core.schema 20.1 KB
Newer Older
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1
2
# $OpenLDAP$
#
Kurt Zeilenga's avatar
Kurt Zeilenga committed
3
# OpenLDAP Core schema
4
#
5
# Includes LDAPv3 schema items from:
6
#	RFC2251-RFC2256 (LDAPv3)
7
8
#
# select standard track schema items:
9
#	RFC2587 (PKI)
10
#	RFC2079 (URI)
11
#	RFC1274 (uid/dc)
12
13
14
15
16
#	RFC2247 (dc/dcObject)
#	RFC2289 (Dynamic Directory Services)
#
# select informational schema items:
#	RFC2377 (uidObject)
17
#
18
19
# select IETF ''work in progress'' LDAPext/LDUP items
#   ldapSubentry
20
#	ldapRootDSE
21
#	named referrals
22
#	alias draft
23

Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
24
25
# Standard X.501(93) Operational Attribute Types from RFC2252

26
27
28
29
30
attributetype ( 2.5.18.1 NAME 'createTimestamp'
	EQUALITY generalizedTimeMatch
	ORDERING generalizedTimeOrderingMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
	SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
31

32
33
34
35
36
attributetype ( 2.5.18.2 NAME 'modifyTimestamp'
	EQUALITY generalizedTimeMatch
	ORDERING generalizedTimeOrderingMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
	SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
37

38
39
40
41
attributetype ( 2.5.18.3 NAME 'creatorsName'
	EQUALITY distinguishedNameMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
	SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
42

43
44
45
46
attributetype ( 2.5.18.4 NAME 'modifiersName'
	EQUALITY distinguishedNameMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
	SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
47

Kurt Zeilenga's avatar
Kurt Zeilenga committed
48
attributetype ( 2.5.18.10 NAME 'subschemaSubentry'
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
	EQUALITY distinguishedNameMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 NO-USER-MODIFICATION
	SINGLE-VALUE USAGE directoryOperation )

attributetype ( 2.5.21.1 NAME 'dITStructureRules'
	EQUALITY integerFirstComponentMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.17 USAGE directoryOperation )

attributetype ( 2.5.21.2 NAME 'dITContentRules'
	EQUALITY objectIdentifierFirstComponentMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.16 USAGE directoryOperation )

attributetype ( 2.5.21.4 NAME 'matchingRules'
	EQUALITY objectIdentifierFirstComponentMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.30 USAGE directoryOperation )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
64

Kurt Zeilenga's avatar
Kurt Zeilenga committed
65
attributetype ( 2.5.21.5 NAME 'attributeTypes'
66
67
	EQUALITY objectIdentifierFirstComponentMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.3 USAGE directoryOperation )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
68

Kurt Zeilenga's avatar
Kurt Zeilenga committed
69
attributetype ( 2.5.21.6 NAME 'objectClasses'
70
71
	EQUALITY objectIdentifierFirstComponentMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.37 USAGE directoryOperation )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
72

73
74
75
attributetype ( 2.5.21.7 NAME 'nameForms'
	EQUALITY objectIdentifierFirstComponentMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.35 USAGE directoryOperation )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
76

Kurt Zeilenga's avatar
Kurt Zeilenga committed
77
attributetype ( 2.5.21.8 NAME 'matchingRuleUse'
78
79
	EQUALITY objectIdentifierFirstComponentMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.31 USAGE directoryOperation )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
80

81
82
83
84
85
# From X.500(97?)
attributetype ( 2.5.21.9 NAME 'structuralObjectClass'
	EQUALITY objectIdentifierMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.38
	NO-USER-MODIFICATION SINGLE-VALUE USAGE directoryOperation )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
86

87
# LDAP Operational Attributes from RFC2252
Kurt Zeilenga's avatar
Kurt Zeilenga committed
88
attributetype ( 1.3.6.1.4.1.1466.101.120.5 NAME 'namingContexts'
89
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 USAGE dSAOperation )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
90

