summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ldap/schema/README.apple19
-rw-r--r--ldap/schema/apple.schema937
2 files changed, 956 insertions, 0 deletions
diff --git a/ldap/schema/README.apple b/ldap/schema/README.apple
new file mode 100644
index 0000000..5403189
--- /dev/null
+++ b/ldap/schema/README.apple
@@ -0,0 +1,19 @@
+Schemas grabbed from opensource.apple.com
+=========================================
+
+apple
+-----
+
+Objects needed for handling OpenDirectory using OpenLDAP.
+
+More info here:
+http://kreaper.blogsome.com/2006/09/09/integrating-mac-os-x-into-unix-ldap-environment-with-nfs-home-directories/
+And here: http://www.emmes-world.de/mac-afp-homes.html
+
+For a non-LDAP approach to Portable Home Directorries (a.k.a. Mobila
+Home Directories) see here:
+http://managingosx.wordpress.com/2006/03/15/portable-home-directories-without-open-directory/
+
+
+
+Source: http://www.opensource.apple.com/darwinsource/Current/OpenLDAP-69.0.2/OpenLDAP/servers/slapd/schema/
diff --git a/ldap/schema/apple.schema b/ldap/schema/apple.schema
new file mode 100644
index 0000000..e400edc
--- /dev/null
+++ b/ldap/schema/apple.schema
@@ -0,0 +1,937 @@
+#ident $Id: apple.schema,v 1.1 2007-01-14 16:59:02 jonas Exp $
+#
+# Preliminary Apple OS X Native LDAP Schema
+# This file is subject to change.
+#
+
+#
+# Container structural object class.
+#
+#objectclass (
+# 1.2.840.113556.1.3.23
+# NAME 'container'
+# SUP top
+# STRUCTURAL
+# MUST ( cn ) )
+
+#
+# Time to live
+#
+attributetype (
+ 1.3.6.1.4.1.250.1.60
+ NAME 'ttl'
+ EQUALITY integerMatch
+ SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
+
+objectclass (
+ 1.3.6.1.4.1.250.3.18
+ NAME 'cacheObject'
+ AUXILIARY
+ SUP top
+ DESC 'Auxiliary object class to hold TTL caching information'
+ MAY ( ttl ) )
+
+#
+# User attributes 1.3.6.1.4.1.63.1000.1.1.1.1
+#
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.1.6
+ NAME 'apple-user-homeurl'
+ DESC 'home directory URL'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.1.7
+ NAME 'apple-user-class'
+ DESC 'user class'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.1.8
+ NAME 'apple-user-homequota'
+ DESC 'home directory quota'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.1.9
+ NAME 'apple-user-mailattribute'
+ DESC 'mail attribute'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.1.10
+ NAME 'apple-mcxflags'
+ DESC 'mcx flags'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
+
+#attributetype (
+# 1.3.6.1.4.1.63.1000.1.1.1.1.11
+# NAME 'apple-mcxsettings'
+# DESC 'mcx settings'
+# EQUALITY caseExactMatch
+# SUBSTR caseExactSubstringsMatch
+# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.1.16
+ NAME ( 'apple-mcxsettings' 'apple-mcxsettings2' )
+ DESC 'mcx settings'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.1.12
+ NAME 'apple-user-picture'
+ DESC 'picture'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.1.13
+ NAME 'apple-user-printattribute'
+ DESC 'print attribute'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.1.14
+ NAME 'apple-user-adminlimits'
+ DESC 'admin limits'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.1.15
+ NAME 'apple-user-authenticationhint'
+ DESC 'password hint'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.1.17
+ NAME 'apple-user-homesoftquota'
+ DESC 'home directory soft quota'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.1.18
+ NAME 'apple-user-passwordpolicy'
+ DESC 'password policy options'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.1.19
+ NAME ( 'apple-keyword' )
+ DESC 'keywords'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.1.20
+ NAME ( 'apple-generateduid' )
+ DESC 'generated unique ID'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.1.21
+ NAME ( 'apple-imhandle' )
+ DESC 'IM handle (service:account name)'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.1.22
+ NAME ( 'apple-webloguri' )
+ DESC 'Weblog URI'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
+
+# Alternative to using homeDirectory from RFC 2307.
