[Date Prev][Date Next] [Chronological] [Thread] [Top]

inetorgperson.schema

To: OpenLDAP Mail List <openldap-software@OpenLDAP.org>
Subject: inetorgperson.schema
From: William Marques <william@scinergy.com.br>
Date: Mon, 23 Aug 2004 14:27:20 -0300
User-agent: Mozilla/5.0 (X11; U; Linux i686; pt-BR; rv:1.6) Gecko/20040520

Hi everybody,

I'm new in ldap administration and have some dificulties to add the mozilla mozillaAbPersonObsolete objectClass to an existing ldap user, because it's objectClass is like a subclass of inetorgperson. When I try to add, a receive an objectClass violation. Well, I read a lot of documentartion abut this kind of problem, and decide to do something new. Why not make a new inetorgperson, with the mozillaAbPersonObsolete atributetype? And that's what I did. My question is:

What kind of problem may that change affect to my existing account on my ldap server?

I have a test machine when I made all this changes, and the only diference I note is that when I access my ldap with an ldapclient called ldapbrowser, it list my all my objectClass like binary, but with ldapsearch and gq its ok. I also add new user to the base, with the new attributes from mozilla and everithing is going ok.

Here is my new inetorgperson.schema, if someone want to help me in my journey (sorry about the size):

# $OpenLDAP: pkg/ldap/servers/slapd/schema/inetorgperson.schema,v 1.14 2001/12/05 22:16:36 kurt Exp $ # # InetOrgPerson (RFC2798) # # Depends upon # Definition of an X.500 Attribute Type and an Object Class to Hold # Uniform Resource Identifiers (URIs) [RFC2079] # (core.schema) # # A Summary of the X.500(96) User Schema for use with LDAPv3 [RFC2256] # (core.schema) # # The COSINE and Internet X.500 Schema [RFC1274] (cosine.schema)

# carLicense
# This multivalued field is used to record the values of the license or
# registration plate associated with an individual.
attributetype ( 2.16.840.1.113730.3.1.1
   NAME 'carLicense'
   DESC 'RFC2798: vehicle license or registration plate'
   EQUALITY caseIgnoreMatch
   SUBSTR caseIgnoreSubstringsMatch
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

# departmentNumber
# Code for department to which a person belongs.  This can also be
# strictly numeric (e.g., 1234) or alphanumeric (e.g., ABC/123).
attributetype ( 2.16.840.1.113730.3.1.2
   NAME 'departmentNumber'
   DESC 'RFC2798: identifies a department within an organization'
   EQUALITY caseIgnoreMatch
   SUBSTR caseIgnoreSubstringsMatch
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

# displayName
# When displaying an entry, especially within a one-line summary list, it
# is useful to be able to identify a name to be used.  Since other attri-
# bute types such as 'cn' are multivalued, an additional attribute type is
# needed.  Display name is defined for this purpose.
attributetype ( 2.16.840.1.113730.3.1.241
   NAME 'displayName'
   DESC 'RFC2798: preferred name to be used when displaying entries'
   EQUALITY caseIgnoreMatch
   SUBSTR caseIgnoreSubstringsMatch
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
   SINGLE-VALUE )

# employeeNumber # Numeric or alphanumeric identifier assigned to a person, typically based # on order of hire or association with an organization. Single valued. attributetype ( 2.16.840.1.113730.3.1.3 NAME 'employeeNumber' DESC 'RFC2798: numerically identifies an employee within an organization' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )

# employeeType
# Used to identify the employer to employee relationship.  Typical values
# used will be "Contractor", "Employee", "Intern", "Temp", "External", and
# "Unknown" but any value may be used.
attributetype ( 2.16.840.1.113730.3.1.4
   NAME 'employeeType'
   DESC 'RFC2798: type of employment for a person'
   EQUALITY caseIgnoreMatch
   SUBSTR caseIgnoreSubstringsMatch
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

# jpegPhoto
# Used to store one or more images of a person using the JPEG File
# Interchange Format [JFIF].
# Note that the jpegPhoto attribute type was defined for use in the
# Internet X.500 pilots but no referencable definition for it could be
# located.
attributetype ( 0.9.2342.19200300.100.1.60
   NAME 'jpegPhoto'
   DESC 'RFC2798: a JPEG image'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 )

