3 # These come from RFC1274 and are in ASN.1 syntax. They have been
4 # translated with some imagination. Only attributes and classes we
5 # already had are here. In general, the matching rules in the
6 # attribute types are incomplete or incorrect and have to be checked.
8 # Note: It seems that the pilot schema evolved beyond what was
9 # described in RFC1274. It also seems that Umich followed the changes
10 # but we don't know where are documented. More worrisome is that it
11 # seems that Netscape does not know either. Searches on Altavista
12 # have not shed any light, so we will have to ask for help.
14 # This file uses definitions from slapd.std.schema
16 # ccitt.data.pss.ucl.pilot ( 0.9.2342.19200300.100 )
17 # 1 pilotAttributeType
18 # 3 pilotAttributeSyntax
22 # Believe it or not, this is case-insensitive
24 attribute ( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' )
25 EQUALITY caseIgnoreMatch
26 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
28 attribute ( 0.9.2342.19200300.100.1.2 NAME 'textEncodedORAddress'
29 EQUALITY caseIgnoreMatch
30 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
32 attribute ( 0.9.2342.19200300.100.1.3 NAME ( 'mail' 'rfc822Mailbox' )
33 EQUALITY caseIgnoreIA5Match
34 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
36 attribute ( 0.9.2342.19200300.100.1.4 NAME 'info' EQUALITY caseIgnoreMatch
37 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
39 attribute ( 0.9.2342.19200300.100.1.5 NAME ( 'drink' 'favouriteDrink' )
40 EQUALITY caseIgnoreMatch
41 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
43 attribute ( 0.9.2342.19200300.100.1.6 NAME 'roomNumber'
44 EQUALITY caseIgnoreMatch
45 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
47 attribute ( 0.9.2342.19200300.100.1.7 NAME 'photo'
48 SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )
50 attribute ( 0.9.2342.19200300.100.1.8 NAME 'userClass'
51 EQUALITY caseIgnoreMatch
52 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
54 attribute ( 0.9.2342.19200300.100.1.9 NAME 'host'
55 EQUALITY caseIgnoreMatch
56 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
58 attribute ( 0.9.2342.19200300.100.1.10 NAME 'manager'
59 EQUALITY distinguishedNameMatch
60 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
62 attribute ( 0.9.2342.19200300.100.1.11 NAME 'documentIdentifier'
63 EQUALITY caseIgnoreMatch
64 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
66 attribute ( 0.9.2342.19200300.100.1.12 NAME 'documentTitle'
67 EQUALITY caseIgnoreMatch
68 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
70 attribute ( 0.9.2342.19200300.100.1.13 NAME 'documentVersion'
71 EQUALITY caseIgnoreMatch
72 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
74 attribute ( 0.9.2342.19200300.100.1.14 NAME 'documentAuthor'
75 EQUALITY distinguishedNameMatch
76 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
78 attribute ( 0.9.2342.19200300.100.1.15 NAME 'documentLocation'
79 EQUALITY caseIgnoreMatch
80 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
82 attribute ( 0.9.2342.19200300.100.1.20 NAME ( 'homeTelephoneNumber' 'homePhone' )
83 EQUALITY telephoneNumberMatch
84 SUBSTR telephoneNumberSubstringsMatch
85 SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
87 attribute ( 0.9.2342.19200300.100.1.21 NAME 'secretary'
88 EQUALITY distinguishedNameMatch
89 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
91 # Netscape defines this with syntax 1.15 TBC
93 attribute ( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox'
94 SYNTAX 1.3.6.1.4.1.1466.115.121.1.39 )
96 # Netscape defines this with syntax 1.15 TBC
97 # Mathcing rules for this are unknown
99 attribute ( 0.9.2342.19200300.100.1.23 NAME 'lastModifiedTime'
100 SYNTAX 1.3.6.1.4.1.1466.115.121.1.53 )
102 attribute ( 0.9.2342.19200300.100.1.24 NAME 'lastModifiedBy'
103 EQUALITY distinguishedNameMatch
104 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
106 # This is the definition as defined in RFC2247
107 # Terrific, we don't know about caseIgnoreIA5SubstringsMatch
109 #attribute ( 0.9.2342.19200300.100.1.25 NAME 'dc'
110 # EQUALITY caseIgnoreIA5Match
111 # SUBSTR caseIgnoreIA5SubstringsMatch
112 # SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
113 attribute ( 0.9.2342.19200300.100.1.25 NAME 'dc'
114 EQUALITY caseIgnoreIA5Match
115 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
117 # This is aRecord in RFC1274. However, objectclass dNSDomain as we
118 # and Netscape use it is very different.
