From 1d4ea12f2b9c6aacc392afc9a06ff771fa59b5db Mon Sep 17 00:00:00 2001 From: Alexandre Iooss Date: Tue, 18 Sep 2018 10:26:13 +0200 Subject: [PATCH] Cleanup of LDAP installer This commit rewrites LDAP installer with the following changes : - LDIF file now ends with the correct extension ".ldif", - Rather than dumping an old LDAP schema, now only samba and freeradius schema are added. This improves future proofness with freeradius schema evolving, - LDIF files now have licence header according to where it was taken, - install_re2o.sh no longer dump the new database with slapadd but uses generic LDAP commands to populate the new database, - install_re2o.sh no longer restart slapd service and installs all needed dependencies. Compared to the old method, nothing should be different after the install (other than creation date and uuid). Needed for further development with openldap in a Docker container. --- install_re2o.sh | 53 +- install_utils/db.ldiff | 183 ---- install_utils/ldap/db.ldif | 94 ++ install_utils/ldap/schema_radius.ldif | 75 ++ install_utils/ldap/schema_samba.ldif | 226 +++++ install_utils/schema.ldiff | 1183 ------------------------- 6 files changed, 416 insertions(+), 1398 deletions(-) delete mode 100644 install_utils/db.ldiff create mode 100644 install_utils/ldap/db.ldif create mode 100644 install_utils/ldap/schema_radius.ldif create mode 100644 install_utils/ldap/schema_samba.ldif delete mode 100644 install_utils/schema.ldiff diff --git a/install_re2o.sh b/install_re2o.sh index 6168ec08..3a909fe3 100755 --- a/install_re2o.sh +++ b/install_re2o.sh @@ -6,8 +6,9 @@ SETTINGS_EXAMPLE_FILE='re2o/settings_local.example.py' APT_REQ_FILE="apt_requirements.txt" PIP_REQ_FILE="pip_requirements.txt" -LDIF_DB_FILE="install_utils/db.ldiff" -LDIF_SCHEMA_FILE="install_utils/schema.ldiff" +LDIF_DB_FILE="install_utils/ldap/db.ldif" +LDIF_SCHEMA_RADIUS_FILE="install_utils/ldap/schema_radius.ldif" +LDIF_SCHEMA_SAMBA_FILE="install_utils/ldap/schema_samba.ldif" VALUE= # global value used to return values by some functions @@ -155,7 +156,7 @@ install_database() { install_ldap() { - ### Usage: install_ldap + ### Usage: install_ldap # # This function will install the LDAP # @@ -172,44 +173,32 @@ install_ldap() { local_setup="$1" password="$2" domain="$3" + extension_locale="$4" if [ "$local_setup" == 1 ]; then - echo "Installing slapd package ..." - apt-get -y install slapd - echo "Installing slapd package: Done" + echo "Preconfiguring slapd package ..." + echo slapd slapd/domain string $extension_locale | debconf-set-selections -v + echo slapd slapd/password1 password $password | debconf-set-selections -v + echo slapd slapd/password2 password $password | debconf-set-selections -v + echo "Preconfiguring slapd package: Done" - echo "Hashing the LDAP password ..." - hashed_ldap_passwd="$(slappasswd -s $password)" - echo "Hash of the password: $hashed_ldap_passwd" + echo "Installing openldap packages ..." + DEBIAN_FRONTEND=noninteractive apt-get -y install slapd ldap-utils + echo "Installing openldap packages: Done" echo "Building the LDAP config files ..." sed 's|dc=example,dc=net|'"$domain"'|g' $LDIF_DB_FILE | sed 's|FILL_IT|'"$hashed_ldap_passwd"'|g' > /tmp/db - sed 's|dc=example,dc=net|'"$domain"'|g' $LDIF_SCHEMA_FILE | sed 's|FILL_IT|'"$hashed_ldap_passwd"'|g' > /tmp/schema echo "Building the LDAP config files: Done" - echo "Stopping slapd service ..." - service slapd stop - echo "Stopping slapd service: Done" + echo "Adding freeradius and samba schema to LDAP ..." + ldapadd -Y EXTERNAL -H ldapi:/// -f "$LDIF_SCHEMA_RADIUS_FILE" + ldapadd -Y EXTERNAL -H ldapi:/// -f "$LDIF_SCHEMA_SAMBA_FILE" + echo "Adding freeradius and samba schema to LDAP: Done" - echo "Deleting exisitng LDAP configuration ..." - rm -rf /etc/ldap/slapd.d/* - rm -rf /var/lib/ldap/* - echo "Deleting existing LDAP configuration: Done" - - echo "Setting up the new LDAP configuration ..." - slapadd -n 0 -l /tmp/schema -F /etc/ldap/slapd.d/ - slapadd -n 1 -l /tmp/db - echo "Setting up the new LDAP configuration: Done" - - echo "Fixing the LDAP files permissions ..." - chown -R openldap:openldap /etc/ldap/slapd.d - chown -R openldap:openldap /var/lib/ldap - echo "Fixing the LDAP files permissions: Done" - - echo "Starting slapd service ..." - service slapd start - echo "Starting slapd service: Done" + echo "Creating re2o LDAP database ..." + ldapadd -H ldap:// -x -D "cn=admin,$domain" -w "$password" -f "/tmp/db" + echo "Creating re2o LDAP database: Done" else @@ -665,7 +654,7 @@ interactive_guide() { install_database "$sql_bdd_type" "$sql_is_local" "$sql_name" "$sql_login" "$sql_password" - install_ldap "$ldap_is_local" "$ldap_password" "$ldap_dn" + install_ldap "$ldap_is_local" "$ldap_password" "$ldap_dn" "$extension_locale" write_settings_file "$sql_bdd_type" "$sql_host" "$sql_name" "$sql_login" "$sql_password" \ diff --git a/install_utils/db.ldiff b/install_utils/db.ldiff deleted file mode 100644 index ed265811..00000000 --- a/install_utils/db.ldiff +++ /dev/null @@ -1,183 +0,0 @@ -dn: dc=example,dc=net -o: rezo -structuralObjectClass: organization -entryUUID: fc97a0fe-514b-1034-9e4d-59675b32507b -creatorsName: cn=admin,dc=example,dc=net -createTimestamp: 20150225150906Z -description: ldap -objectClass: top -objectClass: dcObject -objectClass: organization -entryCSN: 20151003212702.245118Z#000000#000#000000 -modifiersName: cn=admin,dc=example,dc=net -modifyTimestamp: 20151003212702Z -contextCSN: 20161004233332.689769Z#000000#000#000000 - -dn: cn=admin,dc=example,dc=net -objectClass: simpleSecurityObject -objectClass: organizationalRole -cn: admin -structuralObjectClass: organizationalRole -entryUUID: fc97fa72-514b-1034-9e4e-59675b32507b -creatorsName: cn=admin,dc=example,dc=net -createTimestamp: 20150225150906Z -description:: TERBUCBhZG1pbmlzdHJhdG9yDQo= -userPassword: FILL_IT -entryCSN: 20160604005945.576566Z#000000#000#000000 -modifiersName: cn=admin,dc=example,dc=net -modifyTimestamp: 20160604005945Z - -dn: cn=Utilisateurs,dc=example,dc=net -gidNumber: 500 -cn: Utilisateurs -structuralObjectClass: posixGroup -entryUUID: 5d53854e-5204-1034-8c61-8da535cabdfc -creatorsName: cn=admin,dc=example,dc=net -createTimestamp: 20150226130856Z -sambaSID: 500 -uid: Users -objectClass: posixGroup -objectClass: top -objectClass: sambaSamAccount -objectClass: radiusprofile -entryCSN: 20150226130950.194154Z#000000#000#000000 -modifiersName: cn=admin,dc=example,dc=net -modifyTimestamp: 20150226130950Z - -dn: ou=groups,dc=example,dc=net -objectClass: organizationalUnit -description: Groupes d'utilisateurs -ou: groups -structuralObjectClass: organizationalUnit -entryUUID: 986aa1b6-bb86-1035-9a4c-2ff0c800ec24 -creatorsName: cn=admin,dc=example,dc=net -createTimestamp: 20160531142039Z -entryCSN: 20160531142039.780151Z#000000#000#000000 -modifiersName: cn=admin,dc=example,dc=net -modifyTimestamp: 20160531142039Z - -dn: ou=services,ou=groups,dc=example,dc=net -objectClass: organizationalUnit -description: Groupes de comptes techniques -ou: services -structuralObjectClass: organizationalUnit -entryUUID: cbb56904-bc6a-1035-9fbb-3dc3850d88ba -creatorsName: cn=admin,dc=example,dc=net -createTimestamp: 20160601173411Z -entryCSN: 20160601173411.088359Z#000000#000#000000 -modifiersName: cn=admin,dc=example,dc=net -modifyTimestamp: 20160601173411Z - -dn: ou=service-users,dc=example,dc=net -objectClass: organizationalUnit -description: Utilisateurs techniques de l'annuaire -ou: service-users -structuralObjectClass: organizationalUnit -entryUUID: 0e397270-bc6b-1035-9fbd-3dc3850d88ba -creatorsName: cn=admin,dc=example,dc=net -createTimestamp: 20160601173602Z -entryCSN: 20160601173602.683304Z#000000#000#000000 -modifiersName: cn=admin,dc=example,dc=net -modifyTimestamp: 20160601173602Z - -dn: cn=freeradius,ou=service-users,dc=example,dc=net -objectClass: applicationProcess -objectClass: simpleSecurityObject -cn: freeradius -userPassword: FILL_IT -structuralObjectClass: applicationProcess -entryUUID: 8596e4ec-bc6b-1035-9fbf-3dc3850d88ba -creatorsName: cn=admin,dc=example,dc=net -createTimestamp: 20160601173922Z -entryCSN: 20160601173922.944598Z#000000#000#000000 -modifiersName: cn=admin,dc=example,dc=net -modifyTimestamp: 20160601173922Z - -dn: cn=nssauth,ou=service-users,dc=example,dc=net -objectClass: applicationProcess -objectClass: simpleSecurityObject -cn: nssauth -structuralObjectClass: applicationProcess -entryUUID: cfbdadc6-bc6b-1035-9fc4-3dc3850d88ba -creatorsName: cn=admin,dc=example,dc=net -createTimestamp: 20160601174127Z -userPassword: FILL_IT -entryCSN: 20160603093724.770069Z#000000#000#000000 -modifiersName: cn=admin,dc=example,dc=net -modifyTimestamp: 20160603093724Z - -dn: cn=auth,ou=services,ou=groups,dc=example,dc=net -objectClass: groupOfNames -cn: auth -member: cn=nssauth,ou=service-users,dc=example,dc=net -structuralObjectClass: groupOfNames -entryUUID: 98524836-bc6d-1035-9fc7-3dc3850d88ba -creatorsName: cn=admin,dc=example,dc=net -createTimestamp: 20160601175413Z -entryCSN: 20160620005705.309928Z#000000#000#000000 -modifiersName: cn=admin,dc=example,dc=net -modifyTimestamp: 20160620005705Z - -dn: ou=posix,ou=groups,dc=example,dc=net -objectClass: organizationalUnit -description: Groupes de comptes POSIX -ou: posix -structuralObjectClass: organizationalUnit -entryUUID: fbd89c4a-bdb5-1035-9045-d5a09894d93e -creatorsName: cn=admin,dc=example,dc=net -createTimestamp: 20160603090455Z -entryCSN: 20160603090455.267192Z#000000#000#000000 -modifiersName: cn=admin,dc=example,dc=net -modifyTimestamp: 20160603090455Z - -dn: cn=wifi,ou=service-users,dc=example,dc=net -objectClass: applicationProcess -objectClass: simpleSecurityObject -cn: wifi -structuralObjectClass: applicationProcess -entryUUID: 8cc2d1a6-bdc2-1035-9051-d5a09894d93e -creatorsName: cn=admin,dc=example,dc=net -createTimestamp: 20160603103452Z -userPassword: FILL_IT -entryCSN: 20160603103638.682210Z#000000#000#000000 -modifiersName: cn=admin,dc=example,dc=net -modifyTimestamp: 20160603103638Z - -dn: cn=usermgmt,ou=services,ou=groups,dc=example,dc=net -objectClass: groupOfNames -cn: usermgmt -structuralObjectClass: groupOfNames -entryUUID: ec01e206-bdc2-1035-9054-d5a09894d93e -creatorsName: cn=admin,dc=example,dc=net -createTimestamp: 20160603103732Z -member: cn=wifi,ou=service-users,dc=example,dc=net -entryCSN: 20160603103746.897151Z#000000#000#000000 -modifiersName: cn=admin,dc=example,dc=net -modifyTimestamp: 20160603103746Z - -dn: cn=replica,ou=service-users,dc=example,dc=net -objectClass: applicationProcess -objectClass: simpleSecurityObject -cn: replica -structuralObjectClass: applicationProcess -entryUUID: caef5c54-c0e4-1035-948f-dfe369fe3d4f -creatorsName: cn=admin,dc=example,dc=net -createTimestamp: 20160607101733Z -userPassword: FILL_IT -entryCSN: 20160607101829.424643Z#000000#000#000000 -modifiersName: cn=admin,dc=example,dc=net -modifyTimestamp: 20160607101829Z - -dn: cn=readonly,ou=services,ou=groups,dc=example,dc=net -objectClass: groupOfNames -cn: readonly -structuralObjectClass: groupOfNames -entryUUID: f6bd2366-c0e4-1035-9492-dfe369fe3d4f -creatorsName: cn=admin,dc=example,dc=net -createTimestamp: 20160607101846Z -member: cn=replica,ou=service-users,dc=example,dc=net -member: cn=freeradius,ou=service-users,dc=example,dc=net -entryCSN: 20160619214628.287369Z#000000#000#000000 -modifiersName: cn=admin,dc=example,dc=net -modifyTimestamp: 20160619214628Z - diff --git a/install_utils/ldap/db.ldif b/install_utils/ldap/db.ldif new file mode 100644 index 00000000..42bcbf4d --- /dev/null +++ b/install_utils/ldap/db.ldif @@ -0,0 +1,94 @@ +# coding:utf-8 +# Re2o est un logiciel d'administration développé initiallement au rezometz. Il +# se veut agnostique au réseau considéré, de manière à être installable en +# quelques clics. +# +# Copyright © 2017 Gabriel Détraz +# Copyright © 2018 Maël Kervella +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +# Pré-remplissage + +dn: cn=Utilisateurs,dc=example,dc=net +gidNumber: 500 +cn: Utilisateurs +sambaSID: 500 +uid: Users +objectClass: posixGroup +objectClass: top +objectClass: sambaSamAccount +objectClass: radiusprofile + +dn: ou=groups,dc=example,dc=net +objectClass: organizationalUnit +description: Groupes d'utilisateurs +ou: groups + +dn: ou=posix,ou=groups,dc=example,dc=net +objectClass: organizationalUnit +description: Groupes de comptes POSIX +ou: posix + +dn: ou=services,ou=groups,dc=example,dc=net +objectClass: organizationalUnit +description: Groupes de comptes techniques +ou: services + +dn: cn=auth,ou=services,ou=groups,dc=example,dc=net +objectClass: groupOfNames +cn: auth +member: cn=nssauth,ou=service-users + +dn: cn=usermgmt,ou=services,ou=groups,dc=example,dc=net +objectClass: groupOfNames +cn: usermgmt +member: cn=wifi,ou=service-users + +dn: cn=readonly,ou=services,ou=groups,dc=example,dc=net +objectClass: groupOfNames +cn: readonly +member: cn=replica,ou=service-users +member: cn=freeradius,ou=service-users + +dn: ou=service-users,dc=example,dc=net +objectClass: organizationalUnit +description: Utilisateurs techniques de l'annuaire +ou: service-users + +dn: cn=freeradius,ou=service-users,dc=example,dc=net +objectClass: applicationProcess +objectClass: simpleSecurityObject +cn: freeradius +userPassword: FILL_IT + +dn: cn=nssauth,ou=service-users,dc=example,dc=net +objectClass: applicationProcess +objectClass: simpleSecurityObject +cn: nssauth +userPassword: