# .40 - exportOptions
# .41 - sshdistAuthKeysHost
# .42 - dnsTTL
+# .43 - webPassword
+# .44 - rtcPassword
+# .45 - rebootPolicy
+# .46 - totpSeed
+# .47 - sshfpHostname
#
# .3 - experimental LDAP objectClasses
# .1 - debianDeveloper
# .13 - whitelist
# .14 - bATVToken
# .15 - mailDefaultOptions
+# .16 - mailPreserveSuffixSeparator
# Public attribute types
attributetype ( 1.3.6.1.4.1.9586.100.4.2.1
SUBSTR caseExactIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
-attributetype ( 1.3.6.1.4.1.9586.100.4.2.30
- NAME 'gender'
- DESC 'ISO 5218 representation of human gender'
- EQUALITY integerMatch
- SINGLE-VALUE
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.27{1} )
+#attributetype ( 1.3.6.1.4.1.9586.100.4.2.30
+# NAME 'gender'
+# DESC 'ISO 5218 representation of human gender'
+# EQUALITY integerMatch
+# SINGLE-VALUE
+# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27{1} )
attributetype ( 1.3.6.1.4.1.9586.100.4.2.31
NAME 'birthDate'
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+attributetype ( 1.3.6.1.4.1.9586.100.4.2.43
+ NAME 'webPassword'
+ DESC 'web password for SSO'
+ EQUALITY octetStringMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
+
+attributetype ( 1.3.6.1.4.1.9586.100.4.2.44
+ NAME 'rtcPassword'
+ DESC 'rtc password for SIP/XMPP'
+ EQUALITY octetStringMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
+
# Experimental attribute types
# There are existing schemas for doing DNS in LDAP; would one of
EQUALITY booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
+attributetype ( 1.3.6.1.4.1.9586.100.4.4.16
+ NAME 'mailPreserveSuffixSeparator'
+ DESC 'suffix serparator'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{1} )
+
attributetype ( 1.3.6.1.4.1.9586.100.4.2.38
NAME 'mailContentInspectionAction'
DESC 'what to do on content inspection hits'
attributetype ( 1.3.6.1.4.1.9586.100.4.2.41
NAME ( 'sshdistAuthKeysHost' )
+ DESC 'Additional hosts/addresess from which to accept ssh connections to the ud-ldap distribution host (db.DOMAIN)'
SUP ipHostNumber )
attributetype ( 1.3.6.1.4.1.9586.100.4.4.42
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
+attributetype ( 1.3.6.1.4.1.9586.100.4.4.45
+ NAME 'rebootPolicy'
+ DESC 'which procedure to use for rebooting this host'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
+
+attributetype ( 1.3.6.1.4.1.9586.100.4.4.46
+ NAME 'totpSeed'
+ DESC 'Seed for TOTP authentication'
+ EQUALITY octetStringMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
+
+attributetype ( 1.3.6.1.4.1.9586.100.4.2.47
+ NAME 'sshfpHostname'
+ DESC 'Additional FQDN of the server on which to publish SSHFP records'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
+
# Public object classes
objectclass ( 1.3.6.1.4.1.9586.100.4.1.1
DESC 'Abstraction of an account with POSIX attributes and UTF8 support'
SUP top AUXILIARY
MUST ( cn $ uid $ uidNumber $ gidNumber )
- MAY ( userPassword $ loginShell $ gecos $ homeDirectory $ description $ mailDisableMessage $ sudoPassword ) )
+ MAY ( userPassword $ loginShell $ gecos $ homeDirectory $ description $ mailDisableMessage $ sudoPassword $ webPassword $ rtcPassword $ totpSeed ) )
objectclass ( 1.3.6.1.4.1.9586.100.4.1.2
NAME 'debianGroup'
SUP top STRUCTURAL
DESC 'attributes used for Debian groups'
MUST ( gid $ gidNumber )
- MAY ( description $ subGroup $ accountStatus ) )
+ MAY ( cn $ description $ subGroup $ accountStatus ) )
# Experimental objectclasses:
dnsZoneEntry $ emailForward $ icqUin $ ircNick $
jabberJID $ keyFingerPrint $ latitude $ longitude $ mn $
onVacation $ privateSub $ sshRSAAuthKey $ supplementaryGid $
- access $ gender $ birthDate $ mailCallout $ mailGreylisting $
+ access $ birthDate $ mailCallout $ mailGreylisting $
mailRBL $ mailRHSBL $ mailWhitelist $ VoIP $ mailContentInspectionAction $
- bATVToken $ mailDefaultOptions
+ bATVToken $ mailDefaultOptions $ mailPreserveSuffixSeparator
) )
objectclass ( 1.3.6.1.4.1.9586.100.4.3.2
distribution $ l $ machine $ memory $ sponsor $
sponsor-admin $ status $ physicalHost $ ipHostNumber $ dnsTTL $
sshRSAHostKey $ purpose $ allowedGroups $ exportOptions $ MXRecord $
- sshdistAuthKeysHost
+ sshdistAuthKeysHost $ rebootPolicy $ sshfpHostname
) )
objectclass ( 1.3.6.1.4.1.9586.100.4.3.3
MAY ( emailForward $ supplementaryGid $ allowedHost $ labeledURI $
mailCallout $ mailGreylisting $ mailRBL $ mailRHSBL $
mailWhitelist $ dnsZoneEntry $ mailContentInspectionAction $
- bATVToken $ mailDefaultOptions
+ bATVToken $ mailDefaultOptions $ sshRSAAuthKey $ mailPreserveSuffixSeparator
) )