sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Code

updated schema for 3.0 for eDirectory 8.7 and Netscape DS 4.x

Browse Source 
(This used to be commit c9c7150a62)
This commit is contained in:
Gerald Carter 2003-09-05 04:09:25 +00:00
parent 5bbdf6a5d0
commit c7dbe58a36
2 changed files with 235 additions and 227 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

304
examples/LDAP/samba-nds.schema
View File

@ -1,201 +1,151 @@
--
-- Submitted by Bruno Gimenes Pereti <pereti@ut mp dot edu dot br>
--
-- schema file for Novell's eDirectory 8.6
--
##
## Schema file for Novell eDirectory 8.7.x by Uli Iske
## Schema for storing Samba's smbpasswd file in LDAP
## OIDs are owned by the Samba Team
##
#######################################################################
## Attributes used by Samba 3.0 schema ##
#######################################################################
SambaAccountSchemaExtensions DEFINITIONS ::=
BEGIN
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.24 NAME 'sambaLMPassword' DESC 'LanManager Password' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
-- Password hashes
"lmPassword" ATTRIBUTE ::=
{
Operation ADD,
SyntaxID SYN_CI_STRING,
Flags { DS_SINGLE_VALUED_ATTR },
ASN1ObjID { 1 3 6 1 4 1 7165 2 1 1 }
}
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.25 NAME 'sambaNTPassword' DESC 'MD4 hash of the unicode password' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
"ntPassword" ATTRIBUTE ::=
{
Operation ADD,
SyntaxID SYN_CI_STRING,
Flags { DS_SINGLE_VALUED_ATTR },
ASN1ObjID { 1 3 6 1 4 1 7165 2 1 2 }
}
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.26 NAME 'sambaAcctFlags' DESC 'Account Flags' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
-- Account flags in string format ([UWDX ])
"acctFlags" ATTRIBUTE ::=
{
Operation ADD,
SyntaxID SYN_CI_STRING,
Flags { DS_SINGLE_VALUED_ATTR },
ASN1ObjID { 1 3 6 1 4 1 7165 2 1 4 }
}
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.27 NAME 'sambaPwdLastSet' DESC 'Timestamp of the last password update' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
-- Password timestamps & policies
"pwdLastSet" ATTRIBUTE ::=
{
Operation ADD,
SyntaxID SYN_INTEGER,
Flags { DS_SINGLE_VALUED_ATTR },
ASN1ObjID { 1 3 6 1 4 1 7165 2 1 3 }
}
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.28 NAME 'sambaPwdCanChange' DESC 'Timestamp of when the user is allowed to update the password' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
"logonTime" ATTRIBUTE ::=
{
Operation ADD,
SyntaxID SYN_INTEGER,
Flags { DS_SINGLE_VALUED_ATTR },
ASN1ObjID { 1 3 6 1 4 1 7165 2 1 5 }
}
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.29 NAME 'sambaPwdMustChange' DESC 'Timestamp of when the password will expire' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
"logoffTime" ATTRIBUTE ::=
{
Operation ADD,
SyntaxID SYN_INTEGER,
Flags { DS_SINGLE_VALUED_ATTR },
ASN1ObjID { 1 3 6 1 4 1 7165 2 1 6 }
}
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.30 NAME 'sambaLogonTime' DESC 'Timestamp of last logon' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
"kickoffTime" ATTRIBUTE ::=
{
Operation ADD,
SyntaxID SYN_INTEGER,
Flags { DS_SINGLE_VALUED_ATTR },
ASN1ObjID { 1 3 6 1 4 1 7165 2 1 7 }
}
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.31 NAME 'sambaLogoffTime' DESC 'Timestamp of last logoff' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
"pwdCanChange" ATTRIBUTE ::=
{
Operation ADD,
SyntaxID SYN_INTEGER,
Flags { DS_SINGLE_VALUED_ATTR },
ASN1ObjID { 1 3 6 1 4 1 7165 2 1 8 }
}