FILL_IT + +dn: cn=wifi,ou=service-users,dc=example,dc=net +objectClass: applicationProcess +objectClass: simpleSecurityObject +cn: wifi +userPassword: FILL_IT + +dn: cn=replica,ou=service-users,dc=example,dc=net +objectClass: applicationProcess +objectClass: simpleSecurityObject +cn: replica +userPassword: FILL_IT + diff --git a/install_utils/ldap/schema_radius.ldif b/install_utils/ldap/schema_radius.ldif new file mode 100644 index 00000000..76ac1f93 --- /dev/null +++ b/install_utils/ldap/schema_radius.ldif @@ -0,0 +1,75 @@ +# From : https://github.com/redBorder/freeradius/blob/master/doc/schemas/ldap/openldap.ldif + +dn: cn=radius,cn=schema,cn=config +objectClass: olcSchemaConfig +cn: radius +olcAttributeTypes: {0}( 1.3.6.1.4.1.3317.4.3.1.1 NAME 'radiusArapFeatures' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {1}( 1.3.6.1.4.1.3317.4.3.1.2 NAME 'radiusArapSecurity' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {2}( 1.3.6.1.4.1.3317.4.3.1.3 NAME 'radiusArapZoneAccess' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {3}( 1.3.6.1.4.1.3317.4.3.1.44 NAME 'radiusAuthType' DESC 'controlItem: Auth-Type' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {4}( 1.3.6.1.4.1.3317.4.3.1.4 NAME 'radiusCallbackId' DESC 'replyItem: Callback-Id' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {5}( 1.3.6.1.4.1.3317.4.3.1.5 NAME 'radiusCallbackNumber' DESC 'replyItem: Callback-Number' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {6}( 1.3.6.1.4.1.3317.4.3.1.6 NAME 'radiusCalledStationId' DESC 'controlItem: Called-Station-Id' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {7}( 1.3.6.1.4.1.3317.4.3.1.7 NAME 'radiusCallingStationId' DESC 'controlItem: Calling-Station-Id' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {8}( 1.3.6.1.4.1.3317.4.3.1.8 NAME 'radiusClass' DESC 'replyItem: Class' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {9}( 1.3.6.1.4.1.3317.4.3.1.45 NAME 'radiusClientIPAddress' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {10}( 1.3.6.1.4.1.3317.4.3.1.9 NAME 'radiusFilterId' DESC 'replyItem: Filter-Id' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {11}( 1.3.6.1.4.1.3317.4.3.1.10 NAME 'radiusFramedAppleTalkLink' DESC 'replyItem: Framed-AppleTalk-Link' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {12}( 1.3.6.1.4.1.3317.4.3.1.11 NAME 'radiusFramedAppleTalkNetwork' DESC 'replyItem: Framed-AppleTalk-Network' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {13}( 1.3.6.1.4.1.3317.4.3.1.12 NAME 'radiusFramedAppleTalkZone' DESC 'replyItem: Framed-AppleTalk-Zone' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {14}( 1.3.6.1.4.1.3317.4.3.1.13 NAME 'radiusFramedCompression' DESC 'replyItem: Framed-Compression' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {15}( 1.3.6.1.4.1.3317.4.3.1.14 NAME 'radiusFramedIPAddress' DESC 'replyItem: Framed-IP-Address' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {16}( 1.3.6.1.4.1.3317.4.3.1.15 NAME 'radiusFramedIPNetmask' DESC 'replyItem: Framed-IP-Netmask' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {17}( 1.3.6.1.4.1.3317.4.3.1.16 NAME 'radiusFramedIPXNetwork' DESC 'replyItem: Framed-IPX-Network' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {18}( 1.3.6.1.4.1.3317.4.3.1.17 NAME 'radiusFramedMTU' DESC' replyItem: Framed-MTU' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {19}( 1.3.6.1.4.1.3317.4.3.1.18 NAME 'radiusFramedProtocol'DESC 'replyItem: Framed-Protocol' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {20}( 1.3.6.1.4.1.3317.4.3.1.19 NAME 'radiusFramedRoute' DESC 'replyItem: Framed-Route' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {21}( 1.3.6.1.4.1.3317.4.3.1.20 NAME 'radiusFramedRouting' DESC 'replyItem: Framed-Routing' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {22}( 1.3.6.1.4.1.3317.4.3.1.46 NAME 'radiusGroupName' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {23}( 1.3.6.1.4.1.3317.4.3.1.47 NAME 'radiusHint' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {24}( 1.3.6.1.4.1.3317.4.3.1.48 NAME 'radiusHuntgroupName' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {25}( 1.3.6.1.4.1.3317.4.3.1.21 NAME 'radiusIdleTimeout' DESC 'replyItem: Idle-Timeout' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {26}( 1.3.6.1.4.1.3317.4.3.1.22 NAME 'radiusLoginIPHost' DESC 'replyItem: Login-IP-Host' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {27}( 1.3.6.1.4.1.3317.4.3.1.23 NAME 'radiusLoginLATGroup' DESC 'replyItem: Login-LAT-Group' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {28}( 1.3.6.1.4.1.3317.4.3.1.24 NAME 'radiusLoginLATNode' DESC 'replyItem: Login-LAT-Node' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {29}( 1.3.6.1.4.1.3317.4.3.1.25 NAME 'radiusLoginLATPort' DESC 'replyItem: Login-LAT-Port' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {30}( 1.3.6.1.4.1.3317.4.3.1.26 NAME 'radiusLoginLATService' DESC 'replyItem: Login-LAT-Service' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {31}( 1.3.6.1.4.1.3317.4.3.1.27 NAME 'radiusLoginService' DESC 'replyItem: Login-Service' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {32}( 1.3.6.1.4.1.3317.4.3.1.28 NAME 'radiusLoginTCPPort' DESC 'replyItem: Login-TCP-Port' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {33}( 1.3.6.1.4.1.3317.4.3.1.29 NAME 'radiusPasswordRetry' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {34}( 1.3.6.1.4.1.3317.4.3.1.30 NAME 'radiusPortLimit' DESC 'replyItem: Port-Limit' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {35}( 1.3.6.1.4.1.3317.4.3.1.49 NAME 'radiusProfileDn' DESC '' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) +olcAttributeTypes: {36}( 1.3.6.1.4.1.3317.4.3.1.31 NAME 'radiusPrompt' DESC ''EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {37}( 1.3.6.1.4.1.3317.4.3.1.50 NAME 'radiusProxyToRealm' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {38}( 1.3.6.1.4.1.3317.4.3.1.51 NAME 'radiusReplicateToRealm' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {39}( 1.3.6.1.4.1.3317.4.3.1.52 NAME 'radiusRealm' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE) +olcAttributeTypes: {40}( 1.3.6.1.4.1.3317.4.3.1.32 NAME 'radiusServiceType' DESC 'replyItem: Service-Type' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {41}( 1.3.6.1.4.1.3317.4.3.1.33 NAME 'radiusSessionTimeout'DESC 'replyItem: Session-Timeout' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {42}( 1.3.6.1.4.1.3317.4.3.1.34 NAME 'radiusTerminationAction' DESC 'replyItem: Termination-Action' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {43}( 1.3.6.1.4.1.3317.4.3.1.35 NAME 'radiusTunnelAssignmentId' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26) +olcAttributeTypes: {44}( 1.3.6.1.4.1.3317.4.3.1.36 NAME 'radiusTunnelMediumType' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {45}( 1.3.6.1.4.1.3317.4.3.1.37 NAME 'radiusTunnelPassword' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {46}( 1.3.6.1.4.1.3317.4.3.1.38 NAME 'radiusTunnelPreference' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {47}( 1.3.6.1.4.1.3317.4.3.1.39 NAME 'radiusTunnelPrivateGroupId' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {48}( 1.3.6.1.4.1.3317.4.3.1.40 NAME 'radiusTunnelServerEndpoint' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {49}( 1.3.6.1.4.1.3317.4.3.1.41 NAME 'radiusTunnelType' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {50}( 1.3.6.1.4.1.3317.4.3.1.42 NAME 'radiusVSA' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {51}( 1.3.6.1.4.1.3317.4.3.1.43 NAME 'radiusTunnelClientEndpoint' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {52}( 1.3.6.1.4.1.3317.4.3.1.53 NAME 'radiusSimultaneousUse' DESC 'controlItem: Simultaneous-Use' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: {53}( 1.3.6.1.4.1.3317.4.3.1.54 NAME 'radiusLoginTime' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {54}( 1.3.6.1.4.1.3317.4.3.1.55 NAME 'radiusUserCategory' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {55}( 1.3.6.1.4.1.3317.4.3.1.56 NAME 'radiusStripUserName' DESC '' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE ) +olcAttributeTypes: {56}( 1.3.6.1.4.1.3317.4.3.1.57 NAME 'dialupAccess' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {57}( 1.3.6.1.4.1.3317.4.3.1.58 NAME 'radiusExpiration' DESC 'controlItem: Expiration' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {58}( 1.3.6.1.4.1.3317.4.3.1.59 NAME 'radiusAttribute' DESC 'controlItem: $GENERIC$' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {60}( 1.3.6.1.4.1.3317.4.3.1.61 NAME 'radiusNASIpAddress' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {61}( 1.3.6.1.4.1.3317.4.3.1.62 NAME 'radiusReplyMessage' DESC 'replyItem: Reply-Message' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcObjectClasses: {0}( 1.3.6.1.4.1.3317.4.3.2.1 NAME 'radiusprofile' DESC '' SUP top AUXILIARY MUST cn MAY ( radiusArapFeatures $ radiusArapSecurity $ radiusArapZoneAccess $ radiusAuthType $ + radiusCallbackId $ radiusCallbackNumber $radiusCalledStationId $ radiusCallingStationId $ radiusClass $ radiusClientIPAddress $ radiusFilterId $ radiusFramedAppleTalkLink $ radiusFramedAppleTalkNetwork $ + radiusFramedAppleTalkZone $ radiusFramedCompression $ radiusFramedIPAddress $ radiusFramedIPNetmask $ radiusFramedIPXNetwork $ radiusFramedMTU $radiusFramedProtocol $ radiusAttribute $ + radiusFramedRoute $ radiusFramedRouting $ radiusIdleTimeout $ radiusGroupName $ radiusHint $ radiusHuntgroupName $ radiusLoginIPHost $ radiusLoginLATGroup $ radiusLoginLATNode $ radiusLoginLATPort $ + radiusLoginLATService $ radiusLoginService $ radiusLoginTCPPort $ radiusLoginTime $ radiusPasswordRetry $ radiusPortLimit $ radiusPrompt $ radiusProxyToRealm $ radiusRealm $ radiusReplicateToRealm $ + radiusServiceType $ radiusSessionTimeout $ radiusStripUserName $ radiusTerminationAction $ radiusTunnelClientEndpoint $ radiusProfileDn $ radiusSimultaneousUse $ radiusTunnelAssignmentId $ + radiusTunnelMediumType $ radiusTunnelPassword $ radiusTunnelPreference $ radiusTunnelPrivateGroupId $ radiusTunnelServerEndpoint $ radiusTunnelType $ radiusUserCategory $ radiusVSA $ radiusExpiration $ + dialupAccess $ radiusNASIpAddress $ radiusReplyMessage ) ) +olcObjectClasses: {1}( 1.3.6.1.4.1.3317.4.3.2.2 NAME 'radiusObjectProfile' DESC 'A Container Objectclass to be used for creating radius profile object' SUP top STRUCTURAL MUST cn MAY ( uid $ userPassword $ description ) ) diff --git a/install_utils/ldap/schema_samba.ldif b/install_utils/ldap/schema_samba.ldif new file mode 100644 index 00000000..9f7ef4e4 --- /dev/null +++ b/install_utils/ldap/schema_samba.ldif @@ -0,0 +1,226 @@ +# From samba debian package (/usr/share/doc/samba/examples/LDAP/samba.ldif.gz) + +dn: cn=samba,cn=schema,cn=config +objectClass: olcSchemaConfig +cn: samba +olcAttributeTypes: {0}( 1.3.6.1.4.1.7165.2.1.24 NAME 'sambaLMPassword' DESC 'L + anManager Password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.1 + 21.1.26{32} SINGLE-VALUE ) +olcAttributeTypes: {1}( 1.3.6.1.4.1.7165.2.1.25 NAME 'sambaNTPassword' DESC 'M + D4 hash of the unicode password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4 + .1.1466.115.121.1.26{32} SINGLE-VALUE ) +olcAttributeTypes: {2}( 1.3.6.1.4.1.7165.2.1.26 NAME 'sambaAcctFlags' DESC 'Ac + count Flags' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + {16} SINGLE-VALUE ) +olcAttributeTypes: {3}( 1.3.6.1.4.1.7165.2.1.27 NAME 'sambaPwdLastSet' DESC 'T + imestamp of the last password update' EQUALITY integerMatch SYNTAX 1.3.6.1.4. + 1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: {4}( 1.3.6.1.4.1.7165.2.1.28 NAME 'sambaPwdCanChange' DESC + 'Timestamp of when the user is allowed to update the password' EQUALITY integ + erMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: {5}( 1.3.6.1.4.1.7165.2.1.29 NAME 'sambaPwdMustChange' DESC + 'Timestamp of when the password will expire' EQUALITY integerMatch SYNTAX 1. + 3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: {6}( 1.3.6.1.4.1.7165.2.1.30 NAME 'sambaLogonTime' DESC 'Ti + mestamp of last logon' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121. + 1.27 SINGLE-VALUE ) +olcAttributeTypes: {7}( 1.3.6.1.4.1.7165.2.1.31 NAME 'sambaLogoffTime' DESC 'T + imestamp of last logoff' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.12 + 1.1.27 SINGLE-VALUE ) +olcAttributeTypes: {8}( 1.3.6.1.4.1.7165.2.1.32 NAME 'sambaKickoffTime' DESC ' + Timestamp of when the user will be logged off automatically' EQUALITY integer + Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: {9}( 1.3.6.1.4.1.7165.2.1.48 NAME 'sambaBadPasswordCount' D + ESC 'Bad password attempt count' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.146 + 6.