Kurt Zeilenga's avatar
Kurt Zeilenga committed
91
attributetype ( 1.3.6.1.4.1.1466.101.120.6 NAME 'altServer'
92
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 USAGE dSAOperation )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
93

Kurt Zeilenga's avatar
Kurt Zeilenga committed
94
attributetype ( 1.3.6.1.4.1.1466.101.120.7 NAME 'supportedExtension'
95
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
96

Kurt Zeilenga's avatar
Kurt Zeilenga committed
97
attributetype ( 1.3.6.1.4.1.1466.101.120.13 NAME 'supportedControl'
98
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
99

Kurt Zeilenga's avatar
Kurt Zeilenga committed
100
attributetype ( 1.3.6.1.4.1.1466.101.120.14 NAME 'supportedSASLMechanisms'
101
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 USAGE dSAOperation )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
102

Kurt Zeilenga's avatar
Kurt Zeilenga committed
103
attributetype ( 1.3.6.1.4.1.1466.101.120.15 NAME 'supportedLDAPVersion'
104
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 USAGE dSAOperation )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
105

Kurt Zeilenga's avatar
Kurt Zeilenga committed
106
attributetype ( 1.3.6.1.4.1.1466.101.120.16 NAME 'ldapSyntaxes'
107
108
	EQUALITY objectIdentifierFirstComponentMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.54 USAGE directoryOperation )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
109
110

# Object Classes from RFC2252
111
112
113
114
115
objectclass ( 2.5.20.1 NAME 'subschema' AUXILIARY
	DESC 'RFC2252: controlling subschema' 
	MAY ( dITStructureRules $ nameForms $ ditContentRules $
		objectClasses $ attributeTypes $ matchingRules $
		matchingRuleUse ) )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
116

117
# Standard attribute types used for subtyping from RFC2256
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
118

119
120
121
122
123
124
125
126
attributetype ( 2.5.4.41 NAME 'name'
	EQUALITY caseIgnoreMatch
	SUBSTR caseIgnoreSubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )

attributetype ( 2.5.4.49 NAME 'distinguishedName'
	EQUALITY distinguishedNameMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
127
128
129

# Standard attribute types from RFC2256

Kurt Zeilenga's avatar
Kurt Zeilenga committed
130
attributetype ( 2.5.4.0 NAME 'objectClass'
131
132
	EQUALITY objectIdentifierMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
133

Kurt Zeilenga's avatar
Kurt Zeilenga committed
134
attributetype ( 2.5.4.1 NAME 'aliasedObjectName'
135
136
	EQUALITY distinguishedNameMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
137

138
# obsolete
Kurt Zeilenga's avatar
Kurt Zeilenga committed
139
attributetype ( 2.5.4.2 NAME 'knowledgeInformation'
140
141
	EQUALITY caseIgnoreMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
Julio Sánchez Fernández's avatar
   
Julio Sánchez Fernández committed
142

Kurt Zeilenga's avatar
Kurt Zeilenga committed
143
attributetype ( 2.5.4.3 NAME ( 'cn' 'commonName' ) SUP name )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
144

Kurt Zeilenga's avatar
Kurt Zeilenga committed
145
attributetype ( 2.5.4.4 NAME ( 'sn' 'surname' ) SUP name )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
146

Kurt Zeilenga's avatar
Kurt Zeilenga committed
147
attributetype ( 2.5.4.5 NAME 'serialNumber' EQUALITY caseIgnoreMatch
148
149
	SUBSTR caseIgnoreSubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
150
151

# (2-letter code from ISO 3166)
Kurt Zeilenga's avatar
Kurt Zeilenga committed
152
attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' ) SUP name SINGLE-VALUE )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
153

Kurt Zeilenga's avatar
Kurt Zeilenga committed
154
attributetype ( 2.5.4.7 NAME ( 'l' 'localityName' ) SUP name )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
155

Kurt Zeilenga's avatar
Kurt Zeilenga committed
156
attributetype ( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' ) SUP name )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
157