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.32 NAME 'sambaKickoffTime' DESC 'Timestamp of when the user will be logged off automatically' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
"pwdMustChange" ATTRIBUTE ::=
{
Operation ADD,
SyntaxID SYN_INTEGER,
Flags { DS_SINGLE_VALUED_ATTR },
ASN1ObjID { 1 3 6 1 4 1 7165 2 1 9 }
}
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.33 NAME 'sambaHomeDrive' DESC 'Driver letter of home directory mapping' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
-- string settings
"homeDrive" ATTRIBUTE ::=
{
Operation ADD,
SyntaxID SYN_CI_STRING,
Flags { DS_SINGLE_VALUED_ATTR },
ASN1ObjID { 1 3 6 1 4 1 7165 2 1 10 }
}
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.34 NAME 'sambaLogonScript' DESC 'Logon script path' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
"scriptPath" ATTRIBUTE ::=
{
Operation ADD,
SyntaxID SYN_CI_STRING,
Flags { DS_SINGLE_VALUED_ATTR },
ASN1ObjID { 1 3 5 1 4 1 7165 2 1 11 }
}
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.35 NAME 'sambaProfilePath' DESC 'Roaming profile path' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
"profilePath" ATTRIBUTE ::=
{
Operation ADD,
SyntaxID SYN_CI_STRING,
Flags { DS_SINGLE_VALUED_ATTR },
ASN1ObjID { 1 3 6 1 4 1 7165 2 1 12 }
}
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.36 NAME 'sambaUserWorkstations' DESC 'List of user workstations the user is allowed to logon to' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
"userWorkstations" ATTRIBUTE ::=
{
Operation ADD,
SyntaxID SYN_CI_STRING,
Flags { DS_SINGLE_VALUED_ATTR },
ASN1ObjID { 1 3 6 1 4 1 7165 2 1 13 }
}
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.37 NAME 'sambaHomePath' DESC 'Home directory UNC path' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
"smbHome" ATTRIBUTE ::=
{
Operation ADD,
SyntaxID SYN_CI_STRING,
ASN1ObjID { 1 3 6 1 4 1 7165 2 1 17 }
}
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.38 NAME 'sambaDomainName' DESC 'Windows NT domain to which the user belongs' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
"domain" ATTRIBUTE ::=
{
Operation ADD,
SyntaxID SYN_CI_STRING,
ASN1ObjID { 1 3 6 1 4 1 7165 2 1 18 }
}
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.20 NAME 'sambaSID' DESC 'Security ID' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
-- user and group RID
"rid" ATTRIBUTE ::=
{
Operation ADD,
SyntaxID SYN_INTEGER,
Flags { DS_SINGLE_VALUED_ATTR },
ASN1ObjID { 1 3 6 1 4 1 7165 2 1 14 }
}
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.23 NAME 'sambaPrimaryGroupSID' DESC 'Primary Group Security ID' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
"primaryGroupID" ATTRIBUTE ::=
{
Operation ADD,
SyntaxID SYN_INTEGER,
Flags { DS_SINGLE_VALUED_ATTR },
ASN1ObjID { 1 3 6 1 4 1 7165 2 1 15 }
}
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.19 NAME 'sambaGroupType' DESC 'NT Group Type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
"sambaAccount" OBJECT-CLASS ::=
{
Operation ADD,
Flags {DS_AUXILIARY_CLASS},
SubClassOf {"TOP"},
MustContain { "uid"},
MustContain { "rid"},
MayContain { "CN"},
MayContain { "lmPassword"},
MayContain { "ntPassword"},
MayContain { "pwdLastSet"},
MayContain { "logonTime"},
MayContain { "logoffTime"},
MayContain { "kickoffTime"},
MayContain { "pwdCanChange"},
MayContain { "pwdMustChange"},
MayContain { "acctFlags"},
MayContain { "displayName"},
MayContain { "smbHome"},
MayContain { "homeDrive"},
MayContain { "scriptPath"},
MayContain { "profilePath"},
MayContain { "description"},
MayContain { "userWorkstations"},
MayContain { "primaryGroupID"},