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: {10}( 1.3.6.1.4.1.7165.2.1.49 NAME 'sambaBadPasswordTime' D + ESC 'Time of the last bad password attempt' EQUALITY integerMatch SYNTAX 1.3. + 6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: {11}( 1.3.6.1.4.1.7165.2.1.55 NAME 'sambaLogonHours' DESC ' + Logon Hours' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + {42} SINGLE-VALUE ) +olcAttributeTypes: {12}( 1.3.6.1.4.1.7165.2.1.33 NAME 'sambaHomeDrive' DESC 'D + river letter of home directory mapping' EQUALITY caseIgnoreIA5Match SYNTAX 1. + 3.6.1.4.1.1466.115.121.1.26{4} SINGLE-VALUE ) +olcAttributeTypes: {13}( 1.3.6.1.4.1.7165.2.1.34 NAME 'sambaLogonScript' DESC + 'Logon script path' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121. + 1.15{255} SINGLE-VALUE ) +olcAttributeTypes: {14}( 1.3.6.1.4.1.7165.2.1.35 NAME 'sambaProfilePath' DESC + 'Roaming profile path' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.1 + 21.1.15{255} SINGLE-VALUE ) +olcAttributeTypes: {15}( 1.3.6.1.4.1.7165.2.1.36 NAME 'sambaUserWorkstations' + DESC 'List of user workstations the user is allowed to logon to' EQUALITY cas + eIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE ) +olcAttributeTypes: {16}( 1.3.6.1.4.1.7165.2.1.37 NAME 'sambaHomePath' DESC 'Ho + me directory UNC path' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.1 + 21.1.15{128} ) +olcAttributeTypes: {17}( 1.3.6.1.4.1.7165.2.1.38 NAME 'sambaDomainName' DESC ' + Windows NT domain to which the user belongs' EQUALITY caseIgnoreMatch SYNTAX + 1.3.6.1.4.1.1466.115.121.1.15{128} ) +olcAttributeTypes: {18}( 1.3.6.1.4.1.7165.2.1.47 NAME 'sambaMungedDial' DESC ' + Base64 encoded user parameter string' EQUALITY caseExactMatch SYNTAX 1.3.6.1. + 4.1.1466.115.121.1.15{1050} ) +olcAttributeTypes: {19}( 1.3.6.1.4.1.7165.2.1.54 NAME 'sambaPasswordHistory' D + ESC 'Concatenated MD5 hashes of the salted NT passwords used on this account' + EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} ) +olcAttributeTypes: {20}( 1.3.6.1.4.1.7165.2.1.20 NAME 'sambaSID' DESC 'Securit + y ID' EQUALITY caseIgnoreIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1 + .3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE ) +olcAttributeTypes: {21}( 1.3.6.1.4.1.7165.2.1.23 NAME 'sambaPrimaryGroupSID' D + ESC 'Primary Group Security ID' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4. + 1.1466.115.121.1.26{64} SINGLE-VALUE ) +olcAttributeTypes: {22}( 1.3.6.1.4.1.7165.2.1.51 NAME 'sambaSIDList' DESC 'Sec + urity ID List' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1. + 26{64} ) +olcAttributeTypes: {23}( 1.3.6.1.4.1.7165.2.1.19 NAME 'sambaGroupType' DESC 'N + T Group Type' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SING + LE-VALUE ) +olcAttributeTypes: {24}( 1.3.6.1.4.1.7165.2.1.21 NAME 'sambaNextUserRid' DESC + 'Next NT rid to give our for users' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1. + 1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: {25}( 1.3.6.1.4.1.7165.2.1.22 NAME 'sambaNextGroupRid' DESC + 'Next NT rid to give out for groups' EQUALITY integerMatch SYNTAX 1.3.6.1.4. + 1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: {26}( 1.3.6.1.4.1.7165.2.1.39 NAME 'sambaNextRid' DESC 'Nex + t NT rid to give out for anything' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1 + 466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: {27}( 1.3.6.1.4.1.7165.2.1.40 NAME 'sambaAlgorithmicRidBase + ' DESC 'Base at which the samba RID generation algorithm should operate' EQUA + LITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: {28}( 1.3.6.1.4.1.7165.2.1.41 NAME 'sambaShareName' DESC 'S + hare Name' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SING + LE-VALUE ) +olcAttributeTypes: {29}( 1.3.6.1.4.1.7165.2.1.42 NAME 'sambaOptionName' DESC ' + Option Name' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX + 1.3.6.1.4.1.1466.115.121.1.15{256} ) +olcAttributeTypes: {30}( 1.3.6.1.4.1.7165.2.1.43 NAME 'sambaBoolOption' DESC ' + A boolean option' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 S + INGLE-VALUE ) +olcAttributeTypes: {31}( 1.3.6.1.4.1.7165.2.1.44 NAME 'sambaIntegerOption' DES + C 'An integer option' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1 + .27 SINGLE-VALUE ) +olcAttributeTypes: {32}( 1.3.6.1.4.1.7165.2.1.45 NAME 'sambaStringOption' DESC + 'A string option' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121 + .1.26 SINGLE-VALUE ) +olcAttributeTypes: {33}( 1.3.6.1.4.1.7165.2.1.46 NAME 'sambaStringListOption' + DESC 'A string list option' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466. + 115.121.1.15 ) +olcAttributeTypes: {34}( 1.3.6.1.4.1.7165.2.1.53 NAME 'sambaTrustFlags' DESC ' + Trust Password Flags' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115 + .121.1.26 ) +olcAttributeTypes: {35}( 1.3.6.1.4.1.7165.2.1.58 NAME 'sambaMinPwdLength' DESC + 'Minimal password length (default: 5)' EQUALITY integerMatch SYNTAX 1.3.6.1. + 4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: {36}( 1.3.6.1.4.1.7165.2.1.59 NAME 'sambaPwdHistoryLength' + DESC 'Length of Password History Entries (default: 0 => off)' EQUALITY intege + rMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: {37}( 1.3.6.1.4.1.7165.2.1.60 NAME 'sambaLogonToChgPwd' DES + C 'Force Users to logon for password change (default: 0 => off, 2 => on)' EQU + ALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: {38}( 1.3.6.1.4.1.7165.2.1.61 NAME 'sambaMaxPwdAge' DESC 'M + aximum password age, in seconds (default: -1 => never expire passwords)' EQUA + LITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: {39}( 1.3.6.1.4.1.7165.2.1.62 NAME 'sambaMinPwdAge' DESC 'M + inimum password age, in seconds (default: 0 => allow immediate password chang + e)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: {40}( 1.3.6.1.4.1.7165.2.1.63 NAME 'sambaLockoutDuration' D + ESC 'Lockout duration in minutes (default: 30, -1 => forever)' EQUALITY integ + erMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: {41}( 1.3.6.1.4.1.7165.2.1.64 NAME 'sambaLockoutObservation + Window' DESC 'Reset time after lockout in minutes (default: 30)' EQUALITY int + egerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: {42}( 1.3.6.1.4.1.7165.2.1.65 NAME 'sambaLockoutThreshold' + DESC 'Lockout users after bad logon attempts (default: 0 => off)' EQUALITY in + tegerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: {43}( 1.3.6.1.4.1.7165.2.1.66 NAME 'sambaForceLogoff' DESC + 'Disconnect Users outside logon hours (default: -1 => off, 0 => on)' EQUALITY + integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: {44}( 1.3.6.1.4.1.7165.2.1.67 NAME 'sambaRefuseMachinePwdCh + ange' DESC 'Allow Machine Password changes (default: 0 => off)' EQUALITY inte + gerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: {45}( 1.3.6.1.4.1.7165.2.1.68 NAME 'sambaClearTextPassword' + DESC 'Clear text password (used for trusted domain passwords)' EQUALITY octe + tStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) +olcAttributeTypes: {46}( 1.3.6.1.4.1.7165.2.1.69 NAME 'sambaPreviousClearTextP + assword' DESC 'Previous clear text password (used for trusted domain password + s)' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) +olcAttributeTypes: {47}( 1.3.6.1.4.1.7165.2.1.70 NAME 'sambaTrustType' DESC 'T + ype of trust' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SING + LE-VALUE ) +olcAttributeTypes: {48}( 1.3.6.1.4.1.7165.2.1.71 NAME 'sambaTrustAttributes' D + ESC 'Trust attributes for a trusted domain' EQUALITY integerMatch SYNTAX 1.3. + 6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: {49}( 1.3.6.1.4.1.7165.2.1.72 NAME 'sambaTrustDirection' DE + SC 'Direction of a trust' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.1 + 21.1.27 SINGLE-VALUE ) +olcAttributeTypes: {50}( 1.3.6.1.4.1.7165.2.1.73 NAME 'sambaTrustPartner' DESC + 'Fully qualified name of the domain with which a trust exists' EQUALITY case + IgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) +olcAttributeTypes: {51}( 1.3.6.1.4.1.7165.2.1.74 NAME 'sambaFlatName' DESC 'Ne + tBIOS name of a domain' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115. + 121.1.15{128} ) +olcAttributeTypes: {52}( 1.3.6.1.4.1.7165.2.1.75 NAME 'sambaTrustAuthOutgoing' + DESC 'Authentication information for the outgoing portion of a trust' EQUALIT + Y caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} ) +olcAttributeTypes: {53}( 1.3.6.1.4.1.7165.2.1.76 NAME 'sambaTrustAuthIncoming' + DESC 'Authentication information for the incoming portion of a trust' EQUALIT + Y caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} ) +olcAttributeTypes: {54}( 1.3.6.1.4.1.7165.2.1.77 NAME 'sambaSecurityIdentifier + ' DESC 'SID of a trusted domain' EQUALITY caseIgnoreIA5Match SUBSTR caseExact + IA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE ) +olcAttributeTypes: {55}( 1.3.6.1.4.1.7165.2.1.78 NAME 'sambaTrustForestTrustIn + fo' DESC 'Forest trust information for a trusted domain object' EQUALITY case + ExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} ) +olcAttributeTypes: {56}( 1.3.6.1.4.1.7165.2.1.79 NAME 'sambaTrustPosixOffset' + DESC 'POSIX offset of a trust' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466. + 115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: {57}( 1.3.6.1.4.1.7165.2.1.80 NAME 'sambaSupportedEncryptio + nTypes' DESC 'Supported encryption types of a trust' EQUALITY integerMatch SY + NTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcObjectClasses: {0}( 1.3.6.1.4.1.7165.2.2.6 NAME 'sambaSamAccount' DESC 'Sam + ba 3.0 Auxilary SAM Account' SUP top AUXILIARY MUST ( uid $ sambaSID ) MAY ( + cn $ sambaLMPassword $ sambaNTPassword $ sambaPwdLastSet $ sambaLogonTime $ s + ambaLogoffTime $ sambaKickoffTime $ sambaPwdCanChange $ sambaPwdMustChange $ + sambaAcctFlags $ displayName $ sambaHomePath $ sambaHomeDrive $ sambaLogonScr + ipt $ sambaProfilePath $ description $ sambaUserWorkstations $ sambaPrimaryGr + oupSID $ sambaDomainName $ sambaMungedDial $ sambaBadPasswordCount $ sambaBad + PasswordTime $ sambaPasswordHistory $ sambaLogonHours ) ) +olcObjectClasses: {1}( 1.3.6.1.4.1.7165.2.2.4 NAME 'sambaGroupMapping' DESC 'S + amba Group Mapping' SUP top AUXILIARY MUST ( gidNumber $ sambaSID $ sambaGrou + pType ) MAY ( displayName $ description $ sambaSIDList ) ) +olcObjectClasses: {2}( 1.3.6.1.4.1.7165.2.2.14 NAME 'sambaTrustPassword' DESC + 'Samba Trust Password' SUP top STRUCTURAL MUST ( sambaDomainName $ sambaNTPas + sword $ sambaTrustFlags ) MAY ( sambaSID $ sambaPwdLastSet ) ) +olcObjectClasses: {3}( 1.3.6.1.4.1.7165.2.2.15 NAME 'sambaTrustedDomainPasswor + d' DESC 'Samba Trusted Domain Password' SUP top STRUCTURAL MUST ( sambaDomain + Name $ sambaSID $ sambaClearTextPassword $ sambaPwdLastSet ) MAY sambaPreviou + sClearTextPassword ) +olcObjectClasses: {4}( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' DESC 'Samba D + omain Information' SUP top STRUCTURAL MUST ( sambaDomainName $ sambaSID ) MAY + ( sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $ sambaAlgorithmicRidB + ase $ sambaMinPwdLength $ sambaPwdHistoryLength $ sambaLogonToChgPwd $ sambaM + axPwdAge $ sambaMinPwdAge $ sambaLockoutDuration $ sambaLockoutObservationWin + dow $ sambaLockoutThreshold $ sambaForceLogoff $ sambaRefuseMachinePwdChange + ) ) +olcObjectClasses: {5}( 1.3.6.1.4.1.7165.2.2.7 NAME 'sambaUnixIdPool' DESC 'Poo + l for allocating UNIX uids/gids' SUP top AUXILIARY MUST ( uidNumber $ gidNumb + er ) ) +olcObjectClasses: {6}( 1.3.6.1.4.1.7165.2.2.8 NAME 'sambaIdmapEntry' DESC 'Map + ping from a SID to an ID' SUP top AUXILIARY MUST sambaSID MAY ( uidNumber $ g + idNumber ) ) +olcObjectClasses: {7}( 1.3.6.1.4.1.7165.2.2.9 NAME 'sambaSidEntry' DESC 'Struc + tural Class for a SID' SUP top STRUCTURAL MUST sambaSID ) +olcObjectClasses: {8}( 1.3.6.1.4.1.7165.2.2.10 NAME 'sambaConfig' DESC 'Samba + Configuration Section' SUP top AUXILIARY MAY description ) +olcObjectClasses: {9}( 1.3.6.1.4.1.7165.2.2.11 NAME 'sambaShare' DESC 'Samba S + hare Section' SUP top STRUCTURAL MUST sambaShareName MAY description ) +olcObjectClasses: {10}( 1.3.6.1.4.1.7165.2.2.12 NAME 'sambaConfigOption' DESC + 'Samba Configuration Option' SUP top STRUCTURAL MUST sambaOptionName MAY ( sa + mbaBoolOption $ sambaIntegerOption $ sambaStringOption $ sambaStringListoptio + n $ description ) ) +olcObjectClasses: {11}( 1.3.6.1.4.1.7165.2.2.16 NAME 'sambaTrustedDomain' DESC + 'Samba Trusted Domain Object' SUP top STRUCTURAL MUST cn MAY ( sambaTrustTyp + e $ sambaTrustAttributes $ sambaTrustDirection $ sambaTrustPartner $ sambaFla + tName $ sambaTrustAuthOutgoing $ sambaTrustAuthIncoming $ sambaSecurityIdenti + fier $ sambaTrustForestTrustInfo $ sambaTrustPosixOffset $ sambaSupportedEncr + yptionTypes) ) diff --git a/install_utils/schema.ldiff b/install_utils/schema.ldiff deleted file mode 100644 index 194f886a..00000000 --- a/install_utils/schema.ldiff +++ /dev/null @@ -1,1183 +0,0 @@ -dn: cn=config -objectClass: olcGlobal -cn: config -olcArgsFile: /var/run/slapd/slapd.args -olcLogLevel: 256 -olcPidFile: /var/run/slapd/slapd.pid -olcSaslHost: 127.0.0.1 -olcSaslSecProps: none -olcToolThreads: 1 -structuralObjectClass: olcGlobal -entryUUID: fc8ef918-514b-1034-9c2c-0faf5bc7ead5 -creatorsName: cn=config -createTimestamp: 20150225150906Z -entryCSN: 20150930214326.686146Z#000000#000#000000 -modifiersName: cn=admin,cn=config -modifyTimestamp: 20150930214326Z -contextCSN: 20160619215244.315124Z#000000#000#000000 - -dn: cn=module{0},cn=config -objectClass: olcModuleList -cn: module{0} -olcModulePath: /usr/lib/ldap -olcModuleLoad: {0}back_hdb -olcModuleLoad: {1}syncprov -structuralObjectClass: olcModuleList -entryUUID: fc8f8478-514b-1034-9c34-0faf5bc7ead5 -creatorsName: cn=admin,cn=config -createTimestamp: 20150225150906Z -entryCSN: 20150305013830.870926Z#000000#000#000000 -modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth -modifyTimestamp: 20150305013830Z - -dn: cn=schema,cn=config -objectClass: olcSchemaConfig -cn: schema -structuralObjectClass: olcSchemaConfig -entryUUID: fc8f0ef8-514b-1034-9c2f-0faf5bc7ead5 -creatorsName: