#
# select standard track schema items:
# RFC2079 (URI)
-# RFC1274 (uid)
+# RFC1274 (uid/dc)
# RFC2247 (dc/dcObject)
# RFC2289 (Dynamic Directory Services)
#
attributetype ( 1.3.6.1.4.1.1466.101.120.15 NAME 'supportedLDAPVersion'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 USAGE dSAOperation )
-attributetype ( supportedACIMechanismsOID NAME 'supportedACIMechanisms'
- DESC 'list of access control mechanisms supported by this directory server'
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation )
-
-attributetype ( aCIMechanismOID NAME 'aCIMechanism'
- DESC 'list of access control mechanism supported in this subtree'
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation )
-
# LDAP Subschema Atrribute from RFC2252
attributetype ( 1.3.6.1.4.1.1466.101.120.16 NAME 'ldapSyntaxes'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} )
attributetype ( 2.5.4.25 NAME 'internationaliSDNNumber'
- EQUALITY
- numericStringMatch
+ EQUALITY numericStringMatch
SUBSTR numericStringSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} )
attributetype ( 2.5.4.26 NAME 'registeredAddress' SUP postalAddress
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
attributetype ( 2.5.4.27 NAME 'destinationIndicator'
EQUALITY caseIgnoreMatch
- SUBSTR caseIgnoreSubstringsMatch
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} )
+ SUBSTR caseIgnoreSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} )
attributetype ( 2.5.4.28 NAME 'preferredDeliveryMethod'
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.14
- SINGLE-VALUE )
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.14
+ SINGLE-VALUE )
attributetype ( 2.5.4.29 NAME 'presentationAddress'
- EQUALITY presentationAddressMatch
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.43
- SINGLE-VALUE )
+ EQUALITY presentationAddressMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.43
+ SINGLE-VALUE )
attributetype ( 2.5.4.30 NAME 'supportedApplicationContext'
- EQUALITY objectIdentifierMatch
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
+ EQUALITY objectIdentifierMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
# Placed here because others derive from it.
# 2.5.4.41 is 'name', moved above since other attribute types derive from it
-attributetype ( 2.5.4.42 NAME 'givenName' SUP name )
+attributetype ( 2.5.4.42 NAME ( 'givenName' 'gn' ) SUP name )
attributetype ( 2.5.4.43 NAME 'initials' SUP name )
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 NO-USER-MODIFICATION
USAGE dSAOperation )
-#
-# RFC2247
-attributetype ( 0.9.2342.19200300.100.1.25 NAME 'dc'
- DESC 'RFC2247 domain component'
+# Derived from RFC1274, but with new "short names"
+attributetype ( 0.9.2342.19200300.100.1.1
+ NAME ( 'uid' 'userid' )
+ DESC 'RFC1274 user identifier'
+ EQUALITY caseIgnoreMatch
+ SUBSTR caseIgnoreSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
+
+attributetype ( 0.9.2342.19200300.100.1.3 NAME ( 'mail' 'rfc822Mailbox' )
+ DESC 'rfc822 mail box'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
+
+objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject'
+ SUP top AUXILIARY
+ MUST userPassword )
+
+
+# RFC1274 + RFC2247
+attributetype ( 0.9.2342.19200300.100.1.25
+ NAME ( 'dc' 'domainComponent' )
+ DESC 'RFC1274/2247 domain component'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
+# RFC2247
objectclass ( 1.3.6.1.4.1.1466.344 NAME 'dcObject'
SUP top AUXILIARY MUST dc )
-# RFC1274
-attributetype ( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' )
- DESC 'RFC1274 user identifier'
- EQUALITY caseIgnoreMatch
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
-# RFC2377
+# From RFC2377
objectclass ( 1.3.6.1.1.3.1 NAME 'uidObject'
DESC 'RFC2377 uid object'
SUP top AUXILIARY MUST uid )
USAGE distributedOperation )
objectclass ( 2.16.840.1.113730.3.2.6 NAME 'referral'
- DESC 'nameref referral object'
- SUP top STRUCTURAL MAY ( ref ) )
+ DESC 'Named referral object'
+ SUP top STRUCTURAL MAY ref )
#
# LDAPsubEntry
# likely to change!
objectclass ( 2.16.840.1.113719.2.142.6.1.1 NAME 'LDAPsubEntry'
DESC 'LDAP Subentry'
- SUP top STRUCTURAL MAY ( cn ) )
+ SUP top STRUCTURAL MAY cn )
#
-# LDAProotDSE
+# OpenLDAProotDSE
# likely to change!
objectclass ( 1.3.6.1.4.1.4203.666.3.2
NAME ( 'OpenLDAProotDSE' 'LDAProotDSE' )
DESC 'OpenLDAP Root DSE object'
- SUP top STRUCTURAL )
+ SUP top STRUCTURAL MAY cn )
+
+#
+# IETF LDAPext WG Access Control Model
+# likely to change!
+attributetype ( supportedACIMechanismsOID NAME 'supportedACIMechanisms'
+ DESC 'list of access control mechanisms supported by this directory server'
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation )
+
+attributetype ( aCIMechanismOID NAME 'aCIMechanism'
+ DESC 'list of access control mechanism supported in this subtree'
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation )
+
+attributetype ( ldapACIOID NAME 'ldapACI'
+ DESC 'LDAP access control information'
+ EQUALITY caseIgnoreMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+ USAGE directoryOperation )