The following are the schema files that are currently being used by the UVM (openLDAP) Directory Server.
This is by far more information than most people will need. However, if you are playing around with what you can and can't put in for attributes on your entry, this is the information you need (as well as an understanding of what schema files do).
# $OpenLDAP: pkg/ldap/servers/slapd/schema/core.schema,v 1.7.2.18 2002/02/08 17:38:54 kurt Exp $
#
# OpenLDAP Core schema
#
# Includes LDAPv3 schema items from:
# RFC2251-RFC2256 (LDAPv3)
#
# select standard track schema items:
# RFC2079 (URI)
# RFC1274 (uid/dc)
# RFC2247 (dc/dcObject)
# RFC2589 (Dynamic Directory Services)
#
# select informational schema items:
# RFC2377 (uidObject)
#
# select IETF ''work in progress'' LDAPext/LDUP items
# ldapSubentry
# ldapRootDSE
# named referrals
# alias draft
# Standard X.501(93) Operational Attribute Types from RFC2252
attributetype ( 2.5.18.1 NAME 'createTimestamp'
EQUALITY generalizedTimeMatch
ORDERING generalizedTimeOrderingMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )
attributetype ( 2.5.18.2 NAME 'modifyTimestamp'
EQUALITY generalizedTimeMatch
ORDERING generalizedTimeOrderingMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )
attributetype ( 2.5.18.3 NAME 'creatorsName'
EQUALITY distinguishedNameMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )
attributetype ( 2.5.18.4 NAME 'modifiersName'
EQUALITY distinguishedNameMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )
attributetype ( 2.5.18.10 NAME 'subschemaSubentry'
EQUALITY distinguishedNameMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 NO-USER-MODIFICATION
SINGLE-VALUE USAGE directoryOperation )
attributetype ( 2.5.21.1 NAME 'dITStructureRules'
EQUALITY integerFirstComponentMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.17 USAGE directoryOperation )
attributetype ( 2.5.21.2 NAME 'dITContentRules'
EQUALITY objectIdentifierFirstComponentMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.16 USAGE directoryOperation )
attributetype ( 2.5.21.4 NAME 'matchingRules'
EQUALITY objectIdentifierFirstComponentMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.30 USAGE directoryOperation )
attributetype ( 2.5.21.5 NAME 'attributeTypes'
EQUALITY objectIdentifierFirstComponentMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.3 USAGE directoryOperation )
attributetype ( 2.5.21.6 NAME 'objectClasses'
EQUALITY objectIdentifierFirstComponentMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.37 USAGE directoryOperation )
attributetype ( 2.5.21.7 NAME 'nameForms'
EQUALITY objectIdentifierFirstComponentMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.35 USAGE directoryOperation )
attributetype ( 2.5.21.8 NAME 'matchingRuleUse'
EQUALITY objectIdentifierFirstComponentMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.31 USAGE directoryOperation )
# From X.500(93)
attributetype ( 2.5.21.9 NAME 'structuralObjectClass'
DESC 'X.500(93) structural object class'
EQUALITY objectIdentifierMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.38
NO-USER-MODIFICATION SINGLE-VALUE USAGE directoryOperation )
# LDAP Operational Attributes from RFC2252
attributetype ( 1.3.6.1.4.1.1466.101.120.5 NAME 'namingContexts'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 USAGE dSAOperation )
attributetype ( 1.3.6.1.4.1.1466.101.120.6 NAME 'altServer'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 USAGE dSAOperation )
attributetype ( 1.3.6.1.4.1.1466.101.120.7 NAME 'supportedExtension'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation )
attributetype ( 1.3.6.1.4.1.1466.101.120.13 NAME 'supportedControl'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation )
attributetype ( 1.3.6.1.4.1.1466.101.120.14 NAME 'supportedSASLMechanisms'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 USAGE dSAOperation )
attributetype ( 1.3.6.1.4.1.1466.101.120.15 NAME 'supportedLDAPVersion'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 USAGE dSAOperation )
attributetype ( 1.3.6.1.4.1.1466.101.120.16 NAME 'ldapSyntaxes'
EQUALITY objectIdentifierFirstComponentMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.54 USAGE directoryOperation )
# Object Classes from RFC2252
objectclass ( 2.5.20.1 NAME 'subschema' AUXILIARY
DESC 'RFC2252: controlling subschema'
MAY ( dITStructureRules $ nameForms $ ditContentRules $
objectClasses $ attributeTypes $ matchingRules $
matchingRuleUse ) )
# Standard attribute types used for subtyping from RFC2256
attributetype ( 2.5.4.41 NAME 'name'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
attributetype ( 2.5.4.49 NAME 'distinguishedName'
EQUALITY distinguishedNameMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
# Standard attribute types from RFC2256
attributetype ( 2.5.4.0 NAME 'objectClass'
EQUALITY objectIdentifierMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
attributetype ( 2.5.4.1 NAME 'aliasedObjectName'
EQUALITY distinguishedNameMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
# obsolete
attributetype ( 2.5.4.2 NAME 'knowledgeInformation'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
attributetype ( 2.5.4.3 NAME ( 'cn' 'commonName' ) SUP name )
attributetype ( 2.5.4.4 NAME ( 'sn' 'surname' ) SUP name )
attributetype ( 2.5.4.5 NAME 'serialNumber' EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} )
# (2-letter code from ISO 3166)
attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' ) SUP name SINGLE-VALUE )
attributetype ( 2.5.4.7 NAME ( 'l' 'localityName' ) SUP name )
attributetype ( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' ) SUP name )
attributetype ( 2.5.4.9 NAME ( 'street' 'streetAddress' )
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
attributetype ( 2.5.4.10 NAME ( 'o' 'organizationName' ) SUP name )
attributetype ( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' ) SUP name )
attributetype ( 2.5.4.12 NAME 'title' SUP name )
attributetype ( 2.5.4.13 NAME 'description'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} )
# Obsoleted by enhancedSearchGuide
attributetype ( 2.5.4.14 NAME 'searchGuide'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.25 )
attributetype ( 2.5.4.15 NAME 'businessCategory'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
attributetype ( 2.5.4.16 NAME 'postalAddress'
EQUALITY caseIgnoreListMatch
SUBSTR caseIgnoreListSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
attributetype ( 2.5.4.17 NAME 'postalCode'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )
attributetype ( 2.5.4.18 NAME 'postOfficeBox'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )
attributetype ( 2.5.4.19 NAME 'physicalDeliveryOfficeName'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
attributetype ( 2.5.4.20 NAME 'telephoneNumber'
EQUALITY telephoneNumberMatch
SUBSTR telephoneNumberSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} )
attributetype ( 2.5.4.21 NAME 'telexNumber'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 )
attributetype ( 2.5.4.22 NAME 'teletexTerminalIdentifier'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 )
attributetype ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' )
SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 )
attributetype ( 2.5.4.24 NAME 'x121Address'
EQUALITY numericStringMatch
SUBSTR numericStringSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} )
attributetype ( 2.5.4.25 NAME 'internationaliSDNNumber'
EQUALITY numericStringMatch
SUBSTR numericStringSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} )
attributetype ( 2.5.4.26 NAME 'registeredAddress' SUP postalAddress
SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
attributetype ( 2.5.4.27 NAME 'destinationIndicator'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} )
attributetype ( 2.5.4.28 NAME 'preferredDeliveryMethod'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.14
SINGLE-VALUE )
attributetype ( 2.5.4.29 NAME 'presentationAddress'
EQUALITY presentationAddressMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.43
SINGLE-VALUE )
attributetype ( 2.5.4.30 NAME 'supportedApplicationContext'
EQUALITY objectIdentifierMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
attributetype ( 2.5.4.31 NAME 'member' SUP distinguishedName )
attributetype ( 2.5.4.32 NAME 'owner' SUP distinguishedName )
attributetype ( 2.5.4.33 NAME 'roleOccupant' SUP distinguishedName )
attributetype ( 2.5.4.34 NAME 'seeAlso' SUP distinguishedName )
attributetype ( 2.5.4.35 NAME 'userPassword'
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
# Must be transferred using ;binary
attributetype ( 2.5.4.36 NAME 'userCertificate'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
# Must be transferred using ;binary
attributetype ( 2.5.4.37 NAME 'cACertificate'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
# Must be transferred using ;binary
attributetype ( 2.5.4.38 NAME 'authorityRevocationList'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
# Must be transferred using ;binary
attributetype ( 2.5.4.39 NAME 'certificateRevocationList'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
# Must be stored and requested in the binary form
attributetype ( 2.5.4.40 NAME 'crossCertificatePair'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.10 )
# 2.5.4.41 is defined above as it's used for subtyping
#attributetype ( 2.5.4.41 NAME 'name'
# EQUALITY caseIgnoreMatch
# SUBSTR caseIgnoreSubstringsMatch
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
attributetype ( 2.5.4.42 NAME ( 'givenName' 'gn' ) SUP name )
attributetype ( 2.5.4.43 NAME 'initials' SUP name
DESC 'The initials attribute type contains the initials of some
or all of an individuals names, but not the surname(s).' )
attributetype ( 2.5.4.44 NAME 'generationQualifier'
DESC 'e.g. Jr or II.'
SUP name )
attributetype ( 2.5.4.45 NAME 'x500UniqueIdentifier'
EQUALITY bitStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 )
attributetype ( 2.5.4.46 NAME 'dnQualifier'
EQUALITY caseIgnoreMatch
ORDERING caseIgnoreOrderingMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 )
attributetype ( 2.5.4.47 NAME 'enhancedSearchGuide'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 )
attributetype ( 2.5.4.48 NAME 'protocolInformation'
EQUALITY protocolInformationMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.42 )
# 2.5.4.49 is defined above as it's used for subtyping
#attributetype ( 2.5.4.49 NAME 'distinguishedName'
# EQUALITY distinguishedNameMatch
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
attributetype ( 2.5.4.50 NAME 'uniqueMember'
EQUALITY uniqueMemberMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 )
attributetype ( 2.5.4.51 NAME 'houseIdentifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
# Must be transferred using ;binary
attributetype ( 2.5.4.52 NAME 'supportedAlgorithms'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 )
# Must be transferred using ;binary
attributetype ( 2.5.4.53 NAME 'deltaRevocationList'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
attributetype ( 2.5.4.54 NAME 'dmdName' SUP name )
# Standard object classes from RFC2256
objectclass ( 2.5.6.0 NAME 'top' ABSTRACT
MUST objectClass )
objectclass ( 2.5.6.1 NAME 'alias' SUP top STRUCTURAL
MUST aliasedObjectName )
objectclass ( 2.5.6.2 NAME 'country' SUP top STRUCTURAL
MUST c
MAY ( searchGuide $ description ) )
objectclass ( 2.5.6.3 NAME 'locality' SUP top STRUCTURAL
MAY ( street $ seeAlso $ searchGuide $ st $ l $ description ) )
objectclass ( 2.5.6.4 NAME 'organization' SUP top STRUCTURAL
MUST o
MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
x121Address $ registeredAddress $ destinationIndicator $
preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
telephoneNumber $ internationaliSDNNumber $
facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) )
objectclass ( 2.5.6.5 NAME 'organizationalUnit' SUP top STRUCTURAL
MUST ou
MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
x121Address $ registeredAddress $ destinationIndicator $
preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
telephoneNumber $ internationaliSDNNumber $
facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) )
objectclass ( 2.5.6.6 NAME 'person' SUP top STRUCTURAL
MUST ( sn $ cn )
MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) )
objectclass ( 2.5.6.7 NAME 'organizationalPerson' SUP person STRUCTURAL
MAY ( title $ x121Address $ registeredAddress $ destinationIndicator $
preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
telephoneNumber $ internationaliSDNNumber $
facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l ) )
objectclass ( 2.5.6.8 NAME 'organizationalRole' SUP top STRUCTURAL
MUST cn
MAY ( x121Address $ registeredAddress $ destinationIndicator $
preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
seeAlso $ roleOccupant $ preferredDeliveryMethod $ street $
postOfficeBox $ postalCode $ postalAddress $
physicalDeliveryOfficeName $ ou $ st $ l $ description ) )
objectclass ( 2.5.6.9 NAME 'groupOfNames' SUP top STRUCTURAL
MUST ( member $ cn )
MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) )
objectclass ( 2.5.6.10 NAME 'residentialPerson' SUP person STRUCTURAL
MUST l
MAY ( businessCategory $ x121Address $ registeredAddress $
destinationIndicator $ preferredDeliveryMethod $ telexNumber $
teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $
facsimileTelephoneNumber $ preferredDeliveryMethod $ street $
postOfficeBox $ postalCode $ postalAddress $
physicalDeliveryOfficeName $ st $ l ) )
objectclass ( 2.5.6.11 NAME 'applicationProcess' SUP top STRUCTURAL
MUST cn
MAY ( seeAlso $ ou $ l $ description ) )
objectclass ( 2.5.6.12 NAME 'applicationEntity' SUP top STRUCTURAL
MUST ( presentationAddress $ cn )
MAY ( supportedApplicationContext $ seeAlso $ ou $ o $ l $
description ) )
objectclass ( 2.5.6.13 NAME 'dSA' SUP applicationEntity STRUCTURAL
MAY knowledgeInformation )
objectclass ( 2.5.6.14 NAME 'device' SUP top STRUCTURAL
MUST cn
MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l $ description ) )
objectclass ( 2.5.6.15 NAME 'strongAuthenticationUser' SUP top AUXILIARY
MUST userCertificate )
objectclass ( 2.5.6.16 NAME 'certificationAuthority' SUP top AUXILIARY
MUST ( authorityRevocationList $ certificateRevocationList $
cACertificate ) MAY crossCertificatePair )
objectclass ( 2.5.6.17 NAME 'groupOfUniqueNames' SUP top STRUCTURAL
MUST ( uniqueMember $ cn )
MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) )
objectclass ( 2.5.6.18 NAME 'userSecurityInformation' SUP top AUXILIARY
MAY ( supportedAlgorithms ) )
objectclass ( 2.5.6.16.2 NAME 'certificationAuthority-V2' SUP
certificationAuthority
AUXILIARY MAY ( deltaRevocationList ) )
objectclass ( 2.5.6.19 NAME 'cRLDistributionPoint' SUP top STRUCTURAL
MUST ( cn )
MAY ( certificateRevocationList $ authorityRevocationList $
deltaRevocationList ) )
objectclass ( 2.5.6.20 NAME 'dmd' SUP top STRUCTURAL
MUST ( dmdName )
MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
x121Address $ registeredAddress $ destinationIndicator $
preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
street $ postOfficeBox $ postalCode $ postalAddress $
physicalDeliveryOfficeName $ st $ l $ description ) )
objectclass ( 1.3.6.1.4.1.1466.101.120.111 NAME 'extensibleObject'
DESC 'RFC2252: extensible object'
SUP top AUXILIARY )
#
# Standard Track URI label schema from RFC2079
#
attributetype ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI'
DESC 'RFC2079: Uniform Resource Identifier with optional label'
EQUALITY caseExactMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
objectclass ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject'
DESC 'RFC2079: object that contains the URI attribute type'
MAY ( labeledURI )
SUP top AUXILIARY )
#
# Standard Track Dynamic Directory Services from RFC2589
#
objectclass ( 1.3.6.1.4.1.1466.101.119.2 NAME 'dynamicObject'
DESC 'RFC2589: Dynamic Object'
SUP top AUXILIARY )
attributetype ( 1.3.6.1.4.1.1466.101.119.3 NAME 'entryTtl'
DESC 'RFC2589: entry time-to-live'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE
NO-USER-MODIFICATION USAGE dSAOperation )
attributetype ( 1.3.6.1.4.1.1466.101.119.4 NAME 'dynamicSubtrees'
DESC 'RFC2589: dynamic subtrees'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 NO-USER-MODIFICATION
USAGE dSAOperation )
#
# Derived from RFC1274, but with new "short names"
#
attributetype ( 0.9.2342.19200300.100.1.1
NAME ( 'uid' 'userid' )
DESC 'RFC1274: user identifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( 0.9.2342.19200300.100.1.3
NAME ( 'mail' 'rfc822Mailbox' )
DESC 'RFC1274: RFC822 Mailbox'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject'
DESC 'RFC1274: simple security object'
SUP top AUXILIARY
MUST userPassword )
# RFC1274 + RFC2247
attributetype ( 0.9.2342.19200300.100.1.25
NAME ( 'dc' 'domainComponent' )
DESC 'RFC1274/2247: domain component'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
# RFC2247
objectclass ( 1.3.6.1.4.1.1466.344 NAME 'dcObject'
DESC 'RFC2247: domain component object'
SUP top AUXILIARY MUST dc )
# From RFC2377
objectclass ( 1.3.6.1.1.3.1 NAME 'uidObject'
DESC 'RFC2377: uid object'
SUP top AUXILIARY MUST uid )
#
# From draft-zeilenga-ldap-nameref-xx.txt
# used to represent referrals in the directory
#
attributetype ( 2.16.840.1.113730.3.1.34 NAME 'ref'
DESC 'Named referral'
EQUALITY caseExactMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
USAGE distributedOperation )
objectclass ( 2.16.840.1.113730.3.2.6 NAME 'referral'
DESC 'Named referral object'
SUP top STRUCTURAL MUST ref )
