1 # These come from RFC1274 and are in ASN.1 syntax. They have been
2 # translated with some imagination. Only attributes and classes we
3 # already had are here. In general, the matching rules in the
4 # attribute types are incomplete or incorrect and have to be checked.
6 # Note: It seems that the pilot schema evolved beyond what was
7 # described in RFC1274. It also seems that Umich followed the changes
8 # but we don't know where are documented. More worrisome is that it
9 # seems that Netscape does not know either. Searches on Altavista
10 # have not shed any light, so we will have to ask for help.
12 # This file uses definitions from slapd.std.schema
14 # ccitt.data.pss.ucl.pilot ( 0.9.2342.19200300.100 )
15 # 1 pilotAttributeType
16 # 3 pilotAttributeSyntax
20 # Believe it or not, this is case-insensitive
22 attribute ( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' )
23 EQUALITY caseIgnoreMatch
24 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
26 attribute ( 0.9.2342.19200300.100.1.2 NAME 'textEncodedORAddress'
27 EQUALITY caseIgnoreMatch
28 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
30 attribute ( 0.9.2342.19200300.100.1.3 NAME ( 'mail' 'rfc822Mailbox' )
31 EQUALITY caseIgnoreIA5Match
32 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
34 attribute ( 0.9.2342.19200300.100.1.4 NAME 'info' EQUALITY caseIgnoreMatch
35 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
37 attribute ( 0.9.2342.19200300.100.1.5 NAME ( 'drink' 'favouriteDrink' )
38 EQUALITY caseIgnoreMatch
39 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
41 attribute ( 0.9.2342.19200300.100.1.6 NAME 'roomNumber'
42 EQUALITY caseIgnoreMatch
43 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
45 attribute ( 0.9.2342.19200300.100.1.7 NAME 'photo'
46 SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )
48 attribute ( 0.9.2342.19200300.100.1.8 NAME 'userClass'
49 EQUALITY caseIgnoreMatch
50 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
52 attribute ( 0.9.2342.19200300.100.1.9 NAME 'host'
53 EQUALITY caseIgnoreMatch
54 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
56 attribute ( 0.9.2342.19200300.100.1.10 NAME 'manager'
57 EQUALITY distinguishedNameMatch
58 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
60 attribute ( 0.9.2342.19200300.100.1.11 NAME 'documentIdentifier'
61 EQUALITY caseIgnoreMatch
62 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
64 attribute ( 0.9.2342.19200300.100.1.12 NAME 'documentTitle'
65 EQUALITY caseIgnoreMatch
66 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
68 attribute ( 0.9.2342.19200300.100.1.13 NAME 'documentVersion'
69 EQUALITY caseIgnoreMatch
70 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
72 attribute ( 0.9.2342.19200300.100.1.14 NAME 'documentAuthor'
73 EQUALITY distinguishedNameMatch
74 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
76 attribute ( 0.9.2342.19200300.100.1.15 NAME 'documentLocation'
77 EQUALITY caseIgnoreMatch
78 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
80 attribute ( 0.9.2342.19200300.100.1.20 NAME ( 'homeTelephoneNumber' 'homePhone' )
81 EQUALITY telephoneNumberMatch
82 SUBSTR telephoneNumberSubstringsMatch
83 SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
85 attribute ( 0.9.2342.19200300.100.1.21 NAME 'secretary'
86 EQUALITY distinguishedNameMatch
87 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
89 # Netscape defines this with syntax 1.15 TBC
91 attribute ( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox'
92 SYNTAX 1.3.6.1.4.1.1466.115.121.1.39 )
94 # Netscape defines this with syntax 1.15 TBC
95 # Mathcing rules for this are unknown
97 attribute ( 0.9.2342.19200300.100.1.23 NAME 'lastModifiedTime'
98 SYNTAX 1.3.6.1.4.1.1466.115.121.1.53 )
100 attribute ( 0.9.2342.19200300.100.1.24 NAME 'lastModifiedBy'
101 EQUALITY distinguishedNameMatch
102 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
104 # This is the definition as defined in RFC2247
105 # Terrific, we don't know about caseIgnoreIA5SubstringsMatch
107 #attribute ( 0.9.2342.19200300.100.1.25 NAME 'dc'
108 # EQUALITY caseIgnoreIA5Match
109 # SUBSTR caseIgnoreIA5SubstringsMatch
110 # SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
111 attribute ( 0.9.2342.19200300.100.1.25 NAME 'dc'
112 EQUALITY caseIgnoreIA5Match
113 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
115 # This is aRecord in RFC1274. However, objectclass dNSDomain as we
116 # and Netscape use it is very different.
