[Samba] LDAP push replication through firewall
L.P.H. van Belle
belle at bazuin.nl
Wed Sep 17 09:01:39 MDT 2014
Hello Daniel,
Ok first 1 thing, there are 2 ways to configure ldap.
1) bij slapd.conf
2) by putting it in ldap
My config is based on config in slapd.conf
ok, this is the first you can change..
dn: olcDatabase={-1}frontend,cn=config
...
olcSizeLimit: 500
For me with size limit 500, i also had replication problems.
try to change this to -1
compaired to my config im missing these :
checkpoint 512 60
lastmod on
im betting its the "lastmod" setting
try it out and check if it works and your sure the internet connections is stable?
Greetz,
Louis
>-----Oorspronkelijk bericht-----
>Van: daniel.tamm at biomil.se
>[mailto:samba-bounces at lists.samba.org] Namens Daniel Tamm
>Verzonden: maandag 15 september 2014 10:02
>Aan: samba at lists.samba.org
>Onderwerp: Re: [Samba] LDAP push replication through firewall
>
>Thank you Louis for replying.
>
>I am really an LDAP newby (and find LDAP really confusing...), but I'll
>try to find the answers to your questions. Basically, may
>setup is based
>on https://help.ubuntu.com/14.04/serverguide/openldap-server.html, so
>the replication is syncrepl based.
>nslcd is not even installed on the machines, so this should not cause
>any trouble.
>
>In the firewalls, the following ports related to LDAP/Samba are
>forwarded right now:
>Consumer: 389
>Provider: 389
>(did not open 636 because I understand that StartTLS always uses the
>same port as the non-encrypted version.
>
>
>So here come the configurations:
>=====================================================
>
>Consumer:
>ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b cn=config
>
>dn: cn=config
>objectClass: olcGlobal
>cn: config
>olcArgsFile: /var/run/slapd/slapd.args
>olcLogLevel: none
>olcPidFile: /var/run/slapd/slapd.pid
>olcTLSCACertificateFile: /etc/ssl/certs/biomil_ca.crt
>olcTLSCertificateFile: /etc/ssl/certs/h2o_slapd.crt
>olcTLSCertificateKeyFile: /etc/ssl/private/h2o_slapd.key
>olcToolThreads: 1
>
>dn: cn=module{0},cn=config
>objectClass: olcModuleList
>cn: module{0}
>olcModulePath: /usr/lib/ldap
>olcModuleLoad: {0}back_hdb
>olcModuleLoad: {1}syncprov
>
>dn: cn=schema,cn=config
>objectClass: olcSchemaConfig
>cn: schema
>olcObjectIdentifier: OLcfg 1.3.6.1.4.1.4203.1.12.2
>olcObjectIdentifier: OLcfgAt OLcfg:3
>olcObjectIdentifier: OLcfgGlAt OLcfgAt:0
>olcObjectIdentifier: OLcfgBkAt OLcfgAt:1
>olcObjectIdentifier: OLcfgDbAt OLcfgAt:2
>olcObjectIdentifier: OLcfgOvAt OLcfgAt:3
>olcObjectIdentifier: OLcfgCtAt OLcfgAt:4
>olcObjectIdentifier: OLcfgOc OLcfg:4
>olcObjectIdentifier: OLcfgGlOc OLcfgOc:0
>olcObjectIdentifier: OLcfgBkOc OLcfgOc:1
>olcObjectIdentifier: OLcfgDbOc OLcfgOc:2
>olcObjectIdentifier: OLcfgOvOc OLcfgOc:3
>olcObjectIdentifier: OLcfgCtOc OLcfgOc:4
>olcObjectIdentifier: OMsyn 1.3.6.1.4.1.1466.115.121.1
>olcObjectIdentifier: OMsBoolean OMsyn:7
>olcObjectIdentifier: OMsDN OMsyn:12
>olcObjectIdentifier: OMsDirectoryString OMsyn:15
>olcObjectIdentifier: OMsIA5String OMsyn:26
>olcObjectIdentifier: OMsInteger OMsyn:27
>olcObjectIdentifier: OMsOID OMsyn:38
>olcObjectIdentifier: OMsOctetString OMsyn:40
>olcAttributeTypes: ( 2.5.4.0 NAME 'objectClass' DESC 'RFC4512: object
>classes
> of the entity' EQUALITY objectIdentifierMatch SYNTAX
>1.3.6.1.4.1.1466.115.121
> .1.38 )
>olcAttributeTypes: ( 2.5.21.9 NAME 'structuralObjectClass' DESC
>'RFC4512: stru
> ctural object class of entry' EQUALITY objectIdentifierMatch SYNTAX
>1.3.6.1.4
> .1.1466.115.121.1.38 SINGLE-VALUE NO-USER-MODIFICATION USAGE
>directoryOperati
> on )
>olcAttributeTypes: ( 2.5.18.1 NAME 'createTimestamp' DESC
>'RFC4512: time
>which
> object was created' EQUALITY generalizedTimeMatch ORDERING
>generalizedTimeOr
> deringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE
>NO-USER-MODIFIC
> ATION USAGE directoryOperation )
>olcAttributeTypes: ( 2.5.18.2 NAME 'modifyTimestamp' DESC
>'RFC4512: time
>which
> object was last modified' EQUALITY generalizedTimeMatch ORDERING
>generalized
> TimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE
>NO-USER-M
> ODIFICATION USAGE directoryOperation )
>olcAttributeTypes: ( 2.5.18.3 NAME 'creatorsName' DESC
>'RFC4512: name of
>creat
> or' EQUALITY distinguishedNameMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.12 SING
> LE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )
>olcAttributeTypes: ( 2.5.18.4 NAME 'modifiersName' DESC 'RFC4512: name
>of last
> modifier' EQUALITY distinguishedNameMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.
> 12 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )
>olcAttributeTypes: ( 2.5.18.9 NAME 'hasSubordinates' DESC 'X.501: entry
>has ch
> ildren' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
>SINGLE-VALU
> E NO-USER-MODIFICATION USAGE directoryOperation )
>olcAttributeTypes: ( 2.5.18.10 NAME 'subschemaSubentry' DESC 'RFC4512:
>name of
> controlling subschema entry' EQUALITY distinguishedNameMatch SYNTAX
>1.3.6.1.
> 4.1.1466.115.121.1.12 SINGLE-VALUE NO-USER-MODIFICATION USAGE
>directoryOperat
> ion )
>olcAttributeTypes: ( 1.3.6.1.1.20 NAME 'entryDN' DESC 'DN of the entry'
>EQUALI
> TY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
>SINGLE-VALUE N
> O-USER-MODIFICATION USAGE directoryOperation )
>olcAttributeTypes: ( 1.3.6.1.1.16.4 NAME 'entryUUID' DESC 'UUID of the
>entry'
> EQUALITY UUIDMatch ORDERING UUIDOrderingMatch SYNTAX 1.3.6.1.1.16.1
>SINGLE-VA
> LUE NO-USER-MODIFICATION USAGE directoryOperation )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.7 NAME 'entryCSN' DESC
>'change seq
> uence number of the entry content' EQUALITY CSNMatch ORDERING
>CSNOrderingMatc
> h SYNTAX 1.3.6.1.4.1.4203.666.11.2.1{64} SINGLE-VALUE
>NO-USER-MODIFICATION US
> AGE directoryOperation )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.13 NAME 'namingCSN' DESC
>'change s
> equence number of the entry naming (RDN)' EQUALITY CSNMatch ORDERING
>CSNOrder
> ingMatch SYNTAX 1.3.6.1.4.1.4203.666.11.2.1{64} SINGLE-VALUE
>NO-USER-MODIFICA
> TION USAGE directoryOperation )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.23 NAME 'syncreplCookie'
>DESC 'syn
> crepl Cookie for shadow copy' EQUALITY octetStringMatch ORDERING
>octetStringO
> rderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE
>NO-USER-MODIFI
> CATION USAGE dSAOperation )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.25 NAME 'contextCSN' DESC
>'the lar
> gest committed CSN of a context' EQUALITY CSNMatch ORDERING
>CSNOrderingMatch
> SYNTAX 1.3.6.1.4.1.4203.666.11.2.1{64} NO-USER-MODIFICATION USAGE
>dSAOperatio
> n )
>olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.6 NAME 'altServer' DESC
>'RFC4512
> : alternative servers' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 USAGE
>dSAOperatio
> n )
>olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.5 NAME 'namingContexts'
>DESC 'RF
> C4512: naming contexts' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 USAGE
>dSAOperati
> on )
>olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.13 NAME
>'supportedControl'
>DESC
> 'RFC4512: supported controls' SYNTAX 1.3.6.1.4.1.1466.115.121.1.38
>USAGE dSAO
> peration )
>olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.7 NAME
>'supportedExtension' DESC
> 'RFC4512: supported extended operations' SYNTAX
>1.3.6.1.4.1.1466.115.121.1.3
> 8 USAGE dSAOperation )
>olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.15 NAME
>'supportedLDAPVersion' D
> ESC 'RFC4512: supported LDAP versions' SYNTAX
>1.3.6.1.4.1.1466.115.121.1.27 U
> SAGE dSAOperation )
>olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.14 NAME
>'supportedSASLMechanisms
> ' DESC 'RFC4512: supported SASL mechanisms' SYNTAX
>1.3.6.1.4.1.1466.115.121.1
> .15 USAGE dSAOperation )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.1.3.5 NAME 'supportedFeatures'
>DESC 'RFC
> 4512: features supported by the server' EQUALITY objectIdentifierMatch
>SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.10 NAME 'monitorContext'
>DESC 'mon
> itor context' EQUALITY distinguishedNameMatch SYNTAX
>1.3.6.1.4.1.1466.115.121
> .1.12 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.1 NAME
>'configContext' DESC
>'conf
> ig context' EQUALITY distinguishedNameMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1
> .12 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )
>olcAttributeTypes: ( 1.3.6.1.1.4 NAME 'vendorName' DESC 'RFC3045: name
>of impl
> ementation vendor' EQUALITY caseExactMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.
> 15 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )
>olcAttributeTypes: ( 1.3.6.1.1.5 NAME 'vendorVersion' DESC 'RFC3045:
>version o
> f implementation' EQUALITY caseExactMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.1
> 5 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )
>olcAttributeTypes: ( 2.5.18.5 NAME 'administrativeRole' DESC 'RFC3672:
>adminis
> trative role' EQUALITY objectIdentifierMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.
> 1.38 USAGE directoryOperation )
>olcAttributeTypes: ( 2.5.18.6 NAME 'subtreeSpecification' DESC
>'RFC3672:
>subtr
> ee specification' SYNTAX 1.3.6.1.4.1.1466.115.121.1.45 SINGLE-VALUE
>USAGE dir
> ectoryOperation )
>olcAttributeTypes: ( 2.5.21.1 NAME 'dITStructureRules' DESC 'RFC4512:
>DIT stru
> cture rules' EQUALITY integerFirstComponentMatch SYNTAX
>1.3.6.1.4.1.1466.115.
> 121.1.17 USAGE directoryOperation )
>olcAttributeTypes: ( 2.5.21.2 NAME 'dITContentRules' DESC 'RFC4512: DIT
>conten
> t rules' EQUALITY objectIdentifierFirstComponentMatch SYNTAX
>1.3.6.1.4.1.1466
> .115.121.1.16 USAGE directoryOperation )
>olcAttributeTypes: ( 2.5.21.4 NAME 'matchingRules' DESC 'RFC4512:
>matching rul
> es' EQUALITY objectIdentifierFirstComponentMatch SYNTAX
>1.3.6.1.4.1.1466.115.
> 121.1.30 USAGE directoryOperation )
>olcAttributeTypes: ( 2.5.21.5 NAME 'attributeTypes' DESC 'RFC4512:
>attribute t
> ypes' EQUALITY objectIdentifierFirstComponentMatch SYNTAX
>1.3.6.1.4.1.1466.11
> 5.121.1.3 USAGE directoryOperation )
>olcAttributeTypes: ( 2.5.21.6 NAME 'objectClasses' DESC
>'RFC4512: object
>class
> es' EQUALITY objectIdentifierFirstComponentMatch SYNTAX
>1.3.6.1.4.1.1466.115.
> 121.1.37 USAGE directoryOperation )
>olcAttributeTypes: ( 2.5.21.7 NAME 'nameForms' DESC 'RFC4512:
>name forms
>' EQU
> ALITY objectIdentifierFirstComponentMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.3
> 5 USAGE directoryOperation )
>olcAttributeTypes: ( 2.5.21.8 NAME 'matchingRuleUse' DESC 'RFC4512:
>matching r
> ule uses' EQUALITY objectIdentifierFirstComponentMatch SYNTAX
>1.3.6.1.4.1.146
> 6.115.121.1.31 USAGE directoryOperation )
>olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.16 NAME 'ldapSyntaxes'
>DESC 'RFC
> 4512: LDAP syntaxes' EQUALITY objectIdentifierFirstComponentMatch
>SYNTAX 1.3.
> 6.1.4.1.1466.115.121.1.54 USAGE directoryOperation )
>olcAttributeTypes: ( 2.5.4.1 NAME ( 'aliasedObjectName'
>'aliasedEntryName' ) D
> ESC 'RFC4512: name of aliased object' EQUALITY distinguishedNameMatch
>SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
>olcAttributeTypes: ( 2.16.840.1.113730.3.1.34 NAME 'ref' DESC 'RFC3296:
>subord
> inate referral URL' EQUALITY caseExactMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1
> .15 USAGE distributedOperation )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.1.3.1 NAME 'entry' DESC 'OpenLDAP
>ACL en
> try pseudo-attribute' SYNTAX 1.3.6.1.4.1.4203.1.1.1 SINGLE-VALUE
>NO-USER-MODI
> FICATION USAGE dSAOperation )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.1.3.2 NAME 'children' DESC
>'OpenLDAP ACL
> children pseudo-attribute' SYNTAX 1.3.6.1.4.1.4203.1.1.1 SINGLE-VALUE
>NO-USE
> R-MODIFICATION USAGE dSAOperation )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.8 NAME ( 'authzTo'
>'saslAuthzTo' )
> DESC 'proxy authorization targets' EQUALITY authzMatch SYNTAX
>1.3.6.1.4.1.42
> 03.666.2.7 USAGE distributedOperation X-ORDERED 'VALUES' )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.9 NAME ( 'authzFrom'
>'saslAuthzFro
> m' ) DESC 'proxy authorization sources' EQUALITY authzMatch SYNTAX
>1.3.6.1.4.
> 1.4203.666.2.7 USAGE distributedOperation X-ORDERED 'VALUES' )
>olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.119.3 NAME 'entryTtl' DESC
>'RFC2589:
> entry time-to-live' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE
>NO-USE
> R-MODIFICATION USAGE dSAOperation )
>olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.119.4 NAME 'dynamicSubtrees'
>DESC 'R
> FC2589: dynamic subtrees' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
>NO-USER-MODIFI
> CATION USAGE dSAOperation )
>olcAttributeTypes: ( 2.5.4.49 NAME 'distinguishedName' DESC 'RFC4519:
>common s
> upertype of DN attributes' EQUALITY distinguishedNameMatch SYNTAX
>1.3.6.1.4.1
> .1466.115.121.1.12 )
>olcAttributeTypes: ( 2.5.4.41 NAME 'name' DESC 'RFC4519: common
>supertype of n
> ame attributes' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreSubstringsMatch SYN
> TAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
>olcAttributeTypes: ( 2.5.4.3 NAME ( 'cn' 'commonName' ) DESC 'RFC4519:
>common
> name(s) for which the entity is known by' SUP name )
>olcAttributeTypes: ( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' )
>DESC 'R
> FC4519: user identifier' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreSubstrings
> Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>olcAttributeTypes: ( 1.3.6.1.1.1.1.0 NAME 'uidNumber' DESC 'RFC2307: An
>intege
> r uniquely identifying a user in an administrative domain' EQUALITY
>integerMa
> tch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
>SINGLE
> -VALUE )
>olcAttributeTypes: ( 1.3.6.1.1.1.1.1 NAME 'gidNumber' DESC 'RFC2307: An
>intege
> r uniquely identifying a group in an administrative domain' EQUALITY
>integerM
> atch ORDERING integerOrderingMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.27
>SINGL
> E-VALUE )
>olcAttributeTypes: ( 2.5.4.35 NAME 'userPassword' DESC 'RFC4519/2307:
>password
> of user' EQUALITY octetStringMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.40{128}
> )
>olcAttributeTypes: ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI' DESC
>'RFC2079: Uni
> form Resource Identifier with optional label' EQUALITY caseExactMatch
>SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 )
>olcAttributeTypes: ( 2.5.4.13 NAME 'description' DESC 'RFC4519:
>descriptive in
> formation' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
>SYNTAX 1
> .3.6.1.4.1.1466.115.121.1.15{1024} )
>olcAttributeTypes: ( 2.5.4.34 NAME 'seeAlso' DESC 'RFC4519: DN of
>related obje
> ct' SUP distinguishedName )
>olcAttributeTypes: ( OLcfgGlAt:78 NAME 'olcConfigFile' DESC 'File for
>slapd co
> nfiguration directives' EQUALITY caseIgnoreMatch SYNTAX
>OMsDirectoryString SI
> NGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:79 NAME 'olcConfigDir' DESC 'Directory
>for slap
> d configuration backend' EQUALITY caseIgnoreMatch SYNTAX
>OMsDirectoryString S
> INGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:1 NAME 'olcAccess' DESC 'Access Control
>List' E
> QUALITY caseIgnoreMatch SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )
>olcAttributeTypes: ( OLcfgGlAt:86 NAME 'olcAddContentAcl' DESC 'Check
>ACLs aga
> inst content of Add ops' SYNTAX OMsBoolean SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:2 NAME 'olcAllows' DESC 'Allowed set of
>depreca
> ted features' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString )
>olcAttributeTypes: ( OLcfgGlAt:3 NAME 'olcArgsFile' DESC 'File
>for slapd
>comma
> nd line options' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString
>SINGLE-VA
> LUE )
>olcAttributeTypes: ( OLcfgGlAt:5 NAME 'olcAttributeOptions' EQUALITY
>caseIgnor
> eMatch SYNTAX OMsDirectoryString )
>olcAttributeTypes: ( OLcfgGlAt:4 NAME 'olcAttributeTypes' DESC
>'OpenLDAP
>attri
> buteTypes' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
>SYNTAX O
> MsDirectoryString X-ORDERED 'VALUES' )
>olcAttributeTypes: ( OLcfgGlAt:6 NAME 'olcAuthIDRewrite' EQUALITY
>caseIgnoreMa
> tch SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )
>olcAttributeTypes: ( OLcfgGlAt:7 NAME 'olcAuthzPolicy' EQUALITY
>caseIgnoreMatc
> h SYNTAX OMsDirectoryString SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:8 NAME 'olcAuthzRegexp' EQUALITY
>caseIgnoreMatc
> h SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )
>olcAttributeTypes: ( OLcfgGlAt:9 NAME 'olcBackend' DESC 'A type of
>backend' EQ
> UALITY caseIgnoreMatch SYNTAX OMsDirectoryString SINGLE-VALUE
>X-ORDERED
>'SIBL
> INGS' )
>olcAttributeTypes: ( OLcfgGlAt:10 NAME 'olcConcurrency' SYNTAX
>OMsInteger SING
> LE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:11 NAME 'olcConnMaxPending' SYNTAX
>OMsInteger S
> INGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:12 NAME 'olcConnMaxPendingAuth' SYNTAX
>OMsInteg
> er SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:13 NAME 'olcDatabase' DESC 'The backend
>type fo
> r a database instance' SUP olcBackend SINGLE-VALUE X-ORDERED
>'SIBLINGS' )
>olcAttributeTypes: ( OLcfgGlAt:14 NAME 'olcDefaultSearchBase' SYNTAX
>OMsDN SIN
> GLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:15 NAME 'olcDisallows' EQUALITY
>caseIgnoreMatch
> SYNTAX OMsDirectoryString )
>olcAttributeTypes: ( OLcfgGlAt:16 NAME 'olcDitContentRules' DESC
>'OpenLDAP DIT
> content rules' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreSubstringsMatch SYN
> TAX OMsDirectoryString X-ORDERED 'VALUES' )
>olcAttributeTypes: ( OLcfgDbAt:0.20 NAME 'olcExtraAttrs' EQUALITY
>caseIgnoreMa
> tch SYNTAX OMsDirectoryString )
>olcAttributeTypes: ( OLcfgGlAt:17 NAME 'olcGentleHUP' SYNTAX OMsBoolean
>SINGLE
> -VALUE )
>olcAttributeTypes: ( OLcfgDbAt:0.17 NAME 'olcHidden' SYNTAX OMsBoolean
>SINGLE-
> VALUE )
>olcAttributeTypes: ( OLcfgGlAt:18 NAME 'olcIdleTimeout' SYNTAX
>OMsInteger SING
> LE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:19 NAME 'olcInclude' SUP labeledURI )
>olcAttributeTypes: ( OLcfgGlAt:20 NAME 'olcIndexSubstrIfMinLen' SYNTAX
>OMsInte
> ger SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:21 NAME 'olcIndexSubstrIfMaxLen' SYNTAX
>OMsInte
> ger SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:22 NAME 'olcIndexSubstrAnyLen' SYNTAX
>OMsIntege
> r SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:23 NAME 'olcIndexSubstrAnyStep' SYNTAX
>OMsInteg
> er SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:84 NAME 'olcIndexIntLen' SYNTAX
>OMsInteger SING
> LE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:0.4 NAME 'olcLastMod' SYNTAX OMsBoolean
>SINGLE-
> VALUE )
>olcAttributeTypes: ( OLcfgGlAt:85 NAME 'olcLdapSyntaxes' DESC 'OpenLDAP
>ldapSy
> ntax' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
>OMsDir
> ectoryString X-ORDERED 'VALUES' )
>olcAttributeTypes: ( OLcfgDbAt:0.5 NAME 'olcLimits' EQUALITY
>caseIgnoreMatch S
> YNTAX OMsDirectoryString X-ORDERED 'VALUES' )
>olcAttributeTypes: ( OLcfgGlAt:93 NAME 'olcListenerThreads' SYNTAX
>OMsInteger
> SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:26 NAME 'olcLocalSSF' SYNTAX OMsInteger
>SINGLE-
> VALUE )
>olcAttributeTypes: ( OLcfgGlAt:27 NAME 'olcLogFile' SYNTAX
>OMsDirectoryString
> SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:28 NAME 'olcLogLevel' EQUALITY
>caseIgnoreMatch
> SYNTAX OMsDirectoryString )
>olcAttributeTypes: ( OLcfgDbAt:0.6 NAME 'olcMaxDerefDepth' SYNTAX
>OMsInteger S
> INGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:0.16 NAME 'olcMirrorMode' SYNTAX
>OMsBoolean SIN
> GLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:30 NAME 'olcModuleLoad' EQUALITY
>caseIgnoreMatc
> h SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )
>olcAttributeTypes: ( OLcfgGlAt:31 NAME 'olcModulePath' SYNTAX
>OMsDirectoryStri
> ng SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:0.18 NAME 'olcMonitoring' SYNTAX
>OMsBoolean SIN
> GLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:32 NAME 'olcObjectClasses' DESC
>'OpenLDAP
>objec
> t classes' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
>SYNTAX O
> MsDirectoryString X-ORDERED 'VALUES' )
>olcAttributeTypes: ( OLcfgGlAt:33 NAME 'olcObjectIdentifier' EQUALITY
>caseIgno
> reMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX OMsDirectoryString
>X-ORDERED
> 'VALUES' )
>olcAttributeTypes: ( OLcfgGlAt:34 NAME 'olcOverlay' SUP olcDatabase
>SINGLE-VAL
> UE X-ORDERED 'SIBLINGS' )
>olcAttributeTypes: ( OLcfgGlAt:35 NAME 'olcPasswordCryptSaltFormat'
>SYNTAX OMs
> DirectoryString SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:36 NAME 'olcPasswordHash' EQUALITY
>caseIgnoreMa
> tch SYNTAX OMsDirectoryString )
>olcAttributeTypes: ( OLcfgGlAt:37 NAME 'olcPidFile' SYNTAX
>OMsDirectoryString
> SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:38 NAME 'olcPlugin' EQUALITY
>caseIgnoreMatch SY
> NTAX OMsDirectoryString )
>olcAttributeTypes: ( OLcfgGlAt:39 NAME 'olcPluginLogFile' SYNTAX
>OMsDirectoryS
> tring SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:40 NAME 'olcReadOnly' SYNTAX OMsBoolean
>SINGLE-
> VALUE )
>olcAttributeTypes: ( OLcfgGlAt:41 NAME 'olcReferral' SUP labeledURI
>SINGLE-VAL
> UE )
>olcAttributeTypes: ( OLcfgDbAt:0.7 NAME 'olcReplica' SUP labeledURI
>EQUALITY c
> aseIgnoreMatch X-ORDERED 'VALUES' )
>olcAttributeTypes: ( OLcfgGlAt:43 NAME 'olcReplicaArgsFile' SYNTAX
>OMsDirector
> yString SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:44 NAME 'olcReplicaPidFile' SYNTAX
>OMsDirectory
> String SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:45 NAME 'olcReplicationInterval' SYNTAX
>OMsInte
> ger SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:46 NAME 'olcReplogFile' SYNTAX
>OMsDirectoryStri
> ng SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:47 NAME 'olcRequires' EQUALITY
>caseIgnoreMatch
> SYNTAX OMsDirectoryString )
>olcAttributeTypes: ( OLcfgGlAt:48 NAME 'olcRestrict' EQUALITY
>caseIgnoreMatch
> SYNTAX OMsDirectoryString )
>olcAttributeTypes: ( OLcfgGlAt:49 NAME 'olcReverseLookup' SYNTAX
>OMsBoolean SI
> NGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:0.8 NAME 'olcRootDN' EQUALITY
>distinguishedName
> Match SYNTAX OMsDN SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:51 NAME 'olcRootDSE' EQUALITY
>caseIgnoreMatch S
> YNTAX OMsDirectoryString )
>olcAttributeTypes: ( OLcfgDbAt:0.9 NAME 'olcRootPW' SYNTAX
>OMsDirectoryString
> SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:89 NAME 'olcSaslAuxprops' SYNTAX
>OMsDirectorySt
> ring SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:53 NAME 'olcSaslHost' SYNTAX
>OMsDirectoryString
> SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:54 NAME 'olcSaslRealm' SYNTAX
>OMsDirectoryStrin
> g SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:56 NAME 'olcSaslSecProps' SYNTAX
>OMsDirectorySt
> ring SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:58 NAME 'olcSchemaDN' EQUALITY
>distinguishedNam
> eMatch SYNTAX OMsDN SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:59 NAME 'olcSecurity' EQUALITY
>caseIgnoreMatch
> SYNTAX OMsDirectoryString )
>olcAttributeTypes: ( OLcfgGlAt:81 NAME 'olcServerID' EQUALITY
>caseIgnoreMatch
> SYNTAX OMsDirectoryString )
>olcAttributeTypes: ( OLcfgGlAt:60 NAME 'olcSizeLimit' SYNTAX
>OMsDirectoryStrin
> g SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:61 NAME 'olcSockbufMaxIncoming' SYNTAX
>OMsInteg
> er SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:62 NAME 'olcSockbufMaxIncomingAuth'
>SYNTAX OMsI
> nteger SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:83 NAME 'olcSortVals' DESC 'Attributes
>whose va
> lues will always be sorted' EQUALITY caseIgnoreMatch SYNTAX
>OMsDirectoryStrin
> g )
>olcAttributeTypes: ( OLcfgDbAt:0.15 NAME 'olcSubordinate' SYNTAX
>OMsDirectoryS
> tring SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:0.10 NAME 'olcSuffix' EQUALITY
>distinguishedNam
> eMatch SYNTAX OMsDN )
>olcAttributeTypes: ( OLcfgDbAt:0.19 NAME 'olcSyncUseSubentry' DESC
>'Store sync
> context in a subentry' SYNTAX OMsBoolean SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:0.11 NAME 'olcSyncrepl' EQUALITY
>caseIgnoreMatc
> h SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )
>olcAttributeTypes: ( OLcfgGlAt:90 NAME 'olcTCPBuffer' DESC 'Custom TCP
>buffer
> size' SYNTAX OMsDirectoryString )
>olcAttributeTypes: ( OLcfgGlAt:66 NAME 'olcThreads' SYNTAX OMsInteger
>SINGLE-V
> ALUE )
>olcAttributeTypes: ( OLcfgGlAt:67 NAME 'olcTimeLimit' SYNTAX
>OMsDirectoryStrin
> g )
>olcAttributeTypes: ( OLcfgGlAt:68 NAME 'olcTLSCACertificateFile' SYNTAX
>OMsDir
> ectoryString SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:69 NAME 'olcTLSCACertificatePath' SYNTAX
>OMsDir
> ectoryString SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:70 NAME 'olcTLSCertificateFile' SYNTAX
>OMsDirec
> toryString SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:71 NAME
>'olcTLSCertificateKeyFile' SYNTAX
>OMsDi
> rectoryString SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:72 NAME 'olcTLSCipherSuite' SYNTAX
>OMsDirectory
> String SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:73 NAME 'olcTLSCRLCheck' SYNTAX
>OMsDirectoryStr
> ing SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:82 NAME 'olcTLSCRLFile' SYNTAX
>OMsDirectoryStri
