Sisyphus repositório
Última atualização: 1 outubro 2023 | SRPMs: 18631 | Visitas: 37531705
en ru br
ALT Linux repositórios
S:2.6.4-alt1
5.0: 2.3.43-alt2
4.1: 2.3.41-alt3.M41.3
4.0: 2.3.35-alt1.M40.1
3.0: 2.2.27-alt1.1

Group :: Sistema/Servidores
RPM: openldap

 Main   Changelog   Spec   Patches   Sources   Download   Gear   Bugs e FR  Repocop 

schema/000075500000000000000000000000001223445131100123105ustar00rootroot00000000000000schema/autofs.schema000064400000000000000000000013541223445131100147760ustar00rootroot00000000000000# Depends upon core.schema and cosine.schema

# OID Base is 1.3.6.1.4.1.2312.4
#
# Attribute types are under 1.3.6.1.4.1.2312.4.1
# Object classes are under 1.3.6.1.4.1.2312.4.2
# Syntaxes are under 1.3.6.1.4.1.2312.4.3

# Attribute Type Definitions

attributetype ( 1.3.6.1.1.1.1.25 NAME 'automountInformation'
	DESC 'Information used by the autofs automounter'
	EQUALITY caseExactIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

objectclass ( 1.3.6.1.1.1.1.13 NAME 'automount' SUP top STRUCTURAL
	DESC 'An entry in an automounter map'
	MUST ( cn $ automountInformation )
	MAY ( description ) )

objectclass ( 1.3.6.1.4.1.2312.4.2.2 NAME 'automountMap' SUP top STRUCTURAL
	DESC 'An group of related automount objects'
	MUST ( ou ) )
schema/courier.schema000064400000000000000000000100221223445131100151350ustar00rootroot00000000000000#$Id: authldap.schema,v 1.8 2005/03/20 19:10:30 mrsam Exp $
#
# OID prefix: 1.3.6.1.4.1.10018
#
# Attributes: 1.3.6.1.4.1.10018.1.1
#
# Depends on: nis.schema, which depends on cosine.schema

attributetype ( 1.3.6.1.4.1.10018.1.1.1 NAME 'mailbox'
	DESC 'The absolute path to the mailbox for a mail account in a non-default location'
        EQUALITY caseExactIA5Match
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.10018.1.1.2 NAME 'quota'
	DESC 'A string that represents the quota on a mailbox'
        EQUALITY caseExactIA5Match
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.10018.1.1.3 NAME 'clearPassword'
	DESC 'A separate text that stores the mail account password in clear text'
        EQUALITY octetStringMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128})

attributetype ( 1.3.6.1.4.1.10018.1.1.4 NAME 'maildrop'
        DESC 'RFC822 Mailbox - mail alias'
        EQUALITY caseIgnoreIA5Match
        SUBSTR caseIgnoreIA5SubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

attributetype ( 1.3.6.1.4.1.10018.1.1.5 NAME 'mailsource'
        DESC 'Message source'
        EQUALITY caseIgnoreIA5Match
        SUBSTR caseIgnoreIA5SubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributetype ( 1.3.6.1.4.1.10018.1.1.6 NAME 'virtualdomain'
        DESC 'A mail domain that is mapped to a single mail account'
        EQUALITY caseIgnoreIA5Match
        SUBSTR caseIgnoreIA5SubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributetype ( 1.3.6.1.4.1.10018.1.1.7 NAME 'virtualdomainuser'
        DESC 'Mailbox that receives mail for a mail domain'
        EQUALITY caseIgnoreIA5Match
        SUBSTR caseIgnoreIA5SubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributetype ( 1.3.6.1.4.1.10018.1.1.8 NAME 'defaultdelivery'
        DESC 'Default mail delivery instructions'
        EQUALITY caseExactIA5Match
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributetype ( 1.3.6.1.4.1.10018.1.1.9 NAME 'disableimap'
        DESC 'Set this attribute to 1 to disable IMAP access'
        EQUALITY caseExactIA5Match
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributetype ( 1.3.6.1.4.1.10018.1.1.10 NAME 'disablepop3'
        DESC 'Set this attribute to 1 to disable POP3 access'
        EQUALITY caseExactIA5Match
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributetype ( 1.3.6.1.4.1.10018.1.1.11 NAME 'disablewebmail'
        DESC 'Set this attribute to 1 to disable IMAP access'
        EQUALITY caseExactIA5Match
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributetype ( 1.3.6.1.4.1.10018.1.1.12 NAME 'sharedgroup'
        DESC 'Virtual shared group'
        EQUALITY caseExactIA5Match
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributetype ( 1.3.6.1.4.1.10018.1.1.13 NAME 'disableshared'
        DESC 'Set this attribute to 1 to disable shared mailbox usage'
        EQUALITY caseExactIA5Match
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributetype ( 1.3.6.1.4.1.10018.1.1.14 NAME 'proxymailhost'
        DESC 'Host to which incoming POP/IMAP connections should be proxied'
        EQUALITY caseIgnoreIA5Match
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

#
# Objects: 1.3.6.1.4.1.10018.1.2
#

objectclass ( 1.3.6.1.4.1.10018.1.2.1 NAME 'CourierMailAccount' SUP top AUXILIARY
	DESC 'Mail account object as used by the Courier mail server'
	MUST ( mail $ homeDirectory )
        MAY ( uidNumber $ gidNumber $ mailbox $ uid $ cn $ gecos $ description $ loginShell $ quota $ userPassword $ clearPassword $ defaultdelivery $ disableimap $ disablepop3 $ disablewebmail $ sharedgroup $ disableshared $ proxymailhost) )

objectclass ( 1.3.6.1.4.1.10018.1.2.2 NAME 'CourierMailAlias' SUP top AUXILIARY
	DESC 'Mail aliasing/forwarding entry'
	MUST ( mail $ maildrop )
        MAY ( mailsource $ description ) )

objectclass ( 1.3.6.1.4.1.10018.1.2.3 NAME 'CourierDomainAlias' SUP top AUXILIARY
	DESC 'Domain mail aliasing/forwarding entry'
	MUST ( virtualdomain $ virtualdomainuser )
        MAY ( mailsource $ description ) )
schema/cron.schema000064400000000000000000000033621223445131100144370ustar00rootroot00000000000000#
# cron directory schema v0.6
#
# Created: February 17, 2001
# Author: David E. Storey <David.Storey@eyeo.com>
#
# This is an experimental schema.
# There are no known daemons that support this schema.
# (and if there are, please tell me)
#

attributetype ( 1.3.6.1.4.1.7006.1.3.1.1
	NAME 'cronHost'
	DESC 'host(s) to run crontab'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

#
# values in a crontab that are seperated by a ',' should map
# to multiple values of the corresponding attributetype
# in this schema.
#

attributetype ( 1.3.6.1.4.1.7006.1.3.1.2
	NAME 'cronMinute'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 )

attributetype ( 1.3.6.1.4.1.7006.1.3.1.3
	NAME 'cronHour'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 )

attributetype ( 1.3.6.1.4.1.7006.1.3.1.4
	NAME 'cronDay'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 )

attributetype ( 1.3.6.1.4.1.7006.1.3.1.5
	NAME 'cronMonth'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 )

attributetype ( 1.3.6.1.4.1.7006.1.3.1.6
	NAME 'cronDayOfWeek'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 )

attributetype ( 1.3.6.1.4.1.7006.1.3.1.7
	NAME 'cronCommand'
	DESC 'Command shell string to be executed'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 
	SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.3.1.8
	NAME 'cronActive'
	DESC 'Denotes the active/inactive state of the cron entry'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
	SINGLE-VALUE )

#
# cronEntry
#
# what should cron daemons do with an empty cronHost attribute?
#
# cron[Minute|Hour|Day|Month|DayOfWeek] are optional.
# Absence of any of these attributes assumes a value of '*'.
#
objectclass ( 1.3.6.1.4.1.7006.1.3.2.1
	NAME 'cronEntry'
	SUP top
	STRUCTURAL
	MUST ( cn $ cronCommand $ uid )
	MAY ( cronHost $
		cronMinute $
		cronHour $
		cronDay $
		cronMonth $
		cronDayOfWeek $
		owner $
		description ) )
schema/dns.schema000064400000000000000000000107761223445131100142710ustar00rootroot00000000000000#
# dns.schema
#
# Author: David E. Storey <dave@tamos.net>
# Created: February 27, 2001
# Updated: March 3rd, 2001
# Version: 0.1.1
#
# Product specific extensions can be added by subclassing these objectclasses.
# If more global changes are required, use multiple inheritance.
#
# TODO: loads
#

