389-ds-base/ldap/servers/ntds/apacheds/usersync.schema

#
# BEGIN COPYRIGHT BLOCK
# This Program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation; version 2 of the License.
# 
# This Program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
# 
# You should have received a copy of the GNU General Public License along with
# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
# Place, Suite 330, Boston, MA 02111-1307 USA.
# 
# In addition, as a special exception, Red Hat, Inc. gives You the additional
# right to link the code of this Program with code not covered under the GNU
# General Public License ("Non-GPL Code") and to distribute linked combinations
# including the two, subject to the limitations in this paragraph. Non-GPL Code
# permitted under this exception must only link to the code of this Program
# through those well defined interfaces identified in the file named EXCEPTION
# found in the source code files (the "Approved Interfaces"). The files of
# Non-GPL Code may instantiate templates or use macros or inline functions from
# the Approved Interfaces without causing the resulting work to be covered by
# the GNU General Public License. Only Red Hat, Inc. may make changes or
# additions to the list of Approved Interfaces. You must obey the GNU General
# Public License in all respects for all of the Program code and other code used
# in conjunction with the Program except the Non-GPL Code covered by this
# exception. If you modify this file, you may extend this exception to your
# version of the file, but you are not obligated to do so. If you do not wish to
# provide this exception without modification, you must delete this exception
# statement from your version and license this file solely under the GPL without
# exception. 
# 
# 
# Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
# Copyright (C) 2005 Red Hat, Inc.
# All rights reserved.
# END COPYRIGHT BLOCK
#
# mystery section attributes
attributetype ( 1.3.6.1.4.1.7114.2.1.10 NAME 'changetype'
        DESC 'AD ubiquitous changetype attribute'
        EQUALITY caseIgnoreIA5Match
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{8} SINGLE-VALUE )

# Microsoft attributes
#
# Here follows definitions from schema/microsoft.schema
# if you don't have the file o dont like the OIDs or so,
# you MUST copy and paste this list attribute definition:
#
# SYNTAX changes:
#
# Large-Integer: 1.3.6.1.4.1.1466.115.121.1.27
# Encoded as an Integer (OID 1.3.6.1.4.1.1466.115.121.1.27), but guaranteed
# to support 64 bit numbers.

# user attrs

attributetype ( 1.2.840.113556.1.4.8  NAME 'userAccountControl'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.166
        NAME 'groupMembershipSAM'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.213
        NAME 'defaultClassStore'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )

attributetype ( 1.2.840.113556.1.4.656
        NAME 'userPrincipalName'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.86
        NAME 'userWorkstations'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.65
        NAME 'logonWorkstation'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.751
        NAME 'userSharedFolder'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.49
        NAME 'badPasswordTime'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.302
        NAME 'sAMAccountType'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.98
        NAME 'primaryGroupID'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.159
        NAME 'accountExpires'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.346
        NAME 'desktopProfile'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.782
        NAME 'objectCategory'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.221
        NAME 'sAMAccountName'
		EQUALITY caseIgnoreMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.144
        NAME 'operatorCount'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.44
        NAME 'homeDirectory'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.772
        NAME 'aCSPolicyName'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.94
        NAME 'ntPwdHistory'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
 

attributetype ( 1.2.840.113556.1.4.160
        NAME 'lmPwdHistory'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )

attributetype ( 1.2.840.113556.1.2.1
        NAME 'instanceType'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE
        NO-USER-MODIFICATION )

attributetype ( 1.2.840.113556.1.4.97
        NAME 'preferredOU'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.662
        NAME 'lockoutTime'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.25
        NAME 'countryCode'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.139
        NAME 'profilePath'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.12
        NAME 'badPwdCount'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.2.13
        NAME 'displayName'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.2.3
        NAME 'whenChanged'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.2.19
        NAME 'uSNCreated'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.64
        NAME 'logonHours'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.96
        NAME 'pwdLastSet'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.169
        NAME 'logonCount'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.90
        NAME 'unicodePwd'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.62
        NAME 'scriptPath'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.76
        NAME 'maxStorage'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.51
        NAME 'lastLogoff'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.2.120
        NAME 'uSNChanged'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.2
        NAME 'objectGUID'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.52
        NAME 'lastLogon'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.45
        NAME 'homeDrive'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.2.102
        NAME 'memberOf'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
        NO-USER-MODIFICATION )

attributetype ( 1.2.840.113556.1.4.58
        NAME 'localeID'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )

attributetype ( 1.2.840.113556.1.4.16
        NAME 'codePage'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.55
        NAME 'dBCSPwd'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.91
        NAME 'otherLoginWorkstations'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

attributetype ( 1.2.840.113556.1.4.752
        NAME 'userSharedFolderOther'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

attributetype ( 1.2.840.113556.1.2.353
        NAME 'displayNamePrintable'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.44
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.771
        NAME 'servicePrincipalName'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

attributetype ( 1.2.840.113556.1.4.200
        NAME 'controlAccessRights'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )

