[Samba] LDAP push replication through firewall
Daniel Tamm
daniel.tamm at biomil.se
Mon Sep 15 02:01:50 MDT 2014
Thank you Louis for replying.
I am really an LDAP newby (and find LDAP really confusing...), but I'll
try to find the answers to your questions. Basically, may setup is based
on https://help.ubuntu.com/14.04/serverguide/openldap-server.html, so
the replication is syncrepl based.
nslcd is not even installed on the machines, so this should not cause
any trouble.
In the firewalls, the following ports related to LDAP/Samba are
forwarded right now:
Consumer: 389
Provider: 389
(did not open 636 because I understand that StartTLS always uses the
same port as the non-encrypted version.
So here come the configurations:
=====================================================
Consumer:
ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b cn=config
dn: cn=config
objectClass: olcGlobal
cn: config
olcArgsFile: /var/run/slapd/slapd.args
olcLogLevel: none
olcPidFile: /var/run/slapd/slapd.pid
olcTLSCACertificateFile: /etc/ssl/certs/biomil_ca.crt
olcTLSCertificateFile: /etc/ssl/certs/h2o_slapd.crt
olcTLSCertificateKeyFile: /etc/ssl/private/h2o_slapd.key
olcToolThreads: 1
dn: cn=module{0},cn=config
objectClass: olcModuleList
cn: module{0}
olcModulePath: /usr/lib/ldap
olcModuleLoad: {0}back_hdb
olcModuleLoad: {1}syncprov
dn: cn=schema,cn=config
objectClass: olcSchemaConfig
cn: schema
olcObjectIdentifier: OLcfg 1.3.6.1.4.1.4203.1.12.2
olcObjectIdentifier: OLcfgAt OLcfg:3
olcObjectIdentifier: OLcfgGlAt OLcfgAt:0
olcObjectIdentifier: OLcfgBkAt OLcfgAt:1
olcObjectIdentifier: OLcfgDbAt OLcfgAt:2
olcObjectIdentifier: OLcfgOvAt OLcfgAt:3
olcObjectIdentifier: OLcfgCtAt OLcfgAt:4
olcObjectIdentifier: OLcfgOc OLcfg:4
olcObjectIdentifier: OLcfgGlOc OLcfgOc:0
olcObjectIdentifier: OLcfgBkOc OLcfgOc:1
olcObjectIdentifier: OLcfgDbOc OLcfgOc:2
olcObjectIdentifier: OLcfgOvOc OLcfgOc:3
olcObjectIdentifier: OLcfgCtOc OLcfgOc:4
olcObjectIdentifier: OMsyn 1.3.6.1.4.1.1466.115.121.1
olcObjectIdentifier: OMsBoolean OMsyn:7
olcObjectIdentifier: OMsDN OMsyn:12
olcObjectIdentifier: OMsDirectoryString OMsyn:15
olcObjectIdentifier: OMsIA5String OMsyn:26
olcObjectIdentifier: OMsInteger OMsyn:27
olcObjectIdentifier: OMsOID OMsyn:38
olcObjectIdentifier: OMsOctetString OMsyn:40
olcAttributeTypes: ( 2.5.4.0 NAME 'objectClass' DESC 'RFC4512: object
classes
of the entity' EQUALITY objectIdentifierMatch SYNTAX
1.3.6.1.4.1.1466.115.121
.1.38 )
olcAttributeTypes: ( 2.5.21.9 NAME 'structuralObjectClass' DESC
'RFC4512: stru
ctural object class of entry' EQUALITY objectIdentifierMatch SYNTAX
1.3.6.1.4
.1.1466.115.121.1.38 SINGLE-VALUE NO-USER-MODIFICATION USAGE
directoryOperati
on )
olcAttributeTypes: ( 2.5.18.1 NAME 'createTimestamp' DESC 'RFC4512: time
which
object was created' EQUALITY generalizedTimeMatch ORDERING
generalizedTimeOr
deringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE
NO-USER-MODIFIC
ATION USAGE directoryOperation )
olcAttributeTypes: ( 2.5.18.2 NAME 'modifyTimestamp' DESC 'RFC4512: time
which
object was last modified' EQUALITY generalizedTimeMatch ORDERING
generalized
TimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE
NO-USER-M
ODIFICATION USAGE directoryOperation )
olcAttributeTypes: ( 2.5.18.3 NAME 'creatorsName' DESC 'RFC4512: name of
creat
or' EQUALITY distinguishedNameMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.12 SING
LE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )
olcAttributeTypes: ( 2.5.18.4 NAME 'modifiersName' DESC 'RFC4512: name
of last
modifier' EQUALITY distinguishedNameMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.
12 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )
olcAttributeTypes: ( 2.5.18.9 NAME 'hasSubordinates' DESC 'X.501: entry
has ch
ildren' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALU
E NO-USER-MODIFICATION USAGE directoryOperation )
olcAttributeTypes: ( 2.5.18.10 NAME 'subschemaSubentry' DESC 'RFC4512:
name of
controlling subschema entry' EQUALITY distinguishedNameMatch SYNTAX
1.3.6.1.
4.1.1466.115.121.1.12 SINGLE-VALUE NO-USER-MODIFICATION USAGE
directoryOperat
ion )
olcAttributeTypes: ( 1.3.6.1.1.20 NAME 'entryDN' DESC 'DN of the entry'
EQUALI
TY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
SINGLE-VALUE N
O-USER-MODIFICATION USAGE directoryOperation )
olcAttributeTypes: ( 1.3.6.1.1.16.4 NAME 'entryUUID' DESC 'UUID of the
entry'
EQUALITY UUIDMatch ORDERING UUIDOrderingMatch SYNTAX 1.3.6.1.1.16.1
SINGLE-VA
LUE NO-USER-MODIFICATION USAGE directoryOperation )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.7 NAME 'entryCSN' DESC
'change seq
uence number of the entry content' EQUALITY CSNMatch ORDERING
CSNOrderingMatc
h SYNTAX 1.3.6.1.4.1.4203.666.11.2.1{64} SINGLE-VALUE
NO-USER-MODIFICATION US
AGE directoryOperation )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.13 NAME 'namingCSN' DESC
'change s
equence number of the entry naming (RDN)' EQUALITY CSNMatch ORDERING
CSNOrder
ingMatch SYNTAX 1.3.6.1.4.1.4203.666.11.2.1{64} SINGLE-VALUE
NO-USER-MODIFICA
TION USAGE directoryOperation )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.23 NAME 'syncreplCookie'
DESC 'syn
crepl Cookie for shadow copy' EQUALITY octetStringMatch ORDERING
octetStringO
rderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE
NO-USER-MODIFI
CATION USAGE dSAOperation )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.25 NAME 'contextCSN' DESC
'the lar
gest committed CSN of a context' EQUALITY CSNMatch ORDERING
CSNOrderingMatch
SYNTAX 1.3.6.1.4.1.4203.666.11.2.1{64} NO-USER-MODIFICATION USAGE
dSAOperatio
n )
olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.6 NAME 'altServer' DESC
'RFC4512
: alternative servers' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 USAGE
dSAOperatio
n )
olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.5 NAME 'namingContexts'
DESC 'RF
C4512: naming contexts' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 USAGE
dSAOperati
on )
olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.13 NAME 'supportedControl'
DESC
'RFC4512: supported controls' SYNTAX 1.3.6.1.4.1.1466.115.121.1.38
USAGE dSAO
peration )
olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.7 NAME
'supportedExtension' DESC
'RFC4512: supported extended operations' SYNTAX
1.3.6.1.4.1.1466.115.121.1.3
8 USAGE dSAOperation )
olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.15 NAME
'supportedLDAPVersion' D
ESC 'RFC4512: supported LDAP versions' SYNTAX
1.3.6.1.4.1.1466.115.121.1.27 U
SAGE dSAOperation )
olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.14 NAME
'supportedSASLMechanisms
' DESC 'RFC4512: supported SASL mechanisms' SYNTAX
1.3.6.1.4.1.1466.115.121.1
.15 USAGE dSAOperation )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.1.3.5 NAME 'supportedFeatures'
DESC 'RFC
4512: features supported by the server' EQUALITY objectIdentifierMatch
SYNTAX
1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.10 NAME 'monitorContext'
DESC 'mon
itor context' EQUALITY distinguishedNameMatch SYNTAX
1.3.6.1.4.1.1466.115.121
.1.12 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.1 NAME 'configContext' DESC
'conf
ig context' EQUALITY distinguishedNameMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1
.12 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )
olcAttributeTypes: ( 1.3.6.1.1.4 NAME 'vendorName' DESC 'RFC3045: name
of impl
ementation vendor' EQUALITY caseExactMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.
15 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )
olcAttributeTypes: ( 1.3.6.1.1.5 NAME 'vendorVersion' DESC 'RFC3045:
version o
f implementation' EQUALITY caseExactMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.1
5 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )
olcAttributeTypes: ( 2.5.18.5 NAME 'administrativeRole' DESC 'RFC3672:
adminis
trative role' EQUALITY objectIdentifierMatch SYNTAX
1.3.6.1.4.1.1466.115.121.
1.38 USAGE directoryOperation )
olcAttributeTypes: ( 2.5.18.6 NAME 'subtreeSpecification' DESC 'RFC3672:
subtr
ee specification' SYNTAX 1.3.6.1.4.1.1466.115.121.1.45 SINGLE-VALUE
USAGE dir
ectoryOperation )
olcAttributeTypes: ( 2.5.21.1 NAME 'dITStructureRules' DESC 'RFC4512:
DIT stru
cture rules' EQUALITY integerFirstComponentMatch SYNTAX
1.3.6.1.4.1.1466.115.
121.1.17 USAGE directoryOperation )
olcAttributeTypes: ( 2.5.21.2 NAME 'dITContentRules' DESC 'RFC4512: DIT
conten
t rules' EQUALITY objectIdentifierFirstComponentMatch SYNTAX
1.3.6.1.4.1.1466
.115.121.1.16 USAGE directoryOperation )
olcAttributeTypes: ( 2.5.21.4 NAME 'matchingRules' DESC 'RFC4512:
matching rul
es' EQUALITY objectIdentifierFirstComponentMatch SYNTAX
1.3.6.1.4.1.1466.115.
121.1.30 USAGE directoryOperation )
olcAttributeTypes: ( 2.5.21.5 NAME 'attributeTypes' DESC 'RFC4512:
attribute t
ypes' EQUALITY objectIdentifierFirstComponentMatch SYNTAX
1.3.6.1.4.1.1466.11
5.121.1.3 USAGE directoryOperation )
olcAttributeTypes: ( 2.5.21.6 NAME 'objectClasses' DESC 'RFC4512: object
class
es' EQUALITY objectIdentifierFirstComponentMatch SYNTAX
1.3.6.1.4.1.1466.115.
121.1.37 USAGE directoryOperation )
olcAttributeTypes: ( 2.5.21.7 NAME 'nameForms' DESC 'RFC4512: name forms
' EQU
ALITY objectIdentifierFirstComponentMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.3
5 USAGE directoryOperation )
olcAttributeTypes: ( 2.5.21.8 NAME 'matchingRuleUse' DESC 'RFC4512:
matching r
ule uses' EQUALITY objectIdentifierFirstComponentMatch SYNTAX
1.3.6.1.4.1.146
6.115.121.1.31 USAGE directoryOperation )
olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.16 NAME 'ldapSyntaxes'
DESC 'RFC
4512: LDAP syntaxes' EQUALITY objectIdentifierFirstComponentMatch
SYNTAX 1.3.
6.1.4.1.1466.115.121.1.54 USAGE directoryOperation )
olcAttributeTypes: ( 2.5.4.1 NAME ( 'aliasedObjectName'
'aliasedEntryName' ) D
ESC 'RFC4512: name of aliased object' EQUALITY distinguishedNameMatch
SYNTAX
1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
olcAttributeTypes: ( 2.16.840.1.113730.3.1.34 NAME 'ref' DESC 'RFC3296:
subord
inate referral URL' EQUALITY caseExactMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1
.15 USAGE distributedOperation )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.1.3.1 NAME 'entry' DESC 'OpenLDAP
ACL en
try pseudo-attribute' SYNTAX 1.3.6.1.4.1.4203.1.1.1 SINGLE-VALUE
NO-USER-MODI
FICATION USAGE dSAOperation )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.1.3.2 NAME 'children' DESC
'OpenLDAP ACL
children pseudo-attribute' SYNTAX 1.3.6.1.4.1.4203.1.1.1 SINGLE-VALUE
NO-USE
R-MODIFICATION USAGE dSAOperation )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.8 NAME ( 'authzTo'
'saslAuthzTo' )
DESC 'proxy authorization targets' EQUALITY authzMatch SYNTAX
1.3.6.1.4.1.42
03.666.2.7 USAGE distributedOperation X-ORDERED 'VALUES' )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.9 NAME ( 'authzFrom'
'saslAuthzFro
m' ) DESC 'proxy authorization sources' EQUALITY authzMatch SYNTAX
1.3.6.1.4.
1.4203.666.2.7 USAGE distributedOperation X-ORDERED 'VALUES' )
olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.119.3 NAME 'entryTtl' DESC
'RFC2589:
entry time-to-live' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE
NO-USE
R-MODIFICATION USAGE dSAOperation )
olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.119.4 NAME 'dynamicSubtrees'
DESC 'R
FC2589: dynamic subtrees' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
NO-USER-MODIFI
CATION USAGE dSAOperation )
olcAttributeTypes: ( 2.5.4.49 NAME 'distinguishedName' DESC 'RFC4519:
common s
upertype of DN attributes' EQUALITY distinguishedNameMatch SYNTAX
1.3.6.1.4.1
.1466.115.121.1.12 )
olcAttributeTypes: ( 2.5.4.41 NAME 'name' DESC 'RFC4519: common
supertype of n
ame attributes' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMatch SYN
TAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
olcAttributeTypes: ( 2.5.4.3 NAME ( 'cn' 'commonName' ) DESC 'RFC4519:
common
name(s) for which the entity is known by' SUP name )
olcAttributeTypes: ( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' )
DESC 'R
FC4519: user identifier' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstrings
Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
olcAttributeTypes: ( 1.3.6.1.1.1.1.0 NAME 'uidNumber' DESC 'RFC2307: An
intege
r uniquely identifying a user in an administrative domain' EQUALITY
integerMa
tch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE
-VALUE )
olcAttributeTypes: ( 1.3.6.1.1.1.1.1 NAME 'gidNumber' DESC 'RFC2307: An
intege
r uniquely identifying a group in an administrative domain' EQUALITY
integerM
atch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGL
E-VALUE )
olcAttributeTypes: ( 2.5.4.35 NAME 'userPassword' DESC 'RFC4519/2307:
password
of user' EQUALITY octetStringMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.40{128}
)
olcAttributeTypes: ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI' DESC
'RFC2079: Uni
form Resource Identifier with optional label' EQUALITY caseExactMatch
SYNTAX
1.3.6.1.4.1.1466.115.121.1.15 )
olcAttributeTypes: ( 2.5.4.13 NAME 'description' DESC 'RFC4519:
descriptive in
formation' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1
.3.6.1.4.1.1466.115.121.1.15{1024} )
olcAttributeTypes: ( 2.5.4.34 NAME 'seeAlso' DESC 'RFC4519: DN of
related obje
ct' SUP distinguishedName )
olcAttributeTypes: ( OLcfgGlAt:78 NAME 'olcConfigFile' DESC 'File for
slapd co
nfiguration directives' EQUALITY caseIgnoreMatch SYNTAX
OMsDirectoryString SI
NGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:79 NAME 'olcConfigDir' DESC 'Directory
for slap
d configuration backend' EQUALITY caseIgnoreMatch SYNTAX
OMsDirectoryString S
INGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:1 NAME 'olcAccess' DESC 'Access Control
List' E
QUALITY caseIgnoreMatch SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )
olcAttributeTypes: ( OLcfgGlAt:86 NAME 'olcAddContentAcl' DESC 'Check
ACLs aga
inst content of Add ops' SYNTAX OMsBoolean SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:2 NAME 'olcAllows' DESC 'Allowed set of
depreca
ted features' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgGlAt:3 NAME 'olcArgsFile' DESC 'File for slapd
comma
nd line options' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString
SINGLE-VA
LUE )
olcAttributeTypes: ( OLcfgGlAt:5 NAME 'olcAttributeOptions' EQUALITY
caseIgnor
eMatch SYNTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgGlAt:4 NAME 'olcAttributeTypes' DESC 'OpenLDAP
attri
buteTypes' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
SYNTAX O
MsDirectoryString X-ORDERED 'VALUES' )
olcAttributeTypes: ( OLcfgGlAt:6 NAME 'olcAuthIDRewrite' EQUALITY
caseIgnoreMa
tch SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )
olcAttributeTypes: ( OLcfgGlAt:7 NAME 'olcAuthzPolicy' EQUALITY
caseIgnoreMatc
h SYNTAX OMsDirectoryString SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:8 NAME 'olcAuthzRegexp' EQUALITY
caseIgnoreMatc
h SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )
olcAttributeTypes: ( OLcfgGlAt:9 NAME 'olcBackend' DESC 'A type of
backend' EQ
UALITY caseIgnoreMatch SYNTAX OMsDirectoryString SINGLE-VALUE X-ORDERED
'SIBL
INGS' )
olcAttributeTypes: ( OLcfgGlAt:10 NAME 'olcConcurrency' SYNTAX
OMsInteger SING
LE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:11 NAME 'olcConnMaxPending' SYNTAX
OMsInteger S
INGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:12 NAME 'olcConnMaxPendingAuth' SYNTAX
OMsInteg
er SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:13 NAME 'olcDatabase' DESC 'The backend
type fo
r a database instance' SUP olcBackend SINGLE-VALUE X-ORDERED 'SIBLINGS' )
olcAttributeTypes: ( OLcfgGlAt:14 NAME 'olcDefaultSearchBase' SYNTAX
OMsDN SIN
GLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:15 NAME 'olcDisallows' EQUALITY
caseIgnoreMatch
SYNTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgGlAt:16 NAME 'olcDitContentRules' DESC
'OpenLDAP DIT
content rules' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMatch SYN
TAX OMsDirectoryString X-ORDERED 'VALUES' )
olcAttributeTypes: ( OLcfgDbAt:0.20 NAME 'olcExtraAttrs' EQUALITY
caseIgnoreMa
tch SYNTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgGlAt:17 NAME 'olcGentleHUP' SYNTAX OMsBoolean
SINGLE
-VALUE )
olcAttributeTypes: ( OLcfgDbAt:0.17 NAME 'olcHidden' SYNTAX OMsBoolean
SINGLE-
VALUE )
olcAttributeTypes: ( OLcfgGlAt:18 NAME 'olcIdleTimeout' SYNTAX
OMsInteger SING
LE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:19 NAME 'olcInclude' SUP labeledURI )
olcAttributeTypes: ( OLcfgGlAt:20 NAME 'olcIndexSubstrIfMinLen' SYNTAX
OMsInte
ger SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:21 NAME 'olcIndexSubstrIfMaxLen' SYNTAX
OMsInte
ger SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:22 NAME 'olcIndexSubstrAnyLen' SYNTAX
OMsIntege
r SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:23 NAME 'olcIndexSubstrAnyStep' SYNTAX
OMsInteg
er SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:84 NAME 'olcIndexIntLen' SYNTAX
OMsInteger SING
LE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:0.4 NAME 'olcLastMod' SYNTAX OMsBoolean
SINGLE-
VALUE )
olcAttributeTypes: ( OLcfgGlAt:85 NAME 'olcLdapSyntaxes' DESC 'OpenLDAP
ldapSy
ntax' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
OMsDir
ectoryString X-ORDERED 'VALUES' )
olcAttributeTypes: ( OLcfgDbAt:0.5 NAME 'olcLimits' EQUALITY
caseIgnoreMatch S
YNTAX OMsDirectoryString X-ORDERED 'VALUES' )
olcAttributeTypes: ( OLcfgGlAt:93 NAME 'olcListenerThreads' SYNTAX
OMsInteger
SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:26 NAME 'olcLocalSSF' SYNTAX OMsInteger
SINGLE-
VALUE )
olcAttributeTypes: ( OLcfgGlAt:27 NAME 'olcLogFile' SYNTAX
OMsDirectoryString
SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:28 NAME 'olcLogLevel' EQUALITY
caseIgnoreMatch
SYNTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgDbAt:0.6 NAME 'olcMaxDerefDepth' SYNTAX
OMsInteger S
INGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:0.16 NAME 'olcMirrorMode' SYNTAX
OMsBoolean SIN
GLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:30 NAME 'olcModuleLoad' EQUALITY
caseIgnoreMatc
h SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )
olcAttributeTypes: ( OLcfgGlAt:31 NAME 'olcModulePath' SYNTAX
OMsDirectoryStri
ng SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:0.18 NAME 'olcMonitoring' SYNTAX
OMsBoolean SIN
GLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:32 NAME 'olcObjectClasses' DESC 'OpenLDAP
objec
t classes' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
SYNTAX O
MsDirectoryString X-ORDERED 'VALUES' )
olcAttributeTypes: ( OLcfgGlAt:33 NAME 'olcObjectIdentifier' EQUALITY
caseIgno
reMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX OMsDirectoryString
X-ORDERED
'VALUES' )
olcAttributeTypes: ( OLcfgGlAt:34 NAME 'olcOverlay' SUP olcDatabase
SINGLE-VAL
UE X-ORDERED 'SIBLINGS' )
olcAttributeTypes: ( OLcfgGlAt:35 NAME 'olcPasswordCryptSaltFormat'
SYNTAX OMs
DirectoryString SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:36 NAME 'olcPasswordHash' EQUALITY
caseIgnoreMa
tch SYNTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgGlAt:37 NAME 'olcPidFile' SYNTAX
OMsDirectoryString
SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:38 NAME 'olcPlugin' EQUALITY
caseIgnoreMatch SY
NTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgGlAt:39 NAME 'olcPluginLogFile' SYNTAX
OMsDirectoryS
tring SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:40 NAME 'olcReadOnly' SYNTAX OMsBoolean
SINGLE-
VALUE )
olcAttributeTypes: ( OLcfgGlAt:41 NAME 'olcReferral' SUP labeledURI
SINGLE-VAL
UE )
olcAttributeTypes: ( OLcfgDbAt:0.7 NAME 'olcReplica' SUP labeledURI
EQUALITY c
aseIgnoreMatch X-ORDERED 'VALUES' )
olcAttributeTypes: ( OLcfgGlAt:43 NAME 'olcReplicaArgsFile' SYNTAX
OMsDirector
yString SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:44 NAME 'olcReplicaPidFile' SYNTAX
OMsDirectory
String SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:45 NAME 'olcReplicationInterval' SYNTAX
OMsInte
ger SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:46 NAME 'olcReplogFile' SYNTAX
OMsDirectoryStri
ng SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:47 NAME 'olcRequires' EQUALITY
caseIgnoreMatch
SYNTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgGlAt:48 NAME 'olcRestrict' EQUALITY
caseIgnoreMatch
SYNTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgGlAt:49 NAME 'olcReverseLookup' SYNTAX
OMsBoolean SI
NGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:0.8 NAME 'olcRootDN' EQUALITY
distinguishedName
Match SYNTAX OMsDN SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:51 NAME 'olcRootDSE' EQUALITY
caseIgnoreMatch S
YNTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgDbAt:0.9 NAME 'olcRootPW' SYNTAX
OMsDirectoryString
SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:89 NAME 'olcSaslAuxprops' SYNTAX
OMsDirectorySt
ring SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:53 NAME 'olcSaslHost' SYNTAX
OMsDirectoryString
SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:54 NAME 'olcSaslRealm' SYNTAX
OMsDirectoryStrin
g SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:56 NAME 'olcSaslSecProps' SYNTAX
OMsDirectorySt
ring SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:58 NAME 'olcSchemaDN' EQUALITY
distinguishedNam
eMatch SYNTAX OMsDN SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:59 NAME 'olcSecurity' EQUALITY
caseIgnoreMatch
SYNTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgGlAt:81 NAME 'olcServerID' EQUALITY
caseIgnoreMatch
SYNTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgGlAt:60 NAME 'olcSizeLimit' SYNTAX
OMsDirectoryStrin
g SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:61 NAME 'olcSockbufMaxIncoming' SYNTAX
OMsInteg
er SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:62 NAME 'olcSockbufMaxIncomingAuth'
SYNTAX OMsI
nteger SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:83 NAME 'olcSortVals' DESC 'Attributes
whose va
lues will always be sorted' EQUALITY caseIgnoreMatch SYNTAX
OMsDirectoryStrin
g )
olcAttributeTypes: ( OLcfgDbAt:0.15 NAME 'olcSubordinate' SYNTAX
OMsDirectoryS
tring SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:0.10 NAME 'olcSuffix' EQUALITY
distinguishedNam
eMatch SYNTAX OMsDN )
olcAttributeTypes: ( OLcfgDbAt:0.19 NAME 'olcSyncUseSubentry' DESC
'Store sync
context in a subentry' SYNTAX OMsBoolean SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:0.11 NAME 'olcSyncrepl' EQUALITY
caseIgnoreMatc
h SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )
olcAttributeTypes: ( OLcfgGlAt:90 NAME 'olcTCPBuffer' DESC 'Custom TCP
buffer
size' SYNTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgGlAt:66 NAME 'olcThreads' SYNTAX OMsInteger
SINGLE-V
ALUE )
olcAttributeTypes: ( OLcfgGlAt:67 NAME 'olcTimeLimit' SYNTAX
OMsDirectoryStrin
g )
olcAttributeTypes: ( OLcfgGlAt:68 NAME 'olcTLSCACertificateFile' SYNTAX
OMsDir
ectoryString SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:69 NAME 'olcTLSCACertificatePath' SYNTAX
OMsDir
ectoryString SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:70 NAME 'olcTLSCertificateFile' SYNTAX
OMsDirec
toryString SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:71 NAME 'olcTLSCertificateKeyFile' SYNTAX
OMsDi
rectoryString SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:72 NAME 'olcTLSCipherSuite' SYNTAX
OMsDirectory
String SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:73 NAME 'olcTLSCRLCheck' SYNTAX
OMsDirectoryStr
ing SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:82 NAME 'olcTLSCRLFile' SYNTAX
OMsDirectoryStri
ng SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:74 NAME 'olcTLSRandFile' SYNTAX
OMsDirectoryStr
ing SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:75 NAME 'olcTLSVerifyClient' SYNTAX
OMsDirector
yString SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:77 NAME 'olcTLSDHParamFile' SYNTAX
OMsDirectory
String SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:87 NAME 'olcTLSProtocolMin' SYNTAX
