2 # Definitions from RFC2307 (Experimental)
3 # An Approach for Using LDAP as a Network Information Service
5 # Depends upon core.schema and cosine.schema
7 # Note: The definitions in RFC2307 are given in syntaxes closely related
8 # to those in RFC2252, however, some liberties are taken that are not
9 # supported by RFC2252. This file has been written following RFC2252
12 # OID Base is iso(1) org(3) dod(6) internet(1) directory(1) nisSchema(1).
13 # i.e. nisSchema in RFC2307 is 1.3.6.1.1.1
15 # Syntaxes are under 1.3.6.1.1.1.0 (two new syntaxes are defined)
16 # validaters for these syntaxes are incomplete, they only
17 # implement printable string validation (which is good as the
18 # common use of these syntaxes violates the specification).
19 # Attribute types are under 1.3.6.1.1.1.1
20 # Object classes are under 1.3.6.1.1.1.2
22 # Attribute Type Definitions
24 attributetype ( 1.3.6.1.1.1.1.0 NAME 'uidNumber'
25 DESC 'An integer uniquely identifying a user in an administrative domain'
27 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
29 attributetype ( 1.3.6.1.1.1.1.1 NAME 'gidNumber'
30 DESC 'An integer uniquely identifying a group in an administrative domain'
32 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
34 attributetype ( 1.3.6.1.1.1.1.2 NAME 'gecos'
35 DESC 'The GECOS field; the common name'
36 EQUALITY caseIgnoreIA5Match
37 SUBSTR caseIgnoreIA5SubstringsMatch
38 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
40 attributetype ( 1.3.6.1.1.1.1.3 NAME 'homeDirectory'
41 DESC 'The absolute path to the home directory'
42 EQUALITY caseExactIA5Match
43 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
45 attributetype ( 1.3.6.1.1.1.1.4 NAME 'loginShell'
46 DESC 'The path to the login shell'
47 EQUALITY caseExactIA5Match
48 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
50 attributetype ( 1.3.6.1.1.1.1.5 NAME 'shadowLastChange'
52 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
54 attributetype ( 1.3.6.1.1.1.1.6 NAME 'shadowMin'
56 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
58 attributetype ( 1.3.6.1.1.1.1.7 NAME 'shadowMax'
60 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
62 attributetype ( 1.3.6.1.1.1.1.8 NAME 'shadowWarning'
64 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
66 attributetype ( 1.3.6.1.1.1.1.9 NAME 'shadowInactive'
68 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
70 attributetype ( 1.3.6.1.1.1.1.10 NAME 'shadowExpire'
72 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
74 attributetype ( 1.3.6.1.1.1.1.11 NAME 'shadowFlag'
76 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
78 attributetype ( 1.3.6.1.1.1.1.12 NAME 'memberUid'
79 EQUALITY caseExactIA5Match
80 SUBSTR caseExactIA5SubstringsMatch
81 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
83 attributetype ( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup'
84 EQUALITY caseExactIA5Match
85 SUBSTR caseExactIA5SubstringsMatch
86 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
88 attributetype ( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple'
89 DESC 'Netgroup triple'
90 SYNTAX 1.3.6.1.1.1.0.0 )
92 attributetype ( 1.3.6.1.1.1.1.15 NAME 'ipServicePort'
94 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
96 attributetype ( 1.3.6.1.1.1.1.16 NAME 'ipServiceProtocol'
99 attributetype ( 1.3.6.1.1.1.1.17 NAME 'ipProtocolNumber'
100 EQUALITY integerMatch
101 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
103 attributetype ( 1.3.6.1.1.1.1.18 NAME 'oncRpcNumber'
104 EQUALITY integerMatch
105 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
107 attributetype ( 1.3.6.1.1.1.1.19 NAME 'ipHostNumber'
108 DESC 'IP address as a dotted decimal, eg. 192.168.1.1, omitting leading zeros'
109 EQUALITY caseIgnoreIA5Match
110 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
112 attributetype ( 1.3.6.1.1.1.1.20 NAME 'ipNetworkNumber'
113 DESC 'IP network as a dotted decimal, eg. 192.168, omitting leading zeros'
114 EQUALITY caseIgnoreIA5Match
115 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE )
117 attributetype ( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber'