cn=admin,cn=config -createTimestamp: 20150225150906Z -entryCSN: 20150225150906.558504Z#000000#000#000000 -modifiersName: cn=admin,cn=config -modifyTimestamp: 20150225150906Z - -dn: cn={0}core,cn=schema,cn=config -objectClass: olcSchemaConfig -cn: {0}core -olcAttributeTypes: {0}( 2.5.4.2 NAME 'knowledgeInformation' DESC 'RFC2256: k - nowledge information' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115. - 121.1.15{32768} ) -olcAttributeTypes: {1}( 2.5.4.4 NAME ( 'sn' 'surname' ) DESC 'RFC2256: last - (family) name(s) for which the entity is known by' SUP name ) -olcAttributeTypes: {2}( 2.5.4.5 NAME 'serialNumber' DESC 'RFC2256: serial nu - mber of the entity' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMat - ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} ) -olcAttributeTypes: {3}( 2.5.4.6 NAME ( 'c' 'countryName' ) DESC 'RFC2256: IS - O-3166 country 2-letter code' SUP name SINGLE-VALUE ) -olcAttributeTypes: {4}( 2.5.4.7 NAME ( 'l' 'localityName' ) DESC 'RFC2256: l - ocality which this object resides in' SUP name ) -olcAttributeTypes: {5}( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' ) DESC 'RF - C2256: state or province which this object resides in' SUP name ) -olcAttributeTypes: {6}( 2.5.4.9 NAME ( 'street' 'streetAddress' ) DESC 'RFC2 - 256: street address of this object' EQUALITY caseIgnoreMatch SUBSTR caseIgn - oreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) -olcAttributeTypes: {7}( 2.5.4.10 NAME ( 'o' 'organizationName' ) DESC 'RFC22 - 56: organization this object belongs to' SUP name ) -olcAttributeTypes: {8}( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' ) DESC - 'RFC2256: organizational unit this object belongs to' SUP name ) -olcAttributeTypes: {9}( 2.5.4.12 NAME 'title' DESC 'RFC2256: title associate - d with the entity' SUP name ) -olcAttributeTypes: {10}( 2.5.4.14 NAME 'searchGuide' DESC 'RFC2256: search g - uide, deprecated by enhancedSearchGuide' SYNTAX 1.3.6.1.4.1.1466.115.121.1. - 25 ) -olcAttributeTypes: {11}( 2.5.4.15 NAME 'businessCategory' DESC 'RFC2256: bus - iness category' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch S - YNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) -olcAttributeTypes: {12}( 2.5.4.16 NAME 'postalAddress' DESC 'RFC2256: postal - address' EQUALITY caseIgnoreListMatch SUBSTR caseIgnoreListSubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) -olcAttributeTypes: {13}( 2.5.4.17 NAME 'postalCode' DESC 'RFC2256: postal co - de' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6. - 1.4.1.1466.115.121.1.15{40} ) -olcAttributeTypes: {14}( 2.5.4.18 NAME 'postOfficeBox' DESC 'RFC2256: Post O - ffice Box' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX - 1.3.6.1.4.1.1466.115.121.1.15{40} ) -olcAttributeTypes: {15}( 2.5.4.19 NAME 'physicalDeliveryOfficeName' DESC 'RF - C2256: Physical Delivery Office Name' EQUALITY caseIgnoreMatch SUBSTR caseI - gnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) -olcAttributeTypes: {16}( 2.5.4.20 NAME 'telephoneNumber' DESC 'RFC2256: Tele - phone Number' EQUALITY telephoneNumberMatch SUBSTR telephoneNumberSubstring - sMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} ) -olcAttributeTypes: {17}( 2.5.4.21 NAME 'telexNumber' DESC 'RFC2256: Telex Nu - mber' SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 ) -olcAttributeTypes: {18}( 2.5.4.22 NAME 'teletexTerminalIdentifier' DESC 'RFC - 2256: Teletex Terminal Identifier' SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 ) -olcAttributeTypes: {19}( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' ) - DESC 'RFC2256: Facsimile (Fax) Telephone Number' SYNTAX 1.3.6.1.4.1.1466.11 - 5.121.1.22 ) -olcAttributeTypes: {20}( 2.5.4.24 NAME 'x121Address' DESC 'RFC2256: X.121 Ad - dress' EQUALITY numericStringMatch SUBSTR numericStringSubstringsMatch SYNT - AX 1.3.6.1.4.1.1466.115.121.1.36{15} ) -olcAttributeTypes: {21}( 2.5.4.25 NAME 'internationaliSDNNumber' DESC 'RFC22 - 56: international ISDN number' EQUALITY numericStringMatch SUBSTR numericSt - ringSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} ) -olcAttributeTypes: {22}( 2.5.4.26 NAME 'registeredAddress' DESC 'RFC2256: re - gistered postal address' SUP postalAddress SYNTAX 1.3.6.1.4.1.1466.115.121. - 1.41 ) -olcAttributeTypes: {23}( 2.5.4.27 NAME 'destinationIndicator' DESC 'RFC2256: - destination indicator' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstring - sMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} ) -olcAttributeTypes: {24}( 2.5.4.28 NAME 'preferredDeliveryMethod' DESC 'RFC22 - 56: preferred delivery method' SYNTAX 1.3.6.1.4.1.1466.115.121.1.14 SINGLE- - VALUE ) -olcAttributeTypes: {25}( 2.5.4.29 NAME 'presentationAddress' DESC 'RFC2256: - presentation address' EQUALITY presentationAddressMatch SYNTAX 1.3.6.1.4.1. - 1466.115.121.1.43 SINGLE-VALUE ) -olcAttributeTypes: {26}( 2.5.4.30 NAME 'supportedApplicationContext' DESC 'R - FC2256: supported application context' EQUALITY objectIdentifierMatch SYNTA - X 1.3.6.1.4.1.1466.115.121.1.38 ) -olcAttributeTypes: {27}( 2.5.4.31 NAME 'member' DESC 'RFC2256: member of a g - roup' SUP distinguishedName ) -olcAttributeTypes: {28}( 2.5.4.32 NAME 'owner' DESC 'RFC2256: owner (of the - object)' SUP distinguishedName ) -olcAttributeTypes: {29}( 2.5.4.33 NAME 'roleOccupant' DESC 'RFC2256: occupan - t of role' SUP distinguishedName ) -olcAttributeTypes: {30}( 2.5.4.36 NAME 'userCertificate' DESC 'RFC2256: X.50 - 9 user certificate, use ;binary' EQUALITY certificateExactMatch SYNTAX 1.3. - 6.1.4.1.1466.115.121.1.8 ) -olcAttributeTypes: {31}( 2.5.4.37 NAME 'cACertificate' DESC 'RFC2256: X.509 - CA certificate, use ;binary' EQUALITY certificateExactMatch SYNTAX 1.3.6.1. - 4.1.1466.115.121.1.8 ) -olcAttributeTypes: {32}( 2.5.4.38 NAME 'authorityRevocationList' DESC 'RFC22 - 56: X.509 authority revocation list, use ;binary' SYNTAX 1.3.6.1.4.1.1466.1 - 15.121.1.9 ) -olcAttributeTypes: {33}( 2.5.4.39 NAME 'certificateRevocationList' DESC 'RFC - 2256: X.509 certificate revocation list, use ;binary' SYNTAX 1.3.6.1.4.1.14 - 66.115.121.1.9 ) -olcAttributeTypes: {34}( 2.5.4.40 NAME 'crossCertificatePair' DESC 'RFC2256: - X.509 cross certificate pair, use ;binary' SYNTAX 1.3.6.1.4.1.1466.115.121 - .1.10 ) -olcAttributeTypes: {35}( 2.5.4.42 NAME ( 'givenName' 'gn' ) DESC 'RFC2256: f - irst name(s) for which the entity is known by' SUP name ) -olcAttributeTypes: {36}( 2.5.4.43 NAME 'initials' DESC 'RFC2256: initials of - some or all of names, but not the surname(s).' SUP name ) -olcAttributeTypes: {37}( 2.5.4.44 NAME 'generationQualifier' DESC 'RFC2256: - name qualifier indicating a generation' SUP name ) -olcAttributeTypes: {38}( 2.5.4.45 NAME 'x500UniqueIdentifier' DESC 'RFC2256: - X.500 unique identifier' EQUALITY bitStringMatch SYNTAX 1.3.6.1.4.1.1466.1 - 15.121.1.6 ) -olcAttributeTypes: {39}( 2.5.4.46 NAME 'dnQualifier' DESC 'RFC2256: DN quali - fier' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR case - IgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ) -olcAttributeTypes: {40}( 2.5.4.47 NAME 'enhancedSearchGuide' DESC 'RFC2256: - enhanced search guide' SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 ) -olcAttributeTypes: {41}( 2.5.4.48 NAME 'protocolInformation' DESC 'RFC2256: - protocol information' EQUALITY protocolInformationMatch SYNTAX 1.3.6.1.4.1. - 1466.115.121.1.42 ) -olcAttributeTypes: {42}( 2.5.4.50 NAME 'uniqueMember' DESC 'RFC2256: unique - member of a group' EQUALITY uniqueMemberMatch SYNTAX 1.3.6.1.4.1.1466.115.1 - 21.1.34 ) -olcAttributeTypes: {43}( 2.5.4.51 NAME 'houseIdentifier' DESC 'RFC2256: hous - e identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYN - TAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) -olcAttributeTypes: {44}( 2.5.4.52 NAME 'supportedAlgorithms' DESC 'RFC2256: - supported algorithms' SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 ) -olcAttributeTypes: {45}( 2.5.4.53 NAME 'deltaRevocationList' DESC 'RFC2256: - delta revocation list; use ;binary' SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) -olcAttributeTypes: {46}( 2.5.4.54 NAME 'dmdName' DESC 'RFC2256: name of DMD' - SUP name ) -olcAttributeTypes: {47}( 2.5.4.65 NAME 'pseudonym' DESC 'X.520(4th): pseudon - ym for the object' SUP name ) -olcAttributeTypes: {48}( 0.9.2342.19200300.100.1.3 NAME ( 'mail' 'rfc822Mail - box' ) DESC 'RFC1274: RFC822 Mailbox' EQUALITY caseIgnoreIA5Match SUBST - R caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} - ) -olcAttributeTypes: {49}( 0.9.2342.19200300.100.1.25 NAME ( 'dc' 'domainCompo - nent' ) DESC 'RFC1274/2247: domain component' EQUALITY caseIgnoreIA5Match S - UBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SIN - GLE-VALUE ) -olcAttributeTypes: {50}( 0.9.2342.19200300.100.1.37 NAME 'associatedDomain' - DESC 'RFC1274: domain associated with object' EQUALITY caseIgnoreIA5Match S - UBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) -olcAttributeTypes: {51}( 1.2.840.113549.1.9.1 NAME ( 'email' 'emailAddress' - 'pkcs9email' ) DESC 'RFC3280: legacy attribute for email addresses in DNs' - EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3. - 6.1.4.1.1466.115.121.1.26{128} ) -olcObjectClasses: {0}( 2.5.6.2 NAME 'country' DESC 'RFC2256: a country' SUP - top STRUCTURAL MUST c MAY ( searchGuide $ description ) ) -olcObjectClasses: {1}( 2.5.6.3 NAME 'locality' DESC 'RFC2256: a locality' SU - P top STRUCTURAL MAY ( street $ seeAlso $ searchGuide $ st $ l $ descriptio - n ) ) -olcObjectClasses: {2}( 2.5.6.4 NAME 'organization' DESC 'RFC2256: an organiz - ation' SUP top STRUCTURAL MUST o MAY ( userPassword $ searchGuide $ seeAlso - $ businessCategory $ x121Address $ registeredAddress $ destinationIndicato - r $ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ tel - ephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ street - $ postOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName - $ st $ l $ description ) ) -olcObjectClasses: {3}( 2.5.6.5 NAME 'organizationalUnit' DESC 'RFC2256: an o - rganizational unit' SUP top STRUCTURAL MUST ou MAY ( userPassword $ searchG - uide $ seeAlso $ businessCategory $ x121Address $ registeredAddress $ desti - nationIndicator $ preferredDeliveryMethod $ telexNumber $ teletexTerminalId - entifier $ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNu - mber $ street $ postOfficeBox $ postalCode $ postalAddress $ physicalDelive - ryOfficeName $ st $ l $ description ) ) -olcObjectClasses: {4}( 2.5.6.6 NAME 'person' DESC 'RFC2256: a person' SUP to - p STRUCTURAL MUST ( sn $ cn ) MAY ( userPassword $ telephoneNumber $ seeAls - o $ description ) ) -olcObjectClasses: {5}( 2.5.6.7 NAME 'organizationalPerson' DESC 'RFC2256: an - organizational person' SUP person STRUCTURAL MAY ( title $ x121Address $ r - egisteredAddress $ destinationIndicator $ preferredDeliveryMethod $ telexNu - mber $ teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumbe - r $ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ posta - lAddress $ physicalDeliveryOfficeName $ ou $ st $ l ) ) -olcObjectClasses: {6}( 2.5.6.8 NAME 'organizationalRole' DESC 'RFC2256: an o - rganizational role' SUP top STRUCTURAL MUST cn MAY ( x121Address $ register - edAddress $ destinationIndicator $ preferredDeliveryMethod $ telexNumber $ - teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ fac - simileTelephoneNumber $ seeAlso $ roleOccupant $ preferredDeliveryMethod $ - street $ postOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOffic - eName $ ou $ st $ l $ description ) ) -olcObjectClasses: {7}( 2.5.6.9 NAME 'groupOfNames' DESC 'RFC2256: a group of - names (DNs)' SUP top STRUCTURAL MUST ( cn ) MAY ( member $ businessCategor - y $ seeAlso $ owner $ ou $ o $ description ) ) -olcObjectClasses: {8}( 2.5.6.10 NAME 'residentialPerson' DESC 'RFC2256: an r - esidential person' SUP person STRUCTURAL MUST l MAY ( businessCategory $ x1 - 21Address $ registeredAddress $ destinationIndicator $ preferredDeliveryMet - hod $ telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ internati - onaliSDNNumber $ facsimileTelephoneNumber $ preferredDeliveryMethod $ stree - t $ postOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName - $ st $ l ) ) -olcObjectClasses: {9}( 2.5.6.11 NAME 'applicationProcess' DESC 'RFC2256: an - application process' SUP top STRUCTURAL MUST cn MAY ( seeAlso $ ou $ l $ de - scription ) ) -olcObjectClasses: {10}( 2.5.6.12 NAME 'applicationEntity' DESC 'RFC2256: an - application entity' SUP top STRUCTURAL MUST ( presentationAddress $ cn ) MA - Y ( supportedApplicationContext $ seeAlso $ ou $ o $ l $ description ) ) -olcObjectClasses: {11}( 2.5.6.13 NAME 'dSA' DESC 'RFC2256: a directory syste - m agent (a server)' SUP applicationEntity STRUCTURAL MAY knowledgeInformati - on ) -olcObjectClasses: {12}( 2.5.6.14 NAME 'device' DESC 'RFC2256: a device' SUP - top STRUCTURAL MUST cn MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l $ - description ) ) -olcObjectClasses: {13}( 2.5.6.15 NAME 'strongAuthenticationUser' DESC 'RFC22 - 56: a strong authentication user' SUP top AUXILIARY MUST userCertificate ) -olcObjectClasses: {14}( 2.5.6.16 NAME 'certificationAuthority' DESC 'RFC2256 - : a certificate authority' SUP top AUXILIARY MUST ( authorityRevocationList - $ certificateRevocationList $ cACertificate ) MAY crossCertificatePair ) -olcObjectClasses: {15}( 2.5.6.17 NAME 'groupOfUniqueNames' DESC 