OMsDirectory
String SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:80 NAME 'olcToolThreads' SYNTAX
OMsInteger SING
LE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:0.12 NAME 'olcUpdateDN' SYNTAX OMsDN
SINGLE-VAL
UE )
olcAttributeTypes: ( OLcfgDbAt:0.13 NAME 'olcUpdateRef' SUP labeledURI
EQUALIT
Y caseIgnoreMatch )
olcAttributeTypes: ( OLcfgGlAt:88 NAME 'olcWriteTimeout' SYNTAX
OMsInteger SIN
GLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:0.1 NAME 'olcDbDirectory' DESC 'Directory
for d
atabase content' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString
SINGLE-VA
LUE )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.5 NAME 'OpenLDAPaci' DESC
'OpenLDA
P access control information (experimental)' EQUALITY OpenLDAPaciMatch
SYNTAX
1.3.6.1.4.1.4203.666.2.1 USAGE directoryOperation )
olcAttributeTypes: ( OLcfgDbAt:1.11 NAME 'olcDbCacheFree' DESC 'Number
of extr
a entries to free when max is reached' SYNTAX OMsInteger SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:1.1 NAME 'olcDbCacheSize' DESC 'Entry
cache siz
e in entries' SYNTAX OMsInteger SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:1.2 NAME 'olcDbCheckpoint' DESC 'Database
check
point interval in kbytes and minutes' SYNTAX OMsDirectoryString
SINGLE-VALUE
)
olcAttributeTypes: ( OLcfgDbAt:1.16 NAME 'olcDbChecksum' DESC 'Enable
database
checksum validation' SYNTAX OMsBoolean SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:1.13 NAME 'olcDbCryptFile' DESC 'Pathname
of fi
le containing the DB encryption key' SYNTAX OMsDirectoryString
SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:1.14 NAME 'olcDbCryptKey' DESC 'DB
encryption k
ey' SYNTAX OMsOctetString SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:1.3 NAME 'olcDbConfig' DESC 'BerkeleyDB
DB_CONF
IG configuration directives' SYNTAX OMsIA5String X-ORDERED 'VALUES' )
olcAttributeTypes: ( OLcfgDbAt:1.4 NAME 'olcDbNoSync' DESC 'Disable
synchronou
s database writes' SYNTAX OMsBoolean SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:1.15 NAME 'olcDbPageSize' DESC 'Page size
of sp
ecified DB, in Kbytes' EQUALITY caseExactMatch SYNTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgDbAt:1.5 NAME 'olcDbDirtyRead' DESC 'Allow
reads of
uncommitted data' SYNTAX OMsBoolean SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:1.12 NAME 'olcDbDNcacheSize' DESC 'DN
cache siz
e' SYNTAX OMsInteger SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:1.6 NAME 'olcDbIDLcacheSize' DESC 'IDL
cache si
ze in IDLs' SYNTAX OMsInteger SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:0.2 NAME 'olcDbIndex' DESC 'Attribute
index par
ameters' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgDbAt:1.7 NAME 'olcDbLinearIndex' DESC 'Index
attribu
tes one at a time' SYNTAX OMsBoolean SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:1.8 NAME 'olcDbLockDetect' DESC 'Deadlock
detec
tion algorithm' SYNTAX OMsDirectoryString SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:0.3 NAME 'olcDbMode' DESC 'Unix
permissions of
database files' SYNTAX OMsDirectoryString SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:1.9 NAME 'olcDbSearchStack' DESC 'Depth
of sear
ch stack in IDLs' SYNTAX OMsInteger SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:1.10 NAME 'olcDbShmKey' DESC 'Key for
shared me
mory region' SYNTAX OMsInteger SINGLE-VALUE )
olcAttributeTypes: ( OLcfgOvAt:1.1 NAME 'olcSpCheckpoint' DESC
'ContextCSN che
ckpoint interval in ops and minutes' SYNTAX OMsDirectoryString
SINGLE-VALUE )
olcAttributeTypes: ( OLcfgOvAt:1.2 NAME 'olcSpSessionlog' DESC 'Session
log si
ze in ops' SYNTAX OMsInteger SINGLE-VALUE )
olcAttributeTypes: ( OLcfgOvAt:1.3 NAME 'olcSpNoPresent' DESC 'Omit
Present ph
ase processing' SYNTAX OMsBoolean SINGLE-VALUE )
olcAttributeTypes: ( OLcfgOvAt:1.4 NAME 'olcSpReloadHint' DESC 'Observe
Reload
Hint in Request control' SYNTAX OMsBoolean SINGLE-VALUE )
olcObjectClasses: ( 2.5.6.0 NAME 'top' DESC 'top of the superclass
chain' ABST
RACT MUST objectClass )
olcObjectClasses: ( 1.3.6.1.4.1.1466.101.120.111 NAME 'extensibleObject'
DESC
'RFC4512: extensible object' SUP top AUXILIARY )
olcObjectClasses: ( 2.5.6.1 NAME 'alias' DESC 'RFC4512: an alias' SUP
top STRU
CTURAL MUST aliasedObjectName )
olcObjectClasses: ( 2.16.840.1.113730.3.2.6 NAME 'referral' DESC
'namedref: na
med subordinate referral' SUP top STRUCTURAL MUST ref )
olcObjectClasses: ( 1.3.6.1.4.1.4203.1.4.1 NAME ( 'OpenLDAProotDSE'
'LDAProotD
SE' ) DESC 'OpenLDAP Root DSE object' SUP top STRUCTURAL MAY cn )
olcObjectClasses: ( 2.5.17.0 NAME 'subentry' DESC 'RFC3672: subentry'
SUP top
STRUCTURAL MUST ( cn $ subtreeSpecification ) )
olcObjectClasses: ( 2.5.20.1 NAME 'subschema' DESC 'RFC4512: controlling
subsc
hema (sub)entry' AUXILIARY MAY ( dITStructureRules $ nameForms $
dITContentRu
les $ objectClasses $ attributeTypes $ matchingRules $ matchingRuleUse ) )
olcObjectClasses: ( 1.3.6.1.4.1.1466.101.119.2 NAME 'dynamicObject' DESC
'RFC2
589: Dynamic Object' SUP top AUXILIARY )
olcObjectClasses: ( 1.3.6.1.4.1.4203.666.3.4 NAME 'glue' DESC 'Glue
Entry' SUP
top STRUCTURAL )
olcObjectClasses: ( 1.3.6.1.4.1.4203.666.3.5 NAME 'syncConsumerSubentry'
DESC
'Persistent Info for SyncRepl Consumer' AUXILIARY MAY syncreplCookie )
olcObjectClasses: ( 1.3.6.1.4.1.4203.666.3.6 NAME 'syncProviderSubentry'
DESC
'Persistent Info for SyncRepl Producer' AUXILIARY MAY contextCSN )
olcObjectClasses: ( OLcfgGlOc:0 NAME 'olcConfig' DESC 'OpenLDAP
configuration
object' SUP top ABSTRACT )
olcObjectClasses: ( OLcfgGlOc:1 NAME 'olcGlobal' DESC 'OpenLDAP Global
configu
ration options' SUP olcConfig STRUCTURAL MAY ( cn $ olcConfigFile $
olcConfig
Dir $ olcAllows $ olcArgsFile $ olcAttributeOptions $ olcAuthIDRewrite
$ olcA
uthzPolicy $ olcAuthzRegexp $ olcConcurrency $ olcConnMaxPending $
olcConnMax
PendingAuth $ olcDisallows $ olcGentleHUP $ olcIdleTimeout $
olcIndexSubstrIf
MaxLen $ olcIndexSubstrIfMinLen $ olcIndexSubstrAnyLen $
olcIndexSubstrAnySte
p $ olcIndexIntLen $ olcLocalSSF $ olcLogFile $ olcLogLevel $
olcPasswordCryp
tSaltFormat $ olcPasswordHash $ olcPidFile $ olcPluginLogFile $
olcReadOnly $
olcReferral $ olcReplogFile $ olcRequires $ olcRestrict $
olcReverseLookup $
olcRootDSE $ olcSaslAuxprops $ olcSaslHost $ olcSaslRealm $
olcSaslSecProps
$ olcSecurity $ olcServerID $ olcSizeLimit $ olcSockbufMaxIncoming $
olcSockb
ufMaxIncomingAuth $ olcTCPBuffer $ olcThreads $ olcTimeLimit $
olcTLSCACertif
icateFile $ olcTLSCACertificatePath $ olcTLSCertificateFile $
olcTLSCertifica
teKeyFile $ olcTLSCipherSuite $ olcTLSCRLCheck $ olcTLSRandFile $
olcTLSVerif
yClient $ olcTLSDHParamFile $ olcTLSCRLFile $ olcToolThreads $
olcWriteTimeou
t $ olcObjectIdentifier $ olcAttributeTypes $ olcObjectClasses $
olcDitConten
tRules $ olcLdapSyntaxes ) )
olcObjectClasses: ( OLcfgGlOc:2 NAME 'olcSchemaConfig' DESC 'OpenLDAP
schema o
bject' SUP olcConfig STRUCTURAL MAY ( cn $ olcObjectIdentifier $
olcLdapSynta
xes $ olcAttributeTypes $ olcObjectClasses $ olcDitContentRules ) )
olcObjectClasses: ( OLcfgGlOc:3 NAME 'olcBackendConfig' DESC 'OpenLDAP
Backend
-specific options' SUP olcConfig STRUCTURAL MUST olcBackend )
olcObjectClasses: ( OLcfgGlOc:4 NAME 'olcDatabaseConfig' DESC 'OpenLDAP
Databa
se-specific options' SUP olcConfig STRUCTURAL MUST olcDatabase MAY (
olcHidde
n $ olcSuffix $ olcSubordinate $ olcAccess $ olcAddContentAcl $
olcLastMod $
olcLimits $ olcMaxDerefDepth $ olcPlugin $ olcReadOnly $ olcReplica $
olcRepl
icaArgsFile $ olcReplicaPidFile $ olcReplicationInterval $
olcReplogFile $ ol
cRequires $ olcRestrict $ olcRootDN $ olcRootPW $ olcSchemaDN $
olcSecurity $
olcSizeLimit $ olcSyncUseSubentry $ olcSyncrepl $ olcTimeLimit $
olcUpdateDN
$ olcUpdateRef $ olcMirrorMode $ olcMonitoring $ olcExtraAttrs ) )
olcObjectClasses: ( OLcfgGlOc:5 NAME 'olcOverlayConfig' DESC 'OpenLDAP
Overlay
-specific options' SUP olcConfig STRUCTURAL MUST olcOverlay )
olcObjectClasses: ( OLcfgGlOc:6 NAME 'olcIncludeFile' DESC 'OpenLDAP
configura
tion include file' SUP olcConfig STRUCTURAL MUST olcInclude MAY ( cn $
olcRoo
tDSE ) )
olcObjectClasses: ( OLcfgGlOc:7 NAME 'olcFrontendConfig' DESC 'OpenLDAP
fronte
nd configuration' AUXILIARY MAY ( olcDefaultSearchBase $
olcPasswordHash $ ol
cSortVals ) )
olcObjectClasses: ( OLcfgGlOc:8 NAME 'olcModuleList' DESC 'OpenLDAP
dynamic mo
dule info' SUP olcConfig STRUCTURAL MAY ( cn $ olcModulePath $
olcModuleLoad
) )
olcObjectClasses: ( OLcfgDbOc:2.1 NAME 'olcLdifConfig' DESC 'LDIF
backend conf
iguration' SUP olcDatabaseConfig STRUCTURAL MUST olcDbDirectory )
olcObjectClasses: ( OLcfgDbOc:1.2 NAME 'olcHdbConfig' DESC 'HDB backend
config
uration' SUP olcDatabaseConfig STRUCTURAL MUST olcDbDirectory MAY (
olcDbCach
eSize $ olcDbCheckpoint $ olcDbConfig $ olcDbCryptFile $ olcDbCryptKey
$ olcD
bNoSync $ olcDbDirtyRead $ olcDbIDLcacheSize $ olcDbIndex $
olcDbLinearIndex
$ olcDbLockDetect $ olcDbMode $ olcDbSearchStack $ olcDbShmKey $
olcDbCacheFr
ee $ olcDbDNcacheSize $ olcDbPageSize ) )
olcObjectClasses: ( OLcfgOvOc:1.1 NAME 'olcSyncProvConfig' DESC
'SyncRepl Prov
ider configuration' SUP olcOverlayConfig STRUCTURAL MAY (
olcSpCheckpoint $ o
lcSpSessionlog $ olcSpNoPresent $ olcSpReloadHint ) )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.1 DESC 'ACI Item'
X-BINARY-TRANS
FER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.2 DESC 'Access Point'
X-NOT-HUMA
N-READABLE 'TRUE' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.3 DESC 'Attribute Type
Descripti
on' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.4 DESC 'Audio'
X-NOT-HUMAN-READA
BLE 'TRUE' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.5 DESC 'Binary'
X-NOT-HUMAN-READ
ABLE 'TRUE' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.6 DESC 'Bit String' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.7 DESC 'Boolean' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.8 DESC 'Certificate'
X-BINARY-TR
ANSFER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.9 DESC 'Certificate List'
X-BINA
RY-TRANSFER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.10 DESC 'Certificate Pair'
X-BIN
ARY-TRANSFER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.11.10.2.1 DESC 'X.509
AttributeCertifi
cate' X-BINARY-TRANSFER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.12 DESC 'Distinguished Name' )
olcLdapSyntaxes: ( 1.2.36.79672281.1.5.0 DESC 'RDN' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.13 DESC 'Data Quality' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.14 DESC 'Delivery Method' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.15 DESC 'Directory String' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.16 DESC 'DIT Content Rule
Descri
ption' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.17 DESC 'DIT Structure
Rule Desc
ription' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.19 DESC 'DSA Quality' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.20 DESC 'DSE Type' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.21 DESC 'Enhanced Guide' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.22 DESC 'Facsimile
Telephone Num
ber' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.23 DESC 'Fax'
X-NOT-HUMAN-READAB
LE 'TRUE' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.24 DESC 'Generalized Time' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.25 DESC 'Guide' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.26 DESC 'IA5 String' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.27 DESC 'Integer' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.28 DESC 'JPEG'
X-NOT-HUMAN-READA
BLE 'TRUE' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.29 DESC 'Master And Shadow
Acces
s Points' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.30 DESC 'Matching Rule
Descripti
on' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.31 DESC 'Matching Rule Use
Descr
iption' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.32 DESC 'Mail Preference' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.33 DESC 'MHS OR Address' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.34 DESC 'Name And Optional
UID'
)
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.35 DESC 'Name Form
Description'
)
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.36 DESC 'Numeric String' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.37 DESC 'Object Class
Descriptio
n' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.38 DESC 'OID' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.39 DESC 'Other Mailbox' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.40 DESC 'Octet String' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.41 DESC 'Postal Address' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.42 DESC 'Protocol
Information' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.43 DESC 'Presentation
Address' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.44 DESC 'Printable String' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.11 DESC 'Country String' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.45 DESC
'SubtreeSpecification' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.49 DESC 'Supported
Algorithm' X-
BINARY-TRANSFER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.50 DESC 'Telephone Number' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.51 DESC 'Teletex Terminal
Identi
fier' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.52 DESC 'Telex Number' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.54 DESC 'LDAP Syntax
Description
' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.55 DESC 'Modify Rights' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.56 DESC 'LDAP Schema
Definition'
)
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.57 DESC 'LDAP Schema
Description
' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.58 DESC 'Substring
Assertion' )
olcLdapSyntaxes: ( 1.3.6.1.1.1.0.0 DESC 'RFC2307 NIS Netgroup Triple' )
olcLdapSyntaxes: ( 1.3.6.1.1.1.0.1 DESC 'RFC2307 Boot Parameter' )
olcLdapSyntaxes: ( 1.3.6.1.1.15.1 DESC 'Certificate Exact Assertion' )
olcLdapSyntaxes: ( 1.3.6.1.1.15.2 DESC 'Certificate Assertion' )
olcLdapSyntaxes: ( 1.3.6.1.1.15.3 DESC 'Certificate Pair Exact Assertion' )
olcLdapSyntaxes: ( 1.3.6.1.1.15.4 DESC 'Certificate Pair Assertion' )
olcLdapSyntaxes: ( 1.3.6.1.1.15.5 DESC 'Certificate List Exact Assertion' )
olcLdapSyntaxes: ( 1.3.6.1.1.15.6 DESC 'Certificate List Assertion' )
olcLdapSyntaxes: ( 1.3.6.1.1.15.7 DESC 'Algorithm Identifier' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.11.10.2.2 DESC
'AttributeCertificate E
xact Assertion' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.11.10.2.3 DESC
'AttributeCertificate A
ssertion' )
olcLdapSyntaxes: ( 1.3.6.1.1.16.1 DESC 'UUID' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.11.2.1 DESC 'CSN' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.11.2.4 DESC 'CSN SID' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.1.1.1 DESC 'OpenLDAP void' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.2.7 DESC 'OpenLDAP authz' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.2.1 DESC 'OpenLDAP Experimental
ACI' )
dn: cn={0}core,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: {0}core
olcAttributeTypes: {0}( 2.5.4.2 NAME 'knowledgeInformation' DESC
'RFC2256: kno
wledge information' EQUALITY caseIgnoreMatch SYNTAX
1.3.6.1.4.1.1466.115.121.
1.15{32768} )
olcAttributeTypes: {1}( 2.5.4.4 NAME ( 'sn' 'surname' ) DESC 'RFC2256:
last (f
amily) name(s) for which the entity is known by' SUP name )
olcAttributeTypes: {2}( 2.5.4.5 NAME 'serialNumber' DESC 'RFC2256:
serial numb
er of the entity' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMatch S
YNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} )
olcAttributeTypes: {3}( 2.5.4.6 NAME ( 'c' 'countryName' ) DESC
'RFC2256: ISO-
3166 country 2-letter code' SUP name SINGLE-VALUE )
olcAttributeTypes: {4}( 2.5.4.7 NAME ( 'l' 'localityName' ) DESC
'RFC2256: loc
ality which this object resides in' SUP name )
olcAttributeTypes: {5}( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' ) DESC
'RFC2
256: state or province which this object resides in' SUP name )
olcAttributeTypes: {6}( 2.5.4.9 NAME ( 'street' 'streetAddress' ) DESC
'RFC225
6: street address of this object' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreS
ubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
olcAttributeTypes: {7}( 2.5.4.10 NAME ( 'o' 'organizationName' ) DESC
'RFC2256
: organization this object belongs to' SUP name )
olcAttributeTypes: {8}( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' )
DESC '
RFC2256: organizational unit this object belongs to' SUP name )
olcAttributeTypes: {9}( 2.5.4.12 NAME 'title' DESC 'RFC2256: title
associated
with the entity' SUP name )
olcAttributeTypes: {10}( 2.5.4.14 NAME 'searchGuide' DESC 'RFC2256:
search gui
de, deprecated by enhancedSearchGuide' SYNTAX
1.3.6.1.4.1.1466.115.121.1.25 )
olcAttributeTypes: {11}( 2.5.4.15 NAME 'businessCategory' DESC 'RFC2256:
busin
ess category' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
SYNTA
X 1.3.6.1.4.1.1466.115.121.1.15{128} )
olcAttributeTypes: {12}( 2.5.4.16 NAME 'postalAddress' DESC 'RFC2256:
postal a
ddress' EQUALITY caseIgnoreListMatch SUBSTR
caseIgnoreListSubstringsMatch SYN
TAX 1.3.6.1.4.1.1466.115.121.1.41 )
olcAttributeTypes: {13}( 2.5.4.17 NAME 'postalCode' DESC 'RFC2256:
postal code
' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
1.3.6.1.4.
1.1466.115.121.1.15{40} )
olcAttributeTypes: {14}( 2.5.4.18 NAME 'postOfficeBox' DESC 'RFC2256:
Post Off
ice Box' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3
.6.1.4.1.1466.115.121.1.15{40} )
olcAttributeTypes: {15}( 2.5.4.19 NAME 'physicalDeliveryOfficeName' DESC
'RFC2
256: Physical Delivery Office Name' EQUALITY caseIgnoreMatch SUBSTR
caseIgnor
eSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
olcAttributeTypes: {16}( 2.5.4.20 NAME 'telephoneNumber' DESC 'RFC2256:
Teleph
one Number' EQUALITY telephoneNumberMatch SUBSTR
telephoneNumberSubstringsMat
ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} )
olcAttributeTypes: {17}( 2.5.4.21 NAME 'telexNumber' DESC 'RFC2256:
Telex Numb
er' SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 )
olcAttributeTypes: {18}( 2.5.4.22 NAME 'teletexTerminalIdentifier' DESC
'RFC22
56: Teletex Terminal Identifier' SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 )
olcAttributeTypes: {19}( 2.5.4.23 NAME ( 'facsimileTelephoneNumber'
'fax' ) DE
SC 'RFC2256: Facsimile (Fax) Telephone Number' SYNTAX
1.3.6.1.4.1.1466.115.12
1.1.22 )
olcAttributeTypes: {20}( 2.5.4.24 NAME 'x121Address' DESC 'RFC2256:
X.121 Addr
ess' EQUALITY numericStringMatch SUBSTR numericStringSubstringsMatch
SYNTAX 1
.3.6.1.4.1.1466.115.121.1.36{15} )
olcAttributeTypes: {21}( 2.5.4.25 NAME 'internationaliSDNNumber' DESC
'RFC2256
: international ISDN number' EQUALITY numericStringMatch SUBSTR
numericString
SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} )
olcAttributeTypes: {22}( 2.5.4.26 NAME 'registeredAddress' DESC
'RFC2256: regi
stered postal address' SUP postalAddress SYNTAX
1.3.6.1.4.1.1466.115.121.1.41
)
olcAttributeTypes: {23}( 2.5.4.27 NAME 'destinationIndicator' DESC
'RFC2256: d
estination indicator' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMat
ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} )
olcAttributeTypes: {24}( 2.5.4.28 NAME 'preferredDeliveryMethod' DESC
'RFC2256
: preferred delivery method' SYNTAX 1.3.6.1.4.1.1466.115.121.1.14
SINGLE-VALU
E )
olcAttributeTypes: {25}( 2.5.4.29 NAME 'presentationAddress' DESC
'RFC2256: pr
esentation address' EQUALITY presentationAddressMatch SYNTAX
1.3.6.1.4.1.1466
.115.121.1.43 SINGLE-VALUE )
olcAttributeTypes: {26}( 2.5.4.30 NAME 'supportedApplicationContext'
DESC 'RFC
2256: supported application context' EQUALITY objectIdentifierMatch
SYNTAX 1.
3.6.1.4.1.1466.115.121.1.38 )
olcAttributeTypes: {27}( 2.5.4.31 NAME 'member' DESC 'RFC2256: member of
a gro
up' SUP distinguishedName )
olcAttributeTypes: {28}( 2.5.4.32 NAME 'owner' DESC 'RFC2256: owner (of
the ob
ject)' SUP distinguishedName )
olcAttributeTypes: {29}( 2.5.4.33 NAME 'roleOccupant' DESC 'RFC2256:
occupant
of role' SUP distinguishedName )
olcAttributeTypes: {30}( 2.5.4.36 NAME 'userCertificate' DESC 'RFC2256:
X.509
user certificate, use ;binary' EQUALITY certificateExactMatch SYNTAX
1.3.6.1.
4.1.1466.115.121.1.8 )
olcAttributeTypes: {31}( 2.5.4.37 NAME 'cACertificate' DESC 'RFC2256:
X.509 CA
certificate, use ;binary' EQUALITY certificateExactMatch SYNTAX
1.3.6.1.4.1.
1466.115.121.1.8 )
olcAttributeTypes: {32}( 2.5.4.38 NAME 'authorityRevocationList' DESC
'RFC2256
: X.509 authority revocation list, use ;binary' SYNTAX
1.3.6.1.4.1.1466.115.1
21.1.9 )
olcAttributeTypes: {33}( 2.5.4.39 NAME 'certificateRevocationList' DESC
'RFC22
56: X.509 certificate revocation list, use ;binary' SYNTAX
1.3.6.1.4.1.1466.1
15.121.1.9 )
olcAttributeTypes: {34}( 2.5.4.40 NAME 'crossCertificatePair' DESC
'RFC2256: X
.509 cross certificate pair, use ;binary' SYNTAX
1.3.6.1.4.1.1466.115.121.1.1
0 )
olcAttributeTypes: {35}( 2.5.4.42 NAME ( 'givenName' 'gn' ) DESC
'RFC2256: fir
st name(s) for which the entity is known by' SUP name )
olcAttributeTypes: {36}( 2.5.4.43 NAME 'initials' DESC 'RFC2256:
initials of s
ome or all of names, but not the surname(s).' SUP name )
olcAttributeTypes: {37}( 2.5.4.44 NAME 'generationQualifier' DESC
'RFC2256: na
me qualifier indicating a generation' SUP name )
olcAttributeTypes: {38}( 2.5.4.45 NAME 'x500UniqueIdentifier' DESC
'RFC2256: X
.500 unique identifier' EQUALITY bitStringMatch SYNTAX
1.3.6.1.4.1.1466.115.1
21.1.6 )
olcAttributeTypes: {39}( 2.5.4.46 NAME 'dnQualifier' DESC 'RFC2256: DN
qualifi
er' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR
caseIgno
reSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 )
olcAttributeTypes: {40}( 2.5.4.47 NAME 'enhancedSearchGuide' DESC
'RFC2256: en
hanced search guide' SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 )
olcAttributeTypes: {41}( 2.5.4.48 NAME 'protocolInformation' DESC
'RFC2256: pr
otocol information' EQUALITY protocolInformationMatch SYNTAX
1.3.6.1.4.1.1466
.115.121.1.42 )
olcAttributeTypes: {42}( 2.5.4.50 NAME 'uniqueMember' DESC 'RFC2256:
unique me
mber of a group' EQUALITY uniqueMemberMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1
.34 )
olcAttributeTypes: {43}( 2.5.4.51 NAME 'houseIdentifier' DESC 'RFC2256:
house
identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
SYNTAX
1.3.6.1.4.1.1466.115.121.1.15{32768} )
olcAttributeTypes: {44}( 2.5.4.52 NAME 'supportedAlgorithms' DESC
'RFC2256: su
pported algorithms' SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 )
olcAttributeTypes: {45}( 2.5.4.53 NAME 'deltaRevocationList' DESC
'RFC2256: de
lta revocation list; use ;binary' SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
olcAttributeTypes: {46}( 2.5.4.54 NAME 'dmdName' DESC 'RFC2256: name of
DMD' S
UP name )
olcAttributeTypes: {47}( 2.5.4.65 NAME 'pseudonym' DESC 'X.520(4th):
pseudonym
for the object' SUP name )
olcAttributeTypes: {48}( 0.9.2342.19200300.100.1.3 NAME ( 'mail'
'rfc822Mailbo
x' ) DESC 'RFC1274: RFC822 Mailbox' EQUALITY caseIgnoreIA5Match
SUBSTR ca
seIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
olcAttributeTypes: {49}( 0.9.2342.19200300.100.1.25 NAME ( 'dc'
'domainCompone
nt' ) DESC 'RFC1274/2247: domain component' EQUALITY caseIgnoreIA5Match
SUBST
R caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VA
LUE )
olcAttributeTypes: {50}( 0.9.2342.19200300.100.1.37 NAME
'associatedDomain' DE
SC 'RFC1274: domain associated with object' EQUALITY caseIgnoreIA5Match
SUBST
R caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
olcAttributeTypes: {51}( 1.2.840.113549.1.9.1 NAME ( 'email'
'emailAddress' 'p
kcs9email' ) DESC 'RFC3280: legacy attribute for email addresses in
DNs' EQUA
LITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX
1.3.6.1.4.