MayContain { "domain"},
ASN1ObjID { 1 3 6 1 4 1 7165 2 2 3 }
}
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.21 NAME 'sambaNextUserRid' DESC 'Next NT rid to give our for users' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
-- Used for Winbind experimentation
"uidPool" OBJECT-CLASS ::=
{
Operation ADD,
Flags {DS_AUXILIARY_CLASS},
SubClassOf {"TOP"},
MustContain { "uidNumber"},
MustContain { "CN"},
ASN1ObjID { 1 3 6 1 4 1 7165 1 2 2 3 }
}
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.22 NAME 'sambaNextGroupRid' DESC 'Next NT rid to give out for groups' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
"gidPool" OBJECT-CLASS ::=
{
Operation ADD,
Flags {DS_AUXILIARY_CLASS},
SubClassOf {"TOP"},
MustContain { "gidNumber"},
MustContain { "CN"},
ASN1ObjID { 1 3 6 1 4 1 7165 1 2 2 4 }
}
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.39 NAME 'sambaNextRid' DESC 'Next NT rid to give out for anything' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
END
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.40 NAME 'sambaAlgorithmicRidBase' DESC 'Base at which the samba RID generation algorithm should operate' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
#######################################################################
## objectClasses used by Samba 3.0 schema ##
#######################################################################
dn: cn=schema
changetype: modify
add: objectClasses
objectClasses: ( 1.3.6.1.4.1.7165.2.2.6 NAME 'sambaSamAccount' DESC 'Samba 3.0 Auxilary SAM Account' SUP top AUXILIARY MUST ( uid $ sambaSID ) MAY ( cn $ sambaLMPassword $ sambaNTPassword $ sambaPwdLastSet $sambaLogonTime $ sambaLogoffTime $sambaKickoffTime $sambaPwdCanChange $ sambaPwdMustChange $ sambaAcctFlags $displayName $ sambaHomePath $ sambaHomeDrive $ sambaLogonScript $sambaProfilePath $ description $ sambaUserWorkstations $sambaPrimaryGroupSID $ sambaDomainName ))
dn: cn=schema
changetype: modify
add: objectClasses
objectClasses: ( 1.3.6.1.4.1.7165.2.2.4 NAME 'sambaGroupMapping' DESC 'Samba Group Mapping' SUP top AUXILIARY MUST ( gidNumber $ sambaSID $ sambaGroupType ) MAY ( displayName $ description ))
dn: cn=schema
changetype: modify
add: objectClasses
objectClasses: ( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' DESC 'Samba Domain Information' SUP top STRUCTURAL MUST ( sambaDomainName $sambaSID ) MAY ( sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $sambaAlgorithmicRidBase ) )
dn: cn=schema
changetype: modify
add: objectClasses
objectClasses: ( 1.3.6.1.4.1.7165.1.2.2.7 NAME 'sambaUnixIdPool' DESC 'Pool for allocating UNIX uids/gids' SUP top AUXILIARY MUST ( uidNumber $ gidNumber ) )
dn: cn=schema
changetype: modify
add: objectClasses
objectClasses: ( 1.3.6.1.4.1.7165.1.2.2.8 NAME 'sambaIdmapEntry' DESC 'Mapping from a SID to an ID' SUP top AUXILIARY MUST ( sambaSID ) MAY ( uidNumber $ gidNumber ) )
dn: cn=schema
changetype: modify
add: objectClasses
objectClasses: ( 1.3.6.1.4.1.7165.1.2.2.9 NAME 'sambaSidEntry' DESC 'Structural Class for a SID' SUP top STRUCTURAL MUST ( sambaSID ) )

158
examples/LDAP/samba-schema-netscapeds4.x
View File

@ -1,54 +1,112 @@
#
# LDAP Schema file for SAMBA attribute storage
# This file is suitable for usage with Netscape Directory Server 4.1x
# Adapted by Scott Lawson with help from Ron Creamer
#
# LDAP Schema file for SAMBA 3.0 attribute storage
# For Netscape Directory Server 4.1x
# Prepared by Osman Demirhan
attribute lmPassword 1.3.6.1.4.1.7165.2.1.1 cis single
attribute ntPassword 1.3.6.1.4.1.7165.2.1.2 cis single