> ng SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:74 NAME 'olcTLSRandFile' SYNTAX
>OMsDirectoryStr
> ing SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:75 NAME 'olcTLSVerifyClient' SYNTAX
>OMsDirector
> yString SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:77 NAME 'olcTLSDHParamFile' SYNTAX
>OMsDirectory
> String SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:87 NAME 'olcTLSProtocolMin' SYNTAX
>OMsDirectory
> String SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:80 NAME 'olcToolThreads' SYNTAX
>OMsInteger SING
> LE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:0.12 NAME 'olcUpdateDN' SYNTAX OMsDN
>SINGLE-VAL
> UE )
>olcAttributeTypes: ( OLcfgDbAt:0.13 NAME 'olcUpdateRef' SUP labeledURI
>EQUALIT
> Y caseIgnoreMatch )
>olcAttributeTypes: ( OLcfgGlAt:88 NAME 'olcWriteTimeout' SYNTAX
>OMsInteger SIN
> GLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:0.1 NAME 'olcDbDirectory' DESC
>'Directory
>for d
> atabase content' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString
>SINGLE-VA
> LUE )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.5 NAME 'OpenLDAPaci' DESC
>'OpenLDA
> P access control information (experimental)' EQUALITY OpenLDAPaciMatch
>SYNTAX
> 1.3.6.1.4.1.4203.666.2.1 USAGE directoryOperation )
>olcAttributeTypes: ( OLcfgDbAt:1.11 NAME 'olcDbCacheFree' DESC 'Number
>of extr
> a entries to free when max is reached' SYNTAX OMsInteger
>SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:1.1 NAME 'olcDbCacheSize' DESC 'Entry
>cache siz
> e in entries' SYNTAX OMsInteger SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:1.2 NAME 'olcDbCheckpoint' DESC
>'Database
>check
> point interval in kbytes and minutes' SYNTAX OMsDirectoryString
>SINGLE-VALUE
> )
>olcAttributeTypes: ( OLcfgDbAt:1.16 NAME 'olcDbChecksum' DESC 'Enable
>database
> checksum validation' SYNTAX OMsBoolean SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:1.13 NAME 'olcDbCryptFile' DESC
>'Pathname
>of fi
> le containing the DB encryption key' SYNTAX OMsDirectoryString
>SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:1.14 NAME 'olcDbCryptKey' DESC 'DB
>encryption k
> ey' SYNTAX OMsOctetString SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:1.3 NAME 'olcDbConfig' DESC 'BerkeleyDB
>DB_CONF
> IG configuration directives' SYNTAX OMsIA5String X-ORDERED 'VALUES' )
>olcAttributeTypes: ( OLcfgDbAt:1.4 NAME 'olcDbNoSync' DESC 'Disable
>synchronou
> s database writes' SYNTAX OMsBoolean SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:1.15 NAME 'olcDbPageSize' DESC
>'Page size
>of sp
> ecified DB, in Kbytes' EQUALITY caseExactMatch SYNTAX
>OMsDirectoryString )
>olcAttributeTypes: ( OLcfgDbAt:1.5 NAME 'olcDbDirtyRead' DESC 'Allow
>reads of
> uncommitted data' SYNTAX OMsBoolean SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:1.12 NAME 'olcDbDNcacheSize' DESC 'DN
>cache siz
> e' SYNTAX OMsInteger SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:1.6 NAME 'olcDbIDLcacheSize' DESC 'IDL
>cache si
> ze in IDLs' SYNTAX OMsInteger SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:0.2 NAME 'olcDbIndex' DESC 'Attribute
>index par
> ameters' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString )
>olcAttributeTypes: ( OLcfgDbAt:1.7 NAME 'olcDbLinearIndex' DESC 'Index
>attribu
> tes one at a time' SYNTAX OMsBoolean SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:1.8 NAME 'olcDbLockDetect' DESC
>'Deadlock
>detec
> tion algorithm' SYNTAX OMsDirectoryString SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:0.3 NAME 'olcDbMode' DESC 'Unix
>permissions of
> database files' SYNTAX OMsDirectoryString SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:1.9 NAME 'olcDbSearchStack' DESC 'Depth
>of sear
> ch stack in IDLs' SYNTAX OMsInteger SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:1.10 NAME 'olcDbShmKey' DESC 'Key for
>shared me
> mory region' SYNTAX OMsInteger SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgOvAt:1.1 NAME 'olcSpCheckpoint' DESC
>'ContextCSN che
> ckpoint interval in ops and minutes' SYNTAX OMsDirectoryString
>SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgOvAt:1.2 NAME 'olcSpSessionlog' DESC 'Session
>log si
> ze in ops' SYNTAX OMsInteger SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgOvAt:1.3 NAME 'olcSpNoPresent' DESC 'Omit
>Present ph
> ase processing' SYNTAX OMsBoolean SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgOvAt:1.4 NAME 'olcSpReloadHint' DESC 'Observe
>Reload
> Hint in Request control' SYNTAX OMsBoolean SINGLE-VALUE )
>olcObjectClasses: ( 2.5.6.0 NAME 'top' DESC 'top of the superclass
>chain' ABST
> RACT MUST objectClass )
>olcObjectClasses: ( 1.3.6.1.4.1.1466.101.120.111 NAME
>'extensibleObject'
>DESC
> 'RFC4512: extensible object' SUP top AUXILIARY )
>olcObjectClasses: ( 2.5.6.1 NAME 'alias' DESC 'RFC4512: an alias' SUP
>top STRU
> CTURAL MUST aliasedObjectName )
>olcObjectClasses: ( 2.16.840.1.113730.3.2.6 NAME 'referral' DESC
>'namedref: na
> med subordinate referral' SUP top STRUCTURAL MUST ref )
>olcObjectClasses: ( 1.3.6.1.4.1.4203.1.4.1 NAME ( 'OpenLDAProotDSE'
>'LDAProotD
> SE' ) DESC 'OpenLDAP Root DSE object' SUP top STRUCTURAL MAY cn )
>olcObjectClasses: ( 2.5.17.0 NAME 'subentry' DESC 'RFC3672: subentry'
>SUP top
> STRUCTURAL MUST ( cn $ subtreeSpecification ) )
>olcObjectClasses: ( 2.5.20.1 NAME 'subschema' DESC 'RFC4512:
>controlling
>subsc
> hema (sub)entry' AUXILIARY MAY ( dITStructureRules $ nameForms $
>dITContentRu
> les $ objectClasses $ attributeTypes $ matchingRules $
>matchingRuleUse ) )
>olcObjectClasses: ( 1.3.6.1.4.1.1466.101.119.2 NAME
>'dynamicObject' DESC
>'RFC2
> 589: Dynamic Object' SUP top AUXILIARY )
>olcObjectClasses: ( 1.3.6.1.4.1.4203.666.3.4 NAME 'glue' DESC 'Glue
>Entry' SUP
> top STRUCTURAL )
>olcObjectClasses: ( 1.3.6.1.4.1.4203.666.3.5 NAME
>'syncConsumerSubentry'
>DESC
> 'Persistent Info for SyncRepl Consumer' AUXILIARY MAY syncreplCookie )
>olcObjectClasses: ( 1.3.6.1.4.1.4203.666.3.6 NAME
>'syncProviderSubentry'
>DESC
> 'Persistent Info for SyncRepl Producer' AUXILIARY MAY contextCSN )
>olcObjectClasses: ( OLcfgGlOc:0 NAME 'olcConfig' DESC 'OpenLDAP
>configuration
> object' SUP top ABSTRACT )
>olcObjectClasses: ( OLcfgGlOc:1 NAME 'olcGlobal' DESC 'OpenLDAP Global
>configu
> ration options' SUP olcConfig STRUCTURAL MAY ( cn $ olcConfigFile $
>olcConfig
> Dir $ olcAllows $ olcArgsFile $ olcAttributeOptions $ olcAuthIDRewrite
>$ olcA
> uthzPolicy $ olcAuthzRegexp $ olcConcurrency $ olcConnMaxPending $
>olcConnMax
> PendingAuth $ olcDisallows $ olcGentleHUP $ olcIdleTimeout $
>olcIndexSubstrIf
> MaxLen $ olcIndexSubstrIfMinLen $ olcIndexSubstrAnyLen $
>olcIndexSubstrAnySte
> p $ olcIndexIntLen $ olcLocalSSF $ olcLogFile $ olcLogLevel $
>olcPasswordCryp
> tSaltFormat $ olcPasswordHash $ olcPidFile $ olcPluginLogFile $
>olcReadOnly $
> olcReferral $ olcReplogFile $ olcRequires $ olcRestrict $
>olcReverseLookup $
> olcRootDSE $ olcSaslAuxprops $ olcSaslHost $ olcSaslRealm $
>olcSaslSecProps
> $ olcSecurity $ olcServerID $ olcSizeLimit $ olcSockbufMaxIncoming $
>olcSockb
> ufMaxIncomingAuth $ olcTCPBuffer $ olcThreads $ olcTimeLimit $
>olcTLSCACertif
> icateFile $ olcTLSCACertificatePath $ olcTLSCertificateFile $
>olcTLSCertifica
> teKeyFile $ olcTLSCipherSuite $ olcTLSCRLCheck $ olcTLSRandFile $
>olcTLSVerif
> yClient $ olcTLSDHParamFile $ olcTLSCRLFile $ olcToolThreads $
>olcWriteTimeou
> t $ olcObjectIdentifier $ olcAttributeTypes $ olcObjectClasses $
>olcDitConten
> tRules $ olcLdapSyntaxes ) )
>olcObjectClasses: ( OLcfgGlOc:2 NAME 'olcSchemaConfig' DESC 'OpenLDAP
>schema o
> bject' SUP olcConfig STRUCTURAL MAY ( cn $ olcObjectIdentifier $
>olcLdapSynta
> xes $ olcAttributeTypes $ olcObjectClasses $ olcDitContentRules ) )
>olcObjectClasses: ( OLcfgGlOc:3 NAME 'olcBackendConfig' DESC 'OpenLDAP
>Backend
> -specific options' SUP olcConfig STRUCTURAL MUST olcBackend )
>olcObjectClasses: ( OLcfgGlOc:4 NAME 'olcDatabaseConfig' DESC 'OpenLDAP
>Databa
> se-specific options' SUP olcConfig STRUCTURAL MUST olcDatabase MAY (
>olcHidde
> n $ olcSuffix $ olcSubordinate $ olcAccess $ olcAddContentAcl $
>olcLastMod $
> olcLimits $ olcMaxDerefDepth $ olcPlugin $ olcReadOnly $ olcReplica $
>olcRepl
> icaArgsFile $ olcReplicaPidFile $ olcReplicationInterval $
>olcReplogFile $ ol
> cRequires $ olcRestrict $ olcRootDN $ olcRootPW $ olcSchemaDN $
>olcSecurity $
> olcSizeLimit $ olcSyncUseSubentry $ olcSyncrepl $ olcTimeLimit $
>olcUpdateDN
> $ olcUpdateRef $ olcMirrorMode $ olcMonitoring $ olcExtraAttrs ) )
>olcObjectClasses: ( OLcfgGlOc:5 NAME 'olcOverlayConfig' DESC 'OpenLDAP
>Overlay
> -specific options' SUP olcConfig STRUCTURAL MUST olcOverlay )
>olcObjectClasses: ( OLcfgGlOc:6 NAME 'olcIncludeFile' DESC 'OpenLDAP
>configura
> tion include file' SUP olcConfig STRUCTURAL MUST olcInclude MAY ( cn $
>olcRoo
> tDSE ) )
>olcObjectClasses: ( OLcfgGlOc:7 NAME 'olcFrontendConfig' DESC 'OpenLDAP
>fronte
> nd configuration' AUXILIARY MAY ( olcDefaultSearchBase $
>olcPasswordHash $ ol
> cSortVals ) )
>olcObjectClasses: ( OLcfgGlOc:8 NAME 'olcModuleList' DESC 'OpenLDAP
>dynamic mo
> dule info' SUP olcConfig STRUCTURAL MAY ( cn $ olcModulePath $
>olcModuleLoad
> ) )
>olcObjectClasses: ( OLcfgDbOc:2.1 NAME 'olcLdifConfig' DESC 'LDIF
>backend conf
> iguration' SUP olcDatabaseConfig STRUCTURAL MUST olcDbDirectory )
>olcObjectClasses: ( OLcfgDbOc:1.2 NAME 'olcHdbConfig' DESC 'HDB backend
>config
> uration' SUP olcDatabaseConfig STRUCTURAL MUST olcDbDirectory MAY (
>olcDbCach
> eSize $ olcDbCheckpoint $ olcDbConfig $ olcDbCryptFile $ olcDbCryptKey
>$ olcD
> bNoSync $ olcDbDirtyRead $ olcDbIDLcacheSize $ olcDbIndex $
>olcDbLinearIndex
> $ olcDbLockDetect $ olcDbMode $ olcDbSearchStack $ olcDbShmKey $
>olcDbCacheFr
> ee $ olcDbDNcacheSize $ olcDbPageSize ) )
>olcObjectClasses: ( OLcfgOvOc:1.1 NAME 'olcSyncProvConfig' DESC
>'SyncRepl Prov
> ider configuration' SUP olcOverlayConfig STRUCTURAL MAY (
>olcSpCheckpoint $ o
> lcSpSessionlog $ olcSpNoPresent $ olcSpReloadHint ) )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.1 DESC 'ACI Item'
>X-BINARY-TRANS
> FER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.2 DESC 'Access Point'
>X-NOT-HUMA
> N-READABLE 'TRUE' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.3 DESC 'Attribute Type
>Descripti
> on' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.4 DESC 'Audio'
>X-NOT-HUMAN-READA
> BLE 'TRUE' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.5 DESC 'Binary'
>X-NOT-HUMAN-READ
> ABLE 'TRUE' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.6 DESC 'Bit String' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.7 DESC 'Boolean' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.8 DESC 'Certificate'
>X-BINARY-TR
> ANSFER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.9 DESC 'Certificate List'
>X-BINA
> RY-TRANSFER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.10 DESC
>'Certificate Pair'
>X-BIN
> ARY-TRANSFER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.11.10.2.1 DESC 'X.509
>AttributeCertifi
> cate' X-BINARY-TRANSFER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.12 DESC
>'Distinguished Name' )
>olcLdapSyntaxes: ( 1.2.36.79672281.1.5.0 DESC 'RDN' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.13 DESC 'Data Quality' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.14 DESC
>'Delivery Method' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.15 DESC
>'Directory String' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.16 DESC 'DIT Content Rule
>Descri
> ption' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.17 DESC 'DIT Structure
>Rule Desc
> ription' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.19 DESC 'DSA Quality' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.20 DESC 'DSE Type' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.21 DESC
>'Enhanced Guide' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.22 DESC 'Facsimile
>Telephone Num
> ber' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.23 DESC 'Fax'
>X-NOT-HUMAN-READAB
> LE 'TRUE' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.24 DESC
>'Generalized Time' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.25 DESC 'Guide' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.26 DESC 'IA5 String' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.27 DESC 'Integer' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.28 DESC 'JPEG'
>X-NOT-HUMAN-READA
> BLE 'TRUE' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.29 DESC 'Master
>And Shadow
>Acces
> s Points' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.30 DESC 'Matching Rule
>Descripti
> on' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.31 DESC
>'Matching Rule Use
>Descr
> iption' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.32 DESC 'Mail
>Preference' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.33 DESC 'MHS OR
>Address' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.34 DESC 'Name
>And Optional
>UID'
> )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.35 DESC 'Name Form
>Description'
> )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.36 DESC 'Numeric
>String' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.37 DESC 'Object Class
>Descriptio
> n' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.38 DESC 'OID' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.39 DESC 'Other Mailbox' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.40 DESC 'Octet String' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.41 DESC 'Postal
>Address' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.42 DESC 'Protocol
>Information' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.43 DESC 'Presentation
>Address' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.44 DESC
>'Printable String' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.11 DESC 'Country
>String' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.45 DESC
>'SubtreeSpecification' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.49 DESC 'Supported
>Algorithm' X-
> BINARY-TRANSFER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.50 DESC
>'Telephone Number' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.51 DESC 'Teletex Terminal
>Identi
> fier' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.52 DESC 'Telex Number' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.54 DESC 'LDAP Syntax
>Description
> ' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.55 DESC 'Modify Rights' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.56 DESC 'LDAP Schema
>Definition'
> )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.57 DESC 'LDAP Schema
>Description
> ' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.58 DESC 'Substring
>Assertion' )
>olcLdapSyntaxes: ( 1.3.6.1.1.1.0.0 DESC 'RFC2307 NIS Netgroup Triple' )
>olcLdapSyntaxes: ( 1.3.6.1.1.1.0.1 DESC 'RFC2307 Boot Parameter' )
>olcLdapSyntaxes: ( 1.3.6.1.1.15.1 DESC 'Certificate Exact Assertion' )
>olcLdapSyntaxes: ( 1.3.6.1.1.15.2 DESC 'Certificate Assertion' )
>olcLdapSyntaxes: ( 1.3.6.1.1.15.3 DESC 'Certificate Pair Exact
>Assertion' )
>olcLdapSyntaxes: ( 1.3.6.1.1.15.4 DESC 'Certificate Pair Assertion' )
>olcLdapSyntaxes: ( 1.3.6.1.1.15.5 DESC 'Certificate List Exact
>Assertion' )
>olcLdapSyntaxes: ( 1.3.6.1.1.15.6 DESC 'Certificate List Assertion' )
>olcLdapSyntaxes: ( 1.3.6.1.1.15.7 DESC 'Algorithm Identifier' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.11.10.2.2 DESC
>'AttributeCertificate E
> xact Assertion' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.11.10.2.3 DESC
>'AttributeCertificate A
> ssertion' )
>olcLdapSyntaxes: ( 1.3.6.1.1.16.1 DESC 'UUID' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.11.2.1 DESC 'CSN' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.11.2.4 DESC 'CSN SID' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.1.1.1 DESC 'OpenLDAP void' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.2.7 DESC 'OpenLDAP authz' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.2.1 DESC 'OpenLDAP Experimental
>ACI' )
>
>dn: cn={0}core,cn=schema,cn=config
>objectClass: olcSchemaConfig
>cn: {0}core
>olcAttributeTypes: {0}( 2.5.4.2 NAME 'knowledgeInformation' DESC
>'RFC2256: kno
> wledge information' EQUALITY caseIgnoreMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.
> 1.15{32768} )
>olcAttributeTypes: {1}( 2.5.4.4 NAME ( 'sn' 'surname' ) DESC 'RFC2256:
>last (f
> amily) name(s) for which the entity is known by' SUP name )
>olcAttributeTypes: {2}( 2.5.4.5 NAME 'serialNumber' DESC 'RFC2256:
>serial numb
> er of the entity' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreSubstringsMatch S
> YNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} )
>olcAttributeTypes: {3}( 2.5.4.6 NAME ( 'c' 'countryName' ) DESC
>'RFC2256: ISO-
> 3166 country 2-letter code' SUP name SINGLE-VALUE )
>olcAttributeTypes: {4}( 2.5.4.7 NAME ( 'l' 'localityName' ) DESC
>'RFC2256: loc
> ality which this object resides in' SUP name )
>olcAttributeTypes: {5}( 2.5.4.8 NAME ( 'st'
>'stateOrProvinceName' ) DESC
>'RFC2
> 256: state or province which this object resides in' SUP name )
>olcAttributeTypes: {6}( 2.5.4.9 NAME ( 'street' 'streetAddress' ) DESC
>'RFC225
> 6: street address of this object' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreS
> ubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
>olcAttributeTypes: {7}( 2.5.4.10 NAME ( 'o' 'organizationName' ) DESC
>'RFC2256
> : organization this object belongs to' SUP name )
>olcAttributeTypes: {8}( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' )
>DESC '
> RFC2256: organizational unit this object belongs to' SUP name )
>olcAttributeTypes: {9}( 2.5.4.12 NAME 'title' DESC 'RFC2256: title
>associated
> with the entity' SUP name )
>olcAttributeTypes: {10}( 2.5.4.14 NAME 'searchGuide' DESC 'RFC2256:
>search gui
> de, deprecated by enhancedSearchGuide' SYNTAX
>1.3.6.1.4.1.1466.115.121.1.25 )
>olcAttributeTypes: {11}( 2.5.4.15 NAME 'businessCategory' DESC
>'RFC2256:
>busin
> ess category' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreSubstringsMatch
>SYNTA
> X 1.3.6.1.4.1.1466.115.121.1.15{128} )
>olcAttributeTypes: {12}( 2.5.4.16 NAME 'postalAddress' DESC 'RFC2256:
>postal a
> ddress' EQUALITY caseIgnoreListMatch SUBSTR
>caseIgnoreListSubstringsMatch SYN
> TAX 1.3.6.1.4.1.1466.115.121.1.41 )
>olcAttributeTypes: {13}( 2.5.4.17 NAME 'postalCode' DESC 'RFC2256:
>postal code
> ' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
>1.3.6.1.4.
> 1.1466.115.121.1.15{40} )
>olcAttributeTypes: {14}( 2.5.4.18 NAME 'postOfficeBox' DESC 'RFC2256:
>Post Off
> ice Box' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
>SYNTAX 1.3
> .6.1.4.1.1466.115.121.1.15{40} )
>olcAttributeTypes: {15}( 2.5.4.19 NAME
>'physicalDeliveryOfficeName' DESC
>'RFC2
> 256: Physical Delivery Office Name' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnor
> eSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
>olcAttributeTypes: {16}( 2.5.4.20 NAME 'telephoneNumber' DESC 'RFC2256:
>Teleph
> one Number' EQUALITY telephoneNumberMatch SUBSTR
>telephoneNumberSubstringsMat
> ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} )
>olcAttributeTypes: {17}( 2.5.4.21 NAME 'telexNumber' DESC 'RFC2256:
>Telex Numb
> er' SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 )
>olcAttributeTypes: {18}( 2.5.4.22 NAME 'teletexTerminalIdentifier' DESC
>'RFC22
> 56: Teletex Terminal Identifier' SYNTAX
>1.3.6.1.4.1.1466.115.121.1.51 )
>olcAttributeTypes: {19}( 2.5.4.23 NAME ( 'facsimileTelephoneNumber'
>'fax' ) DE
> SC 'RFC2256: Facsimile (Fax) Telephone Number' SYNTAX
>1.3.6.1.4.1.1466.115.12
> 1.1.22 )
>olcAttributeTypes: {20}( 2.5.4.24 NAME 'x121Address' DESC 'RFC2256:
>X.121 Addr
> ess' EQUALITY numericStringMatch SUBSTR numericStringSubstringsMatch
>SYNTAX 1
> .3.6.1.4.1.1466.115.121.1.36{15} )
>olcAttributeTypes: {21}( 2.5.4.25 NAME 'internationaliSDNNumber' DESC
>'RFC2256
> : international ISDN number' EQUALITY numericStringMatch SUBSTR
>numericString
> SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} )
>olcAttributeTypes: {22}( 2.5.4.26 NAME 'registeredAddress' DESC
>'RFC2256: regi
> stered postal address' SUP postalAddress SYNTAX
>1.3.6.1.4.1.1466.115.121.1.41
> )
>olcAttributeTypes: {23}( 2.5.4.27 NAME 'destinationIndicator' DESC
>'RFC2256: d
> estination indicator' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreSubstringsMat
> ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} )
>olcAttributeTypes: {24}( 2.5.4.28 NAME 'preferredDeliveryMethod' DESC
>'RFC2256
> : preferred delivery method' SYNTAX 1.3.6.1.4.1.1466.115.121.1.14
>SINGLE-VALU
> E )
>olcAttributeTypes: {25}( 2.5.4.29 NAME 'presentationAddress' DESC
>'RFC2256: pr
> esentation address' EQUALITY presentationAddressMatch SYNTAX
>1.3.6.1.4.1.1466
> .115.121.1.43 SINGLE-VALUE )
>olcAttributeTypes: {26}( 2.5.4.30 NAME 'supportedApplicationContext'
>DESC 'RFC
> 2256: supported application context' EQUALITY objectIdentifierMatch
>SYNTAX 1.
> 3.6.1.4.1.1466.115.121.1.38 )
>olcAttributeTypes: {27}( 2.5.4.31 NAME 'member' DESC 'RFC2256:
>member of
>a gro
> up' SUP distinguishedName )
>olcAttributeTypes: {28}( 2.5.4.32 NAME 'owner' DESC 'RFC2256: owner (of
>the ob
> ject)' SUP distinguishedName )
>olcAttributeTypes: {29}( 2.5.4.33 NAME 'roleOccupant' DESC 'RFC2256:
>occupant
> of role' SUP distinguishedName )
>olcAttributeTypes: {30}( 2.5.4.36 NAME 'userCertificate' DESC 'RFC2256:
>X.509
> user certificate, use ;binary' EQUALITY certificateExactMatch SYNTAX
>1.3.6.1.
> 4.1.1466.115.121.1.8 )
>olcAttributeTypes: {31}( 2.5.4.37 NAME 'cACertificate' DESC 'RFC2256:
>X.509 CA
> certificate, use ;binary' EQUALITY certificateExactMatch SYNTAX
>1.3.6.1.4.1.
> 1466.115.121.1.8 )
>olcAttributeTypes: {32}( 2.5.4.38 NAME 'authorityRevocationList' DESC
>'RFC2256
> : X.509 authority revocation list, use ;binary' SYNTAX
>1.3.6.1.4.1.1466.115.1
> 21.1.9 )
>olcAttributeTypes: {33}( 2.5.4.39 NAME 'certificateRevocationList' DESC
>'RFC22
> 56: X.509 certificate revocation list, use ;binary' SYNTAX
>1.3.6.1.4.1.1466.1
> 15.121.1.9 )
>olcAttributeTypes: {34}( 2.5.4.40 NAME 'crossCertificatePair' DESC
>'RFC2256: X
> .509 cross certificate pair, use ;binary' SYNTAX
>1.3.6.1.4.1.1466.115.121.1.1
> 0 )
>olcAttributeTypes: {35}( 2.5.4.42 NAME ( 'givenName' 'gn' ) DESC
>'RFC2256: fir
> st name(s) for which the entity is known by' SUP name )
>olcAttributeTypes: {36}( 2.5.4.43 NAME 'initials' DESC 'RFC2256:
>initials of s
> ome or all of names, but not the surname(s).' SUP name )
>olcAttributeTypes: {37}( 2.5.4.44 NAME 'generationQualifier' DESC
>'RFC2256: na
> me qualifier indicating a generation' SUP name )
>olcAttributeTypes: {38}( 2.5.4.45 NAME 'x500UniqueIdentifier' DESC
>'RFC2256: X
> .500 unique identifier' EQUALITY bitStringMatch SYNTAX
>1.3.6.1.4.1.1466.115.1
> 21.1.6 )
>olcAttributeTypes: {39}( 2.5.4.46 NAME 'dnQualifier' DESC 'RFC2256: DN
>qualifi
> er' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR
>caseIgno
> reSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 )
>olcAttributeTypes: {40}( 2.5.4.47 NAME 'enhancedSearchGuide' DESC
>'RFC2256: en
> hanced search guide' SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 )
>olcAttributeTypes: {41}( 2.5.4.48 NAME 'protocolInformation' DESC
>'RFC2256: pr
> otocol information' EQUALITY protocolInformationMatch SYNTAX
>1.3.6.1.4.1.1466
> .115.121.1.42 )
>olcAttributeTypes: {42}( 2.5.4.50 NAME 'uniqueMember' DESC 'RFC2256:
>unique me
> mber of a group' EQUALITY uniqueMemberMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1
> .34 )
>olcAttributeTypes: {43}( 2.5.4.51 NAME 'houseIdentifier' DESC 'RFC2256:
>house
> identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
>SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15{32768} )
>olcAttributeTypes: {44}( 2.5.4.52 NAME 'supportedAlgorithms' DESC
>'RFC2256: su
> pported algorithms' SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 )
>olcAttributeTypes: {45}( 2.5.4.53 NAME 'deltaRevocationList' DESC
>'RFC2256: de
> lta revocation list; use ;binary' SYNTAX
>1.3.6.1.4.1.1466.115.121.1.9 )
>olcAttributeTypes: {46}( 2.5.4.54 NAME 'dmdName' DESC 'RFC2256: name of
>DMD' S
> UP name )
>olcAttributeTypes: {47}( 2.5.4.65 NAME 'pseudonym' DESC 'X.520(4th):
>pseudonym
> for the object' SUP name )
>olcAttributeTypes: {48}( 0.9.2342.19200300.100.1.3 NAME ( 'mail'
>'rfc822Mailbo
> x' ) DESC 'RFC1274: RFC822 Mailbox' EQUALITY caseIgnoreIA5Match
>SUBSTR ca
> seIgnoreIA5SubstringsMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.26{256} )
>olcAttributeTypes: {49}( 0.9.2342.19200300.100.1.25 NAME ( 'dc'
>'domainCompone
> nt' ) DESC 'RFC1274/2247: domain component' EQUALITY
>caseIgnoreIA5Match
>SUBST
> R caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
>SINGLE-VA
> LUE )
>olcAttributeTypes: {50}( 0.9.2342.19200300.100.1.37 NAME
>'associatedDomain' DE
> SC 'RFC1274: domain associated with object' EQUALITY
>caseIgnoreIA5Match
>SUBST
> R caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
>olcAttributeTypes: {51}( 1.2.840.113549.1.9.1 NAME ( 'email'
>'emailAddress' 'p
> kcs9email' ) DESC 'RFC3280: legacy attribute for email addresses in
>DNs' EQUA
> LITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX
>1.3.6.1.4.