1.1466.115.121.1.26{128} )
olcObjectClasses: {0}( 2.5.6.2 NAME 'country' DESC 'RFC2256: a country'
SUP to
p STRUCTURAL MUST c MAY ( searchGuide $ description ) )
olcObjectClasses: {1}( 2.5.6.3 NAME 'locality' DESC 'RFC2256: a
locality' SUP
top STRUCTURAL MAY ( street $ seeAlso $ searchGuide $ st $ l $
description )
)
olcObjectClasses: {2}( 2.5.6.4 NAME 'organization' DESC 'RFC2256: an
organizat
ion' SUP top STRUCTURAL MUST o MAY ( userPassword $ searchGuide $
seeAlso $ b
usinessCategory $ x121Address $ registeredAddress $
destinationIndicator $ pr
eferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
telephoneNu
mber $ internationaliSDNNumber $ facsimileTelephoneNumber $ street $
postOff
iceBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName $ st $
l $ d
escription ) )
olcObjectClasses: {3}( 2.5.6.5 NAME 'organizationalUnit' DESC 'RFC2256:
an org
anizational unit' SUP top STRUCTURAL MUST ou MAY ( userPassword $
searchGuide
$ seeAlso $ businessCategory $ x121Address $ registeredAddress $
destination
Indicator $ preferredDeliveryMethod $ telexNumber $
teletexTerminalIdentifier
$ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber
$ str
eet $ postOfficeBox $ postalCode $ postalAddress $
physicalDeliveryOfficeName
$ st $ l $ description ) )
olcObjectClasses: {4}( 2.5.6.6 NAME 'person' DESC 'RFC2256: a person'
SUP top
STRUCTURAL MUST ( sn $ cn ) MAY ( userPassword $ telephoneNumber $
seeAlso $
description ) )
olcObjectClasses: {5}( 2.5.6.7 NAME 'organizationalPerson' DESC
'RFC2256: an o
rganizational person' SUP person STRUCTURAL MAY ( title $ x121Address $
regis
teredAddress $ destinationIndicator $ preferredDeliveryMethod $
telexNumber $
teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber
$ fac
simileTelephoneNumber $ street $ postOfficeBox $ postalCode $
postalAddress $
physicalDeliveryOfficeName $ ou $ st $ l ) )
olcObjectClasses: {6}( 2.5.6.8 NAME 'organizationalRole' DESC 'RFC2256:
an org
anizational role' SUP top STRUCTURAL MUST cn MAY ( x121Address $
registeredAd
dress $ destinationIndicator $ preferredDeliveryMethod $ telexNumber $
telete
xTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $
facsimileTe
lephoneNumber $ seeAlso $ roleOccupant $ preferredDeliveryMethod $
street $ p
ostOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName
$ ou $
st $ l $ description ) )
olcObjectClasses: {7}( 2.5.6.9 NAME 'groupOfNames' DESC 'RFC2256: a
group of n
ames (DNs)' SUP top STRUCTURAL MUST ( member $ cn ) MAY (
businessCategory $
seeAlso $ owner $ ou $ o $ description ) )
olcObjectClasses: {8}( 2.5.6.10 NAME 'residentialPerson' DESC 'RFC2256:
an res
idential person' SUP person STRUCTURAL MUST l MAY ( businessCategory $
x121Ad
dress $ registeredAddress $ destinationIndicator $
preferredDeliveryMethod $
telexNumber $ teletexTerminalIdentifier $ telephoneNumber $
internationaliSDN
Number $ facsimileTelephoneNumber $ preferredDeliveryMethod $ street $
postOf
ficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName $ st
$ l )
)
olcObjectClasses: {9}( 2.5.6.11 NAME 'applicationProcess' DESC 'RFC2256:
an ap
plication process' SUP top STRUCTURAL MUST cn MAY ( seeAlso $ ou $ l $
descri
ption ) )
olcObjectClasses: {10}( 2.5.6.12 NAME 'applicationEntity' DESC 'RFC2256:
an ap
plication entity' SUP top STRUCTURAL MUST ( presentationAddress $ cn )
MAY (
supportedApplicationContext $ seeAlso $ ou $ o $ l $ description ) )
olcObjectClasses: {11}( 2.5.6.13 NAME 'dSA' DESC 'RFC2256: a directory
system
agent (a server)' SUP applicationEntity STRUCTURAL MAY
knowledgeInformation )
olcObjectClasses: {12}( 2.5.6.14 NAME 'device' DESC 'RFC2256: a device'
SUP to
p STRUCTURAL MUST cn MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l
$ desc
ription ) )
olcObjectClasses: {13}( 2.5.6.15 NAME 'strongAuthenticationUser' DESC
'RFC2256
: a strong authentication user' SUP top AUXILIARY MUST userCertificate )
olcObjectClasses: {14}( 2.5.6.16 NAME 'certificationAuthority' DESC
'RFC2256:
a certificate authority' SUP top AUXILIARY MUST (
authorityRevocationList $ c
ertificateRevocationList $ cACertificate ) MAY crossCertificatePair )
olcObjectClasses: {15}( 2.5.6.17 NAME 'groupOfUniqueNames' DESC
'RFC2256: a gr
oup of unique names (DN and Unique Identifier)' SUP top STRUCTURAL MUST
( uni
queMember $ cn ) MAY ( businessCategory $ seeAlso $ owner $ ou $ o $
descript
ion ) )
olcObjectClasses: {16}( 2.5.6.18 NAME 'userSecurityInformation' DESC
'RFC2256:
a user security information' SUP top AUXILIARY MAY (
supportedAlgorithms ) )
olcObjectClasses: {17}( 2.5.6.16.2 NAME 'certificationAuthority-V2' SUP
certif
icationAuthority AUXILIARY MAY ( deltaRevocationList ) )
olcObjectClasses: {18}( 2.5.6.19 NAME 'cRLDistributionPoint' SUP top
STRUCTURA
L MUST ( cn ) MAY ( certificateRevocationList $ authorityRevocationList
$ del
taRevocationList ) )
olcObjectClasses: {19}( 2.5.6.20 NAME 'dmd' SUP top STRUCTURAL MUST (
dmdName
) MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
x121Address
$ registeredAddress $ destinationIndicator $ preferredDeliveryMethod $
telex
Number $ teletexTerminalIdentifier $ telephoneNumber $
internationaliSDNNumbe
r $ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
postalAd
dress $ physicalDeliveryOfficeName $ st $ l $ description ) )
olcObjectClasses: {20}( 2.5.6.21 NAME 'pkiUser' DESC 'RFC2587: a PKI
user' SUP
top AUXILIARY MAY userCertificate )
olcObjectClasses: {21}( 2.5.6.22 NAME 'pkiCA' DESC 'RFC2587: PKI
certificate a
uthority' SUP top AUXILIARY MAY ( authorityRevocationList $
certificateRevoca
tionList $ cACertificate $ crossCertificatePair ) )
olcObjectClasses: {22}( 2.5.6.23 NAME 'deltaCRL' DESC 'RFC2587: PKI
user' SUP
top AUXILIARY MAY deltaRevocationList )
olcObjectClasses: {23}( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject'
DESC 'RFC
2079: object that contains the URI attribute type' MAY ( labeledURI )
SUP top
AUXILIARY )
olcObjectClasses: {24}( 0.9.2342.19200300.100.4.19 NAME
'simpleSecurityObject'
DESC 'RFC1274: simple security object' SUP top AUXILIARY MUST
userPassword )
olcObjectClasses: {25}( 1.3.6.1.4.1.1466.344 NAME 'dcObject' DESC
'RFC2247: do
main component object' SUP top AUXILIARY MUST dc )
olcObjectClasses: {26}( 1.3.6.1.1.3.1 NAME 'uidObject' DESC 'RFC2377:
uid obje
ct' SUP top AUXILIARY MUST uid )
dn: cn={1}cosine,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: {1}cosine
olcAttributeTypes: {0}( 0.9.2342.19200300.100.1.2 NAME
'textEncodedORAddress'
EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
1.3.6.1.4.1.
1466.115.121.1.15{256} )
olcAttributeTypes: {1}( 0.9.2342.19200300.100.1.4 NAME 'info' DESC
'RFC1274: g
eneral information' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{2048} )
olcAttributeTypes: {2}( 0.9.2342.19200300.100.1.5 NAME ( 'drink'
'favouriteDri
nk' ) DESC 'RFC1274: favorite drink' EQUALITY caseIgnoreMatch SUBSTR
caseIgno
reSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
olcAttributeTypes: {3}( 0.9.2342.19200300.100.1.6 NAME 'roomNumber' DESC
'RFC1
274: room number' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMatch S
YNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
olcAttributeTypes: {4}( 0.9.2342.19200300.100.1.7 NAME 'photo' DESC
'RFC1274:
photo (G3 fax)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.23{25000} )
olcAttributeTypes: {5}( 0.9.2342.19200300.100.1.8 NAME 'userClass' DESC
'RFC12
74: category of user' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMat
ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
olcAttributeTypes: {6}( 0.9.2342.19200300.100.1.9 NAME 'host' DESC
'RFC1274: h
ost computer' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
SYNTA
X 1.3.6.1.4.1.1466.115.121.1.15{256} )
olcAttributeTypes: {7}( 0.9.2342.19200300.100.1.10 NAME 'manager' DESC
'RFC127
4: DN of manager' EQUALITY distinguishedNameMatch SYNTAX
1.3.6.1.4.1.1466.115
.121.1.12 )
olcAttributeTypes: {8}( 0.9.2342.19200300.100.1.11 NAME
'documentIdentifier' D
ESC 'RFC1274: unique identifier of document' EQUALITY caseIgnoreMatch
SUBSTR
caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
olcAttributeTypes: {9}( 0.9.2342.19200300.100.1.12 NAME 'documentTitle'
DESC '
RFC1274: title of document' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstri
ngsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
olcAttributeTypes: {10}( 0.9.2342.19200300.100.1.13 NAME
'documentVersion' DES
C 'RFC1274: version of document' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSu
bstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
olcAttributeTypes: {11}( 0.9.2342.19200300.100.1.14 NAME
'documentAuthor' DESC
'RFC1274: DN of author of document' EQUALITY distinguishedNameMatch
SYNTAX 1
.3.6.1.4.1.1466.115.121.1.12 )
olcAttributeTypes: {12}( 0.9.2342.19200300.100.1.15 NAME
'documentLocation' DE
SC 'RFC1274: location of document original' EQUALITY caseIgnoreMatch
SUBSTR c
aseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
olcAttributeTypes: {13}( 0.9.2342.19200300.100.1.20 NAME ( 'homePhone'
'homeTe
lephoneNumber' ) DESC 'RFC1274: home telephone number' EQUALITY
telephoneNumb
erMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121
.1.50 )
olcAttributeTypes: {14}( 0.9.2342.19200300.100.1.21 NAME 'secretary'
DESC 'RFC
1274: DN of secretary' EQUALITY distinguishedNameMatch SYNTAX
1.3.6.1.4.1.146
6.115.121.1.12 )
olcAttributeTypes: {15}( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox'
SYNTAX
1.3.6.1.4.1.1466.115.121.1.39 )
olcAttributeTypes: {16}( 0.9.2342.19200300.100.1.26 NAME 'aRecord'
EQUALITY ca
seIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
olcAttributeTypes: {17}( 0.9.2342.19200300.100.1.27 NAME 'mDRecord'
EQUALITY c
aseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
olcAttributeTypes: {18}( 0.9.2342.19200300.100.1.28 NAME 'mXRecord'
EQUALITY c
aseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
olcAttributeTypes: {19}( 0.9.2342.19200300.100.1.29 NAME 'nSRecord'
EQUALITY c
aseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
olcAttributeTypes: {20}( 0.9.2342.19200300.100.1.30 NAME 'sOARecord'
EQUALITY
caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
olcAttributeTypes: {21}( 0.9.2342.19200300.100.1.31 NAME 'cNAMERecord'
EQUALIT
Y caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
olcAttributeTypes: {22}( 0.9.2342.19200300.100.1.38 NAME
'associatedName' DESC
'RFC1274: DN of entry associated with domain' EQUALITY
distinguishedNameMatc
h SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
olcAttributeTypes: {23}( 0.9.2342.19200300.100.1.39 NAME
'homePostalAddress' D
ESC 'RFC1274: home postal address' EQUALITY caseIgnoreListMatch SUBSTR
caseIg
noreListSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
olcAttributeTypes: {24}( 0.9.2342.19200300.100.1.40 NAME 'personalTitle'
DESC
'RFC1274: personal title' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstring
sMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
olcAttributeTypes: {25}( 0.9.2342.19200300.100.1.41 NAME ( 'mobile'
'mobileTel
ephoneNumber' ) DESC 'RFC1274: mobile telephone number' EQUALITY
telephoneNum
berMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.12
1.1.50 )
olcAttributeTypes: {26}( 0.9.2342.19200300.100.1.42 NAME ( 'pager'
'pagerTelep
honeNumber' ) DESC 'RFC1274: pager telephone number' EQUALITY
telephoneNumber
Match SUBSTR telephoneNumberSubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1
.50 )
olcAttributeTypes: {27}( 0.9.2342.19200300.100.1.43 NAME ( 'co'
'friendlyCount
ryName' ) DESC 'RFC1274: friendly country name' EQUALITY
caseIgnoreMatch SUBS
TR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
olcAttributeTypes: {28}( 0.9.2342.19200300.100.1.44 NAME
'uniqueIdentifier' DE
SC 'RFC1274: unique identifer' EQUALITY caseIgnoreMatch SYNTAX
1.3.6.1.4.1.14
66.115.121.1.15{256} )
olcAttributeTypes: {29}( 0.9.2342.19200300.100.1.45 NAME
'organizationalStatus
' DESC 'RFC1274: organizational status' EQUALITY caseIgnoreMatch SUBSTR
caseI
gnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
olcAttributeTypes: {30}( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox'
DESC '
RFC1274: Janet mailbox' EQUALITY caseIgnoreIA5Match SUBSTR
caseIgnoreIA5Subst
ringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
olcAttributeTypes: {31}( 0.9.2342.19200300.100.1.47 NAME
'mailPreferenceOption
' DESC 'RFC1274: mail preference option' SYNTAX
1.3.6.1.4.1.1466.115.121.1.27
)
olcAttributeTypes: {32}( 0.9.2342.19200300.100.1.48 NAME 'buildingName'
DESC '
RFC1274: name of building' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstrin
gsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
olcAttributeTypes: {33}( 0.9.2342.19200300.100.1.49 NAME 'dSAQuality'
DESC 'RF
C1274: DSA Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1.19 SINGLE-VALUE )
olcAttributeTypes: {34}( 0.9.2342.19200300.100.1.50 NAME
'singleLevelQuality'
DESC 'RFC1274: Single Level Quality' SYNTAX
1.3.6.1.4.1.1466.115.121.1.13 SIN
GLE-VALUE )
olcAttributeTypes: {35}( 0.9.2342.19200300.100.1.51 NAME
'subtreeMinimumQualit
y' DESC 'RFC1274: Subtree Mininum Quality' SYNTAX
1.3.6.1.4.1.1466.115.121.1.
13 SINGLE-VALUE )
olcAttributeTypes: {36}( 0.9.2342.19200300.100.1.52 NAME
'subtreeMaximumQualit
y' DESC 'RFC1274: Subtree Maximun Quality' SYNTAX
1.3.6.1.4.1.1466.115.121.1.
13 SINGLE-VALUE )
olcAttributeTypes: {37}( 0.9.2342.19200300.100.1.53 NAME
'personalSignature' D
ESC 'RFC1274: Personal Signature (G3 fax)' SYNTAX
1.3.6.1.4.1.1466.115.121.1.
23 )
olcAttributeTypes: {38}( 0.9.2342.19200300.100.1.54 NAME 'dITRedirect'
DESC 'R
FC1274: DIT Redirect' EQUALITY distinguishedNameMatch SYNTAX
1.3.6.1.4.1.1466
.115.121.1.12 )
olcAttributeTypes: {39}( 0.9.2342.19200300.100.1.55 NAME 'audio' DESC
'RFC1274
: audio (u-law)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.4{25000} )
olcAttributeTypes: {40}( 0.9.2342.19200300.100.1.56 NAME
'documentPublisher' D
ESC 'RFC1274: publisher of document' EQUALITY caseIgnoreMatch SUBSTR
caseIgno
reSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
olcObjectClasses: {0}( 0.9.2342.19200300.100.4.4 NAME ( 'pilotPerson'
'newPilo
tPerson' ) SUP person STRUCTURAL MAY ( userid $ textEncodedORAddress $
rfc822
Mailbox $ favouriteDrink $ roomNumber $ userClass $ homeTelephoneNumber
$ hom
ePostalAddress $ secretary $ personalTitle $ preferredDeliveryMethod $
busine
ssCategory $ janetMailbox $ otherMailbox $ mobileTelephoneNumber $
pagerTelep
honeNumber $ organizationalStatus $ mailPreferenceOption $
personalSignature
) )
olcObjectClasses: {1}( 0.9.2342.19200300.100.4.5 NAME 'account' SUP top
STRUCT
URAL MUST userid MAY ( description $ seeAlso $ localityName $
organizationNam
e $ organizationalUnitName $ host ) )
olcObjectClasses: {2}( 0.9.2342.19200300.100.4.6 NAME 'document' SUP top
STRUC
TURAL MUST documentIdentifier MAY ( commonName $ description $ seeAlso
$ loca
lityName $ organizationName $ organizationalUnitName $ documentTitle $
docume
ntVersion $ documentAuthor $ documentLocation $ documentPublisher ) )
olcObjectClasses: {3}( 0.9.2342.19200300.100.4.7 NAME 'room' SUP top
STRUCTURA
L MUST commonName MAY ( roomNumber $ description $ seeAlso $
telephoneNumber
) )
olcObjectClasses: {4}( 0.9.2342.19200300.100.4.9 NAME 'documentSeries'
SUP top
STRUCTURAL MUST commonName MAY ( description $ seeAlso $
telephonenumber $ l
ocalityName $ organizationName $ organizationalUnitName ) )
olcObjectClasses: {5}( 0.9.2342.19200300.100.4.13 NAME 'domain' SUP top
STRUCT
URAL MUST domainComponent MAY ( associatedName $ organizationName $
descripti
on $ businessCategory $ seeAlso $ searchGuide $ userPassword $
localityName $
stateOrProvinceName $ streetAddress $ physicalDeliveryOfficeName $
postalAdd
ress $ postalCode $ postOfficeBox $ streetAddress $
facsimileTelephoneNumber
$ internationalISDNNumber $ telephoneNumber $ teletexTerminalIdentifier
$ tel
exNumber $ preferredDeliveryMethod $ destinationIndicator $
registeredAddress
$ x121Address ) )
olcObjectClasses: {6}( 0.9.2342.19200300.100.4.14 NAME 'RFC822localPart'
SUP d
omain STRUCTURAL MAY ( commonName $ surname $ description $ seeAlso $
telepho
neNumber $ physicalDeliveryOfficeName $ postalAddress $ postalCode $
postOffi
ceBox $ streetAddress $ facsimileTelephoneNumber $
internationalISDNNumber $
telephoneNumber $ teletexTerminalIdentifier $ telexNumber $
preferredDelivery
Method $ destinationIndicator $ registeredAddress $ x121Address ) )
olcObjectClasses: {7}( 0.9.2342.19200300.100.4.15 NAME 'dNSDomain' SUP
domain
STRUCTURAL MAY ( ARecord $ MDRecord $ MXRecord $ NSRecord $ SOARecord $
CNAME
Record ) )
olcObjectClasses: {8}( 0.9.2342.19200300.100.4.17 NAME
'domainRelatedObject' D
ESC 'RFC1274: an object related to an domain' SUP top AUXILIARY MUST
associat
edDomain )
olcObjectClasses: {9}( 0.9.2342.19200300.100.4.18 NAME 'friendlyCountry'
SUP c
ountry STRUCTURAL MUST friendlyCountryName )
olcObjectClasses: {10}( 0.9.2342.19200300.100.4.20 NAME
'pilotOrganization' SU
P ( organization $ organizationalUnit ) STRUCTURAL MAY buildingName )
olcObjectClasses: {11}( 0.9.2342.19200300.100.4.21 NAME 'pilotDSA' SUP
dsa STR
UCTURAL MAY dSAQuality )
olcObjectClasses: {12}( 0.9.2342.19200300.100.4.22 NAME
'qualityLabelledData'
SUP top AUXILIARY MUST dsaQuality MAY ( subtreeMinimumQuality $
subtreeMaximu
mQuality ) )
dn: cn={2}nis,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: {2}nis
olcAttributeTypes: {0}( 1.3.6.1.1.1.1.2 NAME 'gecos' DESC 'The GECOS
field; th
e common name' EQUALITY caseIgnoreIA5Match SUBSTR
caseIgnoreIA5SubstringsMatc
h SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
olcAttributeTypes: {1}( 1.3.6.1.1.1.1.3 NAME 'homeDirectory' DESC 'The
absolut
e path to the home directory' EQUALITY caseExactIA5Match SYNTAX
1.3.6.1.4.1.1
466.115.121.1.26 SINGLE-VALUE )
olcAttributeTypes: {2}( 1.3.6.1.1.1.1.4 NAME 'loginShell' DESC 'The path
to th
e login shell' EQUALITY caseExactIA5Match SYNTAX
1.3.6.1.4.1.1466.115.121.1.2
6 SINGLE-VALUE )
olcAttributeTypes: {3}( 1.3.6.1.1.1.1.5 NAME 'shadowLastChange' EQUALITY
integ
erMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {4}( 1.3.6.1.1.1.1.6 NAME 'shadowMin' EQUALITY
integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {5}( 1.3.6.1.1.1.1.7 NAME 'shadowMax' EQUALITY
integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {6}( 1.3.6.1.1.1.1.8 NAME 'shadowWarning' EQUALITY
integerM
atch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {7}( 1.3.6.1.1.1.1.9 NAME 'shadowInactive' EQUALITY
integer
Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {8}( 1.3.6.1.1.1.1.10 NAME 'shadowExpire' EQUALITY
integerM
atch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {9}( 1.3.6.1.1.1.1.11 NAME 'shadowFlag' EQUALITY
integerMat
ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {10}( 1.3.6.1.1.1.1.12 NAME 'memberUid' EQUALITY
caseExactI
A5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.
26 )
olcAttributeTypes: {11}( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup'
EQUALITY ca
seExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX
1.3.6.1.4.1.1466.11
5.121.1.26 )
olcAttributeTypes: {12}( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple' DESC
'Netgr
oup triple' SYNTAX 1.3.6.1.1.1.0.0 )
olcAttributeTypes: {13}( 1.3.6.1.1.1.1.15 NAME 'ipServicePort' EQUALITY
intege
rMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {14}( 1.3.6.1.1.1.1.16 NAME 'ipServiceProtocol' SUP
name )
olcAttributeTypes: {15}( 1.3.6.1.1.1.1.17 NAME 'ipProtocolNumber'
EQUALITY int
egerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {16}( 1.3.6.1.1.1.1.18 NAME 'oncRpcNumber' EQUALITY
integer
Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {17}( 1.3.6.1.1.1.1.19 NAME 'ipHostNumber' DESC 'IP
address
' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
olcAttributeTypes: {18}( 1.3.6.1.1.1.1.20 NAME 'ipNetworkNumber' DESC
'IP netw
ork' EQUALITY caseIgnoreIA5Match SYNTAX
1.3.6.1.4.1.1466.115.121.1.26{128} SI
NGLE-VALUE )
olcAttributeTypes: {19}( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber' DESC
'IP netm
ask' EQUALITY caseIgnoreIA5Match SYNTAX
1.3.6.1.4.1.1466.115.121.1.26{128} SI
NGLE-VALUE )
olcAttributeTypes: {20}( 1.3.6.1.1.1.1.22 NAME 'macAddress' DESC 'MAC
address'
EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
olcAttributeTypes: {21}( 1.3.6.1.1.1.1.23 NAME 'bootParameter' DESC
'rpc.bootp
aramd parameter' SYNTAX 1.3.6.1.1.1.0.1 )
olcAttributeTypes: {22}( 1.3.6.1.1.1.1.24 NAME 'bootFile' DESC 'Boot
image nam
e' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
olcAttributeTypes: {23}( 1.3.6.1.1.1.1.26 NAME 'nisMapName' SUP name )
olcAttributeTypes: {24}( 1.3.6.1.1.1.1.27 NAME 'nisMapEntry' EQUALITY
caseExac
tIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.
1.26{1024} SINGLE-VALUE )
olcObjectClasses: {0}( 1.3.6.1.1.1.2.0 NAME 'posixAccount' DESC
'Abstraction o
f an account with POSIX attributes' SUP top AUXILIARY MUST ( cn $ uid $
uidNu
mber $ gidNumber $ homeDirectory ) MAY ( userPassword $ loginShell $
gecos $
description ) )
olcObjectClasses: {1}( 1.3.6.1.1.1.2.1 NAME 'shadowAccount' DESC
'Additional a
ttributes for shadow passwords' SUP top AUXILIARY MUST uid MAY (
userPassword
$ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $
shadowInactive
$ shadowExpire $ shadowFlag $ description ) )
olcObjectClasses: {2}( 1.3.6.1.1.1.2.2 NAME 'posixGroup' DESC
'Abstraction of
a group of accounts' SUP top STRUCTURAL MUST ( cn $ gidNumber ) MAY (
userPas
sword $ memberUid $ description ) )
olcObjectClasses: {3}( 1.3.6.1.1.1.2.3 NAME 'ipService' DESC
'Abstraction an I
nternet Protocol service' SUP top STRUCTURAL MUST ( cn $ ipServicePort
$ ipSe
rviceProtocol ) MAY description )
olcObjectClasses: {4}( 1.3.6.1.1.1.2.4 NAME 'ipProtocol' DESC
'Abstraction of
an IP protocol' SUP top STRUCTURAL MUST ( cn $ ipProtocolNumber $
description
) MAY description )
olcObjectClasses: {5}( 1.3.6.1.1.1.2.5 NAME 'oncRpc' DESC 'Abstraction
of an O
NC/RPC binding' SUP top STRUCTURAL MUST ( cn $ oncRpcNumber $
description ) M
AY description )
olcObjectClasses: {6}( 1.3.6.1.1.1.2.6 NAME 'ipHost' DESC 'Abstraction
of a ho
st, an IP device' SUP top AUXILIARY MUST ( cn $ ipHostNumber ) MAY ( l
$ desc
ription $ manager ) )
olcObjectClasses: {7}( 1.3.6.1.1.1.2.7 NAME 'ipNetwork' DESC
'Abstraction of a
n IP network' SUP top STRUCTURAL MUST ( cn $ ipNetworkNumber ) MAY (
ipNetmas
kNumber $ l $ description $ manager ) )
olcObjectClasses: {8}( 1.3.6.1.1.1.2.8 NAME 'nisNetgroup' DESC
'Abstraction of
a netgroup' SUP top STRUCTURAL MUST cn MAY ( nisNetgroupTriple $
memberNisNe
tgroup $ description ) )
olcObjectClasses: {9}( 1.3.6.1.1.1.2.9 NAME 'nisMap' DESC 'A generic
abstracti
on of a NIS map' SUP top STRUCTURAL MUST nisMapName MAY description )
olcObjectClasses: {10}( 1.3.6.1.1.1.2.10 NAME 'nisObject' DESC 'An entry
in a
NIS map' SUP top STRUCTURAL MUST ( cn $ nisMapEntry $ nisMapName ) MAY
descri
ption )
olcObjectClasses: {11}( 1.3.6.1.1.1.2.11 NAME 'ieee802Device' DESC 'A
device w
ith a MAC address' SUP top AUXILIARY MAY macAddress )
olcObjectClasses: {12}( 1.3.6.1.1.1.2.12 NAME 'bootableDevice' DESC 'A
device
with boot parameters' SUP top AUXILIARY MAY ( bootFile $ bootParameter ) )
dn: cn={3}inetorgperson,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: {3}inetorgperson
olcAttributeTypes: {0}( 2.16.840.1.113730.3.1.1 NAME 'carLicense' DESC
'RFC279
8: vehicle license or registration plate' EQUALITY caseIgnoreMatch
SUBSTR cas
eIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
olcAttributeTypes: {1}( 2.16.840.1.113730.3.1.2 NAME 'departmentNumber'
DESC '
RFC2798: identifies a department within an organization' EQUALITY
caseIgnoreM
atch SUBSTR caseIgnoreSubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.15 )
olcAttributeTypes: {2}( 2.16.840.1.113730.3.1.241 NAME 'displayName'
DESC 'RFC
2798: preferred name to be used when displaying entries' EQUALITY
caseIgnoreM
atch SUBSTR caseIgnoreSubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.15 SI
NGLE-VALUE )
olcAttributeTypes: {3}( 2.16.840.1.113730.3.1.3 NAME 'employeeNumber'
DESC 'RF
C2798: numerically identifies an employee within an organization'
EQUALITY ca
seIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.12
1.1.15 SINGLE-VALUE )
olcAttributeTypes: {4}( 2.16.840.1.113730.3.1.4 NAME 'employeeType' DESC
'RFC2
798: type of employment for a person' EQUALITY caseIgnoreMatch SUBSTR
caseIgn
oreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
olcAttributeTypes: {5}( 0.9.2342.19200300.100.1.60 NAME 'jpegPhoto' DESC
'RFC2
798: a JPEG image' SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 )
olcAttributeTypes: {6}( 2.16.840.1.113730.3.1.39 NAME
'preferredLanguage' DESC
'RFC2798: preferred written or spoken language for a person' EQUALITY
caseIg
noreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.