Kurt Zeilenga's avatar
Kurt Zeilenga committed
158
attributetype ( 2.5.4.9 NAME ( 'street' 'streetAddress' )
159
160
161
	EQUALITY caseIgnoreMatch
	SUBSTR caseIgnoreSubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
162

Kurt Zeilenga's avatar
Kurt Zeilenga committed
163
attributetype ( 2.5.4.10 NAME ( 'o' 'organizationName' ) SUP name )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
164

Kurt Zeilenga's avatar
Kurt Zeilenga committed
165
attributetype ( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' ) SUP name )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
166

Kurt Zeilenga's avatar
Kurt Zeilenga committed
167
attributetype ( 2.5.4.12 NAME 'title' SUP name )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
168

Kurt Zeilenga's avatar
Kurt Zeilenga committed
169
attributetype ( 2.5.4.13 NAME 'description'
170
171
172
	EQUALITY caseIgnoreMatch
	SUBSTR caseIgnoreSubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
173
174

# Obsoleted by enhancedSearchGuide
Kurt Zeilenga's avatar
Kurt Zeilenga committed
175
attributetype ( 2.5.4.14 NAME 'searchGuide'
176
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.25 )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
177

Kurt Zeilenga's avatar
Kurt Zeilenga committed
178
attributetype ( 2.5.4.15 NAME 'businessCategory'
179
180
181
	EQUALITY caseIgnoreMatch
	SUBSTR caseIgnoreSubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
182

Kurt Zeilenga's avatar
Kurt Zeilenga committed
183
attributetype ( 2.5.4.16 NAME 'postalAddress'
184
185
186
	EQUALITY caseIgnoreListMatch
	SUBSTR caseIgnoreListSubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
187

Kurt Zeilenga's avatar
Kurt Zeilenga committed
188
attributetype ( 2.5.4.17 NAME 'postalCode'
189
190
191
	EQUALITY caseIgnoreMatch
	SUBSTR caseIgnoreSubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
192

Kurt Zeilenga's avatar
Kurt Zeilenga committed
193
attributetype ( 2.5.4.18 NAME 'postOfficeBox'
194
195
196
	EQUALITY caseIgnoreMatch
	SUBSTR caseIgnoreSubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
197

Kurt Zeilenga's avatar
Kurt Zeilenga committed
198
attributetype ( 2.5.4.19 NAME 'physicalDeliveryOfficeName'
199
200
201
	EQUALITY caseIgnoreMatch
	SUBSTR caseIgnoreSubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
202

Kurt Zeilenga's avatar
Kurt Zeilenga committed
203
attributetype ( 2.5.4.20 NAME 'telephoneNumber'
204
205
206
	EQUALITY telephoneNumberMatch
	SUBSTR telephoneNumberSubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
207

Kurt Zeilenga's avatar
Kurt Zeilenga committed
208
attributetype ( 2.5.4.21 NAME 'telexNumber'
209
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
210

Kurt Zeilenga's avatar
Kurt Zeilenga committed
211
attributetype ( 2.5.4.22 NAME 'teletexTerminalIdentifier'
212
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
213

Kurt Zeilenga's avatar
Kurt Zeilenga committed
214
attributetype ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' )
215
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
216

Kurt Zeilenga's avatar
Kurt Zeilenga committed
217
attributetype ( 2.5.4.24 NAME 'x121Address'
218
219
220
	EQUALITY numericStringMatch
	SUBSTR numericStringSubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
221

Kurt Zeilenga's avatar
Kurt Zeilenga committed
222
attributetype ( 2.5.4.25 NAME 'internationaliSDNNumber'
223
224
225
	EQUALITY numericStringMatch
	SUBSTR numericStringSubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
226

Kurt Zeilenga's avatar
Kurt Zeilenga committed
227
attributetype ( 2.5.4.26 NAME 'registeredAddress' SUP postalAddress
228
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
229

Kurt Zeilenga's avatar
Kurt Zeilenga committed
230
attributetype ( 2.5.4.27 NAME 'destinationIndicator'
231
232
233
	EQUALITY caseIgnoreMatch
	SUBSTR caseIgnoreSubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
234

