+attributetype ( 1.3.6.1.4.1.9586.100.4.4.46
+ NAME 'totpSeed'
+ DESC 'Seed for TOTP authentication'
+ EQUALITY octetStringMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
+
+attributetype ( 1.3.6.1.4.1.9586.100.4.2.47
+ NAME 'sshfpHostname'
+ DESC 'Additional FQDN of the server on which to publish SSHFP records'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
+
+# Public object classes
+
+objectclass ( 1.3.6.1.4.1.9586.100.4.1.1
+ NAME 'debianAccount'
+ DESC 'Abstraction of an account with POSIX attributes and UTF8 support'
+ SUP top AUXILIARY
+ MUST ( cn $ uid $ uidNumber $ gidNumber )
+ MAY ( userPassword $ loginShell $ gecos $ homeDirectory $ description $ mailDisableMessage $ sudoPassword $ webPassword $ rtcPassword $ totpSeed ) )
+
+objectclass ( 1.3.6.1.4.1.9586.100.4.1.2
+ NAME 'debianGroup'
+ SUP top STRUCTURAL
+ DESC 'attributes used for Debian groups'
+ MUST ( gid $ gidNumber )
+ MAY ( cn $ description $ subGroup $ accountStatus ) )