diff options
-rw-r--r-- | ldap/schema/README.apple | 19 | ||||
-rw-r--r-- | ldap/schema/apple.schema | 937 |
2 files changed, 956 insertions, 0 deletions
diff --git a/ldap/schema/README.apple b/ldap/schema/README.apple new file mode 100644 index 0000000..5403189 --- /dev/null +++ b/ldap/schema/README.apple @@ -0,0 +1,19 @@ +Schemas grabbed from opensource.apple.com +========================================= + +apple +----- + +Objects needed for handling OpenDirectory using OpenLDAP. + +More info here: +http://kreaper.blogsome.com/2006/09/09/integrating-mac-os-x-into-unix-ldap-environment-with-nfs-home-directories/ +And here: http://www.emmes-world.de/mac-afp-homes.html + +For a non-LDAP approach to Portable Home Directorries (a.k.a. Mobila +Home Directories) see here: +http://managingosx.wordpress.com/2006/03/15/portable-home-directories-without-open-directory/ + + + +Source: http://www.opensource.apple.com/darwinsource/Current/OpenLDAP-69.0.2/OpenLDAP/servers/slapd/schema/ diff --git a/ldap/schema/apple.schema b/ldap/schema/apple.schema new file mode 100644 index 0000000..e400edc --- /dev/null +++ b/ldap/schema/apple.schema @@ -0,0 +1,937 @@ +#ident $Id: apple.schema,v 1.1 2007-01-14 16:59:02 jonas Exp $ +# +# Preliminary Apple OS X Native LDAP Schema +# This file is subject to change. +# + +# +# Container structural object class. +# +#objectclass ( +# 1.2.840.113556.1.3.23 +# NAME 'container' +# SUP top +# STRUCTURAL +# MUST ( cn ) ) + +# +# Time to live +# +attributetype ( + 1.3.6.1.4.1.250.1.60 + NAME 'ttl' + EQUALITY integerMatch + SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) + +objectclass ( + 1.3.6.1.4.1.250.3.18 + NAME 'cacheObject' + AUXILIARY + SUP top + DESC 'Auxiliary object class to hold TTL caching information' + MAY ( ttl ) ) + +# +# User attributes 1.3.6.1.4.1.63.1000.1.1.1.1 +# +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.1.6 + NAME 'apple-user-homeurl' + DESC 'home directory URL' + EQUALITY caseExactIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.1.7 + NAME 'apple-user-class' + DESC 'user class' + EQUALITY caseExactIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.1.8 + NAME 'apple-user-homequota' + DESC 'home directory quota' + EQUALITY caseExactIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.1.9 + NAME 'apple-user-mailattribute' + DESC 'mail attribute' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.1.10 + NAME 'apple-mcxflags' + DESC 'mcx flags' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) + +#attributetype ( +# 1.3.6.1.4.1.63.1000.1.1.1.1.11 +# NAME 'apple-mcxsettings' +# DESC 'mcx settings' +# EQUALITY caseExactMatch +# SUBSTR caseExactSubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.1.16 + NAME ( 'apple-mcxsettings' 'apple-mcxsettings2' ) + DESC 'mcx settings' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.1.12 + NAME 'apple-user-picture' + DESC 'picture' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.1.13 + NAME 'apple-user-printattribute' + DESC 'print attribute' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.1.14 + NAME 'apple-user-adminlimits' + DESC 'admin limits' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.1.15 + NAME 'apple-user-authenticationhint' + DESC 'password hint' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.1.17 + NAME 'apple-user-homesoftquota' + DESC 'home directory soft quota' + EQUALITY caseExactIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.1.18 + NAME 'apple-user-passwordpolicy' + DESC 'password policy options' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.1.19 + NAME ( 'apple-keyword' ) + DESC 'keywords' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.1.20 + NAME ( 'apple-generateduid' ) + DESC 'generated unique ID' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.1.21 + NAME ( 'apple-imhandle' ) + DESC 'IM handle (service:account name)' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.1.22 + NAME ( 'apple-webloguri' ) + DESC 'Weblog URI' + EQUALITY caseExactIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +# Alternative to using homeDirectory from RFC 2307. +#attributetype ( +# 1.3.6.1.4.1.63.1000.1.1.1.1.100 +# NAME 'apple-user-homeDirectory' +# DESC 'The absolute path to the home directory' +# EQUALITY caseExactIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +# +# User object class. +# +objectclass ( + 1.3.6.1.4.1.63.1000.1.1.2.1 + NAME 'apple-user' + SUP top + AUXILIARY + DESC 'apple user account' + MAY ( apple-user-homeurl $ apple-user-class $ + apple-user-homequota $ apple-user-mailattribute $ + apple-user-printattribute $ apple-mcxflags $ + apple-mcxsettings $ apple-user-adminlimits $ + apple-user-picture $ apple-user-authenticationhint $ + apple-user-homesoftquota $ apple-user-passwordpolicy $ + apple-keyword $ apple-generateduid $ apple-imhandle $ apple-webloguri $ + authAuthority $ acctFlags $ pwdLastSet $ logonTime $ + logoffTime $ kickoffTime $ homeDrive $ scriptPath $ + profilePath $ userWorkstations $ smbHome $ rid $ + primaryGroupID $ sambaSID $ sambaPrimaryGroupSID $ + userCertificate ) ) + +# +# Group attributes 1.3.6.1.4.1.63.1000.1.1.1.14 +# +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.14.1 + NAME 'apple-group-homeurl' + DESC 'group home url' + EQUALITY caseExactIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.14.2 + NAME 'apple-group-homeowner' + DESC 'group home owner settings' + EQUALITY caseExactIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.14.5 + NAME 'apple-group-realname' + DESC 'group real name' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.14.6 + NAME 'apple-group-nestedgroup' + DESC 'group real name' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.14.7 + NAME 'apple-group-memberguid' + DESC 'group real name' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# Alternative to using memberUid from RFC 2307. +#attributetype ( +# 1.3.6.1.4.1.63.1000.1.1.1.14.1000 +# NAME 'apple-group-memberUid' +# DESC 'group member list' +# EQUALITY caseExactIA5Match +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +# can also use OID 1.3.6.1.4.1.63.1000.1.1.2.1000 + +# +# Group auxiliary object class. +# +objectclass ( + 1.3.6.1.4.1.63.1000.1.1.2.14 + NAME 'apple-group' + SUP top + AUXILIARY + DESC 'group account' + MAY ( apple-group-homeurl $ + apple-group-homeowner $ + apple-mcxflags $ + apple-mcxsettings $ + apple-group-realname $ + apple-user-picture $ + apple-keyword $ + apple-generateduid $ + apple-group-nestedgroup $ + apple-group-memberguid $ + mail $ + rid $ + sambaSID $ + ttl ) ) + +# +# Machine attributes 1.3.6.1.4.1.63.1000.1.1.1.3 +# +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.3.8 + NAME 'apple-machine-software' + DESC 'installed system software' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.3.9 + NAME 'apple-machine-hardware' + DESC 'system hardware description' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributeType ( + 1.3.6.1.4.1.63.1000.1.1.1.3.10 + NAME 'apple-machine-serves' + DESC 'NetInfo Domain Server Binding' + EQUALITY caseExactIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributeType ( + 1.3.6.1.4.1.63.1000.1.1.1.3.11 + NAME 'apple-machine-suffix' + DESC 'DIT suffix' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +attributeType ( + 1.3.6.1.4.1.63.1000.1.1.1.3.12 + NAME 'apple-machine-contactperson' + DESC 'Name of contact person/owner of this machine' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# +# Machine auxiliary object class. +# +objectclass ( + 1.3.6.1.4.1.63.1000.1.1.2.3 + NAME 'apple-machine' + SUP top + AUXILIARY + MAY ( apple-machine-software $ + apple-machine-hardware $ + apple-machine-serves $ + apple-machine-suffix $ + apple-machine-contactperson ) ) + +# +# Mount attributes 1.3.6.1.4.1.63.1000.1.1.1.8 +# +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.8.1 + NAME 'mountDirectory' + DESC 'mount path' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.8.2 + NAME 'mountType' + DESC 'mount VFS type' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.8.3 + NAME 'mountOption' + DESC 'mount options' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.8.4 + NAME 'mountDumpFrequency' + DESC 'mount dump frequency' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.8.5 + NAME 'mountPassNo' + DESC 'mount passno' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +# Alternative to using 'cn' when adding mount record schema to other LDAP servers +#attributetype ( +# 1.3.6.1.4.1.63.1000.1.1.1.8.100 +# NAME ( 'apple-mount-name' ) +# DESC 'mount name' +# SUP name ) + +# +# Mount object 1.3.6.1.4.1.63.1000.1.1.2.8 +# +objectclass ( + 1.3.6.1.4.1.63.1000.1.1.2.8 + NAME 'mount' + SUP top STRUCTURAL + MUST ( cn ) + MAY ( mountDirectory $ + mountType $ + mountOption $ + mountDumpFrequency $ + mountPassNo ) ) + +# +# Printer attributes 1.3.6.1.4.1.63.1000.1.1.1.9 +# +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.9.1 + NAME 'apple-printer-attributes' + DESC 'printer attributes in /etc/printcap format' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.9.2 + NAME 'apple-printer-lprhost' + DESC 'printer LPR host name' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.9.3 + NAME 'apple-printer-lprqueue' + DESC 'printer LPR queue' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.9.4 + NAME 'apple-printer-type' + DESC 'printer type' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.9.5 + NAME 'apple-printer-note' + DESC 'printer note' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# +# Printer object 1.3.6.1.4.1.63.1000.1.1.2.9 +# +objectclass ( + 1.3.6.1.4.1.63.1000.1.1.2.9 + NAME 'apple-printer' + SUP top STRUCTURAL + MUST ( cn ) + MAY ( apple-printer-attributes $ + apple-printer-lprhost $ + apple-printer-lprqueue $ + apple-printer-type $ + apple-printer-note ) ) + +# +# Computer attributes 1.3.6.1.4.1.63.1000.1.1.1.10 +# + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.10.2 + NAME 'apple-realname' + DESC 'real name' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.10.3 + NAME 'apple-networkview' + DESC 'Network view for the computer' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.10.4 + NAME 'apple-category' + DESC 'Category for the computer or neighborhood' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# +# Computer list attributes 1.3.6.1.4.1.63.1000.1.1.1.11 +# + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.11.3 + NAME 'apple-computers' + DESC 'computers' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.11.4 + NAME 'apple-computer-list-groups' + DESC 'groups' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# +# XML plist attribute 1.3.6.1.4.1.63.1000.1.1.1.17.1 +# +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.17.1 + NAME 'apple-xmlplist' + DESC 'XML plist data' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) + +# +# Service URL attributes 1.3.6.1.4.1.63.1000.1.1.1.19.2 +# +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.19.2 + NAME 'apple-service-url' + DESC 'URL of service' + EQUALITY caseExactIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +# +# Computer object 1.3.6.1.4.1.63.1000.1.1.2.10 +# +objectclass ( + 1.3.6.1.4.1.63.1000.1.1.2.10 + NAME 'apple-computer' + DESC 'computer' + SUP top STRUCTURAL + MUST ( cn ) + MAY ( apple-realname $ + description $ + macAddress $ + apple-category $ + apple-computer-list-groups $ + apple-keyword $ + apple-mcxflags $ + apple-mcxsettings $ + apple-networkview $ + apple-xmlplist $ + apple-service-url $ + authAuthority $ + uidNumber $ gidNumber $ apple-generateduid $ ttl $ + acctFlags $ pwdLastSet $ logonTime $ + logoffTime $ kickoffTime $ rid $ primaryGroupID $ + sambaSID $ sambaPrimaryGroupSID ) ) + +# +# Computer list object 1.3.6.1.4.1.63.1000.1.1.2.11 +# +objectclass ( + 1.3.6.1.4.1.63.1000.1.1.2.11 + NAME 'apple-computer-list' + DESC 'computer list' + SUP top STRUCTURAL + MUST ( cn ) + MAY ( apple-mcxflags $ + apple-mcxsettings $ + apple-computer-list-groups $ + apple-computers $ + apple-generateduid $ + apple-keyword ) ) + +# +# Configuration attributes 1.3.6.1.4.1.63.1000.1.1.1.12 +# +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.12.1 + NAME 'apple-password-server-location' + DESC 'password server location' + EQUALITY caseExactIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.12.2 + NAME 'apple-data-stamp' + DESC 'data stamp' + EQUALITY caseExactIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.12.3 + NAME 'apple-config-realname' + DESC 'config real name' + EQUALITY caseExactIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.12.4 + NAME 'apple-password-server-list' + DESC 'password server replication plist' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.12.5 + NAME 'apple-ldap-replica' + DESC 'LDAP replication list' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.12.6 + NAME 'apple-ldap-writable-replica' + DESC 'LDAP writable replication list' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.12.7 + NAME 'apple-kdc-authkey' + DESC 'KDC master key RSA encrypted with realm public key' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.12.8 + NAME 'apple-kdc-configdata' + DESC 'Contents of the kdc.conf file' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) + +# +# Configuration object 1.3.6.1.4.1.63.1000.1.1.2.12 +# +objectclass ( + 1.3.6.1.4.1.63.1000.1.1.2.12 + NAME 'apple-configuration' + DESC 'configuration' + SUP top STRUCTURAL + MAY ( cn $ apple-config-realname $ + apple-data-stamp $ apple-password-server-location $ + apple-password-server-list $ apple-ldap-replica $ + apple-ldap-writable-replica $ apple-keyword $ + apple-kdc-authkey $ apple-kdc-configdata $ apple-xmlplist $ ttl ) ) + +# +# Preset computer list object class. +# +objectclass ( + 1.3.6.1.4.1.63.1000.1.1.2.13 + NAME 'apple-preset-computer-list' + DESC 'preset computer list' + SUP top STRUCTURAL + MUST ( cn ) + MAY ( apple-mcxflags $ + apple-mcxsettings $ + apple-computer-list-groups $ + apple-keyword ) ) + +# +# Preset group object 1.3.6.1.4.1.63.1000.1.1.3.14 +# +objectclass ( + 1.3.6.1.4.1.63.1000.1.1.3.14 + NAME 'apple-preset-group' + DESC 'preset group' + SUP top STRUCTURAL + MUST ( cn ) + MAY ( memberUid $ + gidNumber $ + description $ + apple-group-homeurl $ + apple-group-homeowner $ + apple-mcxflags $ + apple-mcxsettings $ + apple-group-realname $ + apple-keyword $ + apple-group-nestedgroup $ + apple-group-memberguid $ + ttl ) ) + +# +# Preset user object attributes 1.3.6.1.4.1.63.1000.1.1.1.15 +# +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.15.1 + NAME 'apple-preset-user-is-admin' + DESC 'flag indicating whether the preset user is an administrator' + EQUALITY caseExactIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +# +# Preset user object 1.3.6.1.4.1.63.1000.1.1.2.15 +# +objectclass ( + 1.3.6.1.4.1.63.1000.1.1.2.15 + NAME 'apple-preset-user' + DESC 'preset user' + SUP top STRUCTURAL + MUST ( cn ) + MAY ( uid $ + memberUid $ + gidNumber $ + homeDirectory $ + apple-user-homeurl $ + apple-user-homequota $ + apple-user-homesoftquota $ + apple-user-mailattribute $ + apple-user-printattribute $ + apple-mcxflags $ + apple-mcxsettings $ + apple-user-adminlimits $ + apple-user-passwordpolicy $ + userPassword $ + apple-user-picture $ + apple-keyword $ + loginShell $ + description $ + shadowLastChange $ + shadowExpire $ + authAuthority $ + homeDrive $ scriptPath $ profilePath $ smbHome $ + apple-preset-user-is-admin ) ) + +# +# Authentication authority attribute 1.3.6.1.4.1.63.1000.1.1.2.16.1 +# +#attributetype ( +# 1.3.6.1.4.1.63.1000.1.1.2.16.1 +# NAME 'authAuthority' +# DESC 'password server authentication authority' +# EQUALITY caseExactIA5Match +# SUBSTR caseExactIA5SubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +#attributetype ( +# 1.3.6.1.4.1.63.1000.1.1.2.16.2 +# NAME ( 'authAuthority' 'authAuthority2' ) +# DESC 'password server authentication authority' +# EQUALITY caseExactMatch +# SUBSTR caseExactSubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# +# Authentication