Kurt Zeilenga's avatar
Kurt Zeilenga committed
235
attributetype ( 2.5.4.28 NAME 'preferredDeliveryMethod'
236
237
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.14
	SINGLE-VALUE )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
238

Kurt Zeilenga's avatar
Kurt Zeilenga committed
239
attributetype ( 2.5.4.29 NAME 'presentationAddress'
240
241
242
	EQUALITY presentationAddressMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.43
	SINGLE-VALUE )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
243

Kurt Zeilenga's avatar
Kurt Zeilenga committed
244
attributetype ( 2.5.4.30 NAME 'supportedApplicationContext'
245
246
	EQUALITY objectIdentifierMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
247

Kurt Zeilenga's avatar
Kurt Zeilenga committed
248
attributetype ( 2.5.4.31 NAME 'member' SUP distinguishedName )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
249

Kurt Zeilenga's avatar
Kurt Zeilenga committed
250
attributetype ( 2.5.4.32 NAME 'owner' SUP distinguishedName )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
251

Kurt Zeilenga's avatar
Kurt Zeilenga committed
252
attributetype ( 2.5.4.33 NAME 'roleOccupant' SUP distinguishedName )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
253

Kurt Zeilenga's avatar
Kurt Zeilenga committed
254
attributetype ( 2.5.4.34 NAME 'seeAlso' SUP distinguishedName )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
255

Kurt Zeilenga's avatar
Kurt Zeilenga committed
256
attributetype ( 2.5.4.35 NAME 'userPassword'
257
258
	EQUALITY octetStringMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
259

260
# Must be transferred using ;binary
Kurt Zeilenga's avatar
Kurt Zeilenga committed
261
attributetype ( 2.5.4.36 NAME 'userCertificate'
262
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
263

264
# Must be transferred using ;binary
Kurt Zeilenga's avatar
Kurt Zeilenga committed
265
attributetype ( 2.5.4.37 NAME 'cACertificate'
266
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
267

268
# Must be transferred using ;binary
Kurt Zeilenga's avatar
Kurt Zeilenga committed
269
attributetype ( 2.5.4.38 NAME 'authorityRevocationList'
270
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
271

272
# Must be transferred using ;binary
Kurt Zeilenga's avatar
Kurt Zeilenga committed
273
attributetype ( 2.5.4.39 NAME 'certificateRevocationList'
274
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
275

276
# Must be stored and requested in the binary form
Kurt Zeilenga's avatar
Kurt Zeilenga committed
277
attributetype ( 2.5.4.40 NAME 'crossCertificatePair'
278
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.10 )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
279

280
281
282
283
284
# 2.5.4.41 is defined above as it's used for subtyping
#attributetype ( 2.5.4.41 NAME 'name'
#	EQUALITY caseIgnoreMatch
#	SUBSTR caseIgnoreSubstringsMatch
#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
285

Kurt Zeilenga's avatar
Kurt Zeilenga committed
286
attributetype ( 2.5.4.42 NAME ( 'givenName' 'gn' ) SUP name )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
287

288
289
290
291
292
293
294
attributetype ( 2.5.4.43 NAME 'initials' SUP name
	DESC 'The initials attribute type contains the initials of some
		or all of an individuals names, but not the surname(s).' )

attributetype ( 2.5.4.44 NAME 'generationQualifier' 
	DESC 'e.g. Jr or II.'
	SUP name )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
295

Kurt Zeilenga's avatar
Kurt Zeilenga committed
296
attributetype ( 2.5.4.45 NAME 'x500UniqueIdentifier'
297
298
	EQUALITY bitStringMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
299

Kurt Zeilenga's avatar
Kurt Zeilenga committed
300
attributetype ( 2.5.4.46 NAME 'dnQualifier'
301
302
303
304
	EQUALITY caseIgnoreMatch
	ORDERING caseIgnoreOrderingMatch
	SUBSTR caseIgnoreSubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
305

