---
--- Submitted by Bruno Gimenes Pereti <pereti@ut mp dot edu dot br>
---
--- schema file for Novell's eDirectory 8.6
---
-
-SambaAccountSchemaExtensions DEFINITIONS ::=
-BEGIN
-
--- Password hashes
-"lmPassword" ATTRIBUTE ::=
-{
- Operation ADD,
- SyntaxID SYN_CI_STRING,
- Flags { DS_SINGLE_VALUED_ATTR },
- ASN1ObjID { 1 3 6 1 4 1 7165 2 1 1 }
-}
-
-"ntPassword" ATTRIBUTE ::=
-{
- Operation ADD,
- SyntaxID SYN_CI_STRING,
- Flags { DS_SINGLE_VALUED_ATTR },
- ASN1ObjID { 1 3 6 1 4 1 7165 2 1 2 }
-}
-
--- Account flags in string format ([UWDX ])
-"acctFlags" ATTRIBUTE ::=
-{
- Operation ADD,
- SyntaxID SYN_CI_STRING,
- Flags { DS_SINGLE_VALUED_ATTR },
- ASN1ObjID { 1 3 6 1 4 1 7165 2 1 4 }
-}
-
--- Password timestamps & policies
-"pwdLastSet" ATTRIBUTE ::=
-{
- Operation ADD,
- SyntaxID SYN_INTEGER,
- Flags { DS_SINGLE_VALUED_ATTR },
- ASN1ObjID { 1 3 6 1 4 1 7165 2 1 3 }
-}
-
-"logonTime" ATTRIBUTE ::=
-{
- Operation ADD,
- SyntaxID SYN_INTEGER,
- Flags { DS_SINGLE_VALUED_ATTR },
- ASN1ObjID { 1 3 6 1 4 1 7165 2 1 5 }
-}
-
-"logoffTime" ATTRIBUTE ::=
-{
- Operation ADD,
- SyntaxID SYN_INTEGER,
- Flags { DS_SINGLE_VALUED_ATTR },
- ASN1ObjID { 1 3 6 1 4 1 7165 2 1 6 }
-}
-
-"kickoffTime" ATTRIBUTE ::=
-{
- Operation ADD,
- SyntaxID SYN_INTEGER,
- Flags { DS_SINGLE_VALUED_ATTR },
- ASN1ObjID { 1 3 6 1 4 1 7165 2 1 7 }
-}
-
-"pwdCanChange" ATTRIBUTE ::=
-{
- Operation ADD,
- SyntaxID SYN_INTEGER,
- Flags { DS_SINGLE_VALUED_ATTR },
- ASN1ObjID { 1 3 6 1 4 1 7165 2 1 8 }
-}
-
-"pwdMustChange" ATTRIBUTE ::=
-{
- Operation ADD,
- SyntaxID SYN_INTEGER,
- Flags { DS_SINGLE_VALUED_ATTR },
- ASN1ObjID { 1 3 6 1 4 1 7165 2 1 9 }
-}
-
--- string settings
-"homeDrive" ATTRIBUTE ::=
-{
- Operation ADD,
- SyntaxID SYN_CI_STRING,
- Flags { DS_SINGLE_VALUED_ATTR },
- ASN1ObjID { 1 3 6 1 4 1 7165 2 1 10 }
-}
-
-"scriptPath" ATTRIBUTE ::=
-{
- Operation ADD,
- SyntaxID SYN_CI_STRING,
- Flags { DS_SINGLE_VALUED_ATTR },
- ASN1ObjID { 1 3 5 1 4 1 7165 2 1 11 }
-}
-
-"profilePath" ATTRIBUTE ::=
-{
- Operation ADD,
- SyntaxID SYN_CI_STRING,
- Flags { DS_SINGLE_VALUED_ATTR },
- ASN1ObjID { 1 3 6 1 4 1 7165 2 1 12 }
-}
-
-"userWorkstations" ATTRIBUTE ::=
-{
- Operation ADD,
- SyntaxID SYN_CI_STRING,
- Flags { DS_SINGLE_VALUED_ATTR },
- ASN1ObjID { 1 3 6 1 4 1 7165 2 1 13 }
-}
-
-"smbHome" ATTRIBUTE ::=
-{
- Operation ADD,
- SyntaxID SYN_CI_STRING,
- ASN1ObjID { 1 3 6 1 4 1 7165 2 1 17 }
-}
-
-"domain" ATTRIBUTE ::=
-{
- Operation ADD,
- SyntaxID SYN_CI_STRING,
- ASN1ObjID { 1 3 6 1 4 1 7165 2 1 18 }
-}
-
--- user and group RID
-"rid" ATTRIBUTE ::=
-{
- Operation ADD,
- SyntaxID SYN_INTEGER,
- Flags { DS_SINGLE_VALUED_ATTR },
- ASN1ObjID { 1 3 6 1 4 1 7165 2 1 14 }
-}
-
-"primaryGroupID" ATTRIBUTE ::=
-{
- Operation ADD,
- SyntaxID SYN_INTEGER,
- Flags { DS_SINGLE_VALUED_ATTR },
- ASN1ObjID { 1 3 6 1 4 1 7165 2 1 15 }
-}
-
-"sambaAccount" OBJECT-CLASS ::=
-{
- Operation ADD,
- Flags {DS_AUXILIARY_CLASS},
- SubClassOf {"TOP"},
- MustContain { "uid"},
- MustContain { "rid"},
- MayContain { "CN"},
- MayContain { "lmPassword"},
- MayContain { "ntPassword"},
- MayContain { "pwdLastSet"},
- MayContain { "logonTime"},
- MayContain { "logoffTime"},
- MayContain { "kickoffTime"},
- MayContain { "pwdCanChange"},
- MayContain { "pwdMustChange"},
- MayContain { "acctFlags"},
- MayContain { "displayName"},
- MayContain { "smbHome"},
- MayContain { "homeDrive"},
- MayContain { "scriptPath"},
- MayContain { "profilePath"},
