core.schema 20.2 KB
Newer Older
Kurt Zeilenga's avatar
Kurt Zeilenga committed
1
2
# $OpenLDAP$
#
Kurt Zeilenga's avatar
Kurt Zeilenga committed
3
# OpenLDAP Core schema
4
#
5
# Includes LDAPv3 schema items from:
6
#	RFC2251-RFC2256 (LDAPv3)
7
8
#
# select standard track schema items:
9
#	RFC2079 (URI)
10
#	RFC1274 (uid/dc)
11
12
13
14
15
#	RFC2247 (dc/dcObject)
#	RFC2289 (Dynamic Directory Services)
#
# select informational schema items:
#	RFC2377 (uidObject)
16
#
17
18
19
# select experimental IETF LDAPext items
#   ldapSubentry draft
#	ldapRootDSE
20
21
#	named referrals draft
#	alias draft
22

Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
23
24
25

# Standard X.501(93) Operational Attribute Types from RFC2252

Kurt Zeilenga's avatar
Kurt Zeilenga committed
26
attributetype ( 2.5.18.1 NAME 'createTimestamp' EQUALITY generalizedTimeMatch
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
27
28
29
30
      ORDERING generalizedTimeOrderingMatch
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
      SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
31
attributetype ( 2.5.18.2 NAME 'modifyTimestamp' EQUALITY generalizedTimeMatch
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
32
33
34
35
      ORDERING generalizedTimeOrderingMatch
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
      SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
36
attributetype ( 2.5.18.3 NAME 'creatorsName' EQUALITY distinguishedNameMatch
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
37
38
39
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
      SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
40
attributetype ( 2.5.18.4 NAME 'modifiersName' EQUALITY distinguishedNameMatch
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
41
42
43
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
      SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
44
attributetype ( 2.5.18.10 NAME 'subschemaSubentry'
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
45
46
47
48
      EQUALITY distinguishedNameMatch
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 NO-USER-MODIFICATION
      SINGLE-VALUE USAGE directoryOperation )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
49
attributetype ( 2.5.21.5 NAME 'attributeTypes'
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
50
51
52
      EQUALITY objectIdentifierFirstComponentMatch
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.3 USAGE directoryOperation )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
53
attributetype ( 2.5.21.6 NAME 'objectClasses'
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
54
55
56
      EQUALITY objectIdentifierFirstComponentMatch
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.37 USAGE directoryOperation )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
57
attributetype ( 2.5.21.4 NAME 'matchingRules'
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
58
59
60
      EQUALITY objectIdentifierFirstComponentMatch
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.30 USAGE directoryOperation )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
61
attributetype ( 2.5.21.8 NAME 'matchingRuleUse'
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
62
63
64
65
66
      EQUALITY objectIdentifierFirstComponentMatch
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.31 USAGE directoryOperation )

# LDAP Operational Attributes from RFC2252

Kurt Zeilenga's avatar
Kurt Zeilenga committed
67
attributetype ( 1.3.6.1.4.1.1466.101.120.5 NAME 'namingContexts'
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
68
69
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 USAGE dSAOperation )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
70
attributetype ( 1.3.6.1.4.1.1466.101.120.6 NAME 'altServer'
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
71
72
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 USAGE dSAOperation )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
73
attributetype ( 1.3.6.1.4.1.1466.101.120.7 NAME 'supportedExtension'
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
74
75
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
76
attributetype ( 1.3.6.1.4.1.1466.101.120.13 NAME 'supportedControl'
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
77
78
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
79
attributetype ( 1.3.6.1.4.1.1466.101.120.14 NAME 'supportedSASLMechanisms'
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
80
81
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 USAGE dSAOperation )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
82
attributetype ( 1.3.6.1.4.1.1466.101.120.15 NAME 'supportedLDAPVersion'
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
83
84
85
86
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 USAGE dSAOperation )

# LDAP Subschema Atrribute from RFC2252

Kurt Zeilenga's avatar
Kurt Zeilenga committed
87
attributetype ( 1.3.6.1.4.1.1466.101.120.16 NAME 'ldapSyntaxes'
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
88
89
90
91
92
      EQUALITY objectIdentifierFirstComponentMatch
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.54 USAGE directoryOperation )