Kurt Zeilenga's avatar
Kurt Zeilenga committed
306
attributetype ( 2.5.4.47 NAME 'enhancedSearchGuide'
307
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
308

Kurt Zeilenga's avatar
Kurt Zeilenga committed
309
attributetype ( 2.5.4.48 NAME 'protocolInformation'
310
311
	EQUALITY protocolInformationMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.42 )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
312

313
314
315
316
# 2.5.4.49 is defined above as it's used for subtyping
#attributetype ( 2.5.4.49 NAME 'distinguishedName'
#	EQUALITY distinguishedNameMatch
#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
317

Kurt Zeilenga's avatar
Kurt Zeilenga committed
318
attributetype ( 2.5.4.50 NAME 'uniqueMember'
319
320
	EQUALITY uniqueMemberMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
321

Kurt Zeilenga's avatar
Kurt Zeilenga committed
322
attributetype ( 2.5.4.51 NAME 'houseIdentifier'
323
324
325
	EQUALITY caseIgnoreMatch
	SUBSTR caseIgnoreSubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
326

327
# Must be transferred using ;binary
Kurt Zeilenga's avatar
Kurt Zeilenga committed
328
attributetype ( 2.5.4.52 NAME 'supportedAlgorithms'
329
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
330

331
# Must be transferred using ;binary
Kurt Zeilenga's avatar
Kurt Zeilenga committed
332
attributetype ( 2.5.4.53 NAME 'deltaRevocationList'
333
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
334

Kurt Zeilenga's avatar
Kurt Zeilenga committed
335
attributetype ( 2.5.4.54 NAME 'dmdName' SUP name )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
336
337
338

# Standard object classes from RFC2256

Kurt Zeilenga's avatar
Kurt Zeilenga committed
339
objectclass ( 2.5.6.0 NAME 'top' ABSTRACT
340
	MUST objectClass )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
341

Kurt Zeilenga's avatar
Kurt Zeilenga committed
342
objectclass ( 2.5.6.1 NAME 'alias' SUP top STRUCTURAL
343
	MUST aliasedObjectName )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
344

Kurt Zeilenga's avatar
Kurt Zeilenga committed
345
objectclass ( 2.5.6.2 NAME 'country' SUP top STRUCTURAL
346
347
	MUST c
	MAY ( searchGuide $ description ) )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
348
349

objectclass ( 2.5.6.3 NAME 'locality' SUP top STRUCTURAL
350
	MAY ( street $ seeAlso $ searchGuide $ st $ l $ description ) )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
351

Kurt Zeilenga's avatar
Kurt Zeilenga committed
352
objectclass ( 2.5.6.4 NAME 'organization' SUP top STRUCTURAL
353
354
355
356
357
358
359
	MUST o
	MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
		x121Address $ registeredAddress $ destinationIndicator $
		preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
		telephoneNumber $ internationaliSDNNumber $
		facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
		postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
360

Kurt Zeilenga's avatar
Kurt Zeilenga committed
361
objectclass ( 2.5.6.5 NAME 'organizationalUnit' SUP top STRUCTURAL
362
363
364
365
366
367
368
	MUST ou
	MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
		x121Address $ registeredAddress $ destinationIndicator $
		preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
		telephoneNumber $ internationaliSDNNumber $
		facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
		postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
369

Kurt Zeilenga's avatar
Kurt Zeilenga committed
370
objectclass ( 2.5.6.6 NAME 'person' SUP top STRUCTURAL
371
372
	MUST ( sn $ cn )
	MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
373
374

objectclass ( 2.5.6.7 NAME 'organizationalPerson' SUP person STRUCTURAL
375
376
377
378
379
	MAY ( title $ x121Address $ registeredAddress $ destinationIndicator $
		preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
		telephoneNumber $ internationaliSDNNumber $
		facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
		postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l ) )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
380

