2 # These come from RFC1274 and are in ASN.1 syntax. They have been
3 # translated with some imagination. Only attributes and classes we
4 # already had are here. In general, the matching rules in the
5 # attribute types are incomplete or incorrect and have to be checked.
7 # Note: It seems that the pilot schema evolved beyond what was
8 # described in RFC1274. It also seems that Umich followed the changes
9 # but we don't know where are documented. More worrisome is that it
10 # seems that Netscape does not know either. Searches on Altavista
11 # have not shed any light, so we will have to ask for help.
13 # This file uses definitions from slapd.std.schema
15 # ccitt.data.pss.ucl.pilot ( 0.9.2342.19200300.100 )
16 # 1 pilotAttributeType
17 # 3 pilotAttributeSyntax
21 # Believe it or not, this is case-insensitive
23 attribute ( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' )
24 EQUALITY caseIgnoreMatch
25 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
27 attribute ( 0.9.2342.19200300.100.1.2 NAME 'textEncodedORAddress'
28 EQUALITY caseIgnoreMatch
29 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
31 attribute ( 0.9.2342.19200300.100.1.3 NAME ( 'mail' 'rfc822Mailbox' )
32 EQUALITY caseIgnoreIA5Match
33 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
35 attribute ( 0.9.2342.19200300.100.1.4 NAME 'info' EQUALITY caseIgnoreMatch
36 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
38 attribute ( 0.9.2342.19200300.100.1.5 NAME ( 'drink' 'favouriteDrink' )
39 EQUALITY caseIgnoreMatch
40 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
42 attribute ( 0.9.2342.19200300.100.1.6 NAME 'roomNumber'
43 EQUALITY caseIgnoreMatch
44 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
46 attribute ( 0.9.2342.19200300.100.1.7 NAME 'photo'
47 SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )
49 attribute ( 0.9.2342.19200300.100.1.8 NAME 'userClass'
50 EQUALITY caseIgnoreMatch
51 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
53 attribute ( 0.9.2342.19200300.100.1.9 NAME 'host'
54 EQUALITY caseIgnoreMatch
55 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
57 attribute ( 0.9.2342.19200300.100.1.10 NAME 'manager'
58 EQUALITY distinguishedNameMatch
59 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
61 attribute ( 0.9.2342.19200300.100.1.11 NAME 'documentIdentifier'
62 EQUALITY caseIgnoreMatch
63 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
65 attribute ( 0.9.2342.19200300.100.1.12 NAME 'documentTitle'
66 EQUALITY caseIgnoreMatch
67 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
69 attribute ( 0.9.2342.19200300.100.1.13 NAME 'documentVersion'
70 EQUALITY caseIgnoreMatch
71 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
73 attribute ( 0.9.2342.19200300.100.1.14 NAME 'documentAuthor'
74 EQUALITY distinguishedNameMatch
75 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
77 attribute ( 0.9.2342.19200300.100.1.15 NAME 'documentLocation'
78 EQUALITY caseIgnoreMatch
79 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
81 attribute ( 0.9.2342.19200300.100.1.20 NAME ( 'homeTelephoneNumber' 'homePhone' )
82 EQUALITY telephoneNumberMatch
83 SUBSTR telephoneNumberSubstringsMatch
84 SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
86 attribute ( 0.9.2342.19200300.100.1.21 NAME 'secretary'
87 EQUALITY distinguishedNameMatch
88 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
90 # Netscape defines this with syntax 1.15 TBC
92 attribute ( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox'
93 SYNTAX 1.3.6.1.4.1.1466.115.121.1.39 )
95 # Netscape defines this with syntax 1.15 TBC
96 # Mathcing rules for this are unknown
98 attribute ( 0.9.2342.19200300.100.1.23 NAME 'lastModifiedTime'
99 SYNTAX 1.3.6.1.4.1.1466.115.121.1.53 )
101 attribute ( 0.9.2342.19200300.100.1.24 NAME 'lastModifiedBy'
102 EQUALITY distinguishedNameMatch
103 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
105 # This is the definition as defined in RFC2247
106 # Terrific, we don't know about caseIgnoreIA5SubstringsMatch
108 #attribute ( 0.9.2342.19200300.100.1.25 NAME 'dc'
109 # EQUALITY caseIgnoreIA5Match
110 # SUBSTR caseIgnoreIA5SubstringsMatch
111 # SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
112 attribute ( 0.9.2342.19200300.100.1.25 NAME 'dc'
113 EQUALITY caseIgnoreIA5Match
114 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
116 # This is aRecord in RFC1274. However, objectclass dNSDomain as we
117 # and Netscape use it is very different.
