2 # These come from RFC1274 and are in ASN.1 syntax. They have been
3 # translated with some imagination. Only attributes and classes we
4 # already had are here. In general, the matching rules in the
5 # attribute types are incomplete or incorrect and have to be checked.
7 # Note: It seems that the pilot schema evolved beyond what was
8 # described in RFC1274. It also seems that Umich followed the changes
9 # but we don't know where are documented. More worrisome is that it
10 # seems that Netscape does not know either. Searches on Altavista
11 # have not shed any light, so we will have to ask for help.
13 # This file uses definitions from slapd.std.schema
15 # ccitt.data.pss.ucl.pilot ( 0.9.2342.19200300.100 )
16 # 1 pilotAttributeType
17 # 3 pilotAttributeSyntax
21 # Believe it or not, this is case-insensitive
23 attribute ( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' )
24 EQUALITY caseIgnoreMatch
25 SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
27 attribute ( 0.9.2342.19200300.100.1.2 NAME 'textEncodedORAddress'
28 EQUALITY caseIgnoreMatch
29 SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
31 attribute ( 0.9.2342.19200300.100.1.3 NAME ( 'mail' 'rfc822Mailbox' )
32 EQUALITY caseIgnoreIA5Match
33 SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
35 attribute ( 0.9.2342.19200300.100.1.4 NAME 'info' EQUALITY caseIgnoreMatch
36 SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
38 attribute ( 0.9.2342.19200300.100.1.5 NAME ( 'drink' 'favouriteDrink' )
39 EQUALITY caseIgnoreMatch
40 SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
42 attribute ( 0.9.2342.19200300.100.1.6 NAME 'roomNumber'
43 EQUALITY caseIgnoreMatch
44 SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
46 attribute ( 0.9.2342.19200300.100.1.7 NAME 'photo'
47 SYNTAX '1.3.6.1.4.1.1466.115.121.1.5' )
49 attribute ( 0.9.2342.19200300.100.1.8 NAME 'userClass'
50 EQUALITY caseIgnoreMatch
51 SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
53 attribute ( 0.9.2342.19200300.100.1.9 NAME 'host'
54 EQUALITY caseIgnoreMatch
55 SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
57 attribute ( 0.9.2342.19200300.100.1.10 NAME 'manager'
58 EQUALITY distinguishedNameMatch
59 SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' )
61 attribute ( 0.9.2342.19200300.100.1.11 NAME 'documentIdentifier'
62 EQUALITY caseIgnoreMatch
63 SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
65 attribute ( 0.9.2342.19200300.100.1.12 NAME 'documentTitle'
66 EQUALITY caseIgnoreMatch
67 SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
69 attributes ( 0.9.2342.19200300.100.1.13 NAME 'documentVersion'
70 EQUALITY caseIgnoreMatch
71 SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
73 attributes ( 0.9.2342.19200300.100.1.14 NAME 'documentAuthor'
74 EQUALITY distinguishedNameMatch
75 SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' )
77 attributes ( 0.9.2342.19200300.100.1.15 NAME 'documentLocation'
78 EQUALITY caseIgnoreMatch
79 SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
81 attribute ( 0.9.2342.19200300.100.1.20 NAME ( 'homeTelephoneNumber' 'homePhone' )
82 EQUALITY telephoneNumberMatch
83 SUBSTR telephoneNumberSubstringsMatch
84 SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
86 attribute ( 0.9.2342.19200300.100.1.21 NAME 'secretary'
87 EQUALITY distinguishedNameMatch
88 SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' )
90 # Netscape defines this with syntax 1.15 TBC
92 attribute ( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox'
93 SYNTAX '1.3.6.1.4.1.1466.115.121.1.39' )
95 # Netscape defines this with syntax 1.15 TBC
97 attribute ( 0.9.2342.19200300.100.1.23 NAME 'lastModifiedTime'
99 SYNTAX 1.3.6.1.4.1.1466.115.121.1.53 )
101 attribute ( 0.9.2342.19200300.100.1.24 NAME 'lastModifiedBy'
102 EQUALITY distinguishedNameMatch
103 SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' )
105 # This is the definition as defined in RFC2247
107 attribute ( 0.9.2342.19200300.100.1.25 NAME 'dc'
108 EQUALITY caseIgnoreIA5Match
109 SUBSTR caseIgnoreIA5SubstringsMatch
110 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
112 # This is aRecord in RFC1274. However, objectclass dNSDomain as we
113 # and Netscape use it is very different.