15 SINGLE-VALUE )
olcAttributeTypes: {7}( 2.16.840.1.113730.3.1.40 NAME
'userSMIMECertificate' D
ESC 'RFC2798: PKCS#7 SignedData used to support S/MIME' SYNTAX
1.3.6.1.4.1.14
66.115.121.1.5 )
olcAttributeTypes: {8}( 2.16.840.1.113730.3.1.216 NAME 'userPKCS12' DESC
'RFC2
798: personal identity information, a PKCS #12 PFX' SYNTAX
1.3.6.1.4.1.1466.1
15.121.1.5 )
olcObjectClasses: {0}( 2.16.840.1.113730.3.2.2 NAME 'inetOrgPerson' DESC
'RFC2
798: Internet Organizational Person' SUP organizationalPerson
STRUCTURAL MAY
( audio $ businessCategory $ carLicense $ departmentNumber $
displayName $ em
ployeeNumber $ employeeType $ givenName $ homePhone $ homePostalAddress
$ ini
tials $ jpegPhoto $ labeledURI $ mail $ manager $ mobile $ o $ pager $
photo
$ roomNumber $ secretary $ uid $ userCertificate $ x500uniqueIdentifier
$ pre
ferredLanguage $ userSMIMECertificate $ userPKCS12 ) )
dn: cn={4}samba,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: {4}samba
olcAttributeTypes: {0}( 1.3.6.1.4.1.7165.2.1.24 NAME 'sambaLMPassword'
DESC 'L
anManager Password' EQUALITY caseIgnoreIA5Match SYNTAX
1.3.6.1.4.1.1466.115.1
21.1.26{32} SINGLE-VALUE )
olcAttributeTypes: {1}( 1.3.6.1.4.1.7165.2.1.25 NAME 'sambaNTPassword'
DESC 'M
D4 hash of the unicode password' EQUALITY caseIgnoreIA5Match SYNTAX
1.3.6.1.4
.1.1466.115.121.1.26{32} SINGLE-VALUE )
olcAttributeTypes: {2}( 1.3.6.1.4.1.7165.2.1.26 NAME 'sambaAcctFlags'
DESC 'Ac
count Flags' EQUALITY caseIgnoreIA5Match SYNTAX
1.3.6.1.4.1.1466.115.121.1.26
{16} SINGLE-VALUE )
olcAttributeTypes: {3}( 1.3.6.1.4.1.7165.2.1.27 NAME 'sambaPwdLastSet'
DESC 'T
imestamp of the last password update' EQUALITY integerMatch SYNTAX
1.3.6.1.4.
1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {4}( 1.3.6.1.4.1.7165.2.1.28 NAME 'sambaPwdCanChange'
DESC
'Timestamp of when the user is allowed to update the password' EQUALITY
integ
erMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {5}( 1.3.6.1.4.1.7165.2.1.29 NAME
'sambaPwdMustChange' DESC
'Timestamp of when the password will expire' EQUALITY integerMatch
SYNTAX 1.
3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {6}( 1.3.6.1.4.1.7165.2.1.30 NAME 'sambaLogonTime'
DESC 'Ti
mestamp of last logon' EQUALITY integerMatch SYNTAX
1.3.6.1.4.1.1466.115.121.
1.27 SINGLE-VALUE )
olcAttributeTypes: {7}( 1.3.6.1.4.1.7165.2.1.31 NAME 'sambaLogoffTime'
DESC 'T
imestamp of last logoff' EQUALITY integerMatch SYNTAX
1.3.6.1.4.1.1466.115.12
1.1.27 SINGLE-VALUE )
olcAttributeTypes: {8}( 1.3.6.1.4.1.7165.2.1.32 NAME 'sambaKickoffTime'
DESC '
Timestamp of when the user will be logged off automatically' EQUALITY
integer
Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {9}( 1.3.6.1.4.1.7165.2.1.48 NAME
'sambaBadPasswordCount' D
ESC 'Bad password attempt count' EQUALITY integerMatch SYNTAX
1.3.6.1.4.1.146
6.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {10}( 1.3.6.1.4.1.7165.2.1.49 NAME
'sambaBadPasswordTime' D
ESC 'Time of the last bad password attempt' EQUALITY integerMatch
SYNTAX 1.3.
6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {11}( 1.3.6.1.4.1.7165.2.1.55 NAME 'sambaLogonHours'
DESC '
Logon Hours' EQUALITY caseIgnoreIA5Match SYNTAX
1.3.6.1.4.1.1466.115.121.1.26
{42} SINGLE-VALUE )
olcAttributeTypes: {12}( 1.3.6.1.4.1.7165.2.1.33 NAME 'sambaHomeDrive'
DESC 'D
river letter of home directory mapping' EQUALITY caseIgnoreIA5Match
SYNTAX 1.
3.6.1.4.1.1466.115.121.1.26{4} SINGLE-VALUE )
olcAttributeTypes: {13}( 1.3.6.1.4.1.7165.2.1.34 NAME 'sambaLogonScript'
DESC
'Logon script path' EQUALITY caseIgnoreMatch SYNTAX
1.3.6.1.4.1.1466.115.121.
1.15{255} SINGLE-VALUE )
olcAttributeTypes: {14}( 1.3.6.1.4.1.7165.2.1.35 NAME 'sambaProfilePath'
DESC
'Roaming profile path' EQUALITY caseIgnoreMatch SYNTAX
1.3.6.1.4.1.1466.115.1
21.1.15{255} SINGLE-VALUE )
olcAttributeTypes: {15}( 1.3.6.1.4.1.7165.2.1.36 NAME
'sambaUserWorkstations'
DESC 'List of user workstations the user is allowed to logon to'
EQUALITY cas
eIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE )
olcAttributeTypes: {16}( 1.3.6.1.4.1.7165.2.1.37 NAME 'sambaHomePath'
DESC 'Ho
me directory UNC path' EQUALITY caseIgnoreMatch SYNTAX
1.3.6.1.4.1.1466.115.1
21.1.15{128} )
olcAttributeTypes: {17}( 1.3.6.1.4.1.7165.2.1.38 NAME 'sambaDomainName'
DESC '
Windows NT domain to which the user belongs' EQUALITY caseIgnoreMatch
SYNTAX
1.3.6.1.4.1.1466.115.121.1.15{128} )
olcAttributeTypes: {18}( 1.3.6.1.4.1.7165.2.1.47 NAME 'sambaMungedDial'
DESC '
Base64 encoded user parameter string' EQUALITY caseExactMatch SYNTAX
1.3.6.1.
4.1.1466.115.121.1.15{1050} )
olcAttributeTypes: {19}( 1.3.6.1.4.1.7165.2.1.54 NAME
'sambaPasswordHistory' D
ESC 'Concatenated MD5 hashes of the salted NT passwords used on this
account'
EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} )
olcAttributeTypes: {20}( 1.3.6.1.4.1.7165.2.1.20 NAME 'sambaSID' DESC
'Securit
y ID' EQUALITY caseIgnoreIA5Match SUBSTR caseExactIA5SubstringsMatch
SYNTAX 1
.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE )
olcAttributeTypes: {21}( 1.3.6.1.4.1.7165.2.1.23 NAME
'sambaPrimaryGroupSID' D
ESC 'Primary Group Security ID' EQUALITY caseIgnoreIA5Match SYNTAX
1.3.6.1.4.
1.1466.115.121.1.26{64} SINGLE-VALUE )
olcAttributeTypes: {22}( 1.3.6.1.4.1.7165.2.1.51 NAME 'sambaSIDList'
DESC 'Sec
urity ID List' EQUALITY caseIgnoreIA5Match SYNTAX
1.3.6.1.4.1.1466.115.121.1.
26{64} )
olcAttributeTypes: {23}( 1.3.6.1.4.1.7165.2.1.19 NAME 'sambaGroupType'
DESC 'N
T Group Type' EQUALITY integerMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.27 SING
LE-VALUE )
olcAttributeTypes: {24}( 1.3.6.1.4.1.7165.2.1.21 NAME 'sambaNextUserRid'
DESC
'Next NT rid to give our for users' EQUALITY integerMatch SYNTAX
1.3.6.1.4.1.
1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {25}( 1.3.6.1.4.1.7165.2.1.22 NAME
'sambaNextGroupRid' DESC
'Next NT rid to give out for groups' EQUALITY integerMatch SYNTAX
1.3.6.1.4.
1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {26}( 1.3.6.1.4.1.7165.2.1.39 NAME 'sambaNextRid'
DESC 'Nex
t NT rid to give out for anything' EQUALITY integerMatch SYNTAX
1.3.6.1.4.1.1
466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {27}( 1.3.6.1.4.1.7165.2.1.40 NAME
'sambaAlgorithmicRidBase
' DESC 'Base at which the samba RID generation algorithm should
operate' EQUA
LITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {28}( 1.3.6.1.4.1.7165.2.1.41 NAME 'sambaShareName'
DESC 'S
hare Name' EQUALITY caseIgnoreMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.15 SING
LE-VALUE )
olcAttributeTypes: {29}( 1.3.6.1.4.1.7165.2.1.42 NAME 'sambaOptionName'
DESC '
Option Name' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
SYNTAX
1.3.6.1.4.1.1466.115.121.1.15{256} )
olcAttributeTypes: {30}( 1.3.6.1.4.1.7165.2.1.43 NAME 'sambaBoolOption'
DESC '
A boolean option' EQUALITY booleanMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.7 S
INGLE-VALUE )
olcAttributeTypes: {31}( 1.3.6.1.4.1.7165.2.1.44 NAME
'sambaIntegerOption' DES
C 'An integer option' EQUALITY integerMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1
.27 SINGLE-VALUE )
olcAttributeTypes: {32}( 1.3.6.1.4.1.7165.2.1.45 NAME
'sambaStringOption' DESC
'A string option' EQUALITY caseExactIA5Match SYNTAX
1.3.6.1.4.1.1466.115.121
.1.26 SINGLE-VALUE )
olcAttributeTypes: {33}( 1.3.6.1.4.1.7165.2.1.46 NAME
'sambaStringListOption'
DESC 'A string list option' EQUALITY caseIgnoreMatch SYNTAX
1.3.6.1.4.1.1466.
115.121.1.15 )
olcAttributeTypes: {34}( 1.3.6.1.4.1.7165.2.1.53 NAME 'sambaTrustFlags'
DESC '
Trust Password Flags' EQUALITY caseIgnoreIA5Match SYNTAX
1.3.6.1.4.1.1466.115
.121.1.26 )
olcAttributeTypes: {35}( 1.3.6.1.4.1.7165.2.1.58 NAME
'sambaMinPwdLength' DESC
'Minimal password length (default: 5)' EQUALITY integerMatch SYNTAX
1.3.6.1.
4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {36}( 1.3.6.1.4.1.7165.2.1.59 NAME
'sambaPwdHistoryLength'
DESC 'Length of Password History Entries (default: 0 => off)' EQUALITY
intege
rMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {37}( 1.3.6.1.4.1.7165.2.1.60 NAME
'sambaLogonToChgPwd' DES
C 'Force Users to logon for password change (default: 0 => off, 2 =>
on)' EQU
ALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {38}( 1.3.6.1.4.1.7165.2.1.61 NAME 'sambaMaxPwdAge'
DESC 'M
aximum password age, in seconds (default: -1 => never expire
passwords)' EQUA
LITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {39}( 1.3.6.1.4.1.7165.2.1.62 NAME 'sambaMinPwdAge'
DESC 'M
inimum password age, in seconds (default: 0 => allow immediate password
chang
e)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE )
olcAttributeTypes: {40}( 1.3.6.1.4.1.7165.2.1.63 NAME
'sambaLockoutDuration' D
ESC 'Lockout duration in minutes (default: 30, -1 => forever)' EQUALITY
integ
erMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {41}( 1.3.6.1.4.1.7165.2.1.64 NAME
'sambaLockoutObservation
Window' DESC 'Reset time after lockout in minutes (default: 30)'
EQUALITY int
egerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {42}( 1.3.6.1.4.1.7165.2.1.65 NAME
'sambaLockoutThreshold'
DESC 'Lockout users after bad logon attempts (default: 0 => off)'
EQUALITY in
tegerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {43}( 1.3.6.1.4.1.7165.2.1.66 NAME 'sambaForceLogoff'
DESC
'Disconnect Users outside logon hours (default: -1 => off, 0 => on)'
EQUALITY
integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {44}( 1.3.6.1.4.1.7165.2.1.67 NAME
'sambaRefuseMachinePwdCh
ange' DESC 'Allow Machine Password changes (default: 0 => off)'
EQUALITY inte
gerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {45}( 1.3.6.1.4.1.7165.2.1.68 NAME
'sambaClearTextPassword'
DESC 'Clear text password (used for trusted domain passwords)'
EQUALITY octe
tStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
olcAttributeTypes: {46}( 1.3.6.1.4.1.7165.2.1.69 NAME
'sambaPreviousClearTextP
assword' DESC 'Previous clear text password (used for trusted domain
password
s)' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
olcAttributeTypes: {47}( 1.3.6.1.4.1.7165.2.1.70 NAME 'sambaTrustType'
DESC 'T
ype of trust' EQUALITY integerMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.27 SING
LE-VALUE )
olcAttributeTypes: {48}( 1.3.6.1.4.1.7165.2.1.71 NAME
'sambaTrustAttributes' D
ESC 'Trust attributes for a trusted domain' EQUALITY integerMatch
SYNTAX 1.3.
6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {49}( 1.3.6.1.4.1.7165.2.1.72 NAME
'sambaTrustDirection' DE
SC 'Direction of a trust' EQUALITY integerMatch SYNTAX
1.3.6.1.4.1.1466.115.1
21.1.27 SINGLE-VALUE )
olcAttributeTypes: {50}( 1.3.6.1.4.1.7165.2.1.73 NAME
'sambaTrustPartner' DESC
'Fully qualified name of the domain with which a trust exists'
EQUALITY case
IgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
olcAttributeTypes: {51}( 1.3.6.1.4.1.7165.2.1.74 NAME 'sambaFlatName'
DESC 'Ne
tBIOS name of a domain' EQUALITY caseIgnoreMatch SYNTAX
1.3.6.1.4.1.1466.115.
121.1.15{128} )
olcAttributeTypes: {52}( 1.3.6.1.4.1.7165.2.1.75 NAME
'sambaTrustAuthOutgoing'
DESC 'Authentication information for the outgoing portion of a trust'
EQUALI
TY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
olcAttributeTypes: {53}( 1.3.6.1.4.1.7165.2.1.76 NAME
'sambaTrustAuthIncoming'
DESC 'Authentication information for the incoming portion of a trust'
EQUALI
TY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
olcAttributeTypes: {54}( 1.3.6.1.4.1.7165.2.1.77 NAME
'sambaSecurityIdentifier
' DESC 'SID of a trusted domain' EQUALITY caseIgnoreIA5Match SUBSTR
caseExact
IA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE )
olcAttributeTypes: {55}( 1.3.6.1.4.1.7165.2.1.78 NAME
'sambaTrustForestTrustIn
fo' DESC 'Forest trust information for a trusted domain object'
EQUALITY case
ExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
olcAttributeTypes: {56}( 1.3.6.1.4.1.7165.2.1.79 NAME
'sambaTrustPosixOffset'
DESC 'POSIX offset of a trust' EQUALITY integerMatch SYNTAX
1.3.6.1.4.1.1466.
115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {57}( 1.3.6.1.4.1.7165.2.1.80 NAME
'sambaSupportedEncryptio
nTypes' DESC 'Supported encryption types of a trust' EQUALITY
integerMatch SY
NTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcObjectClasses: {0}( 1.3.6.1.4.1.7165.2.2.6 NAME 'sambaSamAccount'
DESC 'Sam
ba 3.0 Auxilary SAM Account' SUP top AUXILIARY MUST ( uid $ sambaSID )
MAY (
cn $ sambaLMPassword $ sambaNTPassword $ sambaPwdLastSet $
sambaLogonTime $ s
ambaLogoffTime $ sambaKickoffTime $ sambaPwdCanChange $
sambaPwdMustChange $
sambaAcctFlags $ displayName $ sambaHomePath $ sambaHomeDrive $
sambaLogonScr
ipt $ sambaProfilePath $ description $ sambaUserWorkstations $
sambaPrimaryGr
oupSID $ sambaDomainName $ sambaMungedDial $ sambaBadPasswordCount $
sambaBad
PasswordTime $ sambaPasswordHistory $ sambaLogonHours ) )
olcObjectClasses: {1}( 1.3.6.1.4.1.7165.2.2.4 NAME 'sambaGroupMapping'
DESC 'S
amba Group Mapping' SUP top AUXILIARY MUST ( gidNumber $ sambaSID $
sambaGrou
pType ) MAY ( displayName $ description $ sambaSIDList ) )
olcObjectClasses: {2}( 1.3.6.1.4.1.7165.2.2.14 NAME 'sambaTrustPassword'
DESC
'Samba Trust Password' SUP top STRUCTURAL MUST ( sambaDomainName $
sambaNTPas
sword $ sambaTrustFlags ) MAY ( sambaSID $ sambaPwdLastSet ) )
olcObjectClasses: {3}( 1.3.6.1.4.1.7165.2.2.15 NAME
'sambaTrustedDomainPasswor
d' DESC 'Samba Trusted Domain Password' SUP top STRUCTURAL MUST (
sambaDomain
Name $ sambaSID $ sambaClearTextPassword $ sambaPwdLastSet ) MAY
sambaPreviou
sClearTextPassword )
olcObjectClasses: {4}( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' DESC
'Samba D
omain Information' SUP top STRUCTURAL MUST ( sambaDomainName $ sambaSID
) MAY
( sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $
sambaAlgorithmicRidB
ase $ sambaMinPwdLength $ sambaPwdHistoryLength $ sambaLogonToChgPwd $
sambaM
axPwdAge $ sambaMinPwdAge $ sambaLockoutDuration $
sambaLockoutObservationWin
dow $ sambaLockoutThreshold $ sambaForceLogoff $
sambaRefuseMachinePwdChange
) )
olcObjectClasses: {5}( 1.3.6.1.4.1.7165.2.2.7 NAME 'sambaUnixIdPool'
DESC 'Poo
l for allocating UNIX uids/gids' SUP top AUXILIARY MUST ( uidNumber $
gidNumb
er ) )
olcObjectClasses: {6}( 1.3.6.1.4.1.7165.2.2.8 NAME 'sambaIdmapEntry'
DESC 'Map
ping from a SID to an ID' SUP top AUXILIARY MUST sambaSID MAY (
uidNumber $ g
idNumber ) )
olcObjectClasses: {7}( 1.3.6.1.4.1.7165.2.2.9 NAME 'sambaSidEntry' DESC
'Struc
tural Class for a SID' SUP top STRUCTURAL MUST sambaSID )
olcObjectClasses: {8}( 1.3.6.1.4.1.7165.2.2.10 NAME 'sambaConfig' DESC
'Samba
Configuration Section' SUP top AUXILIARY MAY description )
olcObjectClasses: {9}( 1.3.6.1.4.1.7165.2.2.11 NAME 'sambaShare' DESC
'Samba S
hare Section' SUP top STRUCTURAL MUST sambaShareName MAY description )
olcObjectClasses: {10}( 1.3.6.1.4.1.7165.2.2.12 NAME 'sambaConfigOption'
DESC
'Samba Configuration Option' SUP top STRUCTURAL MUST sambaOptionName
MAY ( sa
mbaBoolOption $ sambaIntegerOption $ sambaStringOption $
sambaStringListoptio
n $ description ) )
olcObjectClasses: {11}( 1.3.6.1.4.1.7165.2.2.16 NAME
'sambaTrustedDomain' DESC
'Samba Trusted Domain Object' SUP top STRUCTURAL MUST cn MAY (
sambaTrustTyp
e $ sambaTrustAttributes $ sambaTrustDirection $ sambaTrustPartner $
sambaFla
tName $ sambaTrustAuthOutgoing $ sambaTrustAuthIncoming $
sambaSecurityIdenti
fier $ sambaTrustForestTrustInfo $ sambaTrustPosixOffset $
sambaSupportedEncr
yptionTypes ) )
dn: olcBackend={0}hdb,cn=config
objectClass: olcBackendConfig
olcBackend: {0}hdb
dn: olcDatabase={-1}frontend,cn=config
objectClass: olcDatabaseConfig
objectClass: olcFrontendConfig
olcDatabase: {-1}frontend
olcAccess: {0}to * by
dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external
,cn=auth manage by * break
olcAccess: {1}to dn.exact="" by * read
olcAccess: {2}to dn.base="cn=Subschema" by * read
olcSizeLimit: 500
dn: olcDatabase={0}config,cn=config
objectClass: olcDatabaseConfig
olcDatabase: {0}config
olcAccess: {0}to * by
dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external
,cn=auth manage by * break
dn: olcDatabase={1}hdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {1}hdb
olcDbDirectory: /var/lib/ldap
olcSuffix: dc=biomil,dc=se
olcAccess: {0}to attrs=userPassword,shadowLastChange by self write by
anonymou
s auth by dn="cn=admin,dc=biomil,dc=se" write by * none
olcAccess: {1}to dn.base="" by * read
olcAccess: {2}to * by self write by dn="cn=admin,dc=biomil,dc=se" write
by * r
ead
olcLastMod: TRUE
olcRootDN: cn=admin,dc=biomil,dc=se
olcRootPW: {SSHA}xxxxx
olcSyncrepl: {0}rid=1 provider=ldap://ch4.biomil.se bindmethod=simple
binddn="
cn=admin,dc=biomil,dc=se" credentials=xxxxxxx
searchbase="dc=biomil,dc=se" lo
gbase="cn=accesslog"
logfilter="(&(objectClass=auditWriteObject)(reqResult=0)
)" schemachecking=on type=refreshAndPersist retry="60 +"
syncdata=accesslog s
tarttls=critical tls_reqcert=demand
olcUpdateRef: ldap://ch4.biomil.se
olcDbCheckpoint: 512 30
olcDbConfig: {0}set_cachesize 0 2097152 0
olcDbConfig: {1}set_lk_max_objects 1500
olcDbConfig: {2}set_lk_max_locks 1500
olcDbConfig: {3}set_lk_max_lockers 1500
olcDbIndex: objectClass eq
olcDbIndex: uidNumber eq
olcDbIndex: gidNumber eq
olcDbIndex: loginShell eq
olcDbIndex: uid eq,pres,sub
olcDbIndex: memberUid eq,pres,sub
olcDbIndex: uniqueMember eq,pres
olcDbIndex: sambaSID eq
olcDbIndex: sambaPrimaryGroupSID eq
olcDbIndex: sambaGroupType eq
olcDbIndex: sambaSIDList eq
olcDbIndex: sambaDomainName eq
olcDbIndex: default sub
olcDbIndex: entryUUID eq
olcDbIndex: displayName eq
olcDbIndex: cn eq
=====================================================
Provider:
ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b cn=config
dn: cn=config
objectClass: olcGlobal
cn: config
olcArgsFile: /var/run/slapd/slapd.args
olcLogLevel: none
olcPidFile: /var/run/slapd/slapd.pid
olcTLSCACertificateFile: /etc/ssl/certs/biomil_ca.crt
olcTLSCertificateFile: /etc/ssl/certs/ch4_slapd.crt
olcTLSCertificateKeyFile: /etc/ssl/private/ch4_slapd.key
olcToolThreads: 1
dn: cn=module{0},cn=config
objectClass: olcModuleList
cn: module{0}
olcModulePath: /usr/lib/ldap
olcModuleLoad: {0}back_hdb
olcModuleLoad: {1}syncprov
olcModuleLoad: {2}accesslog
dn: cn=schema,cn=config
objectClass: olcSchemaConfig
cn: schema
olcObjectIdentifier: OLcfg 1.3.6.1.4.1.4203.1.12.2
olcObjectIdentifier: OLcfgAt OLcfg:3
olcObjectIdentifier: OLcfgGlAt OLcfgAt:0
olcObjectIdentifier: OLcfgBkAt OLcfgAt:1
olcObjectIdentifier: OLcfgDbAt OLcfgAt:2
olcObjectIdentifier: OLcfgOvAt OLcfgAt:3
olcObjectIdentifier: OLcfgCtAt OLcfgAt:4
olcObjectIdentifier: OLcfgOc OLcfg:4
olcObjectIdentifier: OLcfgGlOc OLcfgOc:0
olcObjectIdentifier: OLcfgBkOc OLcfgOc:1
olcObjectIdentifier: OLcfgDbOc OLcfgOc:2
olcObjectIdentifier: OLcfgOvOc OLcfgOc:3
olcObjectIdentifier: OLcfgCtOc OLcfgOc:4
olcObjectIdentifier: OMsyn 1.3.6.1.4.1.1466.115.121.1
olcObjectIdentifier: OMsBoolean OMsyn:7
olcObjectIdentifier: OMsDN OMsyn:12
olcObjectIdentifier: OMsDirectoryString OMsyn:15
olcObjectIdentifier: OMsIA5String OMsyn:26
olcObjectIdentifier: OMsInteger OMsyn:27
olcObjectIdentifier: OMsOID OMsyn:38
olcObjectIdentifier: OMsOctetString OMsyn:40
olcAttributeTypes: ( 2.5.4.0 NAME 'objectClass' DESC 'RFC4512: object
classes
of the entity' EQUALITY objectIdentifierMatch SYNTAX
1.3.6.1.4.1.1466.115.121
.1.38 )
olcAttributeTypes: ( 2.5.21.9 NAME 'structuralObjectClass' DESC
'RFC4512: stru
ctural object class of entry' EQUALITY objectIdentifierMatch SYNTAX
1.3.6.1.4
.1.1466.115.121.1.38 SINGLE-VALUE NO-USER-MODIFICATION USAGE
directoryOperati
on )
olcAttributeTypes: ( 2.5.18.1 NAME 'createTimestamp' DESC 'RFC4512: time
which
object was created' EQUALITY generalizedTimeMatch ORDERING
generalizedTimeOr
deringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE
NO-USER-MODIFIC
ATION USAGE directoryOperation )
olcAttributeTypes: ( 2.5.18.2 NAME 'modifyTimestamp' DESC 'RFC4512: time
which
object was last modified' EQUALITY generalizedTimeMatch ORDERING
generalized
TimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE
NO-USER-M
ODIFICATION USAGE directoryOperation )
olcAttributeTypes: ( 2.5.18.3 NAME 'creatorsName' DESC 'RFC4512: name of
creat
or' EQUALITY distinguishedNameMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.12 SING
LE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )
olcAttributeTypes: ( 2.5.18.4 NAME 'modifiersName' DESC 'RFC4512: name
of last
modifier' EQUALITY distinguishedNameMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.
12 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )
olcAttributeTypes: ( 2.5.18.9 NAME 'hasSubordinates' DESC 'X.501: entry
has ch
ildren' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALU
E NO-USER-MODIFICATION USAGE directoryOperation )
olcAttributeTypes: ( 2.5.18.10 NAME 'subschemaSubentry' DESC 'RFC4512:
name of
controlling subschema entry' EQUALITY distinguishedNameMatch SYNTAX
1.3.6.1.