118 DESC 'IP netmask as a dotted decimal, eg. 255.255.255.0, omitting leading zeros'
119 EQUALITY caseIgnoreIA5Match
120 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE )
122 attributetype ( 1.3.6.1.1.1.1.22 NAME 'macAddress'
123 DESC 'MAC address in maximal, colon separated hex notation, eg. 00:00:92:90:ee:e2'
124 EQUALITY caseIgnoreIA5Match
125 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
127 attributetype ( 1.3.6.1.1.1.1.23 NAME 'bootParameter'
128 DESC 'rpc.bootparamd parameter'
129 SYNTAX 1.3.6.1.1.1.0.1 )
131 attributetype ( 1.3.6.1.1.1.1.24 NAME 'bootFile'
132 DESC 'Boot image name'
133 EQUALITY caseExactIA5Match
134 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
136 attributetype ( 1.3.6.1.1.1.1.26 NAME 'nisMapName'
139 attributetype ( 1.3.6.1.1.1.1.27 NAME 'nisMapEntry'
140 EQUALITY caseExactIA5Match
141 SUBSTR caseExactIA5SubstringsMatch
142 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{1024} SINGLE-VALUE )
144 # Object Class Definitions
146 objectclass ( 1.3.6.1.1.1.2.0 NAME 'posixAccount' SUP top AUXILIARY
147 DESC 'Abstraction of an account with POSIX attributes'
148 MUST ( cn $ uid $ uidNumber $ gidNumber $ homeDirectory )
149 MAY ( userPassword $ loginShell $ gecos $ description ) )
151 objectclass ( 1.3.6.1.1.1.2.1 NAME 'shadowAccount' SUP top AUXILIARY
152 DESC 'Additional attributes for shadow passwords'
154 MAY ( userPassword $ shadowLastChange $ shadowMin $
155 shadowMax $ shadowWarning $ shadowInactive $
156 shadowExpire $ shadowFlag $ description ) )
158 objectclass ( 1.3.6.1.1.1.2.2 NAME 'posixGroup' SUP top STRUCTURAL
159 DESC 'Abstraction of a group of accounts'
160 MUST ( cn $ gidNumber )
161 MAY ( userPassword $ memberUid $ description ) )
163 objectclass ( 1.3.6.1.1.1.2.3 NAME 'ipService' SUP top STRUCTURAL
164 DESC 'Abstraction an Internet Protocol service.
165 Maps an IP port and protocol (such as tcp or udp)
166 to one or more names; the distinguished value of
167 the cn attribute denotes the service"s canonical
169 MUST ( cn $ ipServicePort $ ipServiceProtocol )
170 MAY ( description ) )
172 objectclass ( 1.3.6.1.1.1.2.4 NAME 'ipProtocol' SUP top STRUCTURAL
173 DESC 'Abstraction of an IP protocol. Maps a protocol number
174 to one or more names. The distinguished value of the cn
175 attribute denotes the protocol"s canonical name'
176 MUST ( cn $ ipProtocolNumber $ description )
179 objectclass ( 1.3.6.1.1.1.2.5 NAME 'oncRpc' SUP top STRUCTURAL
180 DESC 'Abstraction of an Open Network Computing (ONC)
181 [RFC1057] Remote Procedure Call (RPC) binding.
182 This class maps an ONC RPC number to a name.
183 The distinguished value of the cn attribute denotes
184 the RPC service"s canonical name'
185 MUST ( cn $ oncRpcNumber $ description )
188 objectclass ( 1.3.6.1.1.1.2.6 NAME 'ipHost' SUP top AUXILIARY
189 DESC 'Abstraction of a host, an IP device. The distinguished
190 value of the cn attribute denotes the host"s canonical
191 name. Device SHOULD be used as a structural class'
192 MUST ( cn $ ipHostNumber )
193 MAY ( l $ description $ manager ) )
195 objectclass ( 1.3.6.1.1.1.2.7 NAME 'ipNetwork' SUP top STRUCTURAL
196 DESC 'Abstraction of a network. The distinguished value of
197 the cn attribute denotes the network"s canonical name'
198 MUST ( cn $ ipNetworkNumber )
199 MAY ( ipNetmaskNumber $ l $ description $ manager ) )
201 objectclass ( 1.3.6.1.1.1.2.8 NAME 'nisNetgroup' SUP top STRUCTURAL
202 DESC 'Abstraction of a netgroup. May refer to other netgroups'
204 MAY ( nisNetgroupTriple $ memberNisNetgroup $ description ) )
206 objectclass ( 1.3.6.1.1.1.2.9 NAME 'nisMap' SUP top STRUCTURAL
207 DESC 'A generic abstraction of a NIS map'
211 objectclass ( 1.3.6.1.1.1.2.10 NAME 'nisObject' SUP top STRUCTURAL
212 DESC 'An entry in a NIS map'
213 MUST ( cn $ nisMapEntry $ nisMapName )
216 objectclass ( 1.3.6.1.1.1.2.11 NAME 'ieee802Device' SUP top AUXILIARY
217 DESC 'A device with a MAC address; device SHOULD be
218 used as a structural class'
221 objectclass ( 1.3.6.1.1.1.2.12 NAME 'bootableDevice' SUP top AUXILIARY
222 DESC 'A device with boot parameters; device SHOULD be
223 used as a structural class'
224 MAY ( bootFile $ bootParameter ) )