- MayContain { "description"},
- MayContain { "userWorkstations"},
- MayContain { "primaryGroupID"},
- MayContain { "domain"},
- ASN1ObjID { 1 3 6 1 4 1 7165 2 2 3 }
-}
-
--- Used for Winbind experimentation
-"uidPool" OBJECT-CLASS ::=
-{
- Operation ADD,
- Flags {DS_AUXILIARY_CLASS},
- SubClassOf {"TOP"},
- MustContain { "uidNumber"},
- MustContain { "CN"},
- ASN1ObjID { 1 3 6 1 4 1 7165 1 2 2 3 }
-}
-
-"gidPool" OBJECT-CLASS ::=
-{
- Operation ADD,
- Flags {DS_AUXILIARY_CLASS},
- SubClassOf {"TOP"},
- MustContain { "gidNumber"},
- MustContain { "CN"},
- ASN1ObjID { 1 3 6 1 4 1 7165 1 2 2 4 }
-}
-
-END
-
-
+##
+## Schema file for Novell eDirectory 8.7.x by Uli Iske
+## Schema for storing Samba's smbpasswd file in LDAP
+## OIDs are owned by the Samba Team
+##
+#######################################################################
+## Attributes used by Samba 3.0 schema ##
+#######################################################################
+
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.24 NAME 'sambaLMPassword' DESC 'LanManager Password' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
+
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.25 NAME 'sambaNTPassword' DESC 'MD4 hash of the unicode password' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
+
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.26 NAME 'sambaAcctFlags' DESC 'Account Flags' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
+
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.27 NAME 'sambaPwdLastSet' DESC 'Timestamp of the last password update' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.28 NAME 'sambaPwdCanChange' DESC 'Timestamp of when the user is allowed to update the password' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.29 NAME 'sambaPwdMustChange' DESC 'Timestamp of when the password will expire' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.30 NAME 'sambaLogonTime' DESC 'Timestamp of last logon' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.31 NAME 'sambaLogoffTime' DESC 'Timestamp of last logoff' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.32 NAME 'sambaKickoffTime' DESC 'Timestamp of when the user will be logged off automatically' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.33 NAME 'sambaHomeDrive' DESC 'Driver letter of home directory mapping' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
+
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.34 NAME 'sambaLogonScript' DESC 'Logon script path' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
+
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.35 NAME 'sambaProfilePath' DESC 'Roaming profile path' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
+
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.36 NAME 'sambaUserWorkstations' DESC 'List of user workstations the user is allowed to logon to' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
+
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.37 NAME 'sambaHomePath' DESC 'Home directory UNC path' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.38 NAME 'sambaDomainName' DESC 'Windows NT domain to which the user belongs' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.20 NAME 'sambaSID' DESC 'Security ID' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
+
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.23 NAME 'sambaPrimaryGroupSID' DESC 'Primary Group Security ID' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