+#attributetype (
+# 1.3.6.1.4.1.63.1000.1.1.1.1.100
+# NAME 'apple-user-homeDirectory'
+# DESC 'The absolute path to the home directory'
+# EQUALITY caseExactIA5Match
+# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
+
+#
+# User object class.
+#
+objectclass (
+ 1.3.6.1.4.1.63.1000.1.1.2.1
+ NAME 'apple-user'
+ SUP top
+ AUXILIARY
+ DESC 'apple user account'
+ MAY ( apple-user-homeurl $ apple-user-class $
+ apple-user-homequota $ apple-user-mailattribute $
+ apple-user-printattribute $ apple-mcxflags $
+ apple-mcxsettings $ apple-user-adminlimits $
+ apple-user-picture $ apple-user-authenticationhint $
+ apple-user-homesoftquota $ apple-user-passwordpolicy $
+ apple-keyword $ apple-generateduid $ apple-imhandle $ apple-webloguri $
+ authAuthority $ acctFlags $ pwdLastSet $ logonTime $
+ logoffTime $ kickoffTime $ homeDrive $ scriptPath $
+ profilePath $ userWorkstations $ smbHome $ rid $
+ primaryGroupID $ sambaSID $ sambaPrimaryGroupSID $
+ userCertificate ) )
+
+#
+# Group attributes 1.3.6.1.4.1.63.1000.1.1.1.14
+#
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.14.1
+ NAME 'apple-group-homeurl'
+ DESC 'group home url'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.14.2
+ NAME 'apple-group-homeowner'
+ DESC 'group home owner settings'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.14.5
+ NAME 'apple-group-realname'
+ DESC 'group real name'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.14.6
+ NAME 'apple-group-nestedgroup'
+ DESC 'group real name'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.14.7
+ NAME 'apple-group-memberguid'
+ DESC 'group real name'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+# Alternative to using memberUid from RFC 2307.
+#attributetype (
+# 1.3.6.1.4.1.63.1000.1.1.1.14.1000
+# NAME 'apple-group-memberUid'
+# DESC 'group member list'
+# EQUALITY caseExactIA5Match
+# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+# can also use OID 1.3.6.1.4.1.63.1000.1.1.2.1000
+
+#
+# Group auxiliary object class.
+#
+objectclass (
+ 1.3.6.1.4.1.63.1000.1.1.2.14
+ NAME 'apple-group'
+ SUP top
+ AUXILIARY
+ DESC 'group account'
+ MAY ( apple-group-homeurl $
+ apple-group-homeowner $
+ apple-mcxflags $
+ apple-mcxsettings $
+ apple-group-realname $
+ apple-user-picture $
+ apple-keyword $
+ apple-generateduid $
+ apple-group-nestedgroup $
+ apple-group-memberguid $
+ mail $
+ rid $
+ sambaSID $
+ ttl ) )
+
+#
+# Machine attributes 1.3.6.1.4.1.63.1000.1.1.1.3
+#
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.3.8
+ NAME 'apple-machine-software'
+ DESC 'installed system software'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.3.9
+ NAME 'apple-machine-hardware'
+ DESC 'system hardware description'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+
+attributeType (
+ 1.3.6.1.4.1.63.1000.1.1.1.3.10
+ NAME 'apple-machine-serves'
+ DESC 'NetInfo Domain Server Binding'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+
+attributeType (
+ 1.3.6.1.4.1.63.1000.1.1.1.3.11
+ NAME 'apple-machine-suffix'
+ DESC 'DIT suffix'
+ EQUALITY caseIgnoreMatch
+ SUBSTR caseIgnoreSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributeType (
+ 1.3.6.1.4.1.63.1000.1.1.1.3.12
+ NAME 'apple-machine-contactperson'
+ DESC 'Name of contact person/owner of this machine'
+ EQUALITY caseIgnoreMatch
+ SUBSTR caseIgnoreSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+#
+# Machine auxiliary object class.