#
# LDAPsubEntry
# deprecated!
objectclass ( 2.16.840.1.113719.2.142.6.1.1
NAME 'LDAPsubEntry'
DESC 'LDAP Subentry'
SUP top STRUCTURAL MAY cn )
#
# OpenLDAProotDSE
# likely to change!
objectclass ( 1.3.6.1.4.1.4203.1.4.1
NAME ( 'OpenLDAProotDSE' 'LDAProotDSE' )
DESC 'OpenLDAP Root DSE object'
SUP top STRUCTURAL MAY cn )
#
# From Cosine Pilot
#
attributetype ( 0.9.2342.19200300.100.1.37 NAME 'associatedDomain'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
#
# From U-Mich
#
attributetype ( 1.3.6.1.4.1.250.1.32
NAME ( 'krbName' 'kerberosName' )
DESC 'Kerberos Name'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE )
#
# draft-zeilenga-ldap-features-xx.txt (supportedFeatures)
#
attributetype ( 1.3.6.1.4.1.4203.1.3.5
NAME 'supportedFeatures'
DESC 'features supported by the server'
EQUALITY objectIdentifierMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.38
USAGE dSAOperation )
#
# OpenLDAP specific schema items
#
attributetype ( 1.3.6.1.4.1.4203.1.3.1
NAME 'entry'
DESC 'OpenLDAP ACL entry pseudo-attribute'
SYNTAX 1.3.6.1.4.1.4203.1.1.1
SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )
attributetype ( 1.3.6.1.4.1.4203.1.3.2
NAME 'children'
DESC 'OpenLDAP ACL children pseudo-attribute'
SYNTAX 1.3.6.1.4.1.4203.1.1.1
SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )
# Experimental ( subject to change )
# this really shouldn't be published!
attributetype ( 1.3.6.1.4.1.4203.666.1.5
NAME 'OpenLDAPaci'
DESC 'OpenLDAP access control information'
EQUALITY OpenLDAPaciMatch
SYNTAX 1.3.6.1.4.1.4203.666.2.1
USAGE directoryOperation )
# $OpenLDAP: pkg/ldap/servers/slapd/schema/cosine.schema,v 1.6.2.7 2002/01/09 16:49:09 kurt Exp $
#
# RFC1274: Cosine and Internet X.500 schema
#
# This file contains LDAPv3 schema derived from X.500 COSINE "pilot"
# schema. As this schema was defined for X.500(89), some
# oddities were introduced in the mapping to LDAPv3. The
# mappings were based upon: draft-ietf-asid-ldapv3-attributes-03.txt
# (a work in progress)
#
# Note: It seems that the pilot schema evolved beyond what was
# described in RFC1274. However, this document attempts to describes
# RFC1274 as published.
#
# Depends on core.schema
# Network Working Group P. Barker
# Request for Comments: 1274 S. Kille
# University College London
# November 1991
#
# The COSINE and Internet X.500 Schema
#
# [trimmed]
#
# Abstract
#
# This document suggests an X.500 Directory Schema, or Naming
# Architecture, for use in the COSINE and Internet X.500 pilots. The
# schema is independent of any specific implementation. As well as
# indicating support for the standard object classes and attributes, a
# large number of generally useful object classes and attributes are
# also defined. An appendix to this document includes a machine
# processable version of the schema.
#
# [trimmed]
# 7. Object Identifiers
#
# Some additional object identifiers are defined for this schema.
# These are also reproduced in Appendix C.
#
# data OBJECT IDENTIFIER ::= {ccitt 9}
# pss OBJECT IDENTIFIER ::= {data 2342}
# ucl OBJECT IDENTIFIER ::= {pss 19200300}
# pilot OBJECT IDENTIFIER ::= {ucl 100}
#
# pilotAttributeType OBJECT IDENTIFIER ::= {pilot 1}
# pilotAttributeSyntax OBJECT IDENTIFIER ::= {pilot 3}
# pilotObjectClass OBJECT IDENTIFIER ::= {pilot 4}
# pilotGroups OBJECT IDENTIFIER ::= {pilot 10}
#
# iA5StringSyntax OBJECT IDENTIFIER ::= {pilotAttributeSyntax 4}
# caseIgnoreIA5StringSyntax OBJECT IDENTIFIER ::=
# {pilotAttributeSyntax 5}
#
# 8. Object Classes
# [relocated after 9]
#
# 9. Attribute Types
#
# 9.1. X.500 standard attribute types
#
# A number of generally useful attribute types are defined in X.520,
# and these are supported. Refer to that document for descriptions of
# the suggested usage of these attribute types. The ASN.1 for these
# attribute types is reproduced for completeness in Appendix C.
#
# 9.2. X.400 standard attribute types
#
# The standard X.400 attribute types are supported. See X.402 for full
# details. The ASN.1 for these attribute types is reproduced in
# Appendix C.
#
# 9.3. COSINE/Internet attribute types
#
# This section describes all the attribute types defined for use in the
# COSINE and Internet pilots. Descriptions are given as to the
# suggested usage of these attribute types. The ASN.1 for these
# attribute types is reproduced in Appendix C.
#
# 9.3.1. Userid
#
# The Userid attribute type specifies a computer system login name.
#
# userid ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# (SIZE (1 .. ub-user-identifier))
# ::= {pilotAttributeType 1}
#
#(in core.schema)
##attributetype ( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' )
## EQUALITY caseIgnoreMatch
## SUBSTR caseIgnoreSubstringsMatch
## SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
# 9.3.2. Text Encoded O/R Address
#
# The Text Encoded O/R Address attribute type specifies a text encoding
# of an X.400 O/R address, as specified in RFC 987. The use of this
# attribute is deprecated as the attribute is intended for interim use
# only. This attribute will be the first candidate for the attribute
# expiry mechanisms!
#
# textEncodedORAddress ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# (SIZE (1 .. ub-text-encoded-or-address))
# ::= {pilotAttributeType 2}
#
attributetype ( 0.9.2342.19200300.100.1.2 NAME 'textEncodedORAddress'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
# 9.3.3. RFC 822 Mailbox
#
# The RFC822 Mailbox attribute type specifies an electronic mailbox
# attribute following the syntax specified in RFC 822. Note that this
# attribute should not be used for greybook or other non-Internet order
# mailboxes.
#
# rfc822Mailbox ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreIA5StringSyntax
# (SIZE (1 .. ub-rfc822-mailbox))
# ::= {pilotAttributeType 3}
#
#(in core.schema)
##attributetype ( 0.9.2342.19200300.100.1.3 NAME ( 'mail' 'rfc822Mailbox' )
## EQUALITY caseIgnoreIA5Match
## SUBSTR caseIgnoreIA5SubstringsMatch
## SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
# 9.3.4. Information
#
# The Information attribute type specifies any general information
# pertinent to an object. It is recommended that specific usage of
# this attribute type is avoided, and that specific requirements are
# met by other (possibly additional) attribute types.
#
# info ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# (SIZE (1 .. ub-information))
# ::= {pilotAttributeType 4}
#
attributetype ( 0.9.2342.19200300.100.1.4 NAME 'info'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{2048} )
# 9.3.5. Favourite Drink
#
# The Favourite Drink attribute type specifies the favourite drink of
# an object (or person).
#
# favouriteDrink ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# (SIZE (1 .. ub-favourite-drink))
# ::= {pilotAttributeType 5}
#
attributetype ( 0.9.2342.19200300.100.1.5
NAME ( 'drink' 'favouriteDrink' )
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
# 9.3.6. Room Number
#
# The Room Number attribute type specifies the room number of an
# object. Note that the commonName attribute should be used for naming
# room objects.
#
# roomNumber ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# (SIZE (1 .. ub-room-number))
# ::= {pilotAttributeType 6}
#
attributetype ( 0.9.2342.19200300.100.1.6 NAME 'roomNumber'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
# 9.3.7. Photo
#
# The Photo attribute type specifies a "photograph" for an object.
# This should be encoded in G3 fax as explained in recommendation T.4,
# with an ASN.1 wrapper to make it compatible with an X.400 BodyPart as
# defined in X.420.
#
# IMPORT G3FacsimileBodyPart FROM { mhs-motis ipms modules
# information-objects }
#
# photo ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# CHOICE {
# g3-facsimile [3] G3FacsimileBodyPart
# }
# (SIZE (1 .. ub-photo))
# ::= {pilotAttributeType 7}
#
attributetype ( 0.9.2342.19200300.100.1.7 NAME 'photo'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.23{25000} )
# 9.3.8. User Class
#
# The User Class attribute type specifies a category of computer user.
# The semantics placed on this attribute are for local interpretation.
# Examples of current usage od this attribute in academia are
# undergraduate student, researcher, lecturer, etc. Note that the
# organizationalStatus attribute may now often be preferred as it makes
# no distinction between computer users and others.
#
# userClass ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# (SIZE (1 .. ub-user-class))
# ::= {pilotAttributeType 8}
#
attributetype ( 0.9.2342.19200300.100.1.8 NAME 'userClass'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
# 9.3.9. Host
#
# The Host attribute type specifies a host computer.
#
# host ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# (SIZE (1 .. ub-host))
# ::= {pilotAttributeType 9}
#
attributetype ( 0.9.2342.19200300.100.1.9 NAME 'host'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
# 9.3.10. Manager
#
# The Manager attribute type specifies the manager of an object
# represented by an entry.
#
# manager ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# distinguishedNameSyntax
# ::= {pilotAttributeType 10}
#
attributetype ( 0.9.2342.19200300.100.1.10 NAME 'manager'
EQUALITY distinguishedNameMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
# 9.3.11. Document Identifier
#
# The Document Identifier attribute type specifies a unique identifier
# for a document.
#
# documentIdentifier ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# (SIZE (1 .. ub-document-identifier))
# ::= {pilotAttributeType 11}
#
attributetype ( 0.9.2342.19200300.100.1.11 NAME 'documentIdentifier'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
# 9.3.12. Document Title
#
# The Document Title attribute type specifies the title of a document.
#
# documentTitle ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# (SIZE (1 .. ub-document-title))
# ::= {pilotAttributeType 12}
#
attributetype ( 0.9.2342.19200300.100.1.12 NAME 'documentTitle'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
# 9.3.13. Document Version
#
# The Document Version attribute type specifies the version number of a
# document.
#
# documentVersion ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# (SIZE (1 .. ub-document-version))
# ::= {pilotAttributeType 13}
#
attributetype ( 0.9.2342.19200300.100.1.13 NAME 'documentVersion'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
# 9.3.14. Document Author
#
# The Document Author attribute type specifies the distinguished name
# of the author of a document.
#
# documentAuthor ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# distinguishedNameSyntax
# ::= {pilotAttributeType 14}
#
attributetype ( 0.9.2342.19200300.100.1.14 NAME 'documentAuthor'
EQUALITY distinguishedNameMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
# 9.3.15. Document Location
#
# The Document Location attribute type specifies the location of the
# document original.
#
# documentLocation ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# (SIZE (1 .. ub-document-location))
# ::= {pilotAttributeType 15}
#
attributetype ( 0.9.2342.19200300.100.1.15 NAME 'documentLocation'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
# 9.3.16. Home Telephone Number
#
# The Home Telephone Number attribute type specifies a home telephone
# number associated with a person. Attribute values should follow the
# agreed format for international telephone numbers: i.e., "+44 71 123
# 4567".
#
# homeTelephoneNumber ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# telephoneNumberSyntax
# ::= {pilotAttributeType 20}
#
attributetype ( 0.9.2342.19200300.100.1.20
NAME ( 'homePhone' 'homeTelephoneNumber' )
EQUALITY telephoneNumberMatch
SUBSTR telephoneNumberSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
# 9.3.17. Secretary
#
# The Secretary attribute type specifies the secretary of a person.
# The attribute value for Secretary is a distinguished name.
#
# secretary ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# distinguishedNameSyntax
# ::= {pilotAttributeType 21}
#
attributetype ( 0.9.2342.19200300.100.1.21 NAME 'secretary'