'RFC2256: a - group of unique names (DN and Unique Identifier)' SUP top STRUCTURAL MUST ( - uniqueMember $ cn ) MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ de - scription ) ) -olcObjectClasses: {16}( 2.5.6.18 NAME 'userSecurityInformation' DESC 'RFC225 - 6: a user security information' SUP top AUXILIARY MAY ( supportedAlgorithms - ) ) -olcObjectClasses: {17}( 2.5.6.16.2 NAME 'certificationAuthority-V2' SUP cert - ificationAuthority AUXILIARY MAY ( deltaRevocationList ) ) -olcObjectClasses: {18}( 2.5.6.19 NAME 'cRLDistributionPoint' SUP top STRUCTU - RAL MUST ( cn ) MAY ( certificateRevocationList $ authorityRevocationList $ - deltaRevocationList ) ) -olcObjectClasses: {19}( 2.5.6.20 NAME 'dmd' SUP top STRUCTURAL MUST ( dmdNam - e ) MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ x121Add - ress $ registeredAddress $ destinationIndicator $ preferredDeliveryMethod $ - telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ internationali - SDNNumber $ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode - $ postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) ) -olcObjectClasses: {20}( 2.5.6.21 NAME 'pkiUser' DESC 'RFC2587: a PKI user' S - UP top AUXILIARY MAY userCertificate ) -olcObjectClasses: {21}( 2.5.6.22 NAME 'pkiCA' DESC 'RFC2587: PKI certificate - authority' SUP top AUXILIARY MAY ( authorityRevocationList $ certificateRe - vocationList $ cACertificate $ crossCertificatePair ) ) -olcObjectClasses: {22}( 2.5.6.23 NAME 'deltaCRL' DESC 'RFC2587: PKI user' SU - P top AUXILIARY MAY deltaRevocationList ) -olcObjectClasses: {23}( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject' DESC 'R - FC2079: object that contains the URI attribute type' MAY ( labeledURI ) SUP - top AUXILIARY ) -olcObjectClasses: {24}( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObjec - t' DESC 'RFC1274: simple security object' SUP top AUXILIARY MUST userPasswo - rd ) -olcObjectClasses: {25}( 1.3.6.1.4.1.1466.344 NAME 'dcObject' DESC 'RFC2247: - domain component object' SUP top AUXILIARY MUST dc ) -olcObjectClasses: {26}( 1.3.6.1.1.3.1 NAME 'uidObject' DESC 'RFC2377: uid ob - ject' SUP top AUXILIARY MUST uid ) -structuralObjectClass: olcSchemaConfig -entryUUID: fc8f1d30-514b-1034-9c30-0faf5bc7ead5 -creatorsName: cn=admin,cn=config -createTimestamp: 20150225150906Z -entryCSN: 20150225150906.558865Z#000000#000#000000 -modifiersName: cn=admin,cn=config -modifyTimestamp: 20150225150906Z - -dn: cn={1}cosine,cn=schema,cn=config -objectClass: olcSchemaConfig -cn: {1}cosine -olcAttributeTypes: {0}( 0.9.2342.19200300.100.1.2 NAME 'textEncodedORAddress - ' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1. - 4.1.1466.115.121.1.15{256} ) -olcAttributeTypes: {1}( 0.9.2342.19200300.100.1.4 NAME 'info' DESC 'RFC1274: - general information' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsM - atch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{2048} ) -olcAttributeTypes: {2}( 0.9.2342.19200300.100.1.5 NAME ( 'drink' 'favouriteD - rink' ) DESC 'RFC1274: favorite drink' EQUALITY caseIgnoreMatch SUBSTR case - IgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) -olcAttributeTypes: {3}( 0.9.2342.19200300.100.1.6 NAME 'roomNumber' DESC 'RF - C1274: room number' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMat - ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) -olcAttributeTypes: {4}( 0.9.2342.19200300.100.1.7 NAME 'photo' DESC 'RFC1274 - : photo (G3 fax)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.23{25000} ) -olcAttributeTypes: {5}( 0.9.2342.19200300.100.1.8 NAME 'userClass' DESC 'RFC - 1274: category of user' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstring - sMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) -olcAttributeTypes: {6}( 0.9.2342.19200300.100.1.9 NAME 'host' DESC 'RFC1274: - host computer' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch S - YNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) -olcAttributeTypes: {7}( 0.9.2342.19200300.100.1.10 NAME 'manager' DESC 'RFC1 - 274: DN of manager' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466 - .115.121.1.12 ) -olcAttributeTypes: {8}( 0.9.2342.19200300.100.1.11 NAME 'documentIdentifier' - DESC 'RFC1274: unique identifier of document' EQUALITY caseIgnoreMatch SUB - STR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) -olcAttributeTypes: {9}( 0.9.2342.19200300.100.1.12 NAME 'documentTitle' DESC - 'RFC1274: title of document' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSub - stringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) -olcAttributeTypes: {10}( 0.9.2342.19200300.100.1.13 NAME 'documentVersion' D - ESC 'RFC1274: version of document' EQUALITY caseIgnoreMatch SUBSTR caseIgno - reSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) -olcAttributeTypes: {11}( 0.9.2342.19200300.100.1.14 NAME 'documentAuthor' DE - SC 'RFC1274: DN of author of document' EQUALITY distinguishedNameMatch SYNT - AX 1.3.6.1.4.1.1466.115.121.1.12 ) -olcAttributeTypes: {12}( 0.9.2342.19200300.100.1.15 NAME 'documentLocation' - DESC 'RFC1274: location of document original' EQUALITY caseIgnoreMatch SUBS - TR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) -olcAttributeTypes: {13}( 0.9.2342.19200300.100.1.20 NAME ( 'homePhone' 'home - TelephoneNumber' ) DESC 'RFC1274: home telephone number' EQUALITY telephone - NumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.1 - 15.121.1.50 ) -olcAttributeTypes: {14}( 0.9.2342.19200300.100.1.21 NAME 'secretary' DESC 'R - FC1274: DN of secretary' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1 - .1466.115.121.1.12 ) -olcAttributeTypes: {15}( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox' SYNT - AX 1.3.6.1.4.1.1466.115.121.1.39 ) -olcAttributeTypes: {16}( 0.9.2342.19200300.100.1.26 NAME 'aRecord' EQUALITY - caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) -olcAttributeTypes: {17}( 0.9.2342.19200300.100.1.27 NAME 'mDRecord' EQUALITY - caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) -olcAttributeTypes: {18}( 0.9.2342.19200300.100.1.28 NAME 'mXRecord' EQUALITY - caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) -olcAttributeTypes: {19}( 0.9.2342.19200300.100.1.29 NAME 'nSRecord' EQUALITY - caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) -olcAttributeTypes: {20}( 0.9.2342.19200300.100.1.30 NAME 'sOARecord' EQUALIT - Y caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) -olcAttributeTypes: {21}( 0.9.2342.19200300.100.1.31 NAME 'cNAMERecord' EQUAL - ITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) -olcAttributeTypes: {22}( 0.9.2342.19200300.100.1.38 NAME 'associatedName' DE - SC 'RFC1274: DN of entry associated with domain' EQUALITY distinguishedName - Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) -olcAttributeTypes: {23}( 0.9.2342.19200300.100.1.39 NAME 'homePostalAddress' - DESC 'RFC1274: home postal address' EQUALITY caseIgnoreListMatch SUBSTR ca - seIgnoreListSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) -olcAttributeTypes: {24}( 0.9.2342.19200300.100.1.40 NAME 'personalTitle' DES - C 'RFC1274: personal title' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubst - ringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) -olcAttributeTypes: {25}( 0.9.2342.19200300.100.1.41 NAME ( 'mobile' 'mobileT - elephoneNumber' ) DESC 'RFC1274: mobile telephone number' EQUALITY telephon - eNumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466. - 115.121.1.50 ) -olcAttributeTypes: {26}( 0.9.2342.19200300.100.1.42 NAME ( 'pager' 'pagerTel - ephoneNumber' ) DESC 'RFC1274: pager telephone number' EQUALITY telephoneNu - mberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115 - .121.1.50 ) -olcAttributeTypes: {27}( 0.9.2342.19200300.100.1.43 NAME ( 'co' 'friendlyCou - ntryName' ) DESC 'RFC1274: friendly country name' EQUALITY caseIgnoreMatch - SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) -olcAttributeTypes: {28}( 0.9.2342.19200300.100.1.44 NAME 'uniqueIdentifier' - DESC 'RFC1274: unique identifer' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4. - 1.1466.115.121.1.15{256} ) -olcAttributeTypes: {29}( 0.9.2342.19200300.100.1.45 NAME 'organizationalStat - us' DESC 'RFC1274: organizational status' EQUALITY caseIgnoreMatch SUBSTR c - aseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) -olcAttributeTypes: {30}( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox' DESC - 'RFC1274: Janet mailbox' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5S - ubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) -olcAttributeTypes: {31}( 0.9.2342.19200300.100.1.47 NAME 'mailPreferenceOpti - on' DESC 'RFC1274: mail preference option' SYNTAX 1.3.6.1.4.1.1466.115.121. - 1.27 ) -olcAttributeTypes: {32}( 0.9.2342.19200300.100.1.48 NAME 'buildingName' DESC - 'RFC1274: name of building' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubs - tringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) -olcAttributeTypes: {33}( 0.9.2342.19200300.100.1.49 NAME 'dSAQuality' DESC ' - RFC1274: DSA Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1.19 SINGLE-VALUE ) -olcAttributeTypes: {34}( 0.9.2342.19200300.100.1.50 NAME 'singleLevelQuality - ' DESC 'RFC1274: Single Level Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 - SINGLE-VALUE ) -olcAttributeTypes: {35}( 0.9.2342.19200300.100.1.51 NAME 'subtreeMinimumQual - ity' DESC 'RFC1274: Subtree Mininum Quality' SYNTAX 1.3.6.1.4.1.1466.115.12 - 1.1.13 SINGLE-VALUE ) -olcAttributeTypes: {36}( 0.9.2342.19200300.100.1.52 NAME 'subtreeMaximumQual - ity' DESC 'RFC1274: Subtree Maximun Quality' SYNTAX 1.3.6.1.4.1.1466.115.12 - 1.1.13 SINGLE-VALUE ) -olcAttributeTypes: {37}( 0.9.2342.19200300.100.1.53 NAME 'personalSignature' - DESC 'RFC1274: Personal Signature (G3 fax)' SYNTAX 1.3.6.1.4.1.1466.115.12 - 1.1.23 ) -olcAttributeTypes: {38}( 0.9.2342.19200300.100.1.54 NAME 'dITRedirect' DESC - 'RFC1274: DIT Redirect' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1. - 1466.115.121.1.12 ) -olcAttributeTypes: {39}( 0.9.2342.19200300.100.1.55 NAME 'audio' DESC 'RFC12 - 74: audio (u-law)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.4{25000} ) -olcAttributeTypes: {40}( 0.9.2342.19200300.100.1.56 NAME 'documentPublisher' - DESC 'RFC1274: publisher of document' EQUALITY caseIgnoreMatch SUBSTR case - IgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) -olcObjectClasses: {0}( 0.9.2342.19200300.100.4.4 NAME ( 'pilotPerson' 'newPi - lotPerson' ) SUP person STRUCTURAL MAY ( userid $ textEncodedORAddress $ rf - c822Mailbox $ favouriteDrink $ roomNumber $ userClass $ homeTelephoneNumber - $ homePostalAddress $ secretary $ personalTitle $ preferredDeliveryMethod - $ businessCategory $ janetMailbox $ otherMailbox $ mobileTelephoneNumber $ - pagerTelephoneNumber $ organizationalStatus $ mailPreferenceOption $ person - alSignature ) ) -olcObjectClasses: {1}( 0.9.2342.19200300.100.4.5 NAME 'account' SUP top STRU - CTURAL MUST userid MAY ( description $ seeAlso $ localityName $ organizatio - nName $ organizationalUnitName $ host ) ) -olcObjectClasses: {2}( 0.9.2342.19200300.100.4.6 NAME 'document' SUP top STR - UCTURAL MUST documentIdentifier MAY ( commonName $ description $ seeAlso $ - localityName $ organizationName $ organizationalUnitName $ documentTitle $ - documentVersion $ documentAuthor $ documentLocation $ documentPublisher ) ) -olcObjectClasses: {3}( 0.9.2342.19200300.100.4.7 NAME 'room' SUP top STRUCTU - RAL MUST commonName MAY ( roomNumber $ description $ seeAlso $ telephoneNum - ber ) ) -olcObjectClasses: {4}( 0.9.2342.19200300.100.4.9 NAME 'documentSeries' SUP t - op STRUCTURAL MUST commonName MAY ( description $ seeAlso $ telephonenumber - $ localityName $ organizationName $ organizationalUnitName ) ) -olcObjectClasses: {5}( 0.9.2342.19200300.100.4.13 NAME 'domain' SUP top STRU - CTURAL MUST domainComponent MAY ( associatedName $ organizationName $ descr - iption $ businessCategory $ seeAlso $ searchGuide $ userPassword $ locality - Name $ stateOrProvinceName $ streetAddress $ physicalDeliveryOfficeName $ p - ostalAddress $ postalCode $ postOfficeBox $ streetAddress $ facsimileTeleph - oneNumber $ internationalISDNNumber $ telephoneNumber $ teletexTerminalIden - tifier $ telexNumber $ preferredDeliveryMethod $ destinationIndicator $ reg - isteredAddress $ x121Address ) ) -olcObjectClasses: {6}( 0.9.2342.19200300.100.4.14 NAME 'RFC822localPart' SUP - domain STRUCTURAL MAY ( commonName $ surname $ description $ seeAlso $ tel - ephoneNumber $ physicalDeliveryOfficeName $ postalAddress $ postalCode $ po - stOfficeBox $ streetAddress $ facsimileTelephoneNumber $ internationalISDNN - umber $ telephoneNumber $ teletexTerminalIdentifier $ telexNumber $ preferr - edDeliveryMethod $ destinationIndicator $ registeredAddress $ x121Address ) - ) -olcObjectClasses: {7}( 0.9.2342.19200300.100.4.15 NAME 'dNSDomain' SUP domai - n STRUCTURAL MAY ( ARecord $ MDRecord $ MXRecord $ NSRecord $ SOARecord $ C - NAMERecord ) ) -olcObjectClasses: {8}( 0.9.2342.19200300.100.4.17 NAME 'domainRelatedObject' - DESC 'RFC1274: an object related to an domain' SUP top AUXILIARY MUST asso - ciatedDomain ) -olcObjectClasses: {9}( 0.9.2342.19200300.100.4.18 NAME 'friendlyCountry' SUP - country STRUCTURAL MUST friendlyCountryName ) -olcObjectClasses: {10}( 0.9.2342.19200300.100.4.20 NAME 'pilotOrganization' - SUP ( organization $ organizationalUnit ) STRUCTURAL MAY buildingName ) -olcObjectClasses: {11}( 0.9.2342.19200300.100.4.21 NAME 'pilotDSA' SUP dsa S - TRUCTURAL MAY dSAQuality ) -olcObjectClasses: {12}( 0.9.2342.19200300.100.4.22 NAME 'qualityLabelledData - ' SUP top AUXILIARY MUST dsaQuality MAY ( subtreeMinimumQuality $ subtreeMa - ximumQuality ) ) -structuralObjectClass: olcSchemaConfig -entryUUID: fc8f49fe-514b-1034-9c31-0faf5bc7ead5 -creatorsName: cn=admin,cn=config -createTimestamp: 20150225150906Z -entryCSN: 20150225150906.560014Z#000000#000#000000 -modifiersName: cn=admin,cn=config -modifyTimestamp: 20150225150906Z - -dn: cn={2}nis,cn=schema,cn=config -objectClass: olcSchemaConfig -cn: {2}nis -olcAttributeTypes: {0}( 1.3.6.1.1.1.1.2 NAME 'gecos' DESC 'The GECOS field; - the common name' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5Substrings - Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) -olcAttributeTypes: {1}( 1.3.6.1.1.1.1.3 NAME 'homeDirectory' DESC 'The absol - ute path to the home directory' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4 - .1.1466.115.121.1.26 SINGLE-VALUE ) -olcAttributeTypes: {2}( 1.3.6.1.1.1.1.4 NAME 'loginShell' DESC 'The path to - the login shell' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121 - .1.26 SINGLE-VALUE ) -olcAttributeTypes: {3}( 1.3.6.1.1.1.1.5 NAME 'shadowLastChange' EQUALITY int - egerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {4}( 1.3.6.1.1.1.1.6 NAME 'shadowMin' EQUALITY integerMat - ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {5}( 1.3.6.1.1.1.1.7 NAME 'shadowMax' EQUALITY integerMat - ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {6}( 1.3.6.1.1.1.1.8 NAME 'shadowWarning' EQUALITY intege - rMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {7}( 1.3.6.1.1.1.1.9 NAME 'shadowInactive' EQUALITY integ - erMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {8}( 1.3.6.1.1.1.1.10 NAME 'shadowExpire' EQUALITY intege - rMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {9}( 1.3.6.1.1.1.1.11 NAME 'shadowFlag' EQUALITY integerM - atch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {10}( 1.3.6.1.1.1.1.12 NAME 'memberUid' EQUALITY caseExac - tIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.12 - 1.1.26 ) -olcAttributeTypes: {11}( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup' EQUALITY - caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.146 - 6.115.121.1.26 ) -olcAttributeTypes: {12}( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple' DESC 'Net - group triple' SYNTAX 1.3.6.1.1.1.0.0 ) -olcAttributeTypes: {13}( 1.3.6.1.1.1.1.15 NAME 'ipServicePort' EQUALITY inte - gerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {14}( 1.3.6.1.1.1.1.16 NAME 'ipServiceProtocol' SUP name - ) -olcAttributeTypes: {15}( 1.3.6.1.1.1.1.17 NAME 'ipProtocolNumber' EQUALITY i - ntegerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {16}( 1.3.6.1.1.1.1.18 NAME 'oncRpcNumber' EQUALITY integ - erMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {17}( 1.3.6.1.1.1.1.19 NAME 'ipHostNumber' DESC 'IP addre - ss' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) -olcAttributeTypes: {18}( 1.3.6.1.1.1.1.20 NAME 'ipNetworkNumber' DESC 'IP ne - twork' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128 - } SINGLE-VALUE ) -olcAttributeTypes: {19}( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber' DESC 'IP ne - tmask' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128 - } SINGLE-VALUE ) -olcAttributeTypes: {20}( 1.3.6.1.1.1.1.22 NAME 'macAddress' DESC 'MAC addres - s' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) -olcAttributeTypes: {21}( 1.3.6.1.1.1.1.23 NAME 'bootParameter' DESC 'rpc.boo - tparamd parameter' SYNTAX 1.3.6.1.1.1.0.1 ) -olcAttributeTypes: {22}( 1.3.6.1.1.1.1.24 NAME 'bootFile' DESC 'Boot image n - ame' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) -olcAttributeTypes: {23}( 1.3.6.1.1.1.1.26 NAME 'nisMapName' SUP name ) -olcAttributeTypes: {24}( 1.3.6.1.1.1.1.27 NAME 'nisMapEntry' EQUALITY caseEx - actIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115. - 121.1.26{1024} SINGLE-VALUE ) -olcObjectClasses: {0}( 1.3.6.1.1.1.2.0 NAME 'posixAccount' DESC 'Abstraction - of an account with POSIX attributes' SUP top AUXILIARY MUST ( cn $ uid $ u - idNumber $ gidNumber $ homeDirectory ) MAY ( userPassword $ loginShell $ ge - cos $ description ) ) -olcObjectClasses: {1}( 1.3.6.1.1.1.2.1 NAME 'shadowAccount' DESC 'Additional - attributes for shadow passwords' SUP top AUXILIARY MUST uid MAY ( userPass - word $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowIna - ctive $ shadowExpire $ shadowFlag $ description ) ) -olcObjectClasses: {2}( 1.3.6.1.1.1.2.2 NAME 'posixGroup' DESC 'Abstraction o - f a group of accounts' SUP top STRUCTURAL MUST ( cn $ gidNumber ) MAY ( use - rPassword $ memberUid $ description ) ) -olcObjectClasses: {3}( 1.3.6.1.1.1.2.3 NAME 'ipService' DESC 'Abstraction an - Internet Protocol service' SUP top STRUCTURAL MUST ( cn $ ipServicePort $ - ipServiceProtocol ) MAY description ) -olcObjectClasses: {4}( 1.3.6.1.1.1.2.4 NAME 'ipProtocol' DESC 'Abstraction o - f an IP protocol' SUP top STRUCTURAL MUST ( cn $ ipProtocolNumber $ descrip - tion ) MAY description ) -olcObjectClasses: {5}( 1.3.6.1.1.1.2.5 NAME 'oncRpc' DESC 'Abstraction of an - ONC/RPC binding' SUP top STRUCTURAL MUST ( cn $ oncRpcNumber $ description - ) MAY description ) -olcObjectClasses: {6}( 1.3.6.1.1.1.2.6 NAME 'ipHost' DESC 'Abstraction of a - host, an IP device' SUP top AUXILIARY MUST ( cn $ ipHostNumber ) MAY ( l $ - description $ manager ) ) -olcObjectClasses: {7}( 1.3.6.1.1.1.2.7 NAME 'ipNetwork' DESC 'Abstraction of - an IP network' SUP top STRUCTURAL MUST ( cn $ ipNetworkNumber ) MAY ( ipNe - tmaskNumber $ l $ description $ manager ) ) -olcObjectClasses: {8}( 1.3.6.1.1.1.2.8 NAME 'nisNetgroup' DESC 'Abstraction - of a netgroup' SUP top STRUCTURAL MUST cn MAY ( nisNetgroupTriple $ memberN - isNetgroup $ description ) ) -olcObjectClasses: {9}( 1.3.6.1.1.1.2.9 NAME 'nisMap' DESC 'A generic abstrac - tion of a NIS map' SUP top STRUCTURAL MUST nisMapName MAY description ) -olcObjectClasses: {10}( 1.3.6.1.1.1.2.10 NAME 'nisObject' DESC 'An entry in - a NIS map' SUP top STRUCTURAL MUST ( cn $ nisMapEntry $ nisMapName ) MAY de - scription ) -olcObjectClasses: {11}( 1.3.6.1.1.1.2.11 NAME 'ieee802Device' DESC 'A device - with a MAC address' SUP top AUXILIARY MAY macAddress ) -olcObjectClasses: {12}( 1.3.6.1.1.1.2.12 NAME 'bootableDevice' DESC 'A devic - e with boot parameters' SUP top AUXILIARY MAY ( bootFile $ bootParameter ) - ) -structuralObjectClass: olcSchemaConfig -entryUUID: fc8f6894-514b-1034-9c32-0faf5bc7ead5 -creatorsName: cn=admin,cn=config -createTimestamp: 20150225150906Z -entryCSN: 20150225150906.560798Z#000000#000#000000 -modifiersName: cn=admin,cn=config -modifyTimestamp: 20150225150906Z - -dn: cn={3}inetorgperson,cn=schema,cn=config -objectClass: olcSchemaConfig -cn: {3}inetorgperson -olcAttributeTypes: {0}( 2.16.840.1.113730.3.1.1 NAME 'carLicense' DESC 'RFC2 - 798: vehicle license or registration plate' EQUALITY caseIgnoreMatch SUBSTR - caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) -olcAttributeTypes: {1}( 2.16.840.1.113730.3.1.2 NAME 'departmentNumber' DESC - 'RFC2798: identifies a department within an organization' EQUALITY caseIgn - oreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1 - .15 ) -olcAttributeTypes: {2}( 2.16.840.1.113730.3.1.241 NAME 'displayName' DESC 'R - FC2798: preferred name to be used when displaying entries' EQUALITY caseIgn - oreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1 - .15 SINGLE-VALUE ) -olcAttributeTypes: {3}( 2.16.840.1.113730.3.1.3 NAME 'employeeNumber' DESC ' - RFC2798: numerically identifies an employee within an organization' EQUALIT - Y caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466. - 115.121.1.15 SINGLE-VALUE ) -olcAttributeTypes: {4}( 2.16.840.1.113730.3.1.4 NAME 'employeeType' DESC 'RF - C2798: type of employment for a person' EQUALITY caseIgnoreMatch SUBSTR cas - eIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) -olcAttributeTypes: {5}( 0.9.2342.19200300.100.1.60 NAME 'jpegPhoto' DESC 'RF - C2798: a JPEG image' SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 ) -olcAttributeTypes: {6}( 2.16.840.1.113730.3.1.39 NAME 'preferredLanguage' DE - SC 'RFC2798: preferred written or spoken language for a person' EQUALITY ca - seIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115. - 121.1.15 SINGLE-VALUE ) -olcAttributeTypes: {7}( 2.16.840.1.113730.3.1.40 NAME 'userSMIMECertificate' - DESC 'RFC2798: PKCS#7 SignedData used to support S/MIME' SYNTAX 1.3.6.1.4. - 1.1466.115.121.1.5 ) -olcAttributeTypes: {8}( 2.16.840.1.113730.3.1.216 NAME 'userPKCS12' DESC 'RF - C2798: personal identity information, a PKCS #12 PFX' SYNTAX 1.3.6.1.4.1.14 - 66.115.121.1.5 ) -olcObjectClasses: {0}( 2.16.840.1.113730.3.2.2 NAME 'inetOrgPerson' DESC 'RF - C2798: Internet Organizational Person' SUP organizationalPerson STRUCTURAL - MAY ( audio $ businessCategory $ carLicense $ departmentNumber $ displayNam - e $ employeeNumber $ employeeType $ givenName $ homePhone $ homePostalAddre - ss $ initials $ jpegPhoto $ labeledURI $ mail $ manager $ mobile $ o $ page - r $ photo $ roomNumber $ secretary $ uid $ userCertificate $ x500uniqueIden - tifier $ preferredLanguage $ userSMIMECertificate $ userPKCS12 ) ) -structuralObjectClass: olcSchemaConfig -entryUUID: fc8f7bf4-514b-1034-9c33-0faf5bc7ead5 -creatorsName: cn=admin,cn=config -createTimestamp: 20150225150906Z -entryCSN: 20150225150906.561294Z#000000#000#000000 -modifiersName: cn=admin,cn=config -modifyTimestamp: 20150225150906Z - -dn: cn={4}samba,cn=schema,cn=config -objectClass: olcSchemaConfig -cn: {4}samba -olcAttributeTypes: {0}( 1.3.6.1.4.1.7165.2.1.24 NAME 'sambaLMPassword' DESC - 'LanManager Password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.1 - 15.121.1.26{32} SINGLE-VALUE ) -olcAttributeTypes: {1}( 1.3.6.1.4.1.7165.2.1.25 NAME 'sambaNTPassword' DESC - 'MD4 hash of the unicode password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6 - .1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) -olcAttributeTypes: {2}( 1.3.6.1.4.1.7165.2.1.26 NAME 'sambaAcctFlags' DESC ' - Account Flags' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121. - 1.26{16} SINGLE-VALUE ) -olcAttributeTypes: {3}( 1.3.6.1.4.1.7165.2.1.27 NAME 'sambaPwdLastSet' DESC - 'Timestamp of the last password update' EQUALITY integerMatch SYNTAX 1.3.6. - 1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {4}( 1.3.6.1.4.1.7165.2.1.28 NAME 'sambaPwdCanChange' DES - C 'Timestamp of when the user is allowed to update the password' EQUALITY i - ntegerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {5}( 1.3.6.1.4.1.7165.2.1.29 NAME 'sambaPwdMustChange' DE - SC 'Timestamp of when the password will expire' EQUALITY integerMatch SYNTA - X 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {6}( 1.3.6.1.4.1.7165.2.1.30 NAME 'sambaLogonTime' DESC ' - Timestamp of last logon' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115. - 121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {7}( 1.3.6.1.4.1.7165.2.1.31 NAME 'sambaLogoffTime' DESC - 'Timestamp of last logoff' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.11 - 5.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {8}( 1.3.6.1.4.1.7165.2.1.32 NAME 'sambaKickoffTime' DESC - 'Timestamp of when the user will be logged off automatically' EQUALITY int - egerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {9}( 1.3.6.1.4.1.7165.2.1.48 NAME 'sambaBadPasswordCount' - DESC 'Bad password attempt count' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1 - .1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {10}( 1.3.6.1.4.1.7165.2.1.49 NAME 'sambaBadPasswordTime' - DESC 'Time of the last bad password attempt' EQUALITY integerMatch SYNTAX - 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {11}( 1.3.6.1.4.1.7165.2.1.55 NAME 'sambaLogonHours' DESC - 'Logon Hours' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121. - 1.26{42} SINGLE-VALUE ) -olcAttributeTypes: {12}( 1.3.6.1.4.1.7165.2.1.33 NAME 'sambaHomeDrive' DESC - 'Driver letter of home directory mapping' EQUALITY caseIgnoreIA5Match SYNTA - X 1.3.6.1.4.1.1466.115.121.1.26{4} SINGLE-VALUE ) -olcAttributeTypes: {13}( 1.3.6.1.4.1.7165.2.1.34 NAME 'sambaLogonScript' DES - C 'Logon script path' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115. - 121.1.15{255} SINGLE-VALUE ) -olcAttributeTypes: {14}( 1.3.6.1.4.1.7165.2.1.35 NAME 'sambaProfilePath' DES - C 'Roaming profile path' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.1 - 15.121.1.15{255} SINGLE-VALUE ) -olcAttributeTypes: {15}( 1.3.6.1.4.1.7165.2.1.36 NAME 'sambaUserWorkstations - ' DESC 'List of user workstations the user is allowed to logon to' EQUALITY - caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE ) -olcAttributeTypes: {16}( 1.3.6.1.4.1.7165.2.1.37 NAME 'sambaHomePath' DESC ' - Home directory UNC path' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.1 - 15.121.1.15{128} ) -olcAttributeTypes: {17}( 1.3.6.1.4.1.7165.2.1.38 NAME 'sambaDomainName' DESC - 'Windows NT domain to which the user belongs' EQUALITY caseIgnoreMatch SYN - TAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) -olcAttributeTypes: {18}( 1.3.6.1.4.1.7165.2.1.47 NAME 'sambaMungedDial' DESC - 'Base64 encoded user parameter string' EQUALITY caseExactMatch