# REQUIRES!!! officePerson and evolutionPerson schema

# Attribute: uidAlias
# Description: An alternative user id or username for an account
attributetype ( 1.3.6.1.4.1.6921.2.58
  NAME ( 'uidAlias' 'useridAlias' )
  DESC 'uid alias'
  EQUALITY caseIgnoreMatch
  SUBSTR caseIgnoreSubstringsMatch
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )

# Attribute: morrisonapplicationname
# Description: The name of an application or service
# Format: normal string, like - radius, opengroupware, lotusnotes, jive, etc...
attributetype ( 1.3.6.1.4.1.6921.2.51
  NAME 'morrisonapplicationname'
  DESC 'Name of an application, service, or security context'
  EQUALITY caseIgnoreMatch
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} SINGLE-VALUE )

# Objectclass: mHybridPerson
# Description: Seals the break in objectclass inheritence created
#   by officePerson and evolutionPerson descending from inetOrgPerson
objectclass ( 1.3.6.1.4.1.6921.1.12
  NAME 'mHybridPerson'
  DESC 'Combine several objectclasses to support multiple MUAs'
  SUP ( inetOrgPerson $ officePerson $ evolutionPerson )
  STRUCTURAL )

# Objectclass: mHybridUserAccount
# Description:  Seals the inheritence right between account and person
#   objectclasses by descending from both account and mHybridPerson
objectclass ( 1.3.6.1.4.1.6921.1.24
  NAME 'mHybridUserAccount'
  DESC 'Combine mHybridPerson and account'
  SUP ( mHybridPerson $ account )
  STRUCTURAL )

# Objectclass:  morrisonmailalias
# Descriptions: Extends the standard nisMailAlias objectclass to
#   permit mail and owner attributes.  Have a mail attribute 
#   means that most mail clients will let you search for this
#   in LDAP and use it as a To: address as they would a person
#   type object.  The owner is useful in ACLs to grant rights
#   to change membership of an alias to certain user and
#   applications.
objectclass ( 1.3.6.1.4.1.6921.1.8
  NAME 'morrisonmailalias'
  DESC 'nisMailAlias plus mail and owner attributes'
  SUP nisMailAlias
  MAY ( mail $ owner )
  STRUCTURAL )

# Objectclass: morrisonSystemAccount
# Description:  Extends account to allow several useful attributes.
#   Often times an application or service does has an e-mail 
#   address so "mail" has been added,  "morrisonapplicationname"
#   lets you specify the name of the application or network
#   service that is actually using this account to bind and
#   "uidAlias" is usefule if you want the account to be 
#   searchable by a different name perhaps from some related
#   service or application.
objectclass ( 1.3.6.1.4.1.6921.1.25
  NAME 'morrisonSystemAccount'
  DESC 'Extend account objectclass to allow attributes'
  SUP account
  MAY ( mail $ morrisonapplicationname $ uidAlias )
  STRUCTURAL )

# Objectclass: ownedObject
# Description:  The owner attribute is very useful in many
#   situations but only a few objectclasses include it.  This
#   auxilliary objectclass simply adds the owner attribute
#   to any object via the use of an auxilliary objectclass.
#   The owner attribute is especially useful for building
#   ACLs that grant or revoke access with a very high
#   degree of granularity;  when groups or roles are not
#   sufficient or simply overkill.
objectclass ( 1.3.6.1.4.1.6921.4.5
  NAME 'ownedObject'
  DESC 'Extend allowed attributes to include owner'
  MAY ( owner )
  AUXILIARY )