> 1.1466.115.121.1.26{128} )
>olcObjectClasses: {0}( 2.5.6.2 NAME 'country' DESC 'RFC2256: a country'
>SUP to
> p STRUCTURAL MUST c MAY ( searchGuide $ description ) )
>olcObjectClasses: {1}( 2.5.6.3 NAME 'locality' DESC 'RFC2256: a
>locality' SUP
> top STRUCTURAL MAY ( street $ seeAlso $ searchGuide $ st $ l $
>description )
> )
>olcObjectClasses: {2}( 2.5.6.4 NAME 'organization' DESC 'RFC2256: an
>organizat
> ion' SUP top STRUCTURAL MUST o MAY ( userPassword $ searchGuide $
>seeAlso $ b
> usinessCategory $ x121Address $ registeredAddress $
>destinationIndicator $ pr
> eferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
>telephoneNu
> mber $ internationaliSDNNumber $ facsimileTelephoneNumber $ street $
>postOff
> iceBox $ postalCode $ postalAddress $
>physicalDeliveryOfficeName $ st $
>l $ d
> escription ) )
>olcObjectClasses: {3}( 2.5.6.5 NAME 'organizationalUnit' DESC 'RFC2256:
>an org
> anizational unit' SUP top STRUCTURAL MUST ou MAY ( userPassword $
>searchGuide
> $ seeAlso $ businessCategory $ x121Address $ registeredAddress $
>destination
> Indicator $ preferredDeliveryMethod $ telexNumber $
>teletexTerminalIdentifier
> $ telephoneNumber $ internationaliSDNNumber $
>facsimileTelephoneNumber
>$ str
> eet $ postOfficeBox $ postalCode $ postalAddress $
>physicalDeliveryOfficeName
> $ st $ l $ description ) )
>olcObjectClasses: {4}( 2.5.6.6 NAME 'person' DESC 'RFC2256: a person'
>SUP top
> STRUCTURAL MUST ( sn $ cn ) MAY ( userPassword $ telephoneNumber $
>seeAlso $
> description ) )
>olcObjectClasses: {5}( 2.5.6.7 NAME 'organizationalPerson' DESC
>'RFC2256: an o
> rganizational person' SUP person STRUCTURAL MAY ( title $
>x121Address $
>regis
> teredAddress $ destinationIndicator $ preferredDeliveryMethod $
>telexNumber $
> teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber
>$ fac
> simileTelephoneNumber $ street $ postOfficeBox $ postalCode $
>postalAddress $
> physicalDeliveryOfficeName $ ou $ st $ l ) )
>olcObjectClasses: {6}( 2.5.6.8 NAME 'organizationalRole' DESC 'RFC2256:
>an org
> anizational role' SUP top STRUCTURAL MUST cn MAY ( x121Address $
>registeredAd
> dress $ destinationIndicator $ preferredDeliveryMethod $ telexNumber $
>telete
> xTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $
>facsimileTe
> lephoneNumber $ seeAlso $ roleOccupant $ preferredDeliveryMethod $
>street $ p
> ostOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName
>$ ou $
> st $ l $ description ) )
>olcObjectClasses: {7}( 2.5.6.9 NAME 'groupOfNames' DESC 'RFC2256: a
>group of n
> ames (DNs)' SUP top STRUCTURAL MUST ( member $ cn ) MAY (
>businessCategory $
> seeAlso $ owner $ ou $ o $ description ) )
>olcObjectClasses: {8}( 2.5.6.10 NAME 'residentialPerson' DESC 'RFC2256:
>an res
> idential person' SUP person STRUCTURAL MUST l MAY ( businessCategory $
>x121Ad
> dress $ registeredAddress $ destinationIndicator $
>preferredDeliveryMethod $
> telexNumber $ teletexTerminalIdentifier $ telephoneNumber $
>internationaliSDN
> Number $ facsimileTelephoneNumber $ preferredDeliveryMethod $ street $
>postOf
> ficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName $ st
>$ l )
> )
>olcObjectClasses: {9}( 2.5.6.11 NAME 'applicationProcess' DESC
>'RFC2256:
>an ap
> plication process' SUP top STRUCTURAL MUST cn MAY ( seeAlso $ ou $ l $
>descri
> ption ) )
>olcObjectClasses: {10}( 2.5.6.12 NAME 'applicationEntity' DESC
>'RFC2256:
>an ap
> plication entity' SUP top STRUCTURAL MUST ( presentationAddress $ cn )
>MAY (
> supportedApplicationContext $ seeAlso $ ou $ o $ l $ description ) )
>olcObjectClasses: {11}( 2.5.6.13 NAME 'dSA' DESC 'RFC2256: a directory
>system
> agent (a server)' SUP applicationEntity STRUCTURAL MAY
>knowledgeInformation )
>olcObjectClasses: {12}( 2.5.6.14 NAME 'device' DESC 'RFC2256: a device'
>SUP to
> p STRUCTURAL MUST cn MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l
>$ desc
> ription ) )
>olcObjectClasses: {13}( 2.5.6.15 NAME 'strongAuthenticationUser' DESC
>'RFC2256
> : a strong authentication user' SUP top AUXILIARY MUST
>userCertificate )
>olcObjectClasses: {14}( 2.5.6.16 NAME 'certificationAuthority' DESC
>'RFC2256:
> a certificate authority' SUP top AUXILIARY MUST (
>authorityRevocationList $ c
> ertificateRevocationList $ cACertificate ) MAY crossCertificatePair )
>olcObjectClasses: {15}( 2.5.6.17 NAME 'groupOfUniqueNames' DESC
>'RFC2256: a gr
> oup of unique names (DN and Unique Identifier)' SUP top
>STRUCTURAL MUST
>( uni
> queMember $ cn ) MAY ( businessCategory $ seeAlso $ owner $ ou $ o $
>descript
> ion ) )
>olcObjectClasses: {16}( 2.5.6.18 NAME 'userSecurityInformation' DESC
>'RFC2256:
> a user security information' SUP top AUXILIARY MAY (
>supportedAlgorithms ) )
>olcObjectClasses: {17}( 2.5.6.16.2 NAME 'certificationAuthority-V2' SUP
>certif
> icationAuthority AUXILIARY MAY ( deltaRevocationList ) )
>olcObjectClasses: {18}( 2.5.6.19 NAME 'cRLDistributionPoint' SUP top
>STRUCTURA
> L MUST ( cn ) MAY ( certificateRevocationList $
>authorityRevocationList
>$ del
> taRevocationList ) )
>olcObjectClasses: {19}( 2.5.6.20 NAME 'dmd' SUP top STRUCTURAL MUST (
>dmdName
> ) MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
>x121Address
> $ registeredAddress $ destinationIndicator $
>preferredDeliveryMethod $
>telex
> Number $ teletexTerminalIdentifier $ telephoneNumber $
>internationaliSDNNumbe
> r $ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
>postalAd
> dress $ physicalDeliveryOfficeName $ st $ l $ description ) )
>olcObjectClasses: {20}( 2.5.6.21 NAME 'pkiUser' DESC 'RFC2587: a PKI
>user' SUP
> top AUXILIARY MAY userCertificate )
>olcObjectClasses: {21}( 2.5.6.22 NAME 'pkiCA' DESC 'RFC2587: PKI
>certificate a
> uthority' SUP top AUXILIARY MAY ( authorityRevocationList $
>certificateRevoca
> tionList $ cACertificate $ crossCertificatePair ) )
>olcObjectClasses: {22}( 2.5.6.23 NAME 'deltaCRL' DESC 'RFC2587: PKI
>user' SUP
> top AUXILIARY MAY deltaRevocationList )
>olcObjectClasses: {23}( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject'
>DESC 'RFC
> 2079: object that contains the URI attribute type' MAY ( labeledURI )
>SUP top
> AUXILIARY )
>olcObjectClasses: {24}( 0.9.2342.19200300.100.4.19 NAME
>'simpleSecurityObject'
> DESC 'RFC1274: simple security object' SUP top AUXILIARY MUST
>userPassword )
>olcObjectClasses: {25}( 1.3.6.1.4.1.1466.344 NAME 'dcObject' DESC
>'RFC2247: do
> main component object' SUP top AUXILIARY MUST dc )
>olcObjectClasses: {26}( 1.3.6.1.1.3.1 NAME 'uidObject' DESC 'RFC2377:
>uid obje
> ct' SUP top AUXILIARY MUST uid )
>
>dn: cn={1}cosine,cn=schema,cn=config
>objectClass: olcSchemaConfig
>cn: {1}cosine
>olcAttributeTypes: {0}( 0.9.2342.19200300.100.1.2 NAME
>'textEncodedORAddress'
> EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
>1.3.6.1.4.1.
> 1466.115.121.1.15{256} )
>olcAttributeTypes: {1}( 0.9.2342.19200300.100.1.4 NAME 'info' DESC
>'RFC1274: g
> eneral information' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{2048} )
>olcAttributeTypes: {2}( 0.9.2342.19200300.100.1.5 NAME ( 'drink'
>'favouriteDri
> nk' ) DESC 'RFC1274: favorite drink' EQUALITY caseIgnoreMatch SUBSTR
>caseIgno
> reSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>olcAttributeTypes: {3}( 0.9.2342.19200300.100.1.6 NAME
>'roomNumber' DESC
>'RFC1
> 274: room number' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreSubstringsMatch S
> YNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>olcAttributeTypes: {4}( 0.9.2342.19200300.100.1.7 NAME 'photo' DESC
>'RFC1274:
> photo (G3 fax)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.23{25000} )
>olcAttributeTypes: {5}( 0.9.2342.19200300.100.1.8 NAME 'userClass' DESC
>'RFC12
> 74: category of user' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreSubstringsMat
> ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>olcAttributeTypes: {6}( 0.9.2342.19200300.100.1.9 NAME 'host' DESC
>'RFC1274: h
> ost computer' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreSubstringsMatch
>SYNTA
> X 1.3.6.1.4.1.1466.115.121.1.15{256} )
>olcAttributeTypes: {7}( 0.9.2342.19200300.100.1.10 NAME 'manager' DESC
>'RFC127
> 4: DN of manager' EQUALITY distinguishedNameMatch SYNTAX
>1.3.6.1.4.1.1466.115
> .121.1.12 )
>olcAttributeTypes: {8}( 0.9.2342.19200300.100.1.11 NAME
>'documentIdentifier' D
> ESC 'RFC1274: unique identifier of document' EQUALITY caseIgnoreMatch
>SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>olcAttributeTypes: {9}( 0.9.2342.19200300.100.1.12 NAME 'documentTitle'
>DESC '
> RFC1274: title of document' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreSubstri
> ngsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>olcAttributeTypes: {10}( 0.9.2342.19200300.100.1.13 NAME
>'documentVersion' DES
> C 'RFC1274: version of document' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreSu
> bstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>olcAttributeTypes: {11}( 0.9.2342.19200300.100.1.14 NAME
>'documentAuthor' DESC
> 'RFC1274: DN of author of document' EQUALITY distinguishedNameMatch
>SYNTAX 1
> .3.6.1.4.1.1466.115.121.1.12 )
>olcAttributeTypes: {12}( 0.9.2342.19200300.100.1.15 NAME
>'documentLocation' DE
> SC 'RFC1274: location of document original' EQUALITY caseIgnoreMatch
>SUBSTR c
> aseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>olcAttributeTypes: {13}( 0.9.2342.19200300.100.1.20 NAME ( 'homePhone'
>'homeTe
> lephoneNumber' ) DESC 'RFC1274: home telephone number' EQUALITY
>telephoneNumb
> erMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX
>1.3.6.1.4.1.1466.115.121
> .1.50 )
>olcAttributeTypes: {14}( 0.9.2342.19200300.100.1.21 NAME 'secretary'
>DESC 'RFC
> 1274: DN of secretary' EQUALITY distinguishedNameMatch SYNTAX
>1.3.6.1.4.1.146
> 6.115.121.1.12 )
>olcAttributeTypes: {15}( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox'
>SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.39 )
>olcAttributeTypes: {16}( 0.9.2342.19200300.100.1.26 NAME 'aRecord'
>EQUALITY ca
> seIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
>olcAttributeTypes: {17}( 0.9.2342.19200300.100.1.27 NAME 'mDRecord'
>EQUALITY c
> aseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
>olcAttributeTypes: {18}( 0.9.2342.19200300.100.1.28 NAME 'mXRecord'
>EQUALITY c
> aseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
>olcAttributeTypes: {19}( 0.9.2342.19200300.100.1.29 NAME 'nSRecord'
>EQUALITY c
> aseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
>olcAttributeTypes: {20}( 0.9.2342.19200300.100.1.30 NAME 'sOARecord'
>EQUALITY
> caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
>olcAttributeTypes: {21}( 0.9.2342.19200300.100.1.31 NAME 'cNAMERecord'
>EQUALIT
> Y caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
>olcAttributeTypes: {22}( 0.9.2342.19200300.100.1.38 NAME
>'associatedName' DESC
> 'RFC1274: DN of entry associated with domain' EQUALITY
>distinguishedNameMatc
> h SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
>olcAttributeTypes: {23}( 0.9.2342.19200300.100.1.39 NAME
>'homePostalAddress' D
> ESC 'RFC1274: home postal address' EQUALITY caseIgnoreListMatch SUBSTR
>caseIg
> noreListSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
>olcAttributeTypes: {24}( 0.9.2342.19200300.100.1.40 NAME
>'personalTitle'
>DESC
> 'RFC1274: personal title' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreSubstring
> sMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>olcAttributeTypes: {25}( 0.9.2342.19200300.100.1.41 NAME ( 'mobile'
>'mobileTel
> ephoneNumber' ) DESC 'RFC1274: mobile telephone number' EQUALITY
>telephoneNum
> berMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX
>1.3.6.1.4.1.1466.115.12
> 1.1.50 )
>olcAttributeTypes: {26}( 0.9.2342.19200300.100.1.42 NAME ( 'pager'
>'pagerTelep
> honeNumber' ) DESC 'RFC1274: pager telephone number' EQUALITY
>telephoneNumber
> Match SUBSTR telephoneNumberSubstringsMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1
> .50 )
>olcAttributeTypes: {27}( 0.9.2342.19200300.100.1.43 NAME ( 'co'
>'friendlyCount
> ryName' ) DESC 'RFC1274: friendly country name' EQUALITY
>caseIgnoreMatch SUBS
> TR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
>olcAttributeTypes: {28}( 0.9.2342.19200300.100.1.44 NAME
>'uniqueIdentifier' DE
> SC 'RFC1274: unique identifer' EQUALITY caseIgnoreMatch SYNTAX
>1.3.6.1.4.1.14
> 66.115.121.1.15{256} )
>olcAttributeTypes: {29}( 0.9.2342.19200300.100.1.45 NAME
>'organizationalStatus
> ' DESC 'RFC1274: organizational status' EQUALITY
>caseIgnoreMatch SUBSTR
>caseI
> gnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>olcAttributeTypes: {30}( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox'
>DESC '
> RFC1274: Janet mailbox' EQUALITY caseIgnoreIA5Match SUBSTR
>caseIgnoreIA5Subst
> ringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
>olcAttributeTypes: {31}( 0.9.2342.19200300.100.1.47 NAME
>'mailPreferenceOption
> ' DESC 'RFC1274: mail preference option' SYNTAX
>1.3.6.1.4.1.1466.115.121.1.27
> )
>olcAttributeTypes: {32}( 0.9.2342.19200300.100.1.48 NAME 'buildingName'
>DESC '
> RFC1274: name of building' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreSubstrin
> gsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>olcAttributeTypes: {33}( 0.9.2342.19200300.100.1.49 NAME 'dSAQuality'
>DESC 'RF
> C1274: DSA Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1.19
>SINGLE-VALUE )
>olcAttributeTypes: {34}( 0.9.2342.19200300.100.1.50 NAME
>'singleLevelQuality'
> DESC 'RFC1274: Single Level Quality' SYNTAX
>1.3.6.1.4.1.1466.115.121.1.13 SIN
> GLE-VALUE )
>olcAttributeTypes: {35}( 0.9.2342.19200300.100.1.51 NAME
>'subtreeMinimumQualit
> y' DESC 'RFC1274: Subtree Mininum Quality' SYNTAX
>1.3.6.1.4.1.1466.115.121.1.
> 13 SINGLE-VALUE )
>olcAttributeTypes: {36}( 0.9.2342.19200300.100.1.52 NAME
>'subtreeMaximumQualit
> y' DESC 'RFC1274: Subtree Maximun Quality' SYNTAX
>1.3.6.1.4.1.1466.115.121.1.
> 13 SINGLE-VALUE )
>olcAttributeTypes: {37}( 0.9.2342.19200300.100.1.53 NAME
>'personalSignature' D
> ESC 'RFC1274: Personal Signature (G3 fax)' SYNTAX
>1.3.6.1.4.1.1466.115.121.1.
> 23 )
>olcAttributeTypes: {38}( 0.9.2342.19200300.100.1.54 NAME 'dITRedirect'
>DESC 'R
> FC1274: DIT Redirect' EQUALITY distinguishedNameMatch SYNTAX
>1.3.6.1.4.1.1466
> .115.121.1.12 )
>olcAttributeTypes: {39}( 0.9.2342.19200300.100.1.55 NAME 'audio' DESC
>'RFC1274
> : audio (u-law)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.4{25000} )
>olcAttributeTypes: {40}( 0.9.2342.19200300.100.1.56 NAME
>'documentPublisher' D
> ESC 'RFC1274: publisher of document' EQUALITY caseIgnoreMatch SUBSTR
>caseIgno
> reSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
>olcObjectClasses: {0}( 0.9.2342.19200300.100.4.4 NAME ( 'pilotPerson'
>'newPilo
> tPerson' ) SUP person STRUCTURAL MAY ( userid $ textEncodedORAddress $
>rfc822
> Mailbox $ favouriteDrink $ roomNumber $ userClass $
>homeTelephoneNumber
>$ hom
> ePostalAddress $ secretary $ personalTitle $ preferredDeliveryMethod $
>busine
> ssCategory $ janetMailbox $ otherMailbox $ mobileTelephoneNumber $
>pagerTelep
> honeNumber $ organizationalStatus $ mailPreferenceOption $
>personalSignature
> ) )
>olcObjectClasses: {1}( 0.9.2342.19200300.100.4.5 NAME 'account' SUP top
>STRUCT
> URAL MUST userid MAY ( description $ seeAlso $ localityName $
>organizationNam
> e $ organizationalUnitName $ host ) )
>olcObjectClasses: {2}( 0.9.2342.19200300.100.4.6 NAME
>'document' SUP top
>STRUC
> TURAL MUST documentIdentifier MAY ( commonName $ description $ seeAlso
>$ loca
> lityName $ organizationName $ organizationalUnitName $ documentTitle $
>docume
> ntVersion $ documentAuthor $ documentLocation $ documentPublisher ) )
>olcObjectClasses: {3}( 0.9.2342.19200300.100.4.7 NAME 'room' SUP top
>STRUCTURA
> L MUST commonName MAY ( roomNumber $ description $ seeAlso $
>telephoneNumber
> ) )
>olcObjectClasses: {4}( 0.9.2342.19200300.100.4.9 NAME 'documentSeries'
>SUP top
> STRUCTURAL MUST commonName MAY ( description $ seeAlso $
>telephonenumber $ l
> ocalityName $ organizationName $ organizationalUnitName ) )
>olcObjectClasses: {5}( 0.9.2342.19200300.100.4.13 NAME 'domain' SUP top
>STRUCT
> URAL MUST domainComponent MAY ( associatedName $ organizationName $
>descripti
> on $ businessCategory $ seeAlso $ searchGuide $ userPassword $
>localityName $
> stateOrProvinceName $ streetAddress $ physicalDeliveryOfficeName $
>postalAdd
> ress $ postalCode $ postOfficeBox $ streetAddress $
>facsimileTelephoneNumber
> $ internationalISDNNumber $ telephoneNumber $
>teletexTerminalIdentifier
>$ tel
> exNumber $ preferredDeliveryMethod $ destinationIndicator $
>registeredAddress
> $ x121Address ) )
>olcObjectClasses: {6}( 0.9.2342.19200300.100.4.14 NAME
>'RFC822localPart'
>SUP d
> omain STRUCTURAL MAY ( commonName $ surname $ description $ seeAlso $
>telepho
> neNumber $ physicalDeliveryOfficeName $ postalAddress $ postalCode $
>postOffi
> ceBox $ streetAddress $ facsimileTelephoneNumber $
>internationalISDNNumber $
> telephoneNumber $ teletexTerminalIdentifier $ telexNumber $
>preferredDelivery
> Method $ destinationIndicator $ registeredAddress $ x121Address ) )
>olcObjectClasses: {7}( 0.9.2342.19200300.100.4.15 NAME 'dNSDomain' SUP
>domain
> STRUCTURAL MAY ( ARecord $ MDRecord $ MXRecord $ NSRecord $
>SOARecord $
>CNAME
> Record ) )
>olcObjectClasses: {8}( 0.9.2342.19200300.100.4.17 NAME
>'domainRelatedObject' D
> ESC 'RFC1274: an object related to an domain' SUP top AUXILIARY MUST
>associat
> edDomain )
>olcObjectClasses: {9}( 0.9.2342.19200300.100.4.18 NAME
>'friendlyCountry'
>SUP c
> ountry STRUCTURAL MUST friendlyCountryName )
>olcObjectClasses: {10}( 0.9.2342.19200300.100.4.20 NAME
>'pilotOrganization' SU
> P ( organization $ organizationalUnit ) STRUCTURAL MAY buildingName )
>olcObjectClasses: {11}( 0.9.2342.19200300.100.4.21 NAME 'pilotDSA' SUP
>dsa STR
> UCTURAL MAY dSAQuality )
>olcObjectClasses: {12}( 0.9.2342.19200300.100.4.22 NAME
>'qualityLabelledData'
> SUP top AUXILIARY MUST dsaQuality MAY ( subtreeMinimumQuality $
>subtreeMaximu
> mQuality ) )
>
>dn: cn={2}nis,cn=schema,cn=config
>objectClass: olcSchemaConfig
>cn: {2}nis
>olcAttributeTypes: {0}( 1.3.6.1.1.1.1.2 NAME 'gecos' DESC 'The GECOS
>field; th
> e common name' EQUALITY caseIgnoreIA5Match SUBSTR
>caseIgnoreIA5SubstringsMatc
> h SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
>olcAttributeTypes: {1}( 1.3.6.1.1.1.1.3 NAME 'homeDirectory' DESC 'The
>absolut
> e path to the home directory' EQUALITY caseExactIA5Match SYNTAX
>1.3.6.1.4.1.1
> 466.115.121.1.26 SINGLE-VALUE )
>olcAttributeTypes: {2}( 1.3.6.1.1.1.1.4 NAME 'loginShell' DESC
>'The path
>to th
> e login shell' EQUALITY caseExactIA5Match SYNTAX
>1.3.6.1.4.1.1466.115.121.1.2
> 6 SINGLE-VALUE )
>olcAttributeTypes: {3}( 1.3.6.1.1.1.1.5 NAME
>'shadowLastChange' EQUALITY
>integ
> erMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {4}( 1.3.6.1.1.1.1.6 NAME 'shadowMin' EQUALITY
>integerMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {5}( 1.3.6.1.1.1.1.7 NAME 'shadowMax' EQUALITY
>integerMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {6}( 1.3.6.1.1.1.1.8 NAME 'shadowWarning' EQUALITY
>integerM
> atch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {7}( 1.3.6.1.1.1.1.9 NAME 'shadowInactive' EQUALITY
>integer
> Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {8}( 1.3.6.1.1.1.1.10 NAME 'shadowExpire' EQUALITY
>integerM
> atch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {9}( 1.3.6.1.1.1.1.11 NAME 'shadowFlag' EQUALITY
>integerMat
> ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {10}( 1.3.6.1.1.1.1.12 NAME 'memberUid' EQUALITY
>caseExactI
> A5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.
> 26 )
>olcAttributeTypes: {11}( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup'
>EQUALITY ca
> seExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX
>1.3.6.1.4.1.1466.11
> 5.121.1.26 )
>olcAttributeTypes: {12}( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple' DESC
>'Netgr
> oup triple' SYNTAX 1.3.6.1.1.1.0.0 )
>olcAttributeTypes: {13}( 1.3.6.1.1.1.1.15 NAME 'ipServicePort' EQUALITY
>intege
> rMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {14}( 1.3.6.1.1.1.1.16 NAME 'ipServiceProtocol' SUP
>name )
>olcAttributeTypes: {15}( 1.3.6.1.1.1.1.17 NAME 'ipProtocolNumber'
>EQUALITY int
> egerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {16}( 1.3.6.1.1.1.1.18 NAME 'oncRpcNumber' EQUALITY
>integer
> Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {17}( 1.3.6.1.1.1.1.19 NAME 'ipHostNumber' DESC 'IP
>address
> ' EQUALITY caseIgnoreIA5Match SYNTAX
>1.3.6.1.4.1.1466.115.121.1.26{128} )
>olcAttributeTypes: {18}( 1.3.6.1.1.1.1.20 NAME 'ipNetworkNumber' DESC
>'IP netw
> ork' EQUALITY caseIgnoreIA5Match SYNTAX
>1.3.6.1.4.1.1466.115.121.1.26{128} SI
> NGLE-VALUE )
>olcAttributeTypes: {19}( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber' DESC
>'IP netm
> ask' EQUALITY caseIgnoreIA5Match SYNTAX
>1.3.6.1.4.1.1466.115.121.1.26{128} SI
> NGLE-VALUE )
>olcAttributeTypes: {20}( 1.3.6.1.1.1.1.22 NAME 'macAddress' DESC 'MAC
>address'
> EQUALITY caseIgnoreIA5Match SYNTAX
>1.3.6.1.4.1.1466.115.121.1.26{128} )
>olcAttributeTypes: {21}( 1.3.6.1.1.1.1.23 NAME 'bootParameter' DESC
>'rpc.bootp
> aramd parameter' SYNTAX 1.3.6.1.1.1.0.1 )
>olcAttributeTypes: {22}( 1.3.6.1.1.1.1.24 NAME 'bootFile' DESC 'Boot
>image nam
> e' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
>olcAttributeTypes: {23}( 1.3.6.1.1.1.1.26 NAME 'nisMapName' SUP name )
>olcAttributeTypes: {24}( 1.3.6.1.1.1.1.27 NAME 'nisMapEntry' EQUALITY
>caseExac
> tIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.
> 1.26{1024} SINGLE-VALUE )
>olcObjectClasses: {0}( 1.3.6.1.1.1.2.0 NAME 'posixAccount' DESC
>'Abstraction o
> f an account with POSIX attributes' SUP top AUXILIARY MUST (
>cn $ uid $
>uidNu
> mber $ gidNumber $ homeDirectory ) MAY ( userPassword $ loginShell $
>gecos $
> description ) )
>olcObjectClasses: {1}( 1.3.6.1.1.1.2.1 NAME 'shadowAccount' DESC
>'Additional a
> ttributes for shadow passwords' SUP top AUXILIARY MUST uid MAY (
>userPassword
> $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $
>shadowInactive
> $ shadowExpire $ shadowFlag $ description ) )
>olcObjectClasses: {2}( 1.3.6.1.1.1.2.2 NAME 'posixGroup' DESC
>'Abstraction of
> a group of accounts' SUP top STRUCTURAL MUST ( cn $ gidNumber ) MAY (
>userPas
> sword $ memberUid $ description ) )
>olcObjectClasses: {3}( 1.3.6.1.1.1.2.3 NAME 'ipService' DESC
>'Abstraction an I
> nternet Protocol service' SUP top STRUCTURAL MUST ( cn $ ipServicePort
>$ ipSe
> rviceProtocol ) MAY description )
>olcObjectClasses: {4}( 1.3.6.1.1.1.2.4 NAME 'ipProtocol' DESC
>'Abstraction of
> an IP protocol' SUP top STRUCTURAL MUST ( cn $ ipProtocolNumber $
>description
> ) MAY description )
>olcObjectClasses: {5}( 1.3.6.1.1.1.2.5 NAME 'oncRpc' DESC 'Abstraction
>of an O
> NC/RPC binding' SUP top STRUCTURAL MUST ( cn $ oncRpcNumber $
>description ) M
> AY description )
>olcObjectClasses: {6}( 1.3.6.1.1.1.2.6 NAME 'ipHost' DESC 'Abstraction
>of a ho
> st, an IP device' SUP top AUXILIARY MUST ( cn $ ipHostNumber ) MAY ( l
>$ desc
> ription $ manager ) )
>olcObjectClasses: {7}( 1.3.6.1.1.1.2.7 NAME 'ipNetwork' DESC
>'Abstraction of a
> n IP network' SUP top STRUCTURAL MUST ( cn $ ipNetworkNumber ) MAY (
>ipNetmas
> kNumber $ l $ description $ manager ) )
>olcObjectClasses: {8}( 1.3.6.1.1.1.2.8 NAME 'nisNetgroup' DESC
>'Abstraction of
> a netgroup' SUP top STRUCTURAL MUST cn MAY ( nisNetgroupTriple $
>memberNisNe
> tgroup $ description ) )
>olcObjectClasses: {9}( 1.3.6.1.1.1.2.9 NAME 'nisMap' DESC 'A generic
>abstracti
> on of a NIS map' SUP top STRUCTURAL MUST nisMapName MAY description )
>olcObjectClasses: {10}( 1.3.6.1.1.1.2.10 NAME 'nisObject' DESC
>'An entry
>in a
> NIS map' SUP top STRUCTURAL MUST ( cn $ nisMapEntry $ nisMapName ) MAY
>descri
> ption )
>olcObjectClasses: {11}( 1.3.6.1.1.1.2.11 NAME 'ieee802Device' DESC 'A
>device w
> ith a MAC address' SUP top AUXILIARY MAY macAddress )
>olcObjectClasses: {12}( 1.3.6.1.1.1.2.12 NAME 'bootableDevice' DESC 'A
>device
> with boot parameters' SUP top AUXILIARY MAY ( bootFile $
>bootParameter ) )
>
>dn: cn={3}inetorgperson,cn=schema,cn=config
>objectClass: olcSchemaConfig
>cn: {3}inetorgperson
>olcAttributeTypes: {0}( 2.16.840.1.113730.3.1.1 NAME 'carLicense' DESC
>'RFC279
> 8: vehicle license or registration plate' EQUALITY caseIgnoreMatch
>SUBSTR cas
> eIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
>olcAttributeTypes: {1}( 2.16.840.1.113730.3.1.2 NAME 'departmentNumber'
>DESC '
> RFC2798: identifies a department within an organization' EQUALITY
>caseIgnoreM
> atch SUBSTR caseIgnoreSubstringsMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.15 )
>olcAttributeTypes: {2}( 2.16.840.1.113730.3.1.241 NAME 'displayName'
>DESC 'RFC
> 2798: preferred name to be used when displaying entries' EQUALITY
>caseIgnoreM
> atch SUBSTR caseIgnoreSubstringsMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.15 SI
> NGLE-VALUE )
>olcAttributeTypes: {3}( 2.16.840.1.113730.3.1.3 NAME 'employeeNumber'
>DESC 'RF
> C2798: numerically identifies an employee within an organization'
>EQUALITY ca
> seIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
>1.3.6.1.4.1.1466.115.12
> 1.1.15 SINGLE-VALUE )
>olcAttributeTypes: {4}( 2.16.840.1.113730.3.1.4 NAME
>'employeeType' DESC
>'RFC2
> 798: type of employment for a person' EQUALITY caseIgnoreMatch SUBSTR
>caseIgn
> oreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
>olcAttributeTypes: {5}( 0.9.2342.19200300.100.1.60 NAME
>'jpegPhoto' DESC
>'RFC2
> 798: a JPEG image' SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 )
>olcAttributeTypes: {6}( 2.16.840.1.113730.3.1.39 NAME
>'preferredLanguage' DESC
> 'RFC2798: preferred written or spoken language for a person' EQUALITY
>caseIg
> noreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.