4.1.1466.115.121.1.12 SINGLE-VALUE NO-USER-MODIFICATION USAGE
directoryOperat
ion )
olcAttributeTypes: ( 1.3.6.1.1.20 NAME 'entryDN' DESC 'DN of the entry'
EQUALI
TY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
SINGLE-VALUE N
O-USER-MODIFICATION USAGE directoryOperation )
olcAttributeTypes: ( 1.3.6.1.1.16.4 NAME 'entryUUID' DESC 'UUID of the
entry'
EQUALITY UUIDMatch ORDERING UUIDOrderingMatch SYNTAX 1.3.6.1.1.16.1
SINGLE-VA
LUE NO-USER-MODIFICATION USAGE directoryOperation )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.7 NAME 'entryCSN' DESC
'change seq
uence number of the entry content' EQUALITY CSNMatch ORDERING
CSNOrderingMatc
h SYNTAX 1.3.6.1.4.1.4203.666.11.2.1{64} SINGLE-VALUE
NO-USER-MODIFICATION US
AGE directoryOperation )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.13 NAME 'namingCSN' DESC
'change s
equence number of the entry naming (RDN)' EQUALITY CSNMatch ORDERING
CSNOrder
ingMatch SYNTAX 1.3.6.1.4.1.4203.666.11.2.1{64} SINGLE-VALUE
NO-USER-MODIFICA
TION USAGE directoryOperation )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.23 NAME 'syncreplCookie'
DESC 'syn
crepl Cookie for shadow copy' EQUALITY octetStringMatch ORDERING
octetStringO
rderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE
NO-USER-MODIFI
CATION USAGE dSAOperation )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.25 NAME 'contextCSN' DESC
'the lar
gest committed CSN of a context' EQUALITY CSNMatch ORDERING
CSNOrderingMatch
SYNTAX 1.3.6.1.4.1.4203.666.11.2.1{64} NO-USER-MODIFICATION USAGE
dSAOperatio
n )
olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.6 NAME 'altServer' DESC
'RFC4512
: alternative servers' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 USAGE
dSAOperatio
n )
olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.5 NAME 'namingContexts'
DESC 'RF
C4512: naming contexts' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 USAGE
dSAOperati
on )
olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.13 NAME 'supportedControl'
DESC
'RFC4512: supported controls' SYNTAX 1.3.6.1.4.1.1466.115.121.1.38
USAGE dSAO
peration )
olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.7 NAME
'supportedExtension' DESC
'RFC4512: supported extended operations' SYNTAX
1.3.6.1.4.1.1466.115.121.1.3
8 USAGE dSAOperation )
olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.15 NAME
'supportedLDAPVersion' D
ESC 'RFC4512: supported LDAP versions' SYNTAX
1.3.6.1.4.1.1466.115.121.1.27 U
SAGE dSAOperation )
olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.14 NAME
'supportedSASLMechanisms
' DESC 'RFC4512: supported SASL mechanisms' SYNTAX
1.3.6.1.4.1.1466.115.121.1
.15 USAGE dSAOperation )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.1.3.5 NAME 'supportedFeatures'
DESC 'RFC
4512: features supported by the server' EQUALITY objectIdentifierMatch
SYNTAX
1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.10 NAME 'monitorContext'
DESC 'mon
itor context' EQUALITY distinguishedNameMatch SYNTAX
1.3.6.1.4.1.1466.115.121
.1.12 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.1 NAME 'configContext' DESC
'conf
ig context' EQUALITY distinguishedNameMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1
.12 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )
olcAttributeTypes: ( 1.3.6.1.1.4 NAME 'vendorName' DESC 'RFC3045: name
of impl
ementation vendor' EQUALITY caseExactMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.
15 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )
olcAttributeTypes: ( 1.3.6.1.1.5 NAME 'vendorVersion' DESC 'RFC3045:
version o
f implementation' EQUALITY caseExactMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.1
5 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )
olcAttributeTypes: ( 2.5.18.5 NAME 'administrativeRole' DESC 'RFC3672:
adminis
trative role' EQUALITY objectIdentifierMatch SYNTAX
1.3.6.1.4.1.1466.115.121.
1.38 USAGE directoryOperation )
olcAttributeTypes: ( 2.5.18.6 NAME 'subtreeSpecification' DESC 'RFC3672:
subtr
ee specification' SYNTAX 1.3.6.1.4.1.1466.115.121.1.45 SINGLE-VALUE
USAGE dir
ectoryOperation )
olcAttributeTypes: ( 2.5.21.1 NAME 'dITStructureRules' DESC 'RFC4512:
DIT stru
cture rules' EQUALITY integerFirstComponentMatch SYNTAX
1.3.6.1.4.1.1466.115.
121.1.17 USAGE directoryOperation )
olcAttributeTypes: ( 2.5.21.2 NAME 'dITContentRules' DESC 'RFC4512: DIT
conten
t rules' EQUALITY objectIdentifierFirstComponentMatch SYNTAX
1.3.6.1.4.1.1466
.115.121.1.16 USAGE directoryOperation )
olcAttributeTypes: ( 2.5.21.4 NAME 'matchingRules' DESC 'RFC4512:
matching rul
es' EQUALITY objectIdentifierFirstComponentMatch SYNTAX
1.3.6.1.4.1.1466.115.
121.1.30 USAGE directoryOperation )
olcAttributeTypes: ( 2.5.21.5 NAME 'attributeTypes' DESC 'RFC4512:
attribute t
ypes' EQUALITY objectIdentifierFirstComponentMatch SYNTAX
1.3.6.1.4.1.1466.11
5.121.1.3 USAGE directoryOperation )
olcAttributeTypes: ( 2.5.21.6 NAME 'objectClasses' DESC 'RFC4512: object
class
es' EQUALITY objectIdentifierFirstComponentMatch SYNTAX
1.3.6.1.4.1.1466.115.
121.1.37 USAGE directoryOperation )
olcAttributeTypes: ( 2.5.21.7 NAME 'nameForms' DESC 'RFC4512: name forms
' EQU
ALITY objectIdentifierFirstComponentMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.3
5 USAGE directoryOperation )
olcAttributeTypes: ( 2.5.21.8 NAME 'matchingRuleUse' DESC 'RFC4512:
matching r
ule uses' EQUALITY objectIdentifierFirstComponentMatch SYNTAX
1.3.6.1.4.1.146
6.115.121.1.31 USAGE directoryOperation )
olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.16 NAME 'ldapSyntaxes'
DESC 'RFC
4512: LDAP syntaxes' EQUALITY objectIdentifierFirstComponentMatch
SYNTAX 1.3.
6.1.4.1.1466.115.121.1.54 USAGE directoryOperation )
olcAttributeTypes: ( 2.5.4.1 NAME ( 'aliasedObjectName'
'aliasedEntryName' ) D
ESC 'RFC4512: name of aliased object' EQUALITY distinguishedNameMatch
SYNTAX
1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
olcAttributeTypes: ( 2.16.840.1.113730.3.1.34 NAME 'ref' DESC 'RFC3296:
subord
inate referral URL' EQUALITY caseExactMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1
.15 USAGE distributedOperation )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.1.3.1 NAME 'entry' DESC 'OpenLDAP
ACL en
try pseudo-attribute' SYNTAX 1.3.6.1.4.1.4203.1.1.1 SINGLE-VALUE
NO-USER-MODI
FICATION USAGE dSAOperation )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.1.3.2 NAME 'children' DESC
'OpenLDAP ACL
children pseudo-attribute' SYNTAX 1.3.6.1.4.1.4203.1.1.1 SINGLE-VALUE
NO-USE
R-MODIFICATION USAGE dSAOperation )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.8 NAME ( 'authzTo'
'saslAuthzTo' )
DESC 'proxy authorization targets' EQUALITY authzMatch SYNTAX
1.3.6.1.4.1.42
03.666.2.7 USAGE distributedOperation X-ORDERED 'VALUES' )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.9 NAME ( 'authzFrom'
'saslAuthzFro
m' ) DESC 'proxy authorization sources' EQUALITY authzMatch SYNTAX
1.3.6.1.4.
1.4203.666.2.7 USAGE distributedOperation X-ORDERED 'VALUES' )
olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.119.3 NAME 'entryTtl' DESC
'RFC2589:
entry time-to-live' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE
NO-USE
R-MODIFICATION USAGE dSAOperation )
olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.119.4 NAME 'dynamicSubtrees'
DESC 'R
FC2589: dynamic subtrees' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
NO-USER-MODIFI
CATION USAGE dSAOperation )
olcAttributeTypes: ( 2.5.4.49 NAME 'distinguishedName' DESC 'RFC4519:
common s
upertype of DN attributes' EQUALITY distinguishedNameMatch SYNTAX
1.3.6.1.4.1
.1466.115.121.1.12 )
olcAttributeTypes: ( 2.5.4.41 NAME 'name' DESC 'RFC4519: common
supertype of n
ame attributes' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMatch SYN
TAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
olcAttributeTypes: ( 2.5.4.3 NAME ( 'cn' 'commonName' ) DESC 'RFC4519:
common
name(s) for which the entity is known by' SUP name )
olcAttributeTypes: ( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' )
DESC 'R
FC4519: user identifier' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstrings
Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
olcAttributeTypes: ( 1.3.6.1.1.1.1.0 NAME 'uidNumber' DESC 'RFC2307: An
intege
r uniquely identifying a user in an administrative domain' EQUALITY
integerMa
tch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE
-VALUE )
olcAttributeTypes: ( 1.3.6.1.1.1.1.1 NAME 'gidNumber' DESC 'RFC2307: An
intege
r uniquely identifying a group in an administrative domain' EQUALITY
integerM
atch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGL
E-VALUE )
olcAttributeTypes: ( 2.5.4.35 NAME 'userPassword' DESC 'RFC4519/2307:
password
of user' EQUALITY octetStringMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.40{128}
)
olcAttributeTypes: ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI' DESC
'RFC2079: Uni
form Resource Identifier with optional label' EQUALITY caseExactMatch
SYNTAX
1.3.6.1.4.1.1466.115.121.1.15 )
olcAttributeTypes: ( 2.5.4.13 NAME 'description' DESC 'RFC4519:
descriptive in
formation' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1
.3.6.1.4.1.1466.115.121.1.15{1024} )
olcAttributeTypes: ( 2.5.4.34 NAME 'seeAlso' DESC 'RFC4519: DN of
related obje
ct' SUP distinguishedName )
olcAttributeTypes: ( OLcfgGlAt:78 NAME 'olcConfigFile' DESC 'File for
slapd co
nfiguration directives' EQUALITY caseIgnoreMatch SYNTAX
OMsDirectoryString SI
NGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:79 NAME 'olcConfigDir' DESC 'Directory
for slap
d configuration backend' EQUALITY caseIgnoreMatch SYNTAX
OMsDirectoryString S
INGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:1 NAME 'olcAccess' DESC 'Access Control
List' E
QUALITY caseIgnoreMatch SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )
olcAttributeTypes: ( OLcfgGlAt:86 NAME 'olcAddContentAcl' DESC 'Check
ACLs aga
inst content of Add ops' SYNTAX OMsBoolean SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:2 NAME 'olcAllows' DESC 'Allowed set of
depreca
ted features' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgGlAt:3 NAME 'olcArgsFile' DESC 'File for slapd
comma
nd line options' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString
SINGLE-VA
LUE )
olcAttributeTypes: ( OLcfgGlAt:5 NAME 'olcAttributeOptions' EQUALITY
caseIgnor
eMatch SYNTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgGlAt:4 NAME 'olcAttributeTypes' DESC 'OpenLDAP
attri
buteTypes' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
SYNTAX O
MsDirectoryString X-ORDERED 'VALUES' )
olcAttributeTypes: ( OLcfgGlAt:6 NAME 'olcAuthIDRewrite' EQUALITY
caseIgnoreMa
tch SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )
olcAttributeTypes: ( OLcfgGlAt:7 NAME 'olcAuthzPolicy' EQUALITY
caseIgnoreMatc
h SYNTAX OMsDirectoryString SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:8 NAME 'olcAuthzRegexp' EQUALITY
caseIgnoreMatc
h SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )
olcAttributeTypes: ( OLcfgGlAt:9 NAME 'olcBackend' DESC 'A type of
backend' EQ
UALITY caseIgnoreMatch SYNTAX OMsDirectoryString SINGLE-VALUE X-ORDERED
'SIBL
INGS' )
olcAttributeTypes: ( OLcfgGlAt:10 NAME 'olcConcurrency' SYNTAX
OMsInteger SING
LE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:11 NAME 'olcConnMaxPending' SYNTAX
OMsInteger S
INGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:12 NAME 'olcConnMaxPendingAuth' SYNTAX
OMsInteg
er SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:13 NAME 'olcDatabase' DESC 'The backend
type fo
r a database instance' SUP olcBackend SINGLE-VALUE X-ORDERED 'SIBLINGS' )
olcAttributeTypes: ( OLcfgGlAt:14 NAME 'olcDefaultSearchBase' SYNTAX
OMsDN SIN
GLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:15 NAME 'olcDisallows' EQUALITY
caseIgnoreMatch
SYNTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgGlAt:16 NAME 'olcDitContentRules' DESC
'OpenLDAP DIT
content rules' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMatch SYN
TAX OMsDirectoryString X-ORDERED 'VALUES' )
olcAttributeTypes: ( OLcfgDbAt:0.20 NAME 'olcExtraAttrs' EQUALITY
caseIgnoreMa
tch SYNTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgGlAt:17 NAME 'olcGentleHUP' SYNTAX OMsBoolean
SINGLE
-VALUE )
olcAttributeTypes: ( OLcfgDbAt:0.17 NAME 'olcHidden' SYNTAX OMsBoolean
SINGLE-
VALUE )
olcAttributeTypes: ( OLcfgGlAt:18 NAME 'olcIdleTimeout' SYNTAX
OMsInteger SING
LE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:19 NAME 'olcInclude' SUP labeledURI )
olcAttributeTypes: ( OLcfgGlAt:20 NAME 'olcIndexSubstrIfMinLen' SYNTAX
OMsInte
ger SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:21 NAME 'olcIndexSubstrIfMaxLen' SYNTAX
OMsInte
ger SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:22 NAME 'olcIndexSubstrAnyLen' SYNTAX
OMsIntege
r SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:23 NAME 'olcIndexSubstrAnyStep' SYNTAX
OMsInteg
er SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:84 NAME 'olcIndexIntLen' SYNTAX
OMsInteger SING
LE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:0.4 NAME 'olcLastMod' SYNTAX OMsBoolean
SINGLE-
VALUE )
olcAttributeTypes: ( OLcfgGlAt:85 NAME 'olcLdapSyntaxes' DESC 'OpenLDAP
ldapSy
ntax' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
OMsDir
ectoryString X-ORDERED 'VALUES' )
olcAttributeTypes: ( OLcfgDbAt:0.5 NAME 'olcLimits' EQUALITY
caseIgnoreMatch S
YNTAX OMsDirectoryString X-ORDERED 'VALUES' )
olcAttributeTypes: ( OLcfgGlAt:93 NAME 'olcListenerThreads' SYNTAX
OMsInteger
SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:26 NAME 'olcLocalSSF' SYNTAX OMsInteger
SINGLE-
VALUE )
olcAttributeTypes: ( OLcfgGlAt:27 NAME 'olcLogFile' SYNTAX
OMsDirectoryString
SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:28 NAME 'olcLogLevel' EQUALITY
caseIgnoreMatch
SYNTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgDbAt:0.6 NAME 'olcMaxDerefDepth' SYNTAX
OMsInteger S
INGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:0.16 NAME 'olcMirrorMode' SYNTAX
OMsBoolean SIN
GLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:30 NAME 'olcModuleLoad' EQUALITY
caseIgnoreMatc
h SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )
olcAttributeTypes: ( OLcfgGlAt:31 NAME 'olcModulePath' SYNTAX
OMsDirectoryStri
ng SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:0.18 NAME 'olcMonitoring' SYNTAX
OMsBoolean SIN
GLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:32 NAME 'olcObjectClasses' DESC 'OpenLDAP
objec
t classes' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
SYNTAX O
MsDirectoryString X-ORDERED 'VALUES' )
olcAttributeTypes: ( OLcfgGlAt:33 NAME 'olcObjectIdentifier' EQUALITY
caseIgno
reMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX OMsDirectoryString
X-ORDERED
'VALUES' )
olcAttributeTypes: ( OLcfgGlAt:34 NAME 'olcOverlay' SUP olcDatabase
SINGLE-VAL
UE X-ORDERED 'SIBLINGS' )
olcAttributeTypes: ( OLcfgGlAt:35 NAME 'olcPasswordCryptSaltFormat'
SYNTAX OMs
DirectoryString SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:36 NAME 'olcPasswordHash' EQUALITY
caseIgnoreMa
tch SYNTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgGlAt:37 NAME 'olcPidFile' SYNTAX
OMsDirectoryString
SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:38 NAME 'olcPlugin' EQUALITY
caseIgnoreMatch SY
NTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgGlAt:39 NAME 'olcPluginLogFile' SYNTAX
OMsDirectoryS
tring SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:40 NAME 'olcReadOnly' SYNTAX OMsBoolean
SINGLE-
VALUE )
olcAttributeTypes: ( OLcfgGlAt:41 NAME 'olcReferral' SUP labeledURI
SINGLE-VAL
UE )
olcAttributeTypes: ( OLcfgDbAt:0.7 NAME 'olcReplica' SUP labeledURI
EQUALITY c
aseIgnoreMatch X-ORDERED 'VALUES' )
olcAttributeTypes: ( OLcfgGlAt:43 NAME 'olcReplicaArgsFile' SYNTAX
OMsDirector
yString SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:44 NAME 'olcReplicaPidFile' SYNTAX
OMsDirectory
String SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:45 NAME 'olcReplicationInterval' SYNTAX
OMsInte
ger SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:46 NAME 'olcReplogFile' SYNTAX
OMsDirectoryStri
ng SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:47 NAME 'olcRequires' EQUALITY
caseIgnoreMatch
SYNTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgGlAt:48 NAME 'olcRestrict' EQUALITY
caseIgnoreMatch
SYNTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgGlAt:49 NAME 'olcReverseLookup' SYNTAX
OMsBoolean SI
NGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:0.8 NAME 'olcRootDN' EQUALITY
distinguishedName
Match SYNTAX OMsDN SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:51 NAME 'olcRootDSE' EQUALITY
caseIgnoreMatch S
YNTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgDbAt:0.9 NAME 'olcRootPW' SYNTAX
OMsDirectoryString
SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:89 NAME 'olcSaslAuxprops' SYNTAX
OMsDirectorySt
ring SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:53 NAME 'olcSaslHost' SYNTAX
OMsDirectoryString
SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:54 NAME 'olcSaslRealm' SYNTAX
OMsDirectoryStrin
g SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:56 NAME 'olcSaslSecProps' SYNTAX
OMsDirectorySt
ring SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:58 NAME 'olcSchemaDN' EQUALITY
distinguishedNam
eMatch SYNTAX OMsDN SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:59 NAME 'olcSecurity' EQUALITY
caseIgnoreMatch
SYNTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgGlAt:81 NAME 'olcServerID' EQUALITY
caseIgnoreMatch
SYNTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgGlAt:60 NAME 'olcSizeLimit' SYNTAX
OMsDirectoryStrin
g SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:61 NAME 'olcSockbufMaxIncoming' SYNTAX
OMsInteg
er SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:62 NAME 'olcSockbufMaxIncomingAuth'
SYNTAX OMsI
nteger SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:83 NAME 'olcSortVals' DESC 'Attributes
whose va
lues will always be sorted' EQUALITY caseIgnoreMatch SYNTAX
OMsDirectoryStrin
g )
olcAttributeTypes: ( OLcfgDbAt:0.15 NAME 'olcSubordinate' SYNTAX
OMsDirectoryS
tring SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:0.10 NAME 'olcSuffix' EQUALITY
distinguishedNam
eMatch SYNTAX OMsDN )
olcAttributeTypes: ( OLcfgDbAt:0.19 NAME 'olcSyncUseSubentry' DESC
'Store sync
context in a subentry' SYNTAX OMsBoolean SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:0.11 NAME 'olcSyncrepl' EQUALITY
caseIgnoreMatc
h SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )
olcAttributeTypes: ( OLcfgGlAt:90 NAME 'olcTCPBuffer' DESC 'Custom TCP
buffer
size' SYNTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgGlAt:66 NAME 'olcThreads' SYNTAX OMsInteger
SINGLE-V
ALUE )
olcAttributeTypes: ( OLcfgGlAt:67 NAME 'olcTimeLimit' SYNTAX
OMsDirectoryStrin
g )
olcAttributeTypes: ( OLcfgGlAt:68 NAME 'olcTLSCACertificateFile' SYNTAX
OMsDir
ectoryString SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:69 NAME 'olcTLSCACertificatePath' SYNTAX
OMsDir
ectoryString SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:70 NAME 'olcTLSCertificateFile' SYNTAX
OMsDirec
toryString SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:71 NAME 'olcTLSCertificateKeyFile' SYNTAX
OMsDi
rectoryString SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:72 NAME 'olcTLSCipherSuite' SYNTAX
OMsDirectory
String SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:73 NAME 'olcTLSCRLCheck' SYNTAX
OMsDirectoryStr
ing SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:82 NAME 'olcTLSCRLFile' SYNTAX
OMsDirectoryStri
ng SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:74 NAME 'olcTLSRandFile' SYNTAX
OMsDirectoryStr
ing SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:75 NAME 'olcTLSVerifyClient' SYNTAX
OMsDirector
yString SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:77 NAME 'olcTLSDHParamFile' SYNTAX
OMsDirectory
String SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:87 NAME 'olcTLSProtocolMin' SYNTAX
OMsDirectory
String SINGLE-VALUE )
olcAttributeTypes: ( OLcfgGlAt:80 NAME 'olcToolThreads' SYNTAX
OMsInteger SING
LE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:0.12 NAME 'olcUpdateDN' SYNTAX OMsDN
SINGLE-VAL
UE )
olcAttributeTypes: ( OLcfgDbAt:0.13 NAME 'olcUpdateRef' SUP labeledURI
EQUALIT
Y caseIgnoreMatch )
olcAttributeTypes: ( OLcfgGlAt:88 NAME 'olcWriteTimeout' SYNTAX
OMsInteger SIN
GLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:0.1 NAME 'olcDbDirectory' DESC 'Directory
for d
atabase content' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString
SINGLE-VA
LUE )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.5 NAME 'OpenLDAPaci' DESC
'OpenLDA
P access control information (experimental)' EQUALITY OpenLDAPaciMatch
SYNTAX
1.3.6.1.4.1.4203.666.2.1 USAGE directoryOperation )
olcAttributeTypes: ( OLcfgDbAt:1.11 NAME 'olcDbCacheFree' DESC 'Number
of extr
a entries to free when max is reached' SYNTAX OMsInteger SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:1.1 NAME 'olcDbCacheSize' DESC 'Entry
cache siz
e in entries' SYNTAX OMsInteger SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:1.2 NAME 'olcDbCheckpoint' DESC 'Database
check
point interval in kbytes and minutes' SYNTAX OMsDirectoryString
SINGLE-VALUE
)
olcAttributeTypes: ( OLcfgDbAt:1.16 NAME 'olcDbChecksum' DESC 'Enable
database
checksum validation' SYNTAX OMsBoolean SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:1.13 NAME 'olcDbCryptFile' DESC 'Pathname
of fi
le containing the DB encryption key' SYNTAX OMsDirectoryString
SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:1.14 NAME 'olcDbCryptKey' DESC 'DB
encryption k
ey' SYNTAX OMsOctetString SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:1.3 NAME 'olcDbConfig' DESC 'BerkeleyDB
DB_CONF
IG configuration directives' SYNTAX OMsIA5String X-ORDERED 'VALUES' )
olcAttributeTypes: ( OLcfgDbAt:1.4 NAME 'olcDbNoSync' DESC 'Disable
synchronou
s database writes' SYNTAX OMsBoolean SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:1.15 NAME 'olcDbPageSize' DESC 'Page size
of sp
ecified DB, in Kbytes' EQUALITY caseExactMatch SYNTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgDbAt:1.5 NAME 'olcDbDirtyRead' DESC 'Allow
reads of
uncommitted data' SYNTAX OMsBoolean SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:1.12 NAME 'olcDbDNcacheSize' DESC 'DN
cache siz
e' SYNTAX OMsInteger SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:1.6 NAME 'olcDbIDLcacheSize' DESC 'IDL
cache si
ze in IDLs' SYNTAX OMsInteger SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:0.2 NAME 'olcDbIndex' DESC 'Attribute
index par
ameters' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgDbAt:1.7 NAME 'olcDbLinearIndex' DESC 'Index
attribu
tes one at a time' SYNTAX OMsBoolean SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:1.8 NAME 'olcDbLockDetect' DESC 'Deadlock
detec
tion algorithm' SYNTAX OMsDirectoryString SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:0.3 NAME 'olcDbMode' DESC 'Unix
permissions of
database files' SYNTAX OMsDirectoryString SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:1.9 NAME 'olcDbSearchStack' DESC 'Depth
of sear
ch stack in IDLs' SYNTAX OMsInteger SINGLE-VALUE )
olcAttributeTypes: ( OLcfgDbAt:1.10 NAME 'olcDbShmKey' DESC 'Key for
shared me
mory region' SYNTAX OMsInteger SINGLE-VALUE )
olcAttributeTypes: ( OLcfgOvAt:1.1 NAME 'olcSpCheckpoint' DESC
'ContextCSN che
ckpoint interval in ops and minutes' SYNTAX OMsDirectoryString
SINGLE-VALUE )
olcAttributeTypes: ( OLcfgOvAt:1.2 NAME 'olcSpSessionlog' DESC 'Session
log si
ze in ops' SYNTAX OMsInteger SINGLE-VALUE )
olcAttributeTypes: ( OLcfgOvAt:1.3 NAME 'olcSpNoPresent' DESC 'Omit
Present ph
ase processing' SYNTAX OMsBoolean SINGLE-VALUE )
olcAttributeTypes: ( OLcfgOvAt:1.4 NAME 'olcSpReloadHint' DESC 'Observe
Reload
Hint in Request control' SYNTAX OMsBoolean SINGLE-VALUE )
olcAttributeTypes: ( OLcfgOvAt:4.1 NAME 'olcAccessLogDB' DESC 'Suffix of
datab
ase for log content' SUP distinguishedName SINGLE-VALUE )
olcAttributeTypes: ( OLcfgOvAt:4.2 NAME 'olcAccessLogOps' DESC
'Operation type
s to log' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString )
olcAttributeTypes: ( OLcfgOvAt:4.3 NAME 'olcAccessLogPurge' DESC 'Log
cleanup
parameters' SYNTAX OMsDirectoryString SINGLE-VALUE )
olcAttributeTypes: ( OLcfgOvAt:4.4 NAME 'olcAccessLogSuccess' DESC 'Log
succes
sful ops only' SYNTAX OMsBoolean SINGLE-VALUE )
olcAttributeTypes: ( OLcfgOvAt:4.5 NAME 'olcAccessLogOld' DESC 'Log old
values
when modifying entries matching the filter' SYNTAX OMsDirectoryString
SINGLE
-VALUE )
olcAttributeTypes: ( OLcfgOvAt:4.6 NAME 'olcAccessLogOldAttr' DESC 'Log
old va
lues of these attributes even if unmodified' EQUALITY caseIgnoreMatch
SYNTAX
OMsDirectoryString )
olcAttributeTypes: ( OLcfgOvAt:4.7 NAME 'olcAccessLogBase' DESC
'Operation typ
es to log under a specific branch' EQUALITY caseIgnoreMatch SYNTAX
OMsDirecto
ryString )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.1 NAME 'reqDN' DESC
'Target D
N of request' EQUALITY distinguishedNameMatch SYNTAX OMsDN SINGLE-VALUE )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.2 NAME 'reqStart' DESC
'Start
time of request' EQUALITY generalizedTimeMatch ORDERING
generalizedTimeOrder
ingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.3 NAME 'reqEnd' DESC
'End tim
e of request' EQUALITY generalizedTimeMatch ORDERING
generalizedTimeOrderingM
atch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.4 NAME 'reqType' DESC
'Type o
f request' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString
SINGLE-VALUE )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.5 NAME 'reqSession'
DESC 'Ses
sion ID of request' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString
SINGLE
-VALUE )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.6 NAME 'reqAuthzID'
DESC 'Aut
horization ID of requestor' EQUALITY distinguishedNameMatch SYNTAX
OMsDN SING
LE-VALUE )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.7 NAME 'reqResult' DESC
'Resu
lt code of request' EQUALITY integerMatch ORDERING integerOrderingMatch
SYNTA
X OMsInteger SINGLE-VALUE )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.8 NAME 'reqMessage'
DESC 'Err
or text of request' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMatch
SYNTAX OMsDirectoryString SINGLE-VALUE )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.9 NAME 'reqReferral'
DESC 'Re
ferrals returned for request' SUP labeledURI )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.10 NAME 'reqControls'
DESC 'R
equest controls' EQUALITY objectIdentifierFirstComponentMatch SYNTAX
1.3.6.1.