120 attribute ( 0.9.2342.19200300.100.1.26 NAME 'dNSRecord'
121 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
123 # 0.9.2342.19200300.100.1.27 was probably intended to be mDRecord in
124 # RFC1274, but they got it wrong and did not define it, thought it
125 # is referenced by dNSDomain in it.
127 # 0.9.2342.19200300.100.1.28 was mXRecord in RFC1274
128 # 0.9.2342.19200300.100.1.29 was nSRecord in RFC1274
129 # 0.9.2342.19200300.100.1.30 was sOARecord in RFC1274
130 # 0.9.2342.19200300.100.1.31 was cNAMERecord in RFC1274
132 # Terrific, we don't know about caseIgnoreIA5SubstringsMatch
133 #attribute ( 0.9.2342.19200300.100.1.37 NAME 'associatedDomain'
134 # EQUALITY caseIgnoreIA5Match
135 # SUBSTR caseIgnoreIA5SubstringsMatch
136 # SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
137 attribute ( 0.9.2342.19200300.100.1.37 NAME 'associatedDomain'
138 EQUALITY caseIgnoreIA5Match
139 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
141 attribute ( 0.9.2342.19200300.100.1.38 NAME 'associatedName'
142 EQUALITY distinguishedNameMatch
143 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
145 # Netscape gives syntax 1.15 to this. TBC
146 # We take the matching rules from postalAddress in RFC2256
147 # Show stopper: we don't have the definition of caseIgnoreListSubstringsMatch
149 attribute ( 0.9.2342.19200300.100.1.39 NAME 'homePostalAddress'
150 EQUALITY caseIgnoreListMatch
151 SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
153 attribute ( 0.9.2342.19200300.100.1.40 NAME 'personalTitle'
154 EQUALITY caseIgnoreMatch
155 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
157 attribute ( 0.9.2342.19200300.100.1.41 NAME ( 'mobileTelephoneNumber' 'mobile' )
158 EQUALITY telephoneNumberMatch
159 SUBSTR telephoneNumberSubstringsMatch
160 SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
162 attribute ( 0.9.2342.19200300.100.1.42 NAME ( 'pagerTelephoneNumber' 'pager' )
163 EQUALITY telephoneNumberMatch
164 SUBSTR telephoneNumberSubstringsMatch
165 SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
167 attribute ( 0.9.2342.19200300.100.1.43 NAME ( 'co' 'friendlyCountryName' )
168 EQUALITY caseIgnoreMatch
169 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
171 attribute ( 0.9.2342.19200300.100.1.44 NAME 'uniqueIdentifier'
172 EQUALITY caseIgnoreMatch
173 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
175 attribute ( 0.9.2342.19200300.100.1.45 NAME 'organizationalStatus'
176 EQUALITY caseIgnoreMatch
177 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
179 attribute ( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox'
180 EQUALITY caseIgnoreIA5Match
181 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
183 # Netscape gives syntax 1.27 (integer). However, 1.32 is only listed
184 # in RFC2252 without explanation. The SINGLE-VALUE thing comes from
185 # Netscape and is not backed by RFC1274.
