From e099a275335cd74020874c33fc4faed4dbee1316 Mon Sep 17 00:00:00 2001 From: Benjamin Renard Date: Wed, 21 Jul 2021 19:42:22 +0200 Subject: [PATCH] Add dynamic groups support (with cache members attributes) Add LSaddon dyngroup with feature to handle update static cache members attributes on users or dyngroup URI changes. The update process could also be runned using CLI update_dyngroups_members_cache command (allowing cron task configuration). LSexample also evoluate to add example of dynamic groups implementation. On this occasion, the restore_lsexample script was completely rewrited. --- doc/conf/LSattribute/check-data.docbook | 1 + .../LSattribute-check_data.entities.xml | 1 + .../check_data/ldapSearchURI.docbook | 92 +++ lsexample/lsexample.ldif | 713 ------------------ lsexample/restore_lsexample | 51 +- lsexample/schema/cn={10}ls.ldif | 40 - lsexample/schema/ls.ldif | 43 ++ lsexample/schema/lsexample.schema | 59 -- lsexample/schema/samba.ldif | 176 +++++ lsexample/slapd-config.ldif | 44 ++ lsexample/slapd/permissions-ls.conf | 94 --- lsexample/slapd/slapd.conf | 45 -- lsexample/slapd/slapd.d/cn=config.ldif | 16 - .../slapd/slapd.d/cn=config/cn=module{0}.ldif | 14 - .../slapd/slapd.d/cn=config/cn=schema.ldif | 615 --------------- .../cn=config/cn=schema/cn={0}core.ldif | 243 ------ .../cn=config/cn=schema/cn={1}cosine.ldif | 177 ----- .../cn=config/cn=schema/cn={2}nis.ldif | 106 --- .../cn=schema/cn={3}inetorgperson.ldif | 48 -- .../cn=config/cn=schema/cn={4}samba.ldif | 157 ---- .../cn=config/cn=schema/cn={5}lsexample.ldif | 39 - .../cn=config/olcDatabase={-1}frontend.ldif | 20 - .../cn=config/olcDatabase={0}config.ldif | 16 - .../slapd.d/cn=config/olcDatabase={1}hdb.ldif | 97 --- .../LSaddons/config.LSaddons.dyngroup.php | 56 ++ .../LSobjects/config.LSobjects.LSdyngroup.php | 362 +++++++++ .../LSobjects/config.LSobjects.LSpeople.php | 39 + src/conf/config.LSaddons.php | 1 + src/conf/config.inc.php | 1 + src/includes/addons/LSaddons.dyngroup.php | 359 +++++++++ src/includes/class/class.LScli.php | 15 +- .../class/class.LSformRule_ldapSearchURI.php | 179 +++++ src/lang/fr_FR.UTF8/LC_MESSAGES/ldapsaisie.mo | Bin 71434 -> 75125 bytes src/lang/fr_FR.UTF8/LC_MESSAGES/ldapsaisie.po | 214 +++++- src/lang/fr_FR.UTF8/lang.php | 96 ++- src/lang/ldapsaisie.pot | 187 ++++- 36 files changed, 1824 insertions(+), 2592 deletions(-) create mode 100644 doc/conf/LSattribute/check_data/ldapSearchURI.docbook delete mode 100644 lsexample/lsexample.ldif delete mode 100644 lsexample/schema/cn={10}ls.ldif create mode 100644 lsexample/schema/ls.ldif delete mode 100644 lsexample/schema/lsexample.schema create mode 100644 lsexample/schema/samba.ldif create mode 100644 lsexample/slapd-config.ldif delete mode 100644 lsexample/slapd/permissions-ls.conf delete mode 100644 lsexample/slapd/slapd.conf delete mode 100644 lsexample/slapd/slapd.d/cn=config.ldif delete mode 100644 lsexample/slapd/slapd.d/cn=config/cn=module{0}.ldif delete mode 100644 lsexample/slapd/slapd.d/cn=config/cn=schema.ldif delete mode 100644 lsexample/slapd/slapd.d/cn=config/cn=schema/cn={0}core.ldif delete mode 100644 lsexample/slapd/slapd.d/cn=config/cn=schema/cn={1}cosine.ldif delete mode 100644 lsexample/slapd/slapd.d/cn=config/cn=schema/cn={2}nis.ldif delete mode 100644 lsexample/slapd/slapd.d/cn=config/cn=schema/cn={3}inetorgperson.ldif delete mode 100644 lsexample/slapd/slapd.d/cn=config/cn=schema/cn={4}samba.ldif delete mode 100644 lsexample/slapd/slapd.d/cn=config/cn=schema/cn={5}lsexample.ldif delete mode 100644 lsexample/slapd/slapd.d/cn=config/olcDatabase={-1}frontend.ldif delete mode 100644 lsexample/slapd/slapd.d/cn=config/olcDatabase={0}config.ldif delete mode 100644 lsexample/slapd/slapd.d/cn=config/olcDatabase={1}hdb.ldif create mode 100644 src/conf/LSaddons/config.LSaddons.dyngroup.php create mode 100644 src/conf/LSobjects/config.LSobjects.LSdyngroup.php create mode 100644 src/includes/addons/LSaddons.dyngroup.php create mode 100644 src/includes/class/class.LSformRule_ldapSearchURI.php diff --git a/doc/conf/LSattribute/check-data.docbook b/doc/conf/LSattribute/check-data.docbook index be9842a3..f349acf3 100644 --- a/doc/conf/LSattribute/check-data.docbook +++ b/doc/conf/LSattribute/check-data.docbook @@ -54,6 +54,7 @@ règles. &conf-LSattribute-check-data-imagesize; &conf-LSattribute-check-data-inarray; &conf-LSattribute-check-data-integer; +&conf-LSattribute-check-data-ldapSearchURI; &conf-LSattribute-check-data-lettersonly; &conf-LSattribute-check-data-maxlength; &conf-LSattribute-check-data-minlength; diff --git a/doc/conf/LSattribute/check_data/LSattribute-check_data.entities.xml b/doc/conf/LSattribute/check_data/LSattribute-check_data.entities.xml index afae6232..17ebbb7c 100644 --- a/doc/conf/LSattribute/check_data/LSattribute-check_data.entities.xml +++ b/doc/conf/LSattribute/check_data/LSattribute-check_data.entities.xml @@ -9,6 +9,7 @@ + diff --git a/doc/conf/LSattribute/check_data/ldapSearchURI.docbook b/doc/conf/LSattribute/check_data/ldapSearchURI.docbook new file mode 100644 index 00000000..10370c4a --- /dev/null +++ b/doc/conf/LSattribute/check_data/ldapSearchURI.docbook @@ -0,0 +1,92 @@ + + ldapSearchURI + Cette règle vérifie que la valeur est une URI de recherche LDAP valide, c'est + à dire, par exemple, + ldaps://ldap.example.com:636/o=example?attr1,attr2?one?(gidNumber=100) + + Cette vérification commence par découper la valeur à l'aide du sépérateur + ? et elle s'assure ensuite : + + + Que la première partie est bien une URI LDAP valide. Si l'hôte + LDAP est spécifié, elle s'assure qu'il soit une adresse IP ou un nom de domaine valide. + Si le port LDAP est spécifié, elle s'assure également qu'il soit correct et que l'hôte + est également bien spécifié. + + Si la base de recherche est spécifiée, elle s'assure qu'elle soit + compatible avec la racine de l'annuaire connecté. + + Si un ou plusieurs attributs sont spécifiés, elle les vérifie un à un + afin de vérifier qu'il s'agit de nom d'attribut valide. + + Que le scope de recherche soit bien spécifié et valide. + + + Si le filtre de recherche est spécifié, elle vérifie qu'il soit valide. + + + + + + + Paramêtres de configuration + + + check_resolving_ldap_host + + Si l'hôte du serveur LDAP est spécifié et qu'il s'agit d'un nom de domaine valide, + un tentative de résolution DNS sera également faite (optionnel, par défaut : + Vrai). + + + + + host_required + + Booléen détermintant si une erreur est relevée en cas d'absence de l'hôte + LDAP. (optionnel, par défaut : Faux) + + + + + basedn_required + + Booléen détermintant si une erreur est relevée en cas d'absence de base de + recherche. (optionnel, par défaut : Faux) + + + + + scope_required + + Booléen détermintant si une erreur est relevée en cas d'absence de portée de + recherche. (optionnel, par défaut : Vrai) + + + + + attr_required + + Booléen détermintant si une erreur est relevée en cas d'absence d'attribut + recherché. (optionnel, par défaut : Faux) + + + + + max_attrs_count + + Nombre maximum d'attribut recherchés. (optionnel, par défaut : pas de limite) + + + + + + filter_required + + Booléen détermintant si une erreur est relevée en cas d'absence de filtre de + recherche. (optionnel, par défaut : Faux) + + + + + diff --git a/lsexample/lsexample.ldif b/lsexample/lsexample.ldif deleted file mode 100644 index c8a0be34..00000000 --- a/lsexample/lsexample.ldif +++ /dev/null @@ -1,713 +0,0 @@ -dn: o=ls -objectClass: top -objectClass: organization -o: ls -structuralObjectClass: organization - -dn: sambaDomainName=LS,o=ls -objectClass: sambaDomain -objectClass: sambaUnixIdPool -objectClass: sambaSidEntry -objectClass: top -structuralObjectClass: sambaSidEntry -sambaDomainName: LS -sambaSID: S-1-5-21-4207250186-2406131440-3849861866 -uidNumber: 800000 -gidNumber: 800002 - -dn: ou=sysaccounts,o=ls -objectClass: top -objectClass: organizationalUnit -ou: sysaccounts -structuralObjectClass: organizationalUnit - -dn: uid=mail,ou=sysaccounts,o=ls -objectClass: top -objectClass: lssysaccount -uid: mail -userPassword: toto -pwdPolicySubentry: cn=sysaccounts,ou=ppolicies,o=ls -structuralObjectClass: lssysaccount - -dn: uid=samba,ou=sysaccounts,o=ls -objectClass: top -objectClass: lssysaccount -uid: samba -userPassword: toto -pwdPolicySubentry: cn=sysaccounts,ou=ppolicies,o=ls -structuralObjectClass: lssysaccount - -dn: uid=ldapsaisie,ou=sysaccounts,o=ls -objectClass: top -objectClass: lssysaccount -uid: ldapsaisie -userPassword: toto -pwdPolicySubentry: cn=sysaccounts,ou=ppolicies,o=ls -structuralObjectClass: lssysaccount - -dn: ou=groups,o=ls -objectClass: top -objectClass: organizationalUnit -ou: groups -structuralObjectClass: organizationalUnit - -dn: cn=adminldap,ou=groups,o=ls -objectClass: top -objectClass: lsgroup -objectClass: posixGroup -objectClass: sambaGroupMapping -cn: adminldap -gidNumber: 70000 -sambaSID: S-1-5-21-2421470416-3566881284-3047381809-70000 -sambaGroupType: 2 -structuralObjectClass: posixGroup -uniqueMember: uid=admin,ou=people,o=ls - -dn: cn=invite,ou=groups,o=ls -objectClass: top -objectClass: lsgroup -objectClass: posixGroup -objectClass: sambaGroupMapping -cn: invite -gidNumber: 101009 -sambaSID: S-1-5-21-2421470416-3566881284-3047381809-203019 -sambaGroupType: 2 -structuralObjectClass: posixGroup - -dn: cn=ls,ou=groups,o=ls -objectClass: top -objectClass: lsgroup -objectClass: posixGroup -objectClass: sambaGroupMapping -cn: ls -gidNumber: 102001 -sambaSID: S-1-5-21-2421470416-3566881284-3047381809-205003 -sambaGroupType: 2 -structuralObjectClass: posixGroup -uniqueMember: uid=invite,ou=people,o=ls - -dn: cn=informatique,ou=groups,o=ls -objectClass: top -objectClass: lsgroup -objectClass: posixGroup -objectClass: sambaGroupMapping -gidNumber: 102009 -sambaSID: S-1-5-21-2421470416-3566881284-3047381809-205019 -sambaGroupType: 2 -cn: informatique -structuralObjectClass: posixGroup -uniqueMember: uid=eeggs,ou=people,o=ls -uniqueMember: uid=admin,ou=people,o=ls - -dn: cn=direction,ou=groups,o=ls -objectClass: top -objectClass: lsgroup -objectClass: posixGroup -objectClass: sambaGroupMapping -cn: direction -gidNumber: 102007 -sambaSID: S-1-5-21-2421470416-3566881284-3047381809-205015 -sambaGroupType: 2 -structuralObjectClass: posixGroup -uniqueMember: uid=hmartin,ou=people,o=ls -uniqueMember: uid=eeggs,ou=people,o=ls - -dn: cn=administratif,ou=groups,o=ls -objectClass: top -objectClass: lsgroup -objectClass: posixGroup -objectClass: sambaGroupMapping -cn: administratif -gidNumber: 102005 -sambaSID: S-1-5-21-2421470416-3566881284-3047381809-205011 -sambaGroupType: 2 -structuralObjectClass: posixGroup - -dn: cn=communication,ou=groups,o=ls -objectClass: top -objectClass: lsgroup -objectClass: posixGroup -objectClass: sambaGroupMapping -cn: communication -gidNumber: 102003 -sambaSID: S-1-5-21-2421470416-3566881284-3047381809-205007 -sambaGroupType: 2 -structuralObjectClass: posixGroup - -dn: ou=people,o=ls -objectClass: top -objectClass: organizationalUnit -ou: people -structuralObjectClass: organizationalUnit - -dn: uid=hmartin,ou=people,o=ls -objectClass: top -objectClass: lspeople -objectClass: posixAccount -objectClass: shadowAccount -objectClass: sambaSamAccount -uid: hmartin -homeDirectory: /home/com -loginShell: /bin/false -uidNumber: 101022 -sambaAcctFlags: [U ] -sambaSID: S-1-5-21-2421470416-3566881284-3047381809-203044 -givenName: Henri -sn: MARTIN -gidNumber: 102001 -lsAllowedServices: MAIL -lsAllowedServices: SAMBA -lsAllowedServices: FTP -cn: Henri MARTIN -sambaPrimaryGroupSID: S-1-5-21-2421470416-3566881284-3047381809-205003 -personalTitle: M. -lsGodfatherDn: uid=eeggs,ou=people,o=ls -userPassword: toto -sambaLMPassword: 0182BD0BD4444BF836077A718CCDF409 -sambaNTPassword: 259745CB123A52AA2E693AAACCA2DB52 -structuralObjectClass: lspeople -mail: henri.martin@ls.com - -dn: uid=s.ldapsaisie,ou=people,o=ls -objectClass: top -objectClass: lspeople -objectClass: posixAccount -objectClass: shadowAccount -objectClass: sambaSamAccount -loginShell: /bin/false -uidNumber: 101036 -userPassword: toto -sambaAcctFlags: [U ] -sambaSID: S-1-5-21-2421470416-3566881284-3047381809-203072 -sambaNTPassword: 8DB716B655D71DF6BD056A41B22B9EA9 -sambaLMPassword: 6CE56DC112C920EF0F5E44C88BF9DC39 -givenName: Secretariat -mail: secretariat@ldapsaisie.biz -lsAllowedServices: MAIL -lsAllowedServices: SAMBA -lsAllowedServices: FTP -sambaPrimaryGroupSID: S-1-5-21-2421470416-3566881284-3047381809-513 -structuralObjectClass: lspeople -personalTitle: M. -sn: LdapSaisie -cn: Secretariat LdapSaisie -gidNumber: 70000 -uid: s.ldapsaisie -homeDirectory: /home/s.ldapsaisie - -dn: uid=ls,ou=people,o=ls -objectClass: top -objectClass: lspeople -objectClass: posixAccount -objectClass: shadowAccount -objectClass: sambaSamAccount -uid: ls -homeDirectory: /home/ls -loginShell: /bin/false -uidNumber: 101068 -userPassword: toto -sambaAcctFlags: [U ] -sambaLMPassword: 6E72264E11F708C0AAD3B435B51404EE -sambaNTPassword: 8D9B9B87EE8C0423691F4F0E00C5BDE1 -sambaSID: S-1-5-21-2421470416-3566881284-3047381809-203136 -gidNumber: 102001 -lsAllowedServices: MAIL -lsAllowedServices: SAMBA -lsAllowedServices: FTP -sambaPrimaryGroupSID: S-1-5-21-2421470416-3566881284-3047381809-205003 -structuralObjectClass: lspeople -personalTitle: M. -givenName: Ldap -sn: Saisie -cn: LdapSaisie -mail: ldap.saisie@ls.com -description: toto - -dn: uid=erwpa,ou=people,o=ls -uid: erwpa -objectClass: top -objectClass: lspeople -objectClass: posixAccount -objectClass: shadowAccount -objectClass: sambaSamAccount -uidNumber: 101082 -sambaAcctFlags: [U ] -homeDirectory: /home/erwpa -loginShell: /bin/false -sambaSID: S-1-5-21-2421470416-3566881284-3047381809-203164 -sn: PAGEARD -gidNumber: 102009 -mail: erwan.page@ldapsaisie.biz -lsAllowedServices: MAIL -lsAllowedServices: SAMBA -lsAllowedServices: FTP -cn: Erwan PAGE -sambaPrimaryGroupSID: S-1-5-21-2421470416-3566881284-3047381809-205019 -personalTitle: M. -givenName: Erwan -lsGodfatherDn: uid=eeggs,ou=people,o=ls -userPassword: toto -sambaLMPassword: B3298C30FB103112C187B8085FE1D9DF -sambaNTPassword: 59D2D06177D147726BBA6AECBCB080BC -structuralObjectClass: lspeople - -dn: uid=eeggs2,ou=people,o=ls -objectClass: top -objectClass: lspeople -objectClass: posixAccount -objectClass: shadowAccount -uid: eeggs2 -uidNumber: 1000000 -gidNumber: 102009 -facsimileTelephoneNumber: 030000000 -lsAllowedServices: MAIL -lsAllowedServices: FTP -description: Utilisateur test Easter-eggs 2 -cn: Easter Eggs 2 -personalTitle: M. -homeDirectory: /home/eeggs -loginShell: /bin/false -sn: Eggs -givenName: Easter -mail: bn8@zionetrix.net -userPassword: toto -structuralObjectClass: lspeople - -dn: uid=eeggs3,ou=people,o=ls -objectClass: top -objectClass: lspeople -objectClass: posixAccount -objectClass: shadowAccount -uid: eeggs3 -uidNumber: 10000000 -gidNumber: 102009 -facsimileTelephoneNumber: 030000000 -lsAllowedServices: MAIL -lsAllowedServices: FTP -description: Utilisateur test Easter-eggs 2 -cn: Easter Eggs 2 -personalTitle: M. -homeDirectory: /home/eeggs -loginShell: /bin/false -sn: Eggs -givenName: Easter -mail: bn8@zionetrix.net -userPassword: toto -structuralObjectClass: lspeople - -dn: ou=companies,o=ls -objectClass: organizationalUnit -objectClass: top -ou: companies -structuralObjectClass: organizationalUnit - -dn: ou=company2,ou=companies,o=ls -objectClass: top -objectClass: lscompany -ou: company2 -description:: dGVzdCAyIA== -structuralObjectClass: lscompany - -dn: ou=people,ou=company2,ou=companies,o=ls -objectClass: top -objectClass: organizationalUnit -ou: people -structuralObjectClass: organizationalUnit - -dn: ou=groups,ou=company2,ou=companies,o=ls -objectClass: top -objectClass: organizationalUnit -ou: groups -structuralObjectClass: organizationalUnit - -dn: ou=company1,ou=companies,o=ls -objectClass: top -objectClass: lscompany -ou: company1 -description: Test company 1 -structuralObjectClass: lscompany - -dn: ou=people,ou=company1,ou=companies,o=ls -objectClass: top -objectClass: organizationalUnit -ou: people -structuralObjectClass: organizationalUnit - -dn: ou=groups,ou=company1,ou=companies,o=ls -objectClass: top -objectClass: organizationalUnit -ou: groups -structuralObjectClass: organizationalUnit - -dn: ou=company3,ou=companies,o=ls -objectClass: top -objectClass: lscompany -ou: company3 -description: test 3 -structuralObjectClass: lscompany - -dn: ou=people,ou=company3,ou=companies,o=ls -objectClass: top -objectClass: organizationalUnit -ou: people -structuralObjectClass: organizationalUnit - -dn: ou=groups,ou=company3,ou=companies,o=ls -objectClass: top -objectClass: organizationalUnit -ou: groups -structuralObjectClass: organizationalUnit - -dn: cn=test,ou=groups,ou=company2,ou=companies,o=ls -objectClass: lsgroup -objectClass: posixGroup -cn: test -gidNumber: 102010 -structuralObjectClass: posixGroup - -dn: cn=group1,ou=groups,ou=company1,ou=companies,o=ls -objectClass: lsgroup -objectClass: posixGroup -cn: group1 -gidNumber: 102011 -uniqueMember: uid=user1,ou=people,ou=company1,ou=companies,o=ls -structuralObjectClass: posixGroup - -dn: uid=user1,ou=people,ou=company1,ou=companies,o=ls -objectClass: top -objectClass: lspeople -objectClass: posixAccount -objectClass: shadowAccount -objectClass: sambaSamAccount -givenName: prenom1 -loginShell: /bin/false -personalTitle: M. -uid: user1 -uidNumber: 10000001 -sn: nom1 -cn: prenom1 nom1 -gidNumber: 101009 -sambaSID: S-1-5-21-2421470416-3566881284-3047381809-20001002 -homeDirectory: /home/user1 -mail: user1@ls.com -description: user1 -userPassword: toto -sambaLMPassword: FC26CDB2863917C1AAD3B435B51404EE -sambaNTPassword: 00B2C85DDFBD8CC81602D6FC7340EB0B -structuralObjectClass: lspeople - -dn: uid=user2,ou=people,ou=company1,ou=companies,o=ls -objectClass: top -objectClass: lspeople -objectClass: posixAccount -objectClass: shadowAccount -objectClass: sambaSamAccount -givenName: prenom2 -loginShell: /bin/false -personalTitle: M. -uid: user2 -uidNumber: 10000002 -sn: nom2 -cn: prenom2 nom2 -gidNumber: 102001 -sambaSID: S-1-5-21-2421470416-3566881284-3047381809-20001004 -homeDirectory: /home/user2 -mail: user2@ls.com -userPassword: toto -sambaLMPassword: C53D7C8685D27214AAD3B435B51404EE -sambaNTPassword: C549EE84021E5E8372E10CEDEAFD02A8 -structuralObjectClass: lspeople - -dn: ou=company4,ou=companies,o=ls -objectClass: top -objectClass: lscompany -ou: company4 -description: test -structuralObjectClass: lscompany - -dn: ou=people,ou=company4,ou=companies,o=ls -objectClass: top -objectClass: organizationalUnit -ou: people -structuralObjectClass: organizationalUnit - -dn: ou=groups,ou=company4,ou=companies,o=ls -objectClass: top -objectClass: organizationalUnit -ou: groups -structuralObjectClass: organizationalUnit - -dn: cn=testpasdn,ou=groups,o=ls -objectClass: lsgroup -objectClass: posixGroup -cn: testpasdn -gidNumber: 102012 -structuralObjectClass: posixGroup -uniqueMember: uid=erwpa,ou=people,o=ls -uniqueMember: uid=eeggs,ou=people,o=ls -uniqueMember: uid=ls,ou=people,o=ls - -dn: uid=eeggs,ou=people,o=ls -objectClass: top -objectClass: lspeople -objectClass: posixAccount -objectClass: shadowAccount -objectClass: sambaSamAccount -loginShell: /bin/bash -personalTitle: M. -uidNumber: 10000008 -sn: Eggs -gidNumber: 102009 -sambaSID: S-1-5-21-2421470416-3566881284-3047381809-20001016 -userPassword: toto -sambaLMPassword: A466CD4F80A06085E68AA26A841A86FA -sambaNTPassword: 1F2029FF8619E2FEE2189C5A9653BDD5 -structuralObjectClass: lspeople -uid: eeggs -givenName: Easter -cn: Easter Eggs -homeDirectory: /home/eeggs -mail: easter.eggs@ls.com - -dn: cn=secretariat,ou=groups,o=ls -objectClass: lsgroup -objectClass: posixGroup -cn: secretariat -gidNumber: 102013 -uniqueMember: uid=hmartin,ou=people,o=ls -structuralObjectClass: posixGroup - -dn: uid=invite,ou=people,o=ls -objectClass: top -objectClass: lspeople -objectClass: posixAccount -objectClass: shadowAccount -objectClass: sambaSamAccount -givenName: Utilisateur -loginShell: /bin/false -personalTitle: M. -uid: invite -uidNumber: 10000012 -sn: de passage -cn: Utilisateur de passage -gidNumber: 101009 -sambaSID: S-1-5-21-2421470416-3566881284-3047381809-20001024 -homeDirectory: /home/invite -mail: invite@ldapsaisie.biz -userPassword: toto -sambaLMPassword: 0182BD0BD4444BF836077A718CCDF409 -sambaNTPassword: 259745CB123A52AA2E693AAACCA2DB52 -structuralObjectClass: lspeople - -dn: uid=demo,ou=people,o=ls -objectClass: top -objectClass: lspeople -objectClass: posixAccount -objectClass: shadowAccount -objectClass: sambaSamAccount -givenName: Demonstration -loginShell: /bin/false -personalTitle: M. -uid: demo -uidNumber: 10000014 -sn: LdapSaisie -cn: Demonstration LdapSaisie -gidNumber: 70000 -sambaSID: S-1-5-21-2421470416-3566881284-3047381809-20001028 -homeDirectory: /home/demo -mail: demo@ls.com -description:: VXRpbGlzYXRldXIgZGUgZMOpbW9uc3RyYXRpb24= -userPassword: demo -sambaLMPassword: 193DB29CB51FD313AAD3B435B51404EE -sambaNTPassword: 527C9C819B286EFB8EC4EBB5B5AE71CF -structuralObjectClass: lspeople - -dn: uid=admin,ou=people,o=ls -objectClass: top -objectClass: lspeople -objectClass: posixAccount -objectClass: shadowAccount -objectClass: sambaSamAccount -givenName: Administration -loginShell: /bin/false -personalTitle: M. -uid: admin -uidNumber: 10000015 -sn: LdapSaisie -cn: Administration LdapSaisie -gidNumber: 70000 -sambaSID: S-1-5-21-2421470416-3566881284-3047381809-20001030 -homeDirectory: /home/admin -userPassword: admin -sambaLMPassword: F0D412BD764FFE81AAD3B435B51404EE -sambaNTPassword: 209C6174DA490CAEB422F3FA5A7AE634 -structuralObjectClass: lspeople -description:: VXRpbGlzYXRldXIgZGUgZMOpbW9uc3RyYXRpb24gOiBBZG1pbmlzdHJhdGV1cg== -jpegPhoto:: iVBORw0KGgoAAAANSUhEUgAAAOkAAAAyCAYAAAC5zvwPAAAABHNCSVQICAgIfAhkiA - AAAAlwSFlzAAAevgAAHr4BkbqOfgAAABl0RVh0U29mdHdhcmUAd3d3Lmlua3NjYXBlLm9yZ5vuPBo - AABdiSURBVHic7Z15nBTVtce/p2YBZACRYBTBDdwRoqio8SkGmRmQxJgo6sP4YjafRg3ODBqNUXFJ - EIYBNfm45OWjvqhPQ4wmGpgeQFHEqHFBg8aoKCAQWUREFGbpOu+PWz1dVV3VXT1dM4Omf5/P/XTX7 - btVV517zz3bFVXliwwRORhodGXdoKq/7a7xdAfkgpfK6Ld+AK3l/Sm1d7C1Zb3eOfGz7h5XEKSuaT - yqt7dn2NZknT1uaZf1X9N4NiLT2zMsmagzK5d3Vf9BKI2zMRG5CDjRlTVHVZ+Ls48O4GhgH9f1e90 - 1kK6EXJY4EovzEU6gguEkS0qxkmADFWVIbWIbsB5YDvoEaj/J7AnLVenuWbs37udlJXt2ae+WVKCu - /pUeXdp/AGIlUuB84CjX9U0xt98RjPJdv9Ito+giSM3jeyHld2ExASALyVU4aSjIaUgJ1CQ2ylTO1 - 5lVf+ma0RYRBbERqYiUAoe7snYA/4ir/QJwpOv7e6r6UbeNpJMhUxtHIGWLQL/UwSYGorJXrIMqom - DEuZIeCh7W4O+q2hZj+3lDRCzgCFfWy901ls6G1CR2Q2QB4CNQXYpav0F4m6S1hl7Nn7CjdD8sHQo - MQzgOlfHEz1V1DML7KA+1X1vW+q7tX95FNd2/sLlL+w9AnA/mSN/1zkAQB2BYuhR2hjF1DkSvA9nd - lbMNtSdqw/inAkp/hOu/kKlNu6NMxtbvIp090OzQmZXPA2d3Y/9PAE90V/9BiJNIj/Bd7wx7v51x4 - ogdMm1xKchkb6ZM0lmBBJoBnVm5AZgNzJZpi7tWUFNETlgxtrUzEoRfaLQzjCl+fNz6FWA3V85Kra - +c35Gm9NoxO+IZVBFxIZaVVEQE+Iorqw34exxtB/S1K3A6MBHYH+gHrAT+Btyhqm4Vi3viWKuqGyK - 0LxgJ9Vin/cHAXkAfYDVGhfMWcLeqfpDHuA8GjnVlPaqqW5zfBgPnACc5/fUGlgPLgL+o6otZG7d0 - sEeKK7wQdVwdhdTM7YX0Gwt6AjDESYOBJLAZ5Z9YPI3NH7WhKvK+Turm7YNaJ7dn2JLQ2VX/yllva - tNwbJ2Esi/Cvs54tgMbnfQ+ymLa7Cf11vFbQ9u5fMEBJJNfbc9oLntMfzX2w8jjv2L+YJIlE0DHor - I36B4IzSjrgRdB59FQ/UQ+qi6Jw5hBRA4E/unK+ruqjii4YW8f5cBlwFVA35BiNsZY4TqH2D7CEDH - AY6r6jSztHwVMASqBgRGGtB24E7g+isRYRBqc8YNRjPQFSoB64HuEczVtwM+BmzXkYUld47dQeTid - oY9pfXXovRYCmZo4FVsuAk4G7RWhyjZE5tCnfJpeOyanIFHqms5AdW46R0/RWdWLQssbffA04FSIt - KNuQ/m1NlRNCe4/8QOU36Qz5Citr3wp57gvS+yJxfUYNWRJjuIvIHqx1lf/LcJ4Y2N3/axurPtREd - kNWARMJ5xAwdzPtSIyh/Qqm0IuVvdHwGSiEShALwxR/y5iefd/9A4wCLNa/oDsz6EU+CW4Xhw/2nj - dc63WkXLp/M5RwttMAp0QkUABKlC9mq3NTXHvd2VK40FYPInhqqKKvEqxdP9Yx1HXNAqLVzDPMheB - AhyDytNSm/h2lPY7i0hj2/uJSAXwFHCCK3sVZnU5DsOKfhW4HEixMZc6KZ8xpdj1HcAjwHWYWXGs8 - 9t44MeA34LqVBHx9+W/B8ErWNsMLMSwhy3AA8A3gOEYi61LgHd9zXxPRPzCOYN1n7wDNKczdC/KrN - kybVqcMgc/kiDzEK5H9Qco47CtI7CYiPk//KvfyWxtboirc5na1JsSeRTvpP03p++vYcnhiH0YalW - Z8el0UP9/Wvg4ahMjUV0MfNmV/QFwE+h3sORYRCpBpgLPusr0BB6U2qbjc/YRE7u7ADjFlXWSqj5d - cMOm7YeASa6su4Apqro9oOxQYAGwX0BTQ1R1TUgfFvAn4I/AH1X14xxjOhf4X9Kz9zJVDSYgU34Y8 - HbAT28CZ6vqqwF1+gIPAdWu7ISqVvvLAkht4l7gPF/26yi/wGpt0vqJm0JvKA9IXdMNqLZQat+tN4 - 8P/D/by9YkTkF4ADd3YpccqrNPCTVyicruOja+89LFdLY2VNdkHY8gXJY4AfRAbagOtN/Oh92VHy+ - uoGfzS8CB6XFwC232NUH7Xpk2zeKTY+tQbgTKnOxVtNoH6a3jm/3lU4hLBeNeSRUj8CgYInIJXgK9 - XVUvCiuvqitE5HJgru+nDWEE6tSzga9HHZeq3iciJwI/dLIOFZFyVW0JqeLnNMAIn05Q1UChhKpuF - ZELnXKpB1opIj1UNfOBlrdNoaW0EtjDlXsYwv1omUpt03LQZ1B9CewXtGFChwR7Wl/588hlG6oWSl - 3TZFQbSXFtVtuFZHI5+cPWo10M7g4+HXhFzvEoClVLgCUF9w/Qs+UnuAlUuENnBe91AfTaa21ghtQ - m+gI/c7L3oUzOAe4Jq1cwOyQi++AV/69Q1VDpWR7t9gducGUtw7CBWaGqfyCTVewM1YtbB1mO+2Fl - wr/K7gBODSPQFFR1JfCwK0vwOguky/7y1I8QPRMj6fZDQA8HLkTkf5CS16Q2sVpqE7dJTeIUueCls - oA6sUDrKxcg6rIFlrGxNGxxmOtqpd45qjWWdiPC7PnV9T7qu4jURaq8rfUXwPuu1r6frXgcexb/Cx - gXQdTgFfxMUdVkxLp+dqoziPRT37Wdpax/Ja1X1Xci9uN3kwokUgCtr36Gba2HITITIxXOhiHAxQg - LqNj4ptTMPynieDoAcQsSD5YfL64ILRoVipszGio1j3etzXG5jMGzD5V7dGal/50IhOMm6J58R8sF - j+8SVj4Odjd2ya4jLPqJK2upqkaynnGw0nedN5GKyECMYKcfRjjhn9BO911n05m6/6PtGLVLVKzyX - e+ZrbDzAlwuFy+6mZ7JamAiqlVA//Basj8iT0pt021sG1CX76okV/y5D21lw7CkH0mrD5ZPwmnTz8 - WaWvRo3gMj4e44lOWuNsuQ8vlSm/iJzqp6sqB2I/dvneRxMVI7XxnMG67vZexSOhL4a1DBnZJIMUK - oPq7rO/Ks7xfH5yRSEemJkbCegzE62CN7DQ8+UNVAhb2IDMFr9D43l2DKB/8+N5IXj6OAvx+4XybN - LWFIxQhUjkRkNMgEUP/KI6CX0nvjRuDGXO07xgPfB06DHvsCgg2IZrrH+Z+GpVkmjKjY+iD0vQoYZ - q71cOAJqU28BZoAFtJctjQfQ4T8oL733jpEahuDBJbBEOsA3EJbsUI9l+Ig0s5gdye4vtvAY3nWH+ - D6vsVnhZQBETkLs7oNzrOfFDKksy74J7FH82z7y77rvL1C9PdnJjGT5yvAb42Uc8EoSF6ByBmewiJ - Xy2ULHw6TwMoFL5VRsakBuIgOb5esqDrWUGjDmdulrvF8VP6EVyZyIMiBwCX0aFOpTbwM8hjC41GM - EvKAd6IRbo+uqgX8WhUJn7gKIlIR+TJGKZ/CWlXdWEibDsa5vi/Pc+UB4zaXQuikISIlwK+A/w74+ - U1gDWmzsi2k14i+pK2HsvZBJpE+G1gqHIf4rtflWT8DRso57kXgTKlr+iaqD5MmuB5YbT8DzvXXE0 - Go2fR74Ju+n1qAFzATyEeIfITarvAsMhyIpLjP6z7qq5+RKYsOpTQ5B9UzyHyfBRgFOgrlOqlNLME - uuSCbCigyhH6xxrDQcCOIQlfS2I0YHMX/EFfW62FlQ+rvijEKiDKmGXgJ9H0M0T6sqiuy9DGB6ETq - 5jTWq2q+K+F/uL6/l02V1BFofeWjUtN4CyKu+7GCTTprGieDuAl0HaJ1lJbO0+mnhE6kUtv0PdDYi - RRA54xdD5wjly2+EGmegDAR+BqZHAjAf2All0lt47k6q9qvpsuzY9yOCDuAKwtqz7KfD/upUCLtDP - e0AXhNq/JVwvttOAMJSES+gjHrS+FN4BRVXRuhj7N811FX0rzuxVFvuVUNiXzqR4Zl3Y+qi0j1IJk - 0t8Rhk13ZcrHrn92CUqmzqqNMosNiGmkodPaYLRjLrQcApCZxGKJjUalGqCb9TpSD3Ck1jz+rDROj - POswuJ9lT0qSD+qMCZEdLvJBoSqYzjAH9NvORrGFdMOvcwobk99m9ptRCNQRMLlXky2qweZmIrI7x - mwxhXzdwL6Ld8LpnNhD9sdv+HLKGdTfI1iSyxbvinCMK2ueNlRF5HI0mw65U6ANVa/rrOpbtaFqAp - aMQDwGNv2xyoO2OHlAVnouk6VHBZcrHHETaRwrqX+1CdUL+iEio4ExrqxtBJvjgXffu1ZV/xlSzo+ - z8dqLZrtn//8zJLBUABw11AWurDeAeSHFC8RumWqdHp95pcgl2wfhnjA02oTs2A8HWVx1GXRm5XLs - Ui+7rTo8pHg0CF5Vj+pxBbWXBR0mUmfv5xY5f6iqqwsdkCN4+sSVdXDE8VjAbXhXnmWOyZ+/rN9yJ - xKBish+wBxfdj5Co90d4ouCn+PViU4Lupd40Has51L4UG/+xifeIuJlfa2IoS63jj6PYFvqLoU2jH - 0Xr9Bt74IabCtZiFs9JlwiUxYW1mYICllJOzNcipt9HCoip0WoU4+JsetGIAE5fplu6xC/BDUDIlI - G/B9eK6jQPhwErSA/DMjz91UF1LqyniPTHjldvq5plNQmrpCpTb1ztZ1R9+JFAzAeP2moZEZ1MJ42 - LnZdj80o42+7Zm4vVG7IVa4r4Fj0pLdSogUFJXAEVve6svpgJfPV50dCIUTameFSFvqup4tIoHGBi - JSIyC/xSlujjMk9qewpIqF7FBEZgbEGGZ1nH0GeMVc6AqGwvk4Dfk96L74RODPM4RsA1b7AdGxdKT - WJm6SuKRr3UTf/UHq2PYZwgK+9uzK6MEKktOpC5etSkwidPM2q0vdJpMO656yQ2sR8qWmcKpfOj+b - /W1F2DWlHBbCl8KDtkrwJo5pzrhkvNY1zpbYp0rZGrlgwyHleP81WrhDprv8FnCQiHbH//K2q+h2a - p2OcsFNWRwcDL4tIDbBEVdc6juCVmBUntWl/FnD752UjoCaMr2gKtzouZb/BhEgZiJmITgYuxjzgz - RgzvdS9b8N4qWTA2Q64nYuXYvxeBwKvOt46izBcwy7AMU4/33LVaQPOykPt8iWEq1C9SmoSr2HJM6 - g+j9qrsNiIWmUgQ1B7b5CJiOWWeqZwjzZUBXuJqNyC6D3pm2Su1DbdjiTvpIUVlG6zkIqRYB1LKVe - j7UYli/D+1zFAD0SkmjK5UeoSj2LTSIm+R2vpu/Rfav6vT4/enbbSo0EvRBjvqvw+dukjBY+gfsIq - qWs8G5W/kJpURc4AHS+1Tbei+jy2vkn/nitY10fosWFXyqzhiIxG9VTgeAQL1RnZ+vEQqWOvegLGv - vStMKmlA/9Kuq+T8kWGHauqbhKRGXi9YPbEsJuISAvG88SNOgxRpIg0V3Du2cB/AiOd6zIMwddijB - b8L++HGGGTm8V5Ncs+0T+J3QJswNj89sOEXgGzr/HfCxh2/CxV7ZgtqjACE8LmIsRymeopSJhljMx - l24AfhTWpDZX3Sm2TE5kBgDLQS1HrUsqwoa+SellT/anehcViNCbvl0yUo0xCmIQtUJKErce2YrjE - EiSDAdmKJk/VOVWxxPPV+uqE1DSdjujvSG+FeoNeiQAlAlubbSqarXbGNU8fbgtARHqLyCPAvzDhQ - P4AvCUijztqBA9EZBfgoA7elx+BplqqeiPGEybIR9P9Uq8CxqnqLPCoCF7LFpxbVVsxktqgvYn/Lf - 4zMAKjS3VbM2UzMwvaDpwH+Pd7QQT6HHC8qkZTudg9XkGYgtGjdiTa3zqE83RW5aScxvXS8l8g9wX - 8YogijVbgp8yuLlDVETqQ5ZigZ0EoI1B1p02oNbajvrRh0IbKxyixjsaYfAZRYNi2cgfwOGpnldoL - htX6K8Yf0h+DphXjrTBaVdulfQ7hhjpf54E2hxjDBygyCmMVdATGkqgEM5ksAx7ERN37zCl7Jeko+ - q+qak6WxjkeYwpG93kIxg70Y4z10ULgD6q61Ck7EBNCJYV5qhoYmU9E7ses1Djt9VdVdUwRv40JPj - YSYxmjGJO6pzACokey7kGz3U/N3F5In5NBxmE4i72ctDvmZUma8eg/EOtVsP/M6k8WZhgu5Oqnrul - E4EJUDzG2stoLY+CwGotHsaz7dMa4tyFljG+nbYTFvlvrJ/i9e5x25x+KStrR37Lu1ZmVgbbXcun8 - vpSVnIjaX0OsIxHdA2UPzIrWAroGldWgbyF6h84an1O4aQKbuQLW2XJnlGiF7fWnNo7A5lsgJ5N+n - 0qAbQhrsXUtYr2H0Mj28kb99ZhtOdvE7INmYAJrBWEHMFNVr4k60M6CQ1B256kiIDTyQf7tvEFaav - yUqo4JKVcOJPPwlS3i3wwWhqXM5pXQEzPrdztUta0zCdTpIw4C7Y13OxAqwFLVliKBFpENFoYNyoW - sjsZFZGAk3n3IFzNyfhFdglLgM0zE9GwoHj2QH3bGIzd2OjgCyF19qRyzDcuWyPF7M0Zdthkjld/c - AXfHnQalmNCUF0OomVcr3ngsReSGm0g/I6LZ4ecRjiBsTyfthpfg+ue4DpJsd9Y42zBRLT7ERby+7 - +7PlZ11lq2IHK+qkf2KBWPDuAwjEQsSFbcBh6lqoNK+iEyIyDLS+tfntBONrzsTItKHtHQ4LO1BPA - HtbNLBzW2MxDv1qXnm9cS4PBYa8GwdJhCcO72hqpECjoVBROYDL6jqtVHKl6rqahEZgwkqXYERIgl - mBS3DrLZn4TUsKCIEItKDiJEhuhOOLfK+GF/P/cgkvsF440xFwaeY1WqLk/L5vrWjaqcwOJLzAXmm - lMoETNSRQRjLthRURFbiJdzXgTfzEDquBa5xgrl/P1e9UgBVfc052etsDKvWF3gSE5j668D1IlK2M - 6hhPgfYB28kuMXdNI7US7o/hhDd6QDMOKP66rZgVpW1Tlrj+p5K6+KQjMcJJ1j5v5wUCY6HVMqkc7 - iTDnM+h2AWsP2c5A6onhSRt0kT7mvA0yGxlVMGI5OBvUXk9GwxmLMeM+HoJe8jHYlgDnC5Y61TxE4 - Axwl9KJmEOAyzlcnFim7H2CqvIZj41gCb4l7lPo8QkX6kCTb1OZxwDUnqNIdFTlqiqp+KyHN4nTXe - ASaoaqDvc86zYBzBwN3Ad5ysl4FzVbXwYE5FRIIjBQ0iwmEYtjRXmLptwArMy+BPa4sEWBgcSzQ/4 - Y4kc0/cCjyPCRnrd27ZDJwedIZSpAObHIfqaZhgSyUYlcwVwG3FBxwPHCHNUAwr6ifEQVmqprCFTA - JcAbyTz2HHRcQDZ89/DCYo2ljMCYC5pNktmD2qxzY6r1PVROQ4jMomFVjqVUwg5YeLxJobjs3zUMx - +Z6grDSM4up0fmwheDd/Jda5MEd0LEemFIdgHyH7GLpiDsNvlP3kffeiYvNVj4u+k2Kw3gJuAh/6d - Tdyc2XMf0kToJsb9iaYS+IBwQvzcKuSLABG5GXOObhQswUSvbOnw+aQiMhwTh+cM0sKJDzBeHA8Bz - 34RV1fn3FA34bm/701uiWkS42GzwpXa2dNCdXBF7HxwJMYNeEPIRsES4PSCDxEWkUOAqzESYPcL+j - 7mUN6nMQcuxeJk29lw/tC9yCTA1PcB4bXb8Rkm4sKKgLSqKB3/94KIHIQ5OiWXuaNguK2DMeF9BHg - nlpO+nYEMwuhVz8JIr/xYgQkh8iJGrL/OSR90xUvrSKkHYMKX7O58ulOKTd2PTL/aIGwgTXgegiwK - aoqIE7ERqadRkX0xxDoOow/KthdTTLCtda601vnchJlNSlypNMd1HzIJcCDGkiSPE3VoA1bjXQXbi - VFVczrrFlFEHOgUIvV0YFawwzGxh453vg/CrGr5EE2cSGImgA2kD2Ty7xNXZwu/UkQRXYVOJ9LQjo - 3JWsp7YlBA2hNzrqeNISr/Z1CejbEf3UiaAN2EmPq++Yso1Crii4n/B0b5UBwNl0uxAAAAAElFTkS - uQmCC -mail: admin@ls.com - -dn: cn=test34,ou=groups,o=ls -objectClass: lsgroup -objectClass: posixGroup -cn: test34 -gidNumber: 800001 -uniqueMember: uid=eeggs,ou=people,o=ls -description: test -lsGodfatherDn: uid=eeggs,ou=people,o=ls -structuralObjectClass: posixGroup - -dn: ou=ppolicies,o=ls -objectclass: organizationalUnit -ou: ppolicies - -dn: cn=default,ou=ppolicies,o=ls -cn: default -objectclass: top -objectclass: device -objectclass: pwdPolicy -objectclass: pwdPolicyChecker -pwdAttribute: userPassword -pwdMinAge: 0 -pwdMaxAge: 0 -pwdInHistory: 3 -pwdCheckQuality: 1 -pwdMinLength: 8 -pwdExpireWarning: 0 -pwdGraceAuthnLimit: 0 -pwdLockout: FALSE -pwdLockoutDuration: 0 -pwdMaxFailure: 0 -pwdMaxRecordedFailure: 0 -pwdFailureCountInterval: 0 -pwdMustChange: FALSE -pwdAllowUserChange: FALSE -pwdSafeModify: FALSE - -dn: cn=sysaccounts,ou=ppolicies,o=ls -cn: sysaccounts -objectclass: top -objectclass: device -objectclass: pwdPolicy -objectclass: pwdPolicyChecker -pwdAttribute: userPassword -pwdMinAge: 0 -pwdMaxAge: 0 -pwdInHistory: 0 -pwdCheckQuality: 1 -pwdMinLength: 10 -pwdExpireWarning: 0 -pwdGraceAuthnLimit: 0 -pwdLockout: FALSE -pwdLockoutDuration: 0 -pwdMaxFailure: 0 -pwdMaxRecordedFailure: 0 -pwdFailureCountInterval: 0 -pwdMustChange: FALSE -pwdAllowUserChange: FALSE -pwdSafeModify: FALSE diff --git a/lsexample/restore_lsexample b/lsexample/restore_lsexample index 56f51057..c700d2d8 100755 --- a/lsexample/restore_lsexample +++ b/lsexample/restore_lsexample @@ -13,30 +13,59 @@ SLAPD_CONF_DIR=/etc/ldap/slapd.d SLAPD_DB_DIR=/var/lib/ldap SLAPD_USER=openldap SLAPD_GROUP=openldap +SYS_SCHEMA_DIR=/etc/ldap/schema # Deducted configuration -LDIF="$SRC_DIR/lsexample/lsexample.ldif" -SCHEMA_LDIF="$SRC_DIR/lsexample/schema/cn={10}ls.ldif" -SCHEMA_DEST="$SLAPD_CONF_DIR/cn=config/cn=schema/" +SLAPD_CONF_LDIF="$SRC_DIR/lsexample/slapd-config.ldif" +LS_SCHEMA_LDIF="$SRC_DIR/lsexample/schema/ls.ldif" +SAMBA_SCHEMA_LDIF="$SRC_DIR/lsexample/schema/samba.ldif" +SLAPD_DB_LDIF="$SRC_DIR/lsexample/db.ldif" # # Start restoration # # Stop slapd -/usr/sbin/service slapd stop > /dev/null +/usr/sbin/service slapd stop # Purge old DB data -rm -fr $SLAPD_DB_DIR/* +rm -fr $SLAPD_DB_DIR $SLAPD_CONF_DIR +mkdir -p $SLAPD_DB_DIR $SLAPD_CONF_DIR -# Restore schema file -cp -f "$SCHEMA_LDIF" "$SCHEMA_DEST" +# Install slapd.d configuration +slapadd -n0 -F $SLAPD_CONF_DIR -l $SLAPD_CONF_LDIF -# Restore DB data from LDIF file -/usr/sbin/slapadd -l $LDIF -q +# Install schemas +slapadd -n0 -F/etc/ldap/slapd.d -l$SYS_SCHEMA_DIR/core.ldif +slapadd -n0 -F/etc/ldap/slapd.d -l$SYS_SCHEMA_DIR/cosine.ldif +slapadd -n0 -F/etc/ldap/slapd.d -l$SYS_SCHEMA_DIR/nis.ldif +slapadd -n0 -F/etc/ldap/slapd.d -l$SYS_SCHEMA_DIR/inetorgperson.ldif +slapadd -n0 -F/etc/ldap/slapd.d -l$SYS_SCHEMA_DIR/ppolicy.ldif +slapadd -n0 -F/etc/ldap/slapd.d -l$SYS_SCHEMA_DIR/dyngroup.ldif +slapadd -n0 -F/etc/ldap/slapd.d -l$SAMBA_SCHEMA_LDIF +slapadd -n0 -F/etc/ldap/slapd.d -l$LS_SCHEMA_LDIF # Fix rights on restored data -chown $SLAPD_USER:$SLAPD_GROUP -R $SLAPD_DB_DIR $SCHEMA_DEST +chown $SLAPD_USER:$SLAPD_GROUP -R $SLAPD_DB_DIR $SLAPD_CONF_DIR # Start slapd -/usr/sbin/service slapd start > /dev/null +/usr/sbin/service slapd start + +cat << EOF > /etc/ldapvi.conf +profile default +unpaged-help: yes +ldap-conf: yes + +profile config +host: ldapi:// +sasl-mech: EXTERNAL +base: cn=config + +profile ls +host: ldapi:// +sasl-mech: EXTERNAL +base: o=ls +EOF + +# Add database +ldapvi -p config --verbose --ldapmodify --ldapvi --add $SLAPD_DB_LDIF diff --git a/lsexample/schema/cn={10}ls.ldif b/lsexample/schema/cn={10}ls.ldif deleted file mode 100644 index 0054e1f6..00000000 --- a/lsexample/schema/cn={10}ls.ldif +++ /dev/null @@ -1,40 +0,0 @@ -# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. -# CRC32 7e667c54 -dn: cn={10}ls -objectClass: olcSchemaConfig -objectClass: top -cn: {10}ls -olcObjectIdentifier: {0}EeRoot 1.3.6.1.4.1.10650 -olcObjectIdentifier: {1}LeRoot EeRoot:4 -olcObjectIdentifier: {2}LsRoot LeRoot:10000 -olcObjectIdentifier: {3}LsLDAP LsRoot:2 -olcObjectIdentifier: {4}LsLDAPAttribute LsLDAP:1 -olcObjectIdentifier: {5}LsLDAPObjectClass LsLDAP:2 -olcAttributeTypes: {0}( LsLDAPAttribute:1 NAME 'lsAllowedServices' DESC 'Lis - tof allowed services' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsM - atch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) -olcAttributeTypes: {1}( LsLDAPAttribute:2 NAME 'lsRecoveryHash' DESC 'Passwo - rdRecover Hash' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1. - 15) -olcAttributeTypes: {2}( LsLDAPAttribute:3 NAME 'lsGodfatherDn' DESC 'Godfath - erdn of this entry' SUP distinguishedName ) -structuralObjectClass: olcSchemaConfig -entryUUID: 6408206a-b8c2-1038-8c14-9d79696c60b6 -creatorsName: cn=admin,cn=config -createTimestamp: 20190130100601Z -olcObjectClasses: {0}( LsLDAPObjectClass:1 NAME 'lspeople' DESC 'LS people O - bjectclass' STRUCTURAL MUST ( uid $ cn ) MAY ( jpegPhoto $ sn $ givenName $ - postalAddress $ postalCode $ l $ st $ c $ telephoneNumber $ mobile $ fax $ - mail$ personalTitle $ description $ userPassword $ lsallowedservices $ lsR - ecoveryHash $ lsGodfatherDn ) ) -olcObjectClasses: {1}( LsLDAPObjectClass:3 NAME 'lsgroup' DESC 'LS group Obj - ectclass' AUXILIARY MUST cn MAY ( uniquemember $ description $ lsGodfatherD - n )) -olcObjectClasses: {2}( LsLDAPObjectClass:4 NAME 'lssysaccount' DESC 'LS syst - emaccount Objectclass' STRUCTURAL MUST uid MAY ( userpassword $ description - )) -olcObjectClasses: {3}( LsLDAPObjectClass:5 NAME 'lscompany' SUP organization - alUnit STRUCTURAL MUST ou MAY ( description $ lsGodfatherDn ) ) -entryCSN: 20190130103114.350601Z#000000#000#000000 -modifiersName: cn=admin,cn=config -modifyTimestamp: 20190130103114Z diff --git a/lsexample/schema/ls.ldif b/lsexample/schema/ls.ldif new file mode 100644 index 00000000..76b749cc --- /dev/null +++ b/lsexample/schema/ls.ldif @@ -0,0 +1,43 @@ +dn: cn=ls,cn=schema,cn=config +cn: ls +objectclass: olcSchemaConfig +objectclass: top +olcattributetypes: {0}( LsLDAPAttribute:1 NAME 'lsAllowedServices' DESC 'Lis + tof allowed services' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsM + atch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) +olcattributetypes: {1}( LsLDAPAttribute:2 NAME 'lsRecoveryHash' DESC 'Passwo + rdRecover Hash' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1. + 15) +olcattributetypes: {2}( LsLDAPAttribute:3 NAME 'lsGodfatherDn' DESC 'Godfath + erdn of this entry' SUP distinguishedName ) +olcattributetypes: {3}( LsLDAPAttribute:4 NAME 'lsDynGroupMemberDnURI' DESC + 'Dynamic group members DN URI' SUP labeledURI ) +olcattributetypes: {4}( LsLDAPAttribute:5 NAME 'lsDynGroupMemberUidURI' DESC + 'Dynamic group members UID URI' SUP labeledURI ) +olcattributetypes: {5}( LsLDAPAttribute:6 NAME 'lsDynGroupMemberDn' DESC 'Dy + namic group members DN' SUP uniqueMember ) +olcattributetypes: {6}( LsLDAPAttribute:7 NAME 'lsDynGroupMemberUid' DESC 'D + ynamic group members UID' SUP memberUid ) +olcobjectclasses: {0}( LsLDAPObjectClass:1 NAME 'lspeople' DESC 'LS people O + bjectclass' STRUCTURAL MUST ( uid $ cn ) MAY ( jpegPhoto $ sn $ givenName $ + postalAddress $ postalCode $ l $ st $ c $ telephoneNumber $ mobile $ fax $ + mail$ personalTitle $ description $ userPassword $ lsallowedservices $ lsR + ecoveryHash $ lsGodfatherDn ) ) +olcobjectclasses: {1}( LsLDAPObjectClass:3 NAME 'lsgroup' DESC 'LS group Obj + ectclass' AUXILIARY MUST cn MAY ( uniquemember $ description $ lsGodfatherD + n )) +olcobjectclasses: {2}( LsLDAPObjectClass:4 NAME 'lssysaccount' DESC 'LS syst + emaccount Objectclass' STRUCTURAL MUST uid MAY ( userpassword $ description + )) +olcobjectclasses: {3}( LsLDAPObjectClass:5 NAME 'lscompany' SUP organization + alUnit STRUCTURAL MUST ou MAY ( description $ lsGodfatherDn ) ) +olcobjectclasses: {4}( LsLDAPObjectClass:6 NAME 'lsdyngroup' DESC 'Dynamic g + roups objectclass' SUP top AUXILIARY MUST cn MAY ( description $ uniqueMemb + er $ memberUid $ lsGodfatherDn $ lsDynGroupMemberDnURI $ lsDynGroupMemberDn + $ lsDynGroupMemberUidURI $ lsDynGroupMemberUid $ dgIdentity $ dgAuthz )) +olcobjectidentifier: {0}EeRoot 1.3.6.1.4.1.10650 +olcobjectidentifier: {1}LeRoot EeRoot:4 +olcobjectidentifier: {2}LsRoot LeRoot:10000 +olcobjectidentifier: {3}LsLDAP LsRoot:2 +olcobjectidentifier: {4}LsLDAPAttribute LsLDAP:1 +olcobjectidentifier: {5}LsLDAPObjectClass LsLDAP:2 diff --git a/lsexample/schema/lsexample.schema b/lsexample/schema/lsexample.schema deleted file mode 100644 index cb07f0eb..00000000 --- a/lsexample/schema/lsexample.schema +++ /dev/null @@ -1,59 +0,0 @@ -# LdapSaisie - LDAP Schema - Example -# Web Site : https://ldapsaisie.org -objectIdentifier EeRoot 1.3.6.1.4.1.10650 -objectIdentifier LeRoot EeRoot:4 -objectIdentifier LsRoot LeRoot:10000 -objectIdentifier LsLDAP LsRoot:2 -objectIdentifier LsLDAPAttribute LsLDAP:1 -objectIdentifier LsLDAPObjectClass LsLDAP:2 - -# -attributetype (LsLDAPAttribute:1 - NAME 'lsAllowedServices' - DESC 'List of allowed services' - EQUALITY caseIgnoreMatch - SUBSTR caseIgnoreSubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) - -attributetype ( LsLDAPAttribute:2 NAME 'lsRecoveryHash' - DESC 'Password Recover Hash' - EQUALITY caseIgnoreMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) - -attributetype ( LsLDAPAttribute:3 NAME 'lsGodfatherDn' - SUP distinguishedName - DESC 'Godfather dn of this entry' ) -# - -# -objectclass (LsLDAPObjectClass:1 - NAME 'lspeople' - DESC 'LS people Objectclass' - STRUCTURAL - MUST ( uid $ cn ) - MAY ( jpegPhoto $ sn $ givenName $ postalAddress $ postalCode $ l $ st $ c $ - telephoneNumber $ mobile $ fax $ mail $ personalTitle $ description $ - userPassword $ lsallowedservices $ lsRecoveryHash $ lsGodfatherDn )) - -objectclass (LsLDAPObjectClass:3 - NAME 'lsgroup' - DESC 'LS group Objectclass' - AUXILIARY - MUST ( cn ) - MAY ( uniquemember $ description $ lsGodfatherDn )) - -objectclass (LsLDAPObjectClass:4 - NAME 'lssysaccount' - DESC 'LS system account Objectclass' - STRUCTURAL - MUST ( uid ) - MAY (userpassword $ description)) - -objectclass ( LsLDAPObjectClass:5 - NAME 'lscompany' - SUP organizationalUnit - STRUCTURAL - MUST ( ou ) - MAY ( description $ lsGodfatherDn )) - -# diff --git a/lsexample/schema/samba.ldif b/lsexample/schema/samba.ldif new file mode 100644 index 00000000..b52a8bd9 --- /dev/null +++ b/lsexample/schema/samba.ldif @@ -0,0 +1,176 @@ +dn: cn=samba,cn=schema,cn=config +cn: samba +objectclass: olcSchemaConfig +olcattributetypes: {0}( 1.3.6.1.4.1.7165.2.1.24 NAME 'sambaLMPassword' DESC + 'LanManager Password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.1 + 15.121.1.26{32} SINGLE-VALUE ) +olcattributetypes: {1}( 1.3.6.1.4.1.7165.2.1.25 NAME 'sambaNTPassword' DESC + 'MD4 hash of the unicode password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6 + .1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) +olcattributetypes: {2}( 1.3.6.1.4.1.7165.2.1.26 NAME 'sambaAcctFlags' DESC ' + Account Flags' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121. + 1.26{16} SINGLE-VALUE ) +olcattributetypes: {3}( 1.3.6.1.4.1.7165.2.1.27 NAME 'sambaPwdLastSet' DESC + 'Timestamp of the last password update' EQUALITY integerMatch SYNTAX 1.3.6. + 1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcattributetypes: {4}( 1.3.6.1.4.1.7165.2.1.28 NAME 'sambaPwdCanChange' DES + C 'Timestamp of when the user is allowed to update the password' EQUALITY i + ntegerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcattributetypes: {5}( 1.3.6.1.4.1.7165.2.1.29 NAME 'sambaPwdMustChange' DE + SC 'Timestamp of when the password will expire' EQUALITY integerMatch SYNTA + X 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcattributetypes: {6}( 1.3.6.1.4.1.7165.2.1.30 NAME 'sambaLogonTime' DESC ' + Timestamp of last logon' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115. + 121.1.27 SINGLE-VALUE ) +olcattributetypes: {7}( 1.3.6.1.4.1.7165.2.1.31 NAME 'sambaLogoffTime' DESC + 'Timestamp of last logoff' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.11 + 5.121.1.27 SINGLE-VALUE ) +olcattributetypes: {8}( 1.3.6.1.4.1.7165.2.1.32 NAME 'sambaKickoffTime' DESC + 'Timestamp of when the user will be logged off automatically' EQUALITY int + egerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcattributetypes: {9}( 1.3.6.1.4.1.7165.2.1.48 NAME 'sambaBadPasswordCount' + DESC 'Bad password attempt count' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1 + .1466.115.121.1.27 SINGLE-VALUE ) +olcattributetypes: {10}( 1.3.6.1.4.1.7165.2.1.49 NAME 'sambaBadPasswordTime' + DESC 'Time of the last bad password attempt' EQUALITY integerMatch SYNTAX + 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcattributetypes: {11}( 1.3.6.1.4.1.7165.2.1.55 NAME 'sambaLogonHours' DESC + 'Logon Hours' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121. + 1.26{42} SINGLE-VALUE ) +olcattributetypes: {12}( 1.3.6.1.4.1.7165.2.1.33 NAME 'sambaHomeDrive' DESC + 'Driver letter of home directory mapping' EQUALITY caseIgnoreIA5Match SYNTA + X 1.3.6.1.4.1.1466.115.121.1.26{4} SINGLE-VALUE ) +olcattributetypes: {13}( 1.3.6.1.4.1.7165.2.1.34 NAME 'sambaLogonScript' DES + C 'Logon script path' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115. + 121.1.15{255} SINGLE-VALUE ) +olcattributetypes: {14}( 1.3.6.1.4.1.7165.2.1.35 NAME 'sambaProfilePath' DES + C 'Roaming profile path' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.1 + 15.121.1.15{255} SINGLE-VALUE ) +olcattributetypes: {15}( 1.3.6.1.4.1.7165.2.1.36 NAME 'sambaUserWorkstations + ' DESC 'List of user workstations the user is allowed to logon to' EQUALITY + caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE ) +olcattributetypes: {16}( 1.3.6.1.4.1.7165.2.1.37 NAME 'sambaHomePath' DESC ' + Home directory UNC path' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.1 + 15.121.1.15{128} ) +olcattributetypes: {17}( 1.3.6.1.4.1.7165.2.1.38 NAME 'sambaDomainName' DESC + 'Windows NT domain to which the user belongs' EQUALITY caseIgnoreMatch SYN + TAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) +olcattributetypes: {18}( 1.3.6.1.4.1.7165.2.1.47 NAME 'sambaMungedDial' DESC + 'Base64 encoded user parameter string' EQUALITY caseExactMatch SYNTAX 1.3. + 6.1.4.1.1466.115.121.1.15{1050} ) +olcattributetypes: {19}( 1.3.6.1.4.1.7165.2.1.54 NAME 'sambaPasswordHistory' + DESC 'Concatenated MD4 hashes of the unicode passwords used on this accoun + t' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} ) +olcattributetypes: {20}( 1.3.6.1.4.1.7165.2.1.20 NAME 'sambaSID' DESC 'Secur + ity ID' EQUALITY caseIgnoreIA5Match SUBSTR caseExactIA5SubstringsMatch SYNT + AX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE ) +olcattributetypes: {21}( 1.3.6.1.4.1.7165.2.1.23 NAME 'sambaPrimaryGroupSID' + DESC 'Primary Group Security ID' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6. + 1.4.1.1466.115.121.1.26{64} SINGLE-VALUE ) +olcattributetypes: {22}( 1.3.6.1.4.1.7165.2.1.51 NAME 'sambaSIDList' DESC 'S + ecurity ID List' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.12 + 1.1.26{64} ) +olcattributetypes: {23}( 1.3.6.1.4.1.7165.2.1.19 NAME 'sambaGroupType' DESC + 'NT Group Type' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) +olcattributetypes: {24}( 1.3.6.1.4.1.7165.2.1.21 NAME 'sambaNextUserRid' DES + C 'Next NT rid to give our for users' EQUALITY integerMatch SYNTAX 1.3.6.1. + 4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcattributetypes: {25}( 1.3.6.1.4.1.7165.2.1.22 NAME 'sambaNextGroupRid' DE + SC 'Next NT rid to give out for groups' EQUALITY integerMatch SYNTAX 1.3.6. + 1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcattributetypes: {26}( 1.3.6.1.4.1.7165.2.1.39 NAME 'sambaNextRid' DESC 'N + ext NT rid to give out for anything' EQUALITY integerMatch SYNTAX 1.3.6.1.4 + .1.1466.115.121.1.27 SINGLE-VALUE ) +olcattributetypes: {27}( 1.3.6.1.4.1.7165.2.1.40 NAME 'sambaAlgorithmicRidBa + se' DESC 'Base at which the samba RID generation algorithm should operate' + EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcattributetypes: {28}( 1.3.6.1.4.1.7165.2.1.41 NAME 'sambaShareName' DESC + 'Share Name' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE ) +olcattributetypes: {29}( 1.3.6.1.4.1.7165.2.1.42 NAME 'sambaOptionName' DESC + 'Option Name' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SY + NTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) +olcattributetypes: {30}( 1.3.6.1.4.1.7165.2.1.43 NAME 'sambaBoolOption' DESC + 'A boolean option' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1 + .7 SINGLE-VALUE ) +olcattributetypes: {31}( 1.3.6.1.4.1.7165.2.1.44 NAME 'sambaIntegerOption' D + ESC 'An integer option' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.1 + 21.1.27 SINGLE-VALUE ) +olcattributetypes: {32}( 1.3.6.1.4.1.7165.2.1.45 NAME 'sambaStringOption' DE + SC 'A string option' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115 + .121.1.26 SINGLE-VALUE ) +olcattributetypes: {33}( 1.3.6.1.4.1.7165.2.1.46 NAME 'sambaStringListOption + ' DESC 'A string list option' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1 + 466.115.121.1.15 ) +olcattributetypes: {34}( 1.3.6.1.4.1.7165.2.1.53 NAME 'sambaTrustFlags' DESC + 'Trust Password Flags' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466 + .115.121.1.26 ) +olcattributetypes: {35}( 1.3.6.1.4.1.7165.2.1.58 NAME 'sambaMinPwdLength' DE + SC 'Minimal password length (default: 5)' EQUALITY integerMatch SYNTAX 1.3. + 6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcattributetypes: {36}( 1.3.6.1.4.1.7165.2.1.59 NAME 'sambaPwdHistoryLength + ' DESC 'Length of Password History Entries (default: 0 => off)' EQUALITY in + tegerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcattributetypes: {37}( 1.3.6.1.4.1.7165.2.1.60 NAME 'sambaLogonToChgPwd' D + ESC 'Force Users to logon for password change (default: 0 => off, 2 => on)' + EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcattributetypes: {38}( 1.3.6.1.4.1.7165.2.1.61 NAME 'sambaMaxPwdAge' DESC + 'Maximum password age, in seconds (default: -1 => never expire passwords)' + EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcattributetypes: {39}( 1.3.6.1.4.1.7165.2.1.62 NAME 'sambaMinPwdAge' DESC + 'Minimum password age, in seconds (default: 0 => allow immediate password c + hange)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-V + ALUE ) +olcattributetypes: {40}( 1.3.6.1.4.1.7165.2.1.63 NAME 'sambaLockoutDuration' + DESC 'Lockout duration in minutes (default: 30, -1 => forever)' EQUALITY i + ntegerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcattributetypes: {41}( 1.3.6.1.4.1.7165.2.1.64 NAME 'sambaLockoutObservati + onWindow' DESC 'Reset time after lockout in minutes (default: 30)' EQUALITY + integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcattributetypes: {42}( 1.3.6.1.4.1.7165.2.1.65 NAME 'sambaLockoutThreshold + ' DESC 'Lockout users after bad logon attempts (default: 0 => off)' EQUALIT + Y integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcattributetypes: {43}( 1.3.6.1.4.1.7165.2.1.66 NAME 'sambaForceLogoff' DES + C 'Disconnect Users outside logon hours (default: -1 => off, 0 => on)' EQUA + LITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcattributetypes: {44}( 1.3.6.1.4.1.7165.2.1.67 NAME 'sambaRefuseMachinePwd + Change' DESC 'Allow Machine Password changes (default: 0 => off)' EQUALITY + integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcobjectclasses: {0}( 1.3.6.1.4.1.7165.2.2.6 NAME 'sambaSamAccount' DESC 'S + amba 3.0 Auxilary SAM Account' SUP top AUXILIARY MUST ( uid $ sambaSID ) MA + Y ( cn $ sambaLMPassword $ sambaNTPassword $ sambaPwdLastSet $ sambaLogonTi + me $ sambaLogoffTime $ sambaKickoffTime $ sambaPwdCanChange $ sambaPwdMustC + hange $ sambaAcctFlags $ displayName $ sambaHomePath $ sambaHomeDrive $ sam + baLogonScript $ sambaProfilePath $ description $ sambaUserWorkstations $ sa + mbaPrimaryGroupSID $ sambaDomainName $ sambaMungedDial $ sambaBadPasswordCo + unt $ sambaBadPasswordTime $ sambaPasswordHistory $ sambaLogonHours ) ) +olcobjectclasses: {1}( 1.3.6.1.4.1.7165.2.2.4 NAME 'sambaGroupMapping' DESC + 'Samba Group Mapping' SUP top AUXILIARY MUST ( gidNumber $ sambaSID $ samba + GroupType ) MAY ( displayName $ description $ sambaSIDList ) ) +olcobjectclasses: {2}( 1.3.6.1.4.1.7165.2.2.14 NAME 'sambaTrustPassword' DES + C 'Samba Trust Password' SUP top STRUCTURAL MUST ( sambaDomainName $ sambaN + TPassword $ sambaTrustFlags ) MAY ( sambaSID $ sambaPwdLastSet ) ) +olcobjectclasses: {3}( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' DESC 'Samba + Domain Information' SUP top STRUCTURAL MUST ( sambaDomainName $ sambaSID ) + MAY ( sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $ sambaAlgorithm + icRidBase $ sambaMinPwdLength $ sambaPwdHistoryLength $ sambaLogonToChgPwd + $ sambaMaxPwdAge $ sambaMinPwdAge $ sambaLockoutDuration $ sambaLockoutObse + rvationWindow $ sambaLockoutThreshold $ sambaForceLogoff $ sambaRefuseMachi + nePwdChange ) ) +olcobjectclasses: {4}( 1.3.6.1.4.1.7165.2.2.7 NAME 'sambaUnixIdPool' DESC 'P + ool for allocating UNIX uids/gids' SUP top AUXILIARY MUST ( uidNumber $ gid + Number ) ) +olcobjectclasses: {5}( 1.3.6.1.4.1.7165.2.2.8 NAME 'sambaIdmapEntry' DESC 'M + apping from a SID to an ID' SUP top AUXILIARY MUST sambaSID MAY ( uidNumber + $ gidNumber ) ) +olcobjectclasses: {6}( 1.3.6.1.4.1.7165.2.2.9 NAME 'sambaSidEntry' DESC 'Str + uctural Class for a SID' SUP top STRUCTURAL MUST sambaSID ) +olcobjectclasses: {7}( 1.3.6.1.4.1.7165.2.2.10 NAME 'sambaConfig' DESC 'Samb + a Configuration Section' SUP top AUXILIARY MAY description ) +olcobjectclasses: {8}( 1.3.6.1.4.1.7165.2.2.11 NAME 'sambaShare' DESC 'Samba + Share Section' SUP top STRUCTURAL MUST sambaShareName MAY description ) +olcobjectclasses: {9}( 1.3.6.1.4.1.7165.2.2.12 NAME 'sambaConfigOption' DESC + 'Samba Configuration Option' SUP top STRUCTURAL MUST sambaOptionName MAY ( + sambaBoolOption $ sambaIntegerOption $ sambaStringOption $ sambaStringList + option $ description ) ) diff --git a/lsexample/slapd-config.ldif b/lsexample/slapd-config.ldif new file mode 100644 index 00000000..4529a405 --- /dev/null +++ b/lsexample/slapd-config.ldif @@ -0,0 +1,44 @@ +dn: cn=config +objectClass: olcGlobal +cn: config +olcArgsFile: /var/run/slapd/slapd.args +olcPidFile: /var/run/slapd/slapd.pid +olcToolThreads: 1 +olcLogLevel: stats +olcServerId: 1 +olcAttributeOptions: lang- x- + +dn: cn=module{0},cn=config +objectClass: olcModuleList +cn: module{0} +olcModulePath: /usr/lib/ldap +olcModuleLoad: {0}back_mdb +olcModuleLoad: {1}ppolicy +olcModuleLoad: {2}dynlist +olcModuleLoad: {3}pw-sha2 + +dn: cn=schema,cn=config +objectClass: olcSchemaConfig +cn: schema + +dn: olcDatabase={-1}frontend,cn=config +objectClass: olcDatabaseConfig +objectClass: olcFrontendConfig +olcDatabase: {-1}frontend +olcAccess: {0}to * + by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage + by * break +olcAccess: {1}to dn.exact="" by * read +olcAccess: {2}to dn.base="cn=Subschema" by * read +olcSizeLimit: 500 +olcLimits: {0}* size.pr=1000 size.prtotal=unlimited +olcPasswordHash: {SSHA512} + +dn: olcDatabase={0}config,cn=config +objectClass: olcDatabaseConfig +olcDatabase: {0}config +olcAccess: {0}to * + by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage + by * break +olcRootDN: cn=admin,cn=config + diff --git a/lsexample/slapd/permissions-ls.conf b/lsexample/slapd/permissions-ls.conf deleted file mode 100644 index b2cf8723..00000000 --- a/lsexample/slapd/permissions-ls.conf +++ /dev/null @@ -1,94 +0,0 @@ -## Racine -access to dn.regex="^o=ls$" attrs="entry,children,objectclass" - by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write - by dn="uid=ldapsaisie,ou=sysaccounts,o=ls" write - by users read - by * read - -## Groups -### Ajout d'entrees par les admins -access to dn.regex="^ou=groups,o=ls$" attrs="children,objectclass" - by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write - by dn="uid=ldapsaisie,ou=sysaccounts,o=ls" write - by users read - by * none - -access to dn.regex="^cn=[^,]+,ou=groups,o=ls$" attrs="entry,objectclass" - by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write - by dn="uid=ldapsaisie,ou=sysaccounts,o=ls" write - by users read - by * none - -### Les admins peuvent tout modifier, les authentifies peuvent tout voir -access to dn.regex="^cn=[^,]+,ou=groups,o=ls$" - by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write - by dn="uid=ldapsaisie,ou=sysaccounts,o=ls" write - by users read - by * none - - -## Peoples -### Ajout d'entrees par les admins -access to dn.regex="^ou=people,o=ls$" attrs="children,objectclass" - by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write - by dn="uid=ldapsaisie,ou=sysaccounts,o=ls" write - by users read - by * read - -access to dn.regex="^uid=[^,]+,ou=people,o=ls$" attrs="entry,objectclass" - by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write - by dn="uid=ldapsaisie,ou=sysaccounts,o=ls" write - by users read - by * read - - -### Les admins peuvent modifier le mot de passe, samba le mettre à jour, les autres peuvent s'en servir pour l'authentification -access to dn.regex="^uid=[^,]+,ou=people,o=ls$" attrs="userPassword" - by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write - by dn="uid=samba,ou=sysaccounts,o=ls" write - by dn="uid=ldapsaisie,ou=sysaccounts,o=ls" write - by self write - by anonymous auth - by * none - -access to dn.regex="^uid=[^,]+,ou=sysaccounts,o=ls$" attrs="userPassword" - by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write - by dn="uid=ldapsaisie,ou=sysaccounts,o=ls" write - by anonymous auth - by * none - -### Les admins peuvent modifier ces attributs, les authentifies peuvent les voir -access to dn.regex="^uid=[^,]+,ou=people,o=ls$" attrs="uid,lsallowedservices,uidNumber,gidNumber,homeDirectory,loginShell,sambaSID,sambaAcctFlags,sambaPrimaryGroupSID" - by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write - by dn="uid=ldapsaisie,ou=sysaccounts,o=ls" write - by users read - by * none - -### Les admins peuvent modifier ces attributs, le proprio aussi, samba aussi -access to dn.regex="^uid=[^,]+,ou=people,o=ls$" attrs="sambaLMPassword,sambaNTPassword" - by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write - by dn="uid=ldapsaisie,ou=sysaccounts,o=ls" write - by dn="uid=samba,ou=sysaccounts,o=ls" write - by self write - by * none - -### Les admins peuvent modifier ces attributs, le proprio aussi, les authentifies peuvent les voir -access to dn.regex="^uid=[^,]+,ou=people,o=ls$" attrs="c,cn,jpegPhoto,personalTitle,sn,givenName,postalAddress,postalCode,l,st,telephoneNumber,mobile,fax,mail,description" - by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write - by dn="uid=ldapsaisie,ou=sysaccounts,o=ls" write - by self write - by users read - by * read - -## Les authentifies peuvent voir les noeuds et les admins peuvent en ajouter -access to * attrs="entry" - by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write - by dn="uid=ldapsaisie,ou=sysaccounts,o=ls" write - by users read - by * none - -## Le reste -access to * - by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write - by dn="uid=ldapsaisie,ou=sysaccounts,o=ls" write - by * none diff --git a/lsexample/slapd/slapd.conf b/lsexample/slapd/slapd.conf deleted file mode 100644 index ac92259e..00000000 --- a/lsexample/slapd/slapd.conf +++ /dev/null @@ -1,45 +0,0 @@ -# LSexample - Config - -# Loading schema -include /etc/ldap/schema/core.schema -include /etc/ldap/schema/cosine.schema -include /etc/ldap/schema/nis.schema -include /etc/ldap/schema/inetorgperson.schema -include /etc/ldap/schema/samba.schema -include /etc/ldap/schema/lsexample.schema - -# Slapd core configuration -pidfile /var/run/slapd/slapd.pid -argsfile /var/run/slapd/slapd.args -loglevel stats -modulepath /usr/lib/ldap -moduleload back_hdb -sizelimit 500 -tool-threads 1 - -# LSexample database configuration -backend hdb -database hdb -suffix "o=ls" - -# The database directory MUST exist prior to running slapd AND -# should only be accessible by the slapd and slap tools. -# Mode 700 recommended. -directory /var/lib/ldap - -# Indices to maintain -index objectClass eq -index uidNumber eq -index gidNumber eq -index lsallowedservices,lsGodfatherDn eq -index sambasid eq -index sambaDomainName eq -index memberUid,uniqueMember eq -index givenname,cn,sn,mail,uid sub,eq,approx - -# Save the time that the entry gets modified, for database #1 -lastmod on -checkpoint 512 30 - -# Loading LSexample permission file -include permissions-ls.conf diff --git a/lsexample/slapd/slapd.d/cn=config.ldif b/lsexample/slapd/slapd.d/cn=config.ldif deleted file mode 100644 index 970f360c..00000000 --- a/lsexample/slapd/slapd.d/cn=config.ldif +++ /dev/null @@ -1,16 +0,0 @@ -# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. -# CRC32 1a375831 -dn: cn=config -objectClass: olcGlobal -cn: config -olcArgsFile: /var/run/slapd/slapd.args -olcLogLevel: none -olcPidFile: /var/run/slapd/slapd.pid -olcToolThreads: 1 -structuralObjectClass: olcGlobal -entryUUID: 6db4a4c4-6a91-1032-8cb6-d5eaa14a6b52 -creatorsName: cn=config -createTimestamp: 20130616052915Z -entryCSN: 20130616052915.388815Z#000000#000#000000 -modifiersName: cn=config -modifyTimestamp: 20130616052915Z diff --git a/lsexample/slapd/slapd.d/cn=config/cn=module{0}.ldif b/lsexample/slapd/slapd.d/cn=config/cn=module{0}.ldif deleted file mode 100644 index d3c0187d..00000000 --- a/lsexample/slapd/slapd.d/cn=config/cn=module{0}.ldif +++ /dev/null @@ -1,14 +0,0 @@ -# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. -# CRC32 418bf3c9 -dn: cn=module{0} -objectClass: olcModuleList -cn: module{0} -olcModulePath: /usr/lib/ldap -olcModuleLoad: {0}back_hdb -structuralObjectClass: olcModuleList -entryUUID: 5605629c-6a95-1032-9775-cf219862f309 -creatorsName: cn=config -createTimestamp: 20130616055713Z -entryCSN: 20130616055713.639138Z#000000#000#000000 -modifiersName: cn=config -modifyTimestamp: 20130616055713Z diff --git a/lsexample/slapd/slapd.d/cn=config/cn=schema.ldif b/lsexample/slapd/slapd.d/cn=config/cn=schema.ldif deleted file mode 100644 index f644d1d5..00000000 --- a/lsexample/slapd/slapd.d/cn=config/cn=schema.ldif +++ /dev/null @@ -1,615 +0,0 @@ -# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. -# CRC32 6d62e916 -dn: cn=schema -objectClass: olcSchemaConfig -cn: schema -olcObjectIdentifier: OLcfg 1.3.6.1.4.1.4203.1.12.2 -olcObjectIdentifier: OLcfgAt OLcfg:3 -olcObjectIdentifier: OLcfgGlAt OLcfgAt:0 -olcObjectIdentifier: OLcfgBkAt OLcfgAt:1 -olcObjectIdentifier: OLcfgDbAt OLcfgAt:2 -olcObjectIdentifier: OLcfgOvAt OLcfgAt:3 -olcObjectIdentifier: OLcfgCtAt OLcfgAt:4 -olcObjectIdentifier: OLcfgOc OLcfg:4 -olcObjectIdentifier: OLcfgGlOc OLcfgOc:0 -olcObjectIdentifier: OLcfgBkOc OLcfgOc:1 -olcObjectIdentifier: OLcfgDbOc OLcfgOc:2 -olcObjectIdentifier: OLcfgOvOc OLcfgOc:3 -olcObjectIdentifier: OLcfgCtOc OLcfgOc:4 -olcObjectIdentifier: OMsyn 1.3.6.1.4.1.1466.115.121.1 -olcObjectIdentifier: OMsBoolean OMsyn:7 -olcObjectIdentifier: OMsDN OMsyn:12 -olcObjectIdentifier: OMsDirectoryString OMsyn:15 -olcObjectIdentifier: OMsIA5String OMsyn:26 -olcObjectIdentifier: OMsInteger OMsyn:27 -olcObjectIdentifier: OMsOID OMsyn:38 -olcObjectIdentifier: OMsOctetString OMsyn:40 -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.1 DESC 'ACI Item' X-BINARY-TRANS - FER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.2 DESC 'Access Point' X-NOT-HUMA - N-READABLE 'TRUE' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.3 DESC 'Attribute Type Descripti - on' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.4 DESC 'Audio' X-NOT-HUMAN-READA - BLE 'TRUE' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.5 DESC 'Binary' X-NOT-HUMAN-READ - ABLE 'TRUE' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.6 DESC 'Bit String' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.7 DESC 'Boolean' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.8 DESC 'Certificate' X-BINARY-TR - ANSFER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.9 DESC 'Certificate List' X-BINA - RY-TRANSFER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.10 DESC 'Certificate Pair' X-BIN - ARY-TRANSFER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.11.10.2.1 DESC 'X.509 AttributeCertifi - cate' X-BINARY-TRANSFER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.12 DESC 'Distinguished Name' ) -olcLdapSyntaxes: ( 1.2.36.79672281.1.5.0 DESC 'RDN' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.13 DESC 'Data Quality' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.14 DESC 'Delivery Method' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.15 DESC 'Directory String' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.16 DESC 'DIT Content Rule Descri - ption' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.17 DESC 'DIT Structure Rule Desc - ription' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.19 DESC 'DSA Quality' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.20 DESC 'DSE Type' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.21 DESC 'Enhanced Guide' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.22 DESC 'Facsimile Telephone Num - ber' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.23 DESC 'Fax' X-NOT-HUMAN-READAB - LE 'TRUE' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.24 DESC 'Generalized Time' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.25 DESC 'Guide' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.26 DESC 'IA5 String' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.27 DESC 'Integer' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.28 DESC 'JPEG' X-NOT-HUMAN-READA - BLE 'TRUE' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.29 DESC 'Master And Shadow Acces - s Points' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.30 DESC 'Matching Rule Descripti - on' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.31 DESC 'Matching Rule Use Descr - iption' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.32 DESC 'Mail Preference' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.33 DESC 'MHS OR Address' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.34 DESC 'Name And Optional UID' - ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.35 DESC 'Name Form Description' - ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.36 DESC 'Numeric String' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.37 DESC 'Object Class Descriptio - n' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.38 DESC 'OID' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.39 DESC 'Other Mailbox' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.40 DESC 'Octet String' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.41 DESC 'Postal Address' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.42 DESC 'Protocol Information' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.43 DESC 'Presentation Address' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.44 DESC 'Printable String' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.11 DESC 'Country String' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.45 DESC 'SubtreeSpecification' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.49 DESC 'Supported Algorithm' X- - BINARY-TRANSFER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.50 DESC 'Telephone Number' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.51 DESC 'Teletex Terminal Identi - fier' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.52 DESC 'Telex Number' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.54 DESC 'LDAP Syntax Description - ' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.55 DESC 'Modify Rights' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.56 DESC 'LDAP Schema Definition' - ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.57 DESC 'LDAP Schema Description - ' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.58 DESC 'Substring Assertion' ) -olcLdapSyntaxes: ( 1.3.6.1.1.1.0.0 DESC 'RFC2307 NIS Netgroup Triple' ) -olcLdapSyntaxes: ( 1.3.6.1.1.1.0.1 DESC 'RFC2307 Boot Parameter' ) -olcLdapSyntaxes: ( 1.3.6.1.1.15.1 DESC 'Certificate Exact Assertion' ) -olcLdapSyntaxes: ( 1.3.6.1.1.15.2 DESC 'Certificate Assertion' ) -olcLdapSyntaxes: ( 1.3.6.1.1.15.3 DESC 'Certificate Pair Exact Assertion' ) -olcLdapSyntaxes: ( 1.3.6.1.1.15.4 DESC 'Certificate Pair Assertion' ) -olcLdapSyntaxes: ( 1.3.6.1.1.15.5 DESC 'Certificate List Exact Assertion' ) -olcLdapSyntaxes: ( 1.3.6.1.1.15.6 DESC 'Certificate List Assertion' ) -olcLdapSyntaxes: ( 1.3.6.1.1.15.7 DESC 'Algorithm Identifier' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.11.10.2.2 DESC 'AttributeCertificate E - xact Assertion' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.11.10.2.3 DESC 'AttributeCertificate A - ssertion' ) -olcLdapSyntaxes: ( 1.3.6.1.1.16.1 DESC 'UUID' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.11.2.1 DESC 'CSN' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.11.2.4 DESC 'CSN SID' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.1.1.1 DESC 'OpenLDAP void' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.2.7 DESC 'OpenLDAP authz' ) -olcLdapSyntaxes: ( 1.3.6.1.4.1.4203.666.2.1 DESC 'OpenLDAP Experimental ACI' ) -olcAttributeTypes: ( 2.5.4.0 NAME 'objectClass' DESC 'RFC4512: object classes - of the entity' EQUALITY objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121 - .1.38 ) -olcAttributeTypes: ( 2.5.21.9 NAME 'structuralObjectClass' DESC 'RFC4512: stru - ctural object class of entry' EQUALITY objectIdentifierMatch SYNTAX 1.3.6.1.4 - .1.1466.115.121.1.38 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperati - on ) -olcAttributeTypes: ( 2.5.18.1 NAME 'createTimestamp' DESC 'RFC4512: time which - object was created' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOr - deringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE NO-USER-MODIFIC - ATION USAGE directoryOperation ) -olcAttributeTypes: ( 2.5.18.2 NAME 'modifyTimestamp' DESC 'RFC4512: time which - object was last modified' EQUALITY generalizedTimeMatch ORDERING generalized - TimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE NO-USER-M - ODIFICATION USAGE directoryOperation ) -olcAttributeTypes: ( 2.5.18.3 NAME 'creatorsName' DESC 'RFC4512: name of creat - or' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SING - LE-VALUE NO-USER-MODIFICATION USAGE directoryOperation ) -olcAttributeTypes: ( 2.5.18.4 NAME 'modifiersName' DESC 'RFC4512: name of last - modifier' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1. - 12 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation ) -olcAttributeTypes: ( 2.5.18.9 NAME 'hasSubordinates' DESC 'X.501: entry has ch - ildren' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALU - E NO-USER-MODIFICATION USAGE directoryOperation ) -olcAttributeTypes: ( 2.5.18.10 NAME 'subschemaSubentry' DESC 'RFC4512: name of - controlling subschema entry' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1. - 4.1.1466.115.121.1.12 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperat - ion ) -olcAttributeTypes: ( 1.3.6.1.1.20 NAME 'entryDN' DESC 'DN of the entry' EQUALI - TY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE N - O-USER-MODIFICATION USAGE directoryOperation ) -olcAttributeTypes: ( 1.3.6.1.1.16.4 NAME 'entryUUID' DESC 'UUID of the entry' - EQUALITY UUIDMatch ORDERING UUIDOrderingMatch SYNTAX 1.3.6.1.1.16.1 SINGLE-VA - LUE NO-USER-MODIFICATION USAGE directoryOperation ) -olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.7 NAME 'entryCSN' DESC 'change seq - uence number of the entry content' EQUALITY CSNMatch ORDERING CSNOrderingMatc - h SYNTAX 1.3.6.1.4.1.4203.666.11.2.1{64} SINGLE-VALUE NO-USER-MODIFICATION US - AGE directoryOperation ) -olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.13 NAME 'namingCSN' DESC 'change s - equence number of the entry naming (RDN)' EQUALITY CSNMatch ORDERING CSNOrder - ingMatch SYNTAX 1.3.6.1.4.1.4203.666.11.2.1{64} SINGLE-VALUE NO-USER-MODIFICA - TION USAGE directoryOperation ) -olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.23 NAME 'syncreplCookie' DESC 'syn - crepl Cookie for shadow copy' EQUALITY octetStringMatch ORDERING octetStringO - rderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE NO-USER-MODIFI - CATION USAGE dSAOperation ) -olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.25 NAME 'contextCSN' DESC 'the lar - gest committed CSN of a context' EQUALITY CSNMatch ORDERING CSNOrderingMatch - SYNTAX 1.3.6.1.4.1.4203.666.11.2.1{64} NO-USER-MODIFICATION USAGE dSAOperatio - n ) -olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.6 NAME 'altServer' DESC 'RFC4512 - : alternative servers' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 USAGE dSAOperatio - n ) -olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.5 NAME 'namingContexts' DESC 'RF - C4512: naming contexts' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 USAGE dSAOperati - on ) -olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.13 NAME 'supportedControl' DESC - 'RFC4512: supported controls' SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAO - peration ) -olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.7 NAME 'supportedExtension' DESC - 'RFC4512: supported extended operations' SYNTAX 1.3.6.1.4.1.1466.115.121.1.3 - 8 USAGE dSAOperation ) -olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.15 NAME 'supportedLDAPVersion' D - ESC 'RFC4512: supported LDAP versions' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 U - SAGE dSAOperation ) -olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.14 NAME 'supportedSASLMechanisms - ' DESC 'RFC4512: supported SASL mechanisms' SYNTAX 1.3.6.1.4.1.1466.115.121.1 - .15 USAGE dSAOperation ) -olcAttributeTypes: ( 1.3.6.1.4.1.4203.1.3.5 NAME 'supportedFeatures' DESC 'RFC - 4512: features supported by the server' EQUALITY objectIdentifierMatch