+# inetorgperson.schema -- InetOrgPerson (RFC2798)
# $OpenLDAP$
+## This work is part of OpenLDAP Software <http://www.openldap.org/>.
+##
+## Copyright 1998-2007 The OpenLDAP Foundation.
+## All rights reserved.
+##
+## Redistribution and use in source and binary forms, with or without
+## modification, are permitted only as authorized by the OpenLDAP
+## Public License.
+##
+## A copy of this license is available in the file LICENSE in the
+## top-level directory of the distribution or, alternatively, at
+## <http://www.OpenLDAP.org/license.html>.
#
-# InetOrgPerson
-# http://search.ietf.org/internet-drafts/draft-smith-ldap-inetorgperson-03.txt
+# InetOrgPerson (RFC2798)
#
-# depends on pilot.schema
+# Depends upon
+# Definition of an X.500 Attribute Type and an Object Class to Hold
+# Uniform Resource Identifiers (URIs) [RFC2079]
+# (core.schema)
#
+# A Summary of the X.500(96) User Schema for use with LDAPv3 [RFC2256]
+# (core.schema)
+#
+# The COSINE and Internet X.500 Schema [RFC1274] (cosine.schema)
# carLicense
# This multivalued field is used to record the values of the license or
# registration plate associated with an individual.
-attribute ( 2.16.840.1.113730.3.1.1
+attributetype ( 2.16.840.1.113730.3.1.1
NAME 'carLicense'
- DESC 'vehicle license or registration plate'
+ DESC 'RFC2798: vehicle license or registration plate'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
# departmentNumber
# Code for department to which a person belongs. This can also be
# strictly numeric (e.g., 1234) or alphanumeric (e.g., ABC/123).
-attribute ( 2.16.840.1.113730.3.1.2
+attributetype ( 2.16.840.1.113730.3.1.2
NAME 'departmentNumber'
- DESC 'identifies a department within an organization'
+ DESC 'RFC2798: identifies a department within an organization'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
# is useful to be able to identify a name to be used. Since other attri-
# bute types such as 'cn' are multivalued, an additional attribute type is
# needed. Display name is defined for this purpose.
-attribute ( 2.16.840.1.113730.3.1.241
+attributetype ( 2.16.840.1.113730.3.1.241
NAME 'displayName'
- DESC 'preferred name of a person to be used when displaying entries'
+ DESC 'RFC2798: preferred name to be used when displaying entries'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
# employeeNumber
# Numeric or alphanumeric identifier assigned to a person, typically based
# on order of hire or association with an organization. Single valued.
-attribute ( 2.16.840.1.113730.3.1.3
+attributetype ( 2.16.840.1.113730.3.1.3
NAME 'employeeNumber'
- DESC 'numerically identifies an employee within an organization'
+ DESC 'RFC2798: numerically identifies an employee within an organization'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
# Used to identify the employer to employee relationship. Typical values
# used will be "Contractor", "Employee", "Intern", "Temp", "External", and
# "Unknown" but any value may be used.
-attribute ( 2.16.840.1.113730.3.1.4
+attributetype ( 2.16.840.1.113730.3.1.4
NAME 'employeeType'
- DESC 'type of employment for a person'
+ DESC 'RFC2798: type of employment for a person'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
# jpegPhoto
-# see pilot.schema
+# Used to store one or more images of a person using the JPEG File
+# Interchange Format [JFIF].
+# Note that the jpegPhoto attribute type was defined for use in the
+# Internet X.500 pilots but no referencable definition for it could be
+# located.
+attributetype ( 0.9.2342.19200300.100.1.60
+ NAME 'jpegPhoto'
+ DESC 'RFC2798: a JPEG image'
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 )
# preferredLanguage
-# Used to indicate an individual's preferred written or spoken language.
-# This is useful for international correspondence or human-computer
-# interaction. Values for this attribute type MUST conform to the defini-
-# tion of the Accept-Language header field defined in [RFC2068] with one
-# exception: the sequence "Accept-Language" ":" should be omitted. This
-# is a single valued attribute type.