# X.500 Subschema attributes from RFC2252

Kurt Zeilenga's avatar
Kurt Zeilenga committed
93
attributetype ( 2.5.21.1 NAME 'dITStructureRules' EQUALITY integerFirstComponentMatch
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
94
95
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.17 USAGE directoryOperation )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
96
attributetype ( 2.5.21.7 NAME 'nameForms'
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
97
98
99
      EQUALITY objectIdentifierFirstComponentMatch
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.35 USAGE directoryOperation )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
100
attributetype ( 2.5.21.2 NAME 'dITContentRules'
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
101
102
103
104
105
      EQUALITY objectIdentifierFirstComponentMatch
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.16 USAGE directoryOperation )

# Object Classes from RFC2252

Julio Sánchez Fernández's avatar
   
Julio Sánchez Fernández committed
106
# extensibleObject moved forward, since it depends on top
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
107
108
109
110
111
112
113
114
115
# ldapSyntaxes (operational) is admissible in next:

objectclass ( 2.5.20.1 NAME 'subschema' AUXILIARY
      MAY ( dITStructureRules $ nameForms $ ditContentRules $
      objectClasses $ attributeTypes $ matchingRules $
      matchingRuleUse ) )

# Standard attribute types from RFC2256

Kurt Zeilenga's avatar
Kurt Zeilenga committed
116
117
attributetype ( 2.5.4.0 NAME 'objectClass'
      EQUALITY objectIdentifierMatch
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
118
119
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
120
121
attributetype ( 2.5.4.1 NAME 'aliasedObjectName'
      EQUALITY distinguishedNameMatch
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
122
123
124
125
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )

# Defined, but no longer used

Kurt Zeilenga's avatar
Kurt Zeilenga committed
126
127
attributetype ( 2.5.4.2 NAME 'knowledgeInformation'
      EQUALITY caseIgnoreMatch
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
128
129
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )

Julio Sánchez Fernández's avatar
   
Julio Sánchez Fernández committed
130
131
# Place here since other attribute types derive from it

Kurt Zeilenga's avatar
Kurt Zeilenga committed
132
133
attributetype ( 2.5.4.41 NAME 'name'
      EQUALITY caseIgnoreMatch
Julio Sánchez Fernández's avatar
   
Julio Sánchez Fernández committed
134
135
136
      SUBSTR caseIgnoreSubstringsMatch
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
137
attributetype ( 2.5.4.3 NAME ( 'cn' 'commonName' ) SUP name )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
138

Kurt Zeilenga's avatar
Kurt Zeilenga committed
139
attributetype ( 2.5.4.4 NAME ( 'sn' 'surname' ) SUP name )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
140

Kurt Zeilenga's avatar
Kurt Zeilenga committed
141
attributetype ( 2.5.4.5 NAME 'serialNumber' EQUALITY caseIgnoreMatch
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
142
143
144
145
146
      SUBSTR caseIgnoreSubstringsMatch
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} )

# (2-letter code from ISO 3166)

Kurt Zeilenga's avatar
Kurt Zeilenga committed
147
attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' ) SUP name SINGLE-VALUE )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
148

Kurt Zeilenga's avatar
Kurt Zeilenga committed
149
attributetype ( 2.5.4.7 NAME ( 'l' 'localityName' ) SUP name )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
150

Kurt Zeilenga's avatar
Kurt Zeilenga committed
151
attributetype ( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' ) SUP name )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
152

Kurt Zeilenga's avatar
Kurt Zeilenga committed
153
154
attributetype ( 2.5.4.9 NAME ( 'street' 'streetAddress' )
      EQUALITY caseIgnoreMatch
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
155
156
157
      SUBSTR caseIgnoreSubstringsMatch
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
158
attributetype ( 2.5.4.10 NAME ( 'o' 'organizationName' ) SUP name )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
159

Kurt Zeilenga's avatar
Kurt Zeilenga committed
160
attributetype ( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' ) SUP name )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
161

Kurt Zeilenga's avatar
Kurt Zeilenga committed
162
attributetype ( 2.5.4.12 NAME 'title' SUP name )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
163

Kurt Zeilenga's avatar
Kurt Zeilenga committed
164
165
attributetype ( 2.5.4.13 NAME 'description'
      EQUALITY caseIgnoreMatch
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
166
167
168
169
170
      SUBSTR caseIgnoreSubstringsMatch
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} )