+
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.19 NAME 'sambaGroupType' DESC 'NT Group Type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.21 NAME 'sambaNextUserRid' DESC 'Next NT rid to give our for users' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.22 NAME 'sambaNextGroupRid' DESC 'Next NT rid to give out for groups' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.39 NAME 'sambaNextRid' DESC 'Next NT rid to give out for anything' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.40 NAME 'sambaAlgorithmicRidBase' DESC 'Base at which the samba RID generation algorithm should operate' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+#######################################################################
+## objectClasses used by Samba 3.0 schema ##
+#######################################################################
+dn: cn=schema
+changetype: modify
+add: objectClasses
+objectClasses: ( 1.3.6.1.4.1.7165.2.2.6 NAME 'sambaSamAccount' DESC 'Samba 3.0 Auxilary SAM Account' SUP top AUXILIARY MUST ( uid $ sambaSID ) MAY ( cn $ sambaLMPassword $ sambaNTPassword $ sambaPwdLastSet $sambaLogonTime $ sambaLogoffTime $sambaKickoffTime $sambaPwdCanChange $ sambaPwdMustChange $ sambaAcctFlags $displayName $ sambaHomePath $ sambaHomeDrive $ sambaLogonScript $sambaProfilePath $ description $ sambaUserWorkstations $sambaPrimaryGroupSID $ sambaDomainName ))
+
+dn: cn=schema
+changetype: modify
+add: objectClasses
+objectClasses: ( 1.3.6.1.4.1.7165.2.2.4 NAME 'sambaGroupMapping' DESC 'Samba Group Mapping' SUP top AUXILIARY MUST ( gidNumber $ sambaSID $ sambaGroupType ) MAY ( displayName $ description ))
+
+dn: cn=schema
+changetype: modify
+add: objectClasses
+objectClasses: ( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' DESC 'Samba Domain Information' SUP top STRUCTURAL MUST ( sambaDomainName $sambaSID ) MAY ( sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $sambaAlgorithmicRidBase ) )
+
+dn: cn=schema
+changetype: modify
+add: objectClasses
+objectClasses: ( 1.3.6.1.4.1.7165.1.2.2.7 NAME 'sambaUnixIdPool' DESC 'Pool for allocating UNIX uids/gids' SUP top AUXILIARY MUST ( uidNumber $ gidNumber ) )
+
+dn: cn=schema
+changetype: modify
+add: objectClasses
+objectClasses: ( 1.3.6.1.4.1.7165.1.2.2.8 NAME 'sambaIdmapEntry' DESC 'Mapping from a SID to an ID' SUP top AUXILIARY MUST ( sambaSID ) MAY ( uidNumber $ gidNumber ) )
+
+dn: cn=schema
+changetype: modify
+add: objectClasses
+objectClasses: ( 1.3.6.1.4.1.7165.1.2.2.9 NAME 'sambaSidEntry' DESC 'Structural Class for a SID' SUP top STRUCTURAL MUST ( sambaSID ) )
#
-# LDAP Schema file for SAMBA attribute storage
-# This file is suitable for usage with Netscape Directory Server 4.1x
-# Adapted by Scott Lawson with help from Ron Creamer
-#
+# LDAP Schema file for SAMBA 3.0 attribute storage
+# For Netscape Directory Server 4.1x
+# Prepared by Osman Demirhan
+
+attribute sambaLMPassword 1.3.6.1.4.1.7165.2.1.24 cis single
+attribute sambaNTPassword 1.3.6.1.4.1.7165.2.1.25 cis single
+attribute sambaAcctFlags 1.3.6.1.4.1.7165.2.1.26 cis single
+attribute sambaPwdLastSet 1.3.6.1.4.1.7165.2.1.27 int single
+attribute sambaPwdCanChange 1.3.6.1.4.1.7165.2.1.28 int single
+attribute sambaPwdMustChange 1.3.6.1.4.1.7165.2.1.29 int single
+attribute sambaLogonTime 1.3.6.1.4.1.7165.2.1.30 int single
+attribute sambaLogoffTime 1.3.6.1.4.1.7165.2.1.31 int single
+attribute sambaKickoffTime 1.3.6.1.4.1.7165.2.1.32 int single