+#
+objectclass (
+ 1.3.6.1.4.1.63.1000.1.1.2.3
+ NAME 'apple-machine'
+ SUP top
+ AUXILIARY
+ MAY ( apple-machine-software $
+ apple-machine-hardware $
+ apple-machine-serves $
+ apple-machine-suffix $
+ apple-machine-contactperson ) )
+
+#
+# Mount attributes 1.3.6.1.4.1.63.1000.1.1.1.8
+#
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.8.1
+ NAME 'mountDirectory'
+ DESC 'mount path'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.8.2
+ NAME 'mountType'
+ DESC 'mount VFS type'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.8.3
+ NAME 'mountOption'
+ DESC 'mount options'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.8.4
+ NAME 'mountDumpFrequency'
+ DESC 'mount dump frequency'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.8.5
+ NAME 'mountPassNo'
+ DESC 'mount passno'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
+
+# Alternative to using 'cn' when adding mount record schema to other LDAP servers
+#attributetype (
+# 1.3.6.1.4.1.63.1000.1.1.1.8.100
+# NAME ( 'apple-mount-name' )
+# DESC 'mount name'
+# SUP name )
+
+#
+# Mount object 1.3.6.1.4.1.63.1000.1.1.2.8
+#
+objectclass (
+ 1.3.6.1.4.1.63.1000.1.1.2.8
+ NAME 'mount'
+ SUP top STRUCTURAL
+ MUST ( cn )
+ MAY ( mountDirectory $
+ mountType $
+ mountOption $
+ mountDumpFrequency $
+ mountPassNo ) )
+
+#
+# Printer attributes 1.3.6.1.4.1.63.1000.1.1.1.9
+#
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.9.1
+ NAME 'apple-printer-attributes'
+ DESC 'printer attributes in /etc/printcap format'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.9.2
+ NAME 'apple-printer-lprhost'
+ DESC 'printer LPR host name'
+ EQUALITY caseIgnoreMatch
+ SUBSTR caseIgnoreSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.9.3
+ NAME 'apple-printer-lprqueue'
+ DESC 'printer LPR queue'
+ EQUALITY caseIgnoreMatch
+ SUBSTR caseIgnoreSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.9.4
+ NAME 'apple-printer-type'
+ DESC 'printer type'
+ EQUALITY caseIgnoreMatch
+ SUBSTR caseIgnoreSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.9.5
+ NAME 'apple-printer-note'
+ DESC 'printer note'
+ EQUALITY caseIgnoreMatch
+ SUBSTR caseIgnoreSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+#
+# Printer object 1.3.6.1.4.1.63.1000.1.1.2.9
+#
+objectclass (
+ 1.3.6.1.4.1.63.1000.1.1.2.9
+ NAME 'apple-printer'
+ SUP top STRUCTURAL
+ MUST ( cn )
+ MAY ( apple-printer-attributes $
+ apple-printer-lprhost $
+ apple-printer-lprqueue $
+ apple-printer-type $
+ apple-printer-note ) )
+
+#
+# Computer attributes 1.3.6.1.4.1.63.1000.1.1.1.10
+#
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.10.2
+ NAME 'apple-realname'
+ DESC 'real name'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.10.3
+ NAME 'apple-networkview'
+ DESC 'Network view for the computer'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.10.4
+ NAME 'apple-category'
+ DESC 'Category for the computer or neighborhood'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+#
+# Computer list attributes 1.3.6.1.4.1.63.1000.1.1.1.11
+#
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.11.3
+ NAME 'apple-computers'