# Obsoleted by enhancedSearchGuide

Kurt Zeilenga's avatar
Kurt Zeilenga committed
171
attributetype ( 2.5.4.14 NAME 'searchGuide'
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
172
173
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.25 )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
174
175
attributetype ( 2.5.4.15 NAME 'businessCategory'
     EQUALITY caseIgnoreMatch
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
176
177
178
     SUBSTR caseIgnoreSubstringsMatch
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
179
180
181
attribute ( 2.5.4.16 NAME 'postalAddress'
     EQUALITY caseIgnoreListMatch
     SUBSTR caseIgnoreListSubstringsMatch
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
182
183
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
184
185
attributetype ( 2.5.4.17 NAME 'postalCode'
     EQUALITY caseIgnoreMatch
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
186
187
188
     SUBSTR caseIgnoreSubstringsMatch
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
189
190
attributetype ( 2.5.4.18 NAME 'postOfficeBox'
     EQUALITY caseIgnoreMatch
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
191
192
193
     SUBSTR caseIgnoreSubstringsMatch
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
194
195
attributetype ( 2.5.4.19 NAME 'physicalDeliveryOfficeName'
     EQUALITY caseIgnoreMatch
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
196
197
198
     SUBSTR caseIgnoreSubstringsMatch
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
199
200
attributetype ( 2.5.4.20 NAME 'telephoneNumber'
     EQUALITY telephoneNumberMatch
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
201
202
203
     SUBSTR telephoneNumberSubstringsMatch
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
204
attributetype ( 2.5.4.21 NAME 'telexNumber'
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
205
206
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
207
attributetype ( 2.5.4.22 NAME 'teletexTerminalIdentifier'
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
208
209
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
210
attributetype ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
211
212
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
213
214
attributetype ( 2.5.4.24 NAME 'x121Address'
     EQUALITY numericStringMatch
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
215
216
217
     SUBSTR numericStringSubstringsMatch
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
218
attributetype ( 2.5.4.25 NAME 'internationaliSDNNumber'
Kurt Zeilenga's avatar
Kurt Zeilenga committed
219
     EQUALITY numericStringMatch
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
220
221
222
     SUBSTR numericStringSubstringsMatch
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
223
attributetype ( 2.5.4.26 NAME 'registeredAddress' SUP postalAddress
Kurt Zeilenga's avatar
Kurt Zeilenga committed
224
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
225

Kurt Zeilenga's avatar
Kurt Zeilenga committed
226
227
attributetype ( 2.5.4.27 NAME 'destinationIndicator'
     EQUALITY caseIgnoreMatch
Kurt Zeilenga's avatar
Kurt Zeilenga committed
228
229
     SUBSTR caseIgnoreSubstringsMatch
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
230

Kurt Zeilenga's avatar
Kurt Zeilenga committed
231
attributetype ( 2.5.4.28 NAME 'preferredDeliveryMethod'
Kurt Zeilenga's avatar
Kurt Zeilenga committed
232
233
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.14
     SINGLE-VALUE )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
234

Kurt Zeilenga's avatar
Kurt Zeilenga committed
235
attributetype ( 2.5.4.29 NAME 'presentationAddress'
Kurt Zeilenga's avatar
Kurt Zeilenga committed
236
237
238
     EQUALITY presentationAddressMatch
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.43
     SINGLE-VALUE )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
239

Kurt Zeilenga's avatar
Kurt Zeilenga committed
240
attributetype ( 2.5.4.30 NAME 'supportedApplicationContext'
Kurt Zeilenga's avatar
Kurt Zeilenga committed
241
242
     EQUALITY objectIdentifierMatch
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
243

244
# Placed here because others derive from it.
Julio Sánchez Fernández's avatar
   
Julio Sánchez Fernández committed
245

246
247
248
249
250
251
# We had a dn definition in slapd.at.conf and Netscape lists both
# names for that OID.  This is wrong, 'dn' is used internally in slapd
# as the name of a pseudo-attribute type that contains the
# distinguished name of an entry.  On the other hand, the attribute
# type distinguishedName is meant to be an "abstract" type and other
# dn-valued attribute types derive from it.  So at most, 'dn' would
252
253
254
# be a subtype of distinguishedName, something like:
#	attributetype ( dnOID NAME 'dn' SUP distinguishedName
#		SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )
255