+attribute sambaHomeDrive 1.3.6.1.4.1.7165.2.1.33 cis single
+attribute sambaLogonScript 1.3.6.1.4.1.7165.2.1.34 cis single
+attribute sambaProfilePath 1.3.6.1.4.1.7165.2.1.35 cis single
+attribute sambaUserWorkstations 1.3.6.1.4.1.7165.2.1.36 cis single
+attribute sambaHomePath 1.3.6.1.4.1.7165.2.1.37 cis single
+attribute sambaDomainName 1.3.6.1.4.1.7165.2.1.38 cis single
+attribute sambaSID 1.3.6.1.4.1.7165.2.1.20 cis single
+attribute sambaPrimaryGroupSID 1.3.6.1.4.1.7165.2.1.23 cis single
+attribute sambaGroupType 1.3.6.1.4.1.7165.2.1.19 int single
+attribute sambaNextUserRid 1.3.6.1.4.1.7165.2.1.21 int single
+attribute sambaNextGroupRid 1.3.6.1.4.1.7165.2.1.22 int single
+attribute sambaNextRid 1.3.6.1.4.1.7165.2.1.39 int single
+attribute sambaAlgorithmicRidBase 1.3.6.1.4.1.7165.2.1.40 int single
+
+objectclass sambaSamAccount
+ oid
+ 1.3.6.1.4.1.7165.2.2.6
+ superior
+ top
+ requires
+ objectClass,
+ uid,
+ sambaSID
+ allows
+ cn,
+ sambaLMPassword,
+ sambaNTPassword,
+ sambaPwdLastSet,
+ sambaLogonTime,
+ sambaLogoffTime,
+ sambaKickoffTime,
+ sambaPwdCanChange,
+ sambaPwdMustChange,
+ sambaAcctFlags,
+ displayName,
+ sambaHomePath,
+ sambaHomeDrive,
+ sambaLogonScript,
+ sambaProfilePath,
+ description,
+ sambaUserWorkstations,
+ sambaPrimaryGroupSID,
+ sambaDomainName
+
+objectclass sambaGroupMapping
+ oid
+ 1.3.6.1.4.1.7165.2.2.4
+ superior
+ top
+ requires
+ gidNumber,
+ sambaSID,
+ sambaGroupType
+ allows
+ displayName,
+ description
+
+objectclass sambaDomain
+ oid
+ 1.3.6.1.4.1.7165.2.2.5
+ superior
+ top
+ requires
+ sambaDomainName,
+ sambaSID
+ allows
+ sambaNextRid,
+ sambaNextGroupRid,
+ sambaNextUserRid,
+ sambaAlgorithmicRidBase
-attribute lmPassword 1.3.6.1.4.1.7165.2.1.1 cis single
-attribute ntPassword 1.3.6.1.4.1.7165.2.1.2 cis single
-attribute acctFlags 1.3.6.1.4.1.7165.2.1.4 cis single
-attribute pwdLastSet 1.3.6.1.4.1.7165.2.1.3 int single
-attribute logonTime 1.3.6.1.4.1.7165.2.1.5 int single
-attribute logoffTime 1.3.6.1.4.1.7165.2.1.6 int single
-attribute kickoffTime 1.3.6.1.4.1.7165.2.1.7 int single
-attribute pwdCanChange 1.3.6.1.4.1.7165.2.1.8 int single
-attribute pwdMustChange 1.3.6.1.4.1.7165.2.1.9 int single
-attribute homedrive 1.3.6.1.4.1.7165.2.1.10 cis single
-attribute scriptPath 1.3.6.1.4.1.7165.2.1.11 cis single
-attribute profilePath 1.3.6.1.4.1.7165.2.1.12 cis single
-attribute userWorkstations 1.3.6.1.4.1.7165.2.1.13 cis single
-attribute rid 1.3.6.1.4.1.7165.2.1.14 int single
-attribute primaryGroupID 1.3.6.1.4.1.7165.2.1.15 int single
-attribute smbHome 1.3.6.1.4.1.7165.2.1.17 cis single
-attribute domain 1.3.6.1.4.1.7165.2.1.18 cis single
+objectclass sambaUnixIdPool
+ oid
+ 1.3.6.1.4.1.7165.1.2.2.7
+ superior
+ top
+ requires
+ uidNumber,
+ gidNumber
-objectclass sambaAccount
- oid
- 1.3.1.5.1.4.1.7165.2.2.2
- superior
- top
- requires
- objectClass,
- uid,
- rid
- allows
- cn,
- lmPassword,
- ntPassword,
- pwdLastSet,
- logonTime,
- logoffTime,
- KickoffTime,
- pwdCanChange,
- pwdMustChange,
- acctFlags,
- displayName,
- smbHome,
- homeDrive,
- scriptPath,
- profilePath,
- description,
- userWorkstations,
- primaryGroupID,
- domain
+objectclass sambaIdmapEntry
+ oid
+ 1.3.6.1.4.1.7165.1.2.2.8
+ superior
+ top
+ requires
+ sambaSID
+ allows
+ uidNumber,
+ gidNumber
+objectclass sambaSidEntry
+ oid
+ 1.3.6.1.4.1.7165.1.2.2.9
+ superior
+ top
+ requires
+ sambaSID
git.samba.org / ira / wip.git / commitdiff