EQUALITY distinguishedNameMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
# 9.3.18. Other Mailbox
#
# The Other Mailbox attribute type specifies values for electronic
# mailbox types other than X.400 and rfc822.
#
# otherMailbox ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# SEQUENCE {
# mailboxType PrintableString, -- e.g. Telemail
# mailbox IA5String -- e.g. X378:Joe
# }
# ::= {pilotAttributeType 22}
#
attributetype ( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.39 )
# 9.3.19. Last Modified Time
#
# The Last Modified Time attribute type specifies the last time, in UTC
# time, that an entry was modified. Ideally, this attribute should be
# maintained by the DSA.
#
# lastModifiedTime ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# uTCTimeSyntax
# ::= {pilotAttributeType 23}
#
## OBSOLETE
#attributetype ( 0.9.2342.19200300.100.1.23 NAME 'lastModifiedTime'
# DESC 'RFC1274: time of last modify, replaced by modifyTimestamp'
# OBSOLETE
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.53
# USAGE directoryOperation )
# 9.3.20. Last Modified By
#
# The Last Modified By attribute specifies the distinguished name of
# the last user to modify the associated entry. Ideally, this
# attribute should be maintained by the DSA.
#
# lastModifiedBy ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# distinguishedNameSyntax
# ::= {pilotAttributeType 24}
#
## OBSOLETE
#attributetype ( 0.9.2342.19200300.100.1.24 NAME 'lastModifiedBy'
# DESC 'RFC1274: last modifier, replaced by modifiersName'
# OBSOLETE
# EQUALITY distinguishedNameMatch
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
# USAGE directoryOperation )
# 9.3.21. Domain Component
#
# The Domain Component attribute type specifies a DNS/NRS domain. For
# example, "uk" or "ac".
#
# domainComponent ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreIA5StringSyntax
# SINGLE VALUE
# ::= {pilotAttributeType 25}
#
##(in core.schema)
##attributetype ( 0.9.2342.19200300.100.1.25 NAME ( 'dc' 'domainComponent' )
## EQUALITY caseIgnoreIA5Match
## SUBSTR caseIgnoreIA5SubstringsMatch
## SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
# 9.3.22. DNS ARecord
#
# The A Record attribute type specifies a type A (Address) DNS resource
# record [6] [7].
#
# aRecord ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# DNSRecordSyntax
# ::= {pilotAttributeType 26}
#
## incorrect syntax?
attributetype ( 0.9.2342.19200300.100.1.26 NAME 'aRecord'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
## missing from RFC1274
## incorrect syntax?
attributetype ( 0.9.2342.19200300.100.1.27 NAME 'mDRecord'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
# 9.3.23. MX Record
#
# The MX Record attribute type specifies a type MX (Mail Exchange) DNS
# resource record [6] [7].
#
# mXRecord ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# DNSRecordSyntax
# ::= {pilotAttributeType 28}
#
## incorrect syntax!!
attributetype ( 0.9.2342.19200300.100.1.28 NAME 'mXRecord'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
# 9.3.24. NS Record
#
# The NS Record attribute type specifies an NS (Name Server) DNS
# resource record [6] [7].
#
# nSRecord ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# DNSRecordSyntax
# ::= {pilotAttributeType 29}
#
## incorrect syntax!!
attributetype ( 0.9.2342.19200300.100.1.29 NAME 'nSRecord'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
# 9.3.25. SOA Record
#
# The SOA Record attribute type specifies a type SOA (Start of
# Authority) DNS resorce record [6] [7].
#
# sOARecord ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# DNSRecordSyntax
# ::= {pilotAttributeType 30}
#
## incorrect syntax!!
attributetype ( 0.9.2342.19200300.100.1.30 NAME 'sOARecord'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
# 9.3.26. CNAME Record
#
# The CNAME Record attribute type specifies a type CNAME (Canonical
# Name) DNS resource record [6] [7].
#
# cNAMERecord ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# iA5StringSyntax
# ::= {pilotAttributeType 31}
#
## incorrect syntax!!
attributetype ( 0.9.2342.19200300.100.1.31 NAME 'cNAMERecord'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
# 9.3.27. Associated Domain
#
# The Associated Domain attribute type specifies a DNS or NRS domain
# which is associated with an object in the DIT. For example, the entry
# in the DIT with a distinguished name "C=GB, O=University College
# London" would have an associated domain of "UCL.AC.UK. Note that all
# domains should be represented in rfc822 order. See [3] for more
# details of usage of this attribute.
#
# associatedDomain ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreIA5StringSyntax
# ::= {pilotAttributeType 37}
#
#attributetype ( 0.9.2342.19200300.100.1.37 NAME 'associatedDomain'
# EQUALITY caseIgnoreIA5Match
# SUBSTR caseIgnoreIA5SubstringsMatch
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
# 9.3.28. Associated Name
#
# The Associated Name attribute type specifies an entry in the
# organisational DIT associated with a DNS/NRS domain. See [3] for
# more details of usage of this attribute.
#
# associatedName ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# distinguishedNameSyntax
# ::= {pilotAttributeType 38}
#
attributetype ( 0.9.2342.19200300.100.1.38 NAME 'associatedName'
EQUALITY distinguishedNameMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
# 9.3.29. Home postal address
#
# The Home postal address attribute type specifies a home postal
# address for an object. This should be limited to up to 6 lines of 30
# characters each.
#
# homePostalAddress ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# postalAddress
# MATCHES FOR EQUALITY
# ::= {pilotAttributeType 39}
#
attributetype ( 0.9.2342.19200300.100.1.39 NAME 'homePostalAddress'
EQUALITY caseIgnoreListMatch
SUBSTR caseIgnoreListSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
# 9.3.30. Personal Title
#
# The Personal Title attribute type specifies a personal title for a
# person. Examples of personal titles are "Ms", "Dr", "Prof" and "Rev".
#
# personalTitle ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# (SIZE (1 .. ub-personal-title))
# ::= {pilotAttributeType 40}
#
attributetype ( 0.9.2342.19200300.100.1.40 NAME 'personalTitle'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
# 9.3.31. Mobile Telephone Number
#
# The Mobile Telephone Number attribute type specifies a mobile
# telephone number associated with a person. Attribute values should
# follow the agreed format for international telephone numbers: i.e.,
# "+44 71 123 4567".
#
# mobileTelephoneNumber ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# telephoneNumberSyntax
# ::= {pilotAttributeType 41}
#
attributetype ( 0.9.2342.19200300.100.1.41
NAME ( 'mobile' 'mobileTelephoneNumber' )
EQUALITY telephoneNumberMatch
SUBSTR telephoneNumberSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
# 9.3.32. Pager Telephone Number
#
# The Pager Telephone Number attribute type specifies a pager telephone
# number for an object. Attribute values should follow the agreed
# format for international telephone numbers: i.e., "+44 71 123 4567".
#
# pagerTelephoneNumber ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# telephoneNumberSyntax
# ::= {pilotAttributeType 42}
#
attributetype ( 0.9.2342.19200300.100.1.42
NAME ( 'pager' 'pagerTelephoneNumber' )
EQUALITY telephoneNumberMatch
SUBSTR telephoneNumberSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
# 9.3.33. Friendly Country Name
#
# The Friendly Country Name attribute type specifies names of countries
# in human readable format. The standard attribute country name must
# be one of the two-letter codes defined in ISO 3166.
#
# friendlyCountryName ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# ::= {pilotAttributeType 43}
#
attributetype ( 0.9.2342.19200300.100.1.43
NAME ( 'co' 'friendlyCountryName' )
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
# 9.3.34. Unique Identifier
#
# The Unique Identifier attribute type specifies a "unique identifier"
# for an object represented in the Directory. The domain within which
# the identifier is unique, and the exact semantics of the identifier,
# are for local definition. For a person, this might be an
# institution-wide payroll number. For an organisational unit, it
# might be a department code.
#
# uniqueIdentifier ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# (SIZE (1 .. ub-unique-identifier))
# ::= {pilotAttributeType 44}
#
attributetype ( 0.9.2342.19200300.100.1.44 NAME 'uniqueIdentifier'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
# 9.3.35. Organisational Status
#
# The Organisational Status attribute type specifies a category by
# which a person is often referred to in an organisation. Examples of
# usage in academia might include undergraduate student, researcher,
# lecturer, etc.
#
# A Directory administrator should probably consider carefully the
# distinctions between this and the title and userClass attributes.
#
# organizationalStatus ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# (SIZE (1 .. ub-organizational-status))
# ::= {pilotAttributeType 45}
#
attributetype ( 0.9.2342.19200300.100.1.45 NAME 'organizationalStatus'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
# 9.3.36. Janet Mailbox
#
# The Janet Mailbox attribute type specifies an electronic mailbox
# attribute following the syntax specified in the Grey Book of the
# Coloured Book series. This attribute is intended for the convenience
# of U.K users unfamiliar with rfc822 and little-endian mail addresses.
# Entries using this attribute MUST also include an rfc822Mailbox
# attribute.
#
# janetMailbox ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreIA5StringSyntax
# (SIZE (1 .. ub-janet-mailbox))
# ::= {pilotAttributeType 46}
#
attributetype ( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
# 9.3.37. Mail Preference Option
#
# An attribute to allow users to indicate a preference for inclusion of
# their names on mailing lists (electronic or physical). The absence
# of such an attribute should be interpreted as if the attribute was
# present with value "no-list-inclusion". This attribute should be
# interpreted by anyone using the directory to derive mailing lists,
# and its value respected.
#
# mailPreferenceOption ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX ENUMERATED {
# no-list-inclusion(0),
# any-list-inclusion(1), -- may be added to any lists
# professional-list-inclusion(2)
# -- may be added to lists
# -- which the list provider
# -- views as related to the
# -- users professional inter-
# -- ests, perhaps evaluated
# -- from the business of the
# -- organisation or keywords
# -- in the entry.
# }
# ::= {pilotAttributeType 47}
#
attributetype ( 0.9.2342.19200300.100.1.47
NAME 'mailPreferenceOption'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
# 9.3.38. Building Name
#
# The Building Name attribute type specifies the name of the building
# where an organisation or organisational unit is based.
#
# buildingName ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# (SIZE (1 .. ub-building-name))
# ::= {pilotAttributeType 48}
#
attributetype ( 0.9.2342.19200300.100.1.48 NAME 'buildingName'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
# 9.3.39. DSA Quality
#
# The DSA Quality attribute type specifies the purported quality of a
# DSA. It allows a DSA manager to indicate the expected level of
# availability of the DSA. See [8] for details of the syntax.
#
# dSAQuality ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX DSAQualitySyntax
# SINGLE VALUE
# ::= {pilotAttributeType 49}
#
attributetype ( 0.9.2342.19200300.100.1.49 NAME 'dSAQuality'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.19 SINGLE-VALUE )
# 9.3.40. Single Level Quality
#
# The Single Level Quality attribute type specifies the purported data
# quality at the level immediately below in the DIT. See [8] for
# details of the syntax.
#
# singleLevelQuality ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX DataQualitySyntax
# SINGLE VALUE
# ::= {pilotAttributeType 50}
#
attributetype ( 0.9.2342.19200300.100.1.50 NAME 'singleLevelQuality'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE )
# 9.3.41. Subtree Minimum Quality
#
# The Subtree Minimum Quality attribute type specifies the purported
# minimum data quality for a DIT subtree. See [8] for more discussion
# and details of the syntax.
#
# subtreeMinimumQuality ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX DataQualitySyntax
# SINGLE VALUE
# -- Defaults to singleLevelQuality
# ::= {pilotAttributeType 51}
#
attributetype ( 0.9.2342.19200300.100.1.51 NAME 'subtreeMinimumQuality'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE )
# 9.3.42. Subtree Maximum Quality
#
# The Subtree Maximum Quality attribute type specifies the purported
# maximum data quality for a DIT subtree. See [8] for more discussion
# and details of the syntax.
#
# subtreeMaximumQuality ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX DataQualitySyntax
# SINGLE VALUE
# -- Defaults to singleLevelQuality
# ::= {pilotAttributeType 52}
#
attributetype ( 0.9.2342.19200300.100.1.52 NAME 'subtreeMaximumQuality'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE )
# 9.3.43. Personal Signature
#
# The Personal Signature attribute type allows for a representation of
# a person's signature. This should be encoded in G3 fax as explained
# in recommendation T.4, with an ASN.1 wrapper to make it compatible
# with an X.400 BodyPart as defined in X.420.
#
# IMPORT G3FacsimileBodyPart FROM { mhs-motis ipms modules
# information-objects }
#
# personalSignature ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# CHOICE {
# g3-facsimile [3] G3FacsimileBodyPart
# }
# (SIZE (1 .. ub-personal-signature))
# ::= {pilotAttributeType 53}
#
attributetype ( 0.9.2342.19200300.100.1.53 NAME 'personalSignature'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.23 )
# 9.3.44. DIT Redirect
#
# The DIT Redirect attribute type is used to indicate that the object
# described by one entry now has a newer entry in the DIT. The entry
# containing the redirection attribute should be expired after a
# suitable grace period. This attribute may be used when an individual
# changes his/her place of work, and thus acquires a new organisational
# DN.
#
# dITRedirect ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# distinguishedNameSyntax
# ::= {pilotAttributeType 54}
#
attributetype ( 0.9.2342.19200300.100.1.54 NAME 'dITRedirect'
EQUALITY distinguishedNameMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
# 9.3.45. Audio
#
# The Audio attribute type allows the storing of sounds in the
# Directory. The attribute uses a u-law encoded sound file as used by
# the "play" utility on a Sun 4. This is an interim format.
#
# audio ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# Audio
# (SIZE (1 .. ub-audio))
# ::= {pilotAttributeType 55}
#
attributetype ( 0.9.2342.19200300.100.1.55 NAME 'audio'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.4{25000} )