#
# dnsServer
#
# Should probably store zones that we serve
#
objectclass ( oid
	NAME 'dnsServer'
	SUP top AUXILIARY 
	MAY member )

#
# base RR Objectclass
#

attributetype ( oid
	NAME 'dnsTTL'
	DESC 'Time To Live'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
	SINGLE-VALUE )

#
# DNS Class Attribute
# If not specified, should assume 'IN'.
#

attributetype ( oid
	NAME 'dnsClass'
	DESC 'Class (for example, CHAOS or IN)'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.44
	SINGLE-VALUE )

# The commonName attribute should be the Fully Qualified Domain Name of the domain we're storing

objectclass ( oid
	NAME 'dnsResourceRecord'
	DESC 'Abstract objectclass from which all DNS Record Types should subclass'
	SUP top ABSTRACT
	MUST cn
	MAY ( dnsTTL $ dnsClass ) )

#
# Start of Authority (SOA)
#

#
# This should not be a DN, but rather the actual name of the host.
# If it is not an FQDN, the host name should be taken relative to the zone.
#

attributetype ( oid
	NAME 'dnsSOAPrimaryNS'
	DESC 'Primary nameserver for the zone'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
	SINGLE-VALUE )

attributetype ( oid
	NAME 'dnsSOAHostmasterMail'
	DESC 'Mailbox for zone administrator'
	EQUALITY caseIgnoreIA5Match
	SUBSTR caseIgnoreIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
	SINGLE-VALUE )

attributetype ( oid
	NAME 'dnsSOASerial'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
	SINGLE-VALUE )

attributetype ( oid
	NAME 'dnsSOARefresh'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
	SINGLE-VALUE )

attributetype ( oid
	NAME 'dnsSOARetry'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
	SINGLE-VALUE )

attributetype ( oid
	NAME 'dnsSOAExpire'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
	SINGLE-VALUE )

attributetype ( oid
	NAME 'dnsSOAMinimum'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
	SINGLE-VALUE )

objectclass ( oid
	NAME 'dnsSOARecord'
	DESC 'DNS Start Of Authority Record'
	SUP dnsResourceRecord AUXILIARY
	MAY ( dnsSOAPrimaryNS $ dnsSOAHostmasterMail $ dnsSOASerial $ dnsSOARefresh $
		dnsSOARetry $ dnsSOAExpire $ dnsSOAMinimum ) )

#
# NS
#

attributetype ( oid
	NAME 'dnsNSHost'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

objectclass ( oid
	NAME 'dnsNSRecord'
	DESC 'DNS Name Server Record'
	SUP dnsResourceRecord AUXILIARY
	MUST dnsNSHost )

#
# MX
#

attributetype ( oid
	NAME 'dnsMXPreference'
	DESC 'Mail Exchanger Preference'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
	SINGLE-VALUE )

attributetype ( oid
	NAME 'dnsMXHost'
	DESC 'Mail Exchanger'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
	SINGLE-VALUE )

objectclass ( oid
	NAME 'dnsMXRecord'
	DESC 'DNS Mail Exchanger Record'
	SUP dnsResourceRecord AUXILIARY 
	MUST ( dnsMXPreference $ dnsMXHost ) )

#
# A
#

objectclass ( oid
	NAME 'dnsARecord'
	SUP dnsResourceRecord AUXILIARY
	MUST ipHostNumber )

#
# CNAME
#

objectclass ( oid
	NAME 'dnsCNAMERecord'
	SUP dnsResourceRecord AUXILIARY )

#
# TXT
#

objectclass ( oid
	NAME 'dnsTXTRecord'
	SUP dnsResourceRecord AUXILIARY )

#
# PTR
#

objectclass ( oid
	NAME 'dnsPTRRecord'
	SUP dnsResourceRecord AUXILIARY 
	MUST ipHostNumber )

#
# SRV
#

attributetype ( oid
	NAME 'dnsSRVPriority'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
	SINGLE-VALUE )

attributetype ( oid
	NAME 'dnsSRVWeight'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
	SINGLE-VALUE )

attributetype ( oid
	NAME 'dnsSRVPort'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
	SINGLE-VALUE )

attributetype ( oid
	NAME 'dnsSRVTarget'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
	SINGLE-VALUE )

objectclass ( oid
	NAME 'dnsSRVRecord'
	DESC 'Resource Location Record'
	SUP dnsResourceRecord AUXILIARY
	MUST ( ipServiceProtocol $ dnsSRVPriority $ dnsSRVWeight $ dnsSRVPort $ dnsSRVTarget ) )

#
# HINFO
#

attributetype ( oid
	NAME 'dnsHardware'
	SINGLE-VALUE )

attributetype ( oid
	NAME 'dnsSoftware'
	SINGLE-VALUE )

objectclass ( oid
	NAME 'dnsHINFORecord'
	DESC 'Host Information Record'
	MUST ( dnsHardware $ dnsSoftware ) )

#
# TKEY
#

objectclass ( oid
	NAME 'dnsTKEYRecord' )

#
# Generic Resource Record
#

attributetype ( oid
	NAME 'dnsRRType'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.6
	SINGLE-VALUE )

attributetype ( oid
	NAME 'dnsRRData'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.6
	SINGLE-VALUE )

objectclass ( oid
	NAME 'dnsGenericRecord'
	DESC 'DNS Generic Record Type'
	SUP dnsResourceRecord AUXILIARY
	MUST ( dnsRRType $ dnsRRData ) )

# eof dns.schema
schema/freeradius.schema000064400000000000000000000327661223445131100156410ustar00rootroot00000000000000# This is a LDAPv3 schema for RADIUS attributes.
# Tested on OpenLDAP 2.0.7
# Posted by Javier Fernandez-Sanguino Pena <jfernandez@sgi.es>
# LDAP v3 version by Jochen Friedrich <jochen@scram.de>
# Updates by Adrian Pavlykevych <pam@polynet.lviv.ua>
##############

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.1
      NAME 'radiusArapFeatures'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.2
      NAME 'radiusArapSecurity'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.3
      NAME 'radiusArapZoneAccess'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.44
     NAME 'radiusAuthType'
     DESC ''
     EQUALITY caseIgnoreIA5Match
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
     SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.4
      NAME 'radiusCallbackId'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.5
      NAME 'radiusCallbackNumber'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.6
      NAME 'radiusCalledStationId'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.7
      NAME 'radiusCallingStationId'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.8
      NAME 'radiusClass'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.45
     NAME 'radiusClientIPAddress'
     DESC ''
     EQUALITY caseIgnoreIA5Match
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
     SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.9
      NAME 'radiusFilterId'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.10
      NAME 'radiusFramedAppleTalkLink'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.11
      NAME 'radiusFramedAppleTalkNetwork'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.12
      NAME 'radiusFramedAppleTalkZone'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.13
      NAME 'radiusFramedCompression'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.14
      NAME 'radiusFramedIPAddress'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.15
      NAME 'radiusFramedIPNetmask'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.16
      NAME 'radiusFramedIPXNetwork'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.17
      NAME 'radiusFramedMTU'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.18
      NAME 'radiusFramedProtocol'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.19
      NAME 'radiusFramedRoute'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.20
      NAME 'radiusFramedRouting'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.46
      NAME 'radiusGroupName'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.47
      NAME 'radiusHint'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.48
      NAME 'radiusHuntgroupName'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.21
      NAME 'radiusIdleTimeout'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.22
      NAME 'radiusLoginIPHost'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.23
      NAME 'radiusLoginLATGroup'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.24
      NAME 'radiusLoginLATNode'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.25
      NAME 'radiusLoginLATPort'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.26
      NAME 'radiusLoginLATService'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.27
      NAME 'radiusLoginService'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.28
      NAME 'radiusLoginTCPPort'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.29
      NAME 'radiusPasswordRetry'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.30
      NAME 'radiusPortLimit'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.49
      NAME 'radiusProfileDn'
      DESC ''
      EQUALITY distinguishedNameMatch
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.31
      NAME 'radiusPrompt'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.50
      NAME 'radiusProxyToRealm'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.51
      NAME 'radiusReplicateToRealm'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.52
      NAME 'radiusRealm'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.32
      NAME 'radiusServiceType'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.33
      NAME 'radiusSessionTimeout'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.34
      NAME 'radiusTerminationAction'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.35
      NAME 'radiusTunnelAssignmentId'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.36
      NAME 'radiusTunnelMediumType'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.37
      NAME 'radiusTunnelPassword'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.38
      NAME 'radiusTunnelPreference'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.39
      NAME 'radiusTunnelPrivateGroupId'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.40
      NAME 'radiusTunnelServerEndpoint'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.41
      NAME 'radiusTunnelType'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.42
      NAME 'radiusVSA'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.43
      NAME 'radiusTunnelClientEndpoint'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
   )