> 15 SINGLE-VALUE )
>olcAttributeTypes: {7}( 2.16.840.1.113730.3.1.40 NAME
>'userSMIMECertificate' D
> ESC 'RFC2798: PKCS#7 SignedData used to support S/MIME' SYNTAX
>1.3.6.1.4.1.14
> 66.115.121.1.5 )
>olcAttributeTypes: {8}( 2.16.840.1.113730.3.1.216 NAME
>'userPKCS12' DESC
>'RFC2
> 798: personal identity information, a PKCS #12 PFX' SYNTAX
>1.3.6.1.4.1.1466.1
> 15.121.1.5 )
>olcObjectClasses: {0}( 2.16.840.1.113730.3.2.2 NAME
>'inetOrgPerson' DESC
>'RFC2
> 798: Internet Organizational Person' SUP organizationalPerson
>STRUCTURAL MAY
> ( audio $ businessCategory $ carLicense $ departmentNumber $
>displayName $ em
> ployeeNumber $ employeeType $ givenName $ homePhone $
>homePostalAddress
>$ ini
> tials $ jpegPhoto $ labeledURI $ mail $ manager $ mobile $ o $ pager $
>photo
> $ roomNumber $ secretary $ uid $ userCertificate $
>x500uniqueIdentifier
>$ pre
> ferredLanguage $ userSMIMECertificate $ userPKCS12 ) )
>
>dn: cn={4}samba,cn=schema,cn=config
>objectClass: olcSchemaConfig
>cn: {4}samba
>olcAttributeTypes: {0}( 1.3.6.1.4.1.7165.2.1.24 NAME 'sambaLMPassword'
>DESC 'L
> anManager Password' EQUALITY caseIgnoreIA5Match SYNTAX
>1.3.6.1.4.1.1466.115.1
> 21.1.26{32} SINGLE-VALUE )
>olcAttributeTypes: {1}( 1.3.6.1.4.1.7165.2.1.25 NAME 'sambaNTPassword'
>DESC 'M
> D4 hash of the unicode password' EQUALITY caseIgnoreIA5Match SYNTAX
>1.3.6.1.4
> .1.1466.115.121.1.26{32} SINGLE-VALUE )
>olcAttributeTypes: {2}( 1.3.6.1.4.1.7165.2.1.26 NAME 'sambaAcctFlags'
>DESC 'Ac
> count Flags' EQUALITY caseIgnoreIA5Match SYNTAX
>1.3.6.1.4.1.1466.115.121.1.26
> {16} SINGLE-VALUE )
>olcAttributeTypes: {3}( 1.3.6.1.4.1.7165.2.1.27 NAME 'sambaPwdLastSet'
>DESC 'T
> imestamp of the last password update' EQUALITY integerMatch SYNTAX
>1.3.6.1.4.
> 1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {4}( 1.3.6.1.4.1.7165.2.1.28 NAME
>'sambaPwdCanChange'
>DESC
> 'Timestamp of when the user is allowed to update the
>password' EQUALITY
>integ
> erMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {5}( 1.3.6.1.4.1.7165.2.1.29 NAME
>'sambaPwdMustChange' DESC
> 'Timestamp of when the password will expire' EQUALITY integerMatch
>SYNTAX 1.
> 3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {6}( 1.3.6.1.4.1.7165.2.1.30 NAME 'sambaLogonTime'
>DESC 'Ti
> mestamp of last logon' EQUALITY integerMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.
> 1.27 SINGLE-VALUE )
>olcAttributeTypes: {7}( 1.3.6.1.4.1.7165.2.1.31 NAME 'sambaLogoffTime'
>DESC 'T
> imestamp of last logoff' EQUALITY integerMatch SYNTAX
>1.3.6.1.4.1.1466.115.12
> 1.1.27 SINGLE-VALUE )
>olcAttributeTypes: {8}( 1.3.6.1.4.1.7165.2.1.32 NAME 'sambaKickoffTime'
>DESC '
> Timestamp of when the user will be logged off automatically' EQUALITY
>integer
> Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {9}( 1.3.6.1.4.1.7165.2.1.48 NAME
>'sambaBadPasswordCount' D
> ESC 'Bad password attempt count' EQUALITY integerMatch SYNTAX
>1.3.6.1.4.1.146
> 6.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {10}( 1.3.6.1.4.1.7165.2.1.49 NAME
>'sambaBadPasswordTime' D
> ESC 'Time of the last bad password attempt' EQUALITY integerMatch
>SYNTAX 1.3.
> 6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {11}( 1.3.6.1.4.1.7165.2.1.55 NAME 'sambaLogonHours'
>DESC '
> Logon Hours' EQUALITY caseIgnoreIA5Match SYNTAX
>1.3.6.1.4.1.1466.115.121.1.26
> {42} SINGLE-VALUE )
>olcAttributeTypes: {12}( 1.3.6.1.4.1.7165.2.1.33 NAME 'sambaHomeDrive'
>DESC 'D
> river letter of home directory mapping' EQUALITY caseIgnoreIA5Match
>SYNTAX 1.
> 3.6.1.4.1.1466.115.121.1.26{4} SINGLE-VALUE )
>olcAttributeTypes: {13}( 1.3.6.1.4.1.7165.2.1.34 NAME
>'sambaLogonScript'
>DESC
> 'Logon script path' EQUALITY caseIgnoreMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.
> 1.15{255} SINGLE-VALUE )
>olcAttributeTypes: {14}( 1.3.6.1.4.1.7165.2.1.35 NAME
>'sambaProfilePath'
>DESC
> 'Roaming profile path' EQUALITY caseIgnoreMatch SYNTAX
>1.3.6.1.4.1.1466.115.1
> 21.1.15{255} SINGLE-VALUE )
>olcAttributeTypes: {15}( 1.3.6.1.4.1.7165.2.1.36 NAME
>'sambaUserWorkstations'
> DESC 'List of user workstations the user is allowed to logon to'
>EQUALITY cas
> eIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE )
>olcAttributeTypes: {16}( 1.3.6.1.4.1.7165.2.1.37 NAME 'sambaHomePath'
>DESC 'Ho
> me directory UNC path' EQUALITY caseIgnoreMatch SYNTAX
>1.3.6.1.4.1.1466.115.1
> 21.1.15{128} )
>olcAttributeTypes: {17}( 1.3.6.1.4.1.7165.2.1.38 NAME 'sambaDomainName'
>DESC '
> Windows NT domain to which the user belongs' EQUALITY caseIgnoreMatch
>SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15{128} )
>olcAttributeTypes: {18}( 1.3.6.1.4.1.7165.2.1.47 NAME 'sambaMungedDial'
>DESC '
> Base64 encoded user parameter string' EQUALITY caseExactMatch SYNTAX
>1.3.6.1.
> 4.1.1466.115.121.1.15{1050} )
>olcAttributeTypes: {19}( 1.3.6.1.4.1.7165.2.1.54 NAME
>'sambaPasswordHistory' D
> ESC 'Concatenated MD5 hashes of the salted NT passwords used on this
>account'
> EQUALITY caseIgnoreIA5Match SYNTAX
>1.3.6.1.4.1.1466.115.121.1.26{32} )
>olcAttributeTypes: {20}( 1.3.6.1.4.1.7165.2.1.20 NAME 'sambaSID' DESC
>'Securit
> y ID' EQUALITY caseIgnoreIA5Match SUBSTR caseExactIA5SubstringsMatch
>SYNTAX 1
> .3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE )
>olcAttributeTypes: {21}( 1.3.6.1.4.1.7165.2.1.23 NAME
>'sambaPrimaryGroupSID' D
> ESC 'Primary Group Security ID' EQUALITY caseIgnoreIA5Match SYNTAX
>1.3.6.1.4.
> 1.1466.115.121.1.26{64} SINGLE-VALUE )
>olcAttributeTypes: {22}( 1.3.6.1.4.1.7165.2.1.51 NAME 'sambaSIDList'
>DESC 'Sec
> urity ID List' EQUALITY caseIgnoreIA5Match SYNTAX
>1.3.6.1.4.1.1466.115.121.1.
> 26{64} )
>olcAttributeTypes: {23}( 1.3.6.1.4.1.7165.2.1.19 NAME 'sambaGroupType'
>DESC 'N
> T Group Type' EQUALITY integerMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.27 SING
> LE-VALUE )
>olcAttributeTypes: {24}( 1.3.6.1.4.1.7165.2.1.21 NAME
>'sambaNextUserRid'
>DESC
> 'Next NT rid to give our for users' EQUALITY integerMatch SYNTAX
>1.3.6.1.4.1.
> 1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {25}( 1.3.6.1.4.1.7165.2.1.22 NAME
>'sambaNextGroupRid' DESC
> 'Next NT rid to give out for groups' EQUALITY integerMatch SYNTAX
>1.3.6.1.4.
> 1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {26}( 1.3.6.1.4.1.7165.2.1.39 NAME 'sambaNextRid'
>DESC 'Nex
> t NT rid to give out for anything' EQUALITY integerMatch SYNTAX
>1.3.6.1.4.1.1
> 466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {27}( 1.3.6.1.4.1.7165.2.1.40 NAME
>'sambaAlgorithmicRidBase
> ' DESC 'Base at which the samba RID generation algorithm should
>operate' EQUA
> LITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {28}( 1.3.6.1.4.1.7165.2.1.41 NAME 'sambaShareName'
>DESC 'S
> hare Name' EQUALITY caseIgnoreMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.15 SING
> LE-VALUE )
>olcAttributeTypes: {29}( 1.3.6.1.4.1.7165.2.1.42 NAME 'sambaOptionName'
>DESC '
> Option Name' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
>SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15{256} )
>olcAttributeTypes: {30}( 1.3.6.1.4.1.7165.2.1.43 NAME 'sambaBoolOption'
>DESC '
> A boolean option' EQUALITY booleanMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.7 S
> INGLE-VALUE )
>olcAttributeTypes: {31}( 1.3.6.1.4.1.7165.2.1.44 NAME
>'sambaIntegerOption' DES
> C 'An integer option' EQUALITY integerMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1
> .27 SINGLE-VALUE )
>olcAttributeTypes: {32}( 1.3.6.1.4.1.7165.2.1.45 NAME
>'sambaStringOption' DESC
> 'A string option' EQUALITY caseExactIA5Match SYNTAX
>1.3.6.1.4.1.1466.115.121
> .1.26 SINGLE-VALUE )
>olcAttributeTypes: {33}( 1.3.6.1.4.1.7165.2.1.46 NAME
>'sambaStringListOption'
> DESC 'A string list option' EQUALITY caseIgnoreMatch SYNTAX
>1.3.6.1.4.1.1466.
> 115.121.1.15 )
>olcAttributeTypes: {34}( 1.3.6.1.4.1.7165.2.1.53 NAME 'sambaTrustFlags'
>DESC '
> Trust Password Flags' EQUALITY caseIgnoreIA5Match SYNTAX
>1.3.6.1.4.1.1466.115
> .121.1.26 )
>olcAttributeTypes: {35}( 1.3.6.1.4.1.7165.2.1.58 NAME
>'sambaMinPwdLength' DESC
> 'Minimal password length (default: 5)' EQUALITY integerMatch SYNTAX
>1.3.6.1.
> 4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {36}( 1.3.6.1.4.1.7165.2.1.59 NAME
>'sambaPwdHistoryLength'
> DESC 'Length of Password History Entries (default: 0 => off)' EQUALITY
>intege
> rMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {37}( 1.3.6.1.4.1.7165.2.1.60 NAME
>'sambaLogonToChgPwd' DES
> C 'Force Users to logon for password change (default: 0 => off, 2 =>
>on)' EQU
> ALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {38}( 1.3.6.1.4.1.7165.2.1.61 NAME 'sambaMaxPwdAge'
>DESC 'M
> aximum password age, in seconds (default: -1 => never expire
>passwords)' EQUA
> LITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {39}( 1.3.6.1.4.1.7165.2.1.62 NAME 'sambaMinPwdAge'
>DESC 'M
> inimum password age, in seconds (default: 0 => allow
>immediate password
>chang
> e)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
>SINGLE-VALUE )
>olcAttributeTypes: {40}( 1.3.6.1.4.1.7165.2.1.63 NAME
>'sambaLockoutDuration' D
> ESC 'Lockout duration in minutes (default: 30, -1 =>
>forever)' EQUALITY
>integ
> erMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {41}( 1.3.6.1.4.1.7165.2.1.64 NAME
>'sambaLockoutObservation
> Window' DESC 'Reset time after lockout in minutes (default: 30)'
>EQUALITY int
> egerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {42}( 1.3.6.1.4.1.7165.2.1.65 NAME
>'sambaLockoutThreshold'
> DESC 'Lockout users after bad logon attempts (default: 0 => off)'
>EQUALITY in
> tegerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {43}( 1.3.6.1.4.1.7165.2.1.66 NAME
>'sambaForceLogoff'
>DESC
> 'Disconnect Users outside logon hours (default: -1 => off, 0 => on)'
>EQUALITY
> integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {44}( 1.3.6.1.4.1.7165.2.1.67 NAME
>'sambaRefuseMachinePwdCh
> ange' DESC 'Allow Machine Password changes (default: 0 => off)'
>EQUALITY inte
> gerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {45}( 1.3.6.1.4.1.7165.2.1.68 NAME
>'sambaClearTextPassword'
> DESC 'Clear text password (used for trusted domain passwords)'
>EQUALITY octe
> tStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
>olcAttributeTypes: {46}( 1.3.6.1.4.1.7165.2.1.69 NAME
>'sambaPreviousClearTextP
> assword' DESC 'Previous clear text password (used for trusted domain
>password
> s)' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
>olcAttributeTypes: {47}( 1.3.6.1.4.1.7165.2.1.70 NAME 'sambaTrustType'
>DESC 'T
> ype of trust' EQUALITY integerMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.27 SING
> LE-VALUE )
>olcAttributeTypes: {48}( 1.3.6.1.4.1.7165.2.1.71 NAME
>'sambaTrustAttributes' D
> ESC 'Trust attributes for a trusted domain' EQUALITY integerMatch
>SYNTAX 1.3.
> 6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {49}( 1.3.6.1.4.1.7165.2.1.72 NAME
>'sambaTrustDirection' DE
> SC 'Direction of a trust' EQUALITY integerMatch SYNTAX
>1.3.6.1.4.1.1466.115.1
> 21.1.27 SINGLE-VALUE )
>olcAttributeTypes: {50}( 1.3.6.1.4.1.7165.2.1.73 NAME
>'sambaTrustPartner' DESC
> 'Fully qualified name of the domain with which a trust exists'
>EQUALITY case
> IgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
>olcAttributeTypes: {51}( 1.3.6.1.4.1.7165.2.1.74 NAME 'sambaFlatName'
>DESC 'Ne
> tBIOS name of a domain' EQUALITY caseIgnoreMatch SYNTAX
>1.3.6.1.4.1.1466.115.
> 121.1.15{128} )
>olcAttributeTypes: {52}( 1.3.6.1.4.1.7165.2.1.75 NAME
>'sambaTrustAuthOutgoing'
> DESC 'Authentication information for the outgoing portion of a trust'
>EQUALI
> TY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
>olcAttributeTypes: {53}( 1.3.6.1.4.1.7165.2.1.76 NAME
>'sambaTrustAuthIncoming'
> DESC 'Authentication information for the incoming portion of a trust'
>EQUALI
> TY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
>olcAttributeTypes: {54}( 1.3.6.1.4.1.7165.2.1.77 NAME
>'sambaSecurityIdentifier
> ' DESC 'SID of a trusted domain' EQUALITY caseIgnoreIA5Match SUBSTR
>caseExact
> IA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64}
>SINGLE-VALUE )
>olcAttributeTypes: {55}( 1.3.6.1.4.1.7165.2.1.78 NAME
>'sambaTrustForestTrustIn
> fo' DESC 'Forest trust information for a trusted domain object'
>EQUALITY case
> ExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
>olcAttributeTypes: {56}( 1.3.6.1.4.1.7165.2.1.79 NAME
>'sambaTrustPosixOffset'
> DESC 'POSIX offset of a trust' EQUALITY integerMatch SYNTAX
>1.3.6.1.4.1.1466.
> 115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {57}( 1.3.6.1.4.1.7165.2.1.80 NAME
>'sambaSupportedEncryptio
> nTypes' DESC 'Supported encryption types of a trust' EQUALITY
>integerMatch SY
> NTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcObjectClasses: {0}( 1.3.6.1.4.1.7165.2.2.6 NAME 'sambaSamAccount'
>DESC 'Sam
> ba 3.0 Auxilary SAM Account' SUP top AUXILIARY MUST ( uid $ sambaSID )
>MAY (
> cn $ sambaLMPassword $ sambaNTPassword $ sambaPwdLastSet $
>sambaLogonTime $ s
> ambaLogoffTime $ sambaKickoffTime $ sambaPwdCanChange $
>sambaPwdMustChange $
> sambaAcctFlags $ displayName $ sambaHomePath $ sambaHomeDrive $
>sambaLogonScr
> ipt $ sambaProfilePath $ description $ sambaUserWorkstations $
>sambaPrimaryGr
> oupSID $ sambaDomainName $ sambaMungedDial $ sambaBadPasswordCount $
>sambaBad
> PasswordTime $ sambaPasswordHistory $ sambaLogonHours ) )
>olcObjectClasses: {1}( 1.3.6.1.4.1.7165.2.2.4 NAME 'sambaGroupMapping'
>DESC 'S
> amba Group Mapping' SUP top AUXILIARY MUST ( gidNumber $ sambaSID $
>sambaGrou
> pType ) MAY ( displayName $ description $ sambaSIDList ) )
>olcObjectClasses: {2}( 1.3.6.1.4.1.7165.2.2.14 NAME
>'sambaTrustPassword'
>DESC
> 'Samba Trust Password' SUP top STRUCTURAL MUST ( sambaDomainName $
>sambaNTPas
> sword $ sambaTrustFlags ) MAY ( sambaSID $ sambaPwdLastSet ) )
>olcObjectClasses: {3}( 1.3.6.1.4.1.7165.2.2.15 NAME
>'sambaTrustedDomainPasswor
> d' DESC 'Samba Trusted Domain Password' SUP top STRUCTURAL MUST (
>sambaDomain
> Name $ sambaSID $ sambaClearTextPassword $ sambaPwdLastSet ) MAY
>sambaPreviou
> sClearTextPassword )
>olcObjectClasses: {4}( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' DESC
>'Samba D
> omain Information' SUP top STRUCTURAL MUST ( sambaDomainName
>$ sambaSID
>) MAY
> ( sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $
>sambaAlgorithmicRidB
> ase $ sambaMinPwdLength $ sambaPwdHistoryLength $ sambaLogonToChgPwd $
>sambaM
> axPwdAge $ sambaMinPwdAge $ sambaLockoutDuration $
>sambaLockoutObservationWin
> dow $ sambaLockoutThreshold $ sambaForceLogoff $
>sambaRefuseMachinePwdChange
> ) )
>olcObjectClasses: {5}( 1.3.6.1.4.1.7165.2.2.7 NAME 'sambaUnixIdPool'
>DESC 'Poo
> l for allocating UNIX uids/gids' SUP top AUXILIARY MUST ( uidNumber $
>gidNumb
> er ) )
>olcObjectClasses: {6}( 1.3.6.1.4.1.7165.2.2.8 NAME 'sambaIdmapEntry'
>DESC 'Map
> ping from a SID to an ID' SUP top AUXILIARY MUST sambaSID MAY (
>uidNumber $ g
> idNumber ) )
>olcObjectClasses: {7}( 1.3.6.1.4.1.7165.2.2.9 NAME 'sambaSidEntry' DESC
>'Struc
> tural Class for a SID' SUP top STRUCTURAL MUST sambaSID )
>olcObjectClasses: {8}( 1.3.6.1.4.1.7165.2.2.10 NAME 'sambaConfig' DESC
>'Samba
> Configuration Section' SUP top AUXILIARY MAY description )
>olcObjectClasses: {9}( 1.3.6.1.4.1.7165.2.2.11 NAME 'sambaShare' DESC
>'Samba S
> hare Section' SUP top STRUCTURAL MUST sambaShareName MAY description )
>olcObjectClasses: {10}( 1.3.6.1.4.1.7165.2.2.12 NAME
>'sambaConfigOption'
>DESC
> 'Samba Configuration Option' SUP top STRUCTURAL MUST sambaOptionName
>MAY ( sa
> mbaBoolOption $ sambaIntegerOption $ sambaStringOption $
>sambaStringListoptio
> n $ description ) )
>olcObjectClasses: {11}( 1.3.6.1.4.1.7165.2.2.16 NAME
>'sambaTrustedDomain' DESC
> 'Samba Trusted Domain Object' SUP top STRUCTURAL MUST cn MAY (
>sambaTrustTyp
> e $ sambaTrustAttributes $ sambaTrustDirection $ sambaTrustPartner $
>sambaFla
> tName $ sambaTrustAuthOutgoing $ sambaTrustAuthIncoming $
>sambaSecurityIdenti
> fier $ sambaTrustForestTrustInfo $ sambaTrustPosixOffset $
>sambaSupportedEncr
> yptionTypes ) )
>
>dn: olcBackend={0}hdb,cn=config
>objectClass: olcBackendConfig
>olcBackend: {0}hdb
>
>dn: olcDatabase={-1}frontend,cn=config
>objectClass: olcDatabaseConfig
>objectClass: olcFrontendConfig
>olcDatabase: {-1}frontend
>olcAccess: {0}to * by
>dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external
> ,cn=auth manage by * break
>olcAccess: {1}to dn.exact="" by * read
>olcAccess: {2}to dn.base="cn=Subschema" by * read
>olcSizeLimit: 500
>
>dn: olcDatabase={0}config,cn=config
>objectClass: olcDatabaseConfig
>olcDatabase: {0}config
>olcAccess: {0}to * by
>dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external
> ,cn=auth manage by * break
>
>dn: olcDatabase={1}hdb,cn=config
>objectClass: olcDatabaseConfig
>objectClass: olcHdbConfig
>olcDatabase: {1}hdb
>olcDbDirectory: /var/lib/ldap
>olcSuffix: dc=biomil,dc=se
>olcAccess: {0}to attrs=userPassword,shadowLastChange by self write by
>anonymou
> s auth by dn="cn=admin,dc=biomil,dc=se" write by * none
>olcAccess: {1}to dn.base="" by * read
>olcAccess: {2}to * by self write by dn="cn=admin,dc=biomil,dc=se" write
>by * r
> ead
>olcLastMod: TRUE
>olcRootDN: cn=admin,dc=biomil,dc=se
>olcRootPW: {SSHA}xxxxx
>olcSyncrepl: {0}rid=1 provider=ldap://ch4.biomil.se bindmethod=simple
>binddn="
> cn=admin,dc=biomil,dc=se" credentials=xxxxxxx
>searchbase="dc=biomil,dc=se" lo
> gbase="cn=accesslog"
>logfilter="(&(objectClass=auditWriteObject)(reqResult=0)
> )" schemachecking=on type=refreshAndPersist retry="60 +"
>syncdata=accesslog s
> tarttls=critical tls_reqcert=demand
>olcUpdateRef: ldap://ch4.biomil.se
>olcDbCheckpoint: 512 30
>olcDbConfig: {0}set_cachesize 0 2097152 0
>olcDbConfig: {1}set_lk_max_objects 1500
>olcDbConfig: {2}set_lk_max_locks 1500
>olcDbConfig: {3}set_lk_max_lockers 1500
>olcDbIndex: objectClass eq
>olcDbIndex: uidNumber eq
>olcDbIndex: gidNumber eq
>olcDbIndex: loginShell eq
>olcDbIndex: uid eq,pres,sub
>olcDbIndex: memberUid eq,pres,sub
>olcDbIndex: uniqueMember eq,pres
>olcDbIndex: sambaSID eq
>olcDbIndex: sambaPrimaryGroupSID eq
>olcDbIndex: sambaGroupType eq
>olcDbIndex: sambaSIDList eq
>olcDbIndex: sambaDomainName eq
>olcDbIndex: default sub
>olcDbIndex: entryUUID eq
>olcDbIndex: displayName eq
>olcDbIndex: cn eq
>
>
>=====================================================
>
>Provider:
>ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b cn=config
>
>dn: cn=config
>objectClass: olcGlobal
>cn: config
>olcArgsFile: /var/run/slapd/slapd.args
>olcLogLevel: none
>olcPidFile: /var/run/slapd/slapd.pid
>olcTLSCACertificateFile: /etc/ssl/certs/biomil_ca.crt
>olcTLSCertificateFile: /etc/ssl/certs/ch4_slapd.crt
>olcTLSCertificateKeyFile: /etc/ssl/private/ch4_slapd.key
>olcToolThreads: 1
>
>dn: cn=module{0},cn=config
>objectClass: olcModuleList
>cn: module{0}
>olcModulePath: /usr/lib/ldap
>olcModuleLoad: {0}back_hdb
>olcModuleLoad: {1}syncprov
>olcModuleLoad: {2}accesslog
>
>dn: cn=schema,cn=config
>objectClass: olcSchemaConfig
>cn: schema
>olcObjectIdentifier: OLcfg 1.3.6.1.4.1.4203.1.12.2
>olcObjectIdentifier: OLcfgAt OLcfg:3
>olcObjectIdentifier: OLcfgGlAt OLcfgAt:0
>olcObjectIdentifier: OLcfgBkAt OLcfgAt:1
>olcObjectIdentifier: OLcfgDbAt OLcfgAt:2
>olcObjectIdentifier: OLcfgOvAt OLcfgAt:3
>olcObjectIdentifier: OLcfgCtAt OLcfgAt:4
>olcObjectIdentifier: OLcfgOc OLcfg:4
>olcObjectIdentifier: OLcfgGlOc OLcfgOc:0
>olcObjectIdentifier: OLcfgBkOc OLcfgOc:1
>olcObjectIdentifier: OLcfgDbOc OLcfgOc:2
>olcObjectIdentifier: OLcfgOvOc OLcfgOc:3
>olcObjectIdentifier: OLcfgCtOc OLcfgOc:4
>olcObjectIdentifier: OMsyn 1.3.6.1.4.1.1466.115.121.1
>olcObjectIdentifier: OMsBoolean OMsyn:7
>olcObjectIdentifier: OMsDN OMsyn:12
>olcObjectIdentifier: OMsDirectoryString OMsyn:15
>olcObjectIdentifier: OMsIA5String OMsyn:26
>olcObjectIdentifier: OMsInteger OMsyn:27
>olcObjectIdentifier: OMsOID OMsyn:38
>olcObjectIdentifier: OMsOctetString OMsyn:40
>olcAttributeTypes: ( 2.5.4.0 NAME 'objectClass' DESC 'RFC4512: object
>classes
> of the entity' EQUALITY objectIdentifierMatch SYNTAX
>1.3.6.1.4.1.1466.115.121
> .1.38 )
>olcAttributeTypes: ( 2.5.21.9 NAME 'structuralObjectClass' DESC
>'RFC4512: stru
> ctural object class of entry' EQUALITY objectIdentifierMatch SYNTAX
>1.3.6.1.4
> .1.1466.115.121.1.38 SINGLE-VALUE NO-USER-MODIFICATION USAGE
>directoryOperati
> on )
>olcAttributeTypes: ( 2.5.18.1 NAME 'createTimestamp' DESC
>'RFC4512: time
>which
> object was created' EQUALITY generalizedTimeMatch ORDERING
>generalizedTimeOr
> deringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE
>NO-USER-MODIFIC
> ATION USAGE directoryOperation )
>olcAttributeTypes: ( 2.5.18.2 NAME 'modifyTimestamp' DESC
>'RFC4512: time
>which
> object was last modified' EQUALITY generalizedTimeMatch ORDERING
>generalized
> TimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE
>NO-USER-M
> ODIFICATION USAGE directoryOperation )
>olcAttributeTypes: ( 2.5.18.3 NAME 'creatorsName' DESC
>'RFC4512: name of
>creat
> or' EQUALITY distinguishedNameMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.12 SING
> LE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )
>olcAttributeTypes: ( 2.5.18.4 NAME 'modifiersName' DESC 'RFC4512: name
>of last
> modifier' EQUALITY distinguishedNameMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.
> 12 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )
>olcAttributeTypes: ( 2.5.18.9 NAME 'hasSubordinates' DESC 'X.501: entry
>has ch
> ildren' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
>SINGLE-VALU
> E NO-USER-MODIFICATION USAGE directoryOperation )
>olcAttributeTypes: ( 2.5.18.10 NAME 'subschemaSubentry' DESC 'RFC4512:
>name of
> controlling subschema entry' EQUALITY distinguishedNameMatch SYNTAX
>1.3.6.1.