Kurt Zeilenga's avatar
Kurt Zeilenga committed
256
attributetype ( 2.5.4.49 NAME 'distinguishedName'
Julio Sánchez Fernández's avatar
   
Julio Sánchez Fernández committed
257
258
      EQUALITY distinguishedNameMatch
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
259

Kurt Zeilenga's avatar
Kurt Zeilenga committed
260
attributetype ( 2.5.4.31 NAME 'member' SUP distinguishedName )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
261

Kurt Zeilenga's avatar
Kurt Zeilenga committed
262
attributetype ( 2.5.4.32 NAME 'owner' SUP distinguishedName )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
263

Kurt Zeilenga's avatar
Kurt Zeilenga committed
264
attributetype ( 2.5.4.33 NAME 'roleOccupant' SUP distinguishedName )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
265

Kurt Zeilenga's avatar
Kurt Zeilenga committed
266
attributetype ( 2.5.4.34 NAME 'seeAlso' SUP distinguishedName )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
267

Kurt Zeilenga's avatar
Kurt Zeilenga committed
268
269
attributetype ( 2.5.4.35 NAME 'userPassword'
      EQUALITY octetStringMatch
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
270
271
272
273
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )

# Must be stored and requested in the binary form, as
# userCertificate;binary
Kurt Zeilenga's avatar
Kurt Zeilenga committed
274
attributetype ( 2.5.4.36 NAME 'userCertificate'
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
275
276
277
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )

# As above
Kurt Zeilenga's avatar
Kurt Zeilenga committed
278
attributetype ( 2.5.4.37 NAME 'cACertificate'
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
279
280
281
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )

# As above
Kurt Zeilenga's avatar
Kurt Zeilenga committed
282
attributetype ( 2.5.4.38 NAME 'authorityRevocationList'
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
283
284
285
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )

# As above
Kurt Zeilenga's avatar
Kurt Zeilenga committed
286
attributetype ( 2.5.4.39 NAME 'certificateRevocationList'
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
287
288
289
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )

# As above
Kurt Zeilenga's avatar
Kurt Zeilenga committed
290
attributetype ( 2.5.4.40 NAME 'crossCertificatePair'
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
291
292
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.10 )

Julio Sánchez Fernández's avatar
   
Julio Sánchez Fernández committed
293
# 2.5.4.41 is 'name', moved above since other attribute types derive from it
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
294

Kurt Zeilenga's avatar
Kurt Zeilenga committed
295
attributetype ( 2.5.4.42 NAME ( 'givenName' 'gn' ) SUP name )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
296

Kurt Zeilenga's avatar
Kurt Zeilenga committed
297
attributetype ( 2.5.4.43 NAME 'initials' SUP name )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
298

Kurt Zeilenga's avatar
Kurt Zeilenga committed
299
300
attributetype ( 2.5.4.45 NAME 'x500UniqueIdentifier'
      EQUALITY bitStringMatch
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
301
302
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
303
304
305
306
attributetype ( 2.5.4.46 NAME 'dnQualifier'
      EQUALITY caseIgnoreMatch
      ORDERING caseIgnoreOrderingMatch
      SUBSTR caseIgnoreSubstringsMatch
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
307
308
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
309
attributetype ( 2.5.4.47 NAME 'enhancedSearchGuide'
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
310
311
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
312
attributetype ( 2.5.4.48 NAME 'protocolInformation'
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
313
314
315
      EQUALITY protocolInformationMatch
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.42 )

Julio Sánchez Fernández's avatar
   
Julio Sánchez Fernández committed
316
# 2.5.4.49 is distinguishedName, moved up
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
317

Kurt Zeilenga's avatar
Kurt Zeilenga committed
318
319
attributetype ( 2.5.4.50 NAME 'uniqueMember'
      EQUALITY uniqueMemberMatch
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
320
321
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
322
323
attributetype ( 2.5.4.51 NAME 'houseIdentifier'
      EQUALITY caseIgnoreMatch
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
324
325
326
327
328
329
      SUBSTR caseIgnoreSubstringsMatch
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )

# This attribute is to be stored and requested in the binary form, as
# 'supportedAlgorithms;binary'.

Kurt Zeilenga's avatar
Kurt Zeilenga committed
330
attributetype ( 2.5.4.52 NAME 'supportedAlgorithms'
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
331
332
333
334
335
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 )

