[Kolab-devel] New kolab LDAP schema
konold at erfrakon.de
konold at erfrakon.de
Wed Jul 21 17:50:39 CEST 2004
Hi,
the old Kolab LDAP schema was very difficult to integrate with other 3rd
party applications (e.g. Samba) whishing to share attributes and
objectclasses.
I therefore drafted a new Kolab LDAP Scheme which factored out everything
which belongs into RFC 2079, RFC 2256, RFC 1274, RFC 2798 and RFC 2459.
The result is now less then 1/3 of the original size.
Sofar I made no use of auxiliary or abstract classes.
Please have a look at the proposal and provide me with feedback and
proposals for improvement.
The current development tree still is based on the old schema and will be
ported to the new schema in the next weeks.
Regards,
-- martin
Dipl.-Phys. Martin Konold
e r f r a k o n
Erlewein, Frank, Konold & Partner - Beratende Ingenieure und Physiker
Nobelstrasse 15, 70569 Stuttgart, Germany
mobil: 0175 4148693
fax: 0175 13 4148693
email: martin.konold at erfrakon.de
-------------- next part --------------
# (c) 2004 Tassilo Erlewein <tassilo.erlewein at erfrakon.de>
# (c) 2004 Martin Konold <martin.konold at erfrakon.de>
# (c) 2003 Achim Frank <achim.frank at erfrakon.de>
#
#Redistribution and use in source and binary forms, with or without modification, are permitted provided #that the following conditions are met:
#
#Redistributions of source code must retain the above copyright notice, this list of conditions and the #following disclaimer.
#
#Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the #following disclaimer in the documentation and/or other materials provided with the distribution.
#
#The name of the author may not be used to endorse or promote products derived from this software without #specific prior written permission.
#
#
#THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT #NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE #DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, #EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR #SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF #LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN #ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
####################
# kolab attributes #
####################
attributetype ( 1.3.6.1.4.1.19414.2.1.1
NAME ( 'k' 'kolab' )
DESC 'Kolab attribute'
SUP name
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
)
attributetype ( 1.3.6.1.4.1.19414.2.1.2
NAME 'deleteflag'
DESC 'Per host deletion status'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
)
attributetype ( 1.3.6.1.4.1.19419.2.1.4
NAME 'encryptedPassword'
DESC 'base64 encoded public key encrypted Password'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
)
attributetype ( 1.3.6.1.4.1.19414.2.1.5
NAME 'fqdnhostname' 'fqhostname'
DESC 'Fully qualified Hostname including full domain component'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
)
attributetype ( 1.3.6.1.4.1.19414.2.1.6
NAME 'kolabhost'
DESC 'Multivalued -- list of hostnames in a Kolab setup'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
)
######################
# postfix attributes #
######################
attributetype ( 1.3.6.1.4.1.19414.2.1.501
NAME 'postfix-mydomain'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
)
attributetype ( 1.3.6.1.4.1.19414.2.1.502
NAME 'postfix-relaydomains'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
)
attributetype ( 1.3.6.1.4.1.19414.2.1.503
NAME 'postfix-mydestination'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
)
attributetype ( 1.3.6.1.4.1.19414.2.1.504
NAME 'postfix-mynetworks'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
)
attributetype ( 1.3.6.1.4.1.19414.2.1.505
NAME 'postfix-relayhost'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
)
attributetype ( 1.3.6.1.4.1.19414.2.1.506
NAME 'postfix-transport'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
)
attributetype ( 1.3.6.1.4.1.19414.2.1.507
NAME 'postfix-enable-virus-scan'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
)
