1# $OpenLDAP$
2## This work is part of OpenLDAP Software <http://www.openldap.org/>.
3##
4## Copyright 1998-2021 The OpenLDAP Foundation.
5## All rights reserved.
6##
7## Redistribution and use in source and binary forms, with or without
8## modification, are permitted only as authorized by the OpenLDAP
9## Public License.
10##
11## A copy of this license is available in the file LICENSE in the
12## top-level directory of the distribution or, alternatively, at
13## <http://www.OpenLDAP.org/license.html>.
14
15# Definitions from RFC2307 (Experimental)
16#         An Approach for Using LDAP as a Network Information Service
17
18# Depends upon core.schema and cosine.schema
19
20# Note: The definitions in RFC2307 are given in syntaxes closely related
21# to those in RFC2252, however, some liberties are taken that are not
22# supported by RFC2252.  This file has been written following RFC2252
23# strictly.
24
25# OID Base is iso(1) org(3) dod(6) internet(1) directory(1) nisSchema(1).
26# i.e. nisSchema in RFC2307 is 1.3.6.1.1.1
27#
28# Syntaxes are under 1.3.6.1.1.1.0 (two new syntaxes are defined)
29#         validaters for these syntaxes are incomplete, they only
30#         implement printable string validation (which is good as the
31#         common use of these syntaxes violates the specification).
32# Attribute types are under 1.3.6.1.1.1.1
33# Object classes are under 1.3.6.1.1.1.2
34
35# Attribute Type Definitions
36
37# builtin
38#attributetype ( 1.3.6.1.1.1.1.0 NAME 'uidNumber'
39#         DESC 'An integer uniquely identifying a user in an administrative domain'
40#         EQUALITY integerMatch
41#         SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
42
43# builtin
44#attributetype ( 1.3.6.1.1.1.1.1 NAME 'gidNumber'
45#         DESC 'An integer uniquely identifying a group in an administrative domain'
46#         EQUALITY integerMatch
47#         SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
48
49attributetype ( 1.3.6.1.1.1.1.2 NAME 'gecos'
50          DESC 'The GECOS field; the common name'
51          EQUALITY caseIgnoreIA5Match
52          SUBSTR caseIgnoreIA5SubstringsMatch
53          SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
54
55attributetype ( 1.3.6.1.1.1.1.3 NAME 'homeDirectory'
56          DESC 'The absolute path to the home directory'
57          EQUALITY caseExactIA5Match
58          SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
59
60attributetype ( 1.3.6.1.1.1.1.4 NAME 'loginShell'
61          DESC 'The path to the login shell'
62          EQUALITY caseExactIA5Match
63          SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
64
65attributetype ( 1.3.6.1.1.1.1.5 NAME 'shadowLastChange'
66          EQUALITY integerMatch
67          SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
68
69attributetype ( 1.3.6.1.1.1.1.6 NAME 'shadowMin'
70          EQUALITY integerMatch
71          SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
72
73attributetype ( 1.3.6.1.1.1.1.7 NAME 'shadowMax'
74          EQUALITY integerMatch
75          SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
76
77attributetype ( 1.3.6.1.1.1.1.8 NAME 'shadowWarning'
78          EQUALITY integerMatch
79          SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
80
81attributetype ( 1.3.6.1.1.1.1.9 NAME 'shadowInactive'
82          EQUALITY integerMatch
83          SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
84
85attributetype ( 1.3.6.1.1.1.1.10 NAME 'shadowExpire'
86          EQUALITY integerMatch
87          SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
88
89attributetype ( 1.3.6.1.1.1.1.11 NAME 'shadowFlag'
90          EQUALITY integerMatch
91          SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
92
93attributetype ( 1.3.6.1.1.1.1.12 NAME 'memberUid'
94          EQUALITY caseExactIA5Match
95          SUBSTR caseExactIA5SubstringsMatch
96          SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
97
98attributetype ( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup'
99          EQUALITY caseExactIA5Match
100          SUBSTR caseExactIA5SubstringsMatch
101          SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
102
103attributetype ( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple'
104          DESC 'Netgroup triple'
105          SYNTAX 1.3.6.1.1.1.0.0 )
106
107attributetype ( 1.3.6.1.1.1.1.15 NAME 'ipServicePort'
108          EQUALITY integerMatch
109          SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
110
111attributetype ( 1.3.6.1.1.1.1.16 NAME 'ipServiceProtocol'
112          SUP name )
113
114attributetype ( 1.3.6.1.1.1.1.17 NAME 'ipProtocolNumber'
115          EQUALITY integerMatch
116          SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
