X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fschema%2Fcore.schema;h=f2abdbcb727145c04e61450f3f4251bbd860fbcd;hb=773d83992480d8b44884d92e8a9748ec6de816cb;hp=d45664f2fbd2de41d809b9275c4de7db59e35b68;hpb=318a116910f5f1c5d2c4869eb18796c0b380e4ec;p=openldap diff --git a/servers/slapd/schema/core.schema b/servers/slapd/schema/core.schema index d45664f2fb..f2abdbcb72 100644 --- a/servers/slapd/schema/core.schema +++ b/servers/slapd/schema/core.schema @@ -7,7 +7,7 @@ # # select standard track schema items: # RFC2079 (URI) -# RFC1274 (uid) +# RFC1274 (uid/dc) # RFC2247 (dc/dcObject) # RFC2289 (Dynamic Directory Services) # @@ -82,14 +82,6 @@ attributetype ( 1.3.6.1.4.1.1466.101.120.14 NAME 'supportedSASLMechanisms' attributetype ( 1.3.6.1.4.1.1466.101.120.15 NAME 'supportedLDAPVersion' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 USAGE dSAOperation ) -attributetype ( supportedACIMechanismsOID NAME 'supportedACIMechanisms' - DESC 'list of access control mechanisms supported by this directory server' - SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation ) - -attributetype ( aCIMechanismOID NAME 'aCIMechanism' - DESC 'list of access control mechanism supported in this subtree' - SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation ) - # LDAP Subschema Atrribute from RFC2252 attributetype ( 1.3.6.1.4.1.1466.101.120.16 NAME 'ldapSyntaxes' @@ -224,31 +216,30 @@ attributetype ( 2.5.4.24 NAME 'x121Address' SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} ) attributetype ( 2.5.4.25 NAME 'internationaliSDNNumber' - EQUALITY - numericStringMatch + EQUALITY numericStringMatch SUBSTR numericStringSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} ) attributetype ( 2.5.4.26 NAME 'registeredAddress' SUP postalAddress - SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) attributetype ( 2.5.4.27 NAME 'destinationIndicator' EQUALITY caseIgnoreMatch - SUBSTR caseIgnoreSubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} ) + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} ) attributetype ( 2.5.4.28 NAME 'preferredDeliveryMethod' - SYNTAX 1.3.6.1.4.1.1466.115.121.1.14 - SINGLE-VALUE ) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.14 + SINGLE-VALUE ) attributetype ( 2.5.4.29 NAME 'presentationAddress' - EQUALITY presentationAddressMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.43 - SINGLE-VALUE ) + EQUALITY presentationAddressMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.43 + SINGLE-VALUE ) attributetype ( 2.5.4.30 NAME 'supportedApplicationContext' - EQUALITY objectIdentifierMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) + EQUALITY objectIdentifierMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) # Placed here because others derive from it. @@ -301,7 +292,7 @@ attributetype ( 2.5.4.40 NAME 'crossCertificatePair' # 2.5.4.41 is 'name', moved above since other attribute types derive from it -attributetype ( 2.5.4.42 NAME 'givenName' SUP name ) +attributetype ( 2.5.4.42 NAME ( 'givenName' 'gn' ) SUP name ) attributetype ( 2.5.4.43 NAME 'initials' SUP name ) @@ -525,24 +516,39 @@ attributetype ( 1.3.6.1.4.1.1466.101.119.4 NAME 'dynamicSubtrees' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 NO-USER-MODIFICATION USAGE dSAOperation ) -# -# RFC2247 -attributetype ( 0.9.2342.19200300.100.1.25 NAME 'dc' - DESC 'RFC2247 domain component' +# Derived from RFC1274, but with new "short names" +attributetype ( 0.9.2342.19200300.100.1.1 + NAME ( 'uid' 'userid' ) + DESC 'RFC1274 user identifier' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +attributetype ( 0.9.2342.19200300.100.1.3 NAME ( 'mail' 'rfc822Mailbox' ) + DESC 'rfc822 mail box' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + +objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject' + SUP top AUXILIARY + MUST userPassword ) + + +# RFC1274 + RFC2247 +attributetype ( 0.9.2342.19200300.100.1.25 + NAME ( 'dc' 'domainComponent' ) + DESC 'RFC1274/2247 domain component' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +# RFC2247 objectclass ( 1.3.6.1.4.1.1466.344 NAME 'dcObject' SUP top AUXILIARY MUST dc ) -# RFC1274 -attributetype ( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' ) - DESC 'RFC1274 user identifier' - EQUALITY caseIgnoreMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) -# RFC2377 +# From RFC2377 objectclass ( 1.3.6.1.1.3.1 NAME 'uidObject' DESC 'RFC2377 uid object' SUP top AUXILIARY MUST uid ) @@ -557,20 +563,37 @@ attributetype ( 2.16.840.1.113730.3.1.34 NAME 'ref' USAGE distributedOperation ) objectclass ( 2.16.840.1.113730.3.2.6 NAME 'referral' - DESC 'nameref referral object' - SUP top STRUCTURAL MAY ( ref ) ) + DESC 'Named referral object' + SUP top STRUCTURAL MAY ref ) # # LDAPsubEntry # likely to change! objectclass ( 2.16.840.1.113719.2.142.6.1.1 NAME 'LDAPsubEntry' DESC 'LDAP Subentry' - SUP top STRUCTURAL MAY ( cn ) ) + SUP top STRUCTURAL MAY cn ) # -# LDAProotDSE +# OpenLDAProotDSE # likely to change! objectclass ( 1.3.6.1.4.1.4203.666.3.2 NAME ( 'OpenLDAProotDSE' 'LDAProotDSE' ) DESC 'OpenLDAP Root DSE object' - SUP top STRUCTURAL ) + SUP top STRUCTURAL MAY cn ) + +# +# IETF LDAPext WG Access Control Model +# likely to change! +attributetype ( supportedACIMechanismsOID NAME 'supportedACIMechanisms' + DESC 'list of access control mechanisms supported by this directory server' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation ) + +attributetype ( aCIMechanismOID NAME 'aCIMechanism' + DESC 'list of access control mechanism supported in this subtree' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation ) + +attributetype ( ldapACIOID NAME 'ldapACI' + DESC 'LDAP access control information' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + USAGE directoryOperation )