##########################
# cyrus imapd attributes #
##########################
attributetype ( 1.3.6.1.4.1.19414.2.1.601
NAME 'cyrus-autocreatequota'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
)
attributetype ( 1.3.6.1.4.1.19414.2.1.602
NAME 'cyrus-admins'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
)
attributetype ( 1.3.6.1.4.1.19414.2.1.603
NAME 'cyrus-imap'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
EQUALITY booleanMatch
)
attributetype ( 1.3.6.1.4.1.19414.2.1.604
NAME 'cyrus-pop3'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
EQUALITY booleanMatch
)
attributetype ( 1.3.6.1.4.1.19414.2.1.605
NAME 'userquota'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
)
attributetype ( 1.3.6.1.4.1.19414.2.1.651
NAME 'acl'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
)
attributetype ( 1.3.6.1.4.1.19414.2.1.606
NAME 'cyrus-imaps'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
EQUALITY booleanMatch
)
attributetype ( 1.3.6.1.4.1.19414.2.1.607
NAME 'cyrus-pop3s'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
EQUALITY booleanMatch
)
attributetype ( 1.3.6.1.4.1.19414.2.1.608
NAME 'cyrus-sieve'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
EQUALITY booleanMatch
)
attributetype ( 1.3.6.1.4.1.19414.2.1.609
NAME 'cyrus-quotawarn'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
)
#############################
# apache and php attributes #
#############################
attributetype ( 1.3.6.1.4.1.19414.2.1.701
NAME 'apache-http'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
EQUALITY booleanMatch
)
######################
# proftpd attributes #
######################
attributetype ( 1.3.6.1.4.1.19414.2.1.901
NAME 'proftpd-defaultquota'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
)
attributetype ( 1.3.6.1.4.1.19414.2.1.902
NAME 'proftpd-ftp'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
EQUALITY booleanMatch
)
attributetype ( 1.3.6.1.4.1.19414.2.1.903
NAME 'proftpd-userPassword'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
)
attributetype ( 1.3.6.1.4.1.19419.1.1.1.1
NAME 'kolabHomeServer'
DESC 'server which keeps the users mailbox'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
)
attributetype ( 1.3.6.1.4.1.19419.1.1.1.2
NAME 'unrestrictedMailSize'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
EQUALITY booleanMatch
)
attributetype ( 1.3.6.1.4.1.19419.1.1.1.3
NAME 'kolabDelegate'
DESC 'Kolab user allowed to act as delegates - RFC822 Mailbox/Alias'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
)
########################
# kolab object classes #
########################
objectclass ( 1.3.6.1.4.1.19414.2.2.1 NAME 'kolab'
DESC 'Kolab server configuration'
SUP top STRUCTURAL
MUST k
MAY ( kolabhost $
postfix-mydomain $
postfix-relaydomains $
postfix-mydestination $
postfix-mynetworks $
postfix-relayhost $
postfix-transport $
postfix-enable-virus-scan $
cyrus-autocreatequota $
cyrus-quotawarn $
cyrus-autocreatequota $
cyrus-admins $
cyrus-imap $
cyrus-pop3 $
cyrus-imaps $
cyrus-pop3s $
cyrus-sieve $
apache-http $
proftpd-ftp $
proftpd-defaultquota $
uid $
userPassword )
)
objectclass ( 1.3.6.1.4.1.19414.2.2.9 NAME 'kolabSharedfolder'
DESC 'Kolab shared folder'
SUP top STRUCTURAL
MUST cn
MAY ( acl $
userquota $
homeServer $
deleteflag )
)
objectclass ( 1.3.6.1.4.1.5322.13.1.1 NAME 'kolabNamedObject'
SUP top STRUCTURAL
MAY cn
)
objectclass ( 1.3.6.1.4.1.19414.3.2.2
NAME 'kolabInetOrgPerson'
DESC 'Kolab Internet Organizational Person'
SUP inetOrgPerson STRUCTURAL
MAY ( kolabHomeServer $
unrestrictedMailSize $
kolabDelegate $
encryptedPassword $
kolabDeleteflag $
alias )
)
objectclass ( 1.3.6.1.4.1.19414.3.2.3 NAME 'kolabOrganization'
DESC 'RFC2256: a Kolab organization'
SUP organization STRUCTURAL
MAY ( c $
mail $
kolabDeleteflag $
alias )
)
objectclass ( 1.3.6.1.4.1.19414.3.2.4 NAME 'kolabOrganizationalUnit'
DESC 'a Kolab organizational unit'
SUP organizationalUnit STRUCTURAL
MAY ( c $
mail $
kolabDeleteflag $
alias )
)
More information about the devel
mailing list