mail us  |  mail this page

contact us
training  | 
tech stuff  | 

Appendix E: OpenLDAP nis.schema

This schema is released with a standard OpenLDAP distribution.

# $OpenLDAP: pkg/ldap/servers/slapd/schema/nis.schema,
# v 1.1.8.5 2000/09/28 17:35:12 kurt Exp $
# Definitions from RFC2307 (Experimental)
#	An Approach for Using LDAP as a Network Information Service

# Depends upon core.schema and cosine.schema

# Note: The definitions in RFC2307 are given in syntaxes closely related
# to those in RFC2252, however, some liberties are taken that are not
# supported by RFC2252.  This file has been written following RFC2252
# strictly.

# OID Base is iso(1) org(3) dod(6) internet(1) directory(1) nisSchema(1).
# i.e. nisSchema in RFC2307 is 1.3.6.1.1.1
#
# Syntaxes are under 1.3.6.1.1.1.0 (two new syntaxes are defined)
#	validaters for these syntaxes are incomplete, they only
#	implement printable string validation (which is good as the
#	common use of these syntaxes violates the specification).
# Attribute types are under 1.3.6.1.1.1.1
# Object classes are under 1.3.6.1.1.1.2

# Attribute Type Definitions
 attributetype ( 1.3.6.1.1.1.1.0 NAME 'uidNumber'
	DESC 'An integer uniquely identifying a user in an administrative domain'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

 attributetype ( 1.3.6.1.1.1.1.1 NAME 'gidNumber'
	DESC 'An integer uniquely identifying a group in an administrative domain'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

 attributetype ( 1.3.6.1.1.1.1.2 NAME 'gecos'
	DESC 'The GECOS field; the common name'
	EQUALITY caseIgnoreIA5Match
	SUBSTR caseIgnoreIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

 attributetype ( 1.3.6.1.1.1.1.3 NAME 'homeDirectory'
	DESC 'The absolute path to the home directory'
	EQUALITY caseExactIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

 attributetype ( 1.3.6.1.1.1.1.4 NAME 'loginShell'
	DESC 'The path to the login shell'
	EQUALITY caseExactIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

 attributetype ( 1.3.6.1.1.1.1.5 NAME 'shadowLastChange'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

 attributetype ( 1.3.6.1.1.1.1.6 NAME 'shadowMin'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

 attributetype ( 1.3.6.1.1.1.1.7 NAME 'shadowMax'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

 attributetype ( 1.3.6.1.1.1.1.8 NAME 'shadowWarning'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

 attributetype ( 1.3.6.1.1.1.1.9 NAME 'shadowInactive'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

 attributetype ( 1.3.6.1.1.1.1.10 NAME 'shadowExpire'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

 attributetype ( 1.3.6.1.1.1.1.11 NAME 'shadowFlag'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

 attributetype ( 1.3.6.1.1.1.1.12 NAME 'memberUid'
	EQUALITY caseExactIA5Match
	SUBSTR caseExactIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

 attributetype ( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup'
	EQUALITY caseExactIA5Match
	SUBSTR caseExactIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

 attributetype ( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple'
	DESC 'Netgroup triple'
	SYNTAX 1.3.6.1.1.1.0.0 )

 attributetype ( 1.3.6.1.1.1.1.15 NAME 'ipServicePort'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

 attributetype ( 1.3.6.1.1.1.1.16 NAME 'ipServiceProtocol'
	SUP name )

 attributetype ( 1.3.6.1.1.1.1.17 NAME 'ipProtocolNumber'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

 attributetype ( 1.3.6.1.1.1.1.18 NAME 'oncRpcNumber'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

 attributetype ( 1.3.6.1.1.1.1.19 NAME 'ipHostNumber'
	DESC 'IP address as a dotted decimal, eg. 192.168.1.1, omitting leading zeros'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )

 attributetype ( 1.3.6.1.1.1.1.20 NAME 'ipNetworkNumber'
	DESC 'IP network as a dotted decimal, eg. 192.168, omitting leading zeros'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE )

 attributetype ( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber'
	DESC 'IP netmask as a dotted decimal, eg. 255.255.255.0, omitting leading zeros'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE )

 attributetype ( 1.3.6.1.1.1.1.22 NAME 'macAddress'
	DESC 'MAC address in maximal, colon separated hex notation, eg. 00:00:92:90:ee:e2'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )

 attributetype ( 1.3.6.1.1.1.1.23 NAME 'bootParameter'
	DESC 'rpc.bootparamd parameter'
	SYNTAX 1.3.6.1.1.1.0.1 )

 attributetype ( 1.3.6.1.1.1.1.24 NAME 'bootFile'
	DESC 'Boot image name'
	EQUALITY caseExactIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

 attributetype ( 1.3.6.1.1.1.1.26 NAME 'nisMapName'
	SUP name )

 attributetype ( 1.3.6.1.1.1.1.27 NAME 'nisMapEntry'
	EQUALITY caseExactIA5Match
	SUBSTR caseExactIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{1024} SINGLE-VALUE )

