#Standard OpenLDAP attributes
-name
labeledURI
-objectClasses
createTimeStamp
-attributeTypes
objectClass
userPassword
seeAlso
uid
subSchemaSubEntry
structuralObjectClass
-modifyTimeStamp
distinguishedName
description
cn
-dITContentRules
top
-#Skip ObjectClasses
-subSchema
-#
+#The memberOf plugin provides this attribute
+memberOf
+#These conflict with OpenLDAP builtins
+attributeTypes:samba4AttributeTypes
+2.5.21.5:1.3.6.1.4.1.7165.4.255.7
+dITContentRules:samba4DITContentRules
+2.5.21.2:1.3.6.1.4.1.7165.4.255.6
+objectClasses:samba4ObjectClasses
+2.5.21.6:1.3.6.1.4.1.7165.4.255.5
+subSchema:samba4SubSchema
+2.5.20.1:1.3.6.1.4.1.7165.4.255.4
+#'name' is the RDN in AD, but something else in OpenLDAP
+name:samba4RDN
+#Remap these so that we don't put operational attributes in a schema MAY
+modifyTimeStamp:samba4ModifyTimestamp
+2.5.18.2:1.3.6.1.4.1.7165.4.255.3
#MiddleName has a conflicting OID
-2.16.840.1.113730.3.1.34:1.3.6.1.4.1.7165.4.1.8
+2.16.840.1.113730.3.1.34:1.3.6.1.4.1.7165.4.255.1
+#defaultGroup has a conflicting OID
+1.2.840.113556.1.4.480:1.3.6.1.4.1.7165.4.255.2
#This large integer format is unimplemented in OpenLDAP 2.3
1.2.840.113556.1.4.906:1.3.6.1.4.1.1466.115.121.1.27
#This case insensitive string isn't available
1.2.840.113556.1.4.905:1.3.6.1.4.1.1466.115.121.1.44
-#This type of DN isn't in OpenLDAP
-1.2.840.113556.1.4.903:1.3.6.1.4.1.1466.115.121.1.12
#Treat Security Descriptors as binary
1.2.840.113556.1.4.907:1.3.6.1.4.1.1466.115.121.1.40
+#Treat OIDs as case insensitive strings (as otherwise ldap class and
+#attribute names, declared at OIDs fail
+1.3.6.1.4.1.1466.115.121.1.38:1.3.6.1.4.1.1466.115.121.1.44
+#Treat Object(DN-Binary) as a binary blob
+1.2.840.113556.1.4.903:1.3.6.1.4.1.1466.115.121.1.40