# computer attrs
attributetype ( 1.2.840.113556.1.4.669
        NAME 'rIDSetReferences'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
        NO-USER-MODIFICATION )

attributetype ( 1.2.840.113556.1.4.56
        NAME 'localPolicyFlags'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.363
        NAME 'operatingSystem'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.507
        NAME 'volumeCount'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.619
        NAME 'dNSHostName'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.71
        NAME 'machineRole'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.365
        NAME 'operatingSystemServicePack'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.364
        NAME 'operatingSystemVersion'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.868
        NAME 'isCriticalSystemObject'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.514
        NAME 'physicalLocationObject'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.415
        NAME 'operatingSystemHotfix'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.2.2
        NAME 'whenCreated'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
        SINGLE-VALUE
        NO-USER-MODIFICATION )

# group attrs
attributetype ( 1.2.840.113556.1.4.375
        NAME 'systemFlags'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE
        NO-USER-MODIFICATION )
 

attributetype ( 1.2.840.113556.1.4.150
        NAME 'adminCount'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.750
        NAME 'groupType'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.146
        NAME 'objectSid'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
        SINGLE-VALUE )
 

attributetype ( 1.2.840.113556.1.2.169
        NAME 'showInAdvancedViewOnly'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
        SINGLE-VALUE )

# ridSet attrs
attributetype ( 1.2.840.113556.1.4.371
        NAME 'rIDAllocationPool'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE
        NO-USER-MODIFICATION )

attributetype ( 1.2.840.113556.1.4.373
        NAME 'rIDUsedPool'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE
        NO-USER-MODIFICATION )

attributetype ( 1.2.840.113556.1.4.372
        NAME 'rIDPreviousAllocationPool'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE
        NO-USER-MODIFICATION )

attributetype ( 1.2.840.113556.1.4.374
        NAME 'rIDNextRID'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE
        NO-USER-MODIFICATION )

# ridManager attrs
attributetype ( 1.2.840.113556.1.4.370
        NAME 'rIDAvailablePool'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
        SINGLE-VALUE )

attributetype ( 1.2.840.113556.1.4.369
        NAME 'fSMORoleOwner'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
        SINGLE-VALUE )
 

# objectClass defs

objectclass ( 1.3.6.1.4.1.7114.2.2.10
    NAME 'user'
    SUP organizationalPerson
    STRUCTURAL
    MUST ( objectSid $ objectClass $ cn )
    MAY (
        accountExpires $
        aCSPolicyName $
        adminCount $
        badPasswordTime $
        badPwdCount $
        changetype $
        codePage $
        controlAccessRights $
        countryCode $
        dBCSPwd $
        defaultClassStore $
        description $
        desktopProfile $
        displayName $
        distinguishedName $
        givenName $
        groupMembershipSAM $
        homeDirectory $
        homeDrive $
        instanceType $
        lastLogoff $
        lastLogon $
        lmPwdHistory $
        localeID $
        lockoutTime $
        logonCount $
        logonHours $
        logonWorkstation $
        maxStorage $
        memberOf $
        name $
        ntPwdHistory $
        objectCategory $
        objectGUID $
        operatorCount $
        otherLoginWorkstations $
        preferredOU $
        primaryGroupID $
        profilePath $
        pwdLastSet $
        sAMAccountName $
        sAMAccountType $
        scriptPath $
        servicePrincipalName $
        unicodePwd $
        userAccountControl $
        userPrincipalName $
        userSharedFolder $
        userSharedFolderOther $
        userWorkstations $
        uSNChanged $
        uSNCreated $
        whenChanged $
        whenCreated ) )

objectclass ( 1.3.6.1.4.1.7114.2.2.11
    NAME 'computer'
    SUP user
    STRUCTURAL
    MAY (
        description $
        dNSHostName $
        isCriticalSystemObject $
        localPolicyFlags $
        machineRole $
        operatingSystem $
        operatingSystemHotfix $
        operatingSystemServicePack $
        operatingSystemVersion $
        physicalLocationObject $
        rIDSetReferences $
        volumeCount ) )
 

objectclass ( 1.3.6.1.4.1.7114.2.2.12
    NAME 'group'
    SUP top
    STRUCTURAL
    MUST (groupType $ cn )
    MAY (
        adminCount $
        changetype $
        controlAccessRights $
        description $
        distinguishedName $
        instanceType $
        isCriticalSystemObject $
        member $
        name $
        groupType $
        showInAdvancedViewOnly $
        systemFlags $
        objectCategory $
        objectGUID $
        objectSid $
        sAMAccountName $
        sAMAccountType $
        uSNChanged $
        uSNCreated $
        whenChanged $
        whenCreated ) )

objectclass ( 1.3.6.1.4.1.7114.2.2.13
    NAME 'rIDManager'
    SUP top
    STRUCTURAL
    MUST (rIDAvailablePool )
    MAY (
        changetype $
        cn $
        fSMORoleOwner $
        instanceType $
        isCriticalSystemObject $
        distinguishedName $
        objectCategory $
        objectGUID $
        name $
        showInAdvancedViewOnly $
        systemFlags $
        uSNChanged $
        uSNCreated $
        whenChanged $
        whenCreated ) )
 

objectclass ( 1.3.6.1.4.1.7114.2.2.14
    NAME 'rIDSet'
    SUP top
    STRUCTURAL
    MUST (
        cn $
        rIDAllocationPool $
        rIDPreviousAllocationPool $
        rIDUsedPool $
        rIDNextRID )
    MAY (
        instanceType $
        distinguishedName $
        objectCategory $
        objectGUID $
        name $
        showInAdvancedViewOnly $
        uSNChanged $
        uSNCreated $
        whenChanged $
        whenCreated $
        changetype ) )