Kurt Zeilenga's avatar
Kurt Zeilenga committed
381
objectclass ( 2.5.6.8 NAME 'organizationalRole' SUP top STRUCTURAL
382
383
384
385
386
387
388
	MUST cn
	MAY ( x121Address $ registeredAddress $ destinationIndicator $
		preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
		telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
		seeAlso $ roleOccupant $ preferredDeliveryMethod $ street $
		postOfficeBox $ postalCode $ postalAddress $
		physicalDeliveryOfficeName $ ou $ st $ l $ description ) )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
389

Kurt Zeilenga's avatar
Kurt Zeilenga committed
390
objectclass ( 2.5.6.9 NAME 'groupOfNames' SUP top STRUCTURAL
391
392
	MUST ( member $ cn )
	MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
393

Kurt Zeilenga's avatar
Kurt Zeilenga committed
394
objectclass ( 2.5.6.10 NAME 'residentialPerson' SUP person STRUCTURAL
395
396
397
398
399
400
401
	MUST l
	MAY ( businessCategory $ x121Address $ registeredAddress $
		destinationIndicator $ preferredDeliveryMethod $ telexNumber $
		teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $
		facsimileTelephoneNumber $ preferredDeliveryMethod $ street $
		postOfficeBox $ postalCode $ postalAddress $
		physicalDeliveryOfficeName $ st $ l ) )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
402

Kurt Zeilenga's avatar
Kurt Zeilenga committed
403
objectclass ( 2.5.6.11 NAME 'applicationProcess' SUP top STRUCTURAL
404
405
	MUST cn
	MAY ( seeAlso $ ou $ l $ description ) )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
406
407

objectclass ( 2.5.6.12 NAME 'applicationEntity' SUP top STRUCTURAL
408
409
410
	MUST ( presentationAddress $ cn )
	MAY ( supportedApplicationContext $ seeAlso $ ou $ o $ l $
	description ) )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
411
412

objectclass ( 2.5.6.13 NAME 'dSA' SUP applicationEntity STRUCTURAL
413
	MAY knowledgeInformation )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
414

Kurt Zeilenga's avatar
Kurt Zeilenga committed
415
objectclass ( 2.5.6.14 NAME 'device' SUP top STRUCTURAL
416
417
	MUST cn
	MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l $ description ) )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
418
419

objectclass ( 2.5.6.15 NAME 'strongAuthenticationUser' SUP top AUXILIARY
420
	MUST userCertificate )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
421
422

objectclass ( 2.5.6.16 NAME 'certificationAuthority' SUP top AUXILIARY
423
424
	MUST ( authorityRevocationList $ certificateRevocationList $
		cACertificate ) MAY crossCertificatePair )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
425
426

objectclass ( 2.5.6.17 NAME 'groupOfUniqueNames' SUP top STRUCTURAL
427
428
	MUST ( uniqueMember $ cn )
	MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
429
430

objectclass ( 2.5.6.18 NAME 'userSecurityInformation' SUP top AUXILIARY
431
	MAY ( supportedAlgorithms ) )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
432
433

objectclass ( 2.5.6.16.2 NAME 'certificationAuthority-V2' SUP
434
435
	certificationAuthority
	AUXILIARY MAY ( deltaRevocationList ) )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
436
437

objectclass ( 2.5.6.19 NAME 'cRLDistributionPoint' SUP top STRUCTURAL
438
439
440
	MUST ( cn )
	MAY ( certificateRevocationList $ authorityRevocationList $
		deltaRevocationList ) )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
441

Kurt Zeilenga's avatar
Kurt Zeilenga committed
442
objectclass ( 2.5.6.20 NAME 'dmd' SUP top STRUCTURAL
443
444
445
446
447
448
449
	MUST ( dmdName )
	MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
		x121Address $ registeredAddress $ destinationIndicator $
		preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
		telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
		street $ postOfficeBox $ postalCode $ postalAddress $
		physicalDeliveryOfficeName $ st $ l $ description ) )
Julio Sánchez Fernández's avatar
   