SYNTAX 1.3. - 6.1.4.1.1466.115.121.1.15{1050} ) -olcAttributeTypes: {19}( 1.3.6.1.4.1.7165.2.1.54 NAME 'sambaPasswordHistory' - DESC 'Concatenated MD5 hashes of the salted NT passwords used on this acco - unt' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} ) -olcAttributeTypes: {20}( 1.3.6.1.4.1.7165.2.1.20 NAME 'sambaSID' DESC 'Secur - ity ID' EQUALITY caseIgnoreIA5Match SUBSTR caseExactIA5SubstringsMatch SYNT - AX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE ) -olcAttributeTypes: {21}( 1.3.6.1.4.1.7165.2.1.23 NAME 'sambaPrimaryGroupSID' - DESC 'Primary Group Security ID' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6. - 1.4.1.1466.115.121.1.26{64} SINGLE-VALUE ) -olcAttributeTypes: {22}( 1.3.6.1.4.1.7165.2.1.51 NAME 'sambaSIDList' DESC 'S - ecurity ID List' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.12 - 1.1.26{64} ) -olcAttributeTypes: {23}( 1.3.6.1.4.1.7165.2.1.19 NAME 'sambaGroupType' DESC - 'NT Group Type' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 - SINGLE-VALUE ) -olcAttributeTypes: {24}( 1.3.6.1.4.1.7165.2.1.21 NAME 'sambaNextUserRid' DES - C 'Next NT rid to give our for users' EQUALITY integerMatch SYNTAX 1.3.6.1. - 4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {25}( 1.3.6.1.4.1.7165.2.1.22 NAME 'sambaNextGroupRid' DE - SC 'Next NT rid to give out for groups' EQUALITY integerMatch SYNTAX 1.3.6. - 1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {26}( 1.3.6.1.4.1.7165.2.1.39 NAME 'sambaNextRid' DESC 'N - ext NT rid to give out for anything' EQUALITY integerMatch SYNTAX 1.3.6.1.4 - .1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {27}( 1.3.6.1.4.1.7165.2.1.40 NAME 'sambaAlgorithmicRidBa - se' DESC 'Base at which the samba RID generation algorithm should operate' - EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {28}( 1.3.6.1.4.1.7165.2.1.41 NAME 'sambaShareName' DESC - 'Share Name' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 - SINGLE-VALUE ) -olcAttributeTypes: {29}( 1.3.6.1.4.1.7165.2.1.42 NAME 'sambaOptionName' DESC - 'Option Name' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SY - NTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) -olcAttributeTypes: {30}( 1.3.6.1.4.1.7165.2.1.43 NAME 'sambaBoolOption' DESC - 'A boolean option' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1 - .7 SINGLE-VALUE ) -olcAttributeTypes: {31}( 1.3.6.1.4.1.7165.2.1.44 NAME 'sambaIntegerOption' D - ESC 'An integer option' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.1 - 21.1.27 SINGLE-VALUE ) -olcAttributeTypes: {32}( 1.3.6.1.4.1.7165.2.1.45 NAME 'sambaStringOption' DE - SC 'A string option' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115 - .121.1.26 SINGLE-VALUE ) -olcAttributeTypes: {33}( 1.3.6.1.4.1.7165.2.1.46 NAME 'sambaStringListOption - ' DESC 'A string list option' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1 - 466.115.121.1.15 ) -olcAttributeTypes: {34}( 1.3.6.1.4.1.7165.2.1.53 NAME 'sambaTrustFlags' DESC - 'Trust Password Flags' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466 - .115.121.1.26 ) -olcAttributeTypes: {35}( 1.3.6.1.4.1.7165.2.1.58 NAME 'sambaMinPwdLength' DE - SC 'Minimal password length (default: 5)' EQUALITY integerMatch SYNTAX 1.3. - 6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {36}( 1.3.6.1.4.1.7165.2.1.59 NAME 'sambaPwdHistoryLength - ' DESC 'Length of Password History Entries (default: 0 => off)' EQUALITY in - tegerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {37}( 1.3.6.1.4.1.7165.2.1.60 NAME 'sambaLogonToChgPwd' D - ESC 'Force Users to logon for password change (default: 0 => off, 2 => on)' - EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {38}( 1.3.6.1.4.1.7165.2.1.61 NAME 'sambaMaxPwdAge' DESC - 'Maximum password age, in seconds (default: -1 => never expire passwords)' - EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {39}( 1.3.6.1.4.1.7165.2.1.62 NAME 'sambaMinPwdAge' DESC - 'Minimum password age, in seconds (default: 0 => allow immediate password c - hange)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-V - ALUE ) -olcAttributeTypes: {40}( 1.3.6.1.4.1.7165.2.1.63 NAME 'sambaLockoutDuration' - DESC 'Lockout duration in minutes (default: 30, -1 => forever)' EQUALITY i - ntegerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {41}( 1.3.6.1.4.1.7165.2.1.64 NAME 'sambaLockoutObservati - onWindow' DESC 'Reset time after lockout in minutes (default: 30)' EQUALITY - integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {42}( 1.3.6.1.4.1.7165.2.1.65 NAME 'sambaLockoutThreshold - ' DESC 'Lockout users after bad logon attempts (default: 0 => off)' EQUALIT - Y integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {43}( 1.3.6.1.4.1.7165.2.1.66 NAME 'sambaForceLogoff' DES - C 'Disconnect Users outside logon hours (default: -1 => off, 0 => on)' EQUA - LITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {44}( 1.3.6.1.4.1.7165.2.1.67 NAME 'sambaRefuseMachinePwd - Change' DESC 'Allow Machine Password changes (default: 0 => off)' EQUALITY - integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {45}( 1.3.6.1.4.1.7165.2.1.68 NAME 'sambaClearTextPasswor - d' DESC 'Clear text password (used for trusted domain passwords)' EQUALITY - octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) -olcAttributeTypes: {46}( 1.3.6.1.4.1.7165.2.1.69 NAME 'sambaPreviousClearTex - tPassword' DESC 'Previous clear text password (used for trusted domain pass - words)' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) -olcAttributeTypes: {47}( 1.3.6.1.4.1.7165.2.1.70 NAME 'sambaTrustType' DESC - 'Type of trust' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 - SINGLE-VALUE ) -olcAttributeTypes: {48}( 1.3.6.1.4.1.7165.2.1.71 NAME 'sambaTrustAttributes' - DESC 'Trust attributes for a trusted domain' EQUALITY integerMatch SYNTAX - 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {49}( 1.3.6.1.4.1.7165.2.1.72 NAME 'sambaTrustDirection' - DESC 'Direction of a trust' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.1 - 15.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {50}( 1.3.6.1.4.1.7165.2.1.73 NAME 'sambaTrustPartner' DE - SC 'Fully qualified name of the domain with which a trust exists' EQUALITY - caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) -olcAttributeTypes: {51}( 1.3.6.1.4.1.7165.2.1.74 NAME 'sambaFlatName' DESC ' - NetBIOS name of a domain' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466. - 115.121.1.15{128} ) -olcAttributeTypes: {52}( 1.3.6.1.4.1.7165.2.1.75 NAME 'sambaTrustAuthOutgoin - g' DESC 'Authentication information for the outgoing portion of a trust' EQ - UALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} ) -olcAttributeTypes: {53}( 1.3.6.1.4.1.7165.2.1.76 NAME 'sambaTrustAuthIncomin - g' DESC 'Authentication information for the incoming portion of a trust' EQ - UALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} ) -olcAttributeTypes: {54}( 1.3.6.1.4.1.7165.2.1.77 NAME 'sambaSecurityIdentifi - er' DESC 'SID of a trusted domain' EQUALITY caseIgnoreIA5Match SUBSTR caseE - xactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALU - E ) -olcAttributeTypes: {55}( 1.3.6.1.4.1.7165.2.1.78 NAME 'sambaTrustForestTrust - Info' DESC 'Forest trust information for a trusted domain object' EQUALITY - caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} ) -olcObjectClasses: {0}( 1.3.6.1.4.1.7165.2.2.6 NAME 'sambaSamAccount' DESC 'S - amba 3.0 Auxilary SAM Account' SUP top AUXILIARY MUST ( uid $ sambaSID ) MA - Y ( cn $ sambaLMPassword $ sambaNTPassword $ sambaPwdLastSet $ sambaLogonTi - me $ sambaLogoffTime $ sambaKickoffTime $ sambaPwdCanChange $ sambaPwdMustC - hange $ sambaAcctFlags $ displayName $ sambaHomePath $ sambaHomeDrive $ sam - baLogonScript $ sambaProfilePath $ description $ sambaUserWorkstations $ sa - mbaPrimaryGroupSID $ sambaDomainName $ sambaMungedDial $ sambaBadPasswordCo - unt $ sambaBadPasswordTime $ sambaPasswordHistory $ sambaLogonHours ) ) -olcObjectClasses: {1}( 1.3.6.1.4.1.7165.2.2.4 NAME 'sambaGroupMapping' DESC - 'Samba Group Mapping' SUP top AUXILIARY MUST ( gidNumber $ sambaSID $ samba - GroupType ) MAY ( displayName $ description $ sambaSIDList ) ) -olcObjectClasses: {2}( 1.3.6.1.4.1.7165.2.2.14 NAME 'sambaTrustPassword' DES - C 'Samba Trust Password' SUP top STRUCTURAL MUST ( sambaDomainName $ sambaN - TPassword $ sambaTrustFlags ) MAY ( sambaSID $ sambaPwdLastSet ) ) -olcObjectClasses: {3}( 1.3.6.1.4.1.7165.2.2.15 NAME 'sambaTrustedDomainPassw - ord' DESC 'Samba Trusted Domain Password' SUP top STRUCTURAL MUST ( sambaDo - mainName $ sambaSID $ sambaClearTextPassword $ sambaPwdLastSet ) MAY sambaP - reviousClearTextPassword ) -olcObjectClasses: {4}( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' DESC 'Samba - Domain Information' SUP top STRUCTURAL MUST ( sambaDomainName $ sambaSID ) - MAY ( sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $ sambaAlgorithm - icRidBase $ sambaMinPwdLength $ sambaPwdHistoryLength $ sambaLogonToChgPwd - $ sambaMaxPwdAge $ sambaMinPwdAge $ sambaLockoutDuration $ sambaLockoutObse - rvationWindow $ sambaLockoutThreshold $ sambaForceLogoff $ sambaRefuseMachi - nePwdChange ) ) -olcObjectClasses: {5}( 1.3.6.1.4.1.7165.2.2.7 NAME 'sambaUnixIdPool' DESC 'P - ool for allocating UNIX uids/gids' SUP top AUXILIARY MUST ( uidNumber $ gid - Number ) ) -olcObjectClasses: {6}( 1.3.6.1.4.1.7165.2.2.8 NAME 'sambaIdmapEntry' DESC 'M - apping from a SID to an ID' SUP top AUXILIARY MUST sambaSID MAY ( uidNumber - $ gidNumber ) ) -olcObjectClasses: {7}( 1.3.6.1.4.1.7165.2.2.9 NAME 'sambaSidEntry' DESC 'Str - uctural Class for a SID' SUP top STRUCTURAL MUST sambaSID ) -olcObjectClasses: {8}( 1.3.6.1.4.1.7165.2.2.10 NAME 'sambaConfig' DESC 'Samb - a Configuration Section' SUP top AUXILIARY MAY description ) -olcObjectClasses: {9}( 1.3.6.1.4.1.7165.2.2.11 NAME 'sambaShare' DESC 'Samba - Share Section' SUP top STRUCTURAL MUST sambaShareName MAY description ) -olcObjectClasses: {10}( 1.3.6.1.4.1.7165.2.2.12 NAME 'sambaConfigOption' DES - C 'Samba Configuration Option' SUP top STRUCTURAL MUST sambaOptionName MAY - ( sambaBoolOption $ sambaIntegerOption $ sambaStringOption $ sambaStringLis - toption $ description ) ) -olcObjectClasses: {11}( 1.3.6.1.4.1.7165.2.2.16 NAME 'sambaTrustedDomain' DE - SC 'Samba Trusted Domain Object' SUP top STRUCTURAL MUST cn MAY ( sambaTrus - tType $ sambaTrustAttributes $ sambaTrustDirection $ sambaTrustPartner $ sa - mbaFlatName $ sambaTrustAuthOutgoing $ sambaTrustAuthIncoming $ sambaSecuri - tyIdentifier $ sambaTrustForestTrustInfo ) ) -structuralObjectClass: olcSchemaConfig -entryUUID: 677ff3fa-51fe-1034-95ae-1d2624d4874d -creatorsName: cn=config -createTimestamp: 20150226122616Z -entryCSN: 20150226122616.391238Z#000000#000#000000 -modifiersName: cn=config -modifyTimestamp: 20150226122616Z - -dn: cn={5}radius,cn=schema,cn=config -objectClass: olcSchemaConfig -cn: {5}radius -olcAttributeTypes: {0}( 1.3.6.1.4.1.3317.4.3.1.1 NAME 'radiusArapFeatures' D - ESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SIN - GLE-VALUE ) -olcAttributeTypes: {1}( 1.3.6.1.4.1.3317.4.3.1.2 NAME 'radiusArapSecurity' D - ESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SIN - GLE-VALUE ) -olcAttributeTypes: {2}( 1.3.6.1.4.1.3317.4.3.1.3 NAME 'radiusArapZoneAccess' - DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 S - INGLE-VALUE ) -olcAttributeTypes: {3}( 1.3.6.1.4.1.3317.4.3.1.44 NAME 'radiusAuthType' DESC - '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE - -VALUE ) -olcAttributeTypes: {4}( 1.3.6.1.4.1.3317.4.3.1.4 NAME 'radiusCallbackId' DES - C '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGL - E-VALUE ) -olcAttributeTypes: {5}( 1.3.6.1.4.1.3317.4.3.1.5 NAME 'radiusCallbackNumber' - DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 S - INGLE-VALUE ) -olcAttributeTypes: {6}( 1.3.6.1.4.1.3317.4.3.1.6 NAME 'radiusCalledStationId - ' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 - ) -olcAttributeTypes: {7}( 1.3.6.1.4.1.3317.4.3.1.7 NAME 'radiusCallingStationI - d' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 - ) -olcAttributeTypes: {8}( 1.3.6.1.4.1.3317.4.3.1.8 NAME 'radiusClass' DESC '' - EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) -olcAttributeTypes: {9}( 1.3.6.1.4.1.3317.4.3.1.45 NAME 'radiusClientIPAddres - s' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 - SINGLE-VALUE ) -olcAttributeTypes: {10}( 1.3.6.1.4.1.3317.4.3.1.9 NAME 'radiusFilterId' DESC - '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE - -VALUE ) -olcAttributeTypes: {11}( 1.3.6.1.4.1.3317.4.3.1.10 NAME 'radiusFramedAppleTa - lkLink' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121 - .1.26 SINGLE-VALUE ) -olcAttributeTypes: {12}( 1.3.6.1.4.1.3317.4.3.1.11 NAME 'radiusFramedAppleTa - lkNetwork' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115. - 121.1.26 SINGLE-VALUE ) -olcAttributeTypes: {13}( 1.3.6.1.4.1.3317.4.3.1.12 NAME 'radiusFramedAppleTa - lkZone' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121 - .1.26 SINGLE-VALUE ) -olcAttributeTypes: {14}( 1.3.6.1.4.1.3317.4.3.1.13 NAME 'radiusFramedCompres - sion' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1 - .26 SINGLE-VALUE ) -olcAttributeTypes: {15}( 1.3.6.1.4.1.3317.4.3.1.14 NAME 'radiusFramedIPAddre - ss' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.2 - 6 SINGLE-VALUE ) -olcAttributeTypes: {16}( 1.3.6.1.4.1.3317.4.3.1.15 NAME 