SYNTAX - 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation ) -olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.10 NAME 'monitorContext' DESC 'mon - itor context' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121 - .1.12 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation ) -olcAttributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.1 NAME 'configContext' DESC 'conf - ig context' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1 - .12 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation ) -olcAttributeTypes: ( 1.3.6.1.1.4 NAME 'vendorName' DESC 'RFC3045: name of impl - ementation vendor' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1. - 15 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation ) -olcAttributeTypes: ( 1.3.6.1.1.5 NAME 'vendorVersion' DESC 'RFC3045: version o - f implementation' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.1 - 5 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation ) -olcAttributeTypes: ( 2.5.18.5 NAME 'administrativeRole' DESC 'RFC3672: adminis - trative role' EQUALITY objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121. - 1.38 USAGE directoryOperation ) -olcAttributeTypes: ( 2.5.18.6 NAME 'subtreeSpecification' DESC 'RFC3672: subtr - ee specification' SYNTAX 1.3.6.1.4.1.1466.115.121.1.45 SINGLE-VALUE USAGE dir - ectoryOperation ) -olcAttributeTypes: ( 2.5.21.1 NAME 'dITStructureRules' DESC 'RFC4512: DIT stru - cture rules' EQUALITY integerFirstComponentMatch SYNTAX 1.3.6.1.4.1.1466.115. - 121.1.17 USAGE directoryOperation ) -olcAttributeTypes: ( 2.5.21.2 NAME 'dITContentRules' DESC 'RFC4512: DIT conten - t rules' EQUALITY objectIdentifierFirstComponentMatch SYNTAX 1.3.6.1.4.1.1466 - .115.121.1.16 USAGE directoryOperation ) -olcAttributeTypes: ( 2.5.21.4 NAME 'matchingRules' DESC 'RFC4512: matching rul - es' EQUALITY objectIdentifierFirstComponentMatch SYNTAX 1.3.6.1.4.1.1466.115. - 121.1.30 USAGE directoryOperation ) -olcAttributeTypes: ( 2.5.21.5 NAME 'attributeTypes' DESC 'RFC4512: attribute t - ypes' EQUALITY objectIdentifierFirstComponentMatch SYNTAX 1.3.6.1.4.1.1466.11 - 5.121.1.3 USAGE directoryOperation ) -olcAttributeTypes: ( 2.5.21.6 NAME 'objectClasses' DESC 'RFC4512: object class - es' EQUALITY objectIdentifierFirstComponentMatch SYNTAX 1.3.6.1.4.1.1466.115. - 121.1.37 USAGE directoryOperation ) -olcAttributeTypes: ( 2.5.21.7 NAME 'nameForms' DESC 'RFC4512: name forms ' EQU - ALITY objectIdentifierFirstComponentMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.3 - 5 USAGE directoryOperation ) -olcAttributeTypes: ( 2.5.21.8 NAME 'matchingRuleUse' DESC 'RFC4512: matching r - ule uses' EQUALITY objectIdentifierFirstComponentMatch SYNTAX 1.3.6.1.4.1.146 - 6.115.121.1.31 USAGE directoryOperation ) -olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.120.16 NAME 'ldapSyntaxes' DESC 'RFC - 4512: LDAP syntaxes' EQUALITY objectIdentifierFirstComponentMatch SYNTAX 1.3. - 6.1.4.1.1466.115.121.1.54 USAGE directoryOperation ) -olcAttributeTypes: ( 2.5.4.1 NAME ( 'aliasedObjectName' 'aliasedEntryName' ) D - ESC 'RFC4512: name of aliased object' EQUALITY distinguishedNameMatch SYNTAX - 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE ) -olcAttributeTypes: ( 2.16.840.1.113730.3.1.34 NAME 'ref' DESC 'RFC3296: subord - inate referral URL' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1 - .15 USAGE distributedOperation ) -olcAttributeTypes: ( 1.3.6.1.4.1.4203.1.3.1 NAME 'entry' DESC 'OpenLDAP ACL en - try pseudo-attribute' SYNTAX 1.3.6.1.4.1.4203.1.1.1 SINGLE-VALUE NO-USER-MODI - FICATION USAGE dSAOperation ) -olcAttributeTypes: ( 1.3.6.1.4.1.4203.1.3.2 NAME 'children' DESC 'OpenLDAP ACL - children pseudo-attribute' SYNTAX 1.3.6.1.4.1.4203.1.1.1 SINGLE-VALUE NO-USE - R-MODIFICATION USAGE dSAOperation ) -olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.8 NAME ( 'authzTo' 'saslAuthzTo' ) - DESC 'proxy authorization targets' EQUALITY authzMatch SYNTAX 1.3.6.1.4.1.42 - 03.666.2.7 USAGE distributedOperation X-ORDERED 'VALUES' ) -olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.9 NAME ( 'authzFrom' 'saslAuthzFro - m' ) DESC 'proxy authorization sources' EQUALITY authzMatch SYNTAX 1.3.6.1.4. - 1.4203.666.2.7 USAGE distributedOperation X-ORDERED 'VALUES' ) -olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.119.3 NAME 'entryTtl' DESC 'RFC2589: - entry time-to-live' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE NO-USE - R-MODIFICATION USAGE dSAOperation ) -olcAttributeTypes: ( 1.3.6.1.4.1.1466.101.119.4 NAME 'dynamicSubtrees' DESC 'R - FC2589: dynamic subtrees' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 NO-USER-MODIFI - CATION USAGE dSAOperation ) -olcAttributeTypes: ( 2.5.4.49 NAME 'distinguishedName' DESC 'RFC4519: common s - upertype of DN attributes' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1 - .1466.115.121.1.12 ) -olcAttributeTypes: ( 2.5.4.41 NAME 'name' DESC 'RFC4519: common supertype of n - ame attributes' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYN - TAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) -olcAttributeTypes: ( 2.5.4.3 NAME ( 'cn' 'commonName' ) DESC 'RFC4519: common - name(s) for which the entity is known by' SUP name ) -olcAttributeTypes: ( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' ) DESC 'R - FC4519: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstrings - Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) -olcAttributeTypes: ( 1.3.6.1.1.1.1.0 NAME 'uidNumber' DESC 'RFC2307: An intege - r uniquely identifying a user in an administrative domain' EQUALITY integerMa - tch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE - -VALUE ) -olcAttributeTypes: ( 1.3.6.1.1.1.1.1 NAME 'gidNumber' DESC 'RFC2307: An intege - r uniquely identifying a group in an administrative domain' EQUALITY integerM - atch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGL - E-VALUE ) -olcAttributeTypes: ( 2.5.4.35 NAME 'userPassword' DESC 'RFC4519/2307: password - of user' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} - ) -olcAttributeTypes: ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI' DESC 'RFC2079: Uni - form Resource Identifier with optional label' EQUALITY caseExactMatch SYNTAX - 1.3.6.1.4.1.1466.115.121.1.15 ) -olcAttributeTypes: ( 2.5.4.13 NAME 'description' DESC 'RFC4519: descriptive in - formation' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1 - .3.6.1.4.1.1466.115.121.1.15{1024} ) -olcAttributeTypes: ( 2.5.4.34 NAME 'seeAlso' DESC 'RFC4519: DN of related obje - ct' SUP distinguishedName ) -olcAttributeTypes: ( OLcfgGlAt:78 NAME 'olcConfigFile' DESC 'File for slapd co - nfiguration directives' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString SI - NGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:79 NAME 'olcConfigDir' DESC 'Directory for slap - d configuration backend' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString S - INGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:1 NAME 'olcAccess' DESC 'Access Control List' E - QUALITY caseIgnoreMatch SYNTAX OMsDirectoryString X-ORDERED 'VALUES' ) -olcAttributeTypes: ( OLcfgGlAt:86 NAME 'olcAddContentAcl' DESC 'Check ACLs aga - inst content of Add ops' SYNTAX OMsBoolean SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:2 NAME 'olcAllows' DESC 'Allowed set of depreca - ted features' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString ) -olcAttributeTypes: ( OLcfgGlAt:3 NAME 'olcArgsFile' DESC 'File for slapd comma - nd line options' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString SINGLE-VA - LUE ) -olcAttributeTypes: ( OLcfgGlAt:5 NAME 'olcAttributeOptions' EQUALITY caseIgnor - eMatch SYNTAX OMsDirectoryString ) -olcAttributeTypes: ( OLcfgGlAt:4 NAME 'olcAttributeTypes' DESC 'OpenLDAP attri - buteTypes' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX O - MsDirectoryString X-ORDERED 'VALUES' ) -olcAttributeTypes: ( OLcfgGlAt:6 NAME 'olcAuthIDRewrite' EQUALITY caseIgnoreMa - tch SYNTAX OMsDirectoryString X-ORDERED 'VALUES' ) -olcAttributeTypes: ( OLcfgGlAt:7 NAME 'olcAuthzPolicy' EQUALITY caseIgnoreMatc - h SYNTAX OMsDirectoryString SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:8 NAME 'olcAuthzRegexp' EQUALITY caseIgnoreMatc - h SYNTAX OMsDirectoryString X-ORDERED 'VALUES' ) -olcAttributeTypes: ( OLcfgGlAt:9 NAME 'olcBackend' DESC 'A type of backend' EQ - UALITY caseIgnoreMatch SYNTAX OMsDirectoryString SINGLE-VALUE X-ORDERED 'SIBL - INGS' ) -olcAttributeTypes: ( OLcfgGlAt:10 NAME 'olcConcurrency' SYNTAX OMsInteger SING - LE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:11 NAME 'olcConnMaxPending' SYNTAX OMsInteger S - INGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:12 NAME 'olcConnMaxPendingAuth' SYNTAX OMsInteg - er SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:13 NAME 'olcDatabase' DESC 'The backend type fo - r a database instance' SUP olcBackend SINGLE-VALUE X-ORDERED 'SIBLINGS' ) -olcAttributeTypes: ( OLcfgGlAt:14 NAME 'olcDefaultSearchBase' SYNTAX OMsDN SIN - GLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:15 NAME 'olcDisallows' EQUALITY caseIgnoreMatch - SYNTAX OMsDirectoryString ) -olcAttributeTypes: ( OLcfgGlAt:16 NAME 'olcDitContentRules' DESC 'OpenLDAP DIT - content rules' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYN - TAX OMsDirectoryString X-ORDERED 'VALUES' ) -olcAttributeTypes: ( OLcfgDbAt:0.20 NAME 'olcExtraAttrs' EQUALITY caseIgnoreMa - tch SYNTAX OMsDirectoryString ) -olcAttributeTypes: ( OLcfgGlAt:17 NAME 'olcGentleHUP' SYNTAX OMsBoolean SINGLE - -VALUE ) -olcAttributeTypes: ( OLcfgDbAt:0.17 NAME 'olcHidden' SYNTAX OMsBoolean SINGLE- - VALUE ) -olcAttributeTypes: ( OLcfgGlAt:18 NAME 'olcIdleTimeout' SYNTAX OMsInteger SING - LE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:19 NAME 'olcInclude' SUP labeledURI ) -olcAttributeTypes: ( OLcfgGlAt:20 NAME 'olcIndexSubstrIfMinLen' SYNTAX OMsInte - ger SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:21 NAME 'olcIndexSubstrIfMaxLen' SYNTAX OMsInte - ger SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:22 NAME 'olcIndexSubstrAnyLen' SYNTAX OMsIntege - r SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:23 NAME 'olcIndexSubstrAnyStep' SYNTAX OMsInteg - er SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:84 NAME 'olcIndexIntLen' SYNTAX OMsInteger SING - LE-VALUE ) -olcAttributeTypes: ( OLcfgDbAt:0.4 NAME 'olcLastMod' SYNTAX OMsBoolean SINGLE- - VALUE ) -olcAttributeTypes: ( OLcfgGlAt:85 NAME 'olcLdapSyntaxes' DESC 'OpenLDAP ldapSy - ntax' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX OMsDir - ectoryString X-ORDERED 'VALUES' ) -olcAttributeTypes: ( OLcfgDbAt:0.5 NAME 'olcLimits' EQUALITY caseIgnoreMatch S - YNTAX OMsDirectoryString X-ORDERED 'VALUES' ) -olcAttributeTypes: ( OLcfgGlAt:93 NAME 'olcListenerThreads' SYNTAX OMsInteger - SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:26 NAME 'olcLocalSSF' SYNTAX OMsInteger SINGLE- - VALUE ) -olcAttributeTypes: ( OLcfgGlAt:27 NAME 'olcLogFile' SYNTAX OMsDirectoryString - SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:28 NAME 'olcLogLevel' EQUALITY caseIgnoreMatch - SYNTAX OMsDirectoryString ) -olcAttributeTypes: ( OLcfgDbAt:0.6 NAME 'olcMaxDerefDepth' SYNTAX OMsInteger S - INGLE-VALUE ) -olcAttributeTypes: ( OLcfgDbAt:0.16 NAME 'olcMirrorMode' SYNTAX OMsBoolean SIN - GLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:30 NAME 'olcModuleLoad' EQUALITY caseIgnoreMatc - h SYNTAX OMsDirectoryString X-ORDERED 'VALUES' ) -olcAttributeTypes: ( OLcfgGlAt:31 NAME 'olcModulePath' SYNTAX OMsDirectoryStri - ng SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgDbAt:0.18 NAME 'olcMonitoring' SYNTAX OMsBoolean SIN - GLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:32 NAME 'olcObjectClasses' DESC 'OpenLDAP objec - t classes' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX O - MsDirectoryString X-ORDERED 'VALUES' ) -olcAttributeTypes: ( OLcfgGlAt:33 NAME 'olcObjectIdentifier' EQUALITY caseIgno - reMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX OMsDirectoryString X-ORDERED - 'VALUES' ) -olcAttributeTypes: ( OLcfgGlAt:34 NAME 'olcOverlay' SUP olcDatabase SINGLE-VAL - UE X-ORDERED 'SIBLINGS' ) -olcAttributeTypes: ( OLcfgGlAt:35 NAME 'olcPasswordCryptSaltFormat' SYNTAX OMs - DirectoryString SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:36 NAME 'olcPasswordHash' EQUALITY caseIgnoreMa - tch SYNTAX OMsDirectoryString ) -olcAttributeTypes: ( OLcfgGlAt:37 NAME 'olcPidFile' SYNTAX OMsDirectoryString - SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:38 NAME 'olcPlugin' EQUALITY caseIgnoreMatch SY - NTAX OMsDirectoryString ) -olcAttributeTypes: ( OLcfgGlAt:39 NAME 'olcPluginLogFile' SYNTAX OMsDirectoryS - tring SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:40 NAME 'olcReadOnly' SYNTAX OMsBoolean SINGLE- - VALUE ) -olcAttributeTypes: ( OLcfgGlAt:41 NAME 'olcReferral' SUP labeledURI SINGLE-VAL - UE ) -olcAttributeTypes: ( OLcfgDbAt:0.7 NAME 'olcReplica' SUP labeledURI EQUALITY c - aseIgnoreMatch X-ORDERED 'VALUES' ) -olcAttributeTypes: ( OLcfgGlAt:43 NAME 'olcReplicaArgsFile' SYNTAX OMsDirector - yString SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:44 NAME 'olcReplicaPidFile' SYNTAX OMsDirectory - String SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:45 NAME 'olcReplicationInterval' SYNTAX OMsInte - ger SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:46 NAME 'olcReplogFile' SYNTAX OMsDirectoryStri - ng SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:47 NAME 'olcRequires' EQUALITY caseIgnoreMatch - SYNTAX OMsDirectoryString ) -olcAttributeTypes: ( OLcfgGlAt:48 NAME 'olcRestrict' EQUALITY caseIgnoreMatch - SYNTAX OMsDirectoryString ) -olcAttributeTypes: ( OLcfgGlAt:49 NAME 'olcReverseLookup' SYNTAX OMsBoolean SI - NGLE-VALUE ) -olcAttributeTypes: ( OLcfgDbAt:0.8 NAME 'olcRootDN' EQUALITY distinguishedName - Match SYNTAX OMsDN SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:51 NAME 'olcRootDSE' EQUALITY caseIgnoreMatch S - YNTAX OMsDirectoryString ) -olcAttributeTypes: ( OLcfgDbAt:0.9 NAME 'olcRootPW' SYNTAX OMsDirectoryString - SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:89 NAME 'olcSaslAuxprops' SYNTAX OMsDirectorySt - ring SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:53 NAME 'olcSaslHost' SYNTAX OMsDirectoryString - SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:54 NAME 'olcSaslRealm' SYNTAX OMsDirectoryStrin - g SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:56 NAME 'olcSaslSecProps' SYNTAX OMsDirectorySt - ring SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:58 NAME 'olcSchemaDN' EQUALITY distinguishedNam - eMatch SYNTAX OMsDN SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:59 NAME 'olcSecurity' EQUALITY caseIgnoreMatch - SYNTAX OMsDirectoryString ) -olcAttributeTypes: ( OLcfgGlAt:81 NAME 'olcServerID' EQUALITY caseIgnoreMatch - SYNTAX OMsDirectoryString ) -olcAttributeTypes: ( OLcfgGlAt:60 NAME 'olcSizeLimit' SYNTAX OMsDirectoryStrin - g SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:61 NAME 'olcSockbufMaxIncoming' SYNTAX OMsInteg - er SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:62 NAME 'olcSockbufMaxIncomingAuth' SYNTAX OMsI - nteger SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:83 NAME 'olcSortVals' DESC 'Attributes whose va - lues will always be sorted' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryStrin - g ) -olcAttributeTypes: ( OLcfgDbAt:0.15 NAME 'olcSubordinate' SYNTAX OMsDirectoryS - tring SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgDbAt:0.10 NAME 'olcSuffix' EQUALITY distinguishedNam - eMatch SYNTAX OMsDN ) -olcAttributeTypes: ( OLcfgDbAt:0.19 NAME 'olcSyncUseSubentry' DESC 'Store sync - context in a subentry' SYNTAX OMsBoolean SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgDbAt:0.11 NAME 'olcSyncrepl' EQUALITY caseIgnoreMatc - h SYNTAX OMsDirectoryString X-ORDERED 'VALUES' ) -olcAttributeTypes: ( OLcfgGlAt:90 NAME 'olcTCPBuffer' DESC 'Custom TCP buffer - size' SYNTAX OMsDirectoryString ) -olcAttributeTypes: ( OLcfgGlAt:66 NAME 'olcThreads' SYNTAX OMsInteger SINGLE-V - ALUE ) -olcAttributeTypes: ( OLcfgGlAt:67 NAME 'olcTimeLimit' SYNTAX OMsDirectoryStrin - g ) -olcAttributeTypes: ( OLcfgGlAt:68 NAME 'olcTLSCACertificateFile' SYNTAX OMsDir - ectoryString SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:69 NAME 'olcTLSCACertificatePath' SYNTAX OMsDir - ectoryString SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:70 NAME 'olcTLSCertificateFile' SYNTAX OMsDirec - toryString SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:71 NAME 'olcTLSCertificateKeyFile' SYNTAX OMsDi - rectoryString SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:72 NAME 'olcTLSCipherSuite' SYNTAX OMsDirectory - String SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:73 NAME 'olcTLSCRLCheck' SYNTAX OMsDirectoryStr - ing SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:82 NAME 'olcTLSCRLFile' SYNTAX OMsDirectoryStri - ng SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:74 NAME 'olcTLSRandFile' SYNTAX OMsDirectoryStr - ing SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:75 NAME 'olcTLSVerifyClient' SYNTAX OMsDirector - yString SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:77 NAME 'olcTLSDHParamFile' SYNTAX OMsDirectory - String SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:87 NAME 'olcTLSProtocolMin' SYNTAX OMsDirectory - String SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgGlAt:80 NAME 'olcToolThreads' SYNTAX OMsInteger SING - LE-VALUE ) -olcAttributeTypes: ( OLcfgDbAt:0.12 NAME 'olcUpdateDN' SYNTAX OMsDN SINGLE-VAL - UE ) -olcAttributeTypes: ( OLcfgDbAt:0.13 NAME 'olcUpdateRef' SUP labeledURI EQUALIT - Y caseIgnoreMatch ) -olcAttributeTypes: ( OLcfgGlAt:88 NAME 'olcWriteTimeout' SYNTAX OMsInteger SIN - GLE-VALUE ) -olcAttributeTypes: ( OLcfgDbAt:0.1 NAME 'olcDbDirectory' DESC 'Directory for d - atabase content' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString SINGLE-VA - LUE ) -olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.5 NAME 'OpenLDAPaci' DESC 'OpenLDA - P access control information (experimental)' EQUALITY OpenLDAPaciMatch SYNTAX - 1.3.6.1.4.1.4203.666.2.1 USAGE directoryOperation ) -olcAttributeTypes: ( OLcfgDbAt:1.11 NAME 'olcDbCacheFree' DESC 'Number of extr - a entries to free when max is reached' SYNTAX OMsInteger SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgDbAt:1.1 NAME 'olcDbCacheSize' DESC 'Entry cache siz - e in entries' SYNTAX OMsInteger SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgDbAt:1.2 NAME 'olcDbCheckpoint' DESC 'Database check - point interval in kbytes and minutes' SYNTAX OMsDirectoryString SINGLE-VALUE - ) -olcAttributeTypes: ( OLcfgDbAt:1.16 NAME 'olcDbChecksum' DESC 'Enable database - checksum validation' SYNTAX OMsBoolean SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgDbAt:1.13 NAME 'olcDbCryptFile' DESC 'Pathname of fi - le containing the DB encryption key' SYNTAX OMsDirectoryString SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgDbAt:1.14 NAME 'olcDbCryptKey' DESC 'DB encryption k - ey' SYNTAX OMsOctetString SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgDbAt:1.3 NAME 'olcDbConfig' DESC 'BerkeleyDB DB_CONF - IG configuration directives' SYNTAX OMsIA5String X-ORDERED 'VALUES' ) -olcAttributeTypes: ( OLcfgDbAt:1.4 NAME 'olcDbNoSync' DESC 'Disable synchronou - s database writes' SYNTAX OMsBoolean SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgDbAt:1.15 NAME 'olcDbPageSize' DESC 'Page size of sp - ecified DB, in Kbytes' EQUALITY caseExactMatch SYNTAX OMsDirectoryString ) -olcAttributeTypes: ( OLcfgDbAt:1.5 NAME 'olcDbDirtyRead' DESC 'Allow reads of - uncommitted data' SYNTAX OMsBoolean SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgDbAt:1.12 NAME 'olcDbDNcacheSize' DESC 'DN cache siz - e' SYNTAX OMsInteger SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgDbAt:1.6 NAME 'olcDbIDLcacheSize' DESC 'IDL cache si - ze in IDLs' SYNTAX OMsInteger SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgDbAt:0.2 NAME 'olcDbIndex' DESC 'Attribute index par - ameters' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString ) -olcAttributeTypes: ( OLcfgDbAt:1.7 NAME 'olcDbLinearIndex' DESC 'Index attribu - tes one at a time' SYNTAX OMsBoolean SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgDbAt:1.8 NAME 'olcDbLockDetect' DESC 'Deadlock detec - tion algorithm' SYNTAX OMsDirectoryString SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgDbAt:0.3 NAME 'olcDbMode' DESC 'Unix permissions of - database files' SYNTAX OMsDirectoryString SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgDbAt:1.9 NAME 'olcDbSearchStack' DESC 'Depth of sear - ch stack in IDLs' SYNTAX OMsInteger SINGLE-VALUE ) -olcAttributeTypes: ( OLcfgDbAt:1.10 NAME 'olcDbShmKey' DESC 'Key for shared me - mory region' SYNTAX OMsInteger SINGLE-VALUE ) -olcObjectClasses: ( 2.5.6.0 NAME 'top' DESC 'top of the superclass chain' ABST - RACT MUST objectClass ) -olcObjectClasses: ( 1.3.6.1.4.1.1466.101.120.111 NAME 'extensibleObject' DESC - 'RFC4512: extensible object' SUP top AUXILIARY ) -olcObjectClasses: ( 2.5.6.1 NAME 'alias' DESC 'RFC4512: an alias' SUP top STRU - CTURAL MUST aliasedObjectName ) -olcObjectClasses: ( 2.16.840.1.113730.3.2.6 NAME 'referral' DESC 'namedref: na - med subordinate referral' SUP top STRUCTURAL MUST ref ) -olcObjectClasses: ( 1.3.6.1.4.1.4203.1.4.1 NAME ( 'OpenLDAProotDSE' 'LDAProotD - SE' ) DESC 'OpenLDAP Root DSE object' SUP top STRUCTURAL MAY cn ) -olcObjectClasses: ( 2.5.17.0 NAME 'subentry' DESC 'RFC3672: subentry' SUP top - STRUCTURAL MUST ( cn $ subtreeSpecification ) ) -olcObjectClasses: ( 2.5.20.1 NAME 'subschema' DESC 'RFC4512: controlling subsc - hema (sub)entry' AUXILIARY MAY ( dITStructureRules $ nameForms $ dITContentRu - les $ objectClasses $ attributeTypes $ matchingRules $ matchingRuleUse ) ) -olcObjectClasses: ( 1.3.6.1.4.1.1466.101.119.2 NAME 'dynamicObject' DESC 'RFC2 - 589: Dynamic Object' SUP top AUXILIARY ) -olcObjectClasses: ( 1.3.6.1.4.1.4203.666.3.4 NAME 'glue' DESC 'Glue Entry' SUP - top STRUCTURAL ) -olcObjectClasses: ( 1.3.6.1.4.1.4203.666.3.5 NAME 'syncConsumerSubentry' DESC - 'Persistent Info for SyncRepl Consumer' AUXILIARY MAY syncreplCookie ) -olcObjectClasses: ( 1.3.6.1.4.1.4203.666.3.6 NAME 'syncProviderSubentry' DESC - 'Persistent Info for SyncRepl Producer' AUXILIARY MAY contextCSN ) -olcObjectClasses: ( OLcfgGlOc:0 NAME 'olcConfig' DESC 'OpenLDAP configuration - object' SUP top ABSTRACT ) -olcObjectClasses: ( OLcfgGlOc:1 NAME 'olcGlobal' DESC 'OpenLDAP Global configu - ration options' SUP olcConfig STRUCTURAL MAY ( cn $ olcConfigFile $ olcConfig - Dir $ olcAllows $ olcArgsFile $ olcAttributeOptions $ olcAuthIDRewrite $ olcA - uthzPolicy $ olcAuthzRegexp $ olcConcurrency $ olcConnMaxPending $ olcConnMax - PendingAuth $ olcDisallows $ olcGentleHUP $ olcIdleTimeout $ olcIndexSubstrIf - MaxLen $ olcIndexSubstrIfMinLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnySte - p $ olcIndexIntLen $ olcLocalSSF $ olcLogFile $ olcLogLevel $ olcPasswordCryp - tSaltFormat $ olcPasswordHash $ olcPidFile $ olcPluginLogFile $ olcReadOnly $ - olcReferral $ olcReplogFile $ olcRequires $ olcRestrict $ olcReverseLookup $ - olcRootDSE $ olcSaslAuxprops $ olcSaslHost $ olcSaslRealm $ olcSaslSecProps - $ olcSecurity $ olcServerID $ olcSizeLimit $ olcSockbufMaxIncoming $ olcSockb - ufMaxIncomingAuth $ olcTCPBuffer $ olcThreads $ olcTimeLimit $ olcTLSCACertif - icateFile $ olcTLSCACertificatePath $ olcTLSCertificateFile $ olcTLSCertifica - teKeyFile $ olcTLSCipherSuite $ olcTLSCRLCheck $ olcTLSRandFile $ olcTLSVerif - yClient $ olcTLSDHParamFile $ olcTLSCRLFile $ olcToolThreads $ olcWriteTimeou - t $ olcObjectIdentifier $ olcAttributeTypes $ olcObjectClasses $ olcDitConten - tRules $ olcLdapSyntaxes ) ) -olcObjectClasses: ( OLcfgGlOc:2 NAME 'olcSchemaConfig' DESC 'OpenLDAP schema o - bject' SUP olcConfig STRUCTURAL MAY ( cn $ olcObjectIdentifier $ olcLdapSynta - xes $ olcAttributeTypes $ olcObjectClasses $ olcDitContentRules ) ) -olcObjectClasses: ( OLcfgGlOc:3 NAME 'olcBackendConfig' DESC 'OpenLDAP Backend - -specific options' SUP olcConfig STRUCTURAL MUST olcBackend ) -olcObjectClasses: ( OLcfgGlOc:4 NAME 'olcDatabaseConfig' DESC 'OpenLDAP Databa - se-specific options' SUP olcConfig STRUCTURAL MUST olcDatabase MAY ( olcHidde - n $ olcSuffix $ olcSubordinate $ olcAccess $ olcAddContentAcl $ olcLastMod $ - olcLimits $ olcMaxDerefDepth $ olcPlugin $ olcReadOnly $ olcReplica $ olcRepl - icaArgsFile $ olcReplicaPidFile $ olcReplicationInterval $ olcReplogFile $ ol - cRequires $ olcRestrict $ olcRootDN $ olcRootPW $ olcSchemaDN $ olcSecurity $ - olcSizeLimit $ olcSyncUseSubentry $ olcSyncrepl $ olcTimeLimit $ olcUpdateDN - $ olcUpdateRef $ olcMirrorMode $ olcMonitoring $ olcExtraAttrs ) ) -olcObjectClasses: ( OLcfgGlOc:5 NAME 'olcOverlayConfig' DESC 'OpenLDAP Overlay - -specific options' SUP olcConfig STRUCTURAL MUST olcOverlay ) -olcObjectClasses: ( OLcfgGlOc:6 NAME 'olcIncludeFile' DESC 'OpenLDAP configura - tion include file' SUP olcConfig STRUCTURAL MUST olcInclude MAY ( cn $ olcRoo - tDSE ) ) -olcObjectClasses: ( OLcfgGlOc:7 NAME 'olcFrontendConfig' DESC 'OpenLDAP fronte - nd configuration' AUXILIARY MAY ( olcDefaultSearchBase $ olcPasswordHash $ ol - cSortVals ) ) -olcObjectClasses: ( OLcfgGlOc:8 NAME 'olcModuleList' DESC 'OpenLDAP dynamic mo - dule info' SUP olcConfig STRUCTURAL MAY ( cn $ olcModulePath $ olcModuleLoad - ) ) -olcObjectClasses: ( OLcfgDbOc:2.1 NAME 'olcLdifConfig' DESC 'LDIF backend conf - iguration' SUP olcDatabaseConfig STRUCTURAL MUST olcDbDirectory ) -olcObjectClasses: ( OLcfgDbOc:1.2 NAME 'olcHdbConfig' DESC 'HDB backend config - uration' SUP olcDatabaseConfig STRUCTURAL MUST olcDbDirectory MAY ( olcDbCach - eSize $ olcDbCheckpoint $ olcDbConfig $ olcDbCryptFile $ olcDbCryptKey $ olcD - bNoSync $ olcDbDirtyRead $ olcDbIDLcacheSize $ olcDbIndex $ olcDbLinearIndex - $ olcDbLockDetect $ olcDbMode $ olcDbSearchStack $ olcDbShmKey $ olcDbCacheFr - ee $ olcDbDNcacheSize $ olcDbPageSize ) ) -structuralObjectClass: olcSchemaConfig -entryUUID: 5605c11a-6a95-1032-9776-cf219862f309 -creatorsName: cn=config -createTimestamp: 20130616055713Z -entryCSN: 20130616055713.639138Z#000000#000#000000 -modifiersName: cn=config -modifyTimestamp: 20130616055713Z diff --git a/lsexample/slapd/slapd.d/cn=config/cn=schema/cn={0}core.ldif b/lsexample/slapd/slapd.d/cn=config/cn=schema/cn={0}core.ldif deleted file mode 100644 index 0eecfbd7..00000000 --- a/lsexample/slapd/slapd.d/cn=config/cn=schema/cn={0}core.ldif +++ /dev/null @@ -1,243 +0,0 @@ -# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. -# CRC32 b1b9e123 -dn: cn={0}core -objectClass: olcSchemaConfig -cn: {0}core -olcAttributeTypes: {0}( 2.5.4.2 NAME 'knowledgeInformation' DESC 'RFC2256: kno - wledge information' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121. - 1.15{32768} ) -olcAttributeTypes: {1}( 2.5.4.4 NAME ( 'sn' 'surname' ) DESC 'RFC2256: last (f - amily) name(s) for which the entity is known by' SUP name ) -olcAttributeTypes: {2}( 2.5.4.5 NAME 'serialNumber' DESC 'RFC2256: serial numb - er of the entity' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch S - YNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} ) -olcAttributeTypes: {3}( 2.5.4.6 NAME ( 'c' 'countryName' ) DESC 'RFC2256: ISO- - 3166 country 2-letter code' SUP name SINGLE-VALUE ) -olcAttributeTypes: {4}( 2.5.4.7 NAME ( 'l' 'localityName' ) DESC 'RFC2256: loc - ality which this object resides in' SUP name ) -olcAttributeTypes: {5}( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' ) DESC 'RFC2 - 256: state or province which this object resides in' SUP name ) -olcAttributeTypes: {6}( 2.5.4.9 NAME ( 'street' 'streetAddress' ) DESC 'RFC225 - 6: street address of this object' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreS - ubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) -olcAttributeTypes: {7}( 2.5.4.10 NAME ( 'o' 'organizationName' ) DESC 'RFC2256 - : organization this object belongs to' SUP name ) -olcAttributeTypes: {8}( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' ) DESC ' - RFC2256: organizational unit this object belongs to' SUP name ) -olcAttributeTypes: {9}( 2.5.4.12 NAME 'title' DESC 'RFC2256: title associated - with the entity' SUP name ) -olcAttributeTypes: {10}( 2.5.4.14 NAME 'searchGuide' DESC 'RFC2256: search gui - de, deprecated by enhancedSearchGuide' SYNTAX 1.3.6.1.4.1.1466.115.121.1.25 ) -olcAttributeTypes: {11}( 2.5.4.15 NAME 'businessCategory' DESC 'RFC2256: busin - ess category' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTA - X 1.3.6.1.4.1.1466.115.121.1.15{128} ) -olcAttributeTypes: {12}( 2.5.4.16 NAME 'postalAddress' DESC 'RFC2256: postal a - ddress' EQUALITY caseIgnoreListMatch SUBSTR caseIgnoreListSubstringsMatch SYN - TAX 1.3.6.1.4.1.1466.115.121.1.41 ) -olcAttributeTypes: {13}( 2.5.4.17 NAME 'postalCode' DESC 'RFC2256: postal code - ' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4. - 1.1466.115.121.1.15{40} ) -olcAttributeTypes: {14}( 2.5.4.18 NAME 'postOfficeBox' DESC 'RFC2256: Post Off - ice Box' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3 - .6.1.4.1.1466.115.121.1.15{40} ) -olcAttributeTypes: {15}( 2.5.4.19 NAME 'physicalDeliveryOfficeName' DESC 'RFC2 - 256: Physical Delivery Office Name' EQUALITY caseIgnoreMatch SUBSTR caseIgnor - eSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) -olcAttributeTypes: {16}( 2.5.4.20 NAME 'telephoneNumber' DESC 'RFC2256: Teleph - one Number' EQUALITY telephoneNumberMatch SUBSTR telephoneNumberSubstringsMat - ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} ) -olcAttributeTypes: {17}( 2.5.4.21 NAME 'telexNumber' DESC 'RFC2256: Telex Numb - er' SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 ) -olcAttributeTypes: {18}( 2.5.4.22 NAME 'teletexTerminalIdentifier' DESC 'RFC22 - 56: Teletex Terminal Identifier' SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 ) -olcAttributeTypes: {19}( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' ) DE - SC 'RFC2256: Facsimile (Fax) Telephone Number' SYNTAX 1.3.6.1.4.1.1466.115.12 - 1.1.22 ) -olcAttributeTypes: {20}( 2.5.4.24 NAME 'x121Address' DESC 'RFC2256: X.121 Addr - ess' EQUALITY numericStringMatch SUBSTR numericStringSubstringsMatch SYNTAX 1 - .3.6.1.4.1.1466.115.121.1.36{15} ) -olcAttributeTypes: {21}( 2.5.4.25 NAME 'internationaliSDNNumber' DESC 'RFC2256 - : international ISDN number' EQUALITY numericStringMatch SUBSTR numericString - SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} ) -olcAttributeTypes: {22}( 2.5.4.26 NAME 'registeredAddress' DESC 'RFC2256: regi - stered postal address' SUP postalAddress SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 - ) -olcAttributeTypes: {23}( 2.5.4.27 NAME 'destinationIndicator' DESC 'RFC2256: d - estination indicator' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMat - ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} ) -olcAttributeTypes: {24}( 2.5.4.28 NAME 'preferredDeliveryMethod' DESC 'RFC2256 - : preferred delivery method' SYNTAX 1.3.6.1.4.1.1466.115.121.1.14 SINGLE-VALU - E ) -olcAttributeTypes: {25}( 2.5.4.29 NAME 'presentationAddress' DESC 'RFC2256: pr - esentation address' EQUALITY presentationAddressMatch SYNTAX 1.3.6.1.4.1.1466 - .115.121.1.43 SINGLE-VALUE ) -olcAttributeTypes: {26}( 2.5.4.30 NAME 'supportedApplicationContext' DESC 'RFC - 2256: supported application context' EQUALITY objectIdentifierMatch SYNTAX 1. - 3.6.1.4.1.1466.115.121.1.38 ) -olcAttributeTypes: {27}( 2.5.4.31 NAME 'member' DESC 'RFC2256: member of a gro - up' SUP distinguishedName ) -olcAttributeTypes: {28}( 2.5.4.32 NAME 'owner' DESC 'RFC2256: owner (of the ob - ject)' SUP distinguishedName ) -olcAttributeTypes: {29}( 2.5.4.33 NAME 'roleOccupant' DESC 'RFC2256: occupant - of role' SUP distinguishedName ) -olcAttributeTypes: {30}( 2.5.4.36 NAME 'userCertificate' DESC 'RFC2256: X.509 - user certificate, use ;binary' EQUALITY certificateExactMatch SYNTAX 1.3.6.1. - 4.1.1466.115.121.1.8 ) -olcAttributeTypes: {31}( 2.5.4.37 NAME 'cACertificate' DESC 'RFC2256: X.509 CA - certificate, use ;binary' EQUALITY certificateExactMatch SYNTAX 1.3.6.1.4.1. - 1466.115.121.1.8 ) -olcAttributeTypes: {32}( 2.5.4.38 NAME 'authorityRevocationList' DESC 'RFC2256 - : X.509 authority revocation list, use ;binary' SYNTAX 1.3.6.1.4.1.1466.115.1 - 21.1.9 ) -olcAttributeTypes: {33}( 2.5.4.39 NAME 'certificateRevocationList' DESC 'RFC22 - 56: X.509 certificate revocation list, use ;binary' SYNTAX 1.3.6.1.4.1.1466.1 - 15.121.1.9 ) -olcAttributeTypes: {34}( 2.5.4.40 NAME 'crossCertificatePair' DESC 'RFC2256: X - .509 cross certificate pair, use ;binary' SYNTAX 1.3.6.1.4.1.1466.115.121.1.1 - 0 ) -olcAttributeTypes: {35}( 2.5.4.42 NAME ( 'givenName' 'gn' ) DESC 'RFC2256: fir - st name(s) for which the entity is known by' SUP name ) -olcAttributeTypes: {36}( 2.5.4.43 NAME 'initials' DESC 'RFC2256: initials of s - ome or all of names, but not the surname(s).' SUP name ) -olcAttributeTypes: {37}( 2.5.4.44 NAME 'generationQualifier' DESC 'RFC2256: na - me qualifier indicating a generation' SUP name ) -olcAttributeTypes: {38}( 2.5.4.45 NAME 'x500UniqueIdentifier' DESC 'RFC2256: X - .500 unique identifier' EQUALITY bitStringMatch SYNTAX 1.3.6.1.4.1.1466.115.1 - 21.1.6 ) -olcAttributeTypes: {39}( 2.5.4.46 NAME 'dnQualifier' DESC 'RFC2256: DN qualifi - er' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgno - reSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ) -olcAttributeTypes: {40}( 2.5.4.47 NAME 'enhancedSearchGuide' DESC 'RFC2256: en - hanced search guide' SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 ) -olcAttributeTypes: {41}( 2.5.4.48 NAME 'protocolInformation' DESC 'RFC2256: pr - otocol information' EQUALITY protocolInformationMatch SYNTAX 1.3.6.1.4.1.1466 - .115.121.1.42 ) -olcAttributeTypes: {42}( 2.5.4.50 NAME 'uniqueMember' DESC 'RFC2256: unique me - mber of a group' EQUALITY uniqueMemberMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1 - .34 ) -olcAttributeTypes: {43}( 2.5.4.51 NAME 'houseIdentifier' DESC 'RFC2256: house - identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX - 1.3.6.1.4.1.1466.115.121.1.15{32768} ) -olcAttributeTypes: {44}( 2.5.4.52 NAME 'supportedAlgorithms' DESC 'RFC2256: su - pported algorithms' SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 ) -olcAttributeTypes: {45}( 2.5.4.53 NAME 'deltaRevocationList' DESC 'RFC2256: de - lta revocation list; use ;binary' SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) -olcAttributeTypes: {46}( 2.5.4.54 NAME 'dmdName' DESC 'RFC2256: name of DMD' S - UP name ) -olcAttributeTypes: {47}( 2.5.4.65 NAME 'pseudonym' DESC 'X.520(4th): pseudonym - for the object' SUP name ) -olcAttributeTypes: {48}( 0.9.2342.19200300.100.1.3 NAME ( 'mail' 'rfc822Mailbo - x' ) DESC 'RFC1274: RFC822 Mailbox' EQUALITY caseIgnoreIA5Match SUBSTR caseIg - noreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) -olcAttributeTypes: {49}( 0.9.2342.19200300.100.1.25 NAME ( 'dc' 'domainCompone - nt' ) DESC 'RFC1274/2247: domain component' EQUALITY caseIgnoreIA5Match SUBST - R caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VA - LUE ) -olcAttributeTypes: {50}( 0.9.2342.19200300.100.1.37 NAME 'associatedDomain' DE - SC 'RFC1274: domain associated with object' EQUALITY caseIgnoreIA5Match SUBST - R caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) -olcAttributeTypes: {51}( 1.2.840.113549.1.9.1 NAME ( 'email' 'emailAddress' 'p - kcs9email' ) DESC 'RFC3280: legacy attribute for email addresses in DNs' EQUA - LITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4. - 1.1466.115.121.1.26{128} ) -olcObjectClasses: {0}( 2.5.6.2 NAME 'country' DESC 'RFC2256: a country' SUP to - p STRUCTURAL MUST c MAY ( searchGuide $ description ) ) -olcObjectClasses: {1}( 2.5.6.3 NAME 'locality' DESC 'RFC2256: a locality' SUP - top STRUCTURAL MAY ( street $ seeAlso $ searchGuide $ st $ l $ description ) - ) -olcObjectClasses: {2}( 2.5.6.4 NAME 