# 9.3.46. Publisher of Document
#
#
# The Publisher of Document attribute is the person and/or organization
# that published a document.
#
# documentPublisher ATTRIBUTE
# WITH ATTRIBUTE SYNTAX caseIgnoreStringSyntax
# ::= {pilotAttributeType 56}
#
attributetype ( 0.9.2342.19200300.100.1.56 NAME 'documentPublisher'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
# 9.4. Generally useful syntaxes
#
# caseIgnoreIA5StringSyntax ATTRIBUTE-SYNTAX
# IA5String
# MATCHES FOR EQUALITY SUBSTRINGS
#
# iA5StringSyntax ATTRIBUTE-SYNTAX
# IA5String
# MATCHES FOR EQUALITY SUBSTRINGS
#
#
# -- Syntaxes to support the DNS attributes
#
# DNSRecordSyntax ATTRIBUTE-SYNTAX
# IA5String
# MATCHES FOR EQUALITY
#
#
# NRSInformationSyntax ATTRIBUTE-SYNTAX
# NRSInformation
# MATCHES FOR EQUALITY
#
#
# NRSInformation ::= SET {
# [0] Context,
# [1] Address-space-id,
# routes [2] SEQUENCE OF SEQUENCE {
# Route-cost,
# Addressing-info }
# }
#
#
# 9.5. Upper bounds on length of attribute values
#
#
# ub-document-identifier INTEGER ::= 256
#
# ub-document-location INTEGER ::= 256
#
# ub-document-title INTEGER ::= 256
#
# ub-document-version INTEGER ::= 256
#
# ub-favourite-drink INTEGER ::= 256
#
# ub-host INTEGER ::= 256
#
# ub-information INTEGER ::= 2048
#
# ub-unique-identifier INTEGER ::= 256
#
# ub-personal-title INTEGER ::= 256
#
# ub-photo INTEGER ::= 250000
#
# ub-rfc822-mailbox INTEGER ::= 256
#
# ub-room-number INTEGER ::= 256
#
# ub-text-or-address INTEGER ::= 256
#
# ub-user-class INTEGER ::= 256
#
# ub-user-identifier INTEGER ::= 256
#
# ub-organizational-status INTEGER ::= 256
#
# ub-janet-mailbox INTEGER ::= 256
#
# ub-building-name INTEGER ::= 256
#
# ub-personal-signature ::= 50000
#
# ub-audio INTEGER ::= 250000
#
# [back to 8]
# 8. Object Classes
#
# 8.1. X.500 standard object classes
#
# A number of generally useful object classes are defined in X.521, and
# these are supported. Refer to that document for descriptions of the
# suggested usage of these object classes. The ASN.1 for these object
# classes is reproduced for completeness in Appendix C.
#
# 8.2. X.400 standard object classes
#
# A number of object classes defined in X.400 are supported. Refer to
# X.402 for descriptions of the usage of these object classes. The
# ASN.1 for these object classes is reproduced for completeness in
# Appendix C.
#
# 8.3. COSINE/Internet object classes
#
# This section attempts to fuse together the object classes designed
# for use in the COSINE and Internet pilot activities. Descriptions
# are given of the suggested usage of these object classes. The ASN.1
# for these object classes is also reproduced in Appendix C.
#
# 8.3.1. Pilot Object
#
# The PilotObject object class is used as a sub-class to allow some
# common, useful attributes to be assigned to entries of all other
# object classes.
#
# pilotObject OBJECT-CLASS
# SUBCLASS OF top
# MAY CONTAIN {
# info,
# photo,
# manager,
# uniqueIdentifier,
# lastModifiedTime,
# lastModifiedBy,
# dITRedirect,
# audio}
# ::= {pilotObjectClass 3}
#
#objectclass ( 0.9.2342.19200300.100.4.3 NAME 'pilotObject'
# DESC 'RFC1274: pilot object'
# SUP top AUXILIARY
# MAY ( info $ photo $ manager $ uniqueIdentifier $
# lastModifiedTime $ lastModifiedBy $ dITRedirect $ audio )
# )
# 8.3.2. Pilot Person
#
# The PilotPerson object class is used as a sub-class of person, to
# allow the use of a number of additional attributes to be assigned to
# entries of object class person.
#
# pilotPerson OBJECT-CLASS
# SUBCLASS OF person
# MAY CONTAIN {
# userid,
# textEncodedORAddress,
# rfc822Mailbox,
# favouriteDrink,
# roomNumber,
# userClass,
# homeTelephoneNumber,
# homePostalAddress,
# secretary,
# personalTitle,
# preferredDeliveryMethod,
# businessCategory,
# janetMailbox,
# otherMailbox,
# mobileTelephoneNumber,
# pagerTelephoneNumber,
# organizationalStatus,
# mailPreferenceOption,
# personalSignature}
# ::= {pilotObjectClass 4}
#
objectclass ( 0.9.2342.19200300.100.4.4
NAME ( 'pilotPerson' 'newPilotPerson' )
SUP person STRUCTURAL
MAY ( userid $ textEncodedORAddress $ rfc822Mailbox $
favouriteDrink $ roomNumber $ userClass $
homeTelephoneNumber $ homePostalAddress $ secretary $
personalTitle $ preferredDeliveryMethod $ businessCategory $
janetMailbox $ otherMailbox $ mobileTelephoneNumber $
pagerTelephoneNumber $ organizationalStatus $
mailPreferenceOption $ personalSignature )
)
# 8.3.3. Account
#
# The Account object class is used to define entries representing
# computer accounts. The userid attribute should be used for naming
# entries of this object class.
#
# account OBJECT-CLASS
# SUBCLASS OF top
# MUST CONTAIN {
# userid}
# MAY CONTAIN {
# description,
# seeAlso,
# localityName,
# organizationName,
# organizationalUnitName,
# host}
# ::= {pilotObjectClass 5}
#
objectclass ( 0.9.2342.19200300.100.4.5 NAME 'account'
SUP top STRUCTURAL
MUST userid
MAY ( description $ seeAlso $ localityName $
organizationName $ organizationalUnitName $ host )
)
# 8.3.4. Document
#
# The Document object class is used to define entries which represent
# documents.
#
# document OBJECT-CLASS
# SUBCLASS OF top
# MUST CONTAIN {
# documentIdentifier}
# MAY CONTAIN {
# commonName,
# description,
# seeAlso,
# localityName,
# organizationName,
# organizationalUnitName,
# documentTitle,
# documentVersion,
# documentAuthor,
# documentLocation,
# documentPublisher}
# ::= {pilotObjectClass 6}
#
objectclass ( 0.9.2342.19200300.100.4.6 NAME 'document'
SUP top STRUCTURAL
MUST documentIdentifier
MAY ( commonName $ description $ seeAlso $ localityName $
organizationName $ organizationalUnitName $
documentTitle $ documentVersion $ documentAuthor $
documentLocation $ documentPublisher )
)
# 8.3.5. Room
#
# The Room object class is used to define entries representing rooms.
# The commonName attribute should be used for naming pentries of this
# object class.
#
# room OBJECT-CLASS
# SUBCLASS OF top
# MUST CONTAIN {
# commonName}
# MAY CONTAIN {
# roomNumber,
# description,
# seeAlso,
# telephoneNumber}
# ::= {pilotObjectClass 7}
#
objectclass ( 0.9.2342.19200300.100.4.7 NAME 'room'
SUP top STRUCTURAL
MUST commonName
MAY ( roomNumber $ description $ seeAlso $ telephoneNumber )
)
# 8.3.6. Document Series
#
# The Document Series object class is used to define an entry which
# represents a series of documents (e.g., The Request For Comments
# papers).
#
# documentSeries OBJECT-CLASS
# SUBCLASS OF top
# MUST CONTAIN {
# commonName}
# MAY CONTAIN {
# description,
# seeAlso,
# telephoneNumber,
# localityName,
# organizationName,
# organizationalUnitName}
# ::= {pilotObjectClass 9}
#
objectclass ( 0.9.2342.19200300.100.4.9 NAME 'documentSeries'
SUP top STRUCTURAL
MUST commonName
MAY ( description $ seeAlso $ telephonenumber $
localityName $ organizationName $ organizationalUnitName )
)
# 8.3.7. Domain
#
# The Domain object class is used to define entries which represent DNS
# or NRS domains. The domainComponent attribute should be used for
# naming entries of this object class. The usage of this object class
# is described in more detail in [3].
#
# domain OBJECT-CLASS
# SUBCLASS OF top
# MUST CONTAIN {
# domainComponent}
# MAY CONTAIN {
# associatedName,
# organizationName,
# organizationalAttributeSet}
# ::= {pilotObjectClass 13}
#
objectclass ( 0.9.2342.19200300.100.4.13 NAME 'domain'
SUP top STRUCTURAL
MUST domainComponent
MAY ( associatedName $ organizationName $ description $
businessCategory $ seeAlso $ searchGuide $ userPassword $
localityName $ stateOrProvinceName $ streetAddress $
physicalDeliveryOfficeName $ postalAddress $ postalCode $
postOfficeBox $ streetAddress $
facsimileTelephoneNumber $ internationalISDNNumber $
telephoneNumber $ teletexTerminalIdentifier $ telexNumber $
preferredDeliveryMethod $ destinationIndicator $
registeredAddress $ x121Address )
)
# 8.3.8. RFC822 Local Part
#
# The RFC822 Local Part object class is used to define entries which
# represent the local part of RFC822 mail addresses. This treats this
# part of an RFC822 address as a domain. The usage of this object
# class is described in more detail in [3].
#
# rFC822localPart OBJECT-CLASS
# SUBCLASS OF domain
# MAY CONTAIN {
# commonName,
# surname,
# description,
# seeAlso,
# telephoneNumber,
# postalAttributeSet,
# telecommunicationAttributeSet}
# ::= {pilotObjectClass 14}
#
objectclass ( 0.9.2342.19200300.100.4.14 NAME 'RFC822localPart'
SUP domain STRUCTURAL
MAY ( commonName $ surname $ description $ seeAlso $ telephonenumber $
physicalDeliveryOfficeName $ postalAddress $ postalCode $
postOfficeBox $ streetAddress $
facsimileTelephoneNumber $ internationalISDNNumber $
telephoneNumber $ teletexTerminalIdentifier $
telexNumber $ preferredDeliveryMethod $ destinationIndicator $
registeredAddress $ x121Address )
)
# 8.3.9. DNS Domain
#
# The DNS Domain (Domain NameServer) object class is used to define
# entries for DNS domains. The usage of this object class is described
# in more detail in [3].
#
# dNSDomain OBJECT-CLASS
# SUBCLASS OF domain
# MAY CONTAIN {
# ARecord,
# MDRecord,
# MXRecord,
# NSRecord,
# SOARecord,
# CNAMERecord}
# ::= {pilotObjectClass 15}
#
objectclass ( 0.9.2342.19200300.100.4.15 NAME 'dNSDomain'
SUP 'domain' STRUCTURAL
MAY ( ARecord $ MDRecord $ MXRecord $ NSRecord $
SOARecord $ CNAMERecord )
)
# 8.3.10. Domain Related Object
#
# The Domain Related Object object class is used to define entries
# which represent DNS/NRS domains which are "equivalent" to an X.500
# domain: e.g., an organisation or organisational unit. The usage of
# this object class is described in more detail in [3].
#
# domainRelatedObject OBJECT-CLASS
# SUBCLASS OF top
# MUST CONTAIN {
# associatedDomain}
# ::= {pilotObjectClass 17}
#
objectclass ( 0.9.2342.19200300.100.4.17 NAME 'domainRelatedObject'
SUP top AUXILIARY
MUST associatedDomain )
# 8.3.11. Friendly Country
#
# The Friendly Country object class is used to define country entries
# in the DIT. The object class is used to allow friendlier naming of
# countries than that allowed by the object class country. The naming
# attribute of object class country, countryName, has to be a 2 letter
# string defined in ISO 3166.
#
# friendlyCountry OBJECT-CLASS
# SUBCLASS OF country
# MUST CONTAIN {
# friendlyCountryName}
# ::= {pilotObjectClass 18}
#
objectclass ( 0.9.2342.19200300.100.4.18 NAME 'friendlyCountry'
SUP country STRUCTURAL
MUST friendlyCountryName )
# 8.3.12. Simple Security Object
#
# The Simple Security Object object class is used to allow an entry to
# have a userPassword attribute when an entry's principal object
# classes do not allow userPassword as an attribute type.
#
# simpleSecurityObject OBJECT-CLASS
# SUBCLASS OF top
# MUST CONTAIN {
# userPassword }
# ::= {pilotObjectClass 19}
#
## (in core.schema)
## objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject'
## SUP top AUXILIARY
## MUST userPassword )
# 8.3.13. Pilot Organization
#
# The PilotOrganization object class is used as a sub-class of
# organization and organizationalUnit to allow a number of additional
# attributes to be assigned to entries of object classes organization
# and organizationalUnit.
#
# pilotOrganization OBJECT-CLASS
# SUBCLASS OF organization, organizationalUnit
# MAY CONTAIN {
# buildingName}
# ::= {pilotObjectClass 20}
#
objectclass ( 0.9.2342.19200300.100.4.20 NAME 'pilotOrganization'
SUP ( organization $ organizationalUnit ) STRUCTURAL
MAY buildingName )
# 8.3.14. Pilot DSA
#
# The PilotDSA object class is used as a sub-class of the dsa object
# class to allow additional attributes to be assigned to entries for
# DSAs.
#
# pilotDSA OBJECT-CLASS
# SUBCLASS OF dsa
# MUST CONTAIN {
# dSAQuality}
# ::= {pilotObjectClass 21}
#
objectclass ( 0.9.2342.19200300.100.4.21 NAME 'pilotDSA'
SUP dsa STRUCTURAL
MAY dSAQuality )
# 8.3.15. Quality Labelled Data
#
# The Quality Labelled Data object class is used to allow the
# assignment of the data quality attributes to subtrees in the DIT.
#
# See [8] for more details.
#
# qualityLabelledData OBJECT-CLASS
# SUBCLASS OF top
# MUST CONTAIN {
# dSAQuality}
# MAY CONTAIN {
# subtreeMinimumQuality,
# subtreeMaximumQuality}
# ::= {pilotObjectClass 22}
objectclass ( 0.9.2342.19200300.100.4.22 NAME 'qualityLabelledData'
SUP top AUXILIARY
MUST dsaQuality
MAY ( subtreeMinimumQuality $ subtreeMaximumQuality )
)