# This attribute is to be stored and requested in the binary form, as
# 'deltaRevocationList;binary'.

Kurt Zeilenga's avatar
Kurt Zeilenga committed
336
attributetype ( 2.5.4.53 NAME 'deltaRevocationList'
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
337
338
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
339
attributetype ( 2.5.4.54 NAME 'dmdName' SUP name )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
340
341
342

# Standard object classes from RFC2256

Kurt Zeilenga's avatar
Kurt Zeilenga committed
343
344
objectclass ( 2.5.6.0 NAME 'top' ABSTRACT
     MUST objectClass )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
345

Kurt Zeilenga's avatar
Kurt Zeilenga committed
346
347
objectclass ( 2.5.6.1 NAME 'alias' SUP top STRUCTURAL
     MUST aliasedObjectName )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
348

Kurt Zeilenga's avatar
Kurt Zeilenga committed
349
350
objectclass ( 2.5.6.2 NAME 'country' SUP top STRUCTURAL
     MUST c
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
351
352
353
354
355
     MAY ( searchGuide $ description ) )

objectclass ( 2.5.6.3 NAME 'locality' SUP top STRUCTURAL
     MAY ( street $ seeAlso $ searchGuide $ st $ l $ description ) )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
356
357
objectclass ( 2.5.6.4 NAME 'organization' SUP top STRUCTURAL
     MUST o
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
358
359
360
361
362
363
364
365
     MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
     x121Address $ registeredAddress $ destinationIndicator $
     preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
     telephoneNumber $ internationaliSDNNumber $
     facsimileTelephoneNumber $
     street $ postOfficeBox $ postalCode $ postalAddress $
     physicalDeliveryOfficeName $ st $ l $ description ) )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
366
367
objectclass ( 2.5.6.5 NAME 'organizationalUnit' SUP top STRUCTURAL
     MUST ou
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
368
369
370
371
372
373
374
375
     MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
     x121Address $ registeredAddress $ destinationIndicator $
     preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
     telephoneNumber $ internationaliSDNNumber $
     facsimileTelephoneNumber $
     street $ postOfficeBox $ postalCode $ postalAddress $
     physicalDeliveryOfficeName $ st $ l $ description ) )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
376
377
objectclass ( 2.5.6.6 NAME 'person' SUP top STRUCTURAL
     MUST ( sn $ cn )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
378
379
380
381
382
383
384
385
386
387
388
389
390
     MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) )

objectclass ( 2.5.6.7 NAME 'organizationalPerson' SUP person STRUCTURAL
     MAY ( title $ x121Address $ registeredAddress $
     destinationIndicator $
     preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
     telephoneNumber $ internationaliSDNNumber $
     facsimileTelephoneNumber $
     street $ postOfficeBox $ postalCode $ postalAddress $
     physicalDeliveryOfficeName $ ou $ st $ l ) )

# Notice that preferredDeliveryMethod is duplicate

Kurt Zeilenga's avatar
Kurt Zeilenga committed
391
392
objectclass ( 2.5.6.8 NAME 'organizationalRole' SUP top STRUCTURAL
     MUST cn
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
393
394
395
396
397
398
399
400
     MAY ( x121Address $ registeredAddress $ destinationIndicator $
     preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
     telephoneNumber $ internationaliSDNNumber $
     facsimileTelephoneNumber $
     seeAlso $ roleOccupant $ preferredDeliveryMethod $ street $
     postOfficeBox $ postalCode $ postalAddress $
     physicalDeliveryOfficeName $ ou $ st $ l $ description ) )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
401
402
objectclass ( 2.5.6.9 NAME 'groupOfNames' SUP top STRUCTURAL
     MUST ( member $ cn )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
403
404
405
     MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) )

# Notice that preferredDeliveryMethod is duplicate
406
# It seems they could not agree on whether telephoneNumber is MAY
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
407
408
409
# in person.  Probably it wasn't originally at was added as an
# afterthought