#need to change asn1.id
attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.53
      NAME 'radiusSimultaneousUse'
      DESC ''
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.54
      NAME 'radiusLoginTime'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.55
      NAME 'radiusUserCategory'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.56
      NAME 'radiusStripUserName'
      DESC ''
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.57
      NAME 'dialupAccess'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.58
      NAME 'radiusExpiration'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.59
      NAME 'radiusCheckItem'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.60
      NAME 'radiusReplyItem'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.61
      NAME 'radiusNASIpAddress'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )

attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.62
      NAME 'radiusReplyMessage'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
   )


objectclass
   ( 1.3.6.1.4.1.3317.4.3.2.1
      NAME 'radiusprofile'
      SUP top AUXILIARY
      DESC ''
      MUST cn
      MAY ( radiusArapFeatures $ radiusArapSecurity $ radiusArapZoneAccess $
            radiusAuthType $ radiusCallbackId $ radiusCallbackNumber $
            radiusCalledStationId $ radiusCallingStationId $ radiusClass $
            radiusClientIPAddress $ radiusFilterId $ radiusFramedAppleTalkLink $
            radiusFramedAppleTalkNetwork $ radiusFramedAppleTalkZone $
            radiusFramedCompression $ radiusFramedIPAddress $
            radiusFramedIPNetmask $ radiusFramedIPXNetwork $
            radiusFramedMTU $ radiusFramedProtocol $
	    radiusCheckItem $ radiusReplyItem $
            radiusFramedRoute $ radiusFramedRouting $ radiusIdleTimeout $
            radiusGroupName $ radiusHint $ radiusHuntgroupName $
            radiusLoginIPHost $ radiusLoginLATGroup $ radiusLoginLATNode $
            radiusLoginLATPort $ radiusLoginLATService $ radiusLoginService $
            radiusLoginTCPPort $ radiusLoginTime $ radiusPasswordRetry $
            radiusPortLimit $ radiusPrompt $ radiusProxyToRealm $
            radiusRealm $ radiusReplicateToRealm $ radiusServiceType $
            radiusSessionTimeout $ radiusStripUserName $
            radiusTerminationAction $ radiusTunnelClientEndpoint $ radiusProfileDn $
            radiusSimultaneousUse $ radiusTunnelAssignmentId $
            radiusTunnelMediumType $ radiusTunnelPassword $ radiusTunnelPreference $
            radiusTunnelPrivateGroupId $ radiusTunnelServerEndpoint $
            radiusTunnelType $ radiusUserCategory $ radiusVSA $
            radiusExpiration $ dialupAccess $ radiusNASIpAddress $
            radiusReplyMessage )
   )

objectclass
  ( 1.3.6.1.4.1.3317.4.3.2.2
	NAME 'radiusObjectProfile'
	SUP top STRUCTURAL
	DESC 'A Container Objectclass to be used for creating radius profile object'
	MUST cn
	MAY ( uid $ userPassword $ description )
  )
schema/kerberosobject.schema000064400000000000000000000006301223445131100164740ustar00rootroot00000000000000# Depends upon core.schema and cosine.schema

# OID Base is 1.3.6.1.4.1.2312.4
#
# Attribute types are under 1.3.6.1.4.1.2312.4.1
# Object classes are under 1.3.6.1.4.1.2312.4.2
# Syntaxes are under 1.3.6.1.4.1.2312.4.3

# Attribute Type Definitions

objectclass ( 1.3.6.1.4.1.2312.4.2.4 NAME 'kerberosSecurityObject' SUP top AUXILIARY
	DESC 'A uid with an associated Kerberos principal'
	MUST ( krbName ) )
schema/mull.schema000064400000000000000000000046761223445131100144600ustar00rootroot00000000000000
#	mull.schema	(Maaslandse Unix & Linux Laboratorium)

#	This schema file is experimental and may change
#	All OID's use the MULL PEN of 7081 as assigned by IANA
#	Version 20000920

#	Thanks for the important imput and improvements goes to:
#	Laurent ARNAL <laurent@arnal.fr.eu.org>
#		Netscape roaming Profiles
#	Kurt D. Zeilenga <Kurt@OpenLDAP.org>
#		Corrections and general remarks that brought me up to speed
#		with LDAP and the way OpenLDAP uses schema files and such.

#	This schema requires that the core schema is loaded


# Used to store Netscape Roaming Profile information into OpenLDAP v2.
# This stores the actual profile name into the database.
attributeType ( 1.3.6.1.4.1.7081.1.1.1
	NAME 'nsLIProfileName'
	DESC 'Store Netscape Roaming Profile name'
	EQUALITY caseIgnoreMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

# Used to store Netscape Roaming Profile information into OpenLDAP v2.
attributeType ( 1.3.6.1.4.1.7081.1.1.2
	NAME 'nsLIPrefs'
	DESC 'Store Netscape Roaming Profile preferences'
	EQUALITY caseExactIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

# Used to store Netscape Roaming Profile information into OpenLDAP v2.
attributeType ( 1.3.6.1.4.1.7081.1.1.3
	NAME 'nsLIElementType'
	DESC ''
	EQUALITY caseIgnoreMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

# Used to store Netscape Roaming Profile information into OpenLDAP v2.
attributeType ( 1.3.6.1.4.1.7081.1.1.4
	NAME 'nsLIData'
	DESC 'Store the actual data blocks'
	EQUALITY bitStringMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

# Used to store Netscape Roaming Profile information into OpenLDAP v2.
attributeType ( 1.3.6.1.4.1.7081.1.1.5
	NAME 'nsLIVersion'
	DESC 'Store Netscape Roaming Profile version'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )

# Used to store Netscape Roaming Profile information into OpenLDAP v2.
# This is the base holder of the Roaming Profile and must be created before
# you try to store information into the LDAP database.
objectClass ( 1.3.6.1.4.1.7081.1.2.1
	NAME 'nsLIProfile'
	DESC 'Base holder of the NetScape Roaming Profile'
	SUP top
	MUST ( objectClass $ nsLIProfileName ) 
	MAY ( nsLIPrefs $ uid $ owner )
	)

# Used to store Netscape Roaming Profile information into OpenLDAP v2.
# This object class will store the actual data.
objectClass ( 1.3.6.1.4.1.7081.1.2.2
	NAME 'nsLIProfileElement'
	DESC 'Contains the actual Roaming Profile data'
	SUP top
	MUST ( objectClass $ nsLIElementType ) 
	MAY ( owner $ nsLIData $ nsLIVersion )
	)

# EOF
schema/netscape-profile.schema000064400000000000000000000037021223445131100167340ustar00rootroot00000000000000#
# An OpenLDAP schema for storing Netscape Roaming Profiles
#
# Version: 0.1
# Hacked up by: David E. Storey <David.Storey@eyeo.com>
# Created: Sometime in Septmber, 2000
# Last Updated: December 1st, 2000
#
# ns-core

attributetype ( 2.16.840.1.113730.3.1.70 NAME 'serverRoot'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributetype ( 2.16.840.1.113730.3.1.76 NAME 'serverHostName'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributetype ( 2.16.840.1.113730.3.1.280 NAME 'nsServerPort'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )

# ns-mcd-li

# Attributes

attributetype ( 2.16.840.1.113730.3.1.399 NAME 'nsLIPtrURL'
	EQUALITY caseExactMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributetype ( 2.16.840.1.113730.3.1.400 NAME 'nsLIPrefs'
	EQUALITY caseExactMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributetype ( 2.16.840.1.113730.3.1.401 NAME 'nsLIProfileName'
	EQUALITY caseIgnoreMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributetype ( 2.16.840.1.113730.3.1.402 NAME 'nsLIData'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )

attributetype ( 2.16.840.1.113730.3.1.403 NAME 'nsLIElementType'
	EQUALITY caseIgnoreMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributetype ( 2.16.840.1.113730.3.1.404 NAME 'nsLIServerType'
	EQUALITY caseIgnoreMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributetype ( 2.16.840.1.113730.3.1.405 NAME 'nsLIVersion'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )

# Objectclasses

objectclass ( 2.16.840.1.113730.3.2.74 NAME 'nsLIPtr' SUP top
	AUXILIARY MAY ( nsLIPtrURL $ owner ) )

objectclass ( 2.16.840.1.113730.3.2.75 NAME 'nsLIProfile' SUP top
	STRUCTURAL MUST ( nsLIProfileName )
	MAY ( nsLIPrefs $ uid $ owner ) )

objectclass ( 2.16.840.1.113730.3.2.76 NAME 'nsLIProfileElement' SUP top
	STRUCTURAL MUST ( nsLIElementType )
	MAY ( owner $ nsLIData $ nsLIVersion ) )

objectclass ( 2.16.840.1.113730.3.2.77 NAME 'nsLIServer' SUP top
	AUXILIARY MUST ( serverHostName )
	MAY ( description $ cn $ nsServerPort $ nsLIServerType $ serverRoot ) )

schema/qmail.schema000064400000000000000000000225431223445131100146030ustar00rootroot00000000000000#
# qmail-ldap (20030901) ldapv3 directory schema
#
# The offical qmail-ldap OID assigned by IANA is 7914
#
# Created by: David E. Storey <dave@tamos.net>
# Modified and included into qmail-ldap by Andre Oppermann <opi@nrg4u.com>
# Schema fixes by Mike Jackson <mjj@pp.fi>
# Schema fixes by Christian Zoffoli (XMerlin) <czoffoli@xmerlin.org>
#
#
# This schema depends on:
#	- core.schema
#	- cosine.schema
#	- nis.schema
#

# Attribute Type Definitions

attributetype ( 1.3.6.1.4.1.7914.1.2.1.1 NAME 'qmailUID'
	DESC 'UID of the user on the mailsystem'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7914.1.2.1.2 NAME 'qmailGID'
	DESC 'GID of the user on the mailsystem'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7914.1.2.1.3 NAME 'mailMessageStore'
	DESC 'Path to the maildir/mbox on the mail system'
	EQUALITY caseExactIA5Match
	SUBSTR caseIgnoreIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7914.1.2.1.4 NAME 'mailAlternateAddress'
	DESC 'Secondary (alias) mailaddresses for the same user'
	EQUALITY caseIgnoreIA5Match
	SUBSTR caseIgnoreIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

#
# mailQuota format is no longer supported from qmail-ldap 20030901 on,
# user mailQuotaSize and mailQuotaCount instead.
#
#attributetype ( 1.3.6.1.4.1.7914.1.2.1.5 NAME 'mailQuota'
#	DESC 'The amount of space the user can use until all further messages get bounced.'
#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 SINGLE-VALUE )
#

attributetype ( 1.3.6.1.4.1.7914.1.2.1.6 NAME 'mailHost'
	DESC 'On which qmail server the messagestore of this user is located.'
	EQUALITY caseIgnoreIA5Match
	SUBSTR caseIgnoreIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} SINGLE-VALUE)

attributetype ( 1.3.6.1.4.1.7914.1.2.1.7 NAME 'mailForwardingAddress'
	DESC 'Address(es) to forward all incoming messages to.'
	EQUALITY caseIgnoreIA5Match
	SUBSTR caseIgnoreIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

attributetype ( 1.3.6.1.4.1.7914.1.2.1.8 NAME 'deliveryProgramPath'
	DESC 'Program to execute for all incoming mails.'
	EQUALITY caseExactIA5Match
	SUBSTR caseIgnoreIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

attributetype ( 1.3.6.1.4.1.7914.1.2.1.9 NAME 'qmailDotMode'
	DESC 'Interpretation of .qmail files: both, dotonly, ldaponly, ldapwithprog'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7914.1.2.1.10 NAME 'deliveryMode'
	DESC 'multi field entries of: nolocal, noforward, noprogram, reply'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} )

attributetype ( 1.3.6.1.4.1.7914.1.2.1.11 NAME 'mailReplyText'
	DESC 'A reply text for every incoming message'
	EQUALITY caseIgnoreMatch
	SUBSTR caseIgnoreSubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{4096} SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7914.1.2.1.12 NAME 'accountStatus'
	DESC 'The status of a user account: active, noaccess, disabled, deleted'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7914.1.2.1.14 NAME 'qmailAccountPurge'
        DESC 'The earliest date when a mailMessageStore will be purged'
        EQUALITY numericStringMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.36 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7914.1.2.1.15 NAME 'mailQuotaSize'
	DESC 'The size of space the user can have until further messages get bounced.'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7914.1.2.1.16 NAME 'mailQuotaCount'
	DESC 'The number of messages the user can have until further messages get bounced.'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7914.1.2.1.17 NAME 'mailSizeMax'
	DESC 'The maximum size of a single messages the user accepts.'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

#
# qmailGroup attributes
#

attributetype ( 1.3.6.1.4.1.7914.1.3.1.1 NAME 'dnmember'
	DESC 'Group member specified as distinguished name.'
	EQUALITY distinguishedNameMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )

attributetype ( 1.3.6.1.4.1.7914.1.3.1.2 NAME 'rfc822member'
	DESC 'Group member specified as normal rf822 email address.'
	EQUALITY caseIgnoreIA5Match
	SUBSTR caseIgnoreIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

attributetype ( 1.3.6.1.4.1.7914.1.3.1.3 NAME 'filtermember'
	DESC 'Group member specified as ldap search filter.'
	EQUALITY caseIgnoreIA5Match
	SUBSTR caseIgnoreIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{512} )

attributetype ( 1.3.6.1.4.1.7914.1.3.1.4 NAME 'senderconfirm'
	DESC 'Sender to Group has to answer confirmation email.'
	EQUALITY booleanMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7914.1.3.1.5 NAME 'membersonly'
	DESC 'Sender to Group must be group member itself.'
	EQUALITY booleanMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7914.1.3.1.6 NAME 'confirmtext'
	DESC 'Text that will be sent with sender confirmation email.'
	EQUALITY caseIgnoreMatch
	SUBSTR caseIgnoreSubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{4096} SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7914.1.3.1.7 NAME 'dnmoderator'
	DESC 'Group moderator specified as Distinguished name.'
	EQUALITY distinguishedNameMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )

attributetype ( 1.3.6.1.4.1.7914.1.3.1.8 NAME 'rfc822moderator'
	DESC 'Group moderator specified as normal rfc822 email address.'
	EQUALITY caseIgnoreIA5Match
	SUBSTR caseIgnoreIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

attributetype ( 1.3.6.1.4.1.7914.1.3.1.9 NAME 'moderatortext'
	DESC 'Text that will be sent with request for moderation email.'
	EQUALITY caseIgnoreMatch
	SUBSTR caseIgnoreSubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{4096} SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7914.1.3.1.10 NAME 'dnsender'
	DESC 'Allowed sender specified as distinguished name.'
	EQUALITY distinguishedNameMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )

attributetype ( 1.3.6.1.4.1.7914.1.3.1.11 NAME 'rfc822sender'
	DESC 'Allowed sender specified as normal rf822 email address.'
	EQUALITY caseIgnoreIA5Match
	SUBSTR caseIgnoreIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

attributetype ( 1.3.6.1.4.1.7914.1.3.1.12 NAME 'filtersender'
	DESC 'Allowed sender specified as ldap search filter.'
	EQUALITY caseIgnoreIA5Match
	SUBSTR caseIgnoreIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{512} )


#
# qldapAdmin Attributes
#

attributetype ( 1.3.6.1.4.1.7914.1.4.1.1 NAME 'qladnmanager'
	DESC ''
	EQUALITY distinguishedNameMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )

attributetype ( 1.3.6.1.4.1.7914.1.4.1.2 NAME 'qlaDomainList'
	DESC ''
	EQUALITY caseIgnoreIA5Match
	SUBSTR caseIgnoreIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

attributetype ( 1.3.6.1.4.1.7914.1.4.1.3 NAME 'qlaUidPrefix'
	DESC ''
	EQUALITY caseIgnoreIA5Match
	SUBSTR caseIgnoreIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7914.1.4.1.4 NAME 'qlaQmailUid'
	DESC ''
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7914.1.4.1.5 NAME 'qlaQmailGid'
	DESC ''
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7914.1.4.1.6 NAME 'qlaMailMStorePrefix'
	DESC ''
	EQUALITY caseIgnoreIA5Match
	SUBSTR caseIgnoreIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7914.1.4.1.7 NAME 'qlaMailQuotaSize'
	DESC ''
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7914.1.4.1.8 NAME 'qlaMailQuotaCount'
	DESC ''
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7914.1.4.1.9 NAME 'qlaMailSizeMax'
	DESC ''
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7914.1.4.1.10 NAME 'qlaMailHostList'
	DESC ''
	EQUALITY caseIgnoreIA5Match
	SUBSTR caseIgnoreIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )


# Object Class Definitions

objectclass ( 1.3.6.1.4.1.7914.1.2.2.1 NAME 'qmailUser'
	DESC 'QMail-LDAP User'
	SUP top
	AUXILIARY
	MUST ( mail )
	MAY ( uid $ mailMessageStore $ homeDirectory $ userPassword $
	      mailAlternateAddress $ qmailUID $ qmailGID $
	      mailHost $ mailForwardingAddress $ deliveryProgramPath $
	      qmailDotMode $ deliveryMode $ mailReplyText $
	      accountStatus $ qmailAccountPurge $ 
	      mailQuotaSize $ mailQuotaCount $ mailSizeMax ) )

objectclass ( 1.3.6.1.4.1.7914.1.3.2.1 NAME 'qmailGroup'
	DESC 'QMail-LDAP Group'
	SUP top
	AUXILIARY
	MUST ( mail $ mailAlternateAddress $ mailMessageStore )
	MAY ( dnmember $ rfc822member $ filtermember $ senderconfirm $
	      membersonly $ confirmtext $ dnmoderator $ rfc822moderator $
	      moderatortext $ dnsender $ rfc822sender $ filtersender) )

objectclass ( 1.3.6.1.4.1.7914.1.4.2.1 NAME 'qldapAdmin'
	DESC 'QMail-LDAP Subtree Admin'
	SUP top
	AUXILIARY
	MUST ( qlaDnManager $ qlaDomainList $ qlaMailMStorePrefix $
	       qlaMailHostList )
	MAY ( qlaUidPrefix $ qlaQmailUid $ qlaQmailGid $ qlaMailQuotaSize $
	      qlaMailQuotaCount $ qlaMailSizeMax ) )

schema/qmailControl.schema000064400000000000000000000244641223445131100161500ustar00rootroot00000000000000# Attributes that are qmail specific

attributetype ( 1.3.6.1.4.1.7006.1.2.1.13 NAME 'badMailFrom'
	DESC 'Unacceptable envelope sender addresses.'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.14 NAME 'bounceFrom'
	DESC 'Bounce username'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.15 NAME 'bounceHost'
	DESC 'Bounce host'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.16 NAME 'concurrencyLocal'
	DESC 'Maximum number of simultaneous local delivery attempts.'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.17 NAME 'concurrencyRemote'
	DESC 'Maximum number of simultaneous remote delivery attempts.'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.18 NAME 'defaultDomain'
	DESC 'Default domain name.'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.19 NAME 'defaultHost'
	DESC 'Default host name.'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.20 NAME 'dataBytes'
	DESC 'Maximum number of bytes allowed in a message, or 0 for no limit.'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.21 NAME 'doubleBounceHost'
	DESC 'Double-bounce host.'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.22 NAME 'doubleBounceTo'
	DESC 'User to receive double-bounces.'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.23 NAME 'envNoAtHost'
	DESC 'Presumed domain name for addresses without @ signs.'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.24 NAME 'heloHost'
	DESC 'Host name used to say hello to the remote SMTP server.'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE  )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.25 NAME 'idHost'
	DESC 'Host name for Message-IDs.'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.26 NAME 'localIpHost'
	DESC 'Replacement host name for local IP addresses.'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.27 NAME 'locals'
	DESC 'List of domain names that the current host receives mail for.'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.28 NAME 'moreRcptHosts'
	DESC 'Extra allowed RCPT domains.'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.29 NAME 'percentHack'
	DESC 'List of domain names where the percent hack is applied.'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.30 NAME 'plusDomain'
	DESC 'Plus domain name.'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.31 NAME 'qmqpServers'
	DESC 'IP addresses of QMQP servers.'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.32 NAME 'queueLifetime'
	DESC 'Number of seconds a message can stay in the queue.'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.33 NAME 'rcptHosts'
	DESC 'Allowed RCPT domains.'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.34 NAME 'smtpGreeting'
	DESC 'SMTP greeting message.'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.35 NAME 'smtpRoutes'
	DESC 'Artificial SMTP routes.'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.36 NAME 'timeoutConnect'
	DESC 'Number of seconds qmail-remote will wait for the remote SMTP server to accept a connection.'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.37 NAME 'timeoutRemote'
	DESC 'Number of seconds qmail-remote will wait for each response from the remote SMTP server.'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.38 NAME 'timeoutSmtpd'
	DESC 'Timeout for each new buffer of data from the remote SMTP client.'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.39 NAME 'virtualDomains'
	DESC 'List of virtual users or domains.'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

# Attributes from qmail-ldap

attributetype ( 1.3.6.1.4.1.7006.1.2.1.40 NAME 'ldapBaseDN'
	DESC 'The base DN from where the search in the LDAP tree begins.'
	EQUALITY caseIgnoreIA5Match
	SUP distinguishedName SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.41 NAME 'ldapLogin'
	DESC 'Username for the LDAP server connection.'
	EQUALITY caseIgnoreIA5Match
	SUP distinguishedName SINGLE-VALUE )  

attributetype ( 1.3.6.1.4.1.7006.1.2.1.42 NAME 'ldapPassword'
	DESC 'Password for the LDAP server connection.'
	EQUALITY caseExactMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.43 NAME 'ldapLocalDelivery'
	DESC 'If on do a lookup on the local passwd file.'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.44 NAME 'ldapRebind'
	DESC 'Use the possibility of rebinding to the ldap-server to compare pop3 and imap passwords.'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.45 NAME 'ldapCluster'
	DESC 'Turn clustering on and off.'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.46 NAME 'ldapDefaultQuota'
	DESC 'The default amount of disk space the user can use.'
	EQUALITY caseExactIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.47 NAME 'ldapDefaultDotMode'
	DESC 'The default interpretation of .qmail files'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.48 NAME 'ldapMessageStore'
	DESC 'The default prefix for pathes in mailMessageStore.'
	EQUALITY caseExactIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.49 NAME 'ldapUid'
	DESC 'The default UID used in virtual users environments.'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.50 NAME 'ldapGid'
	DESC 'The default GID used in virtual users environments.'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.51 NAME 'customBounceText'
	DESC 'Additional custom text in bounce messages.'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.52 NAME 'quotaWarning'
	DESC 'Custom text in quota warning message.'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.53 NAME 'tarpitCount'
	DESC 'Number of RCPT TOs you accept before you start tarpitting.'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.54 NAME 'tarpitDelay'
	DESC 'Number of seconds of delay to introduce after each subsequent RCPT TO'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.55 NAME 'badRcptTo'
	DESC 'List of recipient addresses that should be rejected.'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.56 NAME 'dirMaker'
	DESC 'Absolute path to your program/script that creates missing homedirs.'
	EQUALITY caseExactIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7006.1.2.1.57 NAME 'ldapServer'
	DESC 'LDAP Server address.'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

# Attributes from TLS

attributetype ( 1.3.6.1.4.1.7006.1.2.1.58 NAME 'tlsClients'
	DESC 'This email-address is logged in the headers.'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

# Support for this have to be coded first
#attributetype ( 1.3.6.1.4.1.7006.1.2.1.59 NAME 'certificateFile'
#	DESC 'Path to the cert.pem file.'
#	EQUALITY caseExactIA5Match
#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
# -> Example: /var/qmail/control/cert.pem
#	
#attributetype ( 1.3.6.1.4.1.7006.1.2.1.60 NAME 'certificateFile'
#	DESC 'Path to the cert.pem file.'
#	EQUALITY caseExactIA5Match
#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
# -> Example: /var/qmail/control/rsa512.pem
#	
#attributetype ( 1.3.6.1.4.1.7006.1.2.1.61 NAME 'clientCAFile'
#	DESC 'Path to the certificate CA list file.'
#	EQUALITY caseExactIA5Match
#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
# -> Example: /var/qmail/control/clientca.pem
#	

# Object Class Definitions

objectclass ( 1.3.6.1.4.1.7006.1.2.2.2 NAME 'qmailControl'
        DESC 'QMail-LDAP Server Control Information' SUP top AUXILIARY
	MUST cn
        MAY ( badMailFrom $ bounceFrom $ bounceHost $ concurrencyLocal $
	      concurrencyRemote $ defaultDomain $ defaultHost $ dataBytes $
	      doubleBounceHost $ doubleBounceTo $ envNoAtHost $ heloHost $
	      idHost $ localIpHost $ locals $ moreRcptHosts $ percentHack $
	      plusDomain $ qmqpServers $ queueLifetime $ rcptHosts $
	      smtpGreeting $ smtpRoutes $ timeoutConnect $ timeoutRemote $
	      timeoutSmtpd $ virtualDomains $ ldapBaseDN $ ldapLogin $
	      ldapPassword $ ldapLocalDelivery $ ldapRebind $ ldapCluster $
	      ldapDefaultQuota $ ldapDefaultDotMode $ ldapMessageStore $
	      ldapUid $ ldapGid $ customBounceText $ quotaWarning $
	      tarpitCount $ tarpitDelay $ badRcptTo $ dirMaker $ ldapServer $
	      tlsClients ) )
schema/rfc822-MailMember.schema000064400000000000000000000006011223445131100165050ustar00rootroot00000000000000attributetype
   ( 1.3.6.1.4.1.42.2.27.2.1.15
      NAME 'rfc822MailMember'
      DESC 'rfc822 mail address of group member(s)'
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 
   )
objectclass ( 1.3.6.1.4.1.42.2.27.1.2.5
        NAME 'nisMailAlias'
        SUP top STRUCTURAL
        DESC 'NIS mail alias'
        MUST cn
        MAY rfc822MailMember )


schema/samba2.schema000064400000000000000000000103521223445131100146400ustar00rootroot00000000000000##
## schema file for OpenLDAP 2.0.x
## Schema for storing Samba's smbpasswd file in LDAP
## OIDs are owned by the Samba Team
##
## Prerequisite schemas - uid (cosine.schema)
##                      - displayName (inetorgperson.schema)
##
## 1.3.6.1.4.1.7165.2.1.x - attributetypes
## 1.3.6.1.4.1.7165.2.2.x - objectclasses
##

