# .41 - sshdistAuthKeysHost
# .42 - dnsTTL
# .43 - webPassword
+# .44 - rtcPassword
+# .45 - rebootPolicy
+# .46 - totpSeed
+# .47 - sshfpHostname
#
# .3 - experimental LDAP objectClasses
# .1 - debianDeveloper
# .13 - whitelist
# .14 - bATVToken
# .15 - mailDefaultOptions
+# .16 - mailPreserveSuffixSeparator
# Public attribute types
attributetype ( 1.3.6.1.4.1.9586.100.4.2.1
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
+attributetype ( 1.3.6.1.4.1.9586.100.4.2.44
+ NAME 'rtcPassword'
+ DESC 'rtc password for SIP/XMPP'
+ EQUALITY octetStringMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
+
# Experimental attribute types
# There are existing schemas for doing DNS in LDAP; would one of
EQUALITY booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
+attributetype ( 1.3.6.1.4.1.9586.100.4.4.16
+ NAME 'mailPreserveSuffixSeparator'
+ DESC 'suffix serparator'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{1} )
+
attributetype ( 1.3.6.1.4.1.9586.100.4.2.38
NAME 'mailContentInspectionAction'
DESC 'what to do on content inspection hits'
attributetype ( 1.3.6.1.4.1.9586.100.4.2.41
NAME ( 'sshdistAuthKeysHost' )
+ DESC 'Additional hosts/addresess from which to accept ssh connections to the ud-ldap distribution host (db.DOMAIN)'
SUP ipHostNumber )
attributetype ( 1.3.6.1.4.1.9586.100.4.4.42
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
+attributetype ( 1.3.6.1.4.1.9586.100.4.4.45
+ NAME 'rebootPolicy'
+ DESC 'which procedure to use for rebooting this host'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
+
+attributetype ( 1.3.6.1.4.1.9586.100.4.4.46
+ NAME 'totpSeed'
+ DESC 'Seed for TOTP authentication'
+ EQUALITY octetStringMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
+
+attributetype ( 1.3.6.1.4.1.9586.100.4.2.47
+ NAME 'sshfpHostname'
+ DESC 'Additional FQDN of the server on which to publish SSHFP records'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
+
# Public object classes
objectclass ( 1.3.6.1.4.1.9586.100.4.1.1
DESC 'Abstraction of an account with POSIX attributes and UTF8 support'
SUP top AUXILIARY
MUST ( cn $ uid $ uidNumber $ gidNumber )
- MAY ( userPassword $ loginShell $ gecos $ homeDirectory $ description $ mailDisableMessage $ sudoPassword $ webPassword ) )
+ MAY ( userPassword $ loginShell $ gecos $ homeDirectory $ description $ mailDisableMessage $ sudoPassword $ webPassword $ rtcPassword $ totpSeed ) )
objectclass ( 1.3.6.1.4.1.9586.100.4.1.2
NAME 'debianGroup'
onVacation $ privateSub $ sshRSAAuthKey $ supplementaryGid $
access $ gender $ birthDate $ mailCallout $ mailGreylisting $
mailRBL $ mailRHSBL $ mailWhitelist $ VoIP $ mailContentInspectionAction $
- bATVToken $ mailDefaultOptions
+ bATVToken $ mailDefaultOptions $ mailPreserveSuffixSeparator
) )
objectclass ( 1.3.6.1.4.1.9586.100.4.3.2
distribution $ l $ machine $ memory $ sponsor $
sponsor-admin $ status $ physicalHost $ ipHostNumber $ dnsTTL $
sshRSAHostKey $ purpose $ allowedGroups $ exportOptions $ MXRecord $
- sshdistAuthKeysHost
+ sshdistAuthKeysHost $ rebootPolicy $ sshfpHostname
) )
objectclass ( 1.3.6.1.4.1.9586.100.4.3.3
MAY ( emailForward $ supplementaryGid $ allowedHost $ labeledURI $
mailCallout $ mailGreylisting $ mailRBL $ mailRHSBL $
mailWhitelist $ dnsZoneEntry $ mailContentInspectionAction $
- bATVToken $ mailDefaultOptions $ sshRSAAuthKey
+ bATVToken $ mailDefaultOptions $ sshRSAAuthKey $ mailPreserveSuffixSeparator
) )