diff options
Diffstat (limited to 'ldap/schema/mHybrid.schema')
-rw-r--r-- | ldap/schema/mHybrid.schema | 85 |
1 files changed, 85 insertions, 0 deletions
diff --git a/ldap/schema/mHybrid.schema b/ldap/schema/mHybrid.schema new file mode 100644 index 0000000..d7c60ba --- /dev/null +++ b/ldap/schema/mHybrid.schema @@ -0,0 +1,85 @@ +# REQUIRES!!! officePerson and evolutionPerson schema + +# Attribute: uidAlias +# Description: An alternative user id or username for an account +attributetype ( 1.3.6.1.4.1.6921.2.58 + NAME ( 'uidAlias' 'useridAlias' ) + DESC 'uid alias' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) + +# Attribute: morrisonapplicationname +# Description: The name of an application or service +# Format: normal string, like - radius, opengroupware, lotusnotes, jive, etc... +attributetype ( 1.3.6.1.4.1.6921.2.51 + NAME 'morrisonapplicationname' + DESC 'Name of an application, service, or security context' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} SINGLE-VALUE ) + +# Objectclass: mHybridPerson +# Description: Seals the break in objectclass inheritence created +# by officePerson and evolutionPerson descending from inetOrgPerson +objectclass ( 1.3.6.1.4.1.6921.1.12 + NAME 'mHybridPerson' + DESC 'Combine several objectclasses to support multiple MUAs' + SUP ( inetOrgPerson $ officePerson $ evolutionPerson ) + STRUCTURAL ) + +# Objectclass: mHybridUserAccount +# Description: Seals the inheritence right between account and person +# objectclasses by descending from both account and mHybridPerson +objectclass ( 1.3.6.1.4.1.6921.1.24 + NAME 'mHybridUserAccount' + DESC 'Combine mHybridPerson and account' + SUP ( mHybridPerson $ account ) + STRUCTURAL ) + +# Objectclass: morrisonmailalias +# Descriptions: Extends the standard nisMailAlias objectclass to +# permit mail and owner attributes. Have a mail attribute +# means that most mail clients will let you search for this +# in LDAP and use it as a To: address as they would a person +# type object. The owner is useful in ACLs to grant rights +# to change membership of an alias to certain user and +# applications. +objectclass ( 1.3.6.1.4.1.6921.1.8 + NAME 'morrisonmailalias' + DESC 'nisMailAlias plus mail and owner attributes' + SUP nisMailAlias + MAY ( mail $ owner ) + STRUCTURAL ) + +# Objectclass: morrisonSystemAccount +# Description: Extends account to allow several useful attributes. +# Often times an application or service does has an e-mail +# address so "mail" has been added, "morrisonapplicationname" +# lets you specify the name of the application or network +# service that is actually using this account to bind and +# "uidAlias" is usefule if you want the account to be +# searchable by a different name perhaps from some related +# service or application. +objectclass ( 1.3.6.1.4.1.6921.1.25 + NAME 'morrisonSystemAccount' + DESC 'Extend account objectclass to allow attributes' + SUP account + MAY ( mail $ morrisonapplicationname $ uidAlias ) + STRUCTURAL ) + +# Objectclass: ownedObject +# Description: The owner attribute is very useful in many +# situations but only a few objectclasses include it. This +# auxilliary objectclass simply adds the owner attribute +# to any object via the use of an auxilliary objectclass. +# The owner attribute is especially useful for building +# ACLs that grant or revoke access with a very high +# degree of granularity; when groups or roles are not +# sufficient or simply overkill. +objectclass ( 1.3.6.1.4.1.6921.4.5 + NAME 'ownedObject' + DESC 'Extend allowed attributes to include owner' + MAY ( owner ) + AUXILIARY ) + + |