# Revision history:
#
-# XXX
+# - [PP] Now version controlled in db.d.o git repository, also see debian/changelog - 2009
# - [PP] Now version controlled in db.d.o bzr repository - 2007-12-25
+#
+# long time ago:
# - [HE] Add 'purpose', 'physicalHost' to debianServer - 2007-12-25
# - [zobel] Add 'VoIP' - 2008-05-10
+# - [luk] Add 'subGroup' to group - 2008-11-22
#
# 0.7 [RM]
# - Add 'gender' and 'birthDate' to debianDeveloper
# .33 - purpose
# .34 - physicalHost
# .35 - VoIP
+# .36 - sudoPassword
+# .37 - subGroup
+# .38 - mailContentInspectionAction
+# .39 - allowedGroups
+# .40 - exportOptions
+# .41 - sshdistAuthKeysHost
+# .42 - dnsTTL
+# .43 - webPassword
+# .44 - rtcPassword
+# .45 - rebootPolicy
+# .46 - totpSeed
+# .47 - sshfpHostname
#
# .3 - experimental LDAP objectClasses
# .1 - debianDeveloper
# .11 - DNS RBL
# .12 - RHS RBL
# .13 - whitelist
+# .14 - bATVToken
+# .15 - mailDefaultOptions
+# .16 - mailPreserveSuffixSeparator
# Public attribute types
attributetype ( 1.3.6.1.4.1.9586.100.4.2.1
SUBSTR caseExactIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
-attributetype ( 1.3.6.1.4.1.9586.100.4.2.30
- NAME 'gender'
- DESC 'ISO 5218 representation of human gender'
- EQUALITY integerMatch
- SINGLE-VALUE
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.27{1} )
+#attributetype ( 1.3.6.1.4.1.9586.100.4.2.30
+# NAME 'gender'
+# DESC 'ISO 5218 representation of human gender'
+# EQUALITY integerMatch
+# SINGLE-VALUE
+# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27{1} )
attributetype ( 1.3.6.1.4.1.9586.100.4.2.31
NAME 'birthDate'
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-# Public object classes
+attributetype ( 1.3.6.1.4.1.9586.100.4.2.36
+ NAME 'sudoPassword'
+ DESC 'sudo password'
+ EQUALITY octetStringMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
-objectclass ( 1.3.6.1.4.1.9586.100.4.1.1
- NAME 'debianAccount'
- DESC 'Abstraction of an account with POSIX attributes and UTF8 support'
- SUP top AUXILIARY
- MUST ( cn $ uid $ uidNumber $ gidNumber )
- MAY ( userPassword $ loginShell $ gecos $ homeDirectory $ description $ mailDisableMessage ) )
+attributetype ( 1.3.6.1.4.1.9586.100.4.2.37
+ NAME 'subGroup'
+ DESC 'name of other group for which membership implied by memberschip to this group'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-objectclass ( 1.3.6.1.4.1.9586.100.4.1.2
- NAME 'debianGroup'
- SUP top STRUCTURAL
- DESC 'attributes used for Debian groups'
- MUST ( gid $ gidNumber )
- MAY ( description ) )
+# more attributes below
+attributetype ( 1.3.6.1.4.1.9586.100.4.2.39
+ NAME 'allowedGroups'
+ DESC 'Groups that have access to a host'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+
+attributetype ( 1.3.6.1.4.1.9586.100.4.2.40
+ NAME 'exportOptions'
+ DESC 'export options for servers'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+
+attributetype ( 1.3.6.1.4.1.9586.100.4.2.43
+ NAME 'webPassword'
+ DESC 'web password for SSO'
+ EQUALITY octetStringMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
+
+attributetype ( 1.3.6.1.4.1.9586.100.4.2.44
+ NAME 'rtcPassword'
+ DESC 'rtc password for SIP/XMPP'
+ EQUALITY octetStringMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
# Experimental attribute types
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
+attributetype ( 1.3.6.1.4.1.9586.100.4.4.14
+ NAME 'bATVToken'
+ DESC 'Token for BATV'
+ EQUALITY caseExactMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
+