Julio Sánchez Fernández committed
450

451
452
453
454
455
456
457
458
459
460
461
462
463
objectclass ( 2.5.6.21 NAME 'pkiUser' SUP top AUXILIARY
	DESC 'RFC2587: PKI user'
	MUST userCertificate )

objectclass ( 2.5.6.22 NAME 'pkiCA' SUP top AUXILIARY
	DESC 'RFC2587: PKI certificate authority'
	MAY ( authorityRevocationList $ certificateRevocationList $
		cACertificate $ crossCertificatePair ) )

objectclass ( 2.5.6.23 NAME 'deltaCRL' SUP top AUXILIARY
	DESC 'RFC2587: PKI user'
	MAY deltaRevocationList )

Julio Sánchez Fernández's avatar
   
Julio Sánchez Fernández committed
464
objectclass ( 1.3.6.1.4.1.1466.101.120.111 NAME 'extensibleObject'
465
	DESC 'RFC2252: extensible object'
466
	SUP top AUXILIARY )
467

468
469
470
#
# Standard Track URI label schema from RFC2079
#
Kurt Zeilenga's avatar
Kurt Zeilenga committed
471
attributetype ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI'
472
	DESC 'RFC2079: Uniform Resource Identifier with optional label'
Kurt Zeilenga's avatar
Kurt Zeilenga committed
473
474
	EQUALITY caseExactIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
475
476

objectclass ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject'
477
	DESC 'RFC2079: object that contains the URI attribute type'
Kurt Zeilenga's avatar
Kurt Zeilenga committed
478
479
	MAY ( labeledURI )
	SUP top AUXILIARY )
480

481
482
483
484
#
# Standard Track Dynamic Directory Services from RFC2589
#
objectclass ( 1.3.6.1.4.1.1466.101.119.2 NAME 'dynamicObject'
485
	DESC 'RFC2589: Dynamic Object'
486
487
488
	SUP top AUXILIARY )

attributetype ( 1.3.6.1.4.1.1466.101.119.3 NAME 'entryTtl'
489
	DESC 'RFC2589: entry time-to-live'
490
491
492
493
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE
	NO-USER-MODIFICATION USAGE dSAOperation )

attributetype ( 1.3.6.1.4.1.1466.101.119.4 NAME 'dynamicSubtrees'
494
	DESC 'RFC2589: dynamic subtrees'
495
496
497
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 NO-USER-MODIFICATION
	USAGE dSAOperation )

498
#
Kurt Zeilenga's avatar
Kurt Zeilenga committed
499
# Derived from RFC1274, but with new "short names"
500
#
501
502
attributetype ( 0.9.2342.19200300.100.1.1
	NAME ( 'uid' 'userid' )
503
	DESC 'RFC1274: user identifier'
Kurt Zeilenga's avatar
Kurt Zeilenga committed
504
505
	EQUALITY caseIgnoreMatch
	SUBSTR caseIgnoreSubstringsMatch
506
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
507

508
509
510
attributetype ( 0.9.2342.19200300.100.1.3
	NAME ( 'mail' 'rfc822Mailbox' )
	DESC 'RFC1274: RFC822 Mailbox'
511
512
513
514
515
    EQUALITY caseIgnoreIA5Match
    SUBSTR caseIgnoreIA5SubstringsMatch
    SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject'
516
	DESC 'RFC1274: simple security object'
517
518
519
	SUP top AUXILIARY
	MUST userPassword )

520
521
522
# RFC1274 + RFC2247
attributetype ( 0.9.2342.19200300.100.1.25
	NAME ( 'dc' 'domainComponent' )
523
	DESC 'RFC1274/2247: domain component'
524
525
526
527
	EQUALITY caseIgnoreIA5Match
	SUBSTR caseIgnoreIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

528
# RFC2247
529
objectclass ( 1.3.6.1.4.1.1466.344 NAME 'dcObject'
530
	DESC 'RFC2247: domain component object'
531
532
	SUP top AUXILIARY MUST dc )