+ DESC 'computers'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.11.4
+ NAME 'apple-computer-list-groups'
+ DESC 'groups'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+#
+# XML plist attribute 1.3.6.1.4.1.63.1000.1.1.1.17.1
+#
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.17.1
+ NAME 'apple-xmlplist'
+ DESC 'XML plist data'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
+
+#
+# Service URL attributes 1.3.6.1.4.1.63.1000.1.1.1.19.2
+#
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.19.2
+ NAME 'apple-service-url'
+ DESC 'URL of service'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+
+#
+# Computer object 1.3.6.1.4.1.63.1000.1.1.2.10
+#
+objectclass (
+ 1.3.6.1.4.1.63.1000.1.1.2.10
+ NAME 'apple-computer'
+ DESC 'computer'
+ SUP top STRUCTURAL
+ MUST ( cn )
+ MAY ( apple-realname $
+ description $
+ macAddress $
+ apple-category $
+ apple-computer-list-groups $
+ apple-keyword $
+ apple-mcxflags $
+ apple-mcxsettings $
+ apple-networkview $
+ apple-xmlplist $
+ apple-service-url $
+ authAuthority $
+ uidNumber $ gidNumber $ apple-generateduid $ ttl $
+ acctFlags $ pwdLastSet $ logonTime $
+ logoffTime $ kickoffTime $ rid $ primaryGroupID $
+ sambaSID $ sambaPrimaryGroupSID ) )
+
+#
+# Computer list object 1.3.6.1.4.1.63.1000.1.1.2.11
+#
+objectclass (
+ 1.3.6.1.4.1.63.1000.1.1.2.11
+ NAME 'apple-computer-list'
+ DESC 'computer list'
+ SUP top STRUCTURAL
+ MUST ( cn )
+ MAY ( apple-mcxflags $
+ apple-mcxsettings $
+ apple-computer-list-groups $
+ apple-computers $
+ apple-generateduid $
+ apple-keyword ) )
+
+#
+# Configuration attributes 1.3.6.1.4.1.63.1000.1.1.1.12
+#
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.12.1
+ NAME 'apple-password-server-location'
+ DESC 'password server location'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.12.2
+ NAME 'apple-data-stamp'
+ DESC 'data stamp'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.12.3
+ NAME 'apple-config-realname'
+ DESC 'config real name'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.12.4
+ NAME 'apple-password-server-list'
+ DESC 'password server replication plist'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.12.5
+ NAME 'apple-ldap-replica'
+ DESC 'LDAP replication list'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.12.6
+ NAME 'apple-ldap-writable-replica'
+ DESC 'LDAP writable replication list'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.12.7
+ NAME 'apple-kdc-authkey'
+ DESC 'KDC master key RSA encrypted with realm public key'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.12.8
+ NAME 'apple-kdc-configdata'
+ DESC 'Contents of the kdc.conf file'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
+
+#
+# Configuration object 1.3.6.1.4.1.63.1000.1.1.2.12
+#
+objectclass (
+ 1.3.6.1.4.1.63.1000.1.1.2.12
+ NAME 'apple-configuration'
+ DESC 'configuration'
+ SUP top STRUCTURAL
+ MAY ( cn $ apple-config-realname $
+ apple-data-stamp $ apple-password-server-location $
+ apple-password-server-list $ apple-ldap-replica $
+ apple-ldap-writable-replica $ apple-keyword $
+ apple-kdc-authkey $ apple-kdc-configdata $ apple-xmlplist $ ttl ) )
+
+#
+# Preset computer list object class.