'organization' DESC 'RFC2256: an organizat - ion' SUP top STRUCTURAL MUST o MAY ( userPassword $ searchGuide $ seeAlso $ b - usinessCategory $ x121Address $ registeredAddress $ destinationIndicator $ pr - eferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ telephoneNu - mber $ internationaliSDNNumber $ facsimileTelephoneNumber $ street $ postOffi - ceBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName $ st $ l $ de - scription ) ) -olcObjectClasses: {3}( 2.5.6.5 NAME 'organizationalUnit' DESC 'RFC2256: an org - anizational unit' SUP top STRUCTURAL MUST ou MAY ( userPassword $ searchGuide - $ seeAlso $ businessCategory $ x121Address $ registeredAddress $ destination - Indicator $ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier - $ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ str - eet $ postOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName - $ st $ l $ description ) ) -olcObjectClasses: {4}( 2.5.6.6 NAME 'person' DESC 'RFC2256: a person' SUP top - STRUCTURAL MUST ( sn $ cn ) MAY ( userPassword $ telephoneNumber $ seeAlso $ - description ) ) -olcObjectClasses: {5}( 2.5.6.7 NAME 'organizationalPerson' DESC 'RFC2256: an o - rganizational person' SUP person STRUCTURAL MAY ( title $ x121Address $ regis - teredAddress $ destinationIndicator $ preferredDeliveryMethod $ telexNumber $ - teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ facs - imileTelephoneNumber $ street $ postOfficeBox $ postalCode $ postalAddress $ - physicalDeliveryOfficeName $ ou $ st $ l ) ) -olcObjectClasses: {6}( 2.5.6.8 NAME 'organizationalRole' DESC 'RFC2256: an org - anizational role' SUP top STRUCTURAL MUST cn MAY ( x121Address $ registeredAd - dress $ destinationIndicator $ preferredDeliveryMethod $ telexNumber $ telete - xTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ facsimileTe - lephoneNumber $ seeAlso $ roleOccupant $ preferredDeliveryMethod $ street $ p - ostOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName $ ou $ - st $ l $ description ) ) -olcObjectClasses: {7}( 2.5.6.9 NAME 'groupOfNames' DESC 'RFC2256: a group of n - ames (DNs)' SUP top STRUCTURAL MUST ( member $ cn ) MAY ( businessCategory $ - seeAlso $ owner $ ou $ o $ description ) ) -olcObjectClasses: {8}( 2.5.6.10 NAME 'residentialPerson' DESC 'RFC2256: an res - idential person' SUP person STRUCTURAL MUST l MAY ( businessCategory $ x121Ad - dress $ registeredAddress $ destinationIndicator $ preferredDeliveryMethod $ - telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ internationaliSDN - Number $ facsimileTelephoneNumber $ preferredDeliveryMethod $ street $ postOf - ficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName $ st $ l ) - ) -olcObjectClasses: {9}( 2.5.6.11 NAME 'applicationProcess' DESC 'RFC2256: an ap - plication process' SUP top STRUCTURAL MUST cn MAY ( seeAlso $ ou $ l $ descri - ption ) ) -olcObjectClasses: {10}( 2.5.6.12 NAME 'applicationEntity' DESC 'RFC2256: an ap - plication entity' SUP top STRUCTURAL MUST ( presentationAddress $ cn ) MAY ( - supportedApplicationContext $ seeAlso $ ou $ o $ l $ description ) ) -olcObjectClasses: {11}( 2.5.6.13 NAME 'dSA' DESC 'RFC2256: a directory system - agent (a server)' SUP applicationEntity STRUCTURAL MAY knowledgeInformation ) -olcObjectClasses: {12}( 2.5.6.14 NAME 'device' DESC 'RFC2256: a device' SUP to - p STRUCTURAL MUST cn MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l $ desc - ription ) ) -olcObjectClasses: {13}( 2.5.6.15 NAME 'strongAuthenticationUser' DESC 'RFC2256 - : a strong authentication user' SUP top AUXILIARY MUST userCertificate ) -olcObjectClasses: {14}( 2.5.6.16 NAME 'certificationAuthority' DESC 'RFC2256: - a certificate authority' SUP top AUXILIARY MUST ( authorityRevocationList $ c - ertificateRevocationList $ cACertificate ) MAY crossCertificatePair ) -olcObjectClasses: {15}( 2.5.6.17 NAME 'groupOfUniqueNames' DESC 'RFC2256: a gr - oup of unique names (DN and Unique Identifier)' SUP top STRUCTURAL MUST ( uni - queMember $ cn ) MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ descript - ion ) ) -olcObjectClasses: {16}( 2.5.6.18 NAME 'userSecurityInformation' DESC 'RFC2256: - a user security information' SUP top AUXILIARY MAY supportedAlgorithms ) -olcObjectClasses: {17}( 2.5.6.16.2 NAME 'certificationAuthority-V2' SUP certif - icationAuthority AUXILIARY MAY deltaRevocationList ) -olcObjectClasses: {18}( 2.5.6.19 NAME 'cRLDistributionPoint' SUP top STRUCTURA - L MUST cn MAY ( certificateRevocationList $ authorityRevocationList $ deltaRe - vocationList ) ) -olcObjectClasses: {19}( 2.5.6.20 NAME 'dmd' SUP top STRUCTURAL MUST dmdName MA - Y ( userPassword $ searchGuide $ seeAlso $ businessCategory $ x121Address $ r - egisteredAddress $ destinationIndicator $ preferredDeliveryMethod $ telexNumb - er $ teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ - facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ postalAddres - s $ physicalDeliveryOfficeName $ st $ l $ description ) ) -olcObjectClasses: {20}( 2.5.6.21 NAME 'pkiUser' DESC 'RFC2587: a PKI user' SUP - top AUXILIARY MAY userCertificate ) -olcObjectClasses: {21}( 2.5.6.22 NAME 'pkiCA' DESC 'RFC2587: PKI certificate a - uthority' SUP top AUXILIARY MAY ( authorityRevocationList $ certificateRevoca - tionList $ cACertificate $ crossCertificatePair ) ) -olcObjectClasses: {22}( 2.5.6.23 NAME 'deltaCRL' DESC 'RFC2587: PKI user' SUP - top AUXILIARY MAY deltaRevocationList ) -olcObjectClasses: {23}( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject' DESC 'RFC - 2079: object that contains the URI attribute type' SUP top AUXILIARY MAY labe - ledURI ) -olcObjectClasses: {24}( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject' - DESC 'RFC1274: simple security object' SUP top AUXILIARY MUST userPassword ) -olcObjectClasses: {25}( 1.3.6.1.4.1.1466.344 NAME 'dcObject' DESC 'RFC2247: do - main component object' SUP top AUXILIARY MUST dc ) -olcObjectClasses: {26}( 1.3.6.1.1.3.1 NAME 'uidObject' DESC 'RFC2377: uid obje - ct' SUP top AUXILIARY MUST uid ) -structuralObjectClass: olcSchemaConfig -entryUUID: 56061354-6a95-1032-9777-cf219862f309 -creatorsName: cn=config -createTimestamp: 20130616055713Z -entryCSN: 20130616055713.639138Z#000000#000#000000 -modifiersName: cn=config -modifyTimestamp: 20130616055713Z diff --git a/lsexample/slapd/slapd.d/cn=config/cn=schema/cn={1}cosine.ldif b/lsexample/slapd/slapd.d/cn=config/cn=schema/cn={1}cosine.ldif deleted file mode 100644 index 643d70cd..00000000 --- a/lsexample/slapd/slapd.d/cn=config/cn=schema/cn={1}cosine.ldif +++ /dev/null @@ -1,177 +0,0 @@ -# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. -# CRC32 75de0966 -dn: cn={1}cosine -objectClass: olcSchemaConfig -cn: {1}cosine -olcAttributeTypes: {0}( 0.9.2342.19200300.100.1.2 NAME 'textEncodedORAddress' - EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1. - 1466.115.121.1.15{256} ) -olcAttributeTypes: {1}( 0.9.2342.19200300.100.1.4 NAME 'info' DESC 'RFC1274: g - eneral information' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{2048} ) -olcAttributeTypes: {2}( 0.9.2342.19200300.100.1.5 NAME ( 'drink' 'favouriteDri - nk' ) DESC 'RFC1274: favorite drink' EQUALITY caseIgnoreMatch SUBSTR caseIgno - reSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) -olcAttributeTypes: {3}( 0.9.2342.19200300.100.1.6 NAME 'roomNumber' DESC 'RFC1 - 274: room number' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch S - YNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) -olcAttributeTypes: {4}( 0.9.2342.19200300.100.1.7 NAME 'photo' DESC 'RFC1274: - photo (G3 fax)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.23{25000} ) -olcAttributeTypes: {5}( 0.9.2342.19200300.100.1.8 NAME 'userClass' DESC 'RFC12 - 74: category of user' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMat - ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) -olcAttributeTypes: {6}( 0.9.2342.19200300.100.1.9 NAME 'host' DESC 'RFC1274: h - ost computer' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTA - X 1.3.6.1.4.1.1466.115.121.1.15{256} ) -olcAttributeTypes: {7}( 0.9.2342.19200300.100.1.10 NAME 'manager' DESC 'RFC127 - 4: DN of manager' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115 - .121.1.12 ) -olcAttributeTypes: {8}( 0.9.2342.19200300.100.1.11 NAME 'documentIdentifier' D - ESC 'RFC1274: unique identifier of document' EQUALITY caseIgnoreMatch SUBSTR - caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) -olcAttributeTypes: {9}( 0.9.2342.19200300.100.1.12 NAME 'documentTitle' DESC ' - RFC1274: title of document' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstri - ngsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) -olcAttributeTypes: {10}( 0.9.2342.19200300.100.1.13 NAME 'documentVersion' DES - C 'RFC1274: version of document' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSu - bstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) -olcAttributeTypes: {11}( 0.9.2342.19200300.100.1.14 NAME 'documentAuthor' DESC - 'RFC1274: DN of author of document' EQUALITY distinguishedNameMatch SYNTAX 1 - .3.6.1.4.1.1466.115.121.1.12 ) -olcAttributeTypes: {12}( 0.9.2342.19200300.100.1.15 NAME 'documentLocation' DE - SC 'RFC1274: location of document original' EQUALITY caseIgnoreMatch SUBSTR c - aseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) -olcAttributeTypes: {13}( 0.9.2342.19200300.100.1.20 NAME ( 'homePhone' 'homeTe - lephoneNumber' ) DESC 'RFC1274: home telephone number' EQUALITY telephoneNumb - erMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121 - .1.50 ) -olcAttributeTypes: {14}( 0.9.2342.19200300.100.1.21 NAME 'secretary' DESC 'RFC - 1274: DN of secretary' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.146 - 6.115.121.1.12 ) -olcAttributeTypes: {15}( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox' SYNTAX - 1.3.6.1.4.1.1466.115.121.1.39 ) -olcAttributeTypes: {16}( 0.9.2342.19200300.100.1.26 NAME 'aRecord' EQUALITY ca - seIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) -olcAttributeTypes: {17}( 0.9.2342.19200300.100.1.27 NAME 'mDRecord' EQUALITY c - aseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) -olcAttributeTypes: {18}( 0.9.2342.19200300.100.1.28 NAME 'mXRecord' EQUALITY c - aseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) -olcAttributeTypes: {19}( 0.9.2342.19200300.100.1.29 NAME 'nSRecord' EQUALITY c - aseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) -olcAttributeTypes: {20}( 0.9.2342.19200300.100.1.30 NAME 'sOARecord' EQUALITY - caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) -olcAttributeTypes: {21}( 0.9.2342.19200300.100.1.31 NAME 'cNAMERecord' EQUALIT - Y caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) -olcAttributeTypes: {22}( 0.9.2342.19200300.100.1.38 NAME 'associatedName' DESC - 'RFC1274: DN of entry associated with domain' EQUALITY distinguishedNameMatc - h SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) -olcAttributeTypes: {23}( 0.9.2342.19200300.100.1.39 NAME 'homePostalAddress' D - ESC 'RFC1274: home postal address' EQUALITY caseIgnoreListMatch SUBSTR caseIg - noreListSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) -olcAttributeTypes: {24}( 0.9.2342.19200300.100.1.40 NAME 'personalTitle' DESC - 'RFC1274: personal title' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstring - sMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) -olcAttributeTypes: {25}( 0.9.2342.19200300.100.1.41 NAME ( 'mobile' 'mobileTel - ephoneNumber' ) DESC 'RFC1274: mobile telephone number' EQUALITY telephoneNum - berMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.12 - 1.1.50 ) -olcAttributeTypes: {26}( 0.9.2342.19200300.100.1.42 NAME ( 'pager' 'pagerTelep - honeNumber' ) DESC 'RFC1274: pager telephone number' EQUALITY telephoneNumber - Match SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1 - .50 ) -olcAttributeTypes: {27}( 0.9.2342.19200300.100.1.43 NAME ( 'co' 'friendlyCount - ryName' ) DESC 'RFC1274: friendly country name' EQUALITY caseIgnoreMatch SUBS - TR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) -olcAttributeTypes: {28}( 0.9.2342.19200300.100.1.44 NAME 'uniqueIdentifier' DE - SC 'RFC1274: unique identifer' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.14 - 66.115.121.1.15{256} ) -olcAttributeTypes: {29}( 0.9.2342.19200300.100.1.45 NAME 'organizationalStatus - ' DESC 'RFC1274: organizational status' EQUALITY caseIgnoreMatch SUBSTR caseI - gnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) -olcAttributeTypes: {30}( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox' DESC ' - RFC1274: Janet mailbox' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5Subst - ringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) -olcAttributeTypes: {31}( 0.9.2342.19200300.100.1.47 NAME 'mailPreferenceOption - ' DESC 'RFC1274: mail preference option' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 - ) -olcAttributeTypes: {32}( 0.9.2342.19200300.100.1.48 NAME 'buildingName' DESC ' - RFC1274: name of building' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstrin - gsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) -olcAttributeTypes: {33}( 0.9.2342.19200300.100.1.49 NAME 'dSAQuality' DESC 'RF - C1274: DSA Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1.19 SINGLE-VALUE ) -olcAttributeTypes: {34}( 0.9.2342.19200300.100.1.50 NAME 'singleLevelQuality' - DESC 'RFC1274: Single Level Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SIN - GLE-VALUE ) -olcAttributeTypes: {35}( 0.9.2342.19200300.100.1.51 NAME 'subtreeMinimumQualit - y' DESC 'RFC1274: Subtree Mininum Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1. - 13 SINGLE-VALUE ) -olcAttributeTypes: {36}( 0.9.2342.19200300.100.1.52 NAME 'subtreeMaximumQualit - y' DESC 'RFC1274: Subtree Maximun Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1. - 13 SINGLE-VALUE ) -olcAttributeTypes: {37}( 0.9.2342.19200300.100.1.53 NAME 'personalSignature' D - ESC 'RFC1274: Personal Signature (G3 fax)' SYNTAX 1.3.6.1.4.1.1466.115.121.1. - 23 ) -olcAttributeTypes: {38}( 0.9.2342.19200300.100.1.54 NAME 'dITRedirect' DESC 'R - FC1274: DIT Redirect' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466 - .115.121.1.12 ) -olcAttributeTypes: {39}( 0.9.2342.19200300.100.1.55 NAME 'audio' DESC 'RFC1274 - : audio (u-law)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.4{25000} ) -olcAttributeTypes: {40}( 0.9.2342.19200300.100.1.56 NAME 'documentPublisher' D - ESC 'RFC1274: publisher of document' EQUALITY caseIgnoreMatch SUBSTR caseIgno - reSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) -olcObjectClasses: {0}( 0.9.2342.19200300.100.4.4 NAME ( 'pilotPerson' 'newPilo - tPerson' ) SUP person STRUCTURAL MAY ( userid $ textEncodedORAddress $ rfc822 - Mailbox $ favouriteDrink $ roomNumber $ userClass $ homeTelephoneNumber $ hom - ePostalAddress $ secretary $ personalTitle $ preferredDeliveryMethod $ busine - ssCategory $ janetMailbox $ otherMailbox $ mobileTelephoneNumber $ pagerTelep - honeNumber $ organizationalStatus $ mailPreferenceOption $ personalSignature - ) ) -olcObjectClasses: {1}( 0.9.2342.19200300.100.4.5 NAME 'account' SUP top STRUCT - URAL MUST userid MAY ( description $ seeAlso $ localityName $ organizationNam - e $ organizationalUnitName $ host ) ) -olcObjectClasses: {2}( 0.9.2342.19200300.100.4.6 NAME 'document' SUP top STRUC - TURAL MUST documentIdentifier MAY ( commonName $ description $ seeAlso $ loca - lityName $ organizationName $ organizationalUnitName $ documentTitle $ docume - ntVersion $ documentAuthor $ documentLocation $ documentPublisher ) ) -olcObjectClasses: {3}( 0.9.2342.19200300.100.4.7 NAME 'room' SUP top STRUCTURA - L MUST commonName MAY ( roomNumber $ description $ seeAlso $ telephoneNumber - ) ) -olcObjectClasses: {4}( 0.9.2342.19200300.100.4.9 NAME 'documentSeries' SUP top - STRUCTURAL MUST commonName MAY ( description $ seeAlso $ telephonenumber $ l - ocalityName $ organizationName $ organizationalUnitName ) ) -olcObjectClasses: {5}( 0.9.2342.19200300.100.4.13 NAME 'domain' SUP top STRUCT - URAL MUST domainComponent MAY ( associatedName $ organizationName $ descripti - on $ businessCategory $ seeAlso $ searchGuide $ userPassword $ localityName $ - stateOrProvinceName $ streetAddress $ physicalDeliveryOfficeName $ postalAdd - ress $ postalCode $ postOfficeBox $ streetAddress $ facsimileTelephoneNumber - $ internationalISDNNumber $ telephoneNumber $ teletexTerminalIdentifier $ tel - exNumber $ preferredDeliveryMethod $ destinationIndicator $ registeredAddress - $ x121Address ) ) -olcObjectClasses: {6}( 0.9.2342.19200300.100.4.14 NAME 'RFC822localPart' SUP d - omain STRUCTURAL MAY ( commonName $ surname $ description $ seeAlso $ telepho - neNumber $ physicalDeliveryOfficeName $ postalAddress $ postalCode $ postOffi - ceBox $ streetAddress $ facsimileTelephoneNumber $ internationalISDNNumber $ - telephoneNumber $ teletexTerminalIdentifier $ telexNumber $ preferredDelivery - Method $ destinationIndicator $ registeredAddress $ x121Address ) ) -olcObjectClasses: {7}( 0.9.2342.19200300.100.4.15 NAME 'dNSDomain' SUP domain - STRUCTURAL MAY ( ARecord $ MDRecord $ MXRecord $ NSRecord $ SOARecord $ CNAME - Record ) ) -olcObjectClasses: {8}( 0.9.2342.19200300.100.4.17 NAME 'domainRelatedObject' D - ESC 'RFC1274: an object related to an domain' SUP top AUXILIARY MUST associat - edDomain ) -olcObjectClasses: {9}( 0.9.2342.19200300.100.4.18 NAME 'friendlyCountry' SUP c - ountry STRUCTURAL MUST friendlyCountryName ) -olcObjectClasses: {10}( 0.9.2342.19200300.100.4.20 NAME 'pilotOrganization' SU - P ( organization $ organizationalUnit ) STRUCTURAL MAY buildingName ) -olcObjectClasses: {11}( 0.9.2342.19200300.100.4.21 NAME 'pilotDSA' SUP dsa STR - UCTURAL MAY dSAQuality ) -olcObjectClasses: {12}( 0.9.2342.19200300.100.4.22 NAME 'qualityLabelledData' - SUP top AUXILIARY MUST dsaQuality MAY ( subtreeMinimumQuality $ subtreeMaximu - mQuality ) ) -structuralObjectClass: olcSchemaConfig -entryUUID: 560647de-6a95-1032-9778-cf219862f309 -creatorsName: cn=config -createTimestamp: 20130616055713Z -entryCSN: 20130616055713.639138Z#000000#000#000000 -modifiersName: cn=config -modifyTimestamp: 20130616055713Z diff --git a/lsexample/slapd/slapd.d/cn=config/cn=schema/cn={2}nis.ldif b/lsexample/slapd/slapd.d/cn=config/cn=schema/cn={2}nis.ldif deleted file mode 100644 index cd89a727..00000000 --- a/lsexample/slapd/slapd.d/cn=config/cn=schema/cn={2}nis.ldif +++ /dev/null @@ -1,106 +0,0 @@ -# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. -# CRC32 e02f73e2 -dn: cn={2}nis -objectClass: olcSchemaConfig -cn: {2}nis -olcAttributeTypes: {0}( 1.3.6.1.1.1.1.2 NAME 'gecos' DESC 'The GECOS field; th - e common name' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatc - h SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) -olcAttributeTypes: {1}( 1.3.6.1.1.1.1.3 NAME 'homeDirectory' DESC 'The absolut - e path to the home directory' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1 - 466.115.121.1.26 SINGLE-VALUE ) -olcAttributeTypes: {2}( 1.3.6.1.1.1.1.4 NAME 'loginShell' DESC 'The path to th - e login shell' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.2 - 6 SINGLE-VALUE ) -olcAttributeTypes: {3}( 1.3.6.1.1.1.1.5 NAME 'shadowLastChange' EQUALITY integ - erMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {4}( 1.3.6.1.1.1.1.6 NAME 'shadowMin' EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {5}( 1.3.6.1.1.1.1.7 NAME 'shadowMax' EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {6}( 1.3.6.1.1.1.1.8 NAME 'shadowWarning' EQUALITY integerM - atch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {7}( 1.3.6.1.1.1.1.9 NAME 'shadowInactive' EQUALITY integer - Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {8}( 1.3.6.1.1.1.1.10 NAME 'shadowExpire' EQUALITY integerM - atch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {9}( 1.3.6.1.1.1.1.11 NAME 'shadowFlag' EQUALITY integerMat - ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {10}( 1.3.6.1.1.1.1.12 NAME 'memberUid' EQUALITY caseExactI - A5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1. - 26 ) -olcAttributeTypes: {11}( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup' EQUALITY ca - seExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.11 - 5.121.1.26 ) -olcAttributeTypes: {12}( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple' DESC 'Netgr - oup triple' SYNTAX 1.3.6.1.1.1.0.0 ) -olcAttributeTypes: {13}( 1.3.6.1.1.1.1.15 NAME 'ipServicePort' EQUALITY intege - rMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {14}( 1.3.6.1.1.1.1.16 NAME 'ipServiceProtocol' SUP name ) -olcAttributeTypes: {15}( 1.3.6.1.1.1.1.17 NAME 'ipProtocolNumber' EQUALITY int - egerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {16}( 1.3.6.1.1.1.1.18 NAME 'oncRpcNumber' EQUALITY integer - Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {17}( 1.3.6.1.1.1.1.19 NAME 'ipHostNumber' DESC 'IP address - ' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) -olcAttributeTypes: {18}( 1.3.6.1.1.1.1.20 NAME 'ipNetworkNumber' DESC 'IP netw - ork' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SI - NGLE-VALUE ) -olcAttributeTypes: {19}( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber' DESC 'IP netm - ask' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SI - NGLE-VALUE ) -olcAttributeTypes: {20}( 1.3.6.1.1.1.1.22 NAME 'macAddress' DESC 'MAC address' - EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) -olcAttributeTypes: {21}( 1.3.6.1.1.1.1.23 NAME 'bootParameter' DESC 'rpc.bootp - aramd parameter' SYNTAX 1.3.6.1.1.1.0.1 ) -olcAttributeTypes: {22}( 1.3.6.1.1.1.1.24 NAME 'bootFile' DESC 'Boot image nam - e' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) -olcAttributeTypes: {23}( 1.3.6.1.1.1.1.26 NAME 'nisMapName' SUP name ) -olcAttributeTypes: {24}( 1.3.6.1.1.1.1.27 NAME 'nisMapEntry' EQUALITY caseExac - tIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121. - 1.26{1024} SINGLE-VALUE ) -olcObjectClasses: {0}( 1.3.6.1.1.1.2.0 NAME 'posixAccount' DESC 'Abstraction o - f an account with POSIX attributes' SUP top AUXILIARY MUST ( cn $ uid $ uidNu - mber $ gidNumber $ homeDirectory ) MAY ( userPassword $ loginShell $ gecos $ - description ) ) -olcObjectClasses: {1}( 1.3.6.1.1.1.2.1 NAME 'shadowAccount' DESC 'Additional a - ttributes for shadow passwords' SUP top AUXILIARY MUST uid MAY ( userPassword - $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive - $ shadowExpire $ shadowFlag $ description ) ) -olcObjectClasses: {2}( 1.3.6.1.1.1.2.2 NAME 'posixGroup' DESC 'Abstraction of - a group of accounts' SUP top STRUCTURAL MUST ( cn $ gidNumber ) MAY ( userPas - sword $ memberUid $ description ) ) -olcObjectClasses: {3}( 1.3.6.1.1.1.2.3 NAME 'ipService' DESC 'Abstraction an I - nternet Protocol service' SUP top STRUCTURAL MUST ( cn $ ipServicePort $ ipSe - rviceProtocol ) MAY description ) -olcObjectClasses: {4}( 1.3.6.1.1.1.2.4 NAME 'ipProtocol' DESC 'Abstraction of - an IP protocol' SUP top STRUCTURAL MUST ( cn $ ipProtocolNumber $ description - ) MAY description ) -olcObjectClasses: {5}( 1.3.6.1.1.1.2.5 NAME 'oncRpc' DESC 'Abstraction of an O - NC/RPC binding' SUP top STRUCTURAL MUST ( cn $ oncRpcNumber $ description ) M - AY description ) -olcObjectClasses: {6}( 1.3.6.1.1.1.2.6 NAME 'ipHost' DESC 'Abstraction of a ho - st, an IP device' SUP top AUXILIARY MUST ( cn $ ipHostNumber ) MAY ( l $ desc - ription $ manager ) ) -olcObjectClasses: {7}( 1.3.6.1.1.1.2.7 NAME 'ipNetwork' DESC 'Abstraction of a - n IP network' SUP top STRUCTURAL MUST ( cn $ ipNetworkNumber ) MAY ( ipNetmas - kNumber $ l $ description $ manager ) ) -olcObjectClasses: {8}( 1.3.6.1.1.1.2.8 NAME 'nisNetgroup' DESC 'Abstraction of - a netgroup' SUP top STRUCTURAL MUST cn MAY ( nisNetgroupTriple $ memberNisNe - tgroup $ description ) ) -olcObjectClasses: {9}( 1.3.6.1.1.1.2.9 NAME 'nisMap' DESC 'A generic abstracti - on of a NIS map' SUP top STRUCTURAL MUST nisMapName MAY description ) -olcObjectClasses: {10}( 1.3.6.1.1.1.2.10 NAME 'nisObject' DESC 'An entry in a - NIS map' SUP top STRUCTURAL MUST ( cn $ nisMapEntry $ nisMapName ) MAY descri - ption ) -olcObjectClasses: {11}( 1.3.6.1.1.1.2.11 NAME 'ieee802Device' DESC 'A device w - ith a MAC address' SUP top AUXILIARY MAY macAddress ) -olcObjectClasses: {12}( 1.3.6.1.1.1.2.12 NAME 'bootableDevice' DESC 'A device - with boot parameters' SUP top AUXILIARY MAY ( bootFile $ bootParameter ) ) -structuralObjectClass: olcSchemaConfig -entryUUID: 56066b88-6a95-1032-9779-cf219862f309 -creatorsName: cn=config -createTimestamp: 20130616055713Z -entryCSN: 20130616055713.639138Z#000000#000#000000 -modifiersName: cn=config -modifyTimestamp: 20130616055713Z diff --git a/lsexample/slapd/slapd.d/cn=config/cn=schema/cn={3}inetorgperson.ldif b/lsexample/slapd/slapd.d/cn=config/cn=schema/cn={3}inetorgperson.ldif deleted file mode 100644 index 0f181a74..00000000 --- a/lsexample/slapd/slapd.d/cn=config/cn=schema/cn={3}inetorgperson.ldif +++ /dev/null @@ -1,48 +0,0 @@ -# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. -# CRC32 314118ac -dn: cn={3}inetorgperson -objectClass: olcSchemaConfig -cn: {3}inetorgperson -olcAttributeTypes: {0}( 2.16.840.1.113730.3.1.1 NAME 'carLicense' DESC 'RFC279 - 8: vehicle license or registration plate' EQUALITY caseIgnoreMatch SUBSTR cas - eIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) -olcAttributeTypes: {1}( 2.16.840.1.113730.3.1.2 NAME 'departmentNumber' DESC ' - RFC2798: identifies a department within an organization' EQUALITY caseIgnoreM - atch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) -olcAttributeTypes: {2}( 2.16.840.1.113730.3.1.241 NAME 'displayName' DESC 'RFC - 2798: preferred name to be used when displaying entries' EQUALITY caseIgnoreM - atch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SI - NGLE-VALUE ) -olcAttributeTypes: {3}( 2.16.840.1.113730.3.1.3 NAME 'employeeNumber' DESC 'RF - C2798: numerically identifies an employee within an organization' EQUALITY ca - seIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.12 - 1.1.15 SINGLE-VALUE ) -olcAttributeTypes: {4}( 2.16.840.1.113730.3.1.4 NAME 'employeeType' DESC 'RFC2 - 798: type of employment for a person' EQUALITY caseIgnoreMatch SUBSTR caseIgn - oreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) -olcAttributeTypes: {5}( 0.9.2342.19200300.100.1.60 NAME 'jpegPhoto' DESC 'RFC2 - 798: a JPEG image' SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 ) -olcAttributeTypes: {6}( 2.16.840.1.113730.3.1.39 NAME 'preferredLanguage' DESC - 'RFC2798: preferred written or spoken language for a person' EQUALITY caseIg - noreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1. - 15 SINGLE-VALUE ) -olcAttributeTypes: {7}( 2.16.840.1.113730.3.1.40 NAME 'userSMIMECertificate' D - ESC 'RFC2798: PKCS#7 SignedData used to support S/MIME' SYNTAX 1.3.6.1.4.1.14 - 66.115.121.1.5 ) -olcAttributeTypes: {8}( 2.16.840.1.113730.3.1.216 NAME 'userPKCS12' DESC 'RFC2 - 798: personal identity information, a PKCS #12 PFX' SYNTAX 1.3.6.1.4.1.1466.1 - 15.121.1.5 ) -olcObjectClasses: {0}( 2.16.840.1.113730.3.2.2 NAME 'inetOrgPerson' DESC 'RFC2 - 798: Internet Organizational Person' SUP organizationalPerson STRUCTURAL MAY - ( audio $ businessCategory $ carLicense $ departmentNumber $ displayName $ em - ployeeNumber $ employeeType $ givenName $ homePhone $ homePostalAddress $ ini - tials $ jpegPhoto $ labeledURI $ mail $ manager $ mobile $ o $ pager $ photo - $ roomNumber $ secretary $ uid $ userCertificate $ x500uniqueIdentifier $ pre - ferredLanguage $ userSMIMECertificate $ userPKCS12 ) ) -structuralObjectClass: olcSchemaConfig -entryUUID: 56068406-6a95-1032-977a-cf219862f309 -creatorsName: cn=config -createTimestamp: 20130616055713Z -entryCSN: 20130616055713.639138Z#000000#000#000000 -modifiersName: cn=config -modifyTimestamp: 20130616055713Z diff --git a/lsexample/slapd/slapd.d/cn=config/cn=schema/cn={4}samba.ldif b/lsexample/slapd/slapd.d/cn=config/cn=schema/cn={4}samba.ldif deleted file mode 100644 index e830fb7b..00000000 --- a/lsexample/slapd/slapd.d/cn=config/cn=schema/cn={4}samba.ldif +++ /dev/null @@ -1,157 +0,0 @@ -# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. -# CRC32 e8bb6371 -dn: cn={4}samba -objectClass: olcSchemaConfig -cn: {4}samba -olcAttributeTypes: {0}( 1.3.6.1.4.1.7165.2.1.24 NAME 'sambaLMPassword' DESC 'L - anManager Password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.1 - 21.1.26{32} SINGLE-VALUE ) -olcAttributeTypes: {1}( 1.3.6.1.4.1.7165.2.1.25 NAME 'sambaNTPassword' DESC 'M - D4 hash of the unicode password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4 - .1.1466.115.121.1.26{32} SINGLE-VALUE ) -olcAttributeTypes: {2}( 1.3.6.1.4.1.7165.2.1.26 NAME 'sambaAcctFlags' DESC 'Ac - count Flags' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 - {16} SINGLE-VALUE ) -olcAttributeTypes: {3}( 1.3.6.1.4.1.7165.2.1.27 NAME 'sambaPwdLastSet' DESC 'T - imestamp of the last password update' EQUALITY integerMatch SYNTAX 1.3.6.1.4. - 1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {4}( 1.3.6.1.4.1.7165.2.1.28 NAME 'sambaPwdCanChange' DESC - 'Timestamp of when the user is allowed to update the password' EQUALITY integ - erMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {5}( 1.3.6.1.4.1.7165.2.1.29 NAME 'sambaPwdMustChange' DESC - 'Timestamp of when the password will expire' EQUALITY integerMatch SYNTAX 1. - 3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {6}( 1.3.6.1.4.1.7165.2.1.30 NAME 'sambaLogonTime' DESC 'Ti - mestamp of last logon' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121. - 1.27 SINGLE-VALUE ) -olcAttributeTypes: {7}( 1.3.6.1.4.1.7165.2.1.31 NAME 'sambaLogoffTime' DESC 'T - imestamp of last logoff' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.12 - 1.1.27 SINGLE-VALUE ) -olcAttributeTypes: {8}( 1.3.6.1.4.1.7165.2.1.32 NAME 'sambaKickoffTime' DESC ' - Timestamp of when the user will be logged off automatically' EQUALITY integer - Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {9}( 1.3.6.1.4.1.7165.2.1.48 NAME 'sambaBadPasswordCount' D - ESC 'Bad password attempt count' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.146 - 6.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {10}( 1.3.6.1.4.1.7165.2.1.49 NAME 'sambaBadPasswordTime' D - ESC 'Time of the last bad password attempt' EQUALITY integerMatch SYNTAX 1.3. - 6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {11}( 1.3.6.1.4.1.7165.2.1.55 NAME 'sambaLogonHours' DESC ' - Logon Hours' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 - {42} SINGLE-VALUE ) -olcAttributeTypes: {12}( 1.3.6.1.4.1.7165.2.1.33 NAME 'sambaHomeDrive' DESC 'D - river letter of home directory mapping' EQUALITY caseIgnoreIA5Match SYNTAX 1. - 3.6.1.4.1.1466.115.121.1.26{4} SINGLE-VALUE ) -olcAttributeTypes: {13}( 1.3.6.1.4.1.7165.2.1.34 NAME 'sambaLogonScript' DESC - 'Logon script path' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121. - 1.15{255} SINGLE-VALUE ) -olcAttributeTypes: {14}( 1.3.6.1.4.1.7165.2.1.35 NAME 'sambaProfilePath' DESC - 'Roaming profile path' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.1 - 21.1.15{255} SINGLE-VALUE ) -olcAttributeTypes: {15}( 1.3.6.1.4.1.7165.2.1.36 NAME 'sambaUserWorkstations' - DESC 'List of user workstations the user is allowed to logon to' EQUALITY cas - eIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE ) -olcAttributeTypes: {16}( 1.3.6.1.4.1.7165.2.1.37 NAME 'sambaHomePath' DESC 'Ho - me directory UNC path' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.1 - 21.1.15{128} ) -olcAttributeTypes: {17}( 1.3.6.1.4.1.7165.2.1.38 NAME 'sambaDomainName' DESC ' - Windows NT domain to which the user belongs' EQUALITY caseIgnoreMatch SYNTAX - 1.3.6.1.4.1.1466.115.121.1.15{128} ) -olcAttributeTypes: {18}( 1.3.6.1.4.1.7165.2.1.47 NAME 'sambaMungedDial' DESC ' - ' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} ) -olcAttributeTypes: {19}( 1.3.6.1.4.1.7165.2.1.54 NAME 'sambaPasswordHistory' D - ESC 'Concatenated MD4 hashes of the unicode passwords used on this account' E - QUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} ) -olcAttributeTypes: {20}( 1.3.6.1.4.1.7165.2.1.20 NAME 'sambaSID' DESC 'Securit - y ID' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SI - NGLE-VALUE ) -olcAttributeTypes: {21}( 1.3.6.1.4.1.7165.2.1.23 NAME 'sambaPrimaryGroupSID' D - ESC 'Primary Group Security ID' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4. - 1.1466.115.121.1.26{64} SINGLE-VALUE ) -olcAttributeTypes: {22}( 1.3.6.1.4.1.7165.2.1.51 NAME 'sambaSIDList' DESC 'Sec - urity ID List' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1. - 26{64} ) -olcAttributeTypes: {23}( 1.3.6.1.4.1.7165.2.1.19 NAME 'sambaGroupType' DESC 'N - T Group Type' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SING - LE-VALUE ) -olcAttributeTypes: {24}( 1.3.6.1.4.1.7165.2.1.21 NAME 'sambaNextUserRid' DESC - 'Next NT rid to give our for users' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1. - 1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {25}( 1.3.6.1.4.1.7165.2.1.22 NAME 'sambaNextGroupRid' DESC - 'Next NT rid to give out for groups' EQUALITY integerMatch SYNTAX 1.3.6.1.4. - 1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {26}( 1.3.6.1.4.1.7165.2.1.39 NAME 'sambaNextRid' DESC 'Nex - t NT rid to give out for anything' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1 - 466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {27}( 1.3.6.1.4.1.7165.2.1.40 NAME 'sambaAlgorithmicRidBase - ' DESC 'Base at which the samba RID generation algorithm should operate' EQUA - LITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) -olcAttributeTypes: {28}( 1.3.6.1.4.1.7165.2.1.41 NAME 'sambaShareName' DESC 'S - hare Name' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SING - LE-VALUE ) -olcAttributeTypes: {29}( 1.3.6.1.4.1.7165.2.1.42 NAME 'sambaOptionName' DESC ' - Option Name' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX - 1.3.6.1.4.1.1466.115.121.1.15{256} ) -olcAttributeTypes: {30}( 1.3.6.1.4.1.7165.2.1.43 NAME 'sambaBoolOption' DESC ' - A boolean option' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 S - INGLE-VALUE ) -olcAttributeTypes: {31}( 1.3.6.1.4.1.7165.2.1.44 NAME 'sambaIntegerOption' DES - C 'An integer option' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1 - .27 SINGLE-VALUE ) -olcAttributeTypes: {32}( 1.3.6.1.4.1.7165.2.1.45 NAME 'sambaStringOption' DESC - 'A string option' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121 - .1.26 SINGLE-VALUE ) -olcAttributeTypes: {33}( 1.3.6.1.4.1.7165.2.1.46 NAME 'sambaStringListOption' - DESC 'A string list option' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466. - 115.121.1.15 ) -olcAttributeTypes: {34}( 1.3.6.1.4.1.7165.2.1.50 NAME 'sambaPrivName' SUP name - ) -olcAttributeTypes: {35}( 1.3.6.1.4.1.7165.2.1.52 NAME 'sambaPrivilegeList' DES - C 'Privileges List' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.1 - 21.1.26{64} ) -olcAttributeTypes: {36}( 1.3.6.1.4.1.7165.2.1.53 NAME 'sambaTrustFlags' DESC ' - Trust Password Flags' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115 - .121.1.26 ) -olcObjectClasses: {0}( 1.3.6.1.4.1.7165.2.2.6 NAME 'sambaSamAccount' DESC 'Sam - ba 3.0 Auxilary SAM Account' SUP top AUXILIARY MUST ( uid $ sambaSID ) MAY ( - cn $ sambaLMPassword $ sambaNTPassword $ sambaPwdLastSet $ sambaLogonTime $ s - ambaLogoffTime $ sambaKickoffTime $ sambaPwdCanChange $ sambaPwdMustChange $ - sambaAcctFlags $ displayName $ sambaHomePath $ sambaHomeDrive $ sambaLogonScr - ipt $ sambaProfilePath $ description $ sambaUserWorkstations $ sambaPrimaryGr - oupSID $ sambaDomainName $ sambaMungedDial $ sambaBadPasswordCount $ sambaBad - PasswordTime $ sambaPasswordHistory $ sambaLogonHours ) ) -olcObjectClasses: {1}( 1.3.6.1.4.1.7165.2.2.4 NAME 'sambaGroupMapping' DESC 'S - amba Group Mapping' SUP top AUXILIARY MUST ( gidNumber $ sambaSID $ sambaGrou - pType ) MAY ( displayName $ description $ sambaSIDList ) ) -olcObjectClasses: {2}( 1.3.6.1.4.1.7165.2.2.14 NAME 'sambaTrustPassword' DESC - 'Samba Trust Password' SUP top STRUCTURAL MUST ( sambaDomainName $