-attribute ( 2.16.840.1.113730.3.1.39
+# Used to indicate an individual's preferred written or spoken
+# language. This is useful for international correspondence or human-
+# computer interaction. Values for this attribute type MUST conform to
+# the definition of the Accept-Language header field defined in
+# [RFC2068] with one exception: the sequence "Accept-Language" ":"
+# should be omitted. This is a single valued attribute type.
+attributetype ( 2.16.840.1.113730.3.1.39
NAME 'preferredLanguage'
- DESC 'preferred written or spoken language for a person'
+ DESC 'RFC2798: preferred written or spoken language for a person'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
# userSMIMECertificate
-# An S/MIME [RFC1847] signed message with a zero-length body. This attri-
-# bute is to be stored and requested in binary form, as
-# 'userSMIMECertificate;binary'. It contains the person's entire certifi-
-# cate chain and the signed attribute that describes their algorithm capa-
-# bilities, stored as binary data. If available, this attribute is
+# A PKCS#7 [RFC2315] SignedData, where the content that is signed is
+# ignored by consumers of userSMIMECertificate values. It is
+# recommended that values have a `contentType' of data with an absent
+# `content' field. Values of this attribute contain a person's entire
+# certificate chain and an smimeCapabilities field [RFC2633] that at a
+# minimum describes their SMIME algorithm capabilities. Values for
+# this attribute are to be stored and requested in binary form, as
+# 'userSMIMECertificate;binary'. If available, this attribute is
# preferred over the userCertificate attribute for S/MIME applications.
-attribute ( 2.16.840.1.113730.3.1.40
+## OpenLDAP note: ";binary" transfer should NOT be used as syntax is binary
+attributetype ( 2.16.840.1.113730.3.1.40
NAME 'userSMIMECertificate'
- DESC 'signed message used to support S/MIME'
+ DESC 'RFC2798: PKCS#7 SignedData used to support S/MIME'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )
# userPKCS12
# the userPKCS12 attribute should be used. This attribute is to be stored
# and requested in binary form, as 'userPKCS12;binary'. The attribute
# values are PFX PDUs stored as binary data.
-attribute ( 2.16.840.1.113730.3.1.216
+## OpenLDAP note: ";binary" transfer should NOT be used as syntax is binary
+attributetype ( 2.16.840.1.113730.3.1.216
NAME 'userPKCS12'
- DESC 'PKCS #12 PFX PDU for exchange of personal identity information'
+ DESC 'RFC2798: personal identity information, a PKCS #12 PFX'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )
# inetOrgPerson
-# The inetOrgPerson represents people who are associated with an organiza-
-# tion in some way. It is a structural class and is derived from the
-# organizationalPerson class which is defined in X.521 [X521].
+# The inetOrgPerson represents people who are associated with an
+# organization in some way. It is a structural class and is derived
+# from the organizationalPerson which is defined in X.521 [X521].
objectclass ( 2.16.840.1.113730.3.2.2
NAME 'inetOrgPerson'
+ DESC 'RFC2798: Internet Organizational Person'
SUP organizationalPerson
STRUCTURAL
MAY (
audio $ businessCategory $ carLicense $ departmentNumber $
- displayName $ employeeNumber $ employeeType $ givenName $ homePhone $
- homePostalAddress $ initials $ jpegPhoto $ labeledURI $
- mail $ manager $ mobile $ o $ pager $
+ displayName $ employeeNumber $ employeeType $ givenName $
+ homePhone $ homePostalAddress $ initials $ jpegPhoto $
+ labeledURI $ mail $ manager $ mobile $ o $ pager $
photo $ roomNumber $ secretary $ uid $ userCertificate $
- x500uniqueIdentifier $ preferredLanguage $ userSMIMECertificate $
- userPKCS12 )
+ x500uniqueIdentifier $ preferredLanguage $
+ userSMIMECertificate $ userPKCS12 )
)
projects / openldap / blobdiff