# References
#
# [1] CCITT/ISO, "X.500, The Directory - overview of concepts,
# models and services, CCITT /ISO IS 9594.
#
# [2] Kille, S., "The THORN and RARE X.500 Naming Architecture, in
# University College London, Department of Computer Science
# Research Note 89/48, May 1989.
#
# [3] Kille, S., "X.500 and Domains", RFC 1279, University College
# London, November 1991.
#
# [4] Rose, M., "PSI/NYSERNet White Pages Pilot Project: Status
# Report", Technical Report 90-09-10-1, published by NYSERNet
# Inc, 1990.
#
# [5] Craigie, J., "UK Academic Community Directory Service Pilot
# Project, pp. 305-310 in Computer Networks and ISDN Systems
# 17 (1989), published by North Holland.
#
# [6] Mockapetris, P., "Domain Names - Concepts and Facilities",
# RFC 1034, USC/Information Sciences Institute, November 1987.
#
# [7] Mockapetris, P., "Domain Names - Implementation and
# Specification, RFC 1035, USC/Information Sciences Institute,
# November 1987.
#
# [8] Kille, S., "Handling QOS (Quality of service) in the
# Directory," publication in process, March 1991.
#
#
# APPENDIX C - Summary of all Object Classes and Attribute Types
#
# -- Some Important Object Identifiers
#
# data OBJECT IDENTIFIER ::= {ccitt 9}
# pss OBJECT IDENTIFIER ::= {data 2342}
# ucl OBJECT IDENTIFIER ::= {pss 19200300}
# pilot OBJECT IDENTIFIER ::= {ucl 100}
#
# pilotAttributeType OBJECT IDENTIFIER ::= {pilot 1}
# pilotAttributeSyntax OBJECT IDENTIFIER ::= {pilot 3}
# pilotObjectClass OBJECT IDENTIFIER ::= {pilot 4}
# pilotGroups OBJECT IDENTIFIER ::= {pilot 10}
#
# iA5StringSyntax OBJECT IDENTIFIER ::= {pilotAttributeSyntax 4}
# caseIgnoreIA5StringSyntax OBJECT IDENTIFIER ::=
# {pilotAttributeSyntax 5}
#
# -- Standard Object Classes
#
# top OBJECT-CLASS
# MUST CONTAIN {
# objectClass}
# ::= {objectClass 0}
#
#
# alias OBJECT-CLASS
# SUBCLASS OF top
# MUST CONTAIN {
# aliasedObjectName}
# ::= {objectClass 1}
#
#
# country OBJECT-CLASS
# SUBCLASS OF top
# MUST CONTAIN {
# countryName}
# MAY CONTAIN {
# description,
# searchGuide}
# ::= {objectClass 2}
#
#
# locality OBJECT-CLASS
# SUBCLASS OF top
# MAY CONTAIN {
# description,
# localityName,
# stateOrProvinceName,
# searchGuide,
# seeAlso,
# streetAddress}
# ::= {objectClass 3}
#
#
# organization OBJECT-CLASS
# SUBCLASS OF top
# MUST CONTAIN {
# organizationName}
# MAY CONTAIN {
# organizationalAttributeSet}
# ::= {objectClass 4}
#
#
# organizationalUnit OBJECT-CLASS
# SUBCLASS OF top
# MUST CONTAIN {
# organizationalUnitName}
# MAY CONTAIN {
# organizationalAttributeSet}
# ::= {objectClass 5}
#
#
# person OBJECT-CLASS
# SUBCLASS OF top
# MUST CONTAIN {
# commonName,
# surname}
# MAY CONTAIN {
# description,
# seeAlso,
# telephoneNumber,
# userPassword}
# ::= {objectClass 6}
#
#
# organizationalPerson OBJECT-CLASS
# SUBCLASS OF person
# MAY CONTAIN {
# localeAttributeSet,
# organizationalUnitName,
# postalAttributeSet,
# telecommunicationAttributeSet,
# title}
# ::= {objectClass 7}
#
#
# organizationalRole OBJECT-CLASS
# SUBCLASS OF top
# MUST CONTAIN {
# commonName}
# MAY CONTAIN {
# description,
# localeAttributeSet,
# organizationalUnitName,
# postalAttributeSet,
# preferredDeliveryMethod,
# roleOccupant,
# seeAlso,
# telecommunicationAttributeSet}
# ::= {objectClass 8}
#
#
# groupOfNames OBJECT-CLASS
# SUBCLASS OF top
# MUST CONTAIN {
# commonName,
# member}
# MAY CONTAIN {
# description,
# organizationName,
# organizationalUnitName,
# owner,
# seeAlso,
# businessCategory}
# ::= {objectClass 9}
#
#
# residentialPerson OBJECT-CLASS
# SUBCLASS OF person
# MUST CONTAIN {
# localityName}
# MAY CONTAIN {
# localeAttributeSet,
# postalAttributeSet,
# preferredDeliveryMethod,
# telecommunicationAttributeSet,
# businessCategory}
# ::= {objectClass 10}
#
#
# applicationProcess OBJECT-CLASS
# SUBCLASS OF top
# MUST CONTAIN {
# commonName}
# MAY CONTAIN {
# description,
# localityName,
# organizationalUnitName,
# seeAlso}
# ::= {objectClass 11}
#
#
# applicationEntity OBJECT-CLASS
# SUBCLASS OF top
# MUST CONTAIN {
# commonName,
# presentationAddress}
# MAY CONTAIN {
# description,
# localityName,
# organizationName,
# organizationalUnitName,
# seeAlso,
# supportedApplicationContext}
# ::= {objectClass 12}
#
#
# dSA OBJECT-CLASS
# SUBCLASS OF applicationEntity
# MAY CONTAIN {
# knowledgeInformation}
# ::= {objectClass 13}
#
#
# device OBJECT-CLASS
# SUBCLASS OF top
# MUST CONTAIN {
# commonName}
# MAY CONTAIN {
# description,
# localityName,
# organizationName,
# organizationalUnitName,
# owner,
# seeAlso,
# serialNumber}
# ::= {objectClass 14}
#
#
# strongAuthenticationUser OBJECT-CLASS
# SUBCLASS OF top
# MUST CONTAIN {
# userCertificate}
# ::= {objectClass 15}
#
#
# certificationAuthority OBJECT-CLASS
# SUBCLASS OF top
# MUST CONTAIN {
# cACertificate,
# certificateRevocationList,
# authorityRevocationList}
# MAY CONTAIN {
# crossCertificatePair}
# ::= {objectClass 16}
#
# -- Standard MHS Object Classes
#
# mhsDistributionList OBJECT-CLASS
# SUBCLASS OF top
# MUST CONTAIN {
# commonName,
# mhsDLSubmitPermissions,
# mhsORAddresses}
# MAY CONTAIN {
# description,
# organizationName,
# organizationalUnitName,
# owner,
# seeAlso,
# mhsDeliverableContentTypes,
# mhsdeliverableEits,
# mhsDLMembers,
# mhsPreferredDeliveryMethods}
# ::= {mhsObjectClass 0}
#
#
# mhsMessageStore OBJECT-CLASS
# SUBCLASS OF applicationEntity
# MAY CONTAIN {
# description,
# owner,
# mhsSupportedOptionalAttributes,
# mhsSupportedAutomaticActions,
# mhsSupportedContentTypes}
# ::= {mhsObjectClass 1}
#
#
# mhsMessageTransferAgent OBJECT-CLASS
# SUBCLASS OF applicationEntity
# MAY CONTAIN {
# description,
# owner,
# mhsDeliverableContentLength}
# ::= {mhsObjectClass 2}
#
#
# mhsOrganizationalUser OBJECT-CLASS
# SUBCLASS OF organizationalPerson
# MUST CONTAIN {
# mhsORAddresses}
# MAY CONTAIN {
# mhsDeliverableContentLength,
# mhsDeliverableContentTypes,
# mhsDeliverableEits,
# mhsMessageStoreName,
# mhsPreferredDeliveryMethods }
# ::= {mhsObjectClass 3}
#
#
# mhsResidentialUser OBJECT-CLASS
# SUBCLASS OF residentialPerson
# MUST CONTAIN {
# mhsORAddresses}
# MAY CONTAIN {
# mhsDeliverableContentLength,
# mhsDeliverableContentTypes,
# mhsDeliverableEits,
# mhsMessageStoreName,
# mhsPreferredDeliveryMethods }
# ::= {mhsObjectClass 4}
#
#
# mhsUserAgent OBJECT-CLASS
# SUBCLASS OF applicationEntity
# MAY CONTAIN {
# mhsDeliverableContentLength,
# mhsDeliverableContentTypes,
# mhsDeliverableEits,
# mhsORAddresses,
# owner}
# ::= {mhsObjectClass 5}
#
#
#
#
# -- Pilot Object Classes
#
# pilotObject OBJECT-CLASS
# SUBCLASS OF top
# MAY CONTAIN {
# info,
# photo,
# manager,
# uniqueIdentifier,
# lastModifiedTime,
# lastModifiedBy,
# dITRedirect,
# audio}
# ::= {pilotObjectClass 3}
# pilotPerson OBJECT-CLASS
# SUBCLASS OF person
# MAY CONTAIN {
# userid,
# textEncodedORAddress,
# rfc822Mailbox,
# favouriteDrink,
# roomNumber,
# userClass,
# homeTelephoneNumber,
# homePostalAddress,
# secretary,
# personalTitle,
# preferredDeliveryMethod,
# businessCategory,
# janetMailbox,
# otherMailbox,
# mobileTelephoneNumber,
# pagerTelephoneNumber,
# organizationalStatus,
# mailPreferenceOption,
# personalSignature}
# ::= {pilotObjectClass 4}
#
#
# account OBJECT-CLASS
# SUBCLASS OF top
# MUST CONTAIN {
# userid}
# MAY CONTAIN {
# description,
# seeAlso,
# localityName,
# organizationName,
# organizationalUnitName,
# host}
# ::= {pilotObjectClass 5}
#
#
# document OBJECT-CLASS
# SUBCLASS OF top
# MUST CONTAIN {
# documentIdentifier}
# MAY CONTAIN {
# commonName,
# description,
# seeAlso,
# localityName,
# organizationName,
# organizationalUnitName,
# documentTitle,
# documentVersion,
# documentAuthor,
# documentLocation,
# documentPublisher}
# ::= {pilotObjectClass 6}
#
#
# room OBJECT-CLASS
# SUBCLASS OF top
# MUST CONTAIN {
# commonName}
# MAY CONTAIN {
# roomNumber,
# description,
# seeAlso,
# telephoneNumber}
# ::= {pilotObjectClass 7}
#
#
# documentSeries OBJECT-CLASS
# SUBCLASS OF top
# MUST CONTAIN {
# commonName}
# MAY CONTAIN {
# description,
# seeAlso,
# telephoneNumber,
# localityName,
# organizationName,
# organizationalUnitName}
# ::= {pilotObjectClass 9}
#
#
# domain OBJECT-CLASS
# SUBCLASS OF top
# MUST CONTAIN {
# domainComponent}
# MAY CONTAIN {
# associatedName,
# organizationName,
# organizationalAttributeSet}
# ::= {pilotObjectClass 13}
#
#
# rFC822localPart OBJECT-CLASS
# SUBCLASS OF domain
# MAY CONTAIN {
# commonName,
# surname,
# description,
# seeAlso,
# telephoneNumber,
# postalAttributeSet,
# telecommunicationAttributeSet}
# ::= {pilotObjectClass 14}
#
#
# dNSDomain OBJECT-CLASS
# SUBCLASS OF domain
# MAY CONTAIN {
# ARecord,
# MDRecord,
# MXRecord,
# NSRecord,
# SOARecord,
# CNAMERecord}
# ::= {pilotObjectClass 15}
#
#
# domainRelatedObject OBJECT-CLASS
# SUBCLASS OF top
# MUST CONTAIN {
# associatedDomain}
# ::= {pilotObjectClass 17}
#
#
# friendlyCountry OBJECT-CLASS
# SUBCLASS OF country
# MUST CONTAIN {
# friendlyCountryName}
# ::= {pilotObjectClass 18}
#
#
# simpleSecurityObject OBJECT-CLASS
# SUBCLASS OF top
# MUST CONTAIN {
# userPassword }
# ::= {pilotObjectClass 19}
#
#
# pilotOrganization OBJECT-CLASS
# SUBCLASS OF organization, organizationalUnit
# MAY CONTAIN {
# buildingName}
# ::= {pilotObjectClass 20}
#
#
# pilotDSA OBJECT-CLASS
# SUBCLASS OF dsa
# MUST CONTAIN {
# dSAQuality}
# ::= {pilotObjectClass 21}
#
#
# qualityLabelledData OBJECT-CLASS
# SUBCLASS OF top
# MUST CONTAIN {
# dSAQuality}
# MAY CONTAIN {
# subtreeMinimumQuality,
# subtreeMaximumQuality}
# ::= {pilotObjectClass 22}
#
#
#
#
# -- Standard Attribute Types
#
# objectClass ObjectClass
# ::= {attributeType 0}
#
#
# aliasedObjectName AliasedObjectName
# ::= {attributeType 1}
#
#
# knowledgeInformation ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX caseIgnoreString
# ::= {attributeType 2}
#
#
# commonName ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax
# (SIZE (1..ub-common-name))
# ::= {attributeType 3}
#
#
# surname ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax
# (SIZE (1..ub-surname))
# ::= {attributeType 4}
#
#
# serialNumber ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX printableStringSyntax
# (SIZE (1..ub-serial-number))
# ::= {attributeType 5}
#
#
# countryName ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX PrintableString
# (SIZE (1..ub-country-code))
# SINGLE VALUE
# ::= {attributeType 6}
#
#
# localityName ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax
# (SIZE (1..ub-locality-name))
# ::= {attributeType 7}
#
#
# stateOrProvinceName ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax
# (SIZE (1..ub-state-name))
# ::= {attributeType 8}
#
#
# streetAddress ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax
# (SIZE (1..ub-street-address))
# ::= {attributeType 9}
#
#
# organizationName ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax
# (SIZE (1..ub-organization-name))
# ::= {attributeType 10}
#
#
# organizationalUnitName ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax
# (SIZE (1..ub-organizational-unit-name))
# ::= {attributeType 11}
#
#
# title ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax
# (SIZE (1..ub-title))
# ::= {attributeType 12}
#
#
# description ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax
# (SIZE (1..ub-description))
# ::= {attributeType 13}
#
#
# searchGuide ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX Guide
# ::= {attributeType 14}
#
#
# businessCategory ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax
# (SIZE (1..ub-business-category))
# ::= {attributeType 15}
#
#
# postalAddress ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX PostalAddress
# MATCHES FOR EQUALITY
# ::= {attributeType 16}
#
#
# postalCode ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax
# (SIZE (1..ub-postal-code))
# ::= {attributeType 17}
#
#
# postOfficeBox ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax
# (SIZE (1..ub-post-office-box))
# ::= {attributeType 18}
#
#
# physicalDeliveryOfficeName ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax
# (SIZE (1..ub-physical-office-name))
# ::= {attributeType 19}
#
#
# telephoneNumber ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX telephoneNumberSyntax
# (SIZE (1..ub-telephone-number))
# ::= {attributeType 20}
#
#
# telexNumber ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX TelexNumber
# (SIZE (1..ub-telex))
# ::= {attributeType 21}
#
#
# teletexTerminalIdentifier ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX TeletexTerminalIdentifier
# (SIZE (1..ub-teletex-terminal-id))
# ::= {attributeType 22}
#
#
# facsimileTelephoneNumber ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX FacsimileTelephoneNumber
# ::= {attributeType 23}
#
#
# x121Address ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX NumericString
# (SIZE (1..ub-x121-address))
# ::= {attributeType 24}
#
#
# internationaliSDNNumber ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX NumericString
# (SIZE (1..ub-isdn-address))
# ::= {attributeType 25}
#
#
# registeredAddress ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX PostalAddress
# ::= {attributeType 26}
#
#
# destinationIndicator ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX PrintableString
# (SIZE (1..ub-destination-indicator))
# MATCHES FOR EQUALITY SUBSTRINGS
# ::= {attributeType 27}
#
#
# preferredDeliveryMethod ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX deliveryMethod
# ::= {attributeType 28}
#
#
# presentationAddress ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX PresentationAddress
# MATCHES FOR EQUALITY
# ::= {attributeType 29}
#
#
# supportedApplicationContext ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX objectIdentifierSyntax
# ::= {attributeType 30}
#
#
# member ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX distinguishedNameSyntax
# ::= {attributeType 31}
#
#
# owner ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX distinguishedNameSyntax
# ::= {attributeType 32}
#
#
# roleOccupant ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX distinguishedNameSyntax
# ::= {attributeType 33}
#
#
# seeAlso ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX distinguishedNameSyntax
# ::= {attributeType 34}
#
#
# userPassword ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX Userpassword