119 attribute ( 0.9.2342.19200300.100.1.26 NAME 'dNSRecord'
120 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
122 # 0.9.2342.19200300.100.1.27 was probably intended to be mDRecord in
123 # RFC1274, but they got it wrong and did not define it, thought it
124 # is referenced by dNSDomain in it.
126 # 0.9.2342.19200300.100.1.28 was mXRecord in RFC1274
127 # 0.9.2342.19200300.100.1.29 was nSRecord in RFC1274
128 # 0.9.2342.19200300.100.1.30 was sOARecord in RFC1274
129 # 0.9.2342.19200300.100.1.31 was cNAMERecord in RFC1274
131 # Terrific, we don't know about caseIgnoreIA5SubstringsMatch
132 #attribute ( 0.9.2342.19200300.100.1.37 NAME 'associatedDomain'
133 # EQUALITY caseIgnoreIA5Match
134 # SUBSTR caseIgnoreIA5SubstringsMatch
135 # SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
136 attribute ( 0.9.2342.19200300.100.1.37 NAME 'associatedDomain'
137 EQUALITY caseIgnoreIA5Match
138 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
140 attribute ( 0.9.2342.19200300.100.1.38 NAME 'associatedName'
141 EQUALITY distinguishedNameMatch
142 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
144 # Netscape gives syntax 1.15 to this. TBC
145 # We take the matching rules from postalAddress in RFC2256
146 # Show stopper: we don't have the definition of caseIgnoreListSubstringsMatch
148 attribute ( 0.9.2342.19200300.100.1.39 NAME 'homePostalAddress'
149 EQUALITY caseIgnoreListMatch
150 SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
152 attribute ( 0.9.2342.19200300.100.1.40 NAME 'personalTitle'
153 EQUALITY caseIgnoreMatch
154 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
156 attribute ( 0.9.2342.19200300.100.1.41 NAME ( 'mobileTelephoneNumber' 'mobile' )
157 EQUALITY telephoneNumberMatch
158 SUBSTR telephoneNumberSubstringsMatch
159 SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
161 attribute ( 0.9.2342.19200300.100.1.42 NAME ( 'pagerTelephoneNumber' 'pager' )
162 EQUALITY telephoneNumberMatch
163 SUBSTR telephoneNumberSubstringsMatch
164 SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
166 attribute ( 0.9.2342.19200300.100.1.43 NAME ( 'co' 'friendlyCountryName' )
167 EQUALITY caseIgnoreMatch
168 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
170 attribute ( 0.9.2342.19200300.100.1.44 NAME 'uniqueIdentifier'
171 EQUALITY caseIgnoreMatch
172 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
174 attribute ( 0.9.2342.19200300.100.1.45 NAME 'organizationalStatus'
175 EQUALITY caseIgnoreMatch
176 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
178 attribute ( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox'
179 EQUALITY caseIgnoreIA5Match
180 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
182 # Netscape gives syntax 1.27 (integer). However, 1.32 is only listed
183 # in RFC2252 without explanation. The SINGLE-VALUE thing comes from
184 # Netscape and is not backed by RFC1274.