Kurt Zeilenga's avatar
Kurt Zeilenga committed
410
411
objectclass ( 2.5.6.10 NAME 'residentialPerson' SUP person STRUCTURAL
     MUST l
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
412
413
414
415
416
417
418
419
     MAY ( businessCategory $ x121Address $ registeredAddress $
     destinationIndicator $ preferredDeliveryMethod $ telexNumber $
     teletexTerminalIdentifier $ telephoneNumber $
     internationaliSDNNumber $
     facsimileTelephoneNumber $ preferredDeliveryMethod $ street $
     postOfficeBox $ postalCode $ postalAddress $
     physicalDeliveryOfficeName $ st $ l ) )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
420
421
objectclass ( 2.5.6.11 NAME 'applicationProcess' SUP top STRUCTURAL
     MUST cn
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
422
423
424
425
426
427
428
429
430
431
432
433
434
435
     MAY ( seeAlso $ ou $ l $ description ) )

objectclass ( 2.5.6.12 NAME 'applicationEntity' SUP top STRUCTURAL
     MUST ( presentationAddress $ cn )
     MAY ( supportedApplicationContext $ seeAlso $ ou $ o $ l $
     description ) )

# This one was wrong in our schema, it only allowed the aditional
# knowledgeInformation attribute, while it is derived from
# applicationEntity and should allow all its attributes as well.

objectclass ( 2.5.6.13 NAME 'dSA' SUP applicationEntity STRUCTURAL
     MAY knowledgeInformation )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
436
437
objectclass ( 2.5.6.14 NAME 'device' SUP top STRUCTURAL
     MUST cn
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
     MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l $ description ) )

objectclass ( 2.5.6.15 NAME 'strongAuthenticationUser' SUP top AUXILIARY
     MUST userCertificate )

objectclass ( 2.5.6.16 NAME 'certificationAuthority' SUP top AUXILIARY
     MUST ( authorityRevocationList $ certificateRevocationList $
     cACertificate ) MAY crossCertificatePair )

# New

objectclass ( 2.5.6.17 NAME 'groupOfUniqueNames' SUP top STRUCTURAL
     MUST ( uniqueMember $ cn )
     MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) )

# New

objectclass ( 2.5.6.18 NAME 'userSecurityInformation' SUP top AUXILIARY
     MAY ( supportedAlgorithms ) )

# New

objectclass ( 2.5.6.16.2 NAME 'certificationAuthority-V2' SUP
     certificationAuthority
     AUXILIARY MAY ( deltaRevocationList ) )

# New

objectclass ( 2.5.6.19 NAME 'cRLDistributionPoint' SUP top STRUCTURAL
Kurt Zeilenga's avatar
Kurt Zeilenga committed
467
468
     MUST ( cn )
     MAY ( certificateRevocationList $ authorityRevocationList $
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
469
470
471
472
     deltaRevocationList ) )

# New

Kurt Zeilenga's avatar
Kurt Zeilenga committed
473
474
objectclass ( 2.5.6.20 NAME 'dmd' SUP top STRUCTURAL
     MUST ( dmdName )
Julio Sánchez Fernández's avatar
 
Julio Sánchez Fernández committed
475
476
477
478
479
480
481
482
     MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
     x121Address $ registeredAddress $ destinationIndicator $
     preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
     telephoneNumber $ internationaliSDNNumber $
     facsimileTelephoneNumber $
     street $ postOfficeBox $ postalCode $ postalAddress $
     physicalDeliveryOfficeName $ st $ l $ description ) )

Julio Sánchez Fernández's avatar
   
Julio Sánchez Fernández committed
483
484
485
# Next objectclass is defined in RFC2252, but has to be put after top

objectclass ( 1.3.6.1.4.1.1466.101.120.111 NAME 'extensibleObject'
486
487
	DESC 'RFC2252 extensible object'
	SUP top AUXILIARY )
488

489
490
491
#
# Standard Track URI label schema from RFC2079
#
Kurt Zeilenga's avatar
Kurt Zeilenga committed
492
attributetype ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI'
493
	DESC 'Uniform Resource Identifier with optional label'
Kurt Zeilenga's avatar
Kurt Zeilenga committed
494
495
	EQUALITY caseExactIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
496
497
498

objectclass ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject'
	DESC 'object that contains the URI attribute type'
Kurt Zeilenga's avatar
Kurt Zeilenga committed
499
500
	MAY ( labeledURI )
	SUP top AUXILIARY )
501