533

534
# From RFC2377
535
objectclass ( 1.3.6.1.1.3.1 NAME 'uidObject'
536
	DESC 'RFC2377: uid object'
537
	SUP top AUXILIARY MUST uid )
538

539
#
540
# From draft-zeilenga-ldap-nameref-00.txt
541
542
#	used to represent referrals in the directory
#
543
attributetype ( 2.16.840.1.113730.3.1.34 NAME 'ref'
544
	DESC 'Named referral'
545
546
	EQUALITY caseExactIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
547
548
549
	USAGE distributedOperation )

objectclass ( 2.16.840.1.113730.3.2.6 NAME 'referral'
Kurt Zeilenga's avatar
Kurt Zeilenga committed
550
	DESC 'Named referral object'
551
	SUP top STRUCTURAL MUST ref )
552
553
554

#
# LDAPsubEntry
555
556
#	likely to change!
objectclass ( 2.16.840.1.113719.2.142.6.1.1 NAME 'LDAPsubEntry'
Kurt Zeilenga's avatar
Kurt Zeilenga committed
557
	DESC 'LDAP Subentry'
558
	SUP top STRUCTURAL MAY cn )
559
560

#
561
# OpenLDAProotDSE
Kurt Zeilenga's avatar
Kurt Zeilenga committed
562
#	likely to change!
Kurt Zeilenga's avatar
Kurt Zeilenga committed
563
objectclass ( 1.3.6.1.4.1.4203.1.4.1
Kurt Zeilenga's avatar
Kurt Zeilenga committed
564
565
	NAME ( 'OpenLDAProotDSE' 'LDAProotDSE' )
	DESC 'OpenLDAP Root DSE object'
566
	SUP top STRUCTURAL MAY cn )
567

568
569
570
571
572
573
574
575
#
# From Cosine Pilot
#
attributetype ( 0.9.2342.19200300.100.1.37 NAME 'associatedDomain'
	EQUALITY caseIgnoreIA5Match
	SUBSTR caseIgnoreIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
#
# From U-Mich
#
attributetype ( 1.3.6.1.4.1.250.1.32
	NAME ( 'krbName' 'kerberosName' )
	DESC 'Kerberos Name'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
	SINGLE-VALUE )

#
# OpenLDAP specific schema items
#
attributetype ( 1.3.6.1.4.1.4203.666.1.1
	NAME 'authPassword'
591
	DESC 'OpenLDAP authentication password attribute'
592
593
594
595
596
	SYNTAX 1.3.6.1.4.1.4203.666.2.2
	USAGE dSAOperation )

attributetype ( 1.3.6.1.4.1.4203.666.1.2
	NAME 'supportedAuthPasswordSchemes'
597
	DESC 'OpenLDAP supported authPassword schemes'
598
599
600
601
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32}
	NO-USER-MODIFICATION USAGE dSAOperation )

602
attributetype ( 1.3.6.1.4.1.4203.1.3.1
603
	NAME 'entry'
604
605
	DESC 'OpenLDAP ACL entry pseudo-attribute'
	SYNTAX 1.3.6.1.4.1.4203.1.1.1
606
607
	SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )

608
attributetype ( 1.3.6.1.4.1.4203.1.3.2
609
	NAME 'children'
610
611
	DESC 'OpenLDAP ACL children pseudo-attribute'
	SYNTAX 1.3.6.1.4.1.4203.1.1.1
612
613
614
615
616
617
618
619
620
621
	SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )

attributetype ( 1.3.6.1.4.1.4203.666.1.5
	NAME 'OpenLDAPaci'
	DESC 'OpenLDAP access control information'
	EQUALITY OpenLDAPaciMatch
	SYNTAX 1.3.6.1.4.1.4203.666.2.1
	USAGE directoryOperation )

objectclass ( 1.3.6.1.4.1.4203.666.3.1 NAME 'authPasswordObject'
622
	DESC 'OpenLDAP authPassword mixin class'
623
624
	MAY authPassword
	AUXILIARY )