186 attribute ( 0.9.2342.19200300.100.1.47 NAME 'mailPreferenceOption'
187 SYNTAX 1.3.6.1.4.1.1466.115.121.1.32 SINGLE-VALUE )
189 attribute ( 0.9.2342.19200300.100.1.48 NAME 'buildingName'
190 EQUALITY caseIgnoreMatch
191 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
193 # 0.9.2342.19200300.100.1.49 was dSAQuality in RFC1274
194 # 0.9.2342.19200300.100.1.50 was singleLevelQuality in RFC1274
195 # 0.9.2342.19200300.100.1.51 was subtreeMinimumQuality in RFC1274
196 # 0.9.2342.19200300.100.1.52 was subtreeMaximumQuality in RFC1274
198 # Netscape assigns binary syntax to this. RFC1274 is more detailed
199 # about this but RFC2252 does not seem to list a specific syntax.
200 # We had this as 'bin'
202 attribute ( 0.9.2342.19200300.100.1.53 NAME 'personalSignature'
203 SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )
205 attribute ( 0.9.2342.19200300.100.1.54 NAME 'dITRedirect'
206 EQUALITY distinguishedNameMatch
207 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
209 # Netscape gives syntax 1.5 to this. We had it as 'bin'.
211 attribute ( 0.9.2342.19200300.100.1.55 NAME 'audio'
212 SYNTAX 1.3.6.1.4.1.1466.115.121.1.4 )
214 attribute ( 0.9.2342.19200300.100.1.56 NAME 'documentPublisher'
215 EQUALITY caseIgnoreMatch
216 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
218 # This one is ripped from Netscape and is a pilot object. It is not
219 # in RFC1274, but we had it as 'bin'.
221 attribute ( 0.9.2342.19200300.100.1.60 NAME 'jpegPhoto'
222 SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )
224 # These attributes are pilot-related attributes that we had and Netscape
225 # has too, however, the OID is unknown for them and Netscape uses a
226 # string in place of the missing OID. We will do the same until we
227 # can make head or tails of this.
229 attribute ( abstract-oid NAME 'abstract'
230 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
232 attribute ( authorcn-oid NAME ( 'documentAuthorCommonName' 'authorCn' )
233 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
235 attribute ( authorsn-oid NAME ( 'documentAuthorSurname' 'authorSn' )
236 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
238 attribute ( documentStore-oid NAME 'documentStore'
239 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
241 attribute ( keyWords-oid NAME 'keyWords'
242 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
244 attribute ( obsoletedByDocument-oid NAME 'obsoletedByDocument'
245 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
247 attribute ( obsoletesDocument-oid NAME 'obsoletesDocument'
248 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
250 attribute ( subject-oid NAME 'subject'
251 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
253 attribute ( updatedByDocument-oid NAME 'updatedByDocument'
254 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
256 attribute ( updatesDocument-oid NAME 'updatesDocument'
257 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
259 # In classes, STRUCTURAL or AUXILIARY is chosen depending on the
260 # textual description that accompanies the class in RFC1274
262 # This is pilotObject from the RFC. However, we had both photo
263 # and jpegPhoto attributes. Nestcape does too.
265 objectclass ( 0.9.2342.19200300.100.4.3 NAME 'pilotObject' SUP top
266 AUXILIARY MAY ( info $ photo $ manager $ uniqueIdentifier $
267 lastModifiedTime $ lastModifiedBy $ dITRedirect $ audio $
270 # This is probably wrong. RFC1274 defines a pilotPerson. We did not
271 # have it and we did have a newPilotPerson instead. However, the
272 # definition is the same. Maybe it changed and was not reflected
275 objectclass ( 0.9.2342.19200300.100.4.4 NAME 'newPilotPerson' SUP person
276 STRUCTURAL MAY ( uid $ textEncodedORAddress $ mail $ drink $
277 roomNumber $ userClass $ homePhone $ homePostalAddress $
278 secretary $ personalTitle $ preferredDeliveryMethod $
279 businessCategory $ janetMailbox $ otherMailbox $ mobile $
280 pager $ organizationalStatus $ mailPreferenceOption $
281 personalSignature ) )
283 # The text is unclear about whether it is STRUCTURAL or AUXILIARY
284 # I think it was meant to be STRUCTURAL, it is the least restrictive
285 # of the options and RFC2377 explains uidObject as an auxiliary.