187 attribute ( 0.9.2342.19200300.100.1.47 NAME 'mailPreferenceOption'
188 SYNTAX 1.3.6.1.4.1.1466.115.121.1.32 SINGLE-VALUE )
190 attribute ( 0.9.2342.19200300.100.1.48 NAME 'buildingName'
191 EQUALITY caseIgnoreMatch
192 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
194 # 0.9.2342.19200300.100.1.49 was dSAQuality in RFC1274
195 # 0.9.2342.19200300.100.1.50 was singleLevelQuality in RFC1274
196 # 0.9.2342.19200300.100.1.51 was subtreeMinimumQuality in RFC1274
197 # 0.9.2342.19200300.100.1.52 was subtreeMaximumQuality in RFC1274
199 # Netscape assigns binary syntax to this. RFC1274 is more detailed
200 # about this but RFC2252 does not seem to list a specific syntax.
201 # We had this as 'bin'
203 attribute ( 0.9.2342.19200300.100.1.53 NAME 'personalSignature'
204 SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )
206 attribute ( 0.9.2342.19200300.100.1.54 NAME 'dITRedirect'
207 EQUALITY distinguishedNameMatch
208 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
210 # Netscape gives syntax 1.5 to this. We had it as 'bin'.
212 attribute ( 0.9.2342.19200300.100.1.55 NAME 'audio'
213 SYNTAX 1.3.6.1.4.1.1466.115.121.1.4 )
215 attribute ( 0.9.2342.19200300.100.1.56 NAME 'documentPublisher'
216 EQUALITY caseIgnoreMatch
217 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
219 # This one is ripped from Netscape and is a pilot object. It is not
220 # in RFC1274, but we had it as 'bin'.
222 attribute ( 0.9.2342.19200300.100.1.60 NAME 'jpegPhoto'
223 SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )
225 # These attributes are pilot-related attributes that we had and Netscape
226 # has too, however, the OID is unknown for them and Netscape uses a
227 # string in place of the missing OID. We will do the same until we
228 # can make head or tails of this.
230 attribute ( abstract-oid NAME 'abstract'
231 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
233 attribute ( authorcn-oid NAME ( 'documentAuthorCommonName' 'authorCn' )
234 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
236 attribute ( authorsn-oid NAME ( 'documentAuthorSurname' 'authorSn' )
237 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
239 attribute ( documentStore-oid NAME 'documentStore'
240 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
242 attribute ( keyWords-oid NAME 'keyWords'
243 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
245 attribute ( obsoletedByDocument-oid NAME 'obsoletedByDocument'
246 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
248 attribute ( obsoletesDocument-oid NAME 'obsoletesDocument'
249 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
251 attribute ( subject-oid NAME 'subject'
252 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
254 attribute ( updatedByDocument-oid NAME 'updatedByDocument'
255 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
257 attribute ( updatesDocument-oid NAME 'updatesDocument'
258 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
260 # In classes, STRUCTURAL or AUXILIARY is chosen depending on the
261 # textual description that accompanies the class in RFC1274
263 # This is pilotObject from the RFC. However, we had both photo
264 # and jpegPhoto attributes. Nestcape does too.
266 objectclass ( 0.9.2342.19200300.100.4.3 NAME 'pilotObject' SUP top
267 AUXILIARY MAY ( info $ photo $ manager $ uniqueIdentifier $
268 lastModifiedTime $ lastModifiedBy $ dITRedirect $ audio $
271 # This is probably wrong. RFC1274 defines a pilotPerson. We did not
272 # have it and we did have a newPilotPerson instead. However, the
273 # definition is the same. Maybe it changed and was not reflected
276 objectclass ( 0.9.2342.19200300.100.4.4 NAME 'newPilotPerson' SUP person
277 STRUCTURAL MAY ( uid $ textEncodedORAddress $ mail $ drink $
278 roomNumber $ userClass $ homePhone $ homePostalAddress $
279 secretary $ personalTitle $ preferredDeliveryMethod $
280 businessCategory $ janetMailbox $ otherMailbox $ mobile $
281 pager $ organizationalStatus $ mailPreferenceOption $
282 personalSignature ) )
284 # The text is unclear about whether it is STRUCTURAL or AUXILIARY
285 # I think it was meant to be STRUCTURAL, it is the least restrictive
286 # of the options and RFC2377 explains uidObject as an auxiliary.