+#
+objectclass (
+ 1.3.6.1.4.1.63.1000.1.1.2.13
+ NAME 'apple-preset-computer-list'
+ DESC 'preset computer list'
+ SUP top STRUCTURAL
+ MUST ( cn )
+ MAY ( apple-mcxflags $
+ apple-mcxsettings $
+ apple-computer-list-groups $
+ apple-keyword ) )
+
+#
+# Preset group object 1.3.6.1.4.1.63.1000.1.1.3.14
+#
+objectclass (
+ 1.3.6.1.4.1.63.1000.1.1.3.14
+ NAME 'apple-preset-group'
+ DESC 'preset group'
+ SUP top STRUCTURAL
+ MUST ( cn )
+ MAY ( memberUid $
+ gidNumber $
+ description $
+ apple-group-homeurl $
+ apple-group-homeowner $
+ apple-mcxflags $
+ apple-mcxsettings $
+ apple-group-realname $
+ apple-keyword $
+ apple-group-nestedgroup $
+ apple-group-memberguid $
+ ttl ) )
+
+#
+# Preset user object attributes 1.3.6.1.4.1.63.1000.1.1.1.15
+#
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.15.1
+ NAME 'apple-preset-user-is-admin'
+ DESC 'flag indicating whether the preset user is an administrator'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
+
+#
+# Preset user object 1.3.6.1.4.1.63.1000.1.1.2.15
+#
+objectclass (
+ 1.3.6.1.4.1.63.1000.1.1.2.15
+ NAME 'apple-preset-user'
+ DESC 'preset user'
+ SUP top STRUCTURAL
+ MUST ( cn )
+ MAY ( uid $
+ memberUid $
+ gidNumber $
+ homeDirectory $
+ apple-user-homeurl $
+ apple-user-homequota $
+ apple-user-homesoftquota $
+ apple-user-mailattribute $
+ apple-user-printattribute $
+ apple-mcxflags $
+ apple-mcxsettings $
+ apple-user-adminlimits $
+ apple-user-passwordpolicy $
+ userPassword $
+ apple-user-picture $
+ apple-keyword $
+ loginShell $
+ description $
+ shadowLastChange $
+ shadowExpire $
+ authAuthority $
+ homeDrive $ scriptPath $ profilePath $ smbHome $
+ apple-preset-user-is-admin ) )
+
+#
+# Authentication authority attribute 1.3.6.1.4.1.63.1000.1.1.2.16.1
+#
+#attributetype (
+# 1.3.6.1.4.1.63.1000.1.1.2.16.1
+# NAME 'authAuthority'
+# DESC 'password server authentication authority'
+# EQUALITY caseExactIA5Match
+# SUBSTR caseExactIA5SubstringsMatch
+# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+
+#attributetype (
+# 1.3.6.1.4.1.63.1000.1.1.2.16.2
+# NAME ( 'authAuthority' 'authAuthority2' )
+# DESC 'password server authentication authority'
+# EQUALITY caseExactMatch
+# SUBSTR caseExactSubstringsMatch
+# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+#
+# Authentication authority object 1.3.6.1.4.1.63.1000.1.1.2.16
+#
+objectclass (
+ 1.3.6.1.4.1.63.1000.1.1.2.16
+ NAME 'authAuthorityObject'
+ SUP top AUXILIARY
+ MAY ( authAuthority ) )
+
+#
+# Server Assistant configuration object 1.3.6.1.4.1.63.1000.1.1.2.17
+#
+objectclass (
+ 1.3.6.1.4.1.63.1000.1.1.2.17
+ NAME 'apple-serverassistant-config'
+ SUP top STRUCTURAL
+ MUST ( cn )
+ MAY ( apple-xmlplist ) )
+
+#
+# Location object attributes 1.3.6.1.4.1.63.1000.1.1.1.18
+#
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.18.1
+ NAME 'apple-dns-domain'
+ DESC 'DNS domain'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.18.2
+ NAME 'apple-dns-nameserver'
+ DESC 'DNS name server list'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+#
+# Location object 1.3.6.1.4.1.63.1000.1.1.2.18
+#
+objectclass (
+ 1.3.6.1.4.1.63.1000.1.1.2.18