118 attribute ( 0.9.2342.19200300.100.1.26 NAME 'dNSRecord'
119 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
121 # 0.9.2342.19200300.100.1.27 was probably intended to be mDRecord in
122 # RFC1274, but they got it wrong and did not define it, thought it
123 # is referenced by dNSDomain in it.
125 # 0.9.2342.19200300.100.1.28 was mXRecord in RFC1274
126 # 0.9.2342.19200300.100.1.29 was nSRecord in RFC1274
127 # 0.9.2342.19200300.100.1.30 was sOARecord in RFC1274
128 # 0.9.2342.19200300.100.1.31 was cNAMERecord in RFC1274
130 # Terrific, we don't know about caseIgnoreIA5SubstringsMatch
131 #attribute ( 0.9.2342.19200300.100.1.37 NAME 'associatedDomain'
132 # EQUALITY caseIgnoreIA5Match
133 # SUBSTR caseIgnoreIA5SubstringsMatch
134 # SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
135 attribute ( 0.9.2342.19200300.100.1.37 NAME 'associatedDomain'
136 EQUALITY caseIgnoreIA5Match
137 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
139 attribute ( 0.9.2342.19200300.100.1.38 NAME 'associatedName'
140 EQUALITY distinguishedNameMatch
141 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
143 # Netscape gives syntax 1.15 to this. TBC
144 # We take the matching rules from postalAddress in RFC2256
145 # Show stopper: we don't have the definition of caseIgnoreListSubstringsMatch
147 attribute ( 0.9.2342.19200300.100.1.39 NAME 'homePostalAddress'
148 EQUALITY caseIgnoreListMatch
149 SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
151 attribute ( 0.9.2342.19200300.100.1.40 NAME 'personalTitle'
152 EQUALITY caseIgnoreMatch
153 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
155 attribute ( 0.9.2342.19200300.100.1.41 NAME ( 'mobileTelephoneNumber' 'mobile' )
156 EQUALITY telephoneNumberMatch
157 SUBSTR telephoneNumberSubstringsMatch
158 SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
160 attribute ( 0.9.2342.19200300.100.1.42 NAME ( 'pagerTelephoneNumber' 'pager' )
161 EQUALITY telephoneNumberMatch
162 SUBSTR telephoneNumberSubstringsMatch
163 SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
165 attribute ( 0.9.2342.19200300.100.1.43 NAME ( 'co' 'friendlyCountryName' )
166 EQUALITY caseIgnoreMatch
167 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
169 attribute ( 0.9.2342.19200300.100.1.44 NAME 'uniqueIdentifier'
170 EQUALITY caseIgnoreMatch
171 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
173 attribute ( 0.9.2342.19200300.100.1.45 NAME 'organizationalStatus'
174 EQUALITY caseIgnoreMatch
175 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
177 attribute ( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox'
178 EQUALITY caseIgnoreIA5Match
179 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
181 # Netscape gives syntax 1.27 (integer). However, 1.32 is only listed
182 # in RFC2252 without explanation. The SINGLE-VALUE thing comes from
183 # Netscape and is not backed by RFC1274.