117
118attributetype ( 1.3.6.1.1.1.1.18 NAME 'oncRpcNumber'
119          EQUALITY integerMatch
120          SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
121
122attributetype ( 1.3.6.1.1.1.1.19 NAME 'ipHostNumber'
123          DESC 'IP address'
124          EQUALITY caseIgnoreIA5Match
125          SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
126
127attributetype ( 1.3.6.1.1.1.1.20 NAME 'ipNetworkNumber'
128          DESC 'IP network'
129          EQUALITY caseIgnoreIA5Match
130          SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE )
131
132attributetype ( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber'
133          DESC 'IP netmask'
134          EQUALITY caseIgnoreIA5Match
135          SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE )
136
137attributetype ( 1.3.6.1.1.1.1.22 NAME 'macAddress'
138          DESC 'MAC address'
139          EQUALITY caseIgnoreIA5Match
140          SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
141
142attributetype ( 1.3.6.1.1.1.1.23 NAME 'bootParameter'
143          DESC 'rpc.bootparamd parameter'
144          SYNTAX 1.3.6.1.1.1.0.1 )
145
146attributetype ( 1.3.6.1.1.1.1.24 NAME 'bootFile'
147          DESC 'Boot image name'
148          EQUALITY caseExactIA5Match
149          SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
150
151attributetype ( 1.3.6.1.1.1.1.26 NAME 'nisMapName'
152          SUP name )
153
154attributetype ( 1.3.6.1.1.1.1.27 NAME 'nisMapEntry'
155          EQUALITY caseExactIA5Match
156          SUBSTR caseExactIA5SubstringsMatch
157          SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{1024} SINGLE-VALUE )
158
159# Object Class Definitions
160
161objectclass ( 1.3.6.1.1.1.2.0 NAME 'posixAccount'
162          DESC 'Abstraction of an account with POSIX attributes'
163          SUP top AUXILIARY
164          MUST ( cn $ uid $ uidNumber $ gidNumber $ homeDirectory )
165          MAY ( userPassword $ loginShell $ gecos $ description ) )
166
167objectclass ( 1.3.6.1.1.1.2.1 NAME 'shadowAccount'
168          DESC 'Additional attributes for shadow passwords'
169          SUP top AUXILIARY
170          MUST uid
171          MAY ( userPassword $ shadowLastChange $ shadowMin $
172                shadowMax $ shadowWarning $ shadowInactive $
173                shadowExpire $ shadowFlag $ description ) )
174
175objectclass ( 1.3.6.1.1.1.2.2 NAME 'posixGroup'
176          DESC 'Abstraction of a group of accounts'
177          SUP top STRUCTURAL
178          MUST ( cn $ gidNumber )
179          MAY ( userPassword $ memberUid $ description ) )
180
181objectclass ( 1.3.6.1.1.1.2.3 NAME 'ipService'
182          DESC 'Abstraction an Internet Protocol service'
183          SUP top STRUCTURAL
184          MUST ( cn $ ipServicePort $ ipServiceProtocol )
185          MAY ( description ) )
186
187objectclass ( 1.3.6.1.1.1.2.4 NAME 'ipProtocol'
188          DESC 'Abstraction of an IP protocol'
189          SUP top STRUCTURAL
190          MUST ( cn $ ipProtocolNumber $ description )
191          MAY description )
192
193objectclass ( 1.3.6.1.1.1.2.5 NAME 'oncRpc'
194          DESC 'Abstraction of an ONC/RPC binding'
195          SUP top STRUCTURAL
196          MUST ( cn $ oncRpcNumber $ description )
197          MAY description )
198
199objectclass ( 1.3.6.1.1.1.2.6 NAME 'ipHost'
200          DESC 'Abstraction of a host, an IP device'
201          SUP top AUXILIARY
202          MUST ( cn $ ipHostNumber )
203          MAY ( l $ description $ manager ) )
204
205objectclass ( 1.3.6.1.1.1.2.7 NAME 'ipNetwork'
206          DESC 'Abstraction of an IP network'
207          SUP top STRUCTURAL
208          MUST ( cn $ ipNetworkNumber )
209          MAY ( ipNetmaskNumber $ l $ description $ manager ) )
210
211objectclass ( 1.3.6.1.1.1.2.8 NAME 'nisNetgroup'
212          DESC 'Abstraction of a netgroup'
213          SUP top STRUCTURAL
214          MUST cn
215          MAY ( nisNetgroupTriple $ memberNisNetgroup $ description ) )
216
217objectclass ( 1.3.6.1.1.1.2.9 NAME 'nisMap'
218          DESC 'A generic abstraction of a NIS map'
219          SUP top STRUCTURAL
220          MUST nisMapName
221          MAY description )
222
223objectclass ( 1.3.6.1.1.1.2.10 NAME 'nisObject'
224          DESC 'An entry in a NIS map'
225          SUP top STRUCTURAL
226          MUST ( cn $ nisMapEntry $ nisMapName )
227          MAY description )
228
229objectclass ( 1.3.6.1.1.1.2.11 NAME 'ieee802Device'
230          DESC 'A device with a MAC address'
231          SUP top AUXILIARY
232          MAY macAddress )
233
234objectclass ( 1.3.6.1.1.1.2.12 NAME 'bootableDevice'
235          DESC 'A device with boot parameters'
236          SUP top AUXILIARY
237          MAY ( bootFile $ bootParameter ) )
238