# preferredLanguage
# Used to indicate an individual's preferred written or spoken
# language.  This is useful for international correspondence or human-
# computer interaction.  Values for this attribute type MUST conform to
# the definition of the Accept-Language header field defined in
# [RFC2068] with one exception:  the sequence "Accept-Language" ":"
# should be omitted.  This is a single valued attribute type.
attributetype ( 2.16.840.1.113730.3.1.39
   NAME 'preferredLanguage'
   DESC 'RFC2798: preferred written or spoken language for a person'
   EQUALITY caseIgnoreMatch
   SUBSTR caseIgnoreSubstringsMatch
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
   SINGLE-VALUE )

# userSMIMECertificate
# A PKCS#7 [RFC2315] SignedData, where the content that is signed is
# ignored by consumers of userSMIMECertificate values.  It is
# recommended that values have a `contentType' of data with an absent
# `content' field.  Values of this attribute contain a person's entire
# certificate chain and an smimeCapabilities field [RFC2633] that at a
# minimum describes their SMIME algorithm capabilities.  Values for
# this attribute are to be stored and requested in binary form, as
# 'userSMIMECertificate;binary'.  If available, this attribute is
# preferred over the userCertificate attribute for S/MIME applications.
## OpenLDAP note: ";binary" transfer should NOT be used as syntax is binary
attributetype ( 2.16.840.1.113730.3.1.40
   NAME 'userSMIMECertificate'
   DESC 'RFC2798: PKCS#7 SignedData used to support S/MIME'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )

# userPKCS12
# PKCS #12 [PKCS12] provides a format for exchange of personal identity
# information.  When such information is stored in a directory service,
# the userPKCS12 attribute should be used. This attribute is to be stored
# and requested in binary form, as 'userPKCS12;binary'.  The attribute
# values are PFX PDUs stored as binary data.
## OpenLDAP note: ";binary" transfer should NOT be used as syntax is binary
attributetype ( 2.16.840.1.113730.3.1.216
   NAME 'userPKCS12'
   DESC 'RFC2798: personal identity information, a PKCS #12 PFX'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )

# Here I started my changes:
#
# created mozillaAbPersonObsolete schema
# from mozillaOrgPerson schema v.0.6
# for OpenLDAP Directory servers
#
# Changes from v.0.6
#
# - Add additional attritute names to match those currently exported
#   from mozilla, except for 'mozilla_AimScreenName' which is invalid.
#   I have found that mozilla does not find them otherwise.
# - Set both versions of 'nsAIMid' to use the mozilla OID space.
# - Make 'inetOrgPerson' the SUP for 'mozillaAbPersonObsolete'.

# req. core
# req. cosine
# req. inetorgperson

# attribute defs

attributetype ( 2.16.840.1.113730.3.1.120
   NAME ( 'xmozillanickname' 'mozillaNickname' )
   SUP name )

attributetype ( 2.16.840.1.113730.3.1.121
   NAME ( 'xmozillausehtmlmail' 'mozillaUseHtmlMail' )
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
   SINGLE-VALUE )

attributetype ( 2.16.840.1.113730.3.1.122
   NAME 'mozillaSecondEmail'
   EQUALITY caseIgnoreIA5Match
   SUBSTR caseIgnoreIA5SubstringsMatch
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

attributetype ( 2.16.840.1.113730.3.1.123
   NAME 'mozillaHomeLocalityName'
   EQUALITY caseIgnoreMatch
   SUBSTR caseIgnoreSubstringsMatch
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )

attributetype ( 2.16.840.1.113730.3.1.124
   NAME 'mozillaPostalAddress2'
   EQUALITY caseIgnoreListMatch
   SUBSTR caseIgnoreListSubstringsMatch
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )

attributetype ( 2.16.840.1.113730.3.1.125
   NAME 'mozillaHomePostalAddress2'
   EQUALITY caseIgnoreListMatch
   SUBSTR caseIgnoreListSubstringsMatch
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )

attributetype ( 2.16.840.1.113730.3.1.126
   NAME ( 'mozillaHomeState' ) SUP name )

