Redbrick User management tool
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

137 lines
3.9 KiB

  1. #
  2. # Redbrick Account LDAP Schema
  3. #
  4. # Dermot Duffy - 2003/May/4
  5. #
  6. # $Id$
  7. #
  8. # Drop in replacement for the account parts of nis.schema
  9. # Contains ordering, renumbering and substr access which
  10. # nis.schema does not.
  11. #
  12. # Depends upon common.schema
  13. #
  14. # OID Base is 1.3.6.1.4.1.9736.15.1.2 (See README for more)
  15. #
  16. # Attribute Type Definitions
  17. #attributetype ( 1.3.6.1.4.1.9736.15.1.2.1.1 NAME 'uidNumber'
  18. # DESC 'An integer uniquely identifying a user'
  19. # EQUALITY integerMatch
  20. # SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
  21. # SINGLE-VALUE )
  22. #attributetype ( 1.3.6.1.4.1.9736.15.1.2.1.2 NAME 'gidNumber'
  23. # DESC 'An integer uniquely identifying a group'
  24. # EQUALITY integerMatch
  25. # SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
  26. # SINGLE-VALUE )
  27. attributetype ( 1.3.6.1.4.1.9736.15.1.2.1.3 NAME 'gecos'
  28. DESC 'The GECOS field'
  29. EQUALITY caseIgnoreMatch
  30. SUBSTR caseIgnoreSubstringsMatch
  31. SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
  32. SINGLE-VALUE )
  33. attributetype ( 1.3.6.1.4.1.9736.15.1.2.1.4 NAME 'homeDirectory'
  34. DESC 'The home directory'
  35. EQUALITY caseExactIA5Match
  36. SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
  37. SINGLE-VALUE )
  38. attributetype ( 1.3.6.1.4.1.9736.15.1.2.1.5 NAME 'loginShell'
  39. DESC 'The login shell'
  40. EQUALITY caseExactIA5Match
  41. SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
  42. SINGLE-VALUE )
  43. attributetype ( 1.3.6.1.4.1.9736.15.1.2.1.6 NAME 'shadowLastChange'
  44. EQUALITY integerMatch
  45. SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
  46. SINGLE-VALUE )
  47. attributetype ( 1.3.6.1.4.1.9736.15.1.2.1.7 NAME 'shadowMin'
  48. EQUALITY integerMatch
  49. SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
  50. SINGLE-VALUE )
  51. attributetype ( 1.3.6.1.4.1.9736.15.1.2.1.8 NAME 'shadowMax'
  52. EQUALITY integerMatch
  53. SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
  54. SINGLE-VALUE )
  55. attributetype ( 1.3.6.1.4.1.9736.15.1.2.1.9 NAME 'shadowWarning'
  56. EQUALITY integerMatch
  57. SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
  58. SINGLE-VALUE )
  59. attributetype ( 1.3.6.1.4.1.9736.15.1.2.1.10 NAME 'shadowInactive'
  60. EQUALITY integerMatch
  61. SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
  62. SINGLE-VALUE )
  63. attributetype ( 1.3.6.1.4.1.9736.15.1.2.1.11 NAME 'shadowExpire'
  64. EQUALITY integerMatch
  65. SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
  66. SINGLE-VALUE )
  67. attributetype ( 1.3.6.1.4.1.9736.15.1.2.1.12 NAME 'shadowFlag'
  68. EQUALITY integerMatch
  69. SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
  70. SINGLE-VALUE )
  71. attributetype ( 1.3.6.1.4.1.9736.15.1.2.1.13 NAME 'memberUid'
  72. EQUALITY caseExactIA5Match
  73. SUBSTR caseExactIA5SubstringsMatch
  74. SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
  75. attributetype ( 1.3.6.1.4.1.9736.15.1.2.1.14 NAME 'flag'
  76. DESC 'A generic flags associated with this user'
  77. EQUALITY caseIgnoreIA5Match
  78. SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
  79. attributetype ( 1.3.6.1.4.1.9736.15.1.2.1.15 NAME 'quota'
  80. DESC 'Quota information'
  81. EQUALITY caseIgnoreIA5Match
  82. SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
  83. attributetype ( 1.3.6.1.4.1.9736.15.1.2.1.16 NAME 'sambaPassword'
  84. DESC 'The samba password of user'
  85. EQUALITY octetStringMatch
  86. SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128}
  87. SINGLE-VALUE )
  88. # Object Class Definitions
  89. objectclass ( 1.3.6.1.4.1.9736.15.1.2.2.1 NAME 'posixAccount'
  90. SUP top
  91. STRUCTURAL
  92. DESC 'An account with standard POSIX attributes'
  93. MUST ( uid $ uidNumber $ gidNumber $ homeDirectory $ userPassword $ loginShell )
  94. MAY ( cn $ gecos $ description $ flag $ quota $ sambaPassword ) )
  95. objectclass ( 1.3.6.1.4.1.9736.15.1.2.2.2 NAME 'shadowAccount'
  96. SUP top
  97. AUXILIARY
  98. DESC 'Standard shadow parameters'
  99. MUST uid
  100. MAY ( userPassword $ shadowLastChange $ shadowMin $
  101. shadowMax $ shadowWarning $ shadowInactive $
  102. shadowExpire $ shadowFlag $ description $ sambaPassword ) )
  103. objectclass ( 1.3.6.1.4.1.9736.15.1.2.2.3 NAME 'posixGroup'
  104. SUP top
  105. STRUCTURAL
  106. DESC 'A unix group'
  107. MUST ( cn $ gidNumber )
  108. MAY ( userPassword $ memberUid $ description ) )
  109. objectclass ( 1.3.6.1.4.1.9736.15.1.2.2.4 NAME 'dcuAccount'
  110. SUP top
  111. STRUCTURAL
  112. DESC 'A DCU account'
  113. MUST ( cn )
  114. MAY ( gecos $ mail $ givenName $ sn $ l ) )