authority object 1.3.6.1.4.1.63.1000.1.1.2.16 +# +objectclass ( + 1.3.6.1.4.1.63.1000.1.1.2.16 + NAME 'authAuthorityObject' + SUP top AUXILIARY + MAY ( authAuthority ) ) + +# +# Server Assistant configuration object 1.3.6.1.4.1.63.1000.1.1.2.17 +# +objectclass ( + 1.3.6.1.4.1.63.1000.1.1.2.17 + NAME 'apple-serverassistant-config' + SUP top STRUCTURAL + MUST ( cn ) + MAY ( apple-xmlplist ) ) + +# +# Location object attributes 1.3.6.1.4.1.63.1000.1.1.1.18 +# +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.18.1 + NAME 'apple-dns-domain' + DESC 'DNS domain' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.18.2 + NAME 'apple-dns-nameserver' + DESC 'DNS name server list' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# +# Location object 1.3.6.1.4.1.63.1000.1.1.2.18 +# +objectclass ( + 1.3.6.1.4.1.63.1000.1.1.2.18 + NAME 'apple-location' + SUP top AUXILIARY + MUST ( cn ) + MAY ( apple-dns-domain $ apple-dns-nameserver ) ) + +# +# Service object attributes 1.3.6.1.4.1.63.1000.1.1.1.19 +# +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.19.1 + NAME 'apple-service-type' + DESC 'type of service' + EQUALITY caseExactIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +#attributetype ( +# 1.3.6.1.4.1.63.1000.1.1.1.19.2 +# NAME 'apple-service-url' +# DESC 'URL of service' +# EQUALITY caseExactIA5Match +# SUBSTR caseExactIA5SubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.19.3 + NAME 'apple-service-port' + DESC 'Service port number' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.19.4 + NAME 'apple-dnsname' + DESC 'DNS name' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.19.5 + NAME 'apple-service-location' + DESC 'Service location' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# +# Service object 1.3.6.1.4.1.63.1000.1.1.2.19 +# +objectclass ( + 1.3.6.1.4.1.63.1000.1.1.2.19 + NAME 'apple-service' + SUP top STRUCTURAL + MUST ( cn $ + apple-service-type ) + MAY ( ipHostNumber $ + description $ + apple-service-location $ + apple-service-url $ + apple-service-port $ + apple-dnsname $ + apple-keyword ) ) + +# +# Neighborhood object attributes 1.3.6.1.4.1.63.1000.1.1.1.20 +# +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.20.1 + NAME 'apple-nodepathxml' + DESC 'XML plist of directory node path' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.20.2 + NAME 'apple-neighborhoodalias' + DESC 'XML plist referring to another neighborhood record' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +attributetype ( + 1.3.6.1.4.1.63.1000.1.1.1.20.3 + NAME 'apple-computeralias' + DESC 'XML plist referring to a computer record' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# +# Neighborhood object 1.3.6.1.4.1.63.1000.1.1.2.20 +# +objectclass ( + 1.3.6.1.4.1.63.1000.1.1.2.20 + NAME 'apple-neighborhood' + SUP top STRUCTURAL + MUST ( cn ) + MAY ( description $ + apple-generateduid $ + apple-category $ + apple-nodepathxml $ + apple-neighborhoodalias $ + apple-computeralias $ + apple-keyword $ + apple-realname $ + apple-xmlplist $ + ttl ) ) + +# +# ACL object attributes 1.3.6.1.4.1.63.1000.1.1.1.21 +# +#attributetype ( +# 1.3.6.1.4.1.63.1000.1.1.1.21.1 +# NAME 'apple-acl-entry' +# DESC 'acl entry' +# EQUALITY caseExactMatch +# SUBSTR caseExactSubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + +# +# ACL object 1.3.6.1.4.1.63.1000.1.1.2.21 +# +objectclass ( + 1.3.6.1.4.1.63.1000.1.1.2.21 + NAME 'apple-acl' + SUP top STRUCTURAL + MUST ( cn $ + apple-acl-entry ) ) + +# +# Schema attributes 1.3.6.1.4.1.63.1000.1.1.1.22 +# +#attributetype ( +# 1.3.6.1.4.1.63.1000.1.1.1.22.1 +# NAME 'attributeTypesConfig' +# DESC 'attribute type configuration' +# EQUALITY objectIdentifierFirstComponentMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.3 ) + +#attributetype ( +# 1.3.6.1.4.1.63.1000.1.1.1.22.2 +# NAME 'objectClassesConfig' +# DESC 'object class configuration' +# EQUALITY objectIdentifierFirstComponentMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.37 ) |