##
## Password hashes
##
attributetype ( 1.3.6.1.4.1.7165.2.1.1 NAME 'lmPassword'
	DESC 'LanManager Passwd'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.2 NAME 'ntPassword'
	DESC 'NT Passwd'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE )

##
## Account flags in string format ([UWDX     ])
##
attributetype ( 1.3.6.1.4.1.7165.2.1.4 NAME 'acctFlags'
	DESC 'Account Flags'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{16} SINGLE-VALUE )

## 
## Password timestamps & policies
##
attributetype ( 1.3.6.1.4.1.7165.2.1.3 NAME 'pwdLastSet'
	DESC 'NT pwdLastSet'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.5 NAME 'logonTime'
	DESC 'NT logonTime'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.6 NAME 'logoffTime'
	DESC 'NT logoffTime'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.7 NAME 'kickoffTime'
	DESC 'NT kickoffTime'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.8 NAME 'pwdCanChange'
	DESC 'NT pwdCanChange'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.9 NAME 'pwdMustChange'
	DESC 'NT pwdMustChange'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

##
## string settings
##
attributetype ( 1.3.6.1.4.1.7165.2.1.10 NAME 'homeDrive'
	DESC 'NT homeDrive'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{4} SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.11 NAME 'scriptPath'
	DESC 'NT scriptPath'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{255} SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.12 NAME 'profilePath'
	DESC 'NT profilePath'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{255} SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.13 NAME 'userWorkstations'
	DESC 'userWorkstations'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{255} SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.17 NAME 'smbHome'
	DESC 'smbHome'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )

attributetype ( 1.3.6.1.4.1.7165.2.1.18 NAME 'domain'
	DESC 'Windows NT domain to which the user belongs'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )

##
## user and group RID
##
attributetype ( 1.3.6.1.4.1.7165.2.1.14 NAME 'rid'
	DESC 'NT rid'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.15 NAME 'primaryGroupID'
	DESC 'NT Group RID'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

##
## The smbPasswordEntry objectclass has been depreciated in favor of the
## sambaAccount objectclass
##
#objectclass ( 1.3.1.5.1.4.1.7165.2.2.1 NAME 'smbPasswordEntry' SUP top AUXILIARY
#        DESC 'Samba smbpasswd entry'
#        MUST ( uid $ uidNumber )
#        MAY  ( lmPassword $ ntPassword $ pwdLastSet $ acctFlags ))

objectclass ( 1.3.1.5.1.4.1.7165.2.2.2 NAME 'sambaAccount' SUP top STRUCTURAL
	DESC 'Samba Account'
	MUST ( uid $ rid ) 
	MAY  ( cn $ lmPassword $ ntPassword $ pwdLastSet $ logonTime $
               logoffTime $ kickoffTime $ pwdCanChange $ pwdMustChange $ acctFlags $ 
               displayName $ smbHome $ homeDrive $ scriptPath $ profilePath $
               description $ userWorkstations $ primaryGroupID $ domain ))

##
## Used for Winbind experimentation
##
objectclass ( 1.3.1.5.1.4.1.7165.1.2.2.3 NAME 'uidPool' SUP top AUXILIARY
	DESC 'Pool for allocating UNIX uids'
	MUST ( uidNumber $ cn ) )

objectclass ( 1.3.1.5.1.4.1.7165.1.2.2.4 NAME 'gidPool' SUP top AUXILIARY
	DESC 'Pool for allocating UNIX gids'
	MUST ( gidNumber $ cn ) )

schema/samba3.schema000064400000000000000000000457401223445131100146520ustar00rootroot00000000000000##
## schema file for OpenLDAP 2.x
## Schema for storing Samba user accounts and group maps in LDAP
## OIDs are owned by the Samba Team
##
## Prerequisite schemas - uid         (cosine.schema)
##                      - displayName (inetorgperson.schema)
##                      - gidNumber   (nis.schema)
##
## 1.3.6.1.4.1.7165.2.1.x - attributetypes
## 1.3.6.1.4.1.7165.2.2.x - objectclasses
##
## Printer support
## 1.3.6.1.4.1.7165.2.3.1.x - attributetypes
## 1.3.6.1.4.1.7165.2.3.2.x - objectclasses
##
## Samba4
## 1.3.6.1.4.1.7165.4.1.x - attributetypes
## 1.3.6.1.4.1.7165.4.2.x - objectclasses
## 1.3.6.1.4.1.7165.4.3.x - LDB/LDAP Controls
## 1.3.6.1.4.1.7165.4.4.x - LDB/LDAP Extended Operations
## 1.3.6.1.4.1.7165.4.255.x - mapped OIDs due to conflicts between AD and standards-track
##
## ----- READ THIS WHEN ADDING A NEW ATTRIBUTE OR OBJECT CLASS ------
##
## Run the 'get_next_oid' bash script in this directory to find the 
## next available OID for attribute type and object classes.
##
##   $ ./get_next_oid
##   attributetype ( 1.3.6.1.4.1.7165.2.1.XX NAME ....
##   objectclass ( 1.3.6.1.4.1.7165.2.2.XX NAME ....
##
## Also ensure that new entries adhere to the declaration style
## used throughout this file
##
##    <attributetype|objectclass> ( 1.3.6.1.4.1.7165.2.XX.XX NAME ....
##                               ^ ^                        ^
##
## The spaces are required for the get_next_oid script (and for 
## readability).
##
## ------------------------------------------------------------------

# objectIdentifier SambaRoot 1.3.6.1.4.1.7165
# objectIdentifier Samba3 SambaRoot:2
# objectIdentifier Samba3Attrib Samba3:1
# objectIdentifier Samba3ObjectClass Samba3:2
# objectIdentifier Samba4 SambaRoot:4

########################################################################
##                            HISTORICAL                              ##
########################################################################

##
## Password hashes
##
#attributetype ( 1.3.6.1.4.1.7165.2.1.1 NAME 'lmPassword'
#	DESC 'LanManager Passwd'
#	EQUALITY caseIgnoreIA5Match
#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE )

#attributetype ( 1.3.6.1.4.1.7165.2.1.2 NAME 'ntPassword'
#	DESC 'NT Passwd'
#	EQUALITY caseIgnoreIA5Match
#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE )

##
## Account flags in string format ([UWDX     ])
##
#attributetype ( 1.3.6.1.4.1.7165.2.1.4 NAME 'acctFlags'
#	DESC 'Account Flags'
#	EQUALITY caseIgnoreIA5Match
#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{16} SINGLE-VALUE )

##
## Password timestamps & policies
##
#attributetype ( 1.3.6.1.4.1.7165.2.1.3 NAME 'pwdLastSet'
#	DESC 'NT pwdLastSet'
#	EQUALITY integerMatch
#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

#attributetype ( 1.3.6.1.4.1.7165.2.1.5 NAME 'logonTime'
#	DESC 'NT logonTime'
#	EQUALITY integerMatch
#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

#attributetype ( 1.3.6.1.4.1.7165.2.1.6 NAME 'logoffTime'
#	DESC 'NT logoffTime'
#	EQUALITY integerMatch
#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

#attributetype ( 1.3.6.1.4.1.7165.2.1.7 NAME 'kickoffTime'
#	DESC 'NT kickoffTime'
#	EQUALITY integerMatch
#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

#attributetype ( 1.3.6.1.4.1.7165.2.1.8 NAME 'pwdCanChange'
#	DESC 'NT pwdCanChange'
#	EQUALITY integerMatch
#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

#attributetype ( 1.3.6.1.4.1.7165.2.1.9 NAME 'pwdMustChange'
#	DESC 'NT pwdMustChange'
#	EQUALITY integerMatch
#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

##
## string settings
##
#attributetype ( 1.3.6.1.4.1.7165.2.1.10 NAME 'homeDrive'
#	DESC 'NT homeDrive'
#	EQUALITY caseIgnoreIA5Match
#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{4} SINGLE-VALUE )