287 objectclass ( 0.9.2342.19200300.100.4.5 NAME 'account' SUP top
288 STRUCTURAL MUST uid MAY ( description $ seeAlso $ l $ o $ ou $
291 # Netscape says this is derived from pilotObject, but RFC1274 says top.
292 # Which is it? Our attribute list matches that of Netscape, so we will
293 # go with Netscape for the time being.
295 # Besides, this objectclass is a mess. I can only presume that
296 # originally documentAuthor, but later someone noticed that not all
297 # authors had DN's, so authorCN and authorSN were added. Other
298 # attributes were added as well. However, either no one remembered to
299 # assign OIDs to these attribute types or their assignments have been
300 # lost. See their definitions above for the Netscape kludge that we
301 # have adopted. FIX NEEDED.
303 objectclass ( 0.9.2342.19200300.100.4.6 NAME 'document' SUP pilotObject
304 MUST documentIdentifier MAY ( cn $ description $ seeAlso $ l $
305 o $ ou $ documentTitle $ documentVersion $ documentAuthor $
306 documentLocation $ documentPublisher $
307 abstract $ authorCN $ authorSN $ documentStore $ keywords $
308 obsoletedByDocument $ obsoletesDocument $ subject $
309 updatedByDocument $ updatesDocument ) )
311 objectclass ( 0.9.2342.19200300.100.4.7 NAME 'room' SUP top STRUCTURAL
312 MUST cn MAY ( roomNumber $ description $ seeAlso $ telephoneNumber ) )
314 objectclass ( 0.9.2342.19200300.100.4.9 NAME 'documentSeries' SUP top
315 STRUCTURAL MUST cn MAY ( description $ seeAlso $ telephonenumber $
318 # This definition is much longer than that in RFC1274 and is taken from RFC2247
320 objectclass ( 0.9.2342.19200300.100.4.13 NAME 'domain' SUP top STRUCTURAL
322 MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
323 x121Address $ registeredAddress $ destinationIndicator $
324 preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
325 telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
326 street $ postOfficeBox $ postalCode $ postalAddress $
327 physicalDeliveryOfficeName $ st $ l $ description $ o $
330 # This class has in RFC1274 two attributes postalAttributeSet and
331 # telecomunicationAttributeSet that we did not have. We let them out
332 # for now. Netscape does not have them either.
334 objectclass ( 0.9.2342.19200300.100.4.14 NAME 'RFC822localPart' SUP domain
335 MAY ( cn $ sn $ description $ seeAlso $ telephonenumber ) )
337 # Another wonderful inconsistency. This objectclass has little
338 # relationship to the way it was defined in RFC1274, that was derived
339 # from domain, adding ARecord, MDRecord, MXRecord, NSRecord, SOARecord
340 # and CNAMERecord attribute types of syntax DNSRecordSyntax. On the
341 # other hand, we had dNSRecord and Netscape has it too. The OID for
342 # dNSRecord is the one used in RFC1274 for ARecord. Netscape also has
343 # a manager attribute type here that we did not. It seems a mistake
344 # and we do not include it.
346 objectclass ( 0.9.2342.19200300.100.4.15 NAME 'dNSDomain' SUP 'domain'
349 objectclass ( 0.9.2342.19200300.100.4.17 NAME 'domainRelatedObject'
350 SUP 'top' MUST associatedDomain )
352 # Well, first notice we (and Netscape) were using co as short for
353 # friendlyCountryName
355 objectclass ( 0.9.2342.19200300.100.4.18 NAME 'friendlyCountry' SUP country
358 objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject'
359 SUP top MUST userPassword )
361 # Nice test case of class with two superiors. Netscape does not give
362 # OID for this objectclass and gives top as its superior. We use the
363 # OID given in RFC1274
365 objectclass ( 0.9.2342.19200300.100.4.20 NAME 'pilotOrganization'
366 SUP ( organization $ organizationalUnit ) MAY buildingName )