115 attribute ( 0.9.2342.19200300.100.1.26 NAME 'dNSRecord'
116 SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
118 # 0.9.2342.19200300.100.1.27 was probably intended to be mDRecord in
119 # RFC1274, but they got it wrong and did not define it, thought it
120 # is referenced by dNSDomain in it.
122 # 0.9.2342.19200300.100.1.28 was mXRecord in RFC1274
123 # 0.9.2342.19200300.100.1.29 was nSRecord in RFC1274
124 # 0.9.2342.19200300.100.1.30 was sOARecord in RFC1274
125 # 0.9.2342.19200300.100.1.31 was cNAMERecord in RFC1274
127 attribute ( 0.9.2342.19200300.100.1.37 NAME 'associatedDomain'
128 EQUALITY caseIgnoreIA5Match
129 SUBSTR caseIgnoreIA5SubstringsMatch
130 SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
132 attribute ( 0.9.2342.19200300.100.1.38 NAME 'associatedName' DESC
133 EQUALITY distinguishedNameMatch
134 SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' )
136 # Netscape gives syntax 1.15 to this. TBC
138 attribute ( 0.9.2342.19200300.100.1.39 NAME 'homePostalAddress'
140 SYNTAX '1.3.6.1.4.1.1466.115.121.1.41' )
142 attribute ( 0.9.2342.19200300.100.1.40 NAME 'personalTitle'
143 EQUALITY caseIgnoreMatch
144 SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
146 attribute ( 0.9.2342.19200300.100.1.41 NAME ( 'mobileTelephoneNumber' 'mobile' )
147 EQUALITY telephoneNumberMatch
148 SUBSTR telephoneNumberSubstringsMatch
149 SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
151 attribute ( 0.9.2342.19200300.100.1.42 NAME ( 'pagerTelephoneNumber' 'pager' )
152 EQUALITY telephoneNumberMatch
153 SUBSTR telephoneNumberSubstringsMatch
154 SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
156 attribute ( 0.9.2342.19200300.100.1.43 NAME ( 'co' 'friendlyCountryName' )
157 EQUALITY caseIgnoreMatch
158 SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
160 attribute ( 0.9.2342.19200300.100.1.44 NAME 'uniqueIdentifier'
161 EQUALITY caseIgnoreMatch
162 SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
164 attribute ( 0.9.2342.19200300.100.1.45 NAME 'organizationalStatus'
165 EQUALITY caseIgnoreMatch
166 SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
168 attribute ( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox'
169 EQUALITY caseIgnoreIA5Match
170 SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
172 # Netscape gives syntax 1.27 (integer). However, 1.32 is only listed
173 # in RFC2252 without explanation. The SINGLE-VALUE thing comes from
174 # Netscape and is not backed by RFC1274.
176 attribute ( 0.9.2342.19200300.100.1.47 NAME 'mailPreferenceOption'
177 SYNTAX '1.3.6.1.4.1.1466.115.121.1.32' SINGLE-VALUE )
179 # 0.9.2342.19200300.100.1.48 was buildingName in RFC1274
180 # 0.9.2342.19200300.100.1.49 was dSAQuality in RFC1274
181 # 0.9.2342.19200300.100.1.50 was singleLevelQuality in RFC1274
182 # 0.9.2342.19200300.100.1.51 was subtreeMinimumQuality in RFC1274
183 # 0.9.2342.19200300.100.1.52 was subtreeMaximumQuality in RFC1274
185 # Netscape assigns binary syntax to this. RFC1274 is more detailed
186 # about this but RFC2252 does not seem to list a specific syntax.