> 4.1.1466.115.121.1.12 SINGLE-VALUE NO-USER-MODIFICATION USAGE
>directoryOperat
> ion )
>olcAttributeTypes: ( 1.3.6.1.1.20 NAME 'entryDN' DESC 'DN of the entry'
>EQUALI
> TY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
>SINGLE-VALUE N
> O-USER-MODIFICATION USAGE directoryOperation )
>olcAttributeTypes: ( 1.3.6.1.1.16.4 NAME 'entryUUID' DESC 'UUID of the
>entry'
> EQUALITY UUIDMatch ORDERING UUIDOrderingMatch SYNTAX 1.3.6.1.1.16.1
>SINGLE-VA
> LUE NO-USER-MODIFICATION USAGE directoryOperation )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.7 NAME 'entryCSN' DESC
>'change seq
> uence number of the entry content' EQUALITY CSNMatch ORDERING
>CSNOrderingMatc
> h SYNTAX 1.3.6.1.4.1.4203.666.11.2.1{64} SINGLE-VALUE
>NO-USER-MODIFICATION US
> AGE directoryOperation )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.13 NAME 'namingCSN' DESC
>'change s
> equence number of the entry naming (RDN)' EQUALITY CSNMatch ORDERING
>CSNOrder
> ingMatch SYNTAX 1.3.6.1.4.1.4203.666.11.2.1{64} SINGLE-VALUE
>NO-USER-MODIFICA
> TION USAGE directoryOperation )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.23 NAME 'syncreplCookie'
>DESC 'syn
> crepl Cookie for shadow copy' EQUALITY octetStringMatch ORDERING
>octetStringO
> rderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE
>NO-USER-MODIFI
> CATION USAGE dSAOperation )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.25 NAME 'contextCSN' DESC
>'the lar
> gest committed CSN of a context' EQUALITY CSNMatch ORDERING
>CSNOrderingMatch
> SYNTAX 1.3.6.1.4.1.4203.666.11.2.1{64} NO-USER-MODIFICATION USAGE
>dSAOperatio
> n )
>olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.6 NAME 'altServer' DESC
>'RFC4512
> : alternative servers' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 USAGE
>dSAOperatio
> n )
>olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.5 NAME 'namingContexts'
>DESC 'RF
> C4512: naming contexts' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 USAGE
>dSAOperati
> on )
>olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.13 NAME
>'supportedControl'
>DESC
> 'RFC4512: supported controls' SYNTAX 1.3.6.1.4.1.1466.115.121.1.38
>USAGE dSAO
> peration )
>olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.7 NAME
>'supportedExtension' DESC
> 'RFC4512: supported extended operations' SYNTAX
>1.3.6.1.4.1.1466.115.121.1.3
> 8 USAGE dSAOperation )
>olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.15 NAME
>'supportedLDAPVersion' D
> ESC 'RFC4512: supported LDAP versions' SYNTAX
>1.3.6.1.4.1.1466.115.121.1.27 U
> SAGE dSAOperation )
>olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.14 NAME
>'supportedSASLMechanisms
> ' DESC 'RFC4512: supported SASL mechanisms' SYNTAX
>1.3.6.1.4.1.1466.115.121.1
> .15 USAGE dSAOperation )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.1.3.5 NAME 'supportedFeatures'
>DESC 'RFC
> 4512: features supported by the server' EQUALITY objectIdentifierMatch
>SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.10 NAME 'monitorContext'
>DESC 'mon
> itor context' EQUALITY distinguishedNameMatch SYNTAX
>1.3.6.1.4.1.1466.115.121
> .1.12 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.1 NAME
>'configContext' DESC
>'conf
> ig context' EQUALITY distinguishedNameMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1
> .12 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )
>olcAttributeTypes: ( 1.3.6.1.1.4 NAME 'vendorName' DESC 'RFC3045: name
>of impl
> ementation vendor' EQUALITY caseExactMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.
> 15 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )
>olcAttributeTypes: ( 1.3.6.1.1.5 NAME 'vendorVersion' DESC 'RFC3045:
>version o
> f implementation' EQUALITY caseExactMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.1
> 5 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )
>olcAttributeTypes: ( 2.5.18.5 NAME 'administrativeRole' DESC 'RFC3672:
>adminis
> trative role' EQUALITY objectIdentifierMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.
> 1.38 USAGE directoryOperation )
>olcAttributeTypes: ( 2.5.18.6 NAME 'subtreeSpecification' DESC
>'RFC3672:
>subtr
> ee specification' SYNTAX 1.3.6.1.4.1.1466.115.121.1.45 SINGLE-VALUE
>USAGE dir
> ectoryOperation )
>olcAttributeTypes: ( 2.5.21.1 NAME 'dITStructureRules' DESC 'RFC4512:
>DIT stru
> cture rules' EQUALITY integerFirstComponentMatch SYNTAX
>1.3.6.1.4.1.1466.115.
> 121.1.17 USAGE directoryOperation )
>olcAttributeTypes: ( 2.5.21.2 NAME 'dITContentRules' DESC 'RFC4512: DIT
>conten
> t rules' EQUALITY objectIdentifierFirstComponentMatch SYNTAX
>1.3.6.1.4.1.1466
> .115.121.1.16 USAGE directoryOperation )
>olcAttributeTypes: ( 2.5.21.4 NAME 'matchingRules' DESC 'RFC4512:
>matching rul
> es' EQUALITY objectIdentifierFirstComponentMatch SYNTAX
>1.3.6.1.4.1.1466.115.
> 121.1.30 USAGE directoryOperation )
>olcAttributeTypes: ( 2.5.21.5 NAME 'attributeTypes' DESC 'RFC4512:
>attribute t
> ypes' EQUALITY objectIdentifierFirstComponentMatch SYNTAX
>1.3.6.1.4.1.1466.11
> 5.121.1.3 USAGE directoryOperation )
>olcAttributeTypes: ( 2.5.21.6 NAME 'objectClasses' DESC
>'RFC4512: object
>class
> es' EQUALITY objectIdentifierFirstComponentMatch SYNTAX
>1.3.6.1.4.1.1466.115.
> 121.1.37 USAGE directoryOperation )
>olcAttributeTypes: ( 2.5.21.7 NAME 'nameForms' DESC 'RFC4512:
>name forms
>' EQU
> ALITY objectIdentifierFirstComponentMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.3
> 5 USAGE directoryOperation )
>olcAttributeTypes: ( 2.5.21.8 NAME 'matchingRuleUse' DESC 'RFC4512:
>matching r
> ule uses' EQUALITY objectIdentifierFirstComponentMatch SYNTAX
>1.3.6.1.4.1.146
> 6.115.121.1.31 USAGE directoryOperation )
>olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.16 NAME 'ldapSyntaxes'
>DESC 'RFC
> 4512: LDAP syntaxes' EQUALITY objectIdentifierFirstComponentMatch
>SYNTAX 1.3.
> 6.1.4.1.1466.115.121.1.54 USAGE directoryOperation )
>olcAttributeTypes: ( 2.5.4.1 NAME ( 'aliasedObjectName'
>'aliasedEntryName' ) D
> ESC 'RFC4512: name of aliased object' EQUALITY distinguishedNameMatch
>SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
>olcAttributeTypes: ( 2.16.840.1.113730.3.1.34 NAME 'ref' DESC 'RFC3296:
>subord
> inate referral URL' EQUALITY caseExactMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1
> .15 USAGE distributedOperation )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.1.3.1 NAME 'entry' DESC 'OpenLDAP
>ACL en
> try pseudo-attribute' SYNTAX 1.3.6.1.4.1.4203.1.1.1 SINGLE-VALUE
>NO-USER-MODI
> FICATION USAGE dSAOperation )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.1.3.2 NAME 'children' DESC
>'OpenLDAP ACL
> children pseudo-attribute' SYNTAX 1.3.6.1.4.1.4203.1.1.1 SINGLE-VALUE
>NO-USE
> R-MODIFICATION USAGE dSAOperation )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.8 NAME ( 'authzTo'
>'saslAuthzTo' )
> DESC 'proxy authorization targets' EQUALITY authzMatch SYNTAX
>1.3.6.1.4.1.42
> 03.666.2.7 USAGE distributedOperation X-ORDERED 'VALUES' )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.9 NAME ( 'authzFrom'
>'saslAuthzFro
> m' ) DESC 'proxy authorization sources' EQUALITY authzMatch SYNTAX
>1.3.6.1.4.
> 1.4203.666.2.7 USAGE distributedOperation X-ORDERED 'VALUES' )
>olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.119.3 NAME 'entryTtl' DESC
>'RFC2589:
> entry time-to-live' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE
>NO-USE
> R-MODIFICATION USAGE dSAOperation )
>olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.119.4 NAME 'dynamicSubtrees'
>DESC 'R
> FC2589: dynamic subtrees' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
>NO-USER-MODIFI
> CATION USAGE dSAOperation )
>olcAttributeTypes: ( 2.5.4.49 NAME 'distinguishedName' DESC 'RFC4519:
>common s
> upertype of DN attributes' EQUALITY distinguishedNameMatch SYNTAX
>1.3.6.1.4.1
> .1466.115.121.1.12 )
>olcAttributeTypes: ( 2.5.4.41 NAME 'name' DESC 'RFC4519: common
>supertype of n
> ame attributes' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreSubstringsMatch SYN
> TAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
>olcAttributeTypes: ( 2.5.4.3 NAME ( 'cn' 'commonName' ) DESC 'RFC4519:
>common
> name(s) for which the entity is known by' SUP name )
>olcAttributeTypes: ( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' )
>DESC 'R
> FC4519: user identifier' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreSubstrings
> Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>olcAttributeTypes: ( 1.3.6.1.1.1.1.0 NAME 'uidNumber' DESC 'RFC2307: An
>intege
> r uniquely identifying a user in an administrative domain' EQUALITY
>integerMa
> tch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
>SINGLE
> -VALUE )
>olcAttributeTypes: ( 1.3.6.1.1.1.1.1 NAME 'gidNumber' DESC 'RFC2307: An
>intege
> r uniquely identifying a group in an administrative domain' EQUALITY
>integerM
> atch ORDERING integerOrderingMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.27
>SINGL
> E-VALUE )
>olcAttributeTypes: ( 2.5.4.35 NAME 'userPassword' DESC 'RFC4519/2307:
>password
> of user' EQUALITY octetStringMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.40{128}
> )
>olcAttributeTypes: ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI' DESC
>'RFC2079: Uni
> form Resource Identifier with optional label' EQUALITY caseExactMatch
>SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 )
>olcAttributeTypes: ( 2.5.4.13 NAME 'description' DESC 'RFC4519:
>descriptive in
> formation' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
>SYNTAX 1
> .3.6.1.4.1.1466.115.121.1.15{1024} )
>olcAttributeTypes: ( 2.5.4.34 NAME 'seeAlso' DESC 'RFC4519: DN of
>related obje
> ct' SUP distinguishedName )
>olcAttributeTypes: ( OLcfgGlAt:78 NAME 'olcConfigFile' DESC 'File for
>slapd co
> nfiguration directives' EQUALITY caseIgnoreMatch SYNTAX
>OMsDirectoryString SI
> NGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:79 NAME 'olcConfigDir' DESC 'Directory
>for slap
> d configuration backend' EQUALITY caseIgnoreMatch SYNTAX
>OMsDirectoryString S
> INGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:1 NAME 'olcAccess' DESC 'Access Control
>List' E
> QUALITY caseIgnoreMatch SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )
>olcAttributeTypes: ( OLcfgGlAt:86 NAME 'olcAddContentAcl' DESC 'Check
>ACLs aga
> inst content of Add ops' SYNTAX OMsBoolean SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:2 NAME 'olcAllows' DESC 'Allowed set of
>depreca
> ted features' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString )
>olcAttributeTypes: ( OLcfgGlAt:3 NAME 'olcArgsFile' DESC 'File
>for slapd
>comma
> nd line options' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString
>SINGLE-VA
> LUE )
>olcAttributeTypes: ( OLcfgGlAt:5 NAME 'olcAttributeOptions' EQUALITY
>caseIgnor
> eMatch SYNTAX OMsDirectoryString )
>olcAttributeTypes: ( OLcfgGlAt:4 NAME 'olcAttributeTypes' DESC
>'OpenLDAP
>attri
> buteTypes' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
>SYNTAX O
> MsDirectoryString X-ORDERED 'VALUES' )
>olcAttributeTypes: ( OLcfgGlAt:6 NAME 'olcAuthIDRewrite' EQUALITY
>caseIgnoreMa
> tch SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )
>olcAttributeTypes: ( OLcfgGlAt:7 NAME 'olcAuthzPolicy' EQUALITY
>caseIgnoreMatc
> h SYNTAX OMsDirectoryString SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:8 NAME 'olcAuthzRegexp' EQUALITY
>caseIgnoreMatc
> h SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )
>olcAttributeTypes: ( OLcfgGlAt:9 NAME 'olcBackend' DESC 'A type of
>backend' EQ
> UALITY caseIgnoreMatch SYNTAX OMsDirectoryString SINGLE-VALUE
>X-ORDERED
>'SIBL
> INGS' )
>olcAttributeTypes: ( OLcfgGlAt:10 NAME 'olcConcurrency' SYNTAX
>OMsInteger SING
> LE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:11 NAME 'olcConnMaxPending' SYNTAX
>OMsInteger S
> INGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:12 NAME 'olcConnMaxPendingAuth' SYNTAX
>OMsInteg
> er SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:13 NAME 'olcDatabase' DESC 'The backend
>type fo
> r a database instance' SUP olcBackend SINGLE-VALUE X-ORDERED
>'SIBLINGS' )
>olcAttributeTypes: ( OLcfgGlAt:14 NAME 'olcDefaultSearchBase' SYNTAX
>OMsDN SIN
> GLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:15 NAME 'olcDisallows' EQUALITY
>caseIgnoreMatch
> SYNTAX OMsDirectoryString )
>olcAttributeTypes: ( OLcfgGlAt:16 NAME 'olcDitContentRules' DESC
>'OpenLDAP DIT
> content rules' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreSubstringsMatch SYN
> TAX OMsDirectoryString X-ORDERED 'VALUES' )
>olcAttributeTypes: ( OLcfgDbAt:0.20 NAME 'olcExtraAttrs' EQUALITY
>caseIgnoreMa
> tch SYNTAX OMsDirectoryString )
>olcAttributeTypes: ( OLcfgGlAt:17 NAME 'olcGentleHUP' SYNTAX OMsBoolean
>SINGLE
> -VALUE )
>olcAttributeTypes: ( OLcfgDbAt:0.17 NAME 'olcHidden' SYNTAX OMsBoolean
>SINGLE-
> VALUE )
>olcAttributeTypes: ( OLcfgGlAt:18 NAME 'olcIdleTimeout' SYNTAX
>OMsInteger SING
> LE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:19 NAME 'olcInclude' SUP labeledURI )
>olcAttributeTypes: ( OLcfgGlAt:20 NAME 'olcIndexSubstrIfMinLen' SYNTAX
>OMsInte
> ger SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:21 NAME 'olcIndexSubstrIfMaxLen' SYNTAX
>OMsInte
> ger SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:22 NAME 'olcIndexSubstrAnyLen' SYNTAX
>OMsIntege
> r SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:23 NAME 'olcIndexSubstrAnyStep' SYNTAX
>OMsInteg
> er SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:84 NAME 'olcIndexIntLen' SYNTAX
>OMsInteger SING
> LE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:0.4 NAME 'olcLastMod' SYNTAX OMsBoolean
>SINGLE-
> VALUE )
>olcAttributeTypes: ( OLcfgGlAt:85 NAME 'olcLdapSyntaxes' DESC 'OpenLDAP
>ldapSy
> ntax' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
>OMsDir
> ectoryString X-ORDERED 'VALUES' )
>olcAttributeTypes: ( OLcfgDbAt:0.5 NAME 'olcLimits' EQUALITY
>caseIgnoreMatch S
> YNTAX OMsDirectoryString X-ORDERED 'VALUES' )
>olcAttributeTypes: ( OLcfgGlAt:93 NAME 'olcListenerThreads' SYNTAX
>OMsInteger
> SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:26 NAME 'olcLocalSSF' SYNTAX OMsInteger
>SINGLE-
> VALUE )
>olcAttributeTypes: ( OLcfgGlAt:27 NAME 'olcLogFile' SYNTAX
>OMsDirectoryString
> SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:28 NAME 'olcLogLevel' EQUALITY
>caseIgnoreMatch
> SYNTAX OMsDirectoryString )
>olcAttributeTypes: ( OLcfgDbAt:0.6 NAME 'olcMaxDerefDepth' SYNTAX
>OMsInteger S
> INGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:0.16 NAME 'olcMirrorMode' SYNTAX
>OMsBoolean SIN
> GLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:30 NAME 'olcModuleLoad' EQUALITY
>caseIgnoreMatc
> h SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )
>olcAttributeTypes: ( OLcfgGlAt:31 NAME 'olcModulePath' SYNTAX
>OMsDirectoryStri
> ng SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:0.18 NAME 'olcMonitoring' SYNTAX
>OMsBoolean SIN
> GLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:32 NAME 'olcObjectClasses' DESC
>'OpenLDAP
>objec
> t classes' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
>SYNTAX O
> MsDirectoryString X-ORDERED 'VALUES' )
>olcAttributeTypes: ( OLcfgGlAt:33 NAME 'olcObjectIdentifier' EQUALITY
>caseIgno
> reMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX OMsDirectoryString
>X-ORDERED
> 'VALUES' )
>olcAttributeTypes: ( OLcfgGlAt:34 NAME 'olcOverlay' SUP olcDatabase
>SINGLE-VAL
> UE X-ORDERED 'SIBLINGS' )
>olcAttributeTypes: ( OLcfgGlAt:35 NAME 'olcPasswordCryptSaltFormat'
>SYNTAX OMs
> DirectoryString SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:36 NAME 'olcPasswordHash' EQUALITY
>caseIgnoreMa
> tch SYNTAX OMsDirectoryString )
>olcAttributeTypes: ( OLcfgGlAt:37 NAME 'olcPidFile' SYNTAX
>OMsDirectoryString
> SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:38 NAME 'olcPlugin' EQUALITY
>caseIgnoreMatch SY
> NTAX OMsDirectoryString )
>olcAttributeTypes: ( OLcfgGlAt:39 NAME 'olcPluginLogFile' SYNTAX
>OMsDirectoryS
> tring SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:40 NAME 'olcReadOnly' SYNTAX OMsBoolean
>SINGLE-
> VALUE )
>olcAttributeTypes: ( OLcfgGlAt:41 NAME 'olcReferral' SUP labeledURI
>SINGLE-VAL
> UE )
>olcAttributeTypes: ( OLcfgDbAt:0.7 NAME 'olcReplica' SUP labeledURI
>EQUALITY c
> aseIgnoreMatch X-ORDERED 'VALUES' )
>olcAttributeTypes: ( OLcfgGlAt:43 NAME 'olcReplicaArgsFile' SYNTAX
>OMsDirector
> yString SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:44 NAME 'olcReplicaPidFile' SYNTAX
>OMsDirectory
> String SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:45 NAME 'olcReplicationInterval' SYNTAX
>OMsInte
> ger SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:46 NAME 'olcReplogFile' SYNTAX
>OMsDirectoryStri
> ng SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:47 NAME 'olcRequires' EQUALITY
>caseIgnoreMatch
> SYNTAX OMsDirectoryString )
>olcAttributeTypes: ( OLcfgGlAt:48 NAME 'olcRestrict' EQUALITY
>caseIgnoreMatch
> SYNTAX OMsDirectoryString )
>olcAttributeTypes: ( OLcfgGlAt:49 NAME 'olcReverseLookup' SYNTAX
>OMsBoolean SI
> NGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:0.8 NAME 'olcRootDN' EQUALITY
>distinguishedName
> Match SYNTAX OMsDN SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:51 NAME 'olcRootDSE' EQUALITY
>caseIgnoreMatch S
> YNTAX OMsDirectoryString )
>olcAttributeTypes: ( OLcfgDbAt:0.9 NAME 'olcRootPW' SYNTAX
>OMsDirectoryString
> SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:89 NAME 'olcSaslAuxprops' SYNTAX
>OMsDirectorySt
> ring SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:53 NAME 'olcSaslHost' SYNTAX
>OMsDirectoryString
> SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:54 NAME 'olcSaslRealm' SYNTAX
>OMsDirectoryStrin
> g SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:56 NAME 'olcSaslSecProps' SYNTAX
>OMsDirectorySt
> ring SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:58 NAME 'olcSchemaDN' EQUALITY
>distinguishedNam
> eMatch SYNTAX OMsDN SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:59 NAME 'olcSecurity' EQUALITY
>caseIgnoreMatch
> SYNTAX OMsDirectoryString )
>olcAttributeTypes: ( OLcfgGlAt:81 NAME 'olcServerID' EQUALITY
>caseIgnoreMatch
> SYNTAX OMsDirectoryString )
>olcAttributeTypes: ( OLcfgGlAt:60 NAME 'olcSizeLimit' SYNTAX
>OMsDirectoryStrin
> g SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:61 NAME 'olcSockbufMaxIncoming' SYNTAX
>OMsInteg
> er SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:62 NAME 'olcSockbufMaxIncomingAuth'
>SYNTAX OMsI
> nteger SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:83 NAME 'olcSortVals' DESC 'Attributes
>whose va
> lues will always be sorted' EQUALITY caseIgnoreMatch SYNTAX
>OMsDirectoryStrin
> g )
>olcAttributeTypes: ( OLcfgDbAt:0.15 NAME 'olcSubordinate' SYNTAX
>OMsDirectoryS
> tring SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:0.10 NAME 'olcSuffix' EQUALITY
>distinguishedNam
> eMatch SYNTAX OMsDN )
>olcAttributeTypes: ( OLcfgDbAt:0.19 NAME 'olcSyncUseSubentry' DESC
>'Store sync
> context in a subentry' SYNTAX OMsBoolean SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:0.11 NAME 'olcSyncrepl' EQUALITY
>caseIgnoreMatc
> h SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )
>olcAttributeTypes: ( OLcfgGlAt:90 NAME 'olcTCPBuffer' DESC 'Custom TCP
>buffer
> size' SYNTAX OMsDirectoryString )
>olcAttributeTypes: ( OLcfgGlAt:66 NAME 'olcThreads' SYNTAX OMsInteger
>SINGLE-V
> ALUE )
>olcAttributeTypes: ( OLcfgGlAt:67 NAME 'olcTimeLimit' SYNTAX
>OMsDirectoryStrin
> g )
>olcAttributeTypes: ( OLcfgGlAt:68 NAME 'olcTLSCACertificateFile' SYNTAX
>OMsDir
> ectoryString SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:69 NAME 'olcTLSCACertificatePath' SYNTAX
>OMsDir
> ectoryString SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:70 NAME 'olcTLSCertificateFile' SYNTAX
>OMsDirec
> toryString SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:71 NAME
>'olcTLSCertificateKeyFile' SYNTAX
>OMsDi
> rectoryString SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:72 NAME 'olcTLSCipherSuite' SYNTAX
>OMsDirectory
> String SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:73 NAME 'olcTLSCRLCheck' SYNTAX
>OMsDirectoryStr
> ing SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:82 NAME 'olcTLSCRLFile' SYNTAX
>OMsDirectoryStri
> ng SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:74 NAME 'olcTLSRandFile' SYNTAX
>OMsDirectoryStr
> ing SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:75 NAME 'olcTLSVerifyClient' SYNTAX
>OMsDirector
> yString SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:77 NAME 'olcTLSDHParamFile' SYNTAX
>OMsDirectory
> String SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:87 NAME 'olcTLSProtocolMin' SYNTAX
>OMsDirectory
> String SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgGlAt:80 NAME 'olcToolThreads' SYNTAX
>OMsInteger SING
> LE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:0.12 NAME 'olcUpdateDN' SYNTAX OMsDN
>SINGLE-VAL
> UE )
>olcAttributeTypes: ( OLcfgDbAt:0.13 NAME 'olcUpdateRef' SUP labeledURI
>EQUALIT
> Y caseIgnoreMatch )
>olcAttributeTypes: ( OLcfgGlAt:88 NAME 'olcWriteTimeout' SYNTAX
>OMsInteger SIN
> GLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:0.1 NAME 'olcDbDirectory' DESC
>'Directory
>for d
> atabase content' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString
>SINGLE-VA
> LUE )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.5 NAME 'OpenLDAPaci' DESC
>'OpenLDA
> P access control information (experimental)' EQUALITY OpenLDAPaciMatch
>SYNTAX
> 1.3.6.1.4.1.4203.666.2.1 USAGE directoryOperation )
>olcAttributeTypes: ( OLcfgDbAt:1.11 NAME 'olcDbCacheFree' DESC 'Number
>of extr
> a entries to free when max is reached' SYNTAX OMsInteger
>SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:1.1 NAME 'olcDbCacheSize' DESC 'Entry
>cache siz
> e in entries' SYNTAX OMsInteger SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:1.2 NAME 'olcDbCheckpoint' DESC
>'Database
>check
> point interval in kbytes and minutes' SYNTAX OMsDirectoryString
>SINGLE-VALUE
> )
>olcAttributeTypes: ( OLcfgDbAt:1.16 NAME 'olcDbChecksum' DESC 'Enable
>database
> checksum validation' SYNTAX OMsBoolean SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:1.13 NAME 'olcDbCryptFile' DESC
>'Pathname
>of fi
> le containing the DB encryption key' SYNTAX OMsDirectoryString
>SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:1.14 NAME 'olcDbCryptKey' DESC 'DB
>encryption k
> ey' SYNTAX OMsOctetString SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:1.3 NAME 'olcDbConfig' DESC 'BerkeleyDB
>DB_CONF
> IG configuration directives' SYNTAX OMsIA5String X-ORDERED 'VALUES' )
>olcAttributeTypes: ( OLcfgDbAt:1.4 NAME 'olcDbNoSync' DESC 'Disable
>synchronou
> s database writes' SYNTAX OMsBoolean SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:1.15 NAME 'olcDbPageSize' DESC
>'Page size
>of sp
> ecified DB, in Kbytes' EQUALITY caseExactMatch SYNTAX
>OMsDirectoryString )
>olcAttributeTypes: ( OLcfgDbAt:1.5 NAME 'olcDbDirtyRead' DESC 'Allow
>reads of
> uncommitted data' SYNTAX OMsBoolean SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:1.12 NAME 'olcDbDNcacheSize' DESC 'DN
>cache siz
> e' SYNTAX OMsInteger SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:1.6 NAME 'olcDbIDLcacheSize' DESC 'IDL
>cache si
> ze in IDLs' SYNTAX OMsInteger SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:0.2 NAME 'olcDbIndex' DESC 'Attribute
>index par
> ameters' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString )
>olcAttributeTypes: ( OLcfgDbAt:1.7 NAME 'olcDbLinearIndex' DESC 'Index
>attribu
> tes one at a time' SYNTAX OMsBoolean SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:1.8 NAME 'olcDbLockDetect' DESC
>'Deadlock
>detec
> tion algorithm' SYNTAX OMsDirectoryString SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:0.3 NAME 'olcDbMode' DESC 'Unix
>permissions of
> database files' SYNTAX OMsDirectoryString SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:1.9 NAME 'olcDbSearchStack' DESC 'Depth
>of sear
> ch stack in IDLs' SYNTAX OMsInteger SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgDbAt:1.10 NAME 'olcDbShmKey' DESC 'Key for
>shared me
> mory region' SYNTAX OMsInteger SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgOvAt:1.1 NAME 'olcSpCheckpoint' DESC
>'ContextCSN che
> ckpoint interval in ops and minutes' SYNTAX OMsDirectoryString
>SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgOvAt:1.2 NAME 'olcSpSessionlog' DESC 'Session
>log si
> ze in ops' SYNTAX OMsInteger SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgOvAt:1.3 NAME 'olcSpNoPresent' DESC 'Omit
>Present ph
> ase processing' SYNTAX OMsBoolean SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgOvAt:1.4 NAME 'olcSpReloadHint' DESC 'Observe
>Reload
> Hint in Request control' SYNTAX OMsBoolean SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgOvAt:4.1 NAME 'olcAccessLogDB' DESC
>'Suffix of
>datab
> ase for log content' SUP distinguishedName SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgOvAt:4.2 NAME 'olcAccessLogOps' DESC
>'Operation type
> s to log' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString )
>olcAttributeTypes: ( OLcfgOvAt:4.3 NAME 'olcAccessLogPurge' DESC 'Log
>cleanup
> parameters' SYNTAX OMsDirectoryString SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgOvAt:4.4 NAME 'olcAccessLogSuccess' DESC 'Log
>succes
> sful ops only' SYNTAX OMsBoolean SINGLE-VALUE )
>olcAttributeTypes: ( OLcfgOvAt:4.5 NAME 'olcAccessLogOld' DESC 'Log old
>values
> when modifying entries matching the filter' SYNTAX OMsDirectoryString
>SINGLE
> -VALUE )
>olcAttributeTypes: ( OLcfgOvAt:4.6 NAME 'olcAccessLogOldAttr' DESC 'Log
>old va
> lues of these attributes even if unmodified' EQUALITY caseIgnoreMatch
>SYNTAX
> OMsDirectoryString )
>olcAttributeTypes: ( OLcfgOvAt:4.7 NAME 'olcAccessLogBase' DESC
>'Operation typ
> es to log under a specific branch' EQUALITY caseIgnoreMatch SYNTAX
>OMsDirecto
> ryString )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.1 NAME 'reqDN' DESC
>'Target D
> N of request' EQUALITY distinguishedNameMatch SYNTAX OMsDN
>SINGLE-VALUE )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.2 NAME 'reqStart' DESC
>'Start
> time of request' EQUALITY generalizedTimeMatch ORDERING
>generalizedTimeOrder
> ingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.3 NAME 'reqEnd' DESC
>'End tim
> e of request' EQUALITY generalizedTimeMatch ORDERING
>generalizedTimeOrderingM
> atch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.4 NAME 'reqType' DESC
>'Type o
> f request' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString
>SINGLE-VALUE )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.5 NAME 'reqSession'
>DESC 'Ses
> sion ID of request' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString
>SINGLE
> -VALUE )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.6 NAME 'reqAuthzID'
>DESC 'Aut
> horization ID of requestor' EQUALITY distinguishedNameMatch SYNTAX
>OMsDN SING
> LE-VALUE )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.7 NAME
>'reqResult' DESC
>'Resu
> lt code of request' EQUALITY integerMatch ORDERING
>integerOrderingMatch
>SYNTA
> X OMsInteger SINGLE-VALUE )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.8 NAME 'reqMessage'
>DESC 'Err
> or text of request' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreSubstringsMatch
> SYNTAX OMsDirectoryString SINGLE-VALUE )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.9 NAME 'reqReferral'
>DESC 'Re
> ferrals returned for request' SUP labeledURI )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.10 NAME 'reqControls'
>DESC 'R
> equest controls' EQUALITY objectIdentifierFirstComponentMatch SYNTAX
>1.3.6.1.