# Object Class Definitions

 objectclass ( 1.3.6.1.1.1.2.0 NAME 'posixAccount' SUP top AUXILIARY
	DESC 'Abstraction of an account with POSIX attributes'
	MUST ( cn $ uid $ uidNumber $ gidNumber $ homeDirectory )
	MAY ( userPassword $ loginShell $ gecos $ description ) )

 objectclass ( 1.3.6.1.1.1.2.1 NAME 'shadowAccount' SUP top AUXILIARY
	DESC 'Additional attributes for shadow passwords'
	MUST uid
	MAY ( userPassword $ shadowLastChange $ shadowMin $
	      shadowMax $ shadowWarning $ shadowInactive $
	      shadowExpire $ shadowFlag $ description ) )

 objectclass ( 1.3.6.1.1.1.2.2 NAME 'posixGroup' SUP top STRUCTURAL
	DESC 'Abstraction of a group of accounts'
	MUST ( cn $ gidNumber )
	MAY ( userPassword $ memberUid $ description ) )

 objectclass ( 1.3.6.1.1.1.2.3 NAME 'ipService' SUP top STRUCTURAL
	DESC 'Abstraction an Internet Protocol service.
	      Maps an IP port and protocol (such as tcp or udp)
	      to one or more names; the distinguished value of
	      the cn attribute denotes the service"s canonical
	      name'
	MUST ( cn $ ipServicePort $ ipServiceProtocol )
	MAY ( description ) )

 objectclass ( 1.3.6.1.1.1.2.4 NAME 'ipProtocol' SUP top STRUCTURAL
	DESC 'Abstraction of an IP protocol. Maps a protocol number
	      to one or more names. The distinguished value of the cn
	      attribute denotes the protocol"s canonical name'
	MUST ( cn $ ipProtocolNumber $ description )
	MAY description )

 objectclass ( 1.3.6.1.1.1.2.5 NAME 'oncRpc' SUP top STRUCTURAL
	DESC 'Abstraction of an Open Network Computing (ONC)
	      [RFC1057] Remote Procedure Call (RPC) binding.
	      This class maps an ONC RPC number to a name.
	      The distinguished value of the cn attribute denotes
	      the RPC service"s canonical name'
	MUST ( cn $ oncRpcNumber $ description )
	MAY description )

 objectclass ( 1.3.6.1.1.1.2.6 NAME 'ipHost' SUP top AUXILIARY
	DESC 'Abstraction of a host, an IP device. The distinguished
	      value of the cn attribute denotes the host"s canonical
	      name. Device SHOULD be used as a structural class'
	MUST ( cn $ ipHostNumber )
	MAY ( l $ description $ manager ) )

 objectclass ( 1.3.6.1.1.1.2.7 NAME 'ipNetwork' SUP top STRUCTURAL
	DESC 'Abstraction of a network. The distinguished value of
	      the cn attribute denotes the network"s canonical name'
	MUST ( cn $ ipNetworkNumber )
	MAY ( ipNetmaskNumber $ l $ description $ manager ) )

 objectclass ( 1.3.6.1.1.1.2.8 NAME 'nisNetgroup' SUP top STRUCTURAL
	DESC 'Abstraction of a netgroup. May refer to other netgroups'
	MUST cn
	MAY ( nisNetgroupTriple $ memberNisNetgroup $ description ) )

 objectclass ( 1.3.6.1.1.1.2.9 NAME 'nisMap' SUP top STRUCTURAL
	DESC 'A generic abstraction of a NIS map'
	MUST nisMapName
	MAY description )

 objectclass ( 1.3.6.1.1.1.2.10 NAME 'nisObject' SUP top STRUCTURAL
	DESC 'An entry in a NIS map'
	MUST ( cn $ nisMapEntry $ nisMapName )
	MAY description )

 objectclass ( 1.3.6.1.1.1.2.11 NAME 'ieee802Device' SUP top AUXILIARY
	DESC 'A device with a MAC address; device SHOULD be
	      used as a structural class'
	MAY macAddress )

 objectclass ( 1.3.6.1.1.1.2.12 NAME 'bootableDevice' SUP top AUXILIARY
	DESC 'A device with boot parameters; device SHOULD be
	      used as a structural class'
	MAY ( bootFile $ bootParameter ) )


Problems, comments, suggestions, corrections (including broken links) or something to add? Please take the time from a busy life to 'mail us' (at top of screen), the webmaster (below) or info-support at zytrax. You will have a warm inner glow for the rest of the day.

Contents

tech info
guides home
intro
contents
1 objectives
big picture
2 concepts
3 ldap objects
quickstart
4 install ldap
5 samples
6 configuration
7 replica & refer
reference
8 ldif
9 protocol
10 ldap api
operations
11 howtos
12 trouble
13 performance
14 ldap tools
security
15 security
appendices
notes & info
ldap resources
rfc's & x.500
glossary
ldap objects
change log

Creative Commons License
This work is licensed under a Creative Commons License.

If you are happy it's OK - but your browser is giving a less than optimal experience on our site. You could, at no charge, upgrade to a W3C STANDARDS COMPLIANT browser such as Firefox

Search

web zytrax.com

Share

Icons made by Icomoon from www.flaticon.com is licensed by CC 3.0 BY
share page via facebook tweet this page

Page

email us Send to a friend feature print this page Display full width page Decrease font size Increase font size

Resources

Systems

FreeBSD
NetBSD
OpenBSD
DragonFlyBSD
Linux.org
Debian Linux

Software

LibreOffice
OpenOffice
Mozilla
GitHub
GNU-Free SW Foundation
get-dns

Organizations

Open Source Initiative
Creative Commons

Misc.

Ibiblio - Library
Open Book Project
Open Directory
Wikipedia

Site

CSS Technology SPF Record Conformant Domain
Copyright © 1994 - 2024 ZyTrax, Inc.
All rights reserved. Legal and Privacy
site by zytrax
hosted by javapipe.com
web-master at zytrax
Page modified: January 20 2022.