attribute acctFlags 1.3.6.1.4.1.7165.2.1.4 cis single
attribute pwdLastSet 1.3.6.1.4.1.7165.2.1.3 int single
attribute logonTime 1.3.6.1.4.1.7165.2.1.5 int single
attribute logoffTime 1.3.6.1.4.1.7165.2.1.6 int single
attribute kickoffTime 1.3.6.1.4.1.7165.2.1.7 int single
attribute pwdCanChange 1.3.6.1.4.1.7165.2.1.8 int single
attribute pwdMustChange 1.3.6.1.4.1.7165.2.1.9 int single
attribute homedrive 1.3.6.1.4.1.7165.2.1.10 cis single
attribute scriptPath 1.3.6.1.4.1.7165.2.1.11 cis single
attribute profilePath 1.3.6.1.4.1.7165.2.1.12 cis single
attribute userWorkstations 1.3.6.1.4.1.7165.2.1.13 cis single
attribute rid 1.3.6.1.4.1.7165.2.1.14 int single
attribute primaryGroupID 1.3.6.1.4.1.7165.2.1.15 int single
attribute smbHome 1.3.6.1.4.1.7165.2.1.17 cis single
attribute domain 1.3.6.1.4.1.7165.2.1.18 cis single
attribute sambaLMPassword 1.3.6.1.4.1.7165.2.1.24 cis single
attribute sambaNTPassword 1.3.6.1.4.1.7165.2.1.25 cis single
attribute sambaAcctFlags 1.3.6.1.4.1.7165.2.1.26 cis single
attribute sambaPwdLastSet 1.3.6.1.4.1.7165.2.1.27 int single
attribute sambaPwdCanChange 1.3.6.1.4.1.7165.2.1.28 int single
attribute sambaPwdMustChange 1.3.6.1.4.1.7165.2.1.29 int single
attribute sambaLogonTime 1.3.6.1.4.1.7165.2.1.30 int single
attribute sambaLogoffTime 1.3.6.1.4.1.7165.2.1.31 int single
attribute sambaKickoffTime 1.3.6.1.4.1.7165.2.1.32 int single
attribute sambaHomeDrive 1.3.6.1.4.1.7165.2.1.33 cis single
attribute sambaLogonScript 1.3.6.1.4.1.7165.2.1.34 cis single
attribute sambaProfilePath 1.3.6.1.4.1.7165.2.1.35 cis single
attribute sambaUserWorkstations 1.3.6.1.4.1.7165.2.1.36 cis single
attribute sambaHomePath 1.3.6.1.4.1.7165.2.1.37 cis single
attribute sambaDomainName 1.3.6.1.4.1.7165.2.1.38 cis single
attribute sambaSID 1.3.6.1.4.1.7165.2.1.20 cis single
attribute sambaPrimaryGroupSID 1.3.6.1.4.1.7165.2.1.23 cis single
attribute sambaGroupType 1.3.6.1.4.1.7165.2.1.19 int single
attribute sambaNextUserRid 1.3.6.1.4.1.7165.2.1.21 int single
attribute sambaNextGroupRid 1.3.6.1.4.1.7165.2.1.22 int single
attribute sambaNextRid 1.3.6.1.4.1.7165.2.1.39 int single
attribute sambaAlgorithmicRidBase 1.3.6.1.4.1.7165.2.1.40 int single
objectclass sambaAccount
oid
1.3.1.5.1.4.1.7165.2.2.2
superior
top
requires
objectClass,
uid,
rid
allows
cn,
lmPassword,
ntPassword,
pwdLastSet,
logonTime,
logoffTime,
KickoffTime,
pwdCanChange,
pwdMustChange,
acctFlags,
displayName,
smbHome,
homeDrive,
scriptPath,
profilePath,
description,
userWorkstations,
primaryGroupID,
domain
objectclass sambaSamAccount
oid
1.3.6.1.4.1.7165.2.2.6
superior
top
requires
objectClass,
uid,
sambaSID
allows
cn,
sambaLMPassword,
sambaNTPassword,
sambaPwdLastSet,
sambaLogonTime,
sambaLogoffTime,
sambaKickoffTime,
sambaPwdCanChange,
sambaPwdMustChange,
sambaAcctFlags,
displayName,
sambaHomePath,
sambaHomeDrive,
sambaLogonScript,
sambaProfilePath,
description,
sambaUserWorkstations,
sambaPrimaryGroupSID,
sambaDomainName
objectclass sambaGroupMapping
oid
1.3.6.1.4.1.7165.2.2.4
superior
top
requires
gidNumber,
sambaSID,
sambaGroupType
allows
displayName,
description
objectclass sambaDomain
oid
1.3.6.1.4.1.7165.2.2.5
superior
top
requires
sambaDomainName,
sambaSID
allows
sambaNextRid,
sambaNextGroupRid,
sambaNextUserRid,
sambaAlgorithmicRidBase
objectclass sambaUnixIdPool
oid
1.3.6.1.4.1.7165.1.2.2.7
superior
top
requires
uidNumber,
gidNumber
objectclass sambaIdmapEntry
oid
1.3.6.1.4.1.7165.1.2.2.8
superior
top
requires
sambaSID
allows
uidNumber,
gidNumber
objectclass sambaSidEntry
oid
1.3.6.1.4.1.7165.1.2.2.9
superior
top
requires
sambaSID