+attributetype ( 1.3.6.1.4.1.9586.100.4.4.15
+ NAME 'mailDefaultOptions'
+ DESC 'Whether or not to use a default set of anti-spam options'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
+
+attributetype ( 1.3.6.1.4.1.9586.100.4.4.16
+ NAME 'mailPreserveSuffixSeparator'
+ DESC 'suffix serparator'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{1} )
+
+attributetype ( 1.3.6.1.4.1.9586.100.4.2.38
+ NAME 'mailContentInspectionAction'
+ DESC 'what to do on content inspection hits'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} SINGLE-VALUE )
+
+attributetype ( 1.3.6.1.4.1.9586.100.4.2.41
+ NAME ( 'sshdistAuthKeysHost' )
+ DESC 'Additional hosts/addresess from which to accept ssh connections to the ud-ldap distribution host (db.DOMAIN)'
+ SUP ipHostNumber )
+
+attributetype ( 1.3.6.1.4.1.9586.100.4.4.42
+ NAME 'dnsTTL'
+ DESC 'DNS Time To Live value'
+ EQUALITY caseIgnoreIA5Match
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
+
+attributetype ( 1.3.6.1.4.1.9586.100.4.4.45
+ NAME 'rebootPolicy'
+ DESC 'which procedure to use for rebooting this host'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
+
+attributetype ( 1.3.6.1.4.1.9586.100.4.4.46
+ NAME 'totpSeed'
+ DESC 'Seed for TOTP authentication'
+ EQUALITY octetStringMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
+
+attributetype ( 1.3.6.1.4.1.9586.100.4.2.47
+ NAME 'sshfpHostname'
+ DESC 'Additional FQDN of the server on which to publish SSHFP records'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
+
+# Public object classes
+
+objectclass ( 1.3.6.1.4.1.9586.100.4.1.1
+ NAME 'debianAccount'
+ DESC 'Abstraction of an account with POSIX attributes and UTF8 support'
+ SUP top AUXILIARY
+ MUST ( cn $ uid $ uidNumber $ gidNumber )
+ MAY ( userPassword $ loginShell $ gecos $ homeDirectory $ description $ mailDisableMessage $ sudoPassword $ webPassword $ rtcPassword $ totpSeed ) )
+
+objectclass ( 1.3.6.1.4.1.9586.100.4.1.2
+ NAME 'debianGroup'
+ SUP top STRUCTURAL
+ DESC 'attributes used for Debian groups'
+ MUST ( gid $ gidNumber )
+ MAY ( cn $ description $ subGroup $ accountStatus ) )
+
# Experimental objectclasses:
objectclass ( 1.3.6.1.4.1.9586.100.4.3.1
dnsZoneEntry $ emailForward $ icqUin $ ircNick $
jabberJID $ keyFingerPrint $ latitude $ longitude $ mn $
onVacation $ privateSub $ sshRSAAuthKey $ supplementaryGid $
- access $ gender $ birthDate $ mailCallout $ mailGreylisting $
- mailRBL $ mailRHSBL $ mailWhitelist
+ access $ birthDate $ mailCallout $ mailGreylisting $
+ mailRBL $ mailRHSBL $ mailWhitelist $ VoIP $ mailContentInspectionAction $
+ bATVToken $ mailDefaultOptions $ mailPreserveSuffixSeparator
) )
objectclass ( 1.3.6.1.4.1.9586.100.4.3.2
MUST ( host $ hostname )
MAY ( c $ access $ admin $ architecture $ bandwidth $ description $ disk $
distribution $ l $ machine $ memory $ sponsor $
- sponsor-admin $ sshRSAHostKey $ status $ purpose $ physicalHost
+ sponsor-admin $ status $ physicalHost $ ipHostNumber $ dnsTTL $
+ sshRSAHostKey $ purpose $ allowedGroups $ exportOptions $ MXRecord $
+ sshdistAuthKeysHost $ rebootPolicy $ sshfpHostname
) )
objectclass ( 1.3.6.1.4.1.9586.100.4.3.3
SUP account STRUCTURAL
MAY ( emailForward $ supplementaryGid $ allowedHost $ labeledURI $
mailCallout $ mailGreylisting $ mailRBL $ mailRHSBL $
- mailWhitelist
+ mailWhitelist $ dnsZoneEntry $ mailContentInspectionAction $
+ bATVToken $ mailDefaultOptions $ sshRSAAuthKey $ mailPreserveSuffixSeparator
) )
projects / mirror / userdir-ldap.git / blobdiff