# ::= {attributeType 35}
#
#
# userCertificate ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX UserCertificate
# ::= {attributeType 36}
#
#
# cACertificate ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX cACertificate
# ::= {attributeType 37}
#
#
# authorityRevocationList ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX AuthorityRevocationList
# ::= {attributeType 38}
#
#
# certificateRevocationList ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX CertificateRevocationList
# ::= {attributeType 39}
#
#
# crossCertificatePair ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX CrossCertificatePair
# ::= {attributeType 40}
#
#
#
#
# -- Standard MHS Attribute Types
#
# mhsDeliverableContentLength ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX integer
# ::= {mhsAttributeType 0}
#
#
# mhsDeliverableContentTypes ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX oID
# ::= {mhsAttributeType 1}
#
#
# mhsDeliverableEits ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX oID
# ::= {mhsAttributeType 2}
#
#
# mhsDLMembers ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX oRName
# ::= {mhsAttributeType 3}
#
#
# mhsDLSubmitPermissions ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX dLSubmitPermission
# ::= {mhsAttributeType 4}
#
#
# mhsMessageStoreName ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX dN
# ::= {mhsAttributeType 5}
#
#
# mhsORAddresses ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX oRAddress
# ::= {mhsAttributeType 6}
#
#
# mhsPreferredDeliveryMethods ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX deliveryMethod
# ::= {mhsAttributeType 7}
#
#
# mhsSupportedAutomaticActions ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX oID
# ::= {mhsAttributeType 8}
#
#
# mhsSupportedContentTypes ATTRIBUTE
#
# WITH ATTRIBUTE-SYNTAX oID
# ::= {mhsAttributeType 9}
#
#
# mhsSupportedOptionalAttributes ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX oID
# ::= {mhsAttributeType 10}
#
#
#
#
# -- Pilot Attribute Types
#
# userid ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# (SIZE (1 .. ub-user-identifier))
# ::= {pilotAttributeType 1}
#
#
# textEncodedORAddress ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# (SIZE (1 .. ub-text-encoded-or-address))
# ::= {pilotAttributeType 2}
#
#
# rfc822Mailbox ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreIA5StringSyntax
# (SIZE (1 .. ub-rfc822-mailbox))
# ::= {pilotAttributeType 3}
#
#
# info ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# (SIZE (1 .. ub-information))
# ::= {pilotAttributeType 4}
#
#
# favouriteDrink ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# (SIZE (1 .. ub-favourite-drink))
# ::= {pilotAttributeType 5}
#
#
# roomNumber ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# (SIZE (1 .. ub-room-number))
# ::= {pilotAttributeType 6}
#
#
# photo ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# CHOICE {
# g3-facsimile [3] G3FacsimileBodyPart
# }
# (SIZE (1 .. ub-photo))
# ::= {pilotAttributeType 7}
#
#
# userClass ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# (SIZE (1 .. ub-user-class))
# ::= {pilotAttributeType 8}
#
#
# host ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# (SIZE (1 .. ub-host))
# ::= {pilotAttributeType 9}
#
#
# manager ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# distinguishedNameSyntax
# ::= {pilotAttributeType 10}
#
#
# documentIdentifier ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# (SIZE (1 .. ub-document-identifier))
# ::= {pilotAttributeType 11}
#
#
# documentTitle ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# (SIZE (1 .. ub-document-title))
# ::= {pilotAttributeType 12}
#
#
# documentVersion ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# (SIZE (1 .. ub-document-version))
# ::= {pilotAttributeType 13}
#
#
# documentAuthor ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# distinguishedNameSyntax
# ::= {pilotAttributeType 14}
#
#
# documentLocation ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# (SIZE (1 .. ub-document-location))
# ::= {pilotAttributeType 15}
#
#
# homeTelephoneNumber ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# telephoneNumberSyntax
# ::= {pilotAttributeType 20}
#
#
# secretary ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# distinguishedNameSyntax
# ::= {pilotAttributeType 21}
#
#
# otherMailbox ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# SEQUENCE {
# mailboxType PrintableString, -- e.g. Telemail
# mailbox IA5String -- e.g. X378:Joe
# }
# ::= {pilotAttributeType 22}
#
#
# lastModifiedTime ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# uTCTimeSyntax
# ::= {pilotAttributeType 23}
#
#
# lastModifiedBy ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# distinguishedNameSyntax
# ::= {pilotAttributeType 24}
#
#
# domainComponent ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreIA5StringSyntax
# SINGLE VALUE
# ::= {pilotAttributeType 25}
#
#
# aRecord ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# DNSRecordSyntax
# ::= {pilotAttributeType 26}
#
#
# mXRecord ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# DNSRecordSyntax
# ::= {pilotAttributeType 28}
#
#
# nSRecord ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# DNSRecordSyntax
# ::= {pilotAttributeType 29}
#
# sOARecord ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# DNSRecordSyntax
# ::= {pilotAttributeType 30}
#
#
# cNAMERecord ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# iA5StringSyntax
# ::= {pilotAttributeType 31}
#
#
# associatedDomain ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreIA5StringSyntax
# ::= {pilotAttributeType 37}
#
#
# associatedName ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# distinguishedNameSyntax
# ::= {pilotAttributeType 38}
#
#
# homePostalAddress ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# postalAddress
# MATCHES FOR EQUALITY
# ::= {pilotAttributeType 39}
#
#
# personalTitle ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# (SIZE (1 .. ub-personal-title))
# ::= {pilotAttributeType 40}
#
#
# mobileTelephoneNumber ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# telephoneNumberSyntax
# ::= {pilotAttributeType 41}
#
#
# pagerTelephoneNumber ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# telephoneNumberSyntax
# ::= {pilotAttributeType 42}
#
#
# friendlyCountryName ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# ::= {pilotAttributeType 43}
#
#
# uniqueIdentifier ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# (SIZE (1 .. ub-unique-identifier))
# ::= {pilotAttributeType 44}
#
#
# organizationalStatus ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# (SIZE (1 .. ub-organizational-status))
# ::= {pilotAttributeType 45}
#
#
# janetMailbox ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreIA5StringSyntax
# (SIZE (1 .. ub-janet-mailbox))
# ::= {pilotAttributeType 46}
#
#
# mailPreferenceOption ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX ENUMERATED {
# no-list-inclusion(0),
# any-list-inclusion(1), -- may be added to any lists
# professional-list-inclusion(2)
# -- may be added to lists
# -- which the list provider
# -- views as related to the
# -- users professional inter-
# -- ests, perhaps evaluated
# -- from the business of the
# -- organisation or keywords
# -- in the entry.
# }
# ::= {pilotAttributeType 47}
#
#
# buildingName ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# caseIgnoreStringSyntax
# (SIZE (1 .. ub-building-name))
# ::= {pilotAttributeType 48}
#
#
# dSAQuality ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX DSAQualitySyntax
# SINGLE VALUE
# ::= {pilotAttributeType 49}
#
#
# singleLevelQuality ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX DataQualitySyntax
# SINGLE VALUE
#
#
# subtreeMinimumQuality ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX DataQualitySyntax
# SINGLE VALUE
# -- Defaults to singleLevelQuality
# ::= {pilotAttributeType 51}
#
#
# subtreeMaximumQuality ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX DataQualitySyntax
# SINGLE VALUE
# -- Defaults to singleLevelQuality
# ::= {pilotAttributeType 52}
#
#
# personalSignature ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# CHOICE {
# g3-facsimile [3] G3FacsimileBodyPart
# }
# (SIZE (1 .. ub-personal-signature))
# ::= {pilotAttributeType 53}
#
#
# dITRedirect ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# distinguishedNameSyntax
# ::= {pilotAttributeType 54}
#
#
# audio ATTRIBUTE
# WITH ATTRIBUTE-SYNTAX
# Audio
# (SIZE (1 .. ub-audio))
# ::= {pilotAttributeType 55}
#
# documentPublisher ATTRIBUTE
# WITH ATTRIBUTE SYNTAX caseIgnoreStringSyntax
# ::= {pilotAttributeType 56}
#
#
#
# -- Generally useful syntaxes
#
#
# caseIgnoreIA5StringSyntax ATTRIBUTE-SYNTAX
# IA5String
# MATCHES FOR EQUALITY SUBSTRINGS
#
#
# iA5StringSyntax ATTRIBUTE-SYNTAX
# IA5String
# MATCHES FOR EQUALITY SUBSTRINGS
#
#
# -- Syntaxes to support the DNS attributes
#
# DNSRecordSyntax ATTRIBUTE-SYNTAX
# IA5String
# MATCHES FOR EQUALITY
#
#
# NRSInformationSyntax ATTRIBUTE-SYNTAX
# NRSInformation
# MATCHES FOR EQUALITY
#
#
# NRSInformation ::= SET {
# [0] Context,
# [1] Address-space-id,
# routes [2] SEQUENCE OF SEQUENCE {
# Route-cost,
# Addressing-info }
# }
#
#
# -- Upper bounds on length of attribute values
#
#
# ub-document-identifier INTEGER ::= 256
#
# ub-document-location INTEGER ::= 256
#
# ub-document-title INTEGER ::= 256
#
# ub-document-version INTEGER ::= 256
#
# ub-favourite-drink INTEGER ::= 256
#
# ub-host INTEGER ::= 256
#
# ub-information INTEGER ::= 2048
#
# ub-unique-identifier INTEGER ::= 256
#
# ub-personal-title INTEGER ::= 256
#
# ub-photo INTEGER ::= 250000
#
# ub-rfc822-mailbox INTEGER ::= 256
#
# ub-room-number INTEGER ::= 256
#
# ub-text-or-address INTEGER ::= 256
#
# ub-user-class INTEGER ::= 256
#
# ub-user-identifier INTEGER ::= 256
#
# ub-organizational-status INTEGER ::= 256
#
# ub-janet-mailbox INTEGER ::= 256
#
# ub-building-name INTEGER ::= 256
#
# ub-personal-signature ::= 50000
#
# ub-audio INTEGER ::= 250000
#
# [remainder of memo trimmed]
# $OpenLDAP: pkg/ldap/servers/slapd/schema/inetorgperson.schema,v 1.4.2.6 2001/10/09 17:15:08 kurt Exp $
#
# InetOrgPerson (RFC2798)
#
# Depends upon
# Definition of an X.500 Attribute Type and an Object Class to Hold
# Uniform Resource Identifiers (URIs) [RFC2079]
# (core.schema)
#
# A Summary of the X.500(96) User Schema for use with LDAPv3 [RFC2256]
# (core.schema)
#
# The COSINE and Internet X.500 Schema [RFC1274] (cosine.schema)
# carLicense
# This multivalued field is used to record the values of the license or
# registration plate associated with an individual.
attributetype ( 2.16.840.1.113730.3.1.1
NAME 'carLicense'
DESC 'RFC2798: vehicle license or registration plate'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
# departmentNumber
# Code for department to which a person belongs. This can also be
# strictly numeric (e.g., 1234) or alphanumeric (e.g., ABC/123).
attributetype ( 2.16.840.1.113730.3.1.2
NAME 'departmentNumber'
DESC 'RFC2798: identifies a department within an organization'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
# displayName
# When displaying an entry, especially within a one-line summary list, it
# is useful to be able to identify a name to be used. Since other attri-
# bute types such as 'cn' are multivalued, an additional attribute type is
# needed. Display name is defined for this purpose.
attributetype ( 2.16.840.1.113730.3.1.241
NAME 'displayName'
DESC 'RFC2798: preferred name to be used when displaying entries'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
# employeeNumber
# Numeric or alphanumeric identifier assigned to a person, typically based
# on order of hire or association with an organization. Single valued.
attributetype ( 2.16.840.1.113730.3.1.3
NAME 'employeeNumber'
DESC 'RFC2798: numerically identifies an employee within an organization'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
# employeeType
# Used to identify the employer to employee relationship. Typical values
# used will be "Contractor", "Employee", "Intern", "Temp", "External", and
# "Unknown" but any value may be used.
attributetype ( 2.16.840.1.113730.3.1.4
NAME 'employeeType'
DESC 'RFC2798: type of employment for a person'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
# jpegPhoto
# Used to store one or more images of a person using the JPEG File
# Interchange Format [JFIF].
# Note that the jpegPhoto attribute type was defined for use in the
# Internet X.500 pilots but no referencable definition for it could be
# located.
attributetype ( 0.9.2342.19200300.100.1.60
NAME 'jpegPhoto'
DESC 'a JPEG image'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 )
# preferredLanguage
# Used to indicate an individual's preferred written or spoken
# language. This is useful for international correspondence or human-
# computer interaction. Values for this attribute type MUST conform to
# the definition of the Accept-Language header field defined in
# [RFC2068] with one exception: the sequence "Accept-Language" ":"
# should be omitted. This is a single valued attribute type.
attributetype ( 2.16.840.1.113730.3.1.39
NAME 'preferredLanguage'
DESC 'RFC2798: preferred written or spoken language for a person'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
# userSMIMECertificate
# A PKCS#7 [RFC2315] SignedData, where the content that is signed is
# ignored by consumers of userSMIMECertificate values. It is
# recommended that values have a `contentType' of data with an absent
# `content' field. Values of this attribute contain a person's entire
# certificate chain and an smimeCapabilities field [RFC2633] that at a
# minimum describes their SMIME algorithm capabilities. Values for
# this attribute are to be stored and requested in binary form, as
# 'userSMIMECertificate;binary'. If available, this attribute is
# preferred over the userCertificate attribute for S/MIME applications.
## OpenLDAP note: ";binary" transfer should NOT be used as syntax is binary
attributetype ( 2.16.840.1.113730.3.1.40
NAME 'userSMIMECertificate'
DESC 'RFC2798: PKCS#7 SignedData used to support S/MIME'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )
# userPKCS12
# PKCS #12 [PKCS12] provides a format for exchange of personal identity
# information. When such information is stored in a directory service,
# the userPKCS12 attribute should be used. This attribute is to be stored
# and requested in binary form, as 'userPKCS12;binary'. The attribute
# values are PFX PDUs stored as binary data.
## OpenLDAP note: ";binary" transfer should NOT be used as syntax is binary
attributetype ( 2.16.840.1.113730.3.1.216
NAME 'userPKCS12'
DESC 'RFC2798: PKCS #12 PFX PDU for exchange of
personal identity information'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )
# inetOrgPerson
# The inetOrgPerson represents people who are associated with an
# organization in some way. It is a structural class and is derived
# from the organizationalPerson which is defined in X.521 [X521].
objectclass ( 2.16.840.1.113730.3.2.2
NAME 'inetOrgPerson'
DESC 'RFC2798: Internet Organizational Person'
SUP organizationalPerson
STRUCTURAL
MAY (
audio $ businessCategory $ carLicense $ departmentNumber $
displayName $ employeeNumber $ employeeType $ givenName $
homePhone $ homePostalAddress $ initials $ jpegPhoto $
labeledURI $ mail $ manager $ mobile $ o $ pager $
photo $ roomNumber $ secretary $ uid $ userCertificate $
x500uniqueIdentifier $ preferredLanguage $
userSMIMECertificate $ userPKCS12 )
)
# $OpenLDAP: pkg/ldap/servers/slapd/schema/misc.schema,v 1.2.8.11 2002/01/08 20:19:06 kurt Exp $
#
# Assorted definitions from several sources, including
# ''works in progress''. Contents of this file are
# subject to change (including deletion) without notice.
#
# Not recommended for production use!
# Use with extreme caution!
#
# draft-lachman-laser-ldap-mail-routing-02.txt !!!EXPIRED!!!
#
attributetype ( 2.16.840.1.113730.3.1.13
NAME 'mailLocalAddress'
DESC 'RFC822 email address of this recipient'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
attributetype ( 2.16.840.1.113730.3.1.18
NAME 'mailHost'
DESC 'FQDN of the SMTP/MTA of this recipient'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
SINGLE-VALUE )
attributetype ( 2.16.840.1.113730.3.1.47
NAME 'mailRoutingAddress'
DESC 'RFC822 routing address of this recipient'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
SINGLE-VALUE )
# OID needs to be determined
#objectclass ( 2.16.840.1.113730.3.2.TBD
# NAME 'inetLocalMailRecipient'
# DESC 'Internet local mail recipient'
# SUP top AUXILIARY
# MAY ( mailLocalAddress $ mailHost $ mailRoutingAddress ) )
# I-D leaves this OID TBD.
# iPlanet uses 2.16.840.1.113.730.3.2.147 but that appears to be
# an improperly delegated OID. A typo is suspected.
objectclass ( 2.16.840.1.113730.3.2.147
NAME 'inetLocalMailRecipient'
DESC 'Internet local mail recipient'
SUP top AUXILIARY
MAY ( mailLocalAddress $ mailHost $ mailRoutingAddress ) )
#
# draft-srivastava-ldap-mail-00.txt !!!EXPIRED!!!
#
attributetype ( 1.3.6.1.4.1.42.2.27.2.1.15
NAME 'rfc822MailMember'
DESC 'rfc822 mail address of group member(s)'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
#
# !!!no I-D!!!
#
objectclass ( 1.3.6.1.4.1.42.2.27.1.2.5
NAME 'nisMailAlias'
DESC 'NIS mail alias'
SUP top STRUCTURAL
MUST cn
MAY rfc822MailMember )
# # eduPerson Objectclass version 1.0 (2001-01-22) # # See http://www.educause.edu/eduperson for background and usage # # eduPerson is an effort of Internet2 and EDUCAUSE # # # # 1.3.6.1.4.1.5923 is the toplevel OID for this work # .1 = MACE related work # .1.1 = eduperson # .1.1.1 = attributes # .1.1.2 = objectclass # .1.1.3 = syntax # # CHANGELOG # # Jul 20, 2000 (gettes@georgetown.edu) Original version # Aug 17, 2000 (gettes@georgetown.edu) Added EPPNEphemeral # also cleanup and initial documentation # Jan 22, 2001 (gettes@georgetown.edu) Removed EPPNEphemeral # EPPNephemeral not part of 1.0 # moved all OIDs below 5923.1 # Mar 07, 2002 (Frank.Swasey@uvm.edu) Modifed from ldif input # file to a schema definition file for use with # openLDAP # May 10, 2002 (Frank.Swasey@uvm.edu) Updated to version 1.5 # per the rpr-nmi-edit-mace_dir-eduPerson-1.5.pdf file # dated May/2002 # # # USAGE: # # Store this file in your schema definition directory (the default # location on RedHat Linux is /etc/openldap/schema ) and use the # include directive in slapd.conf to include it. # # This file contains lines with trailing spaces so that continuation # of lines work properly. Please make sure this is respected or you # may have difficulty in applying the LDIF. # # eduPersonAffiliation # # Specifies the person's relationship(s) to the institution in broad # categories such as student, faculty, staff, alum, etc (See # controlled vocabulary) # # Permissible values (if controlled) # faculty, student, staff, alum, member, affiliate, employee # attributetype ( 1.3.6.1.4.1.5923.1.1.1.1 NAME 'eduPersonAffiliation' DESC 'eduPerson per Internet2 and EDUCAUSE' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) # eduPersonEntitlement # # URI (either URN or URL) that indicates a set of rights to specific resources # attributetype ( 1.3.6.1.4.1.5923.1.1.1.7 NAME 'eduPersonEntitlement' DESC 'eduPerson per Internet2 and EDUCAUSE' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) # eduPersonNickname # # Person's nickname, or the informal name by which they are accustomed # to be hailed # attributetype ( 1.3.6.1.4.1.5923.1.1.1.2 NAME 'eduPersonNickname' DESC 'eduPerson per Internet2 and EDUCAUSE' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) # eduPersonOrgDN # # The distinguised name (DN) of the directory entry representing # the institution with which the person is associated # attributetype ( 1.3.6.1.4.1.5923.1.1.1.3 NAME 'eduPersonOrgDN' DESC 'eduPerson per Internet2 and EDUCAUSE' EQUALITY distinguishedNameMatch SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE ) # eduPersonOrgUnitDN # # The distinguished name (DN) of the directory entries representing the # person's Organizational Unit(s) # attributetype ( 1.3.6.1.4.1.5923.1.1.1.4 NAME 'eduPersonOrgUnitDN' DESC 'eduPerson per Internet2 and EDUCAUSE' EQUALITY distinguishedNameMatch SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' ) # eduPersonPrimaryAffiliation # # Specifies the person's PRIMARY relationship to the institution in broad # categories such as student, faculty, staff, alum, etc (See controlled # vocabulary) # # Permissible values (if controlled): faculty, student, staff, alum, # member, affiliate, employee # attributetype ( 1.3.6.1.4.1.5923.1.1.1.5 NAME 'eduPersonPrimaryAffiliation' DESC 'eduPerson per Internet2 and EDUCAUSE' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) # eduPersonPrimaryOrgUnitDN # # The distinguished name (DN) of the directory entries representing the # person's primary Organizational Unit. # attributetype ( 1.3.6.1.4.1.5923.1.1.1.8 NAME 'eduPersonPrimaryOrgUnitDN' DESC 'eduPerson per Internet2 and EDUCAUSE' EQUALITY distinguishedNameMatch SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE ) # eduPersonPrincipalName # # The "NetID" of the person for the purposes of inter-institutional # authentication. Should be stored in the form of user@univ.edu, where # univ.edu is the name of the local security domain. # attributetype ( 1.3.6.1.4.1.5923.1.1.1.6 NAME 'eduPersonPrincipalName' DESC 'eduPerson per Internet2 and EDUCAUSE' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) # eduPerson # # The eduPerson represents people who are associated with an educational # institution in some way. It is a structural class and is derived # from the inetOrgPerson structural class. # objectclass ( 1.3.6.1.4.1.5923.1.1.2 NAME 'eduPerson' AUXILIARY MAY ( eduPersonAffiliation $ eduPersonNickname $ eduPersonOrgDN $ eduPersonOrgUnitDN $ eduPersonPrimaryAffiliation $ eduPersonPrincipalName $ eduPersonEntitlement $ eduPersonPrimaryOrgUnitDN ) )
#
# UVM schema version 1.8 (2003-07-18)
#
# See http://www.uvm.edu/cit/projects/ldap for background and usage
#
# UVM schema are based on the eduPerson work of EDUCAUSE
#
#
#
# 1.3.6.1.4.1.12779 is the toplevel OID for this work
# .1 = LDAP related work
# .1.1 = uvmeduperson
# .1.1.1 = attributes
# .1.1.2 = objectclasses
# .1.1.3 = syntax
# .1.2 = uvmHumanResources
# .1.2.1 = attributes
# .1.2.2 = objectclasses
# .1.2.3 = syntax specs
# .1.3 = uvmStudentInformation
# .1.3.1 = attributes
# .1.3.2 = objectclasses
# .1.3.3 = syntax specs
# .1.4 = uvmAlias
# .1.4.1 = attributes
# .1.4.2 = objectclasses
# .1.4.3 = syntax
# .1.5 = uvmAccount
# .1.5.1 = attributes
# .1.5.2 = objectclasses
# .1.5.3 = syntax
# .1.6 = uvmGroup
# .1.6.1 = attributes
# .1.6.2 = objectclasses
# .1.6.3 = syntax
#
# CHANGELOG
#
# July 18, 2003 (Frank.Swasey@uvm.edu) change uvmEduAlias from
# SINGLE-VALUE to allow multiple values/aliases
# for each entry.
#
# July 16, 2003 (mga@uvm.edu) Add uvmGroup objectclass
# and attribute memberUid (stolen from nis.schema).
#
# July 16, 2003 (Frank.Swasey@uvm.edu) Add uvmAccount objectclass
# and attributes for uidNumber, gidNumber, homeDirectory,
# loginShell, gecos (stolen from nis.schema).
#
# Updated syntax to be allowed by OpenLDAP 2.1.
#
# October 31, 2002 (Frank.Swasey@uvm.edu) Add displayname as an
# optional attribute in the uvmAlias objectclass.
# Add uvmAltUID (copied from nis.schema's uidNumber)
# and rename the gidNumber and homeDirectory attributes
# to be uvmAltGID and uvmAltHomeDir respectively.
# These three attributes will be used to support the
# open Lab environments.
#
# October 7, 2002 (Frank.Swasey@uvm.edu) Add optional attributes
# for the uvmEduPerson objectClass to assist with
# the tracking and removal of "expired" accounts.
# The three specific attributes are: uvmExpID,
# uvmExpPIDM, and uvmExpDate.
# July 16, 2002 (Frank.Swasey@uvm.edu) Change IA5 entries to UTF-8
# data.
# June 27, 2002 (Frank.Swasey@uvm.edu) uvmHRPrivate is now allowed
# to be "Show All", "Show None", or "Work Only".
# Also created the uvmAlias objectClass.
# May 20, 2002 (Frank.Swasey@uvm.edu) uvmHRPrivate is no longer
# a boolean value, it is allowed to be "SHOW NAME ONLY",
# "YES", or "NO".
# May 16, 2002 (Frank.Swasey@uvm.edu) Original version
#
#
# USAGE:
#
# Store this file in your schema definition directory (the default
# location on RedHat Linux is /etc/openldap/schema ) and use the
# include directive in slapd.conf to include it.
#
#########################################################################
#
# Attributes of the uvmEduPerson objectClass
#
# uvmEduAlias
# Specifies the person's mail alias for First.Last@uvm.edu
# Must be an ascii (IA5String) string.
attributetype ( 1.3.6.1.4.1.12779.1.1.1.1 NAME 'uvmEduAlias'
DESC 'Mail Alias'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
)
# uvmEduPrivate
# Specifies whether to allow the general public to see this
# person's information or not. This is required to be a boolean value
# (ie True or False) and there can be only one.
attributetype ( 1.3.6.1.4.1.12779.1.1.1.2 NAME 'uvmEduPrivate'
DESC 'Privacy of this record'
EQUALITY booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE )
# uvmEduCurriculum
# University Curriculum. The string must be a UTF-8 valid
# string and there can be only one.
#attributetype ( 1.3.6.1.4.1.12779.1.1.1.3
# NAME 'uvmEduCurriculum'
# DESC 'University Curriculum'
# EQUALITY caseIgnoreMatch
# SUBSTR caseIgnoreSubstringsMatch
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
# SINGLE-VALUE )
# uvmEduOfficePhone
# The person's office phone number (in case it's different from HR's)
attributetype ( 1.3.6.1.4.1.12779.1.1.1.4
NAME 'uvmEduOfficePhone'
DESC 'Office Telephone Number'
EQUALITY telephoneNumberMatch
SUBSTR telephoneNumberSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.50
SINGLE-VALUE )
# uvmEduOfficeAddress
# The person's preferred paper mail address
attributetype ( 1.3.6.1.4.1.12779.1.1.1.5 NAME 'uvmEduOfficeAddress'
DESC 'Paper mail address of office'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
)
# uvmEduOfficeLocation
# The physical address of the office
attributetype ( 1.3.6.1.4.1.12779.1.1.1.6 NAME 'uvmEduOfficeLocation'
DESC 'Physical location of office'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
# uvmEduHours
# Hours this person is available
attributetype ( 1.3.6.1.4.1.12779.1.1.1.7 NAME 'uvmEduHours'
DESC 'Office hours'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE )
# uvmEduProject
# What is this person working on
attributetype ( 1.3.6.1.4.1.12779.1.1.1.8 NAME 'uvmEduProject'
DESC 'Current Project(s)'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
# uvmEduBroadcastFlag
# Flag to control automatic placement on mailinglists
attributetype ( 1.3.6.1.4.1.12779.1.1.1.10 NAME 'uvmEduBroadcastFlag'
DESC 'Control automatic addition to mailinglists'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44
SINGLE-VALUE )
# uvmEduFamily
# Family members of this person
attributetype ( 1.3.6.1.4.1.12779.1.1.1.11 NAME 'uvmEduFamily'
DESC 'names of family members'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
# uvmEduHighSchool
# What high school the person attended
attributetype ( 1.3.6.1.4.1.12779.1.1.1.12 NAME 'uvmEduHighSchool'
DESC 'what high school the person attended'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
# uvmEduColleges
# Other colleges the person has attended
attributetype ( 1.3.6.1.4.1.12779.1.1.1.13 NAME 'uvmEduColleges'
DESC 'other colleges attended'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
#
# Derived from RFC1274, but with new "short names"
#
attributetype ( 1.3.6.1.4.1.12779.1.1.1.14
NAME ( 'netid' 'uvmNetworkId' )
DESC 'UVM Network Unique Identifier'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{8}
SINGLE-VALUE )
# Stolen from nis.schema, but the equality match removed to prevent
# bad people from searching for it.
#
attributetype ( 1.3.6.1.4.1.12779.1.1.1.15 NAME 'uvmAltGID'
DESC 'An integer uniquely identifying a group in an administrative domain'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