> 4.1.4203.666.11.5.3.1 X-ORDERED 'VALUES' )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.11 NAME
>'reqRespControls' DES
> C 'Response controls of request' EQUALITY
>objectIdentifierFirstComponentMatch
> SYNTAX 1.3.6.1.4.1.4203.666.11.5.3.1 X-ORDERED 'VALUES' )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.12 NAME 'reqId' DESC
>'ID of R
> equest to Abandon' EQUALITY integerMatch ORDERING integerOrderingMatch
>SYNTAX
> OMsInteger SINGLE-VALUE )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.13 NAME 'reqVersion'
>DESC 'Pr
> otocol version of Bind request' EQUALITY integerMatch ORDERING
>integerOrderin
> gMatch SYNTAX OMsInteger SINGLE-VALUE )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.14 NAME 'reqMethod'
>DESC 'Bin
> d method of request' EQUALITY caseIgnoreMatch SYNTAX
>OMsDirectoryString
>SINGL
> E-VALUE )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.15 NAME 'reqAssertion'
>DESC '
> Compare Assertion of request' SYNTAX OMsDirectoryString SINGLE-VALUE )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.16 NAME 'reqMod' DESC
>'Modifi
> cations of request' EQUALITY octetStringMatch SUBSTR
>octetStringSubstringsMat
> ch SYNTAX OMsOctetString )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.17 NAME 'reqOld' DESC
>'Old va
> lues of entry before request completed' EQUALITY octetStringMatch
>SUBSTR octe
> tStringSubstringsMatch SYNTAX OMsOctetString )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.18 NAME 'reqNewRDN'
>DESC 'New
> RDN of request' EQUALITY distinguishedNameMatch SYNTAX OMsDN
>SINGLE-VALUE )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.19 NAME
>'reqDeleteOldRDN' DES
> C 'Delete old RDN' EQUALITY booleanMatch SYNTAX OMsBoolean
>SINGLE-VALUE )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.20 NAME
>'reqNewSuperior' DESC
> 'New superior DN of request' EQUALITY distinguishedNameMatch SYNTAX
>OMsDN SI
> NGLE-VALUE )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.21 NAME
>'reqScope' DESC
>'Scop
> e of request' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString
>SINGLE-VALUE
> )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.22 NAME
>'reqDerefAliases' DES
> C 'Disposition of Aliases in request' EQUALITY caseIgnoreMatch SYNTAX
>OMsDire
> ctoryString SINGLE-VALUE )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.23 NAME 'reqAttrsOnly'
>DESC '
> Attributes and values of request' EQUALITY booleanMatch SYNTAX
>OMsBoolean SIN
> GLE-VALUE )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.24 NAME 'reqFilter'
>DESC 'Fil
> ter of request' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreSubstringsMatch SYN
> TAX OMsDirectoryString SINGLE-VALUE )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.25 NAME 'reqAttr' DESC
>'Attri
> butes of request' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.26 NAME 'reqSizeLimit'
>DESC '
> Size limit of request' EQUALITY integerMatch ORDERING
>integerOrderingMatch SY
> NTAX OMsInteger SINGLE-VALUE )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.27 NAME 'reqTimeLimit'
>DESC '
> Time limit of request' EQUALITY integerMatch ORDERING
>integerOrderingMatch SY
> NTAX OMsInteger SINGLE-VALUE )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.28 NAME 'reqEntries'
>DESC 'Nu
> mber of entries returned' EQUALITY integerMatch ORDERING
>integerOrderingMatch
> SYNTAX OMsInteger SINGLE-VALUE )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.29 NAME 'reqData' DESC
>'Data
> of extended request' EQUALITY octetStringMatch SUBSTR
>octetStringSubstringsMa
> tch SYNTAX OMsOctetString SINGLE-VALUE )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.30 NAME 'auditContext'
>DESC '
> DN of auditContainer' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
>SINGLE-VALUE
>NO-US
> ER-MODIFICATION USAGE dSAOperation )
>olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.11.5.1.31 NAME 'reqEntryUUID'
>DESC '
> UUID of entry' EQUALITY UUIDMatch ORDERING UUIDOrderingMatch SYNTAX
>1.3.6.1.1
> .16.1 SINGLE-VALUE )
>olcObjectClasses: ( 2.5.6.0 NAME 'top' DESC 'top of the superclass
>chain' ABST
> RACT MUST objectClass )
>olcObjectClasses: ( 1.3.6.1.4.1.1466.101.120.111 NAME
>'extensibleObject'
>DESC
> 'RFC4512: extensible object' SUP top AUXILIARY )
>olcObjectClasses: ( 2.5.6.1 NAME 'alias' DESC 'RFC4512: an alias' SUP
>top STRU
> CTURAL MUST aliasedObjectName )
>olcObjectClasses: ( 2.16.840.1.113730.3.2.6 NAME 'referral' DESC
>'namedref: na
> med subordinate referral' SUP top STRUCTURAL MUST ref )
>olcObjectClasses: ( 1.3.6.1.4.1.4203.1.4.1 NAME ( 'OpenLDAProotDSE'
>'LDAProotD
> SE' ) DESC 'OpenLDAP Root DSE object' SUP top STRUCTURAL MAY cn )
>olcObjectClasses: ( 2.5.17.0 NAME 'subentry' DESC 'RFC3672: subentry'
>SUP top
> STRUCTURAL MUST ( cn $ subtreeSpecification ) )
>olcObjectClasses: ( 2.5.20.1 NAME 'subschema' DESC 'RFC4512:
>controlling
>subsc
> hema (sub)entry' AUXILIARY MAY ( dITStructureRules $ nameForms $
>dITContentRu
> les $ objectClasses $ attributeTypes $ matchingRules $
>matchingRuleUse ) )
>olcObjectClasses: ( 1.3.6.1.4.1.1466.101.119.2 NAME
>'dynamicObject' DESC
>'RFC2
> 589: Dynamic Object' SUP top AUXILIARY )
>olcObjectClasses: ( 1.3.6.1.4.1.4203.666.3.4 NAME 'glue' DESC 'Glue
>Entry' SUP
> top STRUCTURAL )
>olcObjectClasses: ( 1.3.6.1.4.1.4203.666.3.5 NAME
>'syncConsumerSubentry'
>DESC
> 'Persistent Info for SyncRepl Consumer' AUXILIARY MAY syncreplCookie )
>olcObjectClasses: ( 1.3.6.1.4.1.4203.666.3.6 NAME
>'syncProviderSubentry'
>DESC
> 'Persistent Info for SyncRepl Producer' AUXILIARY MAY contextCSN )
>olcObjectClasses: ( OLcfgGlOc:0 NAME 'olcConfig' DESC 'OpenLDAP
>configuration
> object' SUP top ABSTRACT )
>olcObjectClasses: ( OLcfgGlOc:1 NAME 'olcGlobal' DESC 'OpenLDAP Global
>configu
> ration options' SUP olcConfig STRUCTURAL MAY ( cn $ olcConfigFile $
>olcConfig
> Dir $ olcAllows $ olcArgsFile $ olcAttributeOptions $ olcAuthIDRewrite
>$ olcA
> uthzPolicy $ olcAuthzRegexp $ olcConcurrency $ olcConnMaxPending $
>olcConnMax
> PendingAuth $ olcDisallows $ olcGentleHUP $ olcIdleTimeout $
>olcIndexSubstrIf
> MaxLen $ olcIndexSubstrIfMinLen $ olcIndexSubstrAnyLen $
>olcIndexSubstrAnySte
> p $ olcIndexIntLen $ olcLocalSSF $ olcLogFile $ olcLogLevel $
>olcPasswordCryp
> tSaltFormat $ olcPasswordHash $ olcPidFile $ olcPluginLogFile $
>olcReadOnly $
> olcReferral $ olcReplogFile $ olcRequires $ olcRestrict $
>olcReverseLookup $
> olcRootDSE $ olcSaslAuxprops $ olcSaslHost $ olcSaslRealm $
>olcSaslSecProps
> $ olcSecurity $ olcServerID $ olcSizeLimit $ olcSockbufMaxIncoming $
>olcSockb
> ufMaxIncomingAuth $ olcTCPBuffer $ olcThreads $ olcTimeLimit $
>olcTLSCACertif
> icateFile $ olcTLSCACertificatePath $ olcTLSCertificateFile $
>olcTLSCertifica
> teKeyFile $ olcTLSCipherSuite $ olcTLSCRLCheck $ olcTLSRandFile $
>olcTLSVerif
> yClient $ olcTLSDHParamFile $ olcTLSCRLFile $ olcToolThreads $
>olcWriteTimeou
> t $ olcObjectIdentifier $ olcAttributeTypes $ olcObjectClasses $
>olcDitConten
> tRules $ olcLdapSyntaxes ) )
>olcObjectClasses: ( OLcfgGlOc:2 NAME 'olcSchemaConfig' DESC 'OpenLDAP
>schema o
> bject' SUP olcConfig STRUCTURAL MAY ( cn $ olcObjectIdentifier $
>olcLdapSynta
> xes $ olcAttributeTypes $ olcObjectClasses $ olcDitContentRules ) )
>olcObjectClasses: ( OLcfgGlOc:3 NAME 'olcBackendConfig' DESC 'OpenLDAP
>Backend
> -specific options' SUP olcConfig STRUCTURAL MUST olcBackend )
>olcObjectClasses: ( OLcfgGlOc:4 NAME 'olcDatabaseConfig' DESC 'OpenLDAP
>Databa
> se-specific options' SUP olcConfig STRUCTURAL MUST olcDatabase MAY (
>olcHidde
> n $ olcSuffix $ olcSubordinate $ olcAccess $ olcAddContentAcl $
>olcLastMod $
> olcLimits $ olcMaxDerefDepth $ olcPlugin $ olcReadOnly $ olcReplica $
>olcRepl
> icaArgsFile $ olcReplicaPidFile $ olcReplicationInterval $
>olcReplogFile $ ol
> cRequires $ olcRestrict $ olcRootDN $ olcRootPW $ olcSchemaDN $
>olcSecurity $
> olcSizeLimit $ olcSyncUseSubentry $ olcSyncrepl $ olcTimeLimit $
>olcUpdateDN
> $ olcUpdateRef $ olcMirrorMode $ olcMonitoring $ olcExtraAttrs ) )
>olcObjectClasses: ( OLcfgGlOc:5 NAME 'olcOverlayConfig' DESC 'OpenLDAP
>Overlay
> -specific options' SUP olcConfig STRUCTURAL MUST olcOverlay )
>olcObjectClasses: ( OLcfgGlOc:6 NAME 'olcIncludeFile' DESC 'OpenLDAP
>configura
> tion include file' SUP olcConfig STRUCTURAL MUST olcInclude MAY ( cn $
>olcRoo
> tDSE ) )
>olcObjectClasses: ( OLcfgGlOc:7 NAME 'olcFrontendConfig' DESC 'OpenLDAP
>fronte
> nd configuration' AUXILIARY MAY ( olcDefaultSearchBase $
>olcPasswordHash $ ol
> cSortVals ) )
>olcObjectClasses: ( OLcfgGlOc:8 NAME 'olcModuleList' DESC 'OpenLDAP
>dynamic mo
> dule info' SUP olcConfig STRUCTURAL MAY ( cn $ olcModulePath $
>olcModuleLoad
> ) )
>olcObjectClasses: ( OLcfgDbOc:2.1 NAME 'olcLdifConfig' DESC 'LDIF
>backend conf
> iguration' SUP olcDatabaseConfig STRUCTURAL MUST olcDbDirectory )
>olcObjectClasses: ( OLcfgDbOc:1.2 NAME 'olcHdbConfig' DESC 'HDB backend
>config
> uration' SUP olcDatabaseConfig STRUCTURAL MUST olcDbDirectory MAY (
>olcDbCach
> eSize $ olcDbCheckpoint $ olcDbConfig $ olcDbCryptFile $ olcDbCryptKey
>$ olcD
> bNoSync $ olcDbDirtyRead $ olcDbIDLcacheSize $ olcDbIndex $
>olcDbLinearIndex
> $ olcDbLockDetect $ olcDbMode $ olcDbSearchStack $ olcDbShmKey $
>olcDbCacheFr
> ee $ olcDbDNcacheSize $ olcDbPageSize ) )
>olcObjectClasses: ( OLcfgOvOc:1.1 NAME 'olcSyncProvConfig' DESC
>'SyncRepl Prov
> ider configuration' SUP olcOverlayConfig STRUCTURAL MAY (
>olcSpCheckpoint $ o
> lcSpSessionlog $ olcSpNoPresent $ olcSpReloadHint ) )
>olcObjectClasses: ( OLcfgOvOc:4.1 NAME 'olcAccessLogConfig'
>DESC 'Access
>log c
> onfiguration' SUP olcOverlayConfig STRUCTURAL MUST
>olcAccessLogDB MAY (
>olcAc
> cessLogOps $ olcAccessLogPurge $ olcAccessLogSuccess $ olcAccessLogOld
>$ olcA
> ccessLogOldAttr $ olcAccessLogBase ) )
>olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.0 NAME 'auditContainer'
>DESC '
> AuditLog container' SUP top STRUCTURAL MAY ( cn $ reqStart $
>reqEnd ) )
>olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.1 NAME 'auditObject'
>DESC 'Ope
> nLDAP request auditing' SUP top STRUCTURAL MUST ( reqStart $ reqType $
>reqSes
> sion ) MAY ( reqDN $ reqAuthzID $ reqControls $ reqRespControls $
>reqEnd $ re
> qResult $ reqMessage $ reqReferral $ reqEntryUUID ) )
>olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.2 NAME
>'auditReadObject'
>DESC
> 'OpenLDAP read request record' SUP auditObject STRUCTURAL )
>olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.3 NAME
>'auditWriteObject' DESC
> 'OpenLDAP write request record' SUP auditObject STRUCTURAL )
>olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.4 NAME 'auditAbandon'
>DESC 'Ab
> andon operation' SUP auditObject STRUCTURAL MUST reqId )
>olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.5 NAME 'auditAdd' DESC
>'Add op
> eration' SUP auditWriteObject STRUCTURAL MUST reqMod )
>olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.6 NAME 'auditBind' DESC
>'Bind
> operation' SUP auditObject STRUCTURAL MUST ( reqVersion $
>reqMethod ) )
>olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.7 NAME 'auditCompare'
>DESC 'Co
> mpare operation' SUP auditReadObject STRUCTURAL MUST reqAssertion )
>olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.8 NAME 'auditDelete'
>DESC 'Del
> ete operation' SUP auditWriteObject STRUCTURAL MAY reqOld )
>olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.9 NAME 'auditModify'
>DESC 'Mod
> ify operation' SUP auditWriteObject STRUCTURAL MUST reqMod
>MAY reqOld )
>olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.10 NAME 'auditModRDN'
>DESC 'Mo
> dRDN operation' SUP auditWriteObject STRUCTURAL MUST ( reqNewRDN $
>reqDeleteO
> ldRDN ) MAY ( reqNewSuperior $ reqMod $ reqOld ) )
>olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.11 NAME 'auditSearch'
>DESC 'Se
> arch operation' SUP auditReadObject STRUCTURAL MUST ( reqScope $
>reqDerefAlia
> ses $ reqAttrsonly ) MAY ( reqFilter $ reqAttr $ reqEntries $
>reqSizeLimit $
> reqTimeLimit ) )
>olcObjectClasses: ( 1.3.6.1.4.1.4203.666.11.5.2.12 NAME 'auditExtended'
>DESC '
> Extended operation' SUP auditObject STRUCTURAL MAY reqData )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.1 DESC 'ACI Item'
>X-BINARY-TRANS
> FER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.2 DESC 'Access Point'
>X-NOT-HUMA
> N-READABLE 'TRUE' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.3 DESC 'Attribute Type
>Descripti
> on' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.4 DESC 'Audio'
>X-NOT-HUMAN-READA
> BLE 'TRUE' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.5 DESC 'Binary'
>X-NOT-HUMAN-READ
> ABLE 'TRUE' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.6 DESC 'Bit String' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.7 DESC 'Boolean' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.8 DESC 'Certificate'
>X-BINARY-TR
> ANSFER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.9 DESC 'Certificate List'
>X-BINA
> RY-TRANSFER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.10 DESC
>'Certificate Pair'
>X-BIN
> ARY-TRANSFER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.11.10.2.1 DESC 'X.509
>AttributeCertifi
> cate' X-BINARY-TRANSFER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.12 DESC
>'Distinguished Name' )
>olcLdapSyntaxes: ( 1.2.36.79672281.1.5.0 DESC 'RDN' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.13 DESC 'Data Quality' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.14 DESC
>'Delivery Method' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.15 DESC
>'Directory String' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.16 DESC 'DIT Content Rule
>Descri
> ption' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.17 DESC 'DIT Structure
>Rule Desc
> ription' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.19 DESC 'DSA Quality' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.20 DESC 'DSE Type' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.21 DESC
>'Enhanced Guide' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.22 DESC 'Facsimile
>Telephone Num
> ber' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.23 DESC 'Fax'
>X-NOT-HUMAN-READAB
> LE 'TRUE' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.24 DESC
>'Generalized Time' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.25 DESC 'Guide' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.26 DESC 'IA5 String' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.27 DESC 'Integer' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.28 DESC 'JPEG'
>X-NOT-HUMAN-READA
> BLE 'TRUE' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.29 DESC 'Master
>And Shadow
>Acces
> s Points' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.30 DESC 'Matching Rule
>Descripti
> on' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.31 DESC
>'Matching Rule Use
>Descr
> iption' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.32 DESC 'Mail
>Preference' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.33 DESC 'MHS OR
>Address' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.34 DESC 'Name
>And Optional
>UID'
> )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.35 DESC 'Name Form
>Description'
> )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.36 DESC 'Numeric
>String' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.37 DESC 'Object Class
>Descriptio
> n' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.38 DESC 'OID' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.39 DESC 'Other Mailbox' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.40 DESC 'Octet String' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.41 DESC 'Postal
>Address' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.42 DESC 'Protocol
>Information' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.43 DESC 'Presentation
>Address' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.44 DESC
>'Printable String' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.11 DESC 'Country
>String' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.45 DESC
>'SubtreeSpecification' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.49 DESC 'Supported
>Algorithm' X-
> BINARY-TRANSFER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.50 DESC
>'Telephone Number' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.51 DESC 'Teletex Terminal
>Identi
> fier' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.52 DESC 'Telex Number' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.54 DESC 'LDAP Syntax
>Description
> ' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.55 DESC 'Modify Rights' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.56 DESC 'LDAP Schema
>Definition'
> )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.57 DESC 'LDAP Schema
>Description
> ' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.58 DESC 'Substring
>Assertion' )
>olcLdapSyntaxes: ( 1.3.6.1.1.1.0.0 DESC 'RFC2307 NIS Netgroup Triple' )
>olcLdapSyntaxes: ( 1.3.6.1.1.1.0.1 DESC 'RFC2307 Boot Parameter' )
>olcLdapSyntaxes: ( 1.3.6.1.1.15.1 DESC 'Certificate Exact Assertion' )
>olcLdapSyntaxes: ( 1.3.6.1.1.15.2 DESC 'Certificate Assertion' )
>olcLdapSyntaxes: ( 1.3.6.1.1.15.3 DESC 'Certificate Pair Exact
>Assertion' )
>olcLdapSyntaxes: ( 1.3.6.1.1.15.4 DESC 'Certificate Pair Assertion' )
>olcLdapSyntaxes: ( 1.3.6.1.1.15.5 DESC 'Certificate List Exact
>Assertion' )
>olcLdapSyntaxes: ( 1.3.6.1.1.15.6 DESC 'Certificate List Assertion' )
>olcLdapSyntaxes: ( 1.3.6.1.1.15.7 DESC 'Algorithm Identifier' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.11.10.2.2 DESC
>'AttributeCertificate E
> xact Assertion' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.11.10.2.3 DESC
>'AttributeCertificate A
> ssertion' )
>olcLdapSyntaxes: ( 1.3.6.1.1.16.1 DESC 'UUID' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.11.2.1 DESC 'CSN' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.11.2.4 DESC 'CSN SID' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.1.1.1 DESC 'OpenLDAP void' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.2.7 DESC 'OpenLDAP authz' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.2.1 DESC 'OpenLDAP Experimental
>ACI' )
>olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.11.5.3.1 DESC 'Control' )
>
>dn: cn={0}core,cn=schema,cn=config
>objectClass: olcSchemaConfig
>cn: {0}core
>olcAttributeTypes: {0}( 2.5.4.2 NAME 'knowledgeInformation' DESC
>'RFC2256: kno
> wledge information' EQUALITY caseIgnoreMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.
> 1.15{32768} )
>olcAttributeTypes: {1}( 2.5.4.4 NAME ( 'sn' 'surname' ) DESC 'RFC2256:
>last (f
> amily) name(s) for which the entity is known by' SUP name )
>olcAttributeTypes: {2}( 2.5.4.5 NAME 'serialNumber' DESC 'RFC2256:
>serial numb
> er of the entity' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreSubstringsMatch S
> YNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} )
>olcAttributeTypes: {3}( 2.5.4.6 NAME ( 'c' 'countryName' ) DESC
>'RFC2256: ISO-
> 3166 country 2-letter code' SUP name SINGLE-VALUE )
>olcAttributeTypes: {4}( 2.5.4.7 NAME ( 'l' 'localityName' ) DESC
>'RFC2256: loc
> ality which this object resides in' SUP name )
>olcAttributeTypes: {5}( 2.5.4.8 NAME ( 'st'
>'stateOrProvinceName' ) DESC
>'RFC2
> 256: state or province which this object resides in' SUP name )
>olcAttributeTypes: {6}( 2.5.4.9 NAME ( 'street' 'streetAddress' ) DESC
>'RFC225
> 6: street address of this object' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreS
> ubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
>olcAttributeTypes: {7}( 2.5.4.10 NAME ( 'o' 'organizationName' ) DESC
>'RFC2256
> : organization this object belongs to' SUP name )
>olcAttributeTypes: {8}( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' )
>DESC '
> RFC2256: organizational unit this object belongs to' SUP name )
>olcAttributeTypes: {9}( 2.5.4.12 NAME 'title' DESC 'RFC2256: title
>associated
> with the entity' SUP name )
>olcAttributeTypes: {10}( 2.5.4.14 NAME 'searchGuide' DESC 'RFC2256:
>search gui
> de, deprecated by enhancedSearchGuide' SYNTAX
>1.3.6.1.4.1.1466.115.121.1.25 )
>olcAttributeTypes: {11}( 2.5.4.15 NAME 'businessCategory' DESC
>'RFC2256:
>busin
> ess category' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreSubstringsMatch
>SYNTA
> X 1.3.6.1.4.1.1466.115.121.1.15{128} )
>olcAttributeTypes: {12}( 2.5.4.16 NAME 'postalAddress' DESC 'RFC2256:
>postal a
> ddress' EQUALITY caseIgnoreListMatch SUBSTR
>caseIgnoreListSubstringsMatch SYN
> TAX 1.3.6.1.4.1.1466.115.121.1.41 )
>olcAttributeTypes: {13}( 2.5.4.17 NAME 'postalCode' DESC 'RFC2256:
>postal code
> ' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
>1.3.6.1.4.
> 1.1466.115.121.1.15{40} )
>olcAttributeTypes: {14}( 2.5.4.18 NAME 'postOfficeBox' DESC 'RFC2256:
>Post Off
> ice Box' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
>SYNTAX 1.3
> .6.1.4.1.1466.115.121.1.15{40} )
>olcAttributeTypes: {15}( 2.5.4.19 NAME
>'physicalDeliveryOfficeName' DESC
>'RFC2
> 256: Physical Delivery Office Name' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnor
> eSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
>olcAttributeTypes: {16}( 2.5.4.20 NAME 'telephoneNumber' DESC 'RFC2256:
>Teleph
> one Number' EQUALITY telephoneNumberMatch SUBSTR
>telephoneNumberSubstringsMat
> ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} )
>olcAttributeTypes: {17}( 2.5.4.21 NAME 'telexNumber' DESC 'RFC2256:
>Telex Numb
> er' SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 )
>olcAttributeTypes: {18}( 2.5.4.22 NAME 'teletexTerminalIdentifier' DESC
>'RFC22
> 56: Teletex Terminal Identifier' SYNTAX
>1.3.6.1.4.1.1466.115.121.1.51 )
>olcAttributeTypes: {19}( 2.5.4.23 NAME ( 'facsimileTelephoneNumber'
>'fax' ) DE
> SC 'RFC2256: Facsimile (Fax) Telephone Number' SYNTAX
>1.3.6.1.4.1.1466.115.12
> 1.1.22 )
>olcAttributeTypes: {20}( 2.5.4.24 NAME 'x121Address' DESC 'RFC2256:
>X.121 Addr
> ess' EQUALITY numericStringMatch SUBSTR numericStringSubstringsMatch
>SYNTAX 1
> .3.6.1.4.1.1466.115.121.1.36{15} )
>olcAttributeTypes: {21}( 2.5.4.25 NAME 'internationaliSDNNumber' DESC
>'RFC2256
> : international ISDN number' EQUALITY numericStringMatch SUBSTR
>numericString
> SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} )
>olcAttributeTypes: {22}( 2.5.4.26 NAME 'registeredAddress' DESC
>'RFC2256: regi
> stered postal address' SUP postalAddress SYNTAX
>1.3.6.1.4.1.1466.115.121.1.41
> )
>olcAttributeTypes: {23}( 2.5.4.27 NAME 'destinationIndicator' DESC
>'RFC2256: d
> estination indicator' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreSubstringsMat
> ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} )
>olcAttributeTypes: {24}( 2.5.4.28 NAME 'preferredDeliveryMethod' DESC
>'RFC2256
> : preferred delivery method' SYNTAX 1.3.6.1.4.1.1466.115.121.1.14
>SINGLE-VALU
> E )
>olcAttributeTypes: {25}( 2.5.4.29 NAME 'presentationAddress' DESC
>'RFC2256: pr
> esentation address' EQUALITY presentationAddressMatch SYNTAX
>1.3.6.1.4.1.1466
> .115.121.1.43 SINGLE-VALUE )
>olcAttributeTypes: {26}( 2.5.4.30 NAME 'supportedApplicationContext'
>DESC 'RFC
> 2256: supported application context' EQUALITY objectIdentifierMatch
>SYNTAX 1.
> 3.6.1.4.1.1466.115.121.1.38 )
>olcAttributeTypes: {27}( 2.5.4.31 NAME 'member' DESC 'RFC2256:
>member of
>a gro
> up' SUP distinguishedName )
>olcAttributeTypes: {28}( 2.5.4.32 NAME 'owner' DESC 'RFC2256: owner (of
>the ob
> ject)' SUP distinguishedName )
>olcAttributeTypes: {29}( 2.5.4.33 NAME 'roleOccupant' DESC 'RFC2256:
>occupant
> of role' SUP distinguishedName )
>olcAttributeTypes: {30}( 2.5.4.36 NAME 'userCertificate' DESC 'RFC2256:
>X.509
> user certificate, use ;binary' EQUALITY certificateExactMatch SYNTAX
>1.3.6.1.
> 4.1.1466.115.121.1.8 )
>olcAttributeTypes: {31}( 2.5.4.37 NAME 'cACertificate' DESC 'RFC2256:
>X.509 CA
> certificate, use ;binary' EQUALITY certificateExactMatch SYNTAX
>1.3.6.1.4.1.
> 1466.115.121.1.8 )
>olcAttributeTypes: {32}( 2.5.4.38 NAME 'authorityRevocationList' DESC
>'RFC2256
> : X.509 authority revocation list, use ;binary' SYNTAX
>1.3.6.1.4.1.1466.115.1
> 21.1.9 )
>olcAttributeTypes: {33}( 2.5.4.39 NAME 'certificateRevocationList' DESC
>'RFC22
> 56: X.509 certificate revocation list, use ;binary' SYNTAX
>1.3.6.1.4.1.1466.1
> 15.121.1.9 )
>olcAttributeTypes: {34}( 2.5.4.40 NAME 'crossCertificatePair' DESC
>'RFC2256: X
> .509 cross certificate pair, use ;binary' SYNTAX
>1.3.6.1.4.1.1466.115.121.1.1
> 0 )
>olcAttributeTypes: {35}( 2.5.4.42 NAME ( 'givenName' 'gn' ) DESC
>'RFC2256: fir
> st name(s) for which the entity is known by' SUP name )
>olcAttributeTypes: {36}( 2.5.4.43 NAME 'initials' DESC 'RFC2256:
>initials of s
> ome or all of names, but not the surname(s).' SUP name )
>olcAttributeTypes: {37}( 2.5.4.44 NAME 'generationQualifier' DESC
>'RFC2256: na
> me qualifier indicating a generation' SUP name )
>olcAttributeTypes: {38}( 2.5.4.45 NAME 'x500UniqueIdentifier' DESC
>'RFC2256: X
> .500 unique identifier' EQUALITY bitStringMatch SYNTAX
>1.3.6.1.4.1.1466.115.1
> 21.1.6 )
>olcAttributeTypes: {39}( 2.5.4.46 NAME 'dnQualifier' DESC 'RFC2256: DN
>qualifi
> er' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR
>caseIgno
> reSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 )
>olcAttributeTypes: {40}( 2.5.4.47 NAME 'enhancedSearchGuide' DESC
>'RFC2256: en
> hanced search guide' SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 )
>olcAttributeTypes: {41}( 2.5.4.48 NAME 'protocolInformation' DESC
>'RFC2256: pr
> otocol information' EQUALITY protocolInformationMatch SYNTAX
>1.3.6.1.4.1.1466
> .115.121.1.42 )
>olcAttributeTypes: {42}( 2.5.4.50 NAME 'uniqueMember' DESC 'RFC2256:
>unique me
> mber of a group' EQUALITY uniqueMemberMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1
> .34 )
>olcAttributeTypes: {43}( 2.5.4.51 NAME 'houseIdentifier' DESC 'RFC2256:
>house
> identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
>SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15{32768} )
>olcAttributeTypes: {44}( 2.5.4.52 NAME 'supportedAlgorithms' DESC
>'RFC2256: su
> pported algorithms' SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 )
>olcAttributeTypes: {45}( 2.5.4.53 NAME 'deltaRevocationList' DESC
>'RFC2256: de
> lta revocation list; use ;binary' SYNTAX
>1.3.6.1.4.1.1466.115.121.1.9 )
>olcAttributeTypes: {46}( 2.5.4.54 NAME 'dmdName' DESC 'RFC2256: name of
>DMD' S
> UP name )
>olcAttributeTypes: {47}( 2.5.4.65 NAME 'pseudonym' DESC 'X.520(4th):
>pseudonym
> for the object' SUP name )
>olcAttributeTypes: {48}( 0.9.2342.19200300.100.1.3 NAME ( 'mail'
>'rfc822Mailbo
> x' ) DESC 'RFC1274: RFC822 Mailbox' EQUALITY caseIgnoreIA5Match
>SUBSTR ca
> seIgnoreIA5SubstringsMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.26{256} )
>olcAttributeTypes: {49}( 0.9.2342.19200300.100.1.25 NAME ( 'dc'
>'domainCompone
> nt' ) DESC 'RFC1274/2247: domain component' EQUALITY
>caseIgnoreIA5Match
>SUBST
> R caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
>SINGLE-VA
> LUE )
>olcAttributeTypes: {50}( 0.9.2342.19200300.100.1.37 NAME
>'associatedDomain' DE
> SC 'RFC1274: domain associated with object' EQUALITY
>caseIgnoreIA5Match
>SUBST
> R caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
>olcAttributeTypes: {51}( 1.2.840.113549.1.9.1 NAME ( 'email'
>'emailAddress' 'p
> kcs9email' ) DESC 'RFC3280: legacy attribute for email addresses in
>DNs' EQUA
> LITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX
>1.3.6.1.4.
