.1.1.2.4 NAME 'ipProtocol' SUP top STRUCTURAL
171 DESC 'Abstraction of an IP protocol. Maps a protocol number
172 to one or more names. The distinguished value of the cn
173 attribute denotes the protocol"s canonical name'
174 MUST ( cn $ ipProtocolNumber $ description )
177 objectclass ( 1.3.6.1.1.1.2.5 NAME 'oncRpc' SUP top STRUCTURAL
178 DESC 'Abstraction of an Open Network Computing (ONC)
179 [RFC1057] Remote Procedure Call (RPC) binding.
180 This class maps an ONC RPC number to a name.
181 The distinguished value of the cn attribute denotes
182 the RPC service"s canonical name'
183 MUST ( cn $ oncRpcNumber $ description )
186 objectclass ( 1.3.6.1.1.1.2.6 NAME 'ipHost' SUP top AUXILIARY
187 DESC 'Abstraction of a host, an IP device. The distinguished
188 value of the cn attribute denotes the host"s canonical
189 name. Device SHOULD be used as a structural class'
190 MUST ( cn $ ipHostNumber )
191 MAY ( l $ description $ manager ) )
193 objectclass ( 1.3.6.1.1.1.2.7 NAME 'ipNetwork' SUP top STRUCTURAL
194 DESC 'Abstraction of a network. The distinguished value of
195 the cn attribute denotes the network"s canonical name'
196 MUST ( cn $ ipNetworkNumber )
197 MAY ( ipNetmaskNumber $ l $ description $ manager ) )
199 objectclass ( 1.3.6.1.1.1.2.8 NAME 'nisNetgroup' SUP top STRUCTURAL
200 DESC 'Abstraction of a netgroup. May refer to other netgroups'
202 MAY ( nisNetgroupTriple $ memberNisNetgroup $ description ) )
204 objectclass ( 1.3.6.1.1.1.2.9 NAME 'nisMap' SUP top STRUCTURAL
205 DESC 'A generic abstraction of a NIS map'
209 objectclass ( 1.3.6.1.1.1.2.10 NAME 'nisObject' SUP top STRUCTURAL
210 DESC 'An entry in a NIS map'
211 MUST ( cn $ nisMapEntry $ nisMapName )
214 objectclass ( 1.3.6.1.1.1.2.11 NAME 'ieee802Device' SUP top AUXILIARY
215 DESC 'A device with a MAC address; device SHOULD be
216 used as a structural class'
219 objectclass ( 1.3.6.1.1.1.2.12 NAME 'bootableDevice' SUP top AUXILIARY
220 DESC 'A device with boot parameters; device SHOULD be
221 used as a structural class'
222 MAY ( bootFile $ bootParameter ) )