#attributetype ( 1.3.6.1.4.1.7165.2.1.11 NAME 'scriptPath'
#	DESC 'NT scriptPath'
#	EQUALITY caseIgnoreIA5Match
#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{255} SINGLE-VALUE )

#attributetype ( 1.3.6.1.4.1.7165.2.1.12 NAME 'profilePath'
#	DESC 'NT profilePath'
#	EQUALITY caseIgnoreIA5Match
#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{255} SINGLE-VALUE )

#attributetype ( 1.3.6.1.4.1.7165.2.1.13 NAME 'userWorkstations'
#	DESC 'userWorkstations'
#	EQUALITY caseIgnoreIA5Match
#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{255} SINGLE-VALUE )

#attributetype ( 1.3.6.1.4.1.7165.2.1.17 NAME 'smbHome'
#	DESC 'smbHome'
#	EQUALITY caseIgnoreIA5Match
#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )

#attributetype ( 1.3.6.1.4.1.7165.2.1.18 NAME 'domain'
#	DESC 'Windows NT domain to which the user belongs'
#	EQUALITY caseIgnoreIA5Match
#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )

##
## user and group RID
##
#attributetype ( 1.3.6.1.4.1.7165.2.1.14 NAME 'rid'
#	DESC 'NT rid'
#	EQUALITY integerMatch
#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

#attributetype ( 1.3.6.1.4.1.7165.2.1.15 NAME 'primaryGroupID'
#	DESC 'NT Group RID'
#	EQUALITY integerMatch
#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

##
## The smbPasswordEntry objectclass has been depreciated in favor of the
## sambaAccount objectclass
##
#objectclass ( 1.3.6.1.4.1.7165.2.2.1 NAME 'smbPasswordEntry' SUP top AUXILIARY
#        DESC 'Samba smbpasswd entry'
#        MUST ( uid $ uidNumber )
#        MAY  ( lmPassword $ ntPassword $ pwdLastSet $ acctFlags ))

#objectclass ( 1.3.6.1.4.1.7165.2.2.2 NAME 'sambaAccount' SUP top STRUCTURAL
#	DESC 'Samba Account'
#	MUST ( uid $ rid )
#	MAY  ( cn $ lmPassword $ ntPassword $ pwdLastSet $ logonTime $
#               logoffTime $ kickoffTime $ pwdCanChange $ pwdMustChange $ acctFlags $
#               displayName $ smbHome $ homeDrive $ scriptPath $ profilePath $
#               description $ userWorkstations $ primaryGroupID $ domain ))

#objectclass ( 1.3.6.1.4.1.7165.2.2.3 NAME 'sambaAccount' SUP top AUXILIARY
#	DESC 'Samba Auxiliary Account'
#	MUST ( uid $ rid )
#	MAY  ( cn $ lmPassword $ ntPassword $ pwdLastSet $ logonTime $
#              logoffTime $ kickoffTime $ pwdCanChange $ pwdMustChange $ acctFlags $
#              displayName $ smbHome $ homeDrive $ scriptPath $ profilePath $
#              description $ userWorkstations $ primaryGroupID $ domain ))

########################################################################
##                        END OF HISTORICAL                           ##
########################################################################

#######################################################################
##                Attributes used by Samba 3.0 schema                ##
#######################################################################

##
## Password hashes
##
attributetype ( 1.3.6.1.4.1.7165.2.1.24 NAME 'sambaLMPassword'
	DESC 'LanManager Password'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.25 NAME 'sambaNTPassword'
	DESC 'MD4 hash of the unicode password'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE )

##
## Account flags in string format ([UWDX     ])
##
attributetype ( 1.3.6.1.4.1.7165.2.1.26 NAME 'sambaAcctFlags'
	DESC 'Account Flags'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{16} SINGLE-VALUE )

##
## Password timestamps & policies
##
attributetype ( 1.3.6.1.4.1.7165.2.1.27 NAME 'sambaPwdLastSet'
	DESC 'Timestamp of the last password update'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.28 NAME 'sambaPwdCanChange'
	DESC 'Timestamp of when the user is allowed to update the password'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.29 NAME 'sambaPwdMustChange'
	DESC 'Timestamp of when the password will expire'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.30 NAME 'sambaLogonTime'
	DESC 'Timestamp of last logon'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.31 NAME 'sambaLogoffTime'
	DESC 'Timestamp of last logoff'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.32 NAME 'sambaKickoffTime'
	DESC 'Timestamp of when the user will be logged off automatically'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.48 NAME 'sambaBadPasswordCount'
	DESC 'Bad password attempt count'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.49 NAME 'sambaBadPasswordTime'
	DESC 'Time of the last bad password attempt'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.55 NAME 'sambaLogonHours'
	DESC 'Logon Hours'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{42} SINGLE-VALUE )

##
## string settings
##
attributetype ( 1.3.6.1.4.1.7165.2.1.33 NAME 'sambaHomeDrive'
	DESC 'Driver letter of home directory mapping'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{4} SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.34 NAME 'sambaLogonScript'
	DESC 'Logon script path'
	EQUALITY caseIgnoreMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.35 NAME 'sambaProfilePath'
	DESC 'Roaming profile path'
	EQUALITY caseIgnoreMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.36 NAME 'sambaUserWorkstations'
	DESC 'List of user workstations the user is allowed to logon to'
	EQUALITY caseIgnoreMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.37 NAME 'sambaHomePath'
	DESC 'Home directory UNC path'
	EQUALITY caseIgnoreMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )

attributetype ( 1.3.6.1.4.1.7165.2.1.38 NAME 'sambaDomainName'
	DESC 'Windows NT domain to which the user belongs'
	EQUALITY caseIgnoreMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )

attributetype ( 1.3.6.1.4.1.7165.2.1.47 NAME 'sambaMungedDial'
	DESC 'Base64 encoded user parameter string'
	EQUALITY caseExactMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )

attributetype ( 1.3.6.1.4.1.7165.2.1.54 NAME 'sambaPasswordHistory'
	DESC 'Concatenated MD5 hashes of the salted NT passwords used on this account'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} )

##
## SID, of any type
##

attributetype ( 1.3.6.1.4.1.7165.2.1.20 NAME 'sambaSID'
	DESC 'Security ID'
	EQUALITY caseIgnoreIA5Match
	SUBSTR caseExactIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE )

##
## Primary group SID, compatible with ntSid
##

attributetype ( 1.3.6.1.4.1.7165.2.1.23 NAME 'sambaPrimaryGroupSID'
	DESC 'Primary Group Security ID'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.51 NAME 'sambaSIDList'
	DESC 'Security ID List'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} )

##
## group mapping attributes
##
attributetype ( 1.3.6.1.4.1.7165.2.1.19 NAME 'sambaGroupType'
	DESC 'NT Group Type'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

##
## Store info on the domain
##

attributetype ( 1.3.6.1.4.1.7165.2.1.21 NAME 'sambaNextUserRid'
	DESC 'Next NT rid to give our for users'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.22 NAME 'sambaNextGroupRid'
	DESC 'Next NT rid to give out for groups'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.39 NAME 'sambaNextRid'
	DESC 'Next NT rid to give out for anything'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.40 NAME 'sambaAlgorithmicRidBase'
	DESC 'Base at which the samba RID generation algorithm should operate'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.41 NAME 'sambaShareName'
	DESC 'Share Name'
	EQUALITY caseIgnoreMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.42 NAME 'sambaOptionName'
	DESC 'Option Name'
	EQUALITY caseIgnoreMatch
	SUBSTR caseIgnoreSubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )

attributetype ( 1.3.6.1.4.1.7165.2.1.43 NAME 'sambaBoolOption'
	DESC 'A boolean option'
	EQUALITY booleanMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.44 NAME 'sambaIntegerOption'
	DESC 'An integer option'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.45 NAME 'sambaStringOption'
	DESC 'A string option'
	EQUALITY caseExactIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.7165.2.1.46 NAME 'sambaStringListOption'
	DESC 'A string list option'
	EQUALITY caseIgnoreMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )


##attributetype ( 1.3.6.1.4.1.7165.2.1.50 NAME 'sambaPrivName' 
##	SUP name )

##attributetype ( 1.3.6.1.4.1.7165.2.1.52 NAME 'sambaPrivilegeList'
##	DESC 'Privileges List'
##	EQUALITY caseIgnoreIA5Match
##	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} )

attributetype ( 1.3.6.1.4.1.7165.2.1.53 NAME 'sambaTrustFlags'
	DESC 'Trust Password Flags'
	EQUALITY caseIgnoreIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