4.1.4203.666.11.5.3.1 X-ORDERED 'VALUES' )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.11 NAME
'reqRespControls' DES
C 'Response controls of request' EQUALITY
objectIdentifierFirstComponentMatch
SYNTAX 1.3.6.1.4.1.4203.666.11.5.3.1 X-ORDERED 'VALUES' )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.12 NAME 'reqId' DESC
'ID of R
equest to Abandon' EQUALITY integerMatch ORDERING integerOrderingMatch
SYNTAX
OMsInteger SINGLE-VALUE )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.13 NAME 'reqVersion'
DESC 'Pr
otocol version of Bind request' EQUALITY integerMatch ORDERING
integerOrderin
gMatch SYNTAX OMsInteger SINGLE-VALUE )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.14 NAME 'reqMethod'
DESC 'Bin
d method of request' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString
SINGL
E-VALUE )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.15 NAME 'reqAssertion'
DESC '
Compare Assertion of request' SYNTAX OMsDirectoryString SINGLE-VALUE )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.16 NAME 'reqMod' DESC
'Modifi
cations of request' EQUALITY octetStringMatch SUBSTR
octetStringSubstringsMat
ch SYNTAX OMsOctetString )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.17 NAME 'reqOld' DESC
'Old va
lues of entry before request completed' EQUALITY octetStringMatch
SUBSTR octe
tStringSubstringsMatch SYNTAX OMsOctetString )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.18 NAME 'reqNewRDN'
DESC 'New
RDN of request' EQUALITY distinguishedNameMatch SYNTAX OMsDN
SINGLE-VALUE )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.19 NAME
'reqDeleteOldRDN' DES
C 'Delete old RDN' EQUALITY booleanMatch SYNTAX OMsBoolean SINGLE-VALUE )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.20 NAME
'reqNewSuperior' DESC
'New superior DN of request' EQUALITY distinguishedNameMatch SYNTAX
OMsDN SI
NGLE-VALUE )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.21 NAME 'reqScope' DESC
'Scop
e of request' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString
SINGLE-VALUE
)
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.22 NAME
'reqDerefAliases' DES
C 'Disposition of Aliases in request' EQUALITY caseIgnoreMatch SYNTAX
OMsDire
ctoryString SINGLE-VALUE )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.23 NAME 'reqAttrsOnly'
DESC '
Attributes and values of request' EQUALITY booleanMatch SYNTAX
OMsBoolean SIN
GLE-VALUE )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.24 NAME 'reqFilter'
DESC 'Fil
ter of request' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMatch SYN
TAX OMsDirectoryString SINGLE-VALUE )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.25 NAME 'reqAttr' DESC
'Attri
butes of request' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.26 NAME 'reqSizeLimit'
DESC '
Size limit of request' EQUALITY integerMatch ORDERING
integerOrderingMatch SY
NTAX OMsInteger SINGLE-VALUE )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.27 NAME 'reqTimeLimit'
DESC '
Time limit of request' EQUALITY integerMatch ORDERING
integerOrderingMatch SY
NTAX OMsInteger SINGLE-VALUE )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.28 NAME 'reqEntries'
DESC 'Nu
mber of entries returned' EQUALITY integerMatch ORDERING
integerOrderingMatch
SYNTAX OMsInteger SINGLE-VALUE )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.29 NAME 'reqData' DESC
'Data
of extended request' EQUALITY octetStringMatch SUBSTR
octetStringSubstringsMa
tch SYNTAX OMsOctetString SINGLE-VALUE )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.30 NAME 'auditContext'
DESC '
DN of auditContainer' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE
NO-US
ER-MODIFICATION USAGE dSAOperation )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.31 NAME 'reqEntryUUID'
DESC '
UUID of entry' EQUALITY UUIDMatch ORDERING UUIDOrderingMatch SYNTAX
1.3.6.1.1
.16.1 SINGLE-VALUE )
olcObjectClasses: ( 2.5.6.0 NAME 'top' DESC 'top of the superclass
chain' ABST
RACT MUST objectClass )
olcObjectClasses: ( 1.3.6.1.4.1.1466.101.120.111 NAME 'extensibleObject'
DESC
'RFC4512: extensible object' SUP top AUXILIARY )
olcObjectClasses: ( 2.5.6.1 NAME 'alias' DESC 'RFC4512: an alias' SUP
top STRU
CTURAL MUST aliasedObjectName )
olcObjectClasses: ( 2.16.840.1.113730.3.2.6 NAME 'referral' DESC
'namedref: na
med subordinate referral' SUP top STRUCTURAL MUST ref )
olcObjectClasses: ( 1.3.6.1.4.1.4203.1.4.1 NAME ( 'OpenLDAProotDSE'
'LDAProotD
SE' ) DESC 'OpenLDAP Root DSE object' SUP top STRUCTURAL MAY cn )
olcObjectClasses: ( 2.5.17.0 NAME 'subentry' DESC 'RFC3672: subentry'
SUP top
STRUCTURAL MUST ( cn $ subtreeSpecification ) )
olcObjectClasses: ( 2.5.20.1 NAME 'subschema' DESC 'RFC4512: controlling
subsc
hema (sub)entry' AUXILIARY MAY ( dITStructureRules $ nameForms $
dITContentRu
les $ objectClasses $ attributeTypes $ matchingRules $ matchingRuleUse ) )
olcObjectClasses: ( 1.3.6.1.4.1.1466.101.119.2 NAME 'dynamicObject' DESC
'RFC2
589: Dynamic Object' SUP top AUXILIARY )
olcObjectClasses: ( 1.3.6.1.4.1.4203.666.3.4 NAME 'glue' DESC 'Glue
Entry' SUP
top STRUCTURAL )
olcObjectClasses: ( 1.3.6.1.4.1.4203.666.3.5 NAME 'syncConsumerSubentry'
DESC
'Persistent Info for SyncRepl Consumer' AUXILIARY MAY syncreplCookie )
olcObjectClasses: ( 1.3.6.1.4.1.4203.666.3.6 NAME 'syncProviderSubentry'
DESC
'Persistent Info for SyncRepl Producer' AUXILIARY MAY contextCSN )
olcObjectClasses: ( OLcfgGlOc:0 NAME 'olcConfig' DESC 'OpenLDAP
configuration
object' SUP top ABSTRACT )
olcObjectClasses: ( OLcfgGlOc:1 NAME 'olcGlobal' DESC 'OpenLDAP Global
configu
ration options' SUP olcConfig STRUCTURAL MAY ( cn $ olcConfigFile $
olcConfig
Dir $ olcAllows $ olcArgsFile $ olcAttributeOptions $ olcAuthIDRewrite
$ olcA
uthzPolicy $ olcAuthzRegexp $ olcConcurrency $ olcConnMaxPending $
olcConnMax
PendingAuth $ olcDisallows $ olcGentleHUP $ olcIdleTimeout $
olcIndexSubstrIf
MaxLen $ olcIndexSubstrIfMinLen $ olcIndexSubstrAnyLen $
olcIndexSubstrAnySte
p $ olcIndexIntLen $ olcLocalSSF $ olcLogFile $ olcLogLevel $
olcPasswordCryp
tSaltFormat $ olcPasswordHash $ olcPidFile $ olcPluginLogFile $
olcReadOnly $
olcReferral $ olcReplogFile $ olcRequires $ olcRestrict $
olcReverseLookup $
olcRootDSE $ olcSaslAuxprops $ olcSaslHost $ olcSaslRealm $
olcSaslSecProps
$ olcSecurity $ olcServerID $ olcSizeLimit $ olcSockbufMaxIncoming $
olcSockb
ufMaxIncomingAuth $ olcTCPBuffer $ olcThreads $ olcTimeLimit $
olcTLSCACertif
icateFile $ olcTLSCACertificatePath $ olcTLSCertificateFile $
olcTLSCertifica
teKeyFile $ olcTLSCipherSuite $ olcTLSCRLCheck $ olcTLSRandFile $
olcTLSVerif
yClient $ olcTLSDHParamFile $ olcTLSCRLFile $ olcToolThreads $
olcWriteTimeou
t $ olcObjectIdentifier $ olcAttributeTypes $ olcObjectClasses $
olcDitConten
tRules $ olcLdapSyntaxes ) )
olcObjectClasses: ( OLcfgGlOc:2 NAME 'olcSchemaConfig' DESC 'OpenLDAP
schema o
bject' SUP olcConfig STRUCTURAL MAY ( cn $ olcObjectIdentifier $
olcLdapSynta
xes $ olcAttributeTypes $ olcObjectClasses $ olcDitContentRules ) )
olcObjectClasses: ( OLcfgGlOc:3 NAME 'olcBackendConfig' DESC 'OpenLDAP
Backend
-specific options' SUP olcConfig STRUCTURAL MUST olcBackend )
olcObjectClasses: ( OLcfgGlOc:4 NAME 'olcDatabaseConfig' DESC 'OpenLDAP
Databa
se-specific options' SUP olcConfig STRUCTURAL MUST olcDatabase MAY (
olcHidde
n $ olcSuffix $ olcSubordinate $ olcAccess $ olcAddContentAcl $
olcLastMod $
olcLimits $ olcMaxDerefDepth $ olcPlugin $ olcReadOnly $ olcReplica $
olcRepl
icaArgsFile $ olcReplicaPidFile $ olcReplicationInterval $
olcReplogFile $ ol
cRequires $ olcRestrict $ olcRootDN $ olcRootPW $ olcSchemaDN $
olcSecurity $
olcSizeLimit $ olcSyncUseSubentry $ olcSyncrepl $ olcTimeLimit $
olcUpdateDN
$ olcUpdateRef $ olcMirrorMode $ olcMonitoring $ olcExtraAttrs ) )
olcObjectClasses: ( OLcfgGlOc:5 NAME 'olcOverlayConfig' DESC 'OpenLDAP
Overlay
-specific options' SUP olcConfig STRUCTURAL MUST olcOverlay )
olcObjectClasses: ( OLcfgGlOc:6 NAME 'olcIncludeFile' DESC 'OpenLDAP
configura
tion include file' SUP olcConfig STRUCTURAL MUST olcInclude MAY ( cn $
olcRoo
tDSE ) )
olcObjectClasses: ( OLcfgGlOc:7 NAME 'olcFrontendConfig' DESC 'OpenLDAP
fronte
nd configuration' AUXILIARY MAY ( olcDefaultSearchBase $
olcPasswordHash $ ol
cSortVals ) )
olcObjectClasses: ( OLcfgGlOc:8 NAME 'olcModuleList' DESC 'OpenLDAP
dynamic mo
dule info' SUP olcConfig STRUCTURAL MAY ( cn $ olcModulePath $
olcModuleLoad
) )
olcObjectClasses: ( OLcfgDbOc:2.1 NAME 'olcLdifConfig' DESC 'LDIF
backend conf
iguration' SUP olcDatabaseConfig STRUCTURAL MUST olcDbDirectory )
olcObjectClasses: ( OLcfgDbOc:1.2 NAME 'olcHdbConfig' DESC 'HDB backend
config
uration' SUP olcDatabaseConfig STRUCTURAL MUST olcDbDirectory MAY (
olcDbCach
eSize $ olcDbCheckpoint $ olcDbConfig $ olcDbCryptFile $ olcDbCryptKey
$ olcD
bNoSync $ olcDbDirtyRead $ olcDbIDLcacheSize $ olcDbIndex $
olcDbLinearIndex
$ olcDbLockDetect $ olcDbMode $ olcDbSearchStack $ olcDbShmKey $
olcDbCacheFr
ee $ olcDbDNcacheSize $ olcDbPageSize ) )
olcObjectClasses: ( OLcfgOvOc:1.1 NAME 'olcSyncProvConfig' DESC
'SyncRepl Prov
ider configuration' SUP olcOverlayConfig STRUCTURAL MAY (
olcSpCheckpoint $ o
lcSpSessionlog $ olcSpNoPresent $ olcSpReloadHint ) )
olcObjectClasses: ( OLcfgOvOc:4.1 NAME 'olcAccessLogConfig' DESC 'Access
log c
onfiguration' SUP olcOverlayConfig STRUCTURAL MUST olcAccessLogDB MAY (
olcAc
cessLogOps $ olcAccessLogPurge $ olcAccessLogSuccess $ olcAccessLogOld
$ olcA
ccessLogOldAttr $ olcAccessLogBase ) )
olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.0 NAME 'auditContainer'
DESC '
AuditLog container' SUP top STRUCTURAL MAY ( cn $ reqStart $ reqEnd ) )
olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.1 NAME 'auditObject'
DESC 'Ope
nLDAP request auditing' SUP top STRUCTURAL MUST ( reqStart $ reqType $
reqSes
sion ) MAY ( reqDN $ reqAuthzID $ reqControls $ reqRespControls $
reqEnd $ re
qResult $ reqMessage $ reqReferral $ reqEntryUUID ) )
olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.2 NAME 'auditReadObject'
DESC
'OpenLDAP read request record' SUP auditObject STRUCTURAL )
olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.3 NAME
'auditWriteObject' DESC
'OpenLDAP write request record' SUP auditObject STRUCTURAL )
olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.4 NAME 'auditAbandon'
DESC 'Ab
andon operation' SUP auditObject STRUCTURAL MUST reqId )
olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.5 NAME 'auditAdd' DESC
'Add op
eration' SUP auditWriteObject STRUCTURAL MUST reqMod )
olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.6 NAME 'auditBind' DESC
'Bind
operation' SUP auditObject STRUCTURAL MUST ( reqVersion $ reqMethod ) )
olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.7 NAME 'auditCompare'
DESC 'Co
mpare operation' SUP auditReadObject STRUCTURAL MUST reqAssertion )
olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.8 NAME 'auditDelete'
DESC 'Del
ete operation' SUP auditWriteObject STRUCTURAL MAY reqOld )
olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.9 NAME 'auditModify'
DESC 'Mod
ify operation' SUP auditWriteObject STRUCTURAL MUST reqMod MAY reqOld )
olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.10 NAME 'auditModRDN'
DESC 'Mo
dRDN operation' SUP auditWriteObject STRUCTURAL MUST ( reqNewRDN $
reqDeleteO
ldRDN ) MAY ( reqNewSuperior $ reqMod $ reqOld ) )
olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.11 NAME 'auditSearch'
DESC 'Se
arch operation' SUP auditReadObject STRUCTURAL MUST ( reqScope $
reqDerefAlia
ses $ reqAttrsonly ) MAY ( reqFilter $ reqAttr $ reqEntries $
reqSizeLimit $
reqTimeLimit ) )
olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.12 NAME 'auditExtended'
DESC '
Extended operation' SUP auditObject STRUCTURAL MAY reqData )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.1 DESC 'ACI Item'
X-BINARY-TRANS
FER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.2 DESC 'Access Point'
X-NOT-HUMA
N-READABLE 'TRUE' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.3 DESC 'Attribute Type
Descripti
on' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.4 DESC 'Audio'
X-NOT-HUMAN-READA
BLE 'TRUE' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.5 DESC 'Binary'
X-NOT-HUMAN-READ
ABLE 'TRUE' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.6 DESC 'Bit String' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.7 DESC 'Boolean' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.8 DESC 'Certificate'
X-BINARY-TR
ANSFER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.9 DESC 'Certificate List'
X-BINA
RY-TRANSFER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.10 DESC 'Certificate Pair'
X-BIN
ARY-TRANSFER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.11.10.2.1 DESC 'X.509
AttributeCertifi
cate' X-BINARY-TRANSFER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.12 DESC 'Distinguished Name' )
olcLdapSyntaxes: ( 1.2.36.79672281.1.5.0 DESC 'RDN' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.13 DESC 'Data Quality' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.14 DESC 'Delivery Method' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.15 DESC 'Directory String' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.16 DESC 'DIT Content Rule
Descri
ption' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.17 DESC 'DIT Structure
Rule Desc
ription' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.19 DESC 'DSA Quality' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.20 DESC 'DSE Type' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.21 DESC 'Enhanced Guide' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.22 DESC 'Facsimile
Telephone Num
ber' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.23 DESC 'Fax'
X-NOT-HUMAN-READAB
LE 'TRUE' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.24 DESC 'Generalized Time' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.25 DESC 'Guide' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.26 DESC 'IA5 String' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.27 DESC 'Integer' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.28 DESC 'JPEG'
X-NOT-HUMAN-READA
BLE 'TRUE' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.29 DESC 'Master And Shadow
Acces
s Points' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.30 DESC 'Matching Rule
Descripti
on' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.31 DESC 'Matching Rule Use
Descr
iption' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.32 DESC 'Mail Preference' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.33 DESC 'MHS OR Address' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.34 DESC 'Name And Optional
UID'
)
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.35 DESC 'Name Form
Description'
)
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.36 DESC 'Numeric String' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.37 DESC 'Object Class
Descriptio
n' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.38 DESC 'OID' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.39 DESC 'Other Mailbox' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.40 DESC 'Octet String' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.41 DESC 'Postal Address' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.42 DESC 'Protocol
Information' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.43 DESC 'Presentation
Address' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.44 DESC 'Printable String' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.11 DESC 'Country String' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.45 DESC
'SubtreeSpecification' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.49 DESC 'Supported
Algorithm' X-
BINARY-TRANSFER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.50 DESC 'Telephone Number' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.51 DESC 'Teletex Terminal
Identi
fier' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.52 DESC 'Telex Number' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.54 DESC 'LDAP Syntax
Description
' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.55 DESC 'Modify Rights' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.56 DESC 'LDAP Schema
Definition'
)
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.57 DESC 'LDAP Schema
Description
' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.58 DESC 'Substring
Assertion' )
olcLdapSyntaxes: ( 1.3.6.1.1.1.0.0 DESC 'RFC2307 NIS Netgroup Triple' )
olcLdapSyntaxes: ( 1.3.6.1.1.1.0.1 DESC 'RFC2307 Boot Parameter' )
olcLdapSyntaxes: ( 1.3.6.1.1.15.1 DESC 'Certificate Exact Assertion' )
olcLdapSyntaxes: ( 1.3.6.1.1.15.2 DESC 'Certificate Assertion' )
olcLdapSyntaxes: ( 1.3.6.1.1.15.3 DESC 'Certificate Pair Exact Assertion' )
olcLdapSyntaxes: ( 1.3.6.1.1.15.4 DESC 'Certificate Pair Assertion' )
olcLdapSyntaxes: ( 1.3.6.1.1.15.5 DESC 'Certificate List Exact Assertion' )
olcLdapSyntaxes: ( 1.3.6.1.1.15.6 DESC 'Certificate List Assertion' )
olcLdapSyntaxes: ( 1.3.6.1.1.15.7 DESC 'Algorithm Identifier' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.11.10.2.2 DESC
'AttributeCertificate E
xact Assertion' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.11.10.2.3 DESC
'AttributeCertificate A
ssertion' )
olcLdapSyntaxes: ( 1.3.6.1.1.16.1 DESC 'UUID' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.11.2.1 DESC 'CSN' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.11.2.4 DESC 'CSN SID' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.1.1.1 DESC 'OpenLDAP void' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.2.7 DESC 'OpenLDAP authz' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.2.1 DESC 'OpenLDAP Experimental
ACI' )
olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.11.5.3.1 DESC 'Control' )
dn: cn={0}core,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: {0}core
olcAttributeTypes: {0}( 2.5.4.2 NAME 'knowledgeInformation' DESC
'RFC2256: kno
wledge information' EQUALITY caseIgnoreMatch SYNTAX
1.3.6.1.4.1.1466.115.121.
1.15{32768} )
olcAttributeTypes: {1}( 2.5.4.4 NAME ( 'sn' 'surname' ) DESC 'RFC2256:
last (f
amily) name(s) for which the entity is known by' SUP name )
olcAttributeTypes: {2}( 2.5.4.5 NAME 'serialNumber' DESC 'RFC2256:
serial numb
er of the entity' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMatch S
YNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} )
olcAttributeTypes: {3}( 2.5.4.6 NAME ( 'c' 'countryName' ) DESC
'RFC2256: ISO-
3166 country 2-letter code' SUP name SINGLE-VALUE )
olcAttributeTypes: {4}( 2.5.4.7 NAME ( 'l' 'localityName' ) DESC
'RFC2256: loc
ality which this object resides in' SUP name )
olcAttributeTypes: {5}( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' ) DESC
'RFC2
256: state or province which this object resides in' SUP name )
olcAttributeTypes: {6}( 2.5.4.9 NAME ( 'street' 'streetAddress' ) DESC
'RFC225
6: street address of this object' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreS
ubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
olcAttributeTypes: {7}( 2.5.4.10 NAME ( 'o' 'organizationName' ) DESC
'RFC2256
: organization this object belongs to' SUP name )
olcAttributeTypes: {8}( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' )
DESC '
RFC2256: organizational unit this object belongs to' SUP name )
olcAttributeTypes: {9}( 2.5.4.12 NAME 'title' DESC 'RFC2256: title
associated
with the entity' SUP name )
olcAttributeTypes: {10}( 2.5.4.14 NAME 'searchGuide' DESC 'RFC2256:
search gui
de, deprecated by enhancedSearchGuide' SYNTAX
1.3.6.1.4.1.1466.115.121.1.25 )
olcAttributeTypes: {11}( 2.5.4.15 NAME 'businessCategory' DESC 'RFC2256:
busin
ess category' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
SYNTA
X 1.3.6.1.4.1.1466.115.121.1.15{128} )
olcAttributeTypes: {12}( 2.5.4.16 NAME 'postalAddress' DESC 'RFC2256:
postal a
ddress' EQUALITY caseIgnoreListMatch SUBSTR
caseIgnoreListSubstringsMatch SYN
TAX 1.3.6.1.4.1.1466.115.121.1.41 )
olcAttributeTypes: {13}( 2.5.4.17 NAME 'postalCode' DESC 'RFC2256:
postal code
' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
1.3.6.1.4.
1.1466.115.121.1.15{40} )
olcAttributeTypes: {14}( 2.5.4.18 NAME 'postOfficeBox' DESC 'RFC2256:
Post Off
ice Box' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3
.6.1.4.1.1466.115.121.1.15{40} )
olcAttributeTypes: {15}( 2.5.4.19 NAME 'physicalDeliveryOfficeName' DESC
'RFC2
256: Physical Delivery Office Name' EQUALITY caseIgnoreMatch SUBSTR
caseIgnor
eSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
olcAttributeTypes: {16}( 2.5.4.20 NAME 'telephoneNumber' DESC 'RFC2256:
Teleph
one Number' EQUALITY telephoneNumberMatch SUBSTR
telephoneNumberSubstringsMat
ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} )
olcAttributeTypes: {17}( 2.5.4.21 NAME 'telexNumber' DESC 'RFC2256:
Telex Numb
er' SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 )
olcAttributeTypes: {18}( 2.5.4.22 NAME 'teletexTerminalIdentifier' DESC
'RFC22
56: Teletex Terminal Identifier' SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 )
olcAttributeTypes: {19}( 2.5.4.23 NAME ( 'facsimileTelephoneNumber'
'fax' ) DE
SC 'RFC2256: Facsimile (Fax) Telephone Number' SYNTAX
1.3.6.1.4.1.1466.115.12
1.1.22 )
olcAttributeTypes: {20}( 2.5.4.24 NAME 'x121Address' DESC 'RFC2256:
X.121 Addr
ess' EQUALITY numericStringMatch SUBSTR numericStringSubstringsMatch
SYNTAX 1
.3.6.1.4.1.1466.115.121.1.36{15} )
olcAttributeTypes: {21}( 2.5.4.25 NAME 'internationaliSDNNumber' DESC
'RFC2256
: international ISDN number' EQUALITY numericStringMatch SUBSTR
numericString
SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} )
olcAttributeTypes: {22}( 2.5.4.26 NAME 'registeredAddress' DESC
'RFC2256: regi
stered postal address' SUP postalAddress SYNTAX
1.3.6.1.4.1.1466.115.121.1.41
)
olcAttributeTypes: {23}( 2.5.4.27 NAME 'destinationIndicator' DESC
'RFC2256: d
estination indicator' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMat
ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} )
olcAttributeTypes: {24}( 2.5.4.28 NAME 'preferredDeliveryMethod' DESC
'RFC2256
: preferred delivery method' SYNTAX 1.3.6.1.4.1.1466.115.121.1.14
SINGLE-VALU
E )
olcAttributeTypes: {25}( 2.5.4.29 NAME 'presentationAddress' DESC
'RFC2256: pr
esentation address' EQUALITY presentationAddressMatch SYNTAX
1.3.6.1.4.1.1466
.115.121.1.43 SINGLE-VALUE )
olcAttributeTypes: {26}( 2.5.4.30 NAME 'supportedApplicationContext'
DESC 'RFC
2256: supported application context' EQUALITY objectIdentifierMatch
SYNTAX 1.
3.6.1.4.1.1466.115.121.1.38 )
olcAttributeTypes: {27}( 2.5.4.31 NAME 'member' DESC 'RFC2256: member of
a gro
up' SUP distinguishedName )
olcAttributeTypes: {28}( 2.5.4.32 NAME 'owner' DESC 'RFC2256: owner (of
the ob
ject)' SUP distinguishedName )
olcAttributeTypes: {29}( 2.5.4.33 NAME 'roleOccupant' DESC 'RFC2256:
occupant
of role' SUP distinguishedName )
olcAttributeTypes: {30}( 2.5.4.36 NAME 'userCertificate' DESC 'RFC2256:
X.509
user certificate, use ;binary' EQUALITY certificateExactMatch SYNTAX
1.3.6.1.
4.1.1466.115.121.1.8 )
olcAttributeTypes: {31}( 2.5.4.37 NAME 'cACertificate' DESC 'RFC2256:
X.509 CA
certificate, use ;binary' EQUALITY certificateExactMatch SYNTAX
1.3.6.1.4.1.
1466.115.121.1.8 )
olcAttributeTypes: {32}( 2.5.4.38 NAME 'authorityRevocationList' DESC
'RFC2256
: X.509 authority revocation list, use ;binary' SYNTAX
1.3.6.1.4.1.1466.115.1
21.1.9 )
olcAttributeTypes: {33}( 2.5.4.39 NAME 'certificateRevocationList' DESC
'RFC22
56: X.509 certificate revocation list, use ;binary' SYNTAX
1.3.6.1.4.1.1466.1
15.121.1.9 )
olcAttributeTypes: {34}( 2.5.4.40 NAME 'crossCertificatePair' DESC
'RFC2256: X
.509 cross certificate pair, use ;binary' SYNTAX
1.3.6.1.4.1.1466.115.121.1.1
0 )
olcAttributeTypes: {35}( 2.5.4.42 NAME ( 'givenName' 'gn' ) DESC
'RFC2256: fir
st name(s) for which the entity is known by' SUP name )
olcAttributeTypes: {36}( 2.5.4.43 NAME 'initials' DESC 'RFC2256:
initials of s
ome or all of names, but not the surname(s).' SUP name )
olcAttributeTypes: {37}( 2.5.4.44 NAME 'generationQualifier' DESC
'RFC2256: na
me qualifier indicating a generation' SUP name )
olcAttributeTypes: {38}( 2.5.4.45 NAME 'x500UniqueIdentifier' DESC
'RFC2256: X
.500 unique identifier' EQUALITY bitStringMatch SYNTAX
1.3.6.1.4.1.1466.115.1
21.1.6 )
olcAttributeTypes: {39}( 2.5.4.46 NAME 'dnQualifier' DESC 'RFC2256: DN
qualifi
er' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR
caseIgno
reSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 )
olcAttributeTypes: {40}( 2.5.4.47 NAME 'enhancedSearchGuide' DESC
'RFC2256: en
hanced search guide' SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 )
olcAttributeTypes: {41}( 2.5.4.48 NAME 'protocolInformation' DESC
'RFC2256: pr
otocol information' EQUALITY protocolInformationMatch SYNTAX
1.3.6.1.4.1.1466
.115.121.1.42 )
olcAttributeTypes: {42}( 2.5.4.50 NAME 'uniqueMember' DESC 'RFC2256:
unique me
mber of a group' EQUALITY uniqueMemberMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1
.34 )
olcAttributeTypes: {43}( 2.5.4.51 NAME 'houseIdentifier' DESC 'RFC2256:
house
identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
SYNTAX
1.3.6.1.4.1.1466.115.121.1.15{32768} )
olcAttributeTypes: {44}( 2.5.4.52 NAME 'supportedAlgorithms' DESC
'RFC2256: su
pported algorithms' SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 )
olcAttributeTypes: {45}( 2.5.4.53 NAME 'deltaRevocationList' DESC
'RFC2256: de
lta revocation list; use ;binary' SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
olcAttributeTypes: {46}( 2.5.4.54 NAME 'dmdName' DESC 'RFC2256: name of
DMD' S
UP name )
olcAttributeTypes: {47}( 2.5.4.65 NAME 'pseudonym' DESC 'X.520(4th):
pseudonym
for the object' SUP name )
olcAttributeTypes: {48}( 0.9.2342.19200300.100.1.3 NAME ( 'mail'
'rfc822Mailbo
x' ) DESC 'RFC1274: RFC822 Mailbox' EQUALITY caseIgnoreIA5Match
SUBSTR ca
seIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
olcAttributeTypes: {49}( 0.9.2342.19200300.100.1.25 NAME ( 'dc'
'domainCompone
nt' ) DESC 'RFC1274/2247: domain component' EQUALITY caseIgnoreIA5Match
SUBST
R caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VA
LUE )
olcAttributeTypes: {50}( 0.9.2342.19200300.100.1.37 NAME
'associatedDomain' DE
SC 'RFC1274: domain associated with object' EQUALITY caseIgnoreIA5Match
SUBST
R caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
olcAttributeTypes: {51}( 1.2.840.113549.1.9.1 NAME ( 'email'
'emailAddress' 'p
kcs9email' ) DESC 'RFC3280: legacy attribute for email addresses in
DNs' EQUA
LITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX
1.3.6.1.4.
