This schema is released with a standard OpenLDAP distribution.
# dyngroup.schema -- Dynamic Group schema # $OpenLDAP: pkg/ldap/servers/slapd/schema/dyngroup.schema,v 1.6.2.4 2008/02/12 05:17:43 quanah Exp $ ## This work is part of OpenLDAP Software <http://www.openldap.org/>. ## ## Copyright 1998-2008 The OpenLDAP Foundation. ## All rights reserved. ## ## Redistribution and use in source and binary forms, with or without ## modification, are permitted only as authorized by the OpenLDAP ## Public License. ## ## A copy of this license is available in the file LICENSE in the ## top-level directory of the distribution or, alternatively, at ## <http://www.OpenLDAP.org/license.html>. # # Dynamic Group schema (experimental), as defined by Netscape. See # http://www.redhat.com/docs/manuals/ent-server/pdf/esadmin611.pdf # page 70 for details on how these groups were used. # # A description of the objectclass definition is available here: # http://www.redhat.com/docs/manuals/dir-server/schema/7.1/oc_dir.html#1303745 # # depends upon: # core.schema # # These definitions are considered experimental due to the lack of # a formal specification (e.g., RFC). # # NOT RECOMMENDED FOR PRODUCTION USE! USE WITH CAUTION! # # The Netscape documentation describes this as an auxiliary objectclass # but their implementations have always defined it as a structural class. # The sloppiness here is because Netscape-derived servers don't actually # implement the X.500 data model, and they don't honor the distinction # between structural and auxiliary classes. This fact is noted here: # http://forum.java.sun.com/thread.jspa?threadID=5016864&messageID=9034636 # # In accordance with other existing implementations, we define it as a # structural class. # # Our definition of memberURL also does not match theirs but again # their published definition and what works in practice do not agree. # In other words, the Netscape definitions are broken and interoperability # is not guaranteed. # # Also see the new DynGroup proposed spec at # http://tools.ietf.org/html/draft-haripriya-dynamicgroup-02 objectIdentifier NetscapeRoot 2.16.840.1.113730 objectIdentifier NetscapeLDAP NetscapeRoot:3 objectIdentifier NetscapeLDAPattributeType NetscapeLDAP:1 objectIdentifier NetscapeLDAPobjectClass NetscapeLDAP:2 objectIdentifier OpenLDAPExp11 1.3.6.1.4.1.4203.666.11 objectIdentifier DynGroupBase OpenLDAPExp11:8 objectIdentifier DynGroupAttr DynGroupBase:1 objectIdentifier DynGroupOC DynGroupBase:2 attributetype ( NetscapeLDAPattributeType:198 NAME 'memberURL' DESC 'Identifies an URL associated with each member of a group. Any type of labeled URL can be used.' SUP labeledURI ) attributetype ( DynGroupAttr:1 NAME 'dgIdentity' DESC 'Identity to use when processing the memberURL' SUP distinguishedName SINGLE-VALUE ) attributeType ( DynGroupAttr:2 NAME 'dgAuthz' DESC 'Optional authorization rules that determine who is allowed to assume the dgIdentity' EQUALITY authzMatch SYNTAX 1.3.6.1.4.1.4203.666.2.7 X-ORDERED 'VALUES' ) objectClass ( NetscapeLDAPobjectClass:33 NAME 'groupOfURLs' SUP top STRUCTURAL MUST cn MAY ( memberURL $ businessCategory $ description $ o $ ou $ owner $ seeAlso ) ) # The Haripriya dyngroup schema still needs a lot of work. # We're just adding support for the dgIdentity attribute for now... objectClass ( DynGroupOC:1 NAME 'dgIdentityAux' SUP top AUXILIARY MAY ( dgIdentity $ dgAuthz ) )
Problems, comments, suggestions, corrections (including broken links) or something to add? Please take the time from a busy life to 'mail us' (at top of screen), the webmaster (below) or info-support at zytrax. You will have a warm inner glow for the rest of the day.
Contents
tech info
guides home
intro
contents
1 objectives
big picture
2 concepts
3 ldap objects
quickstart
4 install ldap
5 samples
6 configuration
7 replica & refer
reference
8 ldif
9 protocol
10 ldap api
operations
11 howtos
12 trouble
13 performance
14 ldap tools
security
15 security
appendices
notes & info
ldap resources
rfc's & x.500
glossary
ldap objects
change log
This work is licensed under a
Creative Commons License.
If you are happy it's OK - but your browser is giving a less than optimal experience on our site. You could, at no charge, upgrade to a W3C STANDARDS COMPLIANT browser such as Firefox
Search
Share
Page
Resources
Systems
FreeBSD
NetBSD
OpenBSD
DragonFlyBSD
Linux.org
Debian Linux
Software
LibreOffice
OpenOffice
Mozilla
GitHub
GNU-Free SW Foundation
get-dns
Organizations
Open Source Initiative
Creative Commons
Misc.
Ibiblio - Library
Open Book Project
Open Directory
Wikipedia
Site
Copyright © 1994 - 2024 ZyTrax, Inc. All rights reserved. Legal and Privacy |
site by zytrax hosted by javapipe.com |
web-master at zytrax Page modified: January 20 2022. |