'radiusFramedIPNetma - sk' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.2 - 6 SINGLE-VALUE ) -olcAttributeTypes: {17}( 1.3.6.1.4.1.3317.4.3.1.16 NAME 'radiusFramedIPXNetw - ork' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1. - 26 SINGLE-VALUE ) -olcAttributeTypes: {18}( 1.3.6.1.4.1.3317.4.3.1.17 NAME 'radiusFramedMTU' DE - SC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SING - LE-VALUE ) -olcAttributeTypes: {19}( 1.3.6.1.4.1.3317.4.3.1.18 NAME 'radiusFramedProtoco - l' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 - SINGLE-VALUE ) -olcAttributeTypes: {20}( 1.3.6.1.4.1.3317.4.3.1.19 NAME 'radiusFramedRoute' - DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) -olcAttributeTypes: {21}( 1.3.6.1.4.1.3317.4.3.1.20 NAME 'radiusFramedRouting - ' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 - SINGLE-VALUE ) -olcAttributeTypes: {22}( 1.3.6.1.4.1.3317.4.3.1.46 NAME 'radiusGroupName' DE - SC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) -olcAttributeTypes: {23}( 1.3.6.1.4.1.3317.4.3.1.47 NAME 'radiusHint' DESC '' - EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VA - LUE ) -olcAttributeTypes: {24}( 1.3.6.1.4.1.3317.4.3.1.48 NAME 'radiusHuntgroupName - ' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 - ) -olcAttributeTypes: {25}( 1.3.6.1.4.1.3317.4.3.1.21 NAME 'radiusIdleTimeout' - DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SI - NGLE-VALUE ) -olcAttributeTypes: {26}( 1.3.6.1.4.1.3317.4.3.1.22 NAME 'radiusLoginIPHost' - DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SI - NGLE-VALUE ) -olcAttributeTypes: {27}( 1.3.6.1.4.1.3317.4.3.1.23 NAME 'radiusLoginLATGroup - ' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 - SINGLE-VALUE ) -olcAttributeTypes: {28}( 1.3.6.1.4.1.3317.4.3.1.24 NAME 'radiusLoginLATNode' - DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 S - INGLE-VALUE ) -olcAttributeTypes: {29}( 1.3.6.1.4.1.3317.4.3.1.25 NAME 'radiusLoginLATPort' - DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 S - INGLE-VALUE ) -olcAttributeTypes: {30}( 1.3.6.1.4.1.3317.4.3.1.26 NAME 'radiusLoginLATServi - ce' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.2 - 6 SINGLE-VALUE ) -olcAttributeTypes: {31}( 1.3.6.1.4.1.3317.4.3.1.27 NAME 'radiusLoginService' - DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 S - INGLE-VALUE ) -olcAttributeTypes: {32}( 1.3.6.1.4.1.3317.4.3.1.28 NAME 'radiusLoginTCPPort' - DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 S - INGLE-VALUE ) -olcAttributeTypes: {33}( 1.3.6.1.4.1.3317.4.3.1.29 NAME 'radiusPasswordRetry - ' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 - SINGLE-VALUE ) -olcAttributeTypes: {34}( 1.3.6.1.4.1.3317.4.3.1.30 NAME 'radiusPortLimit' DE - SC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SING - LE-VALUE ) -olcAttributeTypes: {35}( 1.3.6.1.4.1.3317.4.3.1.49 NAME 'radiusProfileDn' DE - SC '' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 - SINGLE-VALUE ) -olcAttributeTypes: {36}( 1.3.6.1.4.1.3317.4.3.1.31 NAME 'radiusPrompt' DESC - '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE- - VALUE ) -olcAttributeTypes: {37}( 1.3.6.1.4.1.3317.4.3.1.50 NAME 'radiusProxyToRealm' - DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 S - INGLE-VALUE ) -olcAttributeTypes: {38}( 1.3.6.1.4.1.3317.4.3.1.51 NAME 'radiusReplicateToRe - alm' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1. - 26 SINGLE-VALUE ) -olcAttributeTypes: {39}( 1.3.6.1.4.1.3317.4.3.1.52 NAME 'radiusRealm' DESC ' - ' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-V - ALUE ) -olcAttributeTypes: {40}( 1.3.6.1.4.1.3317.4.3.1.32 NAME 'radiusServiceType' - DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SI - NGLE-VALUE ) -olcAttributeTypes: {41}( 1.3.6.1.4.1.3317.4.3.1.33 NAME 'radiusSessionTimeou - t' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 - SINGLE-VALUE ) -olcAttributeTypes: {42}( 1.3.6.1.4.1.3317.4.3.1.34 NAME 'radiusTerminationAc - tion' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1 - .26 SINGLE-VALUE ) -olcAttributeTypes: {43}( 1.3.6.1.4.1.3317.4.3.1.35 NAME 'radiusTunnelAssignm - entId' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121. - 1.26 ) -olcAttributeTypes: {44}( 1.3.6.1.4.1.3317.4.3.1.36 NAME 'radiusTunnelMediumT - ype' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1. - 26 ) -olcAttributeTypes: {45}( 1.3.6.1.4.1.3317.4.3.1.37 NAME 'radiusTunnelPasswor - d' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 - SINGLE-VALUE ) -olcAttributeTypes: {46}( 1.3.6.1.4.1.3317.4.3.1.38 NAME 'radiusTunnelPrefere - nce' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1. - 26 ) -olcAttributeTypes: {47}( 1.3.6.1.4.1.3317.4.3.1.39 NAME 'radiusTunnelPrivate - GroupId' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.12 - 1.1.26 ) -olcAttributeTypes: {48}( 1.3.6.1.4.1.3317.4.3.1.40 NAME 'radiusTunnelServerE - ndpoint' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.12 - 1.1.26 ) -olcAttributeTypes: {49}( 1.3.6.1.4.1.3317.4.3.1.41 NAME 'radiusTunnelType' D - ESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) -olcAttributeTypes: {50}( 1.3.6.1.4.1.3317.4.3.1.42 NAME 'radiusVSA' DESC '' - EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) -olcAttributeTypes: {51}( 1.3.6.1.4.1.3317.4.3.1.43 NAME 'radiusTunnelClientE - ndpoint' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.12 - 1.1.26 ) -olcAttributeTypes: {52}( 1.3.6.1.4.1.3317.4.3.1.53 NAME 'radiusSimultaneousU - se' DESC '' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {53}( 1.3.6.1.4.1.3317.4.3.1.54 NAME 'radiusLoginTime' DE - SC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SING - LE-VALUE ) -olcAttributeTypes: {54}( 1.3.6.1.4.1.3317.4.3.1.55 NAME 'radiusUserCategory' - DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 S - INGLE-VALUE ) -olcAttributeTypes: {55}( 1.3.6.1.4.1.3317.4.3.1.56 NAME 'radiusStripUserName - ' DESC '' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE ) -olcAttributeTypes: {56}( 1.3.6.1.4.1.3317.4.3.1.57 NAME 'dialupAccess' DESC - '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE- - VALUE ) -olcAttributeTypes: {57}( 1.3.6.1.4.1.3317.4.3.1.58 NAME 'radiusExpiration' D - ESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SIN - GLE-VALUE ) -olcAttributeTypes: {58}( 1.3.6.1.4.1.3317.4.3.1.59 NAME 'radiusCheckItem' DE - SC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) -olcAttributeTypes: {59}( 1.3.6.1.4.1.3317.4.3.1.60 NAME 'radiusReplyItem' DE - SC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) -olcObjectClasses: {0}( 1.3.6.1.4.1.3317.4.3.2.1 NAME 'radiusprofile' DESC '' - SUP top AUXILIARY MUST cn MAY ( radiusArapFeatures $ radiusArapSecurity $ - radiusArapZoneAccess $ radiusAuthType $ radiusCallbackId $ radiusCallbackNu - mber $ radiusCalledStationId $ radiusCallingStationId $ radiusClass $ radiu - sClientIPAddress $ radiusFilterId $ radiusFramedAppleTalkLink $ radiusFrame - dAppleTalkNetwork $ radiusFramedAppleTalkZone $ radiusFramedCompression $ r - adiusFramedIPAddress $ radiusFramedIPNetmask $ radiusFramedIPXNetwork $ rad - iusFramedMTU $ radiusFramedProtocol $ radiusCheckItem $ radiusReplyItem $ r - adiusFramedRoute $ radiusFramedRouting $ radiusIdleTimeout $ radiusGroupNam - e $ radiusHint $ radiusHuntgroupName $ radiusLoginIPHost $ radiusLoginLATGr - oup $ radiusLoginLATNode $ radiusLoginLATPort $ radiusLoginLATService $ rad - iusLoginService $ radiusLoginTCPPort $ radiusLoginTime $ radiusPasswordRetr - y $ radiusPortLimit $ radiusPrompt $ radiusProxyToRealm $ radiusRealm $ rad - iusReplicateToRealm $ radiusServiceType $ radiusSessionTimeout $ radiusStri - pUserName $ radiusTerminationAction $ radiusTunnelClientEndpoint $ radiusPr - ofileDn $ radiusSimultaneousUse $ radiusTunnelAssignmentId $ radiusTunnelMe - diumType $ radiusTunnelPassword $ radiusTunnelPreference $ radiusTunnelPriv - ateGroupId $ radiusTunnelServerEndpoint $ radiusTunnelType $ radiusUserCate - gory $ radiusVSA $ radiusExpiration $ dialupAccess ) ) -structuralObjectClass: olcSchemaConfig -entryUUID: 6cc08fcc-51ff-1034-9b54-ebb8a280e8d5 -creatorsName: cn=config -createTimestamp: 20150226123334Z -entryCSN: 20150911222512.172657Z#000000#000#000000 -modifiersName: cn=admin,cn=config -modifyTimestamp: 20150911222512Z - -dn: olcBackend={0}hdb,cn=config -objectClass: olcBackendConfig -olcBackend: {0}hdb -structuralObjectClass: olcBackendConfig -entryUUID: fc8f9bf2-514b-1034-9c35-0faf5bc7ead5 -creatorsName: cn=admin,cn=config -createTimestamp: 20150225150906Z -entryCSN: 20150225150906.562113Z#000000#000#000000 -modifiersName: cn=admin,cn=config -modifyTimestamp: 20150225150906Z - -dn: olcDatabase={-1}frontend,cn=config -objectClass: olcDatabaseConfig -objectClass: olcFrontendConfig -olcDatabase: {-1}frontend -olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=extern - al,cn=auth manage by * break -olcAccess: {1}to dn.exact="" by * read -olcAccess: {2}to dn.base="cn=Subschema" by * read -olcSizeLimit: 5000 -structuralObjectClass: olcDatabaseConfig -entryUUID: fc8f0016-514b-1034-9c2d-0faf5bc7ead5 -creatorsName: cn=config -createTimestamp: 20150225150906Z -entryCSN: 20150225150906.558122Z#000000#000#000000 -modifiersName: cn=config -modifyTimestamp: 20150225150906Z - -dn: olcDatabase={0}config,cn=config -objectClass: olcDatabaseConfig -olcDatabase: {0}config -olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=extern - al,cn=auth manage by * break -olcRootDN: cn=config -olcRootPW: FILL_IT -structuralObjectClass: olcDatabaseConfig -entryUUID: fc8f0930-514b-1034-9c2e-0faf5bc7ead5 -creatorsName: cn=config -createTimestamp: 20150225150906Z -entryCSN: 20160604011429.596188Z#000000#000#000000 -modifiersName: cn=config -modifyTimestamp: 20160604011429Z - -dn: olcOverlay={0}syncprov,olcDatabase={0}config,cn=config -objectClass: olcOverlayConfig -objectClass: olcSyncProvConfig -olcOverlay: {0}syncprov -structuralObjectClass: olcSyncProvConfig -entryUUID: 78e96750-c0e5-1035-9495-dfe369fe3d4f -creatorsName: cn=config -createTimestamp: 20160607102224Z -entryCSN: 20160607102224.927072Z#000000#000#000000 -modifiersName: cn=config -modifyTimestamp: 20160607102224Z - -dn: olcDatabase={1}hdb,cn=config -objectClass: olcDatabaseConfig -objectClass: olcHdbConfig -olcDatabase: {1}hdb -olcDbDirectory: /var/lib/ldap -olcSuffix: dc=example,dc=net -olcAccess: {0}to attrs=userPassword,sambaNTPassword,mail by self write by an - onymous auth by dn="cn=admin,dc=example,dc=net" write by group="cn - =readonly,ou=services,ou=groups,dc=example,dc=net" read by group=" - cn=usermgmt,ou=services,ou=groups,dc=example,dc=net" write by * no - ne -olcAccess: {1}to attrs=shadowLastChange,gecos,loginShell by self write by an - onymous auth by dn="cn=admin,dc=example,dc=net" write by group="cn - =readonly,ou=services,ou=groups,dc=example,dc=net" read by group=" - cn=auth,ou=services,ou=groups,dc=example,dc=net" read by group="cn - =usermgmt,ou=services,ou=groups,dc=example,dc=net" write by * none -olcAccess: {2}to dn.base="" by * read -olcAccess: {3}to dn.sub="ou=groups,dc=example,dc=net" by group="cn= - auth,ou=services,ou=groups,dc=example,dc=net" read by group="cn=re - adonly,ou=services,ou=groups,dc=example,dc=net" read -olcAccess: {4}to dn.base="cn=Utilisateurs,dc=example,dc=net" by * read -olcAccess: {5}to dn.sub="cn=Utilisateurs,dc=example,dc=net" by grou - p="cn=auth,ou=services,ou=groups,dc=example,dc=net" read by self r - ead by group="cn=readonly,ou=services,ou=groups,dc=example,dc=net" - read by group="cn=usermgmt,ou=services,ou=groups,dc=example,dc=or - g" write -olcAccess: {6}to dn.sub="ou=service-users,dc=example,dc=net" by gro - up="cn=auth,ou=services,ou=groups,dc=example,dc=net" read by group - ="cn=readonly,ou=services,ou=groups,dc=example,dc=net" read -olcAccess: {7}to dn.base="dc=example,dc=net" by * read -olcAccess: {8}to * by dn="cn=admin,dc=example,dc=net" write by self - read by group="cn=readonly,ou=services,ou=groups,dc=example,dc=or - g" read -olcLastMod: TRUE -olcRootDN: cn=admin,dc=example,dc=net -olcRootPW: FILL_IT -olcDbCheckpoint: 512 30 -olcDbConfig: {0}set_cachesize 0 2097152 0 -olcDbConfig: {1}set_lk_max_objects 1500 -olcDbConfig: {2}set_lk_max_locks 1500 -olcDbConfig: {3}set_lk_max_lockers 1500 -olcDbIndex: objectClass eq -olcDbIndex: cn pres,sub,eq -olcDbIndex: sn pres,sub,eq -olcDbIndex: uid pres,sub,eq -olcDbIndex: displayName pres,sub,eq -olcDbIndex: default sub -olcDbIndex: uidNumber eq -olcDbIndex: gidNumber eq -olcDbIndex: mail,givenName eq,subinitial -olcDbIndex: dc eq -olcDbIndex: entryCSN eq -olcDbIndex: entryUUID eq -olcDbIndex: radiusCallingStationId eq -olcSizeLimit: 50000 -structuralObjectClass: olcHdbConfig -entryUUID: fc8fa138-514b-1034-9c36-0faf5bc7ead5 -creatorsName: cn=admin,cn=config -createTimestamp: 20150225150906Z -entryCSN: 20160619215244.315124Z#000000#000#000000 -modifiersName: cn=config -modifyTimestamp: 20160619215244Z - -dn: olcOverlay={0}syncprov,olcDatabase={1}hdb,cn=config -objectClass: olcOverlayConfig -objectClass: olcSyncProvConfig -olcOverlay: {0}syncprov -olcSpCheckpoint: 100 10 -olcSpSessionlog: 100 -olcSpNoPresent: TRUE -structuralObjectClass: olcSyncProvConfig -entryUUID: 12c7a6f2-5724-1034-94b5-dd13061b01b4 -creatorsName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth -createTimestamp: 20150305013830Z -entryCSN: 20160607103125.521039Z#000000#000#000000 -modifiersName: cn=config -modifyTimestamp: 20160607103125Z -