185 attribute ( 0.9.2342.19200300.100.1.47 NAME 'mailPreferenceOption'
186 SYNTAX 1.3.6.1.4.1.1466.115.121.1.32 SINGLE-VALUE )
188 attribute ( 0.9.2342.19200300.100.1.48 NAME 'buildingName'
189 EQUALITY caseIgnoreMatch
190 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
192 # 0.9.2342.19200300.100.1.49 was dSAQuality in RFC1274
193 # 0.9.2342.19200300.100.1.50 was singleLevelQuality in RFC1274
194 # 0.9.2342.19200300.100.1.51 was subtreeMinimumQuality in RFC1274
195 # 0.9.2342.19200300.100.1.52 was subtreeMaximumQuality in RFC1274
197 # Netscape assigns binary syntax to this. RFC1274 is more detailed
198 # about this but RFC2252 does not seem to list a specific syntax.
199 # We had this as 'bin'
201 attribute ( 0.9.2342.19200300.100.1.53 NAME 'personalSignature'
202 SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )
204 attribute ( 0.9.2342.19200300.100.1.54 NAME 'dITRedirect'
205 EQUALITY distinguishedNameMatch
206 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
208 # Netscape gives syntax 1.5 to this. We had it as 'bin'.
210 attribute ( 0.9.2342.19200300.100.1.55 NAME 'audio'
211 SYNTAX 1.3.6.1.4.1.1466.115.121.1.4 )
213 attribute ( 0.9.2342.19200300.100.1.56 NAME 'documentPublisher'
214 EQUALITY caseIgnoreMatch
215 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
217 # This one is ripped from Netscape and is a pilot object. It is not
218 # in RFC1274, but we had it as 'bin'.
220 attribute ( 0.9.2342.19200300.100.1.60 NAME 'jpegPhoto'
221 SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )
223 # These attributes are pilot-related attributes that we had and Netscape
224 # has too, however, the OID is unknown for them and Netscape uses a
225 # string in place of the missing OID. We will do the same until we
226 # can make head or tails of this.
228 attribute ( abstract-oid NAME 'abstract'
229 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
231 attribute ( authorcn-oid NAME ( 'documentAuthorCommonName' 'authorCn' )
232 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
234 attribute ( authorsn-oid NAME ( 'documentAuthorSurname' 'authorSn' )
235 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
237 attribute ( documentStore-oid NAME 'documentStore'
238 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
240 attribute ( keyWords-oid NAME 'keyWords'
241 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
243 attribute ( obsoletedByDocument-oid NAME 'obsoletedByDocument'
244 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
246 attribute ( obsoletesDocument-oid NAME 'obsoletesDocument'
247 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
249 attribute ( subject-oid NAME 'subject'
250 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
252 attribute ( updatedByDocument-oid NAME 'updatedByDocument'
253 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
255 attribute ( updatesDocument-oid NAME 'updatesDocument'
256 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
258 # In classes, STRUCTURAL or AUXILIARY is chosen depending on the
259 # textual description that accompanies the class in RFC1274
261 # This is pilotObject from the RFC. However, we had both photo
262 # and jpegPhoto attributes. Nestcape does too.
264 objectclass ( 0.9.2342.19200300.100.4.3 NAME 'pilotObject' SUP top
265 AUXILIARY MAY ( info $ photo $ manager $ uniqueIdentifier $
266 lastModifiedTime $ lastModifiedBy $ dITRedirect $ audio $
269 # This is probably wrong. RFC1274 defines a pilotPerson. We did not
270 # have it and we did have a newPilotPerson instead. However, the
271 # definition is the same. Maybe it changed and was not reflected
274 objectclass ( 0.9.2342.19200300.100.4.4 NAME 'newPilotPerson' SUP person
275 STRUCTURAL MAY ( uid $ textEncodedORAddress $ mail $ drink $
276 roomNumber $ userClass $ homePhone $ homePostalAddress $
277 secretary $ personalTitle $ preferredDeliveryMethod $
278 businessCategory $ janetMailbox $ otherMailbox $ mobile $
279 pager $ organizationalStatus $ mailPreferenceOption $
280 personalSignature ) )
282 # The text is unclear about whether it is STRUCTURAL or AUXILIARY
283 # I think it was meant to be STRUCTURAL, it is the least restrictive
284 # of the options and RFC2377 explains uidObject as an auxiliary.