187 # We had this as 'bin'
189 attribute ( 0.9.2342.19200300.100.1.53 NAME 'personalSignature'
190 SYNTAX '1.3.6.1.4.1.1466.115.121.1.5' )
192 attribute ( 0.9.2342.19200300.100.1.54 NAME 'dITRedirect'
193 EQUALITY distinguishedNameMatch
194 SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' )
196 # Netscape gives syntax 1.5 to this. We had it as 'bin'.
198 attribute ( 0.9.2342.19200300.100.1.55 NAME 'audio'
199 SYNTAX '1.3.6.1.4.1.1466.115.121.1.4' )
201 attribute ( 0.9.2342.19200300.100.1.56 NAME 'documentPublisher'
202 EQUALITY caseIgnoreMatch
203 SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
205 # This one is ripped from Netscape and is a pilot object. It is not
206 # in RFC1274, but we had it as 'bin'.
208 attribute ( 0.9.2342.19200300.100.1.60 NAME 'jpegPhoto'
209 SYNTAX '1.3.6.1.4.1.1466.115.121.1.5' )
211 # These attributes are pilot-related attributes that we had and Netscape
212 # has too, however, the OID is unknown for them and Netscape uses a
213 # string in place of the missing OID. We will do the same until we
214 # can make head or tails of this.
216 attribute ( abstract-oid NAME 'abstract'
217 SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
219 attribute ( authorcn-oid NAME ( 'documentAuthorCommonName' 'authorCn' )
220 SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
222 attribute ( authorsn-oid NAME ( 'documentAuthorSurname' 'authorSn' )
223 SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
225 attribute ( documentStore-oid NAME 'documentStore'
226 SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
228 attribute ( keyWords-oid NAME 'keyWords'
229 SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
231 attribute ( obsoletedByDocument-oid NAME 'obsoletedByDocument'
232 SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' )
234 attributes ( obsoletesDocument-oid NAME 'obsoletesDocument'
235 SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' )
237 attributes ( subject-oid NAME 'subject'
238 SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
240 attributes ( updatedByDocument-oid NAME 'updatedByDocument'
241 SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' )
243 attributes ( updatesDocument-oid NAME 'updatesDocument'
244 SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' )
246 # In classes, STRUCTURAL or AUXILIARY is chosen depending on the
247 # textual description that accompanies the class in RFC1274
249 # This is pilotObject from the RFC. However, we had both photo
250 # and jpegPhoto attributes. Nestcape does too.
252 objectclass ( 0.9.2342.19200300.100.4.3 NAME 'pilotObject' SUP top
253 AUXILIARY MAY ( info $ photo $ manager $ uniqueIdentifier $
254 lastModifiedTime $ lastModifiedBy $ dITRedirect $ audio $
257 # This is probably wrong. RFC1274 defines a pilotPerson. We did not
258 # have it and we did have a newPilotPerson instead. However, the
259 # definition is the same. Maybe it changed and was not reflected
262 objectclass ( 0.9.2342.19200300.100.4.4 NAME 'newPilotPerson' SUP person
263 STRUCTURAL MAY ( uid $ textEncodedORAddress $ mail $ drink $
264 roomNumber $ userClass $ homePhone $ homePostalAddress $
265 secretary $ personalTitle $ preferredDeliveryMethod $
266 businessCategory $ janetMailbox $ otherMailbox $ mobile $
267 pager $ organizationalStatus $ mailPreferenceOption $
268 personalSignature ) )
270 # The text is unclear about whether it is STRUCTURAL or AUXILIARY
271 # I think it was meant to be STRUCTURAL, it is the least restrictive
272 # of the options and RFC2377 explains uidObject as an auxiliary.