288 objectclass ( 0.9.2342.19200300.100.4.5 NAME 'account' SUP top
289 STRUCTURAL MUST uid MAY ( description $ seeAlso $ l $ o $ ou $
292 # Netscape says this is derived from pilotObject, but RFC1274 says top.
293 # Which is it? Our attribute list matches that of Netscape, so we will
294 # go with Netscape for the time being.
296 # Besides, this objectclass is a mess. I can only presume that
297 # originally documentAuthor, but later someone noticed that not all
298 # authors had DN's, so authorCN and authorSN were added. Other
299 # attributes were added as well. However, either no one remembered to
300 # assign OIDs to these attribute types or their assignments have been
301 # lost. See their definitions above for the Netscape kludge that we
302 # have adopted. FIX NEEDED.
304 objectclass ( 0.9.2342.19200300.100.4.6 NAME 'document' SUP pilotObject
305 MUST documentIdentifier MAY ( cn $ description $ seeAlso $ l $
306 o $ ou $ documentTitle $ documentVersion $ documentAuthor $
307 documentLocation $ documentPublisher $
308 abstract $ authorCN $ authorSN $ documentStore $ keywords $
309 obsoletedByDocument $ obsoletesDocument $ subject $
310 updatedByDocument $ updatesDocument ) )
312 objectclass ( 0.9.2342.19200300.100.4.7 NAME 'room' SUP top STRUCTURAL
313 MUST cn MAY ( roomNumber $ description $ seeAlso $ telephoneNumber ) )
315 objectclass ( 0.9.2342.19200300.100.4.9 NAME 'documentSeries' SUP top
316 STRUCTURAL MUST cn MAY ( description $ seeAlso $ telephonenumber $
319 # This definition is much longer than that in RFC1274 and is taken from RFC2247
321 objectclass ( 0.9.2342.19200300.100.4.13 NAME 'domain' SUP top STRUCTURAL
323 MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
324 x121Address $ registeredAddress $ destinationIndicator $
325 preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
326 telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
327 street $ postOfficeBox $ postalCode $ postalAddress $
328 physicalDeliveryOfficeName $ st $ l $ description $ o $
331 # This class has in RFC1274 two attributes postalAttributeSet and
332 # telecomunicationAttributeSet that we did not have. We let them out
333 # for now. Netscape does not have them either.
335 objectclass ( 0.9.2342.19200300.100.4.14 NAME 'RFC822localPart' SUP domain
336 MAY ( cn $ sn $ description $ seeAlso $ telephonenumber ) )
338 # Another wonderful inconsistency. This objectclass has little
339 # relationship to the way it was defined in RFC1274, that was derived
340 # from domain, adding ARecord, MDRecord, MXRecord, NSRecord, SOARecord
341 # and CNAMERecord attribute types of syntax DNSRecordSyntax. On the
342 # other hand, we had dNSRecord and Netscape has it too. The OID for
343 # dNSRecord is the one used in RFC1274 for ARecord. Netscape also has
344 # a manager attribute type here that we did not. It seems a mistake
345 # and we do not include it.
347 objectclass ( 0.9.2342.19200300.100.4.15 NAME 'dNSDomain' SUP 'domain'
350 objectclass ( 0.9.2342.19200300.100.4.17 NAME 'domainRelatedObject'
351 SUP 'top' MUST associatedDomain )
353 # Well, first notice we (and Netscape) were using co as short for
354 # friendlyCountryName
356 objectclass ( 0.9.2342.19200300.100.4.18 NAME 'friendlyCountry' SUP country
359 objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject'
360 SUP top MUST userPassword )
362 # Nice test case of class with two superiors. Netscape does not give
363 # OID for this objectclass and gives top as its superior. We use the
364 # OID given in RFC1274
366 objectclass ( 0.9.2342.19200300.100.4.20 NAME 'pilotOrganization'
367 SUP ( organization $ organizationalUnit ) MAY buildingName )