# Stolen from nis.schema, but the equality match removed to prevent
# bad people from searching for it.
#
attributetype ( 1.3.6.1.4.1.12779.1.1.1.16 NAME 'uvmAltHomeDir'
DESC 'The absolute path to the home directory'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
# uvmExpID - This is the uvm Employee/Student ID number that is unique
# per individual.
attributetype ( 1.3.6.1.4.1.12779.1.1.1.17 NAME 'uvmExpID'
DESC 'The unique Employee/Student ID number of this expired entry'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
# uvmExpPIDM - This is the UVM Student system's database PIDM value
attributetype ( 1.3.6.1.4.1.12779.1.1.1.18 NAME 'uvmExpPIDM'
DESC 'The PIDM from the student system'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
# uvmExpDate - This is the date the entry was moved to the Expired branch
attributetype ( 1.3.6.1.4.1.12779.1.1.1.19 NAME 'uvmExpDate'
DESC 'The date this entry was marked for deletion'
EQUALITY generalizedTimeMatch
ORDERING generalizedTimeOrderingMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
SINGLE-VALUE )
# uvmAltUID : The uid number for the Open LAB Computers
# Stolen from nis.schema (uidNumber). Name changed to protect the
# guilty
attributetype ( 1.3.6.1.4.1.12779.1.1.1.20 NAME 'uvmAltUID'
DESC 'An integer uniquely identifying a user in an administrative domain'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
#########################################################################
#
# attributes of the uvmHumanResources objectclass
#
# uvmHRPrivate
# Privacy requested.
attributetype ( 1.3.6.1.4.1.12779.1.2.1.1 NAME 'uvmHRPrivate'
DESC 'Employee has requested privacy'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
# uvmHRName
# The Legal Name that HR has for this employee
attributetype ( 1.3.6.1.4.1.12779.1.2.1.2 NAME 'uvmHRName'
DESC 'Employee name'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
# uvmHROfficePhone
# Telephone number of the person
attributetype ( 1.3.6.1.4.1.12779.1.2.1.3 NAME 'uvmHROfficePhone'
DESC 'Office Telephone Number'
EQUALITY telephoneNumberMatch
SUBSTR telephoneNumberSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.50
SINGLE-VALUE )
# uvmHROfficeAddress
# paper mail address of employee office
attributetype ( 1.3.6.1.4.1.12779.1.2.1.4 NAME 'uvmHROfficeAddress'
DESC 'Paper mail address of office'
EQUALITY caseIgnoreListMatch
SUBSTR caseIgnoreListSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.41
)
# uvmHRDepartment
# Name of employee's primary department
attributetype ( 1.3.6.1.4.1.12779.1.2.1.5 NAME 'uvmHRDepartment'
DESC 'name of primary department'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
# uvmHRHomePhone
# The person's home phone
attributetype ( 1.3.6.1.4.1.12779.1.2.1.6 NAME 'uvmHRHomePhone'
DESC 'Home Telephone Number'
EQUALITY telephoneNumberMatch
SUBSTR telephoneNumberSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.50
SINGLE-VALUE )
# uvmHRHomeAddress
# paper mail address of employee Home
attributetype ( 1.3.6.1.4.1.12779.1.2.1.7 NAME 'uvmHRHomeAddress'
DESC 'Paper mail address of Home'
EQUALITY caseIgnoreListMatch
SUBSTR caseIgnoreListSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
# uvmHRID
# Employee ID
attributetype ( 1.3.6.1.4.1.12779.1.2.1.8 NAME 'uvmHRID'
DESC 'employee id'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
# uvmHRTerminationDate
# Date of cesation of employment
attributetype ( 1.3.6.1.4.1.12779.1.2.1.9 NAME 'uvmHRTerminationDate'
DESC 'date employee ceased to be employed'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE )
# uvmHRBirthday
# date of employee's birth
attributetype ( 1.3.6.1.4.1.12779.1.2.1.10 NAME 'uvmHRBirthday'
DESC 'date employee was born'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE )
# uvmHRJobCode
# Special code to determine the type of employee
attributetype ( 1.3.6.1.4.1.12779.1.2.1.11 NAME 'uvmHRJobCode'
DESC 'Employee Job Code'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE )
# uvmHRBarCode
# The UVM ID Card Bar Code assigned to this person
attributetype ( 1.3.6.1.4.1.12779.1.2.1.12 NAME 'uvmHRBarCode'
DESC 'employee UVM ID Card Bar Code'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
# uvmHRJobSubCode
# Special sub code to determine the type of employee
attributetype ( 1.3.6.1.4.1.12779.1.2.1.13 NAME 'uvmHRJobSubCode'
DESC 'Employee Job Sub Code'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE )
# uvmHRTitle
# Job Title
attributetype ( 1.3.6.1.4.1.12779.1.2.1.14 NAME 'uvmHRTitle'
DESC 'Postion Title'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
# uvmHRHireDate
# The current hire date of employee
attributetype ( 1.3.6.1.4.1.12779.1.2.1.15 NAME 'uvmHRHireDate'
DESC 'date employee was hired'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE )
# uvmHRBPIDM
# P ID M from SIS (Banner)
attributetype ( 1.3.6.1.4.1.12779.1.2.1.16 NAME 'uvmHRBPIDM'
DESC 'Unique ID number from Student Information System'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
# uvmHRLastPaidDate
# Date of the employee's last paycheck
attributetype ( 1.3.6.1.4.1.12779.1.2.1.17 NAME 'uvmHRLastPaidDate'
DESC 'date of the last paycheck employee received'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE )
# uvmHRFirstName
# The Legal Name that HR has for this employee
attributetype ( 1.3.6.1.4.1.12779.1.2.1.18 NAME 'uvmHRFirstName'
DESC 'Employee name'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
# uvmHRMiddleName
# The Legal Name that HR has for this employee
attributetype ( 1.3.6.1.4.1.12779.1.2.1.19 NAME 'uvmHRMiddleName'
DESC 'Employee name'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
# uvmHRLastName
# The Legal Name that HR has for this employee
attributetype ( 1.3.6.1.4.1.12779.1.2.1.20 NAME 'uvmHRLastName'
DESC 'Employee name'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
#########################################################################
#
# Student Information System attributes
#
# uvmSIPrivate
# Student has requested privacy
attributetype ( 1.3.6.1.4.1.12779.1.3.1.1 NAME 'uvmSIPrivate'
DESC 'Student has requested privacy'
EQUALITY booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE )
# uvmSIName
# The Name that SIS has for this student
attributetype ( 1.3.6.1.4.1.12779.1.3.1.2 NAME 'uvmSIName'
DESC 'Student name'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
# uvmSIID
# Student ID
attributetype ( 1.3.6.1.4.1.12779.1.3.1.3 NAME 'uvmSIID'
DESC 'Student ID'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
# uvmSILocalAddress
# Student's campus paper mail address
attributetype ( 1.3.6.1.4.1.12779.1.3.1.4 NAME 'uvmSILocalAddress'
DESC 'campus paper mail address'
EQUALITY caseIgnoreListMatch
SUBSTR caseIgnoreListSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.41
)
# uvmSIPermanentAddress
# Student's permanent (home) paper mail address
attributetype ( 1.3.6.1.4.1.12779.1.3.1.5 NAME 'uvmSIPermanentAddress'
DESC 'permanent (home) paper mail address'
EQUALITY caseIgnoreListMatch
SUBSTR caseIgnoreListSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
# uvmSIClass
# Student's class
attributetype ( 1.3.6.1.4.1.12779.1.3.1.6 NAME 'uvmSIClass'
DESC 'Which class student is in (first year, sophomore, ...)'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
# uvmSILastTermAttended
# The last term the student was enrolled
attributetype ( 1.3.6.1.4.1.12779.1.3.1.7 NAME 'uvmSILastTermAttended'
DESC 'The last term the student was enrolled for'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
# uvmSIBirthday
# Date the student was born
attributetype ( 1.3.6.1.4.1.12779.1.3.1.8 NAME 'uvmSIBirthday'
DESC 'date the student was born'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE )
# uvmSILocalPhone
# Student's campus telephone number
attributetype ( 1.3.6.1.4.1.12779.1.3.1.9 NAME 'uvmSILocalPhone'
DESC 'campus telephone number'
EQUALITY telephoneNumberMatch
SUBSTR telephoneNumberSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.50
SINGLE-VALUE )
# uvmSIPermanentPhone
# Student's permanent (home) telephone number
attributetype ( 1.3.6.1.4.1.12779.1.3.1.10 NAME 'uvmSIPermanentPhone'
DESC 'permanent (home) telephone number'
EQUALITY telephoneNumberMatch
SUBSTR telephoneNumberSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.50
SINGLE-VALUE )
# uvmSIStatus
# Not quite sure...
attributetype ( 1.3.6.1.4.1.12779.1.3.1.11 NAME 'uvmSIStatus'
DESC 'It must have meaning to someone'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
# uvmSIBarCode
# The student's UVM ID Card bar code
attributetype ( 1.3.6.1.4.1.12779.1.3.1.12 NAME 'uvmSIBarCode'
DESC 'UVM ID Card Bar Code for borrowing books'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
# uvmSIPIDM
# The student's unique identification number
attributetype ( 1.3.6.1.4.1.12779.1.3.1.13 NAME 'uvmSIPIDM'
DESC 'Unique Identification Number'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
# uvmSICollege
# Which college the student is enrolled in
attributetype ( 1.3.6.1.4.1.12779.1.3.1.14 NAME 'uvmSICollege'
DESC 'College the student is enrolled in'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
)
# uvmSIMajor
# The student's primary course of study
attributetype ( 1.3.6.1.4.1.12779.1.3.1.15 NAME 'uvmSIMajor'
DESC 'Primary course of study'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
)
# uvmSIFirstName
# The Name that SIS has for this student
attributetype ( 1.3.6.1.4.1.12779.1.3.1.16 NAME 'uvmSIFirstName'
DESC 'Student name'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
# uvmSIMiddleName
# The Name that SIS has for this student
attributetype ( 1.3.6.1.4.1.12779.1.3.1.17 NAME 'uvmSIMiddleName'
DESC 'Student name'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
# uvmSILastName
# The Name that SIS has for this student
attributetype ( 1.3.6.1.4.1.12779.1.3.1.18 NAME 'uvmSILastName'
DESC 'Student name'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
#########################################################################
#
# Attributes for uvmAccount
#
attributetype ( 1.3.6.1.4.1.12779.1.5.1.1 NAME 'uidNumber'
DESC 'An integer uniquely identifying a user in an administrative domain'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.12779.1.5.1.2 NAME 'gidNumber'
DESC 'An integer uniquely identifying a group in an administrative domain'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.12779.1.5.1.3 NAME 'gecos'
DESC 'The GECOS field; the common name'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.12779.1.5.1.4 NAME 'homeDirectory'
DESC 'The absolute path to the home directory'
EQUALITY caseExactIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.12779.1.5.1.5 NAME 'loginShell'
DESC 'The path to the login shell'
EQUALITY caseExactIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
#########################################################################
#
# Attributes for uvmGroup
#
attributetype ( 1.3.6.1.4.1.12779.1.6.1.1 NAME 'memberUid'
EQUALITY caseExactIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
#=========================================================================
# ObjectClasses
#=========================================================================
# uvmEduPerson
# The uvmEduPerson represents people who are associated with the University
# of Vermont (UVM) in some way. It is an auxiliary class.
objectclass ( 1.3.6.1.4.1.12779.1.1.2.1
NAME 'uvmEduPerson'
SUP 'eduPerson' AUXILIARY
MUST ( uvmEduPrivate $ uvmEduAlias $
eduPersonAffiliation $ eduPersonPrimaryAffiliation $
cn $ sn $ netid $ mail $ uvmEduBroadcastFlag )
MAY ( uvmEduOfficePhone $
uvmEduOfficeAddress $ uvmEduOfficeLocation $
uvmEduHours $ uvmEduProject $
uvmEduFamily $ uvmEduHighSchool $ uvmEduColleges $
uvmAltGID $ uvmAltHomeDir $ uvmAltUID $
uvmExpID $ uvmExpPIDM $ uvmExpDate )
)
# uvmHumanResources
# The uvmHumanResources represents employees of UVM. It is an auxiliary class.
objectclass ( 1.3.6.1.4.1.12779.1.2.2.1
NAME 'uvmHumanResources'
SUP 'top' AUXILIARY
MUST ( uvmHRName $ uvmHRPrivate $ uvmHRID $
uvmHRBarCode $ uvmHRBPIDM )
MAY ( uvmHROfficePhone $ uvmHROfficeAddress $
uvmHRDepartment $ uvmHRHomePhone $
uvmHRHomeAddress $ uvmHRTerminationDate $
uvmHRBirthday $ uvmHRJobCode $ uvmHRJobSubCode $
uvmHRTitle $ uvmHRHireDate $ uvmHRLastPaidDate $
uvmHRFirstName $ uvmHRMiddleName $ uvmHRLastName )
)
# uvmStudentInformation
# Info about UVM students from the BANNER (SIS) system.
objectclass ( 1.3.6.1.4.1.12779.1.3.2.1
NAME 'uvmStudentInformation'
SUP 'top' AUXILIARY
MUST ( uvmSIName $ uvmSIID $ uvmSIPrivate $
uvmSIBarCOde $ uvmSIPIDM )
MAY ( uvmSILocalAddress $ uvmSIPermanentAddress $
uvmSIClass $ uvmSILastTermAttended $
uvmSIBirthday $ uvmSILocalPhone $
uvmSIPermanentPhone $ uvmSIStatus $
uvmSICollege $ uvmSIMajor $
uvmSIFirstName $ uvmSIMiddleName $ uvmSILastName )
)
# uvmAlias
# For mail aliases that may or may not be groups of people
objectclass ( 1.3.6.1.4.1.12779.1.4.2.1
NAME 'uvmAlias'
SUP 'top' STRUCTURAL
MUST ( uvmEduAlias $ userPassword )
MAY ( cn $ member $ mail $ description $
telephoneNumber $ facsimiletelephonenumber $
edupersonnickname $
homephone $ homepostaladdress $
labeleduri $ netid $ ou $
postaladdress $ title $
uvmedubroadcastflag $ uvmeducolleges $
uvmeduhours $ uvmeduofficeaddress $
uvmeduofficelocation $ uvmeduofficephone $
uvmeduproject $ displayname )
)
# uvmAccount
# For all entries that have a real account behind them
objectclass ( 1.3.6.1.4.1.12779.1.5.2.1
NAME 'uvmAccount'
SUP 'top' AUXILIARY
MUST ( uidNumber $ gidNumber $ homeDirectory $ gecos $ loginShell )
)
# uvmGroup
# uvm group membership
objectclass ( 1.3.6.1.4.1.12779.1.6.2.1
NAME 'uvmGroup'
SUP 'top' STRUCTURAL
MUST ( cn $ gidNumber )
MAY ( userPassword $ memberUid $ description )
)
Last modified September 30 2003 06:40 AM