274 objectclass ( 0.9.2342.19200300.100.4.5 NAME 'account' SUP top
275 STRUCTURAL MUST uid MAY ( description $ seeAlso $ l $ o $ ou $
278 # Netscape says this is derived from pilotObject, but RFC1274 says top.
279 # Which is it? Our attribute list matches that of Netscape, so we will
280 # go with Netscape for the time being.
282 # Besides, this objectclass is a mess. I can only presume that
283 # originally documentAuthor, but later someone noticed that not all
284 # authors had DN's, so authorCN and authorSN were added. Other
285 # attributes were added as well. However, either no one remembered to
286 # assign OIDs to these attribute types or their assignments have been
287 # lost. See their definitions above for the Netscape kludge that we
288 # have adopted. FIX NEEDED.
290 objectclass ( 0.9.2342.19200300.100.4.6 NAME 'document' SUP pilotObject
291 MUST documentIdentifier MAY ( cn $ description $ seeAlso $ l $
292 o $ ou $ documentTitle $ documentVersion $ documentAuthor $
293 documentLocation $ documentPublisher $
294 abstract $ authorCN $ authorSN $ documentStore $ keywords $
295 obsoletedByDocument $ obsoletesDocument $ subject $
296 updatedByDocument $ updatesDocument ) )
298 objectclass ( 0.9.2342.19200300.100.4.7 NAME 'room' SUP top STRUCTURAL
299 MUST cn MAY ( roomNumber $ description $ seeAlso $ telephoneNumber ) )
301 objectclass ( 0.9.2342.19200300.100.4.9 NAME 'documentSeries' SUP top
302 STRUCTURAL MUST cn MAY ( description $ seeAlso $ telephonenumber $
305 # This definition is much longer than that in RFC1274 and is taken from RFC2247
307 objectclass ( 0.9.2342.19200300.100.4.13 NAME 'domain' SUP top STRUCTURAL
309 MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
310 x121Address $ registeredAddress $ destinationIndicator $
311 preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
312 telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
313 street $ postOfficeBox $ postalCode $ postalAddress $
314 physicalDeliveryOfficeName $ st $ l $ description $ o $
317 # This class has in RFC1274 two attributes postalAttributeSet and
318 # telecomunicationAttributeSet that we did not have. We let them out
319 # for now. Netscape does not have them either.
321 objectclass ( 0.9.2342.19200300.100.4.14 NAME 'RFC822localPart' SUP domain
322 MAY ( cn $ sn $ description $ seeAlso $ telephonenumber ) )
324 # Another wonderful inconsistency. This objectclass has little
325 # relationship to the way it was defined in RFC1274, that was derived
326 # from domain, adding ARecord, MDRecord, MXRecord, NSRecord, SOARecord
327 # and CNAMERecord attribute types of syntax DNSRecordSyntax. On the
328 # other hand, we had dNSRecord and Netscape has it too. The OID for
329 # dNSRecord is the one used in RFC1274 for ARecord. Netscape also has
330 # a manager attribute type here that we did not. It seems a mistake
331 # and we do not include it.
333 objectclass ( 0.9.2342.19200300.100.4.15 NAME 'dNSDomain' SUP 'domain'
336 objectclass ( 0.9.2342.19200300.100.4.17 NAME 'domainRelatedObject'
337 SUP 'top' MUST associatedDomain )
339 # Well, first notice we (and Netscape) were using co as short for
340 # friendlyCountryName
342 objectclass ( 0.9.2342.19200300.100.4.18 NAME 'friendlyCountry' SUP country
345 objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject'
346 SUP top MUST userPassword )
348 # Nice test case of class with two superiors. Netscape does not give
349 # OID for this objectclass and gives top as its superior. We use the
350 # OID given in RFC1274
352 objectclass ( 0.9.2342.19200300.100.4.20 NAME 'pilotOrganization'
353 SUP ( organization $ organizationalUnit ) MAY buildingName )