502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
#
# Standard Track Dynamic Directory Services from RFC2589
#
objectclass ( 1.3.6.1.4.1.1466.101.119.2 NAME 'dynamicObject'
	DESC 'RFC2589 Dynamic Object'
	SUP top AUXILIARY )

attributetype ( 1.3.6.1.4.1.1466.101.119.3 NAME 'entryTtl'
	DESC 'RFC2589 entry time-to-live'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE
	NO-USER-MODIFICATION USAGE dSAOperation )

attributetype ( 1.3.6.1.4.1.1466.101.119.4 NAME 'dynamicSubtrees'
	DESC 'RFC2589 dynamic subtrees'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 NO-USER-MODIFICATION
	USAGE dSAOperation )

Kurt Zeilenga's avatar
Kurt Zeilenga committed
519
# Derived from RFC1274, but with new "short names"
520
521
attributetype ( 0.9.2342.19200300.100.1.1
	NAME ( 'uid' 'userid' )
522
	DESC 'RFC1274 user identifier'
Kurt Zeilenga's avatar
Kurt Zeilenga committed
523
524
	EQUALITY caseIgnoreMatch
	SUBSTR caseIgnoreSubstringsMatch
525
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
526

Kurt Zeilenga's avatar
Kurt Zeilenga committed
527
attributetype ( 0.9.2342.19200300.100.1.3 NAME ( 'mail' 'rfc822Mailbox' )
528
529
530
531
532
533
534
535
536
537
	DESC 'rfc822 mail box'
    EQUALITY caseIgnoreIA5Match
    SUBSTR caseIgnoreIA5SubstringsMatch
    SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject'
	SUP top AUXILIARY
	MUST userPassword )


538
539
540
541
# RFC1274 + RFC2247
attributetype ( 0.9.2342.19200300.100.1.25
	NAME ( 'dc' 'domainComponent' )
	DESC 'RFC1274/2247 domain component'
542
543
544
545
	EQUALITY caseIgnoreIA5Match
	SUBSTR caseIgnoreIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

546
# RFC2247
547
548
549
objectclass ( 1.3.6.1.4.1.1466.344 NAME 'dcObject'
	SUP top AUXILIARY MUST dc )

550

551
# From RFC2377
552
objectclass ( 1.3.6.1.1.3.1 NAME 'uidObject'
553
	DESC 'RFC2377 uid object'
554
	SUP top AUXILIARY MUST uid )
555

556
557
558
559
#
# From draft-ietf-ldapext-nameref-00.txt
#	used to represent referrals in the directory
#
560
561
attributetype ( 2.16.840.1.113730.3.1.34 NAME 'ref'
	DESC 'nameref URL Reference'
562
	EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
563
564
565
	USAGE distributedOperation )

objectclass ( 2.16.840.1.113730.3.2.6 NAME 'referral'
Kurt Zeilenga's avatar
Kurt Zeilenga committed
566
	DESC 'Named referral object'
567
	SUP top STRUCTURAL MAY ref )
568
569
570

#
# LDAPsubEntry
571
572
#	likely to change!
objectclass ( 2.16.840.1.113719.2.142.6.1.1 NAME 'LDAPsubEntry'
Kurt Zeilenga's avatar
Kurt Zeilenga committed
573
	DESC 'LDAP Subentry'
574
	SUP top STRUCTURAL MAY cn )
575
576

#
577
# OpenLDAProotDSE
Kurt Zeilenga's avatar
Kurt Zeilenga committed
578
579
580
581
#	likely to change!
objectclass ( 1.3.6.1.4.1.4203.666.3.2
	NAME ( 'OpenLDAProotDSE' 'LDAProotDSE' )
	DESC 'OpenLDAP Root DSE object'
582
	SUP top STRUCTURAL MAY cn )
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599

#
# IETF LDAPext WG Access Control Model
#	likely to change!
attributetype ( supportedACIMechanismsOID NAME 'supportedACIMechanisms'
     DESC 'list of access control mechanisms supported by this directory server'
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.38  USAGE dSAOperation )

attributetype ( aCIMechanismOID NAME 'aCIMechanism'
     DESC 'list of access control mechanism supported in this subtree'
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.38  USAGE dSAOperation )

attributetype ( ldapACIOID NAME 'ldapACI'
	DESC 'LDAP access control information'
	EQUALITY caseIgnoreMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
	USAGE directoryOperation )