> 1.1466.115.121.1.26{128} )
>olcObjectClasses: {0}( 2.5.6.2 NAME 'country' DESC 'RFC2256: a country'
>SUP to
> p STRUCTURAL MUST c MAY ( searchGuide $ description ) )
>olcObjectClasses: {1}( 2.5.6.3 NAME 'locality' DESC 'RFC2256: a
>locality' SUP
> top STRUCTURAL MAY ( street $ seeAlso $ searchGuide $ st $ l $
>description )
> )
>olcObjectClasses: {2}( 2.5.6.4 NAME 'organization' DESC 'RFC2256: an
>organizat
> ion' SUP top STRUCTURAL MUST o MAY ( userPassword $ searchGuide $
>seeAlso $ b
> usinessCategory $ x121Address $ registeredAddress $
>destinationIndicator $ pr
> eferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
>telephoneNu
> mber $ internationaliSDNNumber $ facsimileTelephoneNumber $ street $
>postOff
> iceBox $ postalCode $ postalAddress $
>physicalDeliveryOfficeName $ st $
>l $ d
> escription ) )
>olcObjectClasses: {3}( 2.5.6.5 NAME 'organizationalUnit' DESC 'RFC2256:
>an org
> anizational unit' SUP top STRUCTURAL MUST ou MAY ( userPassword $
>searchGuide
> $ seeAlso $ businessCategory $ x121Address $ registeredAddress $
>destination
> Indicator $ preferredDeliveryMethod $ telexNumber $
>teletexTerminalIdentifier
> $ telephoneNumber $ internationaliSDNNumber $
>facsimileTelephoneNumber
>$ str
> eet $ postOfficeBox $ postalCode $ postalAddress $
>physicalDeliveryOfficeName
> $ st $ l $ description ) )
>olcObjectClasses: {4}( 2.5.6.6 NAME 'person' DESC 'RFC2256: a person'
>SUP top
> STRUCTURAL MUST ( sn $ cn ) MAY ( userPassword $ telephoneNumber $
>seeAlso $
> description ) )
>olcObjectClasses: {5}( 2.5.6.7 NAME 'organizationalPerson' DESC
>'RFC2256: an o
> rganizational person' SUP person STRUCTURAL MAY ( title $
>x121Address $
>regis
> teredAddress $ destinationIndicator $ preferredDeliveryMethod $
>telexNumber $
> teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber
>$ fac
> simileTelephoneNumber $ street $ postOfficeBox $ postalCode $
>postalAddress $
> physicalDeliveryOfficeName $ ou $ st $ l ) )
>olcObjectClasses: {6}( 2.5.6.8 NAME 'organizationalRole' DESC 'RFC2256:
>an org
> anizational role' SUP top STRUCTURAL MUST cn MAY ( x121Address $
>registeredAd
> dress $ destinationIndicator $ preferredDeliveryMethod $ telexNumber $
>telete
> xTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $
>facsimileTe
> lephoneNumber $ seeAlso $ roleOccupant $ preferredDeliveryMethod $
>street $ p
> ostOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName
>$ ou $
> st $ l $ description ) )
>olcObjectClasses: {7}( 2.5.6.9 NAME 'groupOfNames' DESC 'RFC2256: a
>group of n
> ames (DNs)' SUP top STRUCTURAL MUST ( member $ cn ) MAY (
>businessCategory $
> seeAlso $ owner $ ou $ o $ description ) )
>olcObjectClasses: {8}( 2.5.6.10 NAME 'residentialPerson' DESC 'RFC2256:
>an res
> idential person' SUP person STRUCTURAL MUST l MAY ( businessCategory $
>x121Ad
> dress $ registeredAddress $ destinationIndicator $
>preferredDeliveryMethod $
> telexNumber $ teletexTerminalIdentifier $ telephoneNumber $
>internationaliSDN
> Number $ facsimileTelephoneNumber $ preferredDeliveryMethod $ street $
>postOf
> ficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName $ st
>$ l )
> )
>olcObjectClasses: {9}( 2.5.6.11 NAME 'applicationProcess' DESC
>'RFC2256:
>an ap
> plication process' SUP top STRUCTURAL MUST cn MAY ( seeAlso $ ou $ l $
>descri
> ption ) )
>olcObjectClasses: {10}( 2.5.6.12 NAME 'applicationEntity' DESC
>'RFC2256:
>an ap
> plication entity' SUP top STRUCTURAL MUST ( presentationAddress $ cn )
>MAY (
> supportedApplicationContext $ seeAlso $ ou $ o $ l $ description ) )
>olcObjectClasses: {11}( 2.5.6.13 NAME 'dSA' DESC 'RFC2256: a directory
>system
> agent (a server)' SUP applicationEntity STRUCTURAL MAY
>knowledgeInformation )
>olcObjectClasses: {12}( 2.5.6.14 NAME 'device' DESC 'RFC2256: a device'
>SUP to
> p STRUCTURAL MUST cn MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l
>$ desc
> ription ) )
>olcObjectClasses: {13}( 2.5.6.15 NAME 'strongAuthenticationUser' DESC
>'RFC2256
> : a strong authentication user' SUP top AUXILIARY MUST
>userCertificate )
>olcObjectClasses: {14}( 2.5.6.16 NAME 'certificationAuthority' DESC
>'RFC2256:
> a certificate authority' SUP top AUXILIARY MUST (
>authorityRevocationList $ c
> ertificateRevocationList $ cACertificate ) MAY crossCertificatePair )
>olcObjectClasses: {15}( 2.5.6.17 NAME 'groupOfUniqueNames' DESC
>'RFC2256: a gr
> oup of unique names (DN and Unique Identifier)' SUP top
>STRUCTURAL MUST
>( uni
> queMember $ cn ) MAY ( businessCategory $ seeAlso $ owner $ ou $ o $
>descript
> ion ) )
>olcObjectClasses: {16}( 2.5.6.18 NAME 'userSecurityInformation' DESC
>'RFC2256:
> a user security information' SUP top AUXILIARY MAY (
>supportedAlgorithms ) )
>olcObjectClasses: {17}( 2.5.6.16.2 NAME 'certificationAuthority-V2' SUP
>certif
> icationAuthority AUXILIARY MAY ( deltaRevocationList ) )
>olcObjectClasses: {18}( 2.5.6.19 NAME 'cRLDistributionPoint' SUP top
>STRUCTURA
> L MUST ( cn ) MAY ( certificateRevocationList $
>authorityRevocationList
>$ del
> taRevocationList ) )
>olcObjectClasses: {19}( 2.5.6.20 NAME 'dmd' SUP top STRUCTURAL MUST (
>dmdName
> ) MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
>x121Address
> $ registeredAddress $ destinationIndicator $
>preferredDeliveryMethod $
>telex
> Number $ teletexTerminalIdentifier $ telephoneNumber $
>internationaliSDNNumbe
> r $ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
>postalAd
> dress $ physicalDeliveryOfficeName $ st $ l $ description ) )
>olcObjectClasses: {20}( 2.5.6.21 NAME 'pkiUser' DESC 'RFC2587: a PKI
>user' SUP
> top AUXILIARY MAY userCertificate )
>olcObjectClasses: {21}( 2.5.6.22 NAME 'pkiCA' DESC 'RFC2587: PKI
>certificate a
> uthority' SUP top AUXILIARY MAY ( authorityRevocationList $
>certificateRevoca
> tionList $ cACertificate $ crossCertificatePair ) )
>olcObjectClasses: {22}( 2.5.6.23 NAME 'deltaCRL' DESC 'RFC2587: PKI
>user' SUP
> top AUXILIARY MAY deltaRevocationList )
>olcObjectClasses: {23}( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject'
>DESC 'RFC
> 2079: object that contains the URI attribute type' MAY ( labeledURI )
>SUP top
> AUXILIARY )
>olcObjectClasses: {24}( 0.9.2342.19200300.100.4.19 NAME
>'simpleSecurityObject'
> DESC 'RFC1274: simple security object' SUP top AUXILIARY MUST
>userPassword )
>olcObjectClasses: {25}( 1.3.6.1.4.1.1466.344 NAME 'dcObject' DESC
>'RFC2247: do
> main component object' SUP top AUXILIARY MUST dc )
>olcObjectClasses: {26}( 1.3.6.1.1.3.1 NAME 'uidObject' DESC 'RFC2377:
>uid obje
> ct' SUP top AUXILIARY MUST uid )
>
>dn: cn={1}cosine,cn=schema,cn=config
>objectClass: olcSchemaConfig
>cn: {1}cosine
>olcAttributeTypes: {0}( 0.9.2342.19200300.100.1.2 NAME
>'textEncodedORAddress'
> EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
>1.3.6.1.4.1.
> 1466.115.121.1.15{256} )
>olcAttributeTypes: {1}( 0.9.2342.19200300.100.1.4 NAME 'info' DESC
>'RFC1274: g
> eneral information' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{2048} )
>olcAttributeTypes: {2}( 0.9.2342.19200300.100.1.5 NAME ( 'drink'
>'favouriteDri
> nk' ) DESC 'RFC1274: favorite drink' EQUALITY caseIgnoreMatch SUBSTR
>caseIgno
> reSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>olcAttributeTypes: {3}( 0.9.2342.19200300.100.1.6 NAME
>'roomNumber' DESC
>'RFC1
> 274: room number' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreSubstringsMatch S
> YNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>olcAttributeTypes: {4}( 0.9.2342.19200300.100.1.7 NAME 'photo' DESC
>'RFC1274:
> photo (G3 fax)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.23{25000} )
>olcAttributeTypes: {5}( 0.9.2342.19200300.100.1.8 NAME 'userClass' DESC
>'RFC12
> 74: category of user' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreSubstringsMat
> ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>olcAttributeTypes: {6}( 0.9.2342.19200300.100.1.9 NAME 'host' DESC
>'RFC1274: h
> ost computer' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreSubstringsMatch
>SYNTA
> X 1.3.6.1.4.1.1466.115.121.1.15{256} )
>olcAttributeTypes: {7}( 0.9.2342.19200300.100.1.10 NAME 'manager' DESC
>'RFC127
> 4: DN of manager' EQUALITY distinguishedNameMatch SYNTAX
>1.3.6.1.4.1.1466.115
> .121.1.12 )
>olcAttributeTypes: {8}( 0.9.2342.19200300.100.1.11 NAME
>'documentIdentifier' D
> ESC 'RFC1274: unique identifier of document' EQUALITY caseIgnoreMatch
>SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>olcAttributeTypes: {9}( 0.9.2342.19200300.100.1.12 NAME 'documentTitle'
>DESC '
> RFC1274: title of document' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreSubstri
> ngsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>olcAttributeTypes: {10}( 0.9.2342.19200300.100.1.13 NAME
>'documentVersion' DES
> C 'RFC1274: version of document' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreSu
> bstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>olcAttributeTypes: {11}( 0.9.2342.19200300.100.1.14 NAME
>'documentAuthor' DESC
> 'RFC1274: DN of author of document' EQUALITY distinguishedNameMatch
>SYNTAX 1
> .3.6.1.4.1.1466.115.121.1.12 )
>olcAttributeTypes: {12}( 0.9.2342.19200300.100.1.15 NAME
>'documentLocation' DE
> SC 'RFC1274: location of document original' EQUALITY caseIgnoreMatch
>SUBSTR c
> aseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>olcAttributeTypes: {13}( 0.9.2342.19200300.100.1.20 NAME ( 'homePhone'
>'homeTe
> lephoneNumber' ) DESC 'RFC1274: home telephone number' EQUALITY
>telephoneNumb
> erMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX
>1.3.6.1.4.1.1466.115.121
> .1.50 )
>olcAttributeTypes: {14}( 0.9.2342.19200300.100.1.21 NAME 'secretary'
>DESC 'RFC
> 1274: DN of secretary' EQUALITY distinguishedNameMatch SYNTAX
>1.3.6.1.4.1.146
> 6.115.121.1.12 )
>olcAttributeTypes: {15}( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox'
>SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.39 )
>olcAttributeTypes: {16}( 0.9.2342.19200300.100.1.26 NAME 'aRecord'
>EQUALITY ca
> seIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
>olcAttributeTypes: {17}( 0.9.2342.19200300.100.1.27 NAME 'mDRecord'
>EQUALITY c
> aseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
>olcAttributeTypes: {18}( 0.9.2342.19200300.100.1.28 NAME 'mXRecord'
>EQUALITY c
> aseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
>olcAttributeTypes: {19}( 0.9.2342.19200300.100.1.29 NAME 'nSRecord'
>EQUALITY c
> aseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
>olcAttributeTypes: {20}( 0.9.2342.19200300.100.1.30 NAME 'sOARecord'
>EQUALITY
> caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
>olcAttributeTypes: {21}( 0.9.2342.19200300.100.1.31 NAME 'cNAMERecord'
>EQUALIT
> Y caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
>olcAttributeTypes: {22}( 0.9.2342.19200300.100.1.38 NAME
>'associatedName' DESC
> 'RFC1274: DN of entry associated with domain' EQUALITY
>distinguishedNameMatc
> h SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
>olcAttributeTypes: {23}( 0.9.2342.19200300.100.1.39 NAME
>'homePostalAddress' D
> ESC 'RFC1274: home postal address' EQUALITY caseIgnoreListMatch SUBSTR
>caseIg
> noreListSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
>olcAttributeTypes: {24}( 0.9.2342.19200300.100.1.40 NAME
>'personalTitle'
>DESC
> 'RFC1274: personal title' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreSubstring
> sMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>olcAttributeTypes: {25}( 0.9.2342.19200300.100.1.41 NAME ( 'mobile'
>'mobileTel
> ephoneNumber' ) DESC 'RFC1274: mobile telephone number' EQUALITY
>telephoneNum
> berMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX
>1.3.6.1.4.1.1466.115.12
> 1.1.50 )
>olcAttributeTypes: {26}( 0.9.2342.19200300.100.1.42 NAME ( 'pager'
>'pagerTelep
> honeNumber' ) DESC 'RFC1274: pager telephone number' EQUALITY
>telephoneNumber
> Match SUBSTR telephoneNumberSubstringsMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1
> .50 )
>olcAttributeTypes: {27}( 0.9.2342.19200300.100.1.43 NAME ( 'co'
>'friendlyCount
> ryName' ) DESC 'RFC1274: friendly country name' EQUALITY
>caseIgnoreMatch SUBS
> TR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
>olcAttributeTypes: {28}( 0.9.2342.19200300.100.1.44 NAME
>'uniqueIdentifier' DE
> SC 'RFC1274: unique identifer' EQUALITY caseIgnoreMatch SYNTAX
>1.3.6.1.4.1.14
> 66.115.121.1.15{256} )
>olcAttributeTypes: {29}( 0.9.2342.19200300.100.1.45 NAME
>'organizationalStatus
> ' DESC 'RFC1274: organizational status' EQUALITY
>caseIgnoreMatch SUBSTR
>caseI
> gnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>olcAttributeTypes: {30}( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox'
>DESC '
> RFC1274: Janet mailbox' EQUALITY caseIgnoreIA5Match SUBSTR
>caseIgnoreIA5Subst
> ringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
>olcAttributeTypes: {31}( 0.9.2342.19200300.100.1.47 NAME
>'mailPreferenceOption
> ' DESC 'RFC1274: mail preference option' SYNTAX
>1.3.6.1.4.1.1466.115.121.1.27
> )
>olcAttributeTypes: {32}( 0.9.2342.19200300.100.1.48 NAME 'buildingName'
>DESC '
> RFC1274: name of building' EQUALITY caseIgnoreMatch SUBSTR
>caseIgnoreSubstrin
> gsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>olcAttributeTypes: {33}( 0.9.2342.19200300.100.1.49 NAME 'dSAQuality'
>DESC 'RF
> C1274: DSA Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1.19
>SINGLE-VALUE )
>olcAttributeTypes: {34}( 0.9.2342.19200300.100.1.50 NAME
>'singleLevelQuality'
> DESC 'RFC1274: Single Level Quality' SYNTAX
>1.3.6.1.4.1.1466.115.121.1.13 SIN
> GLE-VALUE )
>olcAttributeTypes: {35}( 0.9.2342.19200300.100.1.51 NAME
>'subtreeMinimumQualit
> y' DESC 'RFC1274: Subtree Mininum Quality' SYNTAX
>1.3.6.1.4.1.1466.115.121.1.
> 13 SINGLE-VALUE )
>olcAttributeTypes: {36}( 0.9.2342.19200300.100.1.52 NAME
>'subtreeMaximumQualit
> y' DESC 'RFC1274: Subtree Maximun Quality' SYNTAX
>1.3.6.1.4.1.1466.115.121.1.
> 13 SINGLE-VALUE )
>olcAttributeTypes: {37}( 0.9.2342.19200300.100.1.53 NAME
>'personalSignature' D
> ESC 'RFC1274: Personal Signature (G3 fax)' SYNTAX
>1.3.6.1.4.1.1466.115.121.1.
> 23 )
>olcAttributeTypes: {38}( 0.9.2342.19200300.100.1.54 NAME 'dITRedirect'
>DESC 'R
> FC1274: DIT Redirect' EQUALITY distinguishedNameMatch SYNTAX
>1.3.6.1.4.1.1466
> .115.121.1.12 )
>olcAttributeTypes: {39}( 0.9.2342.19200300.100.1.55 NAME 'audio' DESC
>'RFC1274
> : audio (u-law)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.4{25000} )
>olcAttributeTypes: {40}( 0.9.2342.19200300.100.1.56 NAME
>'documentPublisher' D
> ESC 'RFC1274: publisher of document' EQUALITY caseIgnoreMatch SUBSTR
>caseIgno
> reSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
>olcObjectClasses: {0}( 0.9.2342.19200300.100.4.4 NAME ( 'pilotPerson'
>'newPilo
> tPerson' ) SUP person STRUCTURAL MAY ( userid $ textEncodedORAddress $
>rfc822
> Mailbox $ favouriteDrink $ roomNumber $ userClass $
>homeTelephoneNumber
>$ hom
> ePostalAddress $ secretary $ personalTitle $ preferredDeliveryMethod $
>busine
> ssCategory $ janetMailbox $ otherMailbox $ mobileTelephoneNumber $
>pagerTelep
> honeNumber $ organizationalStatus $ mailPreferenceOption $
>personalSignature
> ) )
>olcObjectClasses: {1}( 0.9.2342.19200300.100.4.5 NAME 'account' SUP top
>STRUCT
> URAL MUST userid MAY ( description $ seeAlso $ localityName $
>organizationNam
> e $ organizationalUnitName $ host ) )
>olcObjectClasses: {2}( 0.9.2342.19200300.100.4.6 NAME
>'document' SUP top
>STRUC
> TURAL MUST documentIdentifier MAY ( commonName $ description $ seeAlso
>$ loca
> lityName $ organizationName $ organizationalUnitName $ documentTitle $
>docume
> ntVersion $ documentAuthor $ documentLocation $ documentPublisher ) )
>olcObjectClasses: {3}( 0.9.2342.19200300.100.4.7 NAME 'room' SUP top
>STRUCTURA
> L MUST commonName MAY ( roomNumber $ description $ seeAlso $
>telephoneNumber
> ) )
>olcObjectClasses: {4}( 0.9.2342.19200300.100.4.9 NAME 'documentSeries'
>SUP top
> STRUCTURAL MUST commonName MAY ( description $ seeAlso $
>telephonenumber $ l
> ocalityName $ organizationName $ organizationalUnitName ) )
>olcObjectClasses: {5}( 0.9.2342.19200300.100.4.13 NAME 'domain' SUP top
>STRUCT
> URAL MUST domainComponent MAY ( associatedName $ organizationName $
>descripti
> on $ businessCategory $ seeAlso $ searchGuide $ userPassword $
>localityName $
> stateOrProvinceName $ streetAddress $ physicalDeliveryOfficeName $
>postalAdd
> ress $ postalCode $ postOfficeBox $ streetAddress $
>facsimileTelephoneNumber
> $ internationalISDNNumber $ telephoneNumber $
>teletexTerminalIdentifier
>$ tel
> exNumber $ preferredDeliveryMethod $ destinationIndicator $
>registeredAddress
> $ x121Address ) )
>olcObjectClasses: {6}( 0.9.2342.19200300.100.4.14 NAME
>'RFC822localPart'
>SUP d
> omain STRUCTURAL MAY ( commonName $ surname $ description $ seeAlso $
>telepho
> neNumber $ physicalDeliveryOfficeName $ postalAddress $ postalCode $
>postOffi
> ceBox $ streetAddress $ facsimileTelephoneNumber $
>internationalISDNNumber $
> telephoneNumber $ teletexTerminalIdentifier $ telexNumber $
>preferredDelivery
> Method $ destinationIndicator $ registeredAddress $ x121Address ) )
>olcObjectClasses: {7}( 0.9.2342.19200300.100.4.15 NAME 'dNSDomain' SUP
>domain
> STRUCTURAL MAY ( ARecord $ MDRecord $ MXRecord $ NSRecord $
>SOARecord $
>CNAME
> Record ) )
>olcObjectClasses: {8}( 0.9.2342.19200300.100.4.17 NAME
>'domainRelatedObject' D
> ESC 'RFC1274: an object related to an domain' SUP top AUXILIARY MUST
>associat
> edDomain )
>olcObjectClasses: {9}( 0.9.2342.19200300.100.4.18 NAME
>'friendlyCountry'
>SUP c
> ountry STRUCTURAL MUST friendlyCountryName )
>olcObjectClasses: {10}( 0.9.2342.19200300.100.4.20 NAME
>'pilotOrganization' SU
> P ( organization $ organizationalUnit ) STRUCTURAL MAY buildingName )
>olcObjectClasses: {11}( 0.9.2342.19200300.100.4.21 NAME 'pilotDSA' SUP
>dsa STR
> UCTURAL MAY dSAQuality )
>olcObjectClasses: {12}( 0.9.2342.19200300.100.4.22 NAME
>'qualityLabelledData'
> SUP top AUXILIARY MUST dsaQuality MAY ( subtreeMinimumQuality $
>subtreeMaximu
> mQuality ) )
>
>dn: cn={2}nis,cn=schema,cn=config
>objectClass: olcSchemaConfig
>cn: {2}nis
>olcAttributeTypes: {0}( 1.3.6.1.1.1.1.2 NAME 'gecos' DESC 'The GECOS
>field; th
> e common name' EQUALITY caseIgnoreIA5Match SUBSTR
>caseIgnoreIA5SubstringsMatc
> h SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
>olcAttributeTypes: {1}( 1.3.6.1.1.1.1.3 NAME 'homeDirectory' DESC 'The
>absolut
> e path to the home directory' EQUALITY caseExactIA5Match SYNTAX
>1.3.6.1.4.1.1
> 466.115.121.1.26 SINGLE-VALUE )
>olcAttributeTypes: {2}( 1.3.6.1.1.1.1.4 NAME 'loginShell' DESC
>'The path
>to th
> e login shell' EQUALITY caseExactIA5Match SYNTAX
>1.3.6.1.4.1.1466.115.121.1.2
> 6 SINGLE-VALUE )
>olcAttributeTypes: {3}( 1.3.6.1.1.1.1.5 NAME
>'shadowLastChange' EQUALITY
>integ
> erMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {4}( 1.3.6.1.1.1.1.6 NAME 'shadowMin' EQUALITY
>integerMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {5}( 1.3.6.1.1.1.1.7 NAME 'shadowMax' EQUALITY
>integerMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {6}( 1.3.6.1.1.1.1.8 NAME 'shadowWarning' EQUALITY
>integerM
> atch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {7}( 1.3.6.1.1.1.1.9 NAME 'shadowInactive' EQUALITY
>integer
> Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {8}( 1.3.6.1.1.1.1.10 NAME 'shadowExpire' EQUALITY
>integerM
> atch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {9}( 1.3.6.1.1.1.1.11 NAME 'shadowFlag' EQUALITY
>integerMat
> ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {10}( 1.3.6.1.1.1.1.12 NAME 'memberUid' EQUALITY
>caseExactI
> A5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.
> 26 )
>olcAttributeTypes: {11}( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup'
>EQUALITY ca
> seExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX
>1.3.6.1.4.1.1466.11
> 5.121.1.26 )
>olcAttributeTypes: {12}( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple' DESC
>'Netgr
> oup triple' SYNTAX 1.3.6.1.1.1.0.0 )
>olcAttributeTypes: {13}( 1.3.6.1.1.1.1.15 NAME 'ipServicePort' EQUALITY
>intege
> rMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {14}( 1.3.6.1.1.1.1.16 NAME 'ipServiceProtocol' SUP
>name )
>olcAttributeTypes: {15}( 1.3.6.1.1.1.1.17 NAME 'ipProtocolNumber'
>EQUALITY int
> egerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {16}( 1.3.6.1.1.1.1.18 NAME 'oncRpcNumber' EQUALITY
>integer
> Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {17}( 1.3.6.1.1.1.1.19 NAME 'ipHostNumber' DESC 'IP
>address
> ' EQUALITY caseIgnoreIA5Match SYNTAX
>1.3.6.1.4.1.1466.115.121.1.26{128} )
>olcAttributeTypes: {18}( 1.3.6.1.1.1.1.20 NAME 'ipNetworkNumber' DESC
>'IP netw
> ork' EQUALITY caseIgnoreIA5Match SYNTAX
>1.3.6.1.4.1.1466.115.121.1.26{128} SI
> NGLE-VALUE )
>olcAttributeTypes: {19}( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber' DESC
>'IP netm
> ask' EQUALITY caseIgnoreIA5Match SYNTAX
>1.3.6.1.4.1.1466.115.121.1.26{128} SI
> NGLE-VALUE )
>olcAttributeTypes: {20}( 1.3.6.1.1.1.1.22 NAME 'macAddress' DESC 'MAC
>address'
> EQUALITY caseIgnoreIA5Match SYNTAX
>1.3.6.1.4.1.1466.115.121.1.26{128} )
>olcAttributeTypes: {21}( 1.3.6.1.1.1.1.23 NAME 'bootParameter' DESC
>'rpc.bootp
> aramd parameter' SYNTAX 1.3.6.1.1.1.0.1 )
>olcAttributeTypes: {22}( 1.3.6.1.1.1.1.24 NAME 'bootFile' DESC 'Boot
>image nam
> e' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
>olcAttributeTypes: {23}( 1.3.6.1.1.1.1.26 NAME 'nisMapName' SUP name )
>olcAttributeTypes: {24}( 1.3.6.1.1.1.1.27 NAME 'nisMapEntry' EQUALITY
>caseExac
> tIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.