# "min password length"
attributetype ( 1.3.6.1.4.1.7165.2.1.58 NAME 'sambaMinPwdLength'
	DESC 'Minimal password length (default: 5)'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

# "password history"
attributetype ( 1.3.6.1.4.1.7165.2.1.59 NAME 'sambaPwdHistoryLength'
	DESC 'Length of Password History Entries (default: 0 => off)'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

# "user must logon to change password"
attributetype ( 1.3.6.1.4.1.7165.2.1.60 NAME 'sambaLogonToChgPwd'
	DESC 'Force Users to logon for password change (default: 0 => off, 2 => on)'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

# "maximum password age"
attributetype ( 1.3.6.1.4.1.7165.2.1.61 NAME 'sambaMaxPwdAge'
	DESC 'Maximum password age, in seconds (default: -1 => never expire passwords)'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

# "minimum password age"
attributetype ( 1.3.6.1.4.1.7165.2.1.62 NAME 'sambaMinPwdAge'
	DESC 'Minimum password age, in seconds (default: 0 => allow immediate password change)'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

# "lockout duration"
attributetype ( 1.3.6.1.4.1.7165.2.1.63 NAME 'sambaLockoutDuration'
	DESC 'Lockout duration in minutes (default: 30, -1 => forever)'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

# "reset count minutes"
attributetype ( 1.3.6.1.4.1.7165.2.1.64 NAME 'sambaLockoutObservationWindow'
	DESC 'Reset time after lockout in minutes (default: 30)'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

# "bad lockout attempt"
attributetype ( 1.3.6.1.4.1.7165.2.1.65 NAME 'sambaLockoutThreshold'
	DESC 'Lockout users after bad logon attempts (default: 0 => off)'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

# "disconnect time"
attributetype ( 1.3.6.1.4.1.7165.2.1.66 NAME 'sambaForceLogoff'
	DESC 'Disconnect Users outside logon hours (default: -1 => off, 0 => on)'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

# "refuse machine password change"
attributetype ( 1.3.6.1.4.1.7165.2.1.67 NAME 'sambaRefuseMachinePwdChange'
	DESC 'Allow Machine Password changes (default: 0 => off)'
	EQUALITY integerMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )




#######################################################################
##              objectClasses used by Samba 3.0 schema               ##
#######################################################################

## The X.500 data model (and therefore LDAPv3) says that each entry can
## only have one structural objectclass.  OpenLDAP 2.0 does not enforce
## this currently but will in v2.1

##
## added new objectclass (and OID) for 3.0 to help us deal with backwards
## compatibility with 2.2 installations (e.g. ldapsam_compat)  --jerry
##
objectclass ( 1.3.6.1.4.1.7165.2.2.6 NAME 'sambaSamAccount' SUP top AUXILIARY
	DESC 'Samba 3.0 Auxilary SAM Account'
	MUST ( uid $ sambaSID )
	MAY  ( cn $ sambaLMPassword $ sambaNTPassword $ sambaPwdLastSet $
	       sambaLogonTime $ sambaLogoffTime $ sambaKickoffTime $
	       sambaPwdCanChange $ sambaPwdMustChange $ sambaAcctFlags $
               displayName $ sambaHomePath $ sambaHomeDrive $ sambaLogonScript $
	       sambaProfilePath $ description $ sambaUserWorkstations $
	       sambaPrimaryGroupSID $ sambaDomainName $ sambaMungedDial $
	       sambaBadPasswordCount $ sambaBadPasswordTime $
	       sambaPasswordHistory $ sambaLogonHours))

##
## Group mapping info
##
objectclass ( 1.3.6.1.4.1.7165.2.2.4 NAME 'sambaGroupMapping' SUP top AUXILIARY
	DESC 'Samba Group Mapping'
	MUST ( gidNumber $ sambaSID $ sambaGroupType )
	MAY  ( displayName $ description $ sambaSIDList ))

##
## Trust password for trust relationships (any kind)
##
objectclass ( 1.3.6.1.4.1.7165.2.2.14 NAME 'sambaTrustPassword' SUP top STRUCTURAL
	DESC 'Samba Trust Password'
	MUST ( sambaDomainName $ sambaNTPassword $ sambaTrustFlags )
	MAY ( sambaSID $ sambaPwdLastSet ))

##
## Whole-of-domain info
##
objectclass ( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' SUP top STRUCTURAL
	DESC 'Samba Domain Information'
	MUST ( sambaDomainName $ 
	       sambaSID ) 
	MAY ( sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $
	      sambaAlgorithmicRidBase $ 
	      sambaMinPwdLength $ sambaPwdHistoryLength $ sambaLogonToChgPwd $
	      sambaMaxPwdAge $ sambaMinPwdAge $
	      sambaLockoutDuration $ sambaLockoutObservationWindow $ sambaLockoutThreshold $
	      sambaForceLogoff $ sambaRefuseMachinePwdChange ))

##
## used for idmap_ldap module
##
objectclass ( 1.3.6.1.4.1.7165.2.2.7 NAME 'sambaUnixIdPool' SUP top AUXILIARY
        DESC 'Pool for allocating UNIX uids/gids'
        MUST ( uidNumber $ gidNumber ) )


objectclass ( 1.3.6.1.4.1.7165.2.2.8 NAME 'sambaIdmapEntry' SUP top AUXILIARY
        DESC 'Mapping from a SID to an ID'
        MUST ( sambaSID )
	MAY ( uidNumber $ gidNumber ) )

objectclass ( 1.3.6.1.4.1.7165.2.2.9 NAME 'sambaSidEntry' SUP top STRUCTURAL
	DESC 'Structural Class for a SID'
	MUST ( sambaSID ) )

objectclass ( 1.3.6.1.4.1.7165.2.2.10 NAME 'sambaConfig' SUP top AUXILIARY
	DESC 'Samba Configuration Section'
	MAY ( description ) )

objectclass ( 1.3.6.1.4.1.7165.2.2.11 NAME 'sambaShare' SUP top STRUCTURAL
	DESC 'Samba Share Section'
	MUST ( sambaShareName )
	MAY ( description ) )

objectclass ( 1.3.6.1.4.1.7165.2.2.12 NAME 'sambaConfigOption' SUP top STRUCTURAL
	DESC 'Samba Configuration Option'
	MUST ( sambaOptionName )
	MAY ( sambaBoolOption $ sambaIntegerOption $ sambaStringOption $ 
	      sambaStringListoption $ description ) )


## retired during privilege rewrite
##objectclass ( 1.3.6.1.4.1.7165.2.2.13 NAME 'sambaPrivilege' SUP top AUXILIARY
##	DESC 'Samba Privilege'
##	MUST ( sambaSID )
##	MAY ( sambaPrivilegeList ) )
schema/trust.schema000064400000000000000000000014341223445131100146550ustar00rootroot00000000000000# this file goes into /etc/openldap/schema or into your schema directory for your LDAP v3 server
# make sure you have it, otherwise, Directory administrator will complain when changing user accounts
# unless you don't do schema checking

attributetype ( 5.3.6.1.1.1.1.0 NAME 'trustModel'
	DESC 'Access scheme'
	EQUALITY caseIgnoreIA5Match
	SUBSTR caseIgnoreIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

attributetype ( 5.3.6.1.1.1.1.1 NAME 'accessTo'
	DESC 'Access to which servers user is allowed'
	EQUALITY caseIgnoreIA5Match
	SUBSTR caseIgnoreIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

objectclass ( 5.3.6.1.1.1.2.0 NAME 'trustAccount' SUP top AUXILIARY
	DESC 'Sets trust accounts information'
	MUST ( trustModel )
	MAY ( accessTo ) )

schema/turbo.schema000064400000000000000000000011771223445131100146330ustar00rootroot00000000000000attributetype ( 1.3.6.1.4.1.8767.1.1.1
	NAME 'clearTextPassword'
	DESC 'Password in cleartext format'
	EQUALITY caseExactIA5Match
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
	SINGLE-VALUE )

# -----------------------------------------

objectclass ( 1.3.6.1.4.1.8767.2.1.1
	NAME 'extraPosixAccount'
	DESC 'Extra account information'
	MAY clearTextPassword )

objectclass ( 1.3.6.1.4.1.8767.2.1.2
	NAME 'mailRecipient'
	DESC 'Internet local mail recipient'
	MAY ( mail $ mailHost $ mailForwardingAddress $ mailAlternateAddress $
	      mailQuota $ deliveryMode $ deliveryProgramPath $ mailReplyText $
	      accountStatus $ mailMessageStore ) )

 
projeto & código: Vladimir Lettiev aka crux © 2004-2005, Andrew Avramenko aka liks © 2007-2008
mantenedor atual: Michael Shigorin
mantenedor da tradução: Fernando Martini aka fmartini © 2009