1.1466.115.121.1.26{128} )
olcObjectClasses: {0}( 2.5.6.2 NAME 'country' DESC 'RFC2256: a country'
SUP to
p STRUCTURAL MUST c MAY ( searchGuide $ description ) )
olcObjectClasses: {1}( 2.5.6.3 NAME 'locality' DESC 'RFC2256: a
locality' SUP
top STRUCTURAL MAY ( street $ seeAlso $ searchGuide $ st $ l $
description )
)
olcObjectClasses: {2}( 2.5.6.4 NAME 'organization' DESC 'RFC2256: an
organizat
ion' SUP top STRUCTURAL MUST o MAY ( userPassword $ searchGuide $
seeAlso $ b
usinessCategory $ x121Address $ registeredAddress $
destinationIndicator $ pr
eferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
telephoneNu
mber $ internationaliSDNNumber $ facsimileTelephoneNumber $ street $
postOff
iceBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName $ st $
l $ d
escription ) )
olcObjectClasses: {3}( 2.5.6.5 NAME 'organizationalUnit' DESC 'RFC2256:
an org
anizational unit' SUP top STRUCTURAL MUST ou MAY ( userPassword $
searchGuide
$ seeAlso $ businessCategory $ x121Address $ registeredAddress $
destination
Indicator $ preferredDeliveryMethod $ telexNumber $
teletexTerminalIdentifier
$ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber
$ str
eet $ postOfficeBox $ postalCode $ postalAddress $
physicalDeliveryOfficeName
$ st $ l $ description ) )
olcObjectClasses: {4}( 2.5.6.6 NAME 'person' DESC 'RFC2256: a person'
SUP top
STRUCTURAL MUST ( sn $ cn ) MAY ( userPassword $ telephoneNumber $
seeAlso $
description ) )
olcObjectClasses: {5}( 2.5.6.7 NAME 'organizationalPerson' DESC
'RFC2256: an o
rganizational person' SUP person STRUCTURAL MAY ( title $ x121Address $
regis
teredAddress $ destinationIndicator $ preferredDeliveryMethod $
telexNumber $
teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber
$ fac
simileTelephoneNumber $ street $ postOfficeBox $ postalCode $
postalAddress $
physicalDeliveryOfficeName $ ou $ st $ l ) )
olcObjectClasses: {6}( 2.5.6.8 NAME 'organizationalRole' DESC 'RFC2256:
an org
anizational role' SUP top STRUCTURAL MUST cn MAY ( x121Address $
registeredAd
dress $ destinationIndicator $ preferredDeliveryMethod $ telexNumber $
telete
xTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $
facsimileTe
lephoneNumber $ seeAlso $ roleOccupant $ preferredDeliveryMethod $
street $ p
ostOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName
$ ou $
st $ l $ description ) )
olcObjectClasses: {7}( 2.5.6.9 NAME 'groupOfNames' DESC 'RFC2256: a
group of n
ames (DNs)' SUP top STRUCTURAL MUST ( member $ cn ) MAY (
businessCategory $
seeAlso $ owner $ ou $ o $ description ) )
olcObjectClasses: {8}( 2.5.6.10 NAME 'residentialPerson' DESC 'RFC2256:
an res
idential person' SUP person STRUCTURAL MUST l MAY ( businessCategory $
x121Ad
dress $ registeredAddress $ destinationIndicator $
preferredDeliveryMethod $
telexNumber $ teletexTerminalIdentifier $ telephoneNumber $
internationaliSDN
Number $ facsimileTelephoneNumber $ preferredDeliveryMethod $ street $
postOf
ficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName $ st
$ l )
)
olcObjectClasses: {9}( 2.5.6.11 NAME 'applicationProcess' DESC 'RFC2256:
an ap
plication process' SUP top STRUCTURAL MUST cn MAY ( seeAlso $ ou $ l $
descri
ption ) )
olcObjectClasses: {10}( 2.5.6.12 NAME 'applicationEntity' DESC 'RFC2256:
an ap
plication entity' SUP top STRUCTURAL MUST ( presentationAddress $ cn )
MAY (
supportedApplicationContext $ seeAlso $ ou $ o $ l $ description ) )
olcObjectClasses: {11}( 2.5.6.13 NAME 'dSA' DESC 'RFC2256: a directory
system
agent (a server)' SUP applicationEntity STRUCTURAL MAY
knowledgeInformation )
olcObjectClasses: {12}( 2.5.6.14 NAME 'device' DESC 'RFC2256: a device'
SUP to
p STRUCTURAL MUST cn MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l
$ desc
ription ) )
olcObjectClasses: {13}( 2.5.6.15 NAME 'strongAuthenticationUser' DESC
'RFC2256
: a strong authentication user' SUP top AUXILIARY MUST userCertificate )
olcObjectClasses: {14}( 2.5.6.16 NAME 'certificationAuthority' DESC
'RFC2256:
a certificate authority' SUP top AUXILIARY MUST (
authorityRevocationList $ c
ertificateRevocationList $ cACertificate ) MAY crossCertificatePair )
olcObjectClasses: {15}( 2.5.6.17 NAME 'groupOfUniqueNames' DESC
'RFC2256: a gr
oup of unique names (DN and Unique Identifier)' SUP top STRUCTURAL MUST
( uni
queMember $ cn ) MAY ( businessCategory $ seeAlso $ owner $ ou $ o $
descript
ion ) )
olcObjectClasses: {16}( 2.5.6.18 NAME 'userSecurityInformation' DESC
'RFC2256:
a user security information' SUP top AUXILIARY MAY (
supportedAlgorithms ) )
olcObjectClasses: {17}( 2.5.6.16.2 NAME 'certificationAuthority-V2' SUP
certif
icationAuthority AUXILIARY MAY ( deltaRevocationList ) )
olcObjectClasses: {18}( 2.5.6.19 NAME 'cRLDistributionPoint' SUP top
STRUCTURA
L MUST ( cn ) MAY ( certificateRevocationList $ authorityRevocationList
$ del
taRevocationList ) )
olcObjectClasses: {19}( 2.5.6.20 NAME 'dmd' SUP top STRUCTURAL MUST (
dmdName
) MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
x121Address
$ registeredAddress $ destinationIndicator $ preferredDeliveryMethod $
telex
Number $ teletexTerminalIdentifier $ telephoneNumber $
internationaliSDNNumbe
r $ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
postalAd
dress $ physicalDeliveryOfficeName $ st $ l $ description ) )
olcObjectClasses: {20}( 2.5.6.21 NAME 'pkiUser' DESC 'RFC2587: a PKI
user' SUP
top AUXILIARY MAY userCertificate )
olcObjectClasses: {21}( 2.5.6.22 NAME 'pkiCA' DESC 'RFC2587: PKI
certificate a
uthority' SUP top AUXILIARY MAY ( authorityRevocationList $
certificateRevoca
tionList $ cACertificate $ crossCertificatePair ) )
olcObjectClasses: {22}( 2.5.6.23 NAME 'deltaCRL' DESC 'RFC2587: PKI
user' SUP
top AUXILIARY MAY deltaRevocationList )
olcObjectClasses: {23}( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject'
DESC 'RFC
2079: object that contains the URI attribute type' MAY ( labeledURI )
SUP top
AUXILIARY )
olcObjectClasses: {24}( 0.9.2342.19200300.100.4.19 NAME
'simpleSecurityObject'
DESC 'RFC1274: simple security object' SUP top AUXILIARY MUST
userPassword )
olcObjectClasses: {25}( 1.3.6.1.4.1.1466.344 NAME 'dcObject' DESC
'RFC2247: do
main component object' SUP top AUXILIARY MUST dc )
olcObjectClasses: {26}( 1.3.6.1.1.3.1 NAME 'uidObject' DESC 'RFC2377:
uid obje
ct' SUP top AUXILIARY MUST uid )
dn: cn={1}cosine,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: {1}cosine
olcAttributeTypes: {0}( 0.9.2342.19200300.100.1.2 NAME
'textEncodedORAddress'
EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
1.3.6.1.4.1.
1466.115.121.1.15{256} )
olcAttributeTypes: {1}( 0.9.2342.19200300.100.1.4 NAME 'info' DESC
'RFC1274: g
eneral information' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{2048} )
olcAttributeTypes: {2}( 0.9.2342.19200300.100.1.5 NAME ( 'drink'
'favouriteDri
nk' ) DESC 'RFC1274: favorite drink' EQUALITY caseIgnoreMatch SUBSTR
caseIgno
reSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
olcAttributeTypes: {3}( 0.9.2342.19200300.100.1.6 NAME 'roomNumber' DESC
'RFC1
274: room number' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMatch S
YNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
olcAttributeTypes: {4}( 0.9.2342.19200300.100.1.7 NAME 'photo' DESC
'RFC1274:
photo (G3 fax)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.23{25000} )
olcAttributeTypes: {5}( 0.9.2342.19200300.100.1.8 NAME 'userClass' DESC
'RFC12
74: category of user' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMat
ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
olcAttributeTypes: {6}( 0.9.2342.19200300.100.1.9 NAME 'host' DESC
'RFC1274: h
ost computer' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
SYNTA
X 1.3.6.1.4.1.1466.115.121.1.15{256} )
olcAttributeTypes: {7}( 0.9.2342.19200300.100.1.10 NAME 'manager' DESC
'RFC127
4: DN of manager' EQUALITY distinguishedNameMatch SYNTAX
1.3.6.1.4.1.1466.115
.121.1.12 )
olcAttributeTypes: {8}( 0.9.2342.19200300.100.1.11 NAME
'documentIdentifier' D
ESC 'RFC1274: unique identifier of document' EQUALITY caseIgnoreMatch
SUBSTR
caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
olcAttributeTypes: {9}( 0.9.2342.19200300.100.1.12 NAME 'documentTitle'
DESC '
RFC1274: title of document' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstri
ngsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
olcAttributeTypes: {10}( 0.9.2342.19200300.100.1.13 NAME
'documentVersion' DES
C 'RFC1274: version of document' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSu
bstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
olcAttributeTypes: {11}( 0.9.2342.19200300.100.1.14 NAME
'documentAuthor' DESC
'RFC1274: DN of author of document' EQUALITY distinguishedNameMatch
SYNTAX 1
.3.6.1.4.1.1466.115.121.1.12 )
olcAttributeTypes: {12}( 0.9.2342.19200300.100.1.15 NAME
'documentLocation' DE
SC 'RFC1274: location of document original' EQUALITY caseIgnoreMatch
SUBSTR c
aseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
olcAttributeTypes: {13}( 0.9.2342.19200300.100.1.20 NAME ( 'homePhone'
'homeTe
lephoneNumber' ) DESC 'RFC1274: home telephone number' EQUALITY
telephoneNumb
erMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121
.1.50 )
olcAttributeTypes: {14}( 0.9.2342.19200300.100.1.21 NAME 'secretary'
DESC 'RFC
1274: DN of secretary' EQUALITY distinguishedNameMatch SYNTAX
1.3.6.1.4.1.146
6.115.121.1.12 )
olcAttributeTypes: {15}( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox'
SYNTAX
1.3.6.1.4.1.1466.115.121.1.39 )
olcAttributeTypes: {16}( 0.9.2342.19200300.100.1.26 NAME 'aRecord'
EQUALITY ca
seIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
olcAttributeTypes: {17}( 0.9.2342.19200300.100.1.27 NAME 'mDRecord'
EQUALITY c
aseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
olcAttributeTypes: {18}( 0.9.2342.19200300.100.1.28 NAME 'mXRecord'
EQUALITY c
aseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
olcAttributeTypes: {19}( 0.9.2342.19200300.100.1.29 NAME 'nSRecord'
EQUALITY c
aseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
olcAttributeTypes: {20}( 0.9.2342.19200300.100.1.30 NAME 'sOARecord'
EQUALITY
caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
olcAttributeTypes: {21}( 0.9.2342.19200300.100.1.31 NAME 'cNAMERecord'
EQUALIT
Y caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
olcAttributeTypes: {22}( 0.9.2342.19200300.100.1.38 NAME
'associatedName' DESC
'RFC1274: DN of entry associated with domain' EQUALITY
distinguishedNameMatc
h SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
olcAttributeTypes: {23}( 0.9.2342.19200300.100.1.39 NAME
'homePostalAddress' D
ESC 'RFC1274: home postal address' EQUALITY caseIgnoreListMatch SUBSTR
caseIg
noreListSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
olcAttributeTypes: {24}( 0.9.2342.19200300.100.1.40 NAME 'personalTitle'
DESC
'RFC1274: personal title' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstring
sMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
olcAttributeTypes: {25}( 0.9.2342.19200300.100.1.41 NAME ( 'mobile'
'mobileTel
ephoneNumber' ) DESC 'RFC1274: mobile telephone number' EQUALITY
telephoneNum
berMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.12
1.1.50 )
olcAttributeTypes: {26}( 0.9.2342.19200300.100.1.42 NAME ( 'pager'
'pagerTelep
honeNumber' ) DESC 'RFC1274: pager telephone number' EQUALITY
telephoneNumber
Match SUBSTR telephoneNumberSubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1
.50 )
olcAttributeTypes: {27}( 0.9.2342.19200300.100.1.43 NAME ( 'co'
'friendlyCount
ryName' ) DESC 'RFC1274: friendly country name' EQUALITY
caseIgnoreMatch SUBS
TR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
olcAttributeTypes: {28}( 0.9.2342.19200300.100.1.44 NAME
'uniqueIdentifier' DE
SC 'RFC1274: unique identifer' EQUALITY caseIgnoreMatch SYNTAX
1.3.6.1.4.1.14
66.115.121.1.15{256} )
olcAttributeTypes: {29}( 0.9.2342.19200300.100.1.45 NAME
'organizationalStatus
' DESC 'RFC1274: organizational status' EQUALITY caseIgnoreMatch SUBSTR
caseI
gnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
olcAttributeTypes: {30}( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox'
DESC '
RFC1274: Janet mailbox' EQUALITY caseIgnoreIA5Match SUBSTR
caseIgnoreIA5Subst
ringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
olcAttributeTypes: {31}( 0.9.2342.19200300.100.1.47 NAME
'mailPreferenceOption
' DESC 'RFC1274: mail preference option' SYNTAX
1.3.6.1.4.1.1466.115.121.1.27
)
olcAttributeTypes: {32}( 0.9.2342.19200300.100.1.48 NAME 'buildingName'
DESC '
RFC1274: name of building' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstrin
gsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
olcAttributeTypes: {33}( 0.9.2342.19200300.100.1.49 NAME 'dSAQuality'
DESC 'RF
C1274: DSA Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1.19 SINGLE-VALUE )
olcAttributeTypes: {34}( 0.9.2342.19200300.100.1.50 NAME
'singleLevelQuality'
DESC 'RFC1274: Single Level Quality' SYNTAX
1.3.6.1.4.1.1466.115.121.1.13 SIN
GLE-VALUE )
olcAttributeTypes: {35}( 0.9.2342.19200300.100.1.51 NAME
'subtreeMinimumQualit
y' DESC 'RFC1274: Subtree Mininum Quality' SYNTAX
1.3.6.1.4.1.1466.115.121.1.
13 SINGLE-VALUE )
olcAttributeTypes: {36}( 0.9.2342.19200300.100.1.52 NAME
'subtreeMaximumQualit
y' DESC 'RFC1274: Subtree Maximun Quality' SYNTAX
1.3.6.1.4.1.1466.115.121.1.
13 SINGLE-VALUE )
olcAttributeTypes: {37}( 0.9.2342.19200300.100.1.53 NAME
'personalSignature' D
ESC 'RFC1274: Personal Signature (G3 fax)' SYNTAX
1.3.6.1.4.1.1466.115.121.1.
23 )
olcAttributeTypes: {38}( 0.9.2342.19200300.100.1.54 NAME 'dITRedirect'
DESC 'R
FC1274: DIT Redirect' EQUALITY distinguishedNameMatch SYNTAX
1.3.6.1.4.1.1466
.115.121.1.12 )
olcAttributeTypes: {39}( 0.9.2342.19200300.100.1.55 NAME 'audio' DESC
'RFC1274
: audio (u-law)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.4{25000} )
olcAttributeTypes: {40}( 0.9.2342.19200300.100.1.56 NAME
'documentPublisher' D
ESC 'RFC1274: publisher of document' EQUALITY caseIgnoreMatch SUBSTR
caseIgno
reSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
olcObjectClasses: {0}( 0.9.2342.19200300.100.4.4 NAME ( 'pilotPerson'
'newPilo
tPerson' ) SUP person STRUCTURAL MAY ( userid $ textEncodedORAddress $
rfc822
Mailbox $ favouriteDrink $ roomNumber $ userClass $ homeTelephoneNumber
$ hom
ePostalAddress $ secretary $ personalTitle $ preferredDeliveryMethod $
busine
ssCategory $ janetMailbox $ otherMailbox $ mobileTelephoneNumber $
pagerTelep
honeNumber $ organizationalStatus $ mailPreferenceOption $
personalSignature
) )
olcObjectClasses: {1}( 0.9.2342.19200300.100.4.5 NAME 'account' SUP top
STRUCT
URAL MUST userid MAY ( description $ seeAlso $ localityName $
organizationNam
e $ organizationalUnitName $ host ) )
olcObjectClasses: {2}( 0.9.2342.19200300.100.4.6 NAME 'document' SUP top
STRUC
TURAL MUST documentIdentifier MAY ( commonName $ description $ seeAlso
$ loca
lityName $ organizationName $ organizationalUnitName $ documentTitle $
docume
ntVersion $ documentAuthor $ documentLocation $ documentPublisher ) )
olcObjectClasses: {3}( 0.9.2342.19200300.100.4.7 NAME 'room' SUP top
STRUCTURA
L MUST commonName MAY ( roomNumber $ description $ seeAlso $
telephoneNumber
) )
olcObjectClasses: {4}( 0.9.2342.19200300.100.4.9 NAME 'documentSeries'
SUP top
STRUCTURAL MUST commonName MAY ( description $ seeAlso $
telephonenumber $ l
ocalityName $ organizationName $ organizationalUnitName ) )
olcObjectClasses: {5}( 0.9.2342.19200300.100.4.13 NAME 'domain' SUP top
STRUCT
URAL MUST domainComponent MAY ( associatedName $ organizationName $
descripti
on $ businessCategory $ seeAlso $ searchGuide $ userPassword $
localityName $
stateOrProvinceName $ streetAddress $ physicalDeliveryOfficeName $
postalAdd
ress $ postalCode $ postOfficeBox $ streetAddress $
facsimileTelephoneNumber
$ internationalISDNNumber $ telephoneNumber $ teletexTerminalIdentifier
$ tel
exNumber $ preferredDeliveryMethod $ destinationIndicator $
registeredAddress
$ x121Address ) )
olcObjectClasses: {6}( 0.9.2342.19200300.100.4.14 NAME 'RFC822localPart'
SUP d
omain STRUCTURAL MAY ( commonName $ surname $ description $ seeAlso $
telepho
neNumber $ physicalDeliveryOfficeName $ postalAddress $ postalCode $
postOffi
ceBox $ streetAddress $ facsimileTelephoneNumber $
internationalISDNNumber $
telephoneNumber $ teletexTerminalIdentifier $ telexNumber $
preferredDelivery
Method $ destinationIndicator $ registeredAddress $ x121Address ) )
olcObjectClasses: {7}( 0.9.2342.19200300.100.4.15 NAME 'dNSDomain' SUP
domain
STRUCTURAL MAY ( ARecord $ MDRecord $ MXRecord $ NSRecord $ SOARecord $
CNAME
Record ) )
olcObjectClasses: {8}( 0.9.2342.19200300.100.4.17 NAME
'domainRelatedObject' D
ESC 'RFC1274: an object related to an domain' SUP top AUXILIARY MUST
associat
edDomain )
olcObjectClasses: {9}( 0.9.2342.19200300.100.4.18 NAME 'friendlyCountry'
SUP c
ountry STRUCTURAL MUST friendlyCountryName )
olcObjectClasses: {10}( 0.9.2342.19200300.100.4.20 NAME
'pilotOrganization' SU
P ( organization $ organizationalUnit ) STRUCTURAL MAY buildingName )
olcObjectClasses: {11}( 0.9.2342.19200300.100.4.21 NAME 'pilotDSA' SUP
dsa STR
UCTURAL MAY dSAQuality )
olcObjectClasses: {12}( 0.9.2342.19200300.100.4.22 NAME
'qualityLabelledData'
SUP top AUXILIARY MUST dsaQuality MAY ( subtreeMinimumQuality $
subtreeMaximu
mQuality ) )
dn: cn={2}nis,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: {2}nis
olcAttributeTypes: {0}( 1.3.6.1.1.1.1.2 NAME 'gecos' DESC 'The GECOS
field; th
e common name' EQUALITY caseIgnoreIA5Match SUBSTR
caseIgnoreIA5SubstringsMatc
h SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
olcAttributeTypes: {1}( 1.3.6.1.1.1.1.3 NAME 'homeDirectory' DESC 'The
absolut
e path to the home directory' EQUALITY caseExactIA5Match SYNTAX
1.3.6.1.4.1.1
466.115.121.1.26 SINGLE-VALUE )
olcAttributeTypes: {2}( 1.3.6.1.1.1.1.4 NAME 'loginShell' DESC 'The path
to th
e login shell' EQUALITY caseExactIA5Match SYNTAX
1.3.6.1.4.1.1466.115.121.1.2
6 SINGLE-VALUE )
olcAttributeTypes: {3}( 1.3.6.1.1.1.1.5 NAME 'shadowLastChange' EQUALITY
integ
erMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {4}( 1.3.6.1.1.1.1.6 NAME 'shadowMin' EQUALITY
integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {5}( 1.3.6.1.1.1.1.7 NAME 'shadowMax' EQUALITY
integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {6}( 1.3.6.1.1.1.1.8 NAME 'shadowWarning' EQUALITY
integerM
atch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {7}( 1.3.6.1.1.1.1.9 NAME 'shadowInactive' EQUALITY
integer
Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {8}( 1.3.6.1.1.1.1.10 NAME 'shadowExpire' EQUALITY
integerM
atch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {9}( 1.3.6.1.1.1.1.11 NAME 'shadowFlag' EQUALITY
integerMat
ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {10}( 1.3.6.1.1.1.1.12 NAME 'memberUid' EQUALITY
caseExactI
A5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.
26 )
olcAttributeTypes: {11}( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup'
EQUALITY ca
seExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX
1.3.6.1.4.1.1466.11
5.121.1.26 )
olcAttributeTypes: {12}( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple' DESC
'Netgr
oup triple' SYNTAX 1.3.6.1.1.1.0.0 )
olcAttributeTypes: {13}( 1.3.6.1.1.1.1.15 NAME 'ipServicePort' EQUALITY
intege
rMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {14}( 1.3.6.1.1.1.1.16 NAME 'ipServiceProtocol' SUP
name )
olcAttributeTypes: {15}( 1.3.6.1.1.1.1.17 NAME 'ipProtocolNumber'
EQUALITY int
egerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {16}( 1.3.6.1.1.1.1.18 NAME 'oncRpcNumber' EQUALITY
integer
Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {17}( 1.3.6.1.1.1.1.19 NAME 'ipHostNumber' DESC 'IP
address
' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
olcAttributeTypes: {18}( 1.3.6.1.1.1.1.20 NAME 'ipNetworkNumber' DESC
'IP netw
ork' EQUALITY caseIgnoreIA5Match SYNTAX
1.3.6.1.4.1.1466.115.121.1.26{128} SI
NGLE-VALUE )
olcAttributeTypes: {19}( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber' DESC
'IP netm
ask' EQUALITY caseIgnoreIA5Match SYNTAX
1.3.6.1.4.1.1466.115.121.1.26{128} SI
NGLE-VALUE )
olcAttributeTypes: {20}( 1.3.6.1.1.1.1.22 NAME 'macAddress' DESC 'MAC
address'
EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
olcAttributeTypes: {21}( 1.3.6.1.1.1.1.23 NAME 'bootParameter' DESC
'rpc.bootp
aramd parameter' SYNTAX 1.3.6.1.1.1.0.1 )
olcAttributeTypes: {22}( 1.3.6.1.1.1.1.24 NAME 'bootFile' DESC 'Boot
image nam
e' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
olcAttributeTypes: {23}( 1.3.6.1.1.1.1.26 NAME 'nisMapName' SUP name )
olcAttributeTypes: {24}( 1.3.6.1.1.1.1.27 NAME 'nisMapEntry' EQUALITY
caseExac
tIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.