> 1.26{1024} SINGLE-VALUE )
>olcObjectClasses: {0}( 1.3.6.1.1.1.2.0 NAME 'posixAccount' DESC
>'Abstraction o
> f an account with POSIX attributes' SUP top AUXILIARY MUST (
>cn $ uid $
>uidNu
> mber $ gidNumber $ homeDirectory ) MAY ( userPassword $ loginShell $
>gecos $
> description ) )
>olcObjectClasses: {1}( 1.3.6.1.1.1.2.1 NAME 'shadowAccount' DESC
>'Additional a
> ttributes for shadow passwords' SUP top AUXILIARY MUST uid MAY (
>userPassword
> $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $
>shadowInactive
> $ shadowExpire $ shadowFlag $ description ) )
>olcObjectClasses: {2}( 1.3.6.1.1.1.2.2 NAME 'posixGroup' DESC
>'Abstraction of
> a group of accounts' SUP top STRUCTURAL MUST ( cn $ gidNumber ) MAY (
>userPas
> sword $ memberUid $ description ) )
>olcObjectClasses: {3}( 1.3.6.1.1.1.2.3 NAME 'ipService' DESC
>'Abstraction an I
> nternet Protocol service' SUP top STRUCTURAL MUST ( cn $ ipServicePort
>$ ipSe
> rviceProtocol ) MAY description )
>olcObjectClasses: {4}( 1.3.6.1.1.1.2.4 NAME 'ipProtocol' DESC
>'Abstraction of
> an IP protocol' SUP top STRUCTURAL MUST ( cn $ ipProtocolNumber $
>description
> ) MAY description )
>olcObjectClasses: {5}( 1.3.6.1.1.1.2.5 NAME 'oncRpc' DESC 'Abstraction
>of an O
> NC/RPC binding' SUP top STRUCTURAL MUST ( cn $ oncRpcNumber $
>description ) M
> AY description )
>olcObjectClasses: {6}( 1.3.6.1.1.1.2.6 NAME 'ipHost' DESC 'Abstraction
>of a ho
> st, an IP device' SUP top AUXILIARY MUST ( cn $ ipHostNumber ) MAY ( l
>$ desc
> ription $ manager ) )
>olcObjectClasses: {7}( 1.3.6.1.1.1.2.7 NAME 'ipNetwork' DESC
>'Abstraction of a
> n IP network' SUP top STRUCTURAL MUST ( cn $ ipNetworkNumber ) MAY (
>ipNetmas
> kNumber $ l $ description $ manager ) )
>olcObjectClasses: {8}( 1.3.6.1.1.1.2.8 NAME 'nisNetgroup' DESC
>'Abstraction of
> a netgroup' SUP top STRUCTURAL MUST cn MAY ( nisNetgroupTriple $
>memberNisNe
> tgroup $ description ) )
>olcObjectClasses: {9}( 1.3.6.1.1.1.2.9 NAME 'nisMap' DESC 'A generic
>abstracti
> on of a NIS map' SUP top STRUCTURAL MUST nisMapName MAY description )
>olcObjectClasses: {10}( 1.3.6.1.1.1.2.10 NAME 'nisObject' DESC
>'An entry
>in a
> NIS map' SUP top STRUCTURAL MUST ( cn $ nisMapEntry $ nisMapName ) MAY
>descri
> ption )
>olcObjectClasses: {11}( 1.3.6.1.1.1.2.11 NAME 'ieee802Device' DESC 'A
>device w
> ith a MAC address' SUP top AUXILIARY MAY macAddress )
>olcObjectClasses: {12}( 1.3.6.1.1.1.2.12 NAME 'bootableDevice' DESC 'A
>device
> with boot parameters' SUP top AUXILIARY MAY ( bootFile $
>bootParameter ) )
>
>dn: cn={3}inetorgperson,cn=schema,cn=config
>objectClass: olcSchemaConfig
>cn: {3}inetorgperson
>olcAttributeTypes: {0}( 2.16.840.1.113730.3.1.1 NAME 'carLicense' DESC
>'RFC279
> 8: vehicle license or registration plate' EQUALITY caseIgnoreMatch
>SUBSTR cas
> eIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
>olcAttributeTypes: {1}( 2.16.840.1.113730.3.1.2 NAME 'departmentNumber'
>DESC '
> RFC2798: identifies a department within an organization' EQUALITY
>caseIgnoreM
> atch SUBSTR caseIgnoreSubstringsMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.15 )
>olcAttributeTypes: {2}( 2.16.840.1.113730.3.1.241 NAME 'displayName'
>DESC 'RFC
> 2798: preferred name to be used when displaying entries' EQUALITY
>caseIgnoreM
> atch SUBSTR caseIgnoreSubstringsMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.15 SI
> NGLE-VALUE )
>olcAttributeTypes: {3}( 2.16.840.1.113730.3.1.3 NAME 'employeeNumber'
>DESC 'RF
> C2798: numerically identifies an employee within an organization'
>EQUALITY ca
> seIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
>1.3.6.1.4.1.1466.115.12
> 1.1.15 SINGLE-VALUE )
>olcAttributeTypes: {4}( 2.16.840.1.113730.3.1.4 NAME
>'employeeType' DESC
>'RFC2
> 798: type of employment for a person' EQUALITY caseIgnoreMatch SUBSTR
>caseIgn
> oreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
>olcAttributeTypes: {5}( 0.9.2342.19200300.100.1.60 NAME
>'jpegPhoto' DESC
>'RFC2
> 798: a JPEG image' SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 )
>olcAttributeTypes: {6}( 2.16.840.1.113730.3.1.39 NAME
>'preferredLanguage' DESC
> 'RFC2798: preferred written or spoken language for a person' EQUALITY
>caseIg
> noreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.
> 15 SINGLE-VALUE )
>olcAttributeTypes: {7}( 2.16.840.1.113730.3.1.40 NAME
>'userSMIMECertificate' D
> ESC 'RFC2798: PKCS#7 SignedData used to support S/MIME' SYNTAX
>1.3.6.1.4.1.14
> 66.115.121.1.5 )
>olcAttributeTypes: {8}( 2.16.840.1.113730.3.1.216 NAME
>'userPKCS12' DESC
>'RFC2
> 798: personal identity information, a PKCS #12 PFX' SYNTAX
>1.3.6.1.4.1.1466.1
> 15.121.1.5 )
>olcObjectClasses: {0}( 2.16.840.1.113730.3.2.2 NAME
>'inetOrgPerson' DESC
>'RFC2
> 798: Internet Organizational Person' SUP organizationalPerson
>STRUCTURAL MAY
> ( audio $ businessCategory $ carLicense $ departmentNumber $
>displayName $ em
> ployeeNumber $ employeeType $ givenName $ homePhone $
>homePostalAddress
>$ ini
> tials $ jpegPhoto $ labeledURI $ mail $ manager $ mobile $ o $ pager $
>photo
> $ roomNumber $ secretary $ uid $ userCertificate $
>x500uniqueIdentifier
>$ pre
> ferredLanguage $ userSMIMECertificate $ userPKCS12 ) )
>
>dn: cn={4}samba,cn=schema,cn=config
>objectClass: olcSchemaConfig
>cn: {4}samba
>olcAttributeTypes: {0}( 1.3.6.1.4.1.7165.2.1.24 NAME 'sambaLMPassword'
>DESC 'L
> anManager Password' EQUALITY caseIgnoreIA5Match SYNTAX
>1.3.6.1.4.1.1466.115.1
> 21.1.26{32} SINGLE-VALUE )
>olcAttributeTypes: {1}( 1.3.6.1.4.1.7165.2.1.25 NAME 'sambaNTPassword'
>DESC 'M
> D4 hash of the unicode password' EQUALITY caseIgnoreIA5Match SYNTAX
>1.3.6.1.4
> .1.1466.115.121.1.26{32} SINGLE-VALUE )
>olcAttributeTypes: {2}( 1.3.6.1.4.1.7165.2.1.26 NAME 'sambaAcctFlags'
>DESC 'Ac
> count Flags' EQUALITY caseIgnoreIA5Match SYNTAX
>1.3.6.1.4.1.1466.115.121.1.26
> {16} SINGLE-VALUE )
>olcAttributeTypes: {3}( 1.3.6.1.4.1.7165.2.1.27 NAME 'sambaPwdLastSet'
>DESC 'T
> imestamp of the last password update' EQUALITY integerMatch SYNTAX
>1.3.6.1.4.
> 1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {4}( 1.3.6.1.4.1.7165.2.1.28 NAME
>'sambaPwdCanChange'
>DESC
> 'Timestamp of when the user is allowed to update the
>password' EQUALITY
>integ
> erMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {5}( 1.3.6.1.4.1.7165.2.1.29 NAME
>'sambaPwdMustChange' DESC
> 'Timestamp of when the password will expire' EQUALITY integerMatch
>SYNTAX 1.
> 3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {6}( 1.3.6.1.4.1.7165.2.1.30 NAME 'sambaLogonTime'
>DESC 'Ti
> mestamp of last logon' EQUALITY integerMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.
> 1.27 SINGLE-VALUE )
>olcAttributeTypes: {7}( 1.3.6.1.4.1.7165.2.1.31 NAME 'sambaLogoffTime'
>DESC 'T
> imestamp of last logoff' EQUALITY integerMatch SYNTAX
>1.3.6.1.4.1.1466.115.12
> 1.1.27 SINGLE-VALUE )
>olcAttributeTypes: {8}( 1.3.6.1.4.1.7165.2.1.32 NAME 'sambaKickoffTime'
>DESC '
> Timestamp of when the user will be logged off automatically' EQUALITY
>integer
> Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {9}( 1.3.6.1.4.1.7165.2.1.48 NAME
>'sambaBadPasswordCount' D
> ESC 'Bad password attempt count' EQUALITY integerMatch SYNTAX
>1.3.6.1.4.1.146
> 6.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {10}( 1.3.6.1.4.1.7165.2.1.49 NAME
>'sambaBadPasswordTime' D
> ESC 'Time of the last bad password attempt' EQUALITY integerMatch
>SYNTAX 1.3.
> 6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {11}( 1.3.6.1.4.1.7165.2.1.55 NAME 'sambaLogonHours'
>DESC '
> Logon Hours' EQUALITY caseIgnoreIA5Match SYNTAX
>1.3.6.1.4.1.1466.115.121.1.26
> {42} SINGLE-VALUE )
>olcAttributeTypes: {12}( 1.3.6.1.4.1.7165.2.1.33 NAME 'sambaHomeDrive'
>DESC 'D
> river letter of home directory mapping' EQUALITY caseIgnoreIA5Match
>SYNTAX 1.
> 3.6.1.4.1.1466.115.121.1.26{4} SINGLE-VALUE )
>olcAttributeTypes: {13}( 1.3.6.1.4.1.7165.2.1.34 NAME
>'sambaLogonScript'
>DESC
> 'Logon script path' EQUALITY caseIgnoreMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.
> 1.15{255} SINGLE-VALUE )
>olcAttributeTypes: {14}( 1.3.6.1.4.1.7165.2.1.35 NAME
>'sambaProfilePath'
>DESC
> 'Roaming profile path' EQUALITY caseIgnoreMatch SYNTAX
>1.3.6.1.4.1.1466.115.1
> 21.1.15{255} SINGLE-VALUE )
>olcAttributeTypes: {15}( 1.3.6.1.4.1.7165.2.1.36 NAME
>'sambaUserWorkstations'
> DESC 'List of user workstations the user is allowed to logon to'
>EQUALITY cas
> eIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE )
>olcAttributeTypes: {16}( 1.3.6.1.4.1.7165.2.1.37 NAME 'sambaHomePath'
>DESC 'Ho
> me directory UNC path' EQUALITY caseIgnoreMatch SYNTAX
>1.3.6.1.4.1.1466.115.1
> 21.1.15{128} )
>olcAttributeTypes: {17}( 1.3.6.1.4.1.7165.2.1.38 NAME 'sambaDomainName'
>DESC '
> Windows NT domain to which the user belongs' EQUALITY caseIgnoreMatch
>SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15{128} )
>olcAttributeTypes: {18}( 1.3.6.1.4.1.7165.2.1.47 NAME 'sambaMungedDial'
>DESC '
> Base64 encoded user parameter string' EQUALITY caseExactMatch SYNTAX
>1.3.6.1.
> 4.1.1466.115.121.1.15{1050} )
>olcAttributeTypes: {19}( 1.3.6.1.4.1.7165.2.1.54 NAME
>'sambaPasswordHistory' D
> ESC 'Concatenated MD5 hashes of the salted NT passwords used on this
>account'
> EQUALITY caseIgnoreIA5Match SYNTAX
>1.3.6.1.4.1.1466.115.121.1.26{32} )
>olcAttributeTypes: {20}( 1.3.6.1.4.1.7165.2.1.20 NAME 'sambaSID' DESC
>'Securit
> y ID' EQUALITY caseIgnoreIA5Match SUBSTR caseExactIA5SubstringsMatch
>SYNTAX 1
> .3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE )
>olcAttributeTypes: {21}( 1.3.6.1.4.1.7165.2.1.23 NAME
>'sambaPrimaryGroupSID' D
> ESC 'Primary Group Security ID' EQUALITY caseIgnoreIA5Match SYNTAX
>1.3.6.1.4.
> 1.1466.115.121.1.26{64} SINGLE-VALUE )
>olcAttributeTypes: {22}( 1.3.6.1.4.1.7165.2.1.51 NAME 'sambaSIDList'
>DESC 'Sec
> urity ID List' EQUALITY caseIgnoreIA5Match SYNTAX
>1.3.6.1.4.1.1466.115.121.1.
> 26{64} )
>olcAttributeTypes: {23}( 1.3.6.1.4.1.7165.2.1.19 NAME 'sambaGroupType'
>DESC 'N
> T Group Type' EQUALITY integerMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.27 SING
> LE-VALUE )
>olcAttributeTypes: {24}( 1.3.6.1.4.1.7165.2.1.21 NAME
>'sambaNextUserRid'
>DESC
> 'Next NT rid to give our for users' EQUALITY integerMatch SYNTAX
>1.3.6.1.4.1.
> 1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {25}( 1.3.6.1.4.1.7165.2.1.22 NAME
>'sambaNextGroupRid' DESC
> 'Next NT rid to give out for groups' EQUALITY integerMatch SYNTAX
>1.3.6.1.4.
> 1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {26}( 1.3.6.1.4.1.7165.2.1.39 NAME 'sambaNextRid'
>DESC 'Nex
> t NT rid to give out for anything' EQUALITY integerMatch SYNTAX
>1.3.6.1.4.1.1
> 466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {27}( 1.3.6.1.4.1.7165.2.1.40 NAME
>'sambaAlgorithmicRidBase
> ' DESC 'Base at which the samba RID generation algorithm should
>operate' EQUA
> LITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {28}( 1.3.6.1.4.1.7165.2.1.41 NAME 'sambaShareName'
>DESC 'S
> hare Name' EQUALITY caseIgnoreMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.15 SING
> LE-VALUE )
>olcAttributeTypes: {29}( 1.3.6.1.4.1.7165.2.1.42 NAME 'sambaOptionName'
>DESC '
> Option Name' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
>SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15{256} )
>olcAttributeTypes: {30}( 1.3.6.1.4.1.7165.2.1.43 NAME 'sambaBoolOption'
>DESC '
> A boolean option' EQUALITY booleanMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.7 S
> INGLE-VALUE )
>olcAttributeTypes: {31}( 1.3.6.1.4.1.7165.2.1.44 NAME
>'sambaIntegerOption' DES
> C 'An integer option' EQUALITY integerMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1
> .27 SINGLE-VALUE )
>olcAttributeTypes: {32}( 1.3.6.1.4.1.7165.2.1.45 NAME
>'sambaStringOption' DESC
> 'A string option' EQUALITY caseExactIA5Match SYNTAX
>1.3.6.1.4.1.1466.115.121
> .1.26 SINGLE-VALUE )
>olcAttributeTypes: {33}( 1.3.6.1.4.1.7165.2.1.46 NAME
>'sambaStringListOption'
> DESC 'A string list option' EQUALITY caseIgnoreMatch SYNTAX
>1.3.6.1.4.1.1466.
> 115.121.1.15 )
>olcAttributeTypes: {34}( 1.3.6.1.4.1.7165.2.1.53 NAME 'sambaTrustFlags'
>DESC '
> Trust Password Flags' EQUALITY caseIgnoreIA5Match SYNTAX
>1.3.6.1.4.1.1466.115
> .121.1.26 )
>olcAttributeTypes: {35}( 1.3.6.1.4.1.7165.2.1.58 NAME
>'sambaMinPwdLength' DESC
> 'Minimal password length (default: 5)' EQUALITY integerMatch SYNTAX
>1.3.6.1.
> 4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {36}( 1.3.6.1.4.1.7165.2.1.59 NAME
>'sambaPwdHistoryLength'
> DESC 'Length of Password History Entries (default: 0 => off)' EQUALITY
>intege
> rMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {37}( 1.3.6.1.4.1.7165.2.1.60 NAME
>'sambaLogonToChgPwd' DES
> C 'Force Users to logon for password change (default: 0 => off, 2 =>
>on)' EQU
> ALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {38}( 1.3.6.1.4.1.7165.2.1.61 NAME 'sambaMaxPwdAge'
>DESC 'M
> aximum password age, in seconds (default: -1 => never expire
>passwords)' EQUA
> LITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {39}( 1.3.6.1.4.1.7165.2.1.62 NAME 'sambaMinPwdAge'
>DESC 'M
> inimum password age, in seconds (default: 0 => allow
>immediate password
>chang
> e)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
>SINGLE-VALUE )
>olcAttributeTypes: {40}( 1.3.6.1.4.1.7165.2.1.63 NAME
>'sambaLockoutDuration' D
> ESC 'Lockout duration in minutes (default: 30, -1 =>
>forever)' EQUALITY
>integ
> erMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {41}( 1.3.6.1.4.1.7165.2.1.64 NAME
>'sambaLockoutObservation
> Window' DESC 'Reset time after lockout in minutes (default: 30)'
>EQUALITY int
> egerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {42}( 1.3.6.1.4.1.7165.2.1.65 NAME
>'sambaLockoutThreshold'
> DESC 'Lockout users after bad logon attempts (default: 0 => off)'
>EQUALITY in
> tegerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {43}( 1.3.6.1.4.1.7165.2.1.66 NAME
>'sambaForceLogoff'
>DESC
> 'Disconnect Users outside logon hours (default: -1 => off, 0 => on)'
>EQUALITY
> integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {44}( 1.3.6.1.4.1.7165.2.1.67 NAME
>'sambaRefuseMachinePwdCh
> ange' DESC 'Allow Machine Password changes (default: 0 => off)'
>EQUALITY inte
> gerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {45}( 1.3.6.1.4.1.7165.2.1.68 NAME
>'sambaClearTextPassword'
> DESC 'Clear text password (used for trusted domain passwords)'
>EQUALITY octe
> tStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
>olcAttributeTypes: {46}( 1.3.6.1.4.1.7165.2.1.69 NAME
>'sambaPreviousClearTextP
> assword' DESC 'Previous clear text password (used for trusted domain
>password
> s)' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
>olcAttributeTypes: {47}( 1.3.6.1.4.1.7165.2.1.70 NAME 'sambaTrustType'
>DESC 'T
> ype of trust' EQUALITY integerMatch SYNTAX
>1.3.6.1.4.1.1466.115.121.1.27 SING
> LE-VALUE )
>olcAttributeTypes: {48}( 1.3.6.1.4.1.7165.2.1.71 NAME
>'sambaTrustAttributes' D
> ESC 'Trust attributes for a trusted domain' EQUALITY integerMatch
>SYNTAX 1.3.
> 6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {49}( 1.3.6.1.4.1.7165.2.1.72 NAME
>'sambaTrustDirection' DE
> SC 'Direction of a trust' EQUALITY integerMatch SYNTAX
>1.3.6.1.4.1.1466.115.1
> 21.1.27 SINGLE-VALUE )
>olcAttributeTypes: {50}( 1.3.6.1.4.1.7165.2.1.73 NAME
>'sambaTrustPartner' DESC
> 'Fully qualified name of the domain with which a trust exists'
>EQUALITY case
> IgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
>olcAttributeTypes: {51}( 1.3.6.1.4.1.7165.2.1.74 NAME 'sambaFlatName'
>DESC 'Ne
> tBIOS name of a domain' EQUALITY caseIgnoreMatch SYNTAX
>1.3.6.1.4.1.1466.115.
> 121.1.15{128} )
>olcAttributeTypes: {52}( 1.3.6.1.4.1.7165.2.1.75 NAME
>'sambaTrustAuthOutgoing'
> DESC 'Authentication information for the outgoing portion of a trust'
>EQUALI
> TY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
>olcAttributeTypes: {53}( 1.3.6.1.4.1.7165.2.1.76 NAME
>'sambaTrustAuthIncoming'
> DESC 'Authentication information for the incoming portion of a trust'
>EQUALI
> TY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
>olcAttributeTypes: {54}( 1.3.6.1.4.1.7165.2.1.77 NAME
>'sambaSecurityIdentifier
> ' DESC 'SID of a trusted domain' EQUALITY caseIgnoreIA5Match SUBSTR
>caseExact
> IA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64}
>SINGLE-VALUE )
>olcAttributeTypes: {55}( 1.3.6.1.4.1.7165.2.1.78 NAME
>'sambaTrustForestTrustIn
> fo' DESC 'Forest trust information for a trusted domain object'
>EQUALITY case
> ExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
>olcAttributeTypes: {56}( 1.3.6.1.4.1.7165.2.1.79 NAME
>'sambaTrustPosixOffset'
> DESC 'POSIX offset of a trust' EQUALITY integerMatch SYNTAX
>1.3.6.1.4.1.1466.
> 115.121.1.27 SINGLE-VALUE )
>olcAttributeTypes: {57}( 1.3.6.1.4.1.7165.2.1.80 NAME
>'sambaSupportedEncryptio
> nTypes' DESC 'Supported encryption types of a trust' EQUALITY
>integerMatch SY
> NTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
>olcObjectClasses: {0}( 1.3.6.1.4.1.7165.2.2.6 NAME 'sambaSamAccount'
>DESC 'Sam
> ba 3.0 Auxilary SAM Account' SUP top AUXILIARY MUST ( uid $ sambaSID )
>MAY (
> cn $ sambaLMPassword $ sambaNTPassword $ sambaPwdLastSet $
>sambaLogonTime $ s
> ambaLogoffTime $ sambaKickoffTime $ sambaPwdCanChange $
>sambaPwdMustChange $
> sambaAcctFlags $ displayName $ sambaHomePath $ sambaHomeDrive $
>sambaLogonScr
> ipt $ sambaProfilePath $ description $ sambaUserWorkstations $
>sambaPrimaryGr
> oupSID $ sambaDomainName $ sambaMungedDial $ sambaBadPasswordCount $
>sambaBad
> PasswordTime $ sambaPasswordHistory $ sambaLogonHours ) )
>olcObjectClasses: {1}( 1.3.6.1.4.1.7165.2.2.4 NAME 'sambaGroupMapping'
>DESC 'S
> amba Group Mapping' SUP top AUXILIARY MUST ( gidNumber $ sambaSID $
>sambaGrou
> pType ) MAY ( displayName $ description $ sambaSIDList ) )
>olcObjectClasses: {2}( 1.3.6.1.4.1.7165.2.2.14 NAME
>'sambaTrustPassword'
>DESC
> 'Samba Trust Password' SUP top STRUCTURAL MUST ( sambaDomainName $
>sambaNTPas
> sword $ sambaTrustFlags ) MAY ( sambaSID $ sambaPwdLastSet ) )
>olcObjectClasses: {3}( 1.3.6.1.4.1.7165.2.2.15 NAME
>'sambaTrustedDomainPasswor
> d' DESC 'Samba Trusted Domain Password' SUP top STRUCTURAL MUST (
>sambaDomain
> Name $ sambaSID $ sambaClearTextPassword $ sambaPwdLastSet ) MAY
>sambaPreviou
> sClearTextPassword )
>olcObjectClasses: {4}( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' DESC
>'Samba D
> omain Information' SUP top STRUCTURAL MUST ( sambaDomainName
>$ sambaSID
>) MAY
> ( sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $
>sambaAlgorithmicRidB
> ase $ sambaMinPwdLength $ sambaPwdHistoryLength $ sambaLogonToChgPwd $
>sambaM
> axPwdAge $ sambaMinPwdAge $ sambaLockoutDuration $
>sambaLockoutObservationWin
> dow $ sambaLockoutThreshold $ sambaForceLogoff $
>sambaRefuseMachinePwdChange
> ) )
>olcObjectClasses: {5}( 1.3.6.1.4.1.7165.2.2.7 NAME 'sambaUnixIdPool'
>DESC 'Poo
> l for allocating UNIX uids/gids' SUP top AUXILIARY MUST ( uidNumber $
>gidNumb
> er ) )
>olcObjectClasses: {6}( 1.3.6.1.4.1.7165.2.2.8 NAME 'sambaIdmapEntry'
>DESC 'Map
> ping from a SID to an ID' SUP top AUXILIARY MUST sambaSID MAY (
>uidNumber $ g
> idNumber ) )
>olcObjectClasses: {7}( 1.3.6.1.4.1.7165.2.2.9 NAME 'sambaSidEntry' DESC
>'Struc
> tural Class for a SID' SUP top STRUCTURAL MUST sambaSID )
>olcObjectClasses: {8}( 1.3.6.1.4.1.7165.2.2.10 NAME 'sambaConfig' DESC
>'Samba
> Configuration Section' SUP top AUXILIARY MAY description )
>olcObjectClasses: {9}( 1.3.6.1.4.1.7165.2.2.11 NAME 'sambaShare' DESC
>'Samba S
> hare Section' SUP top STRUCTURAL MUST sambaShareName MAY description )
>olcObjectClasses: {10}( 1.3.6.1.4.1.7165.2.2.12 NAME
>'sambaConfigOption'
>DESC
> 'Samba Configuration Option' SUP top STRUCTURAL MUST sambaOptionName
>MAY ( sa
> mbaBoolOption $ sambaIntegerOption $ sambaStringOption $
>sambaStringListoptio
> n $ description ) )
>olcObjectClasses: {11}( 1.3.6.1.4.1.7165.2.2.16 NAME
>'sambaTrustedDomain' DESC
> 'Samba Trusted Domain Object' SUP top STRUCTURAL MUST cn MAY (
>sambaTrustTyp
> e $ sambaTrustAttributes $ sambaTrustDirection $ sambaTrustPartner $
>sambaFla
> tName $ sambaTrustAuthOutgoing $ sambaTrustAuthIncoming $
>sambaSecurityIdenti
> fier $ sambaTrustForestTrustInfo $ sambaTrustPosixOffset $
>sambaSupportedEncr
> yptionTypes ) )
>
>dn: olcBackend={0}hdb,cn=config
>objectClass: olcBackendConfig
>olcBackend: {0}hdb
>
>dn: olcDatabase={-1}frontend,cn=config
>objectClass: olcDatabaseConfig
>objectClass: olcFrontendConfig
>olcDatabase: {-1}frontend
>olcAccess: {0}to * by
>dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external
> ,cn=auth manage by * break
>olcAccess: {1}to dn.exact="" by * read
>olcAccess: {2}to dn.base="cn=Subschema" by * read
>olcSizeLimit: 500
>
>dn: olcDatabase={0}config,cn=config
>objectClass: olcDatabaseConfig
>olcDatabase: {0}config
>olcAccess: {0}to * by
>dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external
> ,cn=auth manage by * break
>
>dn: olcDatabase={1}hdb,cn=config
>objectClass: olcDatabaseConfig
>objectClass: olcHdbConfig
>olcDatabase: {1}hdb
>olcDbDirectory: /var/lib/ldap
>olcSuffix: dc=biomil,dc=se
>olcAccess: {0}to attrs=userPassword,shadowLastChange by self write by
>anonymou
> s auth by dn="cn=admin,dc=biomil,dc=se" write by * none
>olcAccess: {1}to dn.base="" by * read
>olcAccess: {2}to * by self write by dn="cn=admin,dc=biomil,dc=se" write
>by * r
> ead
>olcLastMod: TRUE
>olcRootDN: cn=admin,dc=biomil,dc=se
>olcRootPW: {SSHA}xxxxx
>olcDbCheckpoint: 512 30
>olcDbConfig: {0}set_cachesize 0 2097152 0
>olcDbConfig: {1}set_lk_max_objects 1500
>olcDbConfig: {2}set_lk_max_locks 1500
>olcDbConfig: {3}set_lk_max_lockers 1500
>olcDbIndex: objectClass eq
>olcDbIndex: uidNumber eq
>olcDbIndex: gidNumber eq
>olcDbIndex: loginShell eq
>olcDbIndex: uid eq,pres,sub
>olcDbIndex: memberUid eq,pres,sub
>olcDbIndex: uniqueMember eq,pres
>olcDbIndex: sambaSID eq
>olcDbIndex: sambaPrimaryGroupSID eq
>olcDbIndex: sambaGroupType eq
>olcDbIndex: sambaSIDList eq
>olcDbIndex: sambaDomainName eq
>olcDbIndex: default sub
>olcDbIndex: entryCSN eq
>olcDbIndex: entryUUID eq
>olcDbIndex: displayName eq
>olcDbIndex: cn eq
>
>dn: olcOverlay={0}syncprov,olcDatabase={1}hdb,cn=config
>objectClass: olcOverlayConfig
>objectClass: olcSyncProvConfig
>olcOverlay: {0}syncprov
>olcSpNoPresent: TRUE
>
>dn: olcOverlay={1}accesslog,olcDatabase={1}hdb,cn=config
>objectClass: olcOverlayConfig
>objectClass: olcAccessLogConfig
>olcOverlay: {1}accesslog
>olcAccessLogDB: cn=accesslog
>olcAccessLogOps: writes
>olcAccessLogPurge: 07+00:00 01+00:00
>olcAccessLogSuccess: TRUE
>
>dn: olcDatabase={2}hdb,cn=config
>objectClass: olcDatabaseConfig
>objectClass: olcHdbConfig
>olcDatabase: {2}hdb
>olcDbDirectory: /var/lib/ldap/accesslog
>olcSuffix: cn=accesslog
>olcRootDN: cn=admin,dc=biomil,dc=se
>olcDbIndex: default eq
>olcDbIndex: entryCSN,objectClass,reqEnd,reqResult,reqStart
>
>dn: olcOverlay={0}syncprov,olcDatabase={2}hdb,cn=config
>objectClass: olcOverlayConfig
>objectClass: olcSyncProvConfig
>olcOverlay: {0}syncprov
>olcSpNoPresent: TRUE
>olcSpReloadHint: TRUE
>
>
>=====================
>
>
>Den 2014-09-12 12:17, L.P.H. van Belle skrev:
>> which kind of ldap repliction do you use?
>> syncrepl or a master-slave setup.
>>
>> for you firewall in this setup..
>> master slave1 ( slave2)
>>
>> open on slave1 port 636 for ip of master. ( and temporarily
>389 for testing without tls)
>> same for slave2
>>
>> with syncrepl. make sure you have stopped nslcd first before
>changing anything.
>> even, i removed it because of problems caused by nslcd...
>>
>> can you post the ldap configs for the master and slave (
>anonymized )
>> so we can have a better look.
>>
>> Greetz,
>>
>> Louis
>>
>>> -----Oorspronkelijk bericht-----
>>> Van: daniel.tamm at biomil.se
>>> [mailto:samba-bounces at lists.samba.org] Namens Daniel Tamm
>>> Verzonden: vrijdag 12 september 2014 9:22
>>> Aan: samba at lists.samba.org
>>> Onderwerp: [Samba] LDAP push replication through firewall
>>>
>>> I have 3 Samba PDC servers with OpenLDAP backends, all at different
>>> locations. The replication to the 2 consumers works fine when the
>>> consumer's slapd is recently restarted, but if changes in the LDAP
>>> database occur later on, the consumers do not pick up this update.
>>> Again, restarting slapd on the consumers pulls in the update. Also,
>>> updates done shortly afterwards (say a couple of minutes) will
>>> propagate
>>> to the consumers.
>>>
>>> So my question is if this can be firewall related, and what
>ports need
>>> to be opened on which side in order to allow the propagation to work
>>> all-time?
>>> By the way, all LDAP traffic uses Start-TLS.
>>>
>>> Thanks!
>>> Daniel
>>> --
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions: https://lists.samba.org/mailman/options/samba
>>>
>>>
>>
>
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list