+ NAME 'apple-location'
+ SUP top AUXILIARY
+ MUST ( cn )
+ MAY ( apple-dns-domain $ apple-dns-nameserver ) )
+
+#
+# Service object attributes 1.3.6.1.4.1.63.1000.1.1.1.19
+#
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.19.1
+ NAME 'apple-service-type'
+ DESC 'type of service'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+
+#attributetype (
+# 1.3.6.1.4.1.63.1000.1.1.1.19.2
+# NAME 'apple-service-url'
+# DESC 'URL of service'
+# EQUALITY caseExactIA5Match
+# SUBSTR caseExactIA5SubstringsMatch
+# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.19.3
+ NAME 'apple-service-port'
+ DESC 'Service port number'
+ EQUALITY integerMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.19.4
+ NAME 'apple-dnsname'
+ DESC 'DNS name'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.19.5
+ NAME 'apple-service-location'
+ DESC 'Service location'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+#
+# Service object 1.3.6.1.4.1.63.1000.1.1.2.19
+#
+objectclass (
+ 1.3.6.1.4.1.63.1000.1.1.2.19
+ NAME 'apple-service'
+ SUP top STRUCTURAL
+ MUST ( cn $
+ apple-service-type )
+ MAY ( ipHostNumber $
+ description $
+ apple-service-location $
+ apple-service-url $
+ apple-service-port $
+ apple-dnsname $
+ apple-keyword ) )
+
+#
+# Neighborhood object attributes 1.3.6.1.4.1.63.1000.1.1.1.20
+#
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.20.1
+ NAME 'apple-nodepathxml'
+ DESC 'XML plist of directory node path'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.20.2
+ NAME 'apple-neighborhoodalias'
+ DESC 'XML plist referring to another neighborhood record'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributetype (
+ 1.3.6.1.4.1.63.1000.1.1.1.20.3
+ NAME 'apple-computeralias'
+ DESC 'XML plist referring to a computer record'
+ EQUALITY caseExactMatch
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+#
+# Neighborhood object 1.3.6.1.4.1.63.1000.1.1.2.20
+#
+objectclass (
+ 1.3.6.1.4.1.63.1000.1.1.2.20
+ NAME 'apple-neighborhood'
+ SUP top STRUCTURAL
+ MUST ( cn )
+ MAY ( description $
+ apple-generateduid $
+ apple-category $
+ apple-nodepathxml $
+ apple-neighborhoodalias $
+ apple-computeralias $
+ apple-keyword $
+ apple-realname $
+ apple-xmlplist $
+ ttl ) )
+
+#
+# ACL object attributes 1.3.6.1.4.1.63.1000.1.1.1.21
+#
+#attributetype (
+# 1.3.6.1.4.1.63.1000.1.1.1.21.1
+# NAME 'apple-acl-entry'
+# DESC 'acl entry'
+# EQUALITY caseExactMatch
+# SUBSTR caseExactSubstringsMatch
+# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+#
+# ACL object 1.3.6.1.4.1.63.1000.1.1.2.21
+#
+objectclass (
+ 1.3.6.1.4.1.63.1000.1.1.2.21
+ NAME 'apple-acl'
+ SUP top STRUCTURAL
+ MUST ( cn $
+ apple-acl-entry ) )
+
+#
+# Schema attributes 1.3.6.1.4.1.63.1000.1.1.1.22
+#
+#attributetype (
+# 1.3.6.1.4.1.63.1000.1.1.1.22.1
+# NAME 'attributeTypesConfig'
+# DESC 'attribute type configuration'
+# EQUALITY objectIdentifierFirstComponentMatch
+# SYNTAX 1.3.6.1.4.1.1466.115.121.1.3 )
+
+#attributetype (
+# 1.3.6.1.4.1.63.1000.1.1.1.22.2
+# NAME 'objectClassesConfig'
+# DESC 'object class configuration'
+# EQUALITY objectIdentifierFirstComponentMatch
+# SYNTAX 1.3.6.1.4.1.1466.115.121.1.37 )