1.26{1024} SINGLE-VALUE )
olcObjectClasses: {0}( 1.3.6.1.1.1.2.0 NAME 'posixAccount' DESC
'Abstraction o
f an account with POSIX attributes' SUP top AUXILIARY MUST ( cn $ uid $
uidNu
mber $ gidNumber $ homeDirectory ) MAY ( userPassword $ loginShell $
gecos $
description ) )
olcObjectClasses: {1}( 1.3.6.1.1.1.2.1 NAME 'shadowAccount' DESC
'Additional a
ttributes for shadow passwords' SUP top AUXILIARY MUST uid MAY (
userPassword
$ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $
shadowInactive
$ shadowExpire $ shadowFlag $ description ) )
olcObjectClasses: {2}( 1.3.6.1.1.1.2.2 NAME 'posixGroup' DESC
'Abstraction of
a group of accounts' SUP top STRUCTURAL MUST ( cn $ gidNumber ) MAY (
userPas
sword $ memberUid $ description ) )
olcObjectClasses: {3}( 1.3.6.1.1.1.2.3 NAME 'ipService' DESC
'Abstraction an I
nternet Protocol service' SUP top STRUCTURAL MUST ( cn $ ipServicePort
$ ipSe
rviceProtocol ) MAY description )
olcObjectClasses: {4}( 1.3.6.1.1.1.2.4 NAME 'ipProtocol' DESC
'Abstraction of
an IP protocol' SUP top STRUCTURAL MUST ( cn $ ipProtocolNumber $
description
) MAY description )
olcObjectClasses: {5}( 1.3.6.1.1.1.2.5 NAME 'oncRpc' DESC 'Abstraction
of an O
NC/RPC binding' SUP top STRUCTURAL MUST ( cn $ oncRpcNumber $
description ) M
AY description )
olcObjectClasses: {6}( 1.3.6.1.1.1.2.6 NAME 'ipHost' DESC 'Abstraction
of a ho
st, an IP device' SUP top AUXILIARY MUST ( cn $ ipHostNumber ) MAY ( l
$ desc
ription $ manager ) )
olcObjectClasses: {7}( 1.3.6.1.1.1.2.7 NAME 'ipNetwork' DESC
'Abstraction of a
n IP network' SUP top STRUCTURAL MUST ( cn $ ipNetworkNumber ) MAY (
ipNetmas
kNumber $ l $ description $ manager ) )
olcObjectClasses: {8}( 1.3.6.1.1.1.2.8 NAME 'nisNetgroup' DESC
'Abstraction of
a netgroup' SUP top STRUCTURAL MUST cn MAY ( nisNetgroupTriple $
memberNisNe
tgroup $ description ) )
olcObjectClasses: {9}( 1.3.6.1.1.1.2.9 NAME 'nisMap' DESC 'A generic
abstracti
on of a NIS map' SUP top STRUCTURAL MUST nisMapName MAY description )
olcObjectClasses: {10}( 1.3.6.1.1.1.2.10 NAME 'nisObject' DESC 'An entry
in a
NIS map' SUP top STRUCTURAL MUST ( cn $ nisMapEntry $ nisMapName ) MAY
descri
ption )
olcObjectClasses: {11}( 1.3.6.1.1.1.2.11 NAME 'ieee802Device' DESC 'A
device w
ith a MAC address' SUP top AUXILIARY MAY macAddress )
olcObjectClasses: {12}( 1.3.6.1.1.1.2.12 NAME 'bootableDevice' DESC 'A
device
with boot parameters' SUP top AUXILIARY MAY ( bootFile $ bootParameter ) )
dn: cn={3}inetorgperson,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: {3}inetorgperson
olcAttributeTypes: {0}( 2.16.840.1.113730.3.1.1 NAME 'carLicense' DESC
'RFC279
8: vehicle license or registration plate' EQUALITY caseIgnoreMatch
SUBSTR cas
eIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
olcAttributeTypes: {1}( 2.16.840.1.113730.3.1.2 NAME 'departmentNumber'
DESC '
RFC2798: identifies a department within an organization' EQUALITY
caseIgnoreM
atch SUBSTR caseIgnoreSubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.15 )
olcAttributeTypes: {2}( 2.16.840.1.113730.3.1.241 NAME 'displayName'
DESC 'RFC
2798: preferred name to be used when displaying entries' EQUALITY
caseIgnoreM
atch SUBSTR caseIgnoreSubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.15 SI
NGLE-VALUE )
olcAttributeTypes: {3}( 2.16.840.1.113730.3.1.3 NAME 'employeeNumber'
DESC 'RF
C2798: numerically identifies an employee within an organization'
EQUALITY ca
seIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.12
1.1.15 SINGLE-VALUE )
olcAttributeTypes: {4}( 2.16.840.1.113730.3.1.4 NAME 'employeeType' DESC
'RFC2
798: type of employment for a person' EQUALITY caseIgnoreMatch SUBSTR
caseIgn
oreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
olcAttributeTypes: {5}( 0.9.2342.19200300.100.1.60 NAME 'jpegPhoto' DESC
'RFC2
798: a JPEG image' SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 )
olcAttributeTypes: {6}( 2.16.840.1.113730.3.1.39 NAME
'preferredLanguage' DESC
'RFC2798: preferred written or spoken language for a person' EQUALITY
caseIg
noreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.
15 SINGLE-VALUE )
olcAttributeTypes: {7}( 2.16.840.1.113730.3.1.40 NAME
'userSMIMECertificate' D
ESC 'RFC2798: PKCS#7 SignedData used to support S/MIME' SYNTAX
1.3.6.1.4.1.14
66.115.121.1.5 )
olcAttributeTypes: {8}( 2.16.840.1.113730.3.1.216 NAME 'userPKCS12' DESC
'RFC2
798: personal identity information, a PKCS #12 PFX' SYNTAX
1.3.6.1.4.1.1466.1
15.121.1.5 )
olcObjectClasses: {0}( 2.16.840.1.113730.3.2.2 NAME 'inetOrgPerson' DESC
'RFC2
798: Internet Organizational Person' SUP organizationalPerson
STRUCTURAL MAY
( audio $ businessCategory $ carLicense $ departmentNumber $
displayName $ em
ployeeNumber $ employeeType $ givenName $ homePhone $ homePostalAddress
$ ini
tials $ jpegPhoto $ labeledURI $ mail $ manager $ mobile $ o $ pager $
photo
$ roomNumber $ secretary $ uid $ userCertificate $ x500uniqueIdentifier
$ pre
ferredLanguage $ userSMIMECertificate $ userPKCS12 ) )
dn: cn={4}samba,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: {4}samba
olcAttributeTypes: {0}( 1.3.6.1.4.1.7165.2.1.24 NAME 'sambaLMPassword'
DESC 'L
anManager Password' EQUALITY caseIgnoreIA5Match SYNTAX
1.3.6.1.4.1.1466.115.1
21.1.26{32} SINGLE-VALUE )
olcAttributeTypes: {1}( 1.3.6.1.4.1.7165.2.1.25 NAME 'sambaNTPassword'
DESC 'M
D4 hash of the unicode password' EQUALITY caseIgnoreIA5Match SYNTAX
1.3.6.1.4
.1.1466.115.121.1.26{32} SINGLE-VALUE )
olcAttributeTypes: {2}( 1.3.6.1.4.1.7165.2.1.26 NAME 'sambaAcctFlags'
DESC 'Ac
count Flags' EQUALITY caseIgnoreIA5Match SYNTAX
1.3.6.1.4.1.1466.115.121.1.26
{16} SINGLE-VALUE )
olcAttributeTypes: {3}( 1.3.6.1.4.1.7165.2.1.27 NAME 'sambaPwdLastSet'
DESC 'T
imestamp of the last password update' EQUALITY integerMatch SYNTAX
1.3.6.1.4.
1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {4}( 1.3.6.1.4.1.7165.2.1.28 NAME 'sambaPwdCanChange'
DESC
'Timestamp of when the user is allowed to update the password' EQUALITY
integ
erMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {5}( 1.3.6.1.4.1.7165.2.1.29 NAME
'sambaPwdMustChange' DESC
'Timestamp of when the password will expire' EQUALITY integerMatch
SYNTAX 1.
3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {6}( 1.3.6.1.4.1.7165.2.1.30 NAME 'sambaLogonTime'
DESC 'Ti
mestamp of last logon' EQUALITY integerMatch SYNTAX
1.3.6.1.4.1.1466.115.121.
1.27 SINGLE-VALUE )
olcAttributeTypes: {7}( 1.3.6.1.4.1.7165.2.1.31 NAME 'sambaLogoffTime'
DESC 'T
imestamp of last logoff' EQUALITY integerMatch SYNTAX
1.3.6.1.4.1.1466.115.12
1.1.27 SINGLE-VALUE )
olcAttributeTypes: {8}( 1.3.6.1.4.1.7165.2.1.32 NAME 'sambaKickoffTime'
DESC '
Timestamp of when the user will be logged off automatically' EQUALITY
integer
Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {9}( 1.3.6.1.4.1.7165.2.1.48 NAME
'sambaBadPasswordCount' D
ESC 'Bad password attempt count' EQUALITY integerMatch SYNTAX
1.3.6.1.4.1.146
6.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {10}( 1.3.6.1.4.1.7165.2.1.49 NAME
'sambaBadPasswordTime' D
ESC 'Time of the last bad password attempt' EQUALITY integerMatch
SYNTAX 1.3.
6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {11}( 1.3.6.1.4.1.7165.2.1.55 NAME 'sambaLogonHours'
DESC '
Logon Hours' EQUALITY caseIgnoreIA5Match SYNTAX
1.3.6.1.4.1.1466.115.121.1.26
{42} SINGLE-VALUE )
olcAttributeTypes: {12}( 1.3.6.1.4.1.7165.2.1.33 NAME 'sambaHomeDrive'
DESC 'D
river letter of home directory mapping' EQUALITY caseIgnoreIA5Match
SYNTAX 1.
3.6.1.4.1.1466.115.121.1.26{4} SINGLE-VALUE )
olcAttributeTypes: {13}( 1.3.6.1.4.1.7165.2.1.34 NAME 'sambaLogonScript'
DESC
'Logon script path' EQUALITY caseIgnoreMatch SYNTAX
1.3.6.1.4.1.1466.115.121.
1.15{255} SINGLE-VALUE )
olcAttributeTypes: {14}( 1.3.6.1.4.1.7165.2.1.35 NAME 'sambaProfilePath'
DESC
'Roaming profile path' EQUALITY caseIgnoreMatch SYNTAX
1.3.6.1.4.1.1466.115.1
21.1.15{255} SINGLE-VALUE )
olcAttributeTypes: {15}( 1.3.6.1.4.1.7165.2.1.36 NAME
'sambaUserWorkstations'
DESC 'List of user workstations the user is allowed to logon to'
EQUALITY cas
eIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE )
olcAttributeTypes: {16}( 1.3.6.1.4.1.7165.2.1.37 NAME 'sambaHomePath'
DESC 'Ho
me directory UNC path' EQUALITY caseIgnoreMatch SYNTAX
1.3.6.1.4.1.1466.115.1
21.1.15{128} )
olcAttributeTypes: {17}( 1.3.6.1.4.1.7165.2.1.38 NAME 'sambaDomainName'
DESC '
Windows NT domain to which the user belongs' EQUALITY caseIgnoreMatch
SYNTAX
1.3.6.1.4.1.1466.115.121.1.15{128} )
olcAttributeTypes: {18}( 1.3.6.1.4.1.7165.2.1.47 NAME 'sambaMungedDial'
DESC '
Base64 encoded user parameter string' EQUALITY caseExactMatch SYNTAX
1.3.6.1.
4.1.1466.115.121.1.15{1050} )
olcAttributeTypes: {19}( 1.3.6.1.4.1.7165.2.1.54 NAME
'sambaPasswordHistory' D
ESC 'Concatenated MD5 hashes of the salted NT passwords used on this
account'
EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} )
olcAttributeTypes: {20}( 1.3.6.1.4.1.7165.2.1.20 NAME 'sambaSID' DESC
'Securit
y ID' EQUALITY caseIgnoreIA5Match SUBSTR caseExactIA5SubstringsMatch
SYNTAX 1
.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE )
olcAttributeTypes: {21}( 1.3.6.1.4.1.7165.2.1.23 NAME
'sambaPrimaryGroupSID' D
ESC 'Primary Group Security ID' EQUALITY caseIgnoreIA5Match SYNTAX
1.3.6.1.4.
1.1466.115.121.1.26{64} SINGLE-VALUE )
olcAttributeTypes: {22}( 1.3.6.1.4.1.7165.2.1.51 NAME 'sambaSIDList'
DESC 'Sec
urity ID List' EQUALITY caseIgnoreIA5Match SYNTAX
1.3.6.1.4.1.1466.115.121.1.
26{64} )
olcAttributeTypes: {23}( 1.3.6.1.4.1.7165.2.1.19 NAME 'sambaGroupType'
DESC 'N
T Group Type' EQUALITY integerMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.27 SING
LE-VALUE )
olcAttributeTypes: {24}( 1.3.6.1.4.1.7165.2.1.21 NAME 'sambaNextUserRid'
DESC
'Next NT rid to give our for users' EQUALITY integerMatch SYNTAX
1.3.6.1.4.1.
1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {25}( 1.3.6.1.4.1.7165.2.1.22 NAME
'sambaNextGroupRid' DESC
'Next NT rid to give out for groups' EQUALITY integerMatch SYNTAX
1.3.6.1.4.
1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {26}( 1.3.6.1.4.1.7165.2.1.39 NAME 'sambaNextRid'
DESC 'Nex
t NT rid to give out for anything' EQUALITY integerMatch SYNTAX
1.3.6.1.4.1.1
466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {27}( 1.3.6.1.4.1.7165.2.1.40 NAME
'sambaAlgorithmicRidBase
' DESC 'Base at which the samba RID generation algorithm should
operate' EQUA
LITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {28}( 1.3.6.1.4.1.7165.2.1.41 NAME 'sambaShareName'
DESC 'S
hare Name' EQUALITY caseIgnoreMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.15 SING
LE-VALUE )
olcAttributeTypes: {29}( 1.3.6.1.4.1.7165.2.1.42 NAME 'sambaOptionName'
DESC '
Option Name' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
SYNTAX
1.3.6.1.4.1.1466.115.121.1.15{256} )
olcAttributeTypes: {30}( 1.3.6.1.4.1.7165.2.1.43 NAME 'sambaBoolOption'
DESC '
A boolean option' EQUALITY booleanMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.7 S
INGLE-VALUE )
olcAttributeTypes: {31}( 1.3.6.1.4.1.7165.2.1.44 NAME
'sambaIntegerOption' DES
C 'An integer option' EQUALITY integerMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1
.27 SINGLE-VALUE )
olcAttributeTypes: {32}( 1.3.6.1.4.1.7165.2.1.45 NAME
'sambaStringOption' DESC
'A string option' EQUALITY caseExactIA5Match SYNTAX
1.3.6.1.4.1.1466.115.121
.1.26 SINGLE-VALUE )
olcAttributeTypes: {33}( 1.3.6.1.4.1.7165.2.1.46 NAME
'sambaStringListOption'
DESC 'A string list option' EQUALITY caseIgnoreMatch SYNTAX
1.3.6.1.4.1.1466.
115.121.1.15 )
olcAttributeTypes: {34}( 1.3.6.1.4.1.7165.2.1.53 NAME 'sambaTrustFlags'
DESC '
Trust Password Flags' EQUALITY caseIgnoreIA5Match SYNTAX
1.3.6.1.4.1.1466.115
.121.1.26 )
olcAttributeTypes: {35}( 1.3.6.1.4.1.7165.2.1.58 NAME
'sambaMinPwdLength' DESC
'Minimal password length (default: 5)' EQUALITY integerMatch SYNTAX
1.3.6.1.
4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {36}( 1.3.6.1.4.1.7165.2.1.59 NAME
'sambaPwdHistoryLength'
DESC 'Length of Password History Entries (default: 0 => off)' EQUALITY
intege
rMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {37}( 1.3.6.1.4.1.7165.2.1.60 NAME
'sambaLogonToChgPwd' DES
C 'Force Users to logon for password change (default: 0 => off, 2 =>
on)' EQU
ALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {38}( 1.3.6.1.4.1.7165.2.1.61 NAME 'sambaMaxPwdAge'
DESC 'M
aximum password age, in seconds (default: -1 => never expire
passwords)' EQUA
LITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {39}( 1.3.6.1.4.1.7165.2.1.62 NAME 'sambaMinPwdAge'
DESC 'M
inimum password age, in seconds (default: 0 => allow immediate password
chang
e)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE )
olcAttributeTypes: {40}( 1.3.6.1.4.1.7165.2.1.63 NAME
'sambaLockoutDuration' D
ESC 'Lockout duration in minutes (default: 30, -1 => forever)' EQUALITY
integ
erMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {41}( 1.3.6.1.4.1.7165.2.1.64 NAME
'sambaLockoutObservation
Window' DESC 'Reset time after lockout in minutes (default: 30)'
EQUALITY int
egerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {42}( 1.3.6.1.4.1.7165.2.1.65 NAME
'sambaLockoutThreshold'
DESC 'Lockout users after bad logon attempts (default: 0 => off)'
EQUALITY in
tegerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {43}( 1.3.6.1.4.1.7165.2.1.66 NAME 'sambaForceLogoff'
DESC
'Disconnect Users outside logon hours (default: -1 => off, 0 => on)'
EQUALITY
integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {44}( 1.3.6.1.4.1.7165.2.1.67 NAME
'sambaRefuseMachinePwdCh
ange' DESC 'Allow Machine Password changes (default: 0 => off)'
EQUALITY inte
gerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {45}( 1.3.6.1.4.1.7165.2.1.68 NAME
'sambaClearTextPassword'
DESC 'Clear text password (used for trusted domain passwords)'
EQUALITY octe
tStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
olcAttributeTypes: {46}( 1.3.6.1.4.1.7165.2.1.69 NAME
'sambaPreviousClearTextP
assword' DESC 'Previous clear text password (used for trusted domain
password
s)' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
olcAttributeTypes: {47}( 1.3.6.1.4.1.7165.2.1.70 NAME 'sambaTrustType'
DESC 'T
ype of trust' EQUALITY integerMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.27 SING
LE-VALUE )
olcAttributeTypes: {48}( 1.3.6.1.4.1.7165.2.1.71 NAME
'sambaTrustAttributes' D
ESC 'Trust attributes for a trusted domain' EQUALITY integerMatch
SYNTAX 1.3.
6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {49}( 1.3.6.1.4.1.7165.2.1.72 NAME
'sambaTrustDirection' DE
SC 'Direction of a trust' EQUALITY integerMatch SYNTAX
1.3.6.1.4.1.1466.115.1
21.1.27 SINGLE-VALUE )
olcAttributeTypes: {50}( 1.3.6.1.4.1.7165.2.1.73 NAME
'sambaTrustPartner' DESC
'Fully qualified name of the domain with which a trust exists'
EQUALITY case
IgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
olcAttributeTypes: {51}( 1.3.6.1.4.1.7165.2.1.74 NAME 'sambaFlatName'
DESC 'Ne
tBIOS name of a domain' EQUALITY caseIgnoreMatch SYNTAX
1.3.6.1.4.1.1466.115.
121.1.15{128} )
olcAttributeTypes: {52}( 1.3.6.1.4.1.7165.2.1.75 NAME
'sambaTrustAuthOutgoing'
DESC 'Authentication information for the outgoing portion of a trust'
EQUALI
TY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
olcAttributeTypes: {53}( 1.3.6.1.4.1.7165.2.1.76 NAME
'sambaTrustAuthIncoming'
DESC 'Authentication information for the incoming portion of a trust'
EQUALI
TY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
olcAttributeTypes: {54}( 1.3.6.1.4.1.7165.2.1.77 NAME
'sambaSecurityIdentifier
' DESC 'SID of a trusted domain' EQUALITY caseIgnoreIA5Match SUBSTR
caseExact
IA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE )
olcAttributeTypes: {55}( 1.3.6.1.4.1.7165.2.1.78 NAME
'sambaTrustForestTrustIn
fo' DESC 'Forest trust information for a trusted domain object'
EQUALITY case
ExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
olcAttributeTypes: {56}( 1.3.6.1.4.1.7165.2.1.79 NAME
'sambaTrustPosixOffset'
DESC 'POSIX offset of a trust' EQUALITY integerMatch SYNTAX
1.3.6.1.4.1.1466.
115.121.1.27 SINGLE-VALUE )
olcAttributeTypes: {57}( 1.3.6.1.4.1.7165.2.1.80 NAME
'sambaSupportedEncryptio
nTypes' DESC 'Supported encryption types of a trust' EQUALITY
integerMatch SY
NTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
olcObjectClasses: {0}( 1.3.6.1.4.1.7165.2.2.6 NAME 'sambaSamAccount'
DESC 'Sam
ba 3.0 Auxilary SAM Account' SUP top AUXILIARY MUST ( uid $ sambaSID )
MAY (
cn $ sambaLMPassword $ sambaNTPassword $ sambaPwdLastSet $
sambaLogonTime $ s
ambaLogoffTime $ sambaKickoffTime $ sambaPwdCanChange $
sambaPwdMustChange $
sambaAcctFlags $ displayName $ sambaHomePath $ sambaHomeDrive $
sambaLogonScr
ipt $ sambaProfilePath $ description $ sambaUserWorkstations $
sambaPrimaryGr
oupSID $ sambaDomainName $ sambaMungedDial $ sambaBadPasswordCount $
sambaBad
PasswordTime $ sambaPasswordHistory $ sambaLogonHours ) )
olcObjectClasses: {1}( 1.3.6.1.4.1.7165.2.2.4 NAME 'sambaGroupMapping'
DESC 'S
amba Group Mapping' SUP top AUXILIARY MUST ( gidNumber $ sambaSID $
sambaGrou
pType ) MAY ( displayName $ description $ sambaSIDList ) )
olcObjectClasses: {2}( 1.3.6.1.4.1.7165.2.2.14 NAME 'sambaTrustPassword'
DESC
'Samba Trust Password' SUP top STRUCTURAL MUST ( sambaDomainName $
sambaNTPas
sword $ sambaTrustFlags ) MAY ( sambaSID $ sambaPwdLastSet ) )
olcObjectClasses: {3}( 1.3.6.1.4.1.7165.2.2.15 NAME
'sambaTrustedDomainPasswor
d' DESC 'Samba Trusted Domain Password' SUP top STRUCTURAL MUST (
sambaDomain
Name $ sambaSID $ sambaClearTextPassword $ sambaPwdLastSet ) MAY
sambaPreviou
sClearTextPassword )
olcObjectClasses: {4}( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' DESC
'Samba D
omain Information' SUP top STRUCTURAL MUST ( sambaDomainName $ sambaSID
) MAY
( sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $
sambaAlgorithmicRidB
ase $ sambaMinPwdLength $ sambaPwdHistoryLength $ sambaLogonToChgPwd $
sambaM
axPwdAge $ sambaMinPwdAge $ sambaLockoutDuration $
sambaLockoutObservationWin
dow $ sambaLockoutThreshold $ sambaForceLogoff $
sambaRefuseMachinePwdChange
) )
olcObjectClasses: {5}( 1.3.6.1.4.1.7165.2.2.7 NAME 'sambaUnixIdPool'
DESC 'Poo
l for allocating UNIX uids/gids' SUP top AUXILIARY MUST ( uidNumber $
gidNumb
er ) )
olcObjectClasses: {6}( 1.3.6.1.4.1.7165.2.2.8 NAME 'sambaIdmapEntry'
DESC 'Map
ping from a SID to an ID' SUP top AUXILIARY MUST sambaSID MAY (
uidNumber $ g
idNumber ) )
olcObjectClasses: {7}( 1.3.6.1.4.1.7165.2.2.9 NAME 'sambaSidEntry' DESC
'Struc
tural Class for a SID' SUP top STRUCTURAL MUST sambaSID )
olcObjectClasses: {8}( 1.3.6.1.4.1.7165.2.2.10 NAME 'sambaConfig' DESC
'Samba
Configuration Section' SUP top AUXILIARY MAY description )
olcObjectClasses: {9}( 1.3.6.1.4.1.7165.2.2.11 NAME 'sambaShare' DESC
'Samba S
hare Section' SUP top STRUCTURAL MUST sambaShareName MAY description )
olcObjectClasses: {10}( 1.3.6.1.4.1.7165.2.2.12 NAME 'sambaConfigOption'
DESC
'Samba Configuration Option' SUP top STRUCTURAL MUST sambaOptionName
MAY ( sa
mbaBoolOption $ sambaIntegerOption $ sambaStringOption $
sambaStringListoptio
n $ description ) )
olcObjectClasses: {11}( 1.3.6.1.4.1.7165.2.2.16 NAME
'sambaTrustedDomain' DESC
'Samba Trusted Domain Object' SUP top STRUCTURAL MUST cn MAY (
sambaTrustTyp
e $ sambaTrustAttributes $ sambaTrustDirection $ sambaTrustPartner $
sambaFla
tName $ sambaTrustAuthOutgoing $ sambaTrustAuthIncoming $
sambaSecurityIdenti
fier $ sambaTrustForestTrustInfo $ sambaTrustPosixOffset $
sambaSupportedEncr
yptionTypes ) )
dn: olcBackend={0}hdb,cn=config
objectClass: olcBackendConfig
olcBackend: {0}hdb
dn: olcDatabase={-1}frontend,cn=config
objectClass: olcDatabaseConfig
objectClass: olcFrontendConfig
olcDatabase: {-1}frontend
olcAccess: {0}to * by
dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external
,cn=auth manage by * break
olcAccess: {1}to dn.exact="" by * read
olcAccess: {2}to dn.base="cn=Subschema" by * read
olcSizeLimit: 500
dn: olcDatabase={0}config,cn=config
objectClass: olcDatabaseConfig
olcDatabase: {0}config
olcAccess: {0}to * by
dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external
,cn=auth manage by * break
dn: olcDatabase={1}hdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {1}hdb
olcDbDirectory: /var/lib/ldap
olcSuffix: dc=biomil,dc=se
olcAccess: {0}to attrs=userPassword,shadowLastChange by self write by
anonymou
s auth by dn="cn=admin,dc=biomil,dc=se" write by * none
olcAccess: {1}to dn.base="" by * read
olcAccess: {2}to * by self write by dn="cn=admin,dc=biomil,dc=se" write
by * r
ead
olcLastMod: TRUE
olcRootDN: cn=admin,dc=biomil,dc=se
olcRootPW: {SSHA}xxxxx
olcDbCheckpoint: 512 30
olcDbConfig: {0}set_cachesize 0 2097152 0
olcDbConfig: {1}set_lk_max_objects 1500
olcDbConfig: {2}set_lk_max_locks 1500
olcDbConfig: {3}set_lk_max_lockers 1500
olcDbIndex: objectClass eq
olcDbIndex: uidNumber eq
olcDbIndex: gidNumber eq
olcDbIndex: loginShell eq
olcDbIndex: uid eq,pres,sub
olcDbIndex: memberUid eq,pres,sub
olcDbIndex: uniqueMember eq,pres
olcDbIndex: sambaSID eq
olcDbIndex: sambaPrimaryGroupSID eq
olcDbIndex: sambaGroupType eq
olcDbIndex: sambaSIDList eq
olcDbIndex: sambaDomainName eq
olcDbIndex: default sub
olcDbIndex: entryCSN eq
olcDbIndex: entryUUID eq
olcDbIndex: displayName eq
olcDbIndex: cn eq
dn: olcOverlay={0}syncprov,olcDatabase={1}hdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
olcSpNoPresent: TRUE
dn: olcOverlay={1}accesslog,olcDatabase={1}hdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcAccessLogConfig
olcOverlay: {1}accesslog
olcAccessLogDB: cn=accesslog
olcAccessLogOps: writes
olcAccessLogPurge: 07+00:00 01+00:00
olcAccessLogSuccess: TRUE
dn: olcDatabase={2}hdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {2}hdb
olcDbDirectory: /var/lib/ldap/accesslog
olcSuffix: cn=accesslog
olcRootDN: cn=admin,dc=biomil,dc=se
olcDbIndex: default eq
olcDbIndex: entryCSN,objectClass,reqEnd,reqResult,reqStart
dn: olcOverlay={0}syncprov,olcDatabase={2}hdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
olcSpNoPresent: TRUE
olcSpReloadHint: TRUE
=====================
Den 2014-09-12 12:17, L.P.H. van Belle skrev:
> which kind of ldap repliction do you use?
> syncrepl or a master-slave setup.
>
> for you firewall in this setup..
> master slave1 ( slave2)
>
> open on slave1 port 636 for ip of master. ( and temporarily 389 for testing without tls)
> same for slave2
>
> with syncrepl. make sure you have stopped nslcd first before changing anything.
> even, i removed it because of problems caused by nslcd...
>
> can you post the ldap configs for the master and slave ( anonymized )
> so we can have a better look.
>
> Greetz,
>
> Louis
>
>> -----Oorspronkelijk bericht-----
>> Van: daniel.tamm at biomil.se
>> [mailto:samba-bounces at lists.samba.org] Namens Daniel Tamm
>> Verzonden: vrijdag 12 september 2014 9:22
>> Aan: samba at lists.samba.org
>> Onderwerp: [Samba] LDAP push replication through firewall
>>
>> I have 3 Samba PDC servers with OpenLDAP backends, all at different
>> locations. The replication to the 2 consumers works fine when the
>> consumer's slapd is recently restarted, but if changes in the LDAP
>> database occur later on, the consumers do not pick up this update.
>> Again, restarting slapd on the consumers pulls in the update. Also,
>> updates done shortly afterwards (say a couple of minutes) will
>> propagate
>> to the consumers.
>>
>> So my question is if this can be firewall related, and what ports need
>> to be opened on which side in order to allow the propagation to work
>> all-time?
>> By the way, all LDAP traffic uses Start-TLS.
>>
>> Thanks!
>> Daniel
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
>>
>
More information about the samba
mailing list