286 objectclass ( 0.9.2342.19200300.100.4.5 NAME 'account' SUP top
287 STRUCTURAL MUST uid MAY ( description $ seeAlso $ l $ o $ ou $
290 # Netscape says this is derived from pilotObject, but RFC1274 says top.
291 # Which is it? Our attribute list matches that of Netscape, so we will
292 # go with Netscape for the time being.
294 # Besides, this objectclass is a mess. I can only presume that
295 # originally documentAuthor, but later someone noticed that not all
296 # authors had DN's, so authorCN and authorSN were added. Other
297 # attributes were added as well. However, either no one remembered to
298 # assign OIDs to these attribute types or their assignments have been
299 # lost. See their definitions above for the Netscape kludge that we
300 # have adopted. FIX NEEDED.
302 objectclass ( 0.9.2342.19200300.100.4.6 NAME 'document' SUP pilotObject
303 MUST documentIdentifier MAY ( cn $ description $ seeAlso $ l $
304 o $ ou $ documentTitle $ documentVersion $ documentAuthor $
305 documentLocation $ documentPublisher $
306 abstract $ authorCN $ authorSN $ documentStore $ keywords $
307 obsoletedByDocument $ obsoletesDocument $ subject $
308 updatedByDocument $ updatesDocument ) )
310 objectclass ( 0.9.2342.19200300.100.4.7 NAME 'room' SUP top STRUCTURAL
311 MUST cn MAY ( roomNumber $ description $ seeAlso $ telephoneNumber ) )
313 objectclass ( 0.9.2342.19200300.100.4.9 NAME 'documentSeries' SUP top
314 STRUCTURAL MUST cn MAY ( description $ seeAlso $ telephonenumber $
317 # This definition is much longer than that in RFC1274 and is taken from RFC2247
319 objectclass ( 0.9.2342.19200300.100.4.13 NAME 'domain' SUP top STRUCTURAL
321 MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
322 x121Address $ registeredAddress $ destinationIndicator $
323 preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
324 telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
325 street $ postOfficeBox $ postalCode $ postalAddress $
326 physicalDeliveryOfficeName $ st $ l $ description $ o $
329 # This class has in RFC1274 two attributes postalAttributeSet and
330 # telecomunicationAttributeSet that we did not have. We let them out
331 # for now. Netscape does not have them either.
333 objectclass ( 0.9.2342.19200300.100.4.14 NAME 'RFC822localPart' SUP domain
334 MAY ( cn $ sn $ description $ seeAlso $ telephonenumber ) )
336 # Another wonderful inconsistency. This objectclass has little
337 # relationship to the way it was defined in RFC1274, that was derived
338 # from domain, adding ARecord, MDRecord, MXRecord, NSRecord, SOARecord
339 # and CNAMERecord attribute types of syntax DNSRecordSyntax. On the
340 # other hand, we had dNSRecord and Netscape has it too. The OID for
341 # dNSRecord is the one used in RFC1274 for ARecord. Netscape also has
342 # a manager attribute type here that we did not. It seems a mistake
343 # and we do not include it.
345 objectclass ( 0.9.2342.19200300.100.4.15 NAME 'dNSDomain' SUP 'domain'
348 objectclass ( 0.9.2342.19200300.100.4.17 NAME 'domainRelatedObject'
349 SUP 'top' MUST associatedDomain )
351 # Well, first notice we (and Netscape) were using co as short for
352 # friendlyCountryName
354 objectclass ( 0.9.2342.19200300.100.4.18 NAME 'friendlyCountry' SUP country
357 objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject'
358 SUP top MUST userPassword )
360 # Nice test case of class with two superiors. Netscape does not give
361 # OID for this objectclass and gives top as its superior. We use the
362 # OID given in RFC1274
364 objectclass ( 0.9.2342.19200300.100.4.20 NAME 'pilotOrganization'
365 SUP ( organization $ organizationalUnit ) MAY buildingName )