attributetype ( 2.16.840.1.113730.3.1.127
   NAME 'mozillaHomePostalCode'
   EQUALITY caseIgnoreMatch
   SUBSTR caseIgnoreSubstringsMatch
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )

attributetype ( 2.16.840.1.113730.3.1.129
   NAME ( 'mozillaHomeCountryName' )
   SUP name SINGLE-VALUE )

attributetype ( 2.16.840.1.113730.3.1.130
   NAME ( 'mozillaHomeFriendlyCountryName' )
   EQUALITY caseIgnoreMatch
   SUBSTR caseIgnoreSubstringsMatch
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

attributetype ( 2.16.840.1.113730.3.1.131
   NAME ( 'homeurl' 'mozillaHomeUrl' )
   EQUALITY caseIgnoreIA5Match
   SUBSTR caseIgnoreIA5SubstringsMatch
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

attributetype ( 2.16.840.1.113730.3.1.132
   NAME ( 'workurl' 'mozillaWorkUrl' )
   EQUALITY caseIgnoreIA5Match
   SUBSTR caseIgnoreIA5SubstringsMatch
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

# un-comment for all LDAP server NOT supporting SYNTAX 2.16.840.1.113730.3.7.1 attributetype ( 2.16.840.1.113730.3.1.133 NAME ( 'nsAIMid' ) DESC 'AOL Instant Messenger (AIM) Identity' EQUALITY telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )

# un-comment for ... LDAP server supporting SYNTAX 2.16.840.1.113730.3.7.1
#attributetype ( 1.3.6.1.4.1.13769.2.1.13
#    NAME ( 'nsAIMid' )
#    DESC 'AOL Instant Messenger (AIM) Identity'
#    SYNTAX 2.16.840.1.113730.3.7.1 )

attributetype ( 2.16.840.1.113730.3.1.134
   NAME ( 'custom1' 'mozillaCustom1' )
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
   SINGLE-VALUE )

attributetype ( 2.16.840.1.113730.3.1.135
   NAME ( 'custom2' 'mozillaCustom2' )
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
   SINGLE-VALUE )

attributetype ( 2.16.840.1.113730.3.1.136
   NAME ( 'custom3' 'mozillaCustom3' )
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
   SINGLE-VALUE )

attributetype ( 2.16.840.1.113730.3.1.137
   NAME ( 'custom4' 'mozillaCustom4' )
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
   SINGLE-VALUE )

# inetOrgPerson
# The inetOrgPerson represents people who are associated with an
# organization in some way.  It is a structural class and is derived
# from the organizationalPerson which is defined in X.521 [X521].
objectclass    ( 2.16.840.1.113730.3.2.2
   NAME 'inetOrgPerson'
   DESC 'RFC2798: Internet Organizational Person'
   SUP organizationalPerson
   STRUCTURAL
   MAY (
       audio $ businessCategory $ carLicense $ departmentNumber $
       displayName $ employeeNumber $ employeeType $ givenName $
       homePhone $ homePostalAddress $ initials $ jpegPhoto $
       labeledURI $ mail $ manager $ mobile $ o $ pager $
       photo $ roomNumber $ secretary $ uid $ userCertificate $
       x500uniqueIdentifier $ preferredLanguage $
       userSMIMECertificate $ userPKCS12 $
#for now, all this stuff are mozilla atributes:
mozillaNickname $
   mozillaUseHtmlMail $
   mozillaSecondEmail $
   mozillaPostalAddress2 $
   mozillaHomePostalAddress2 $
   mozillaHomeLocalityName $
   mozillaHomeState $
   mozillaHomePostalCode $
   mozillaHomeCountryName $
   mozillaHomeFriendlyCountryName $
   mozillaHomeUrl $
   mozillaWorkUrl $
   mozillaCustom1 $
   mozillaCustom2 $
   mozillaCustom3 $
   mozillaCustom4 $
   nsAIMid $
       c $
       co )
   )

Well that's it.

Any help will be very apreciated.

Regards,

William Marques

Prev by Date: Problem with slave server
Next by Date: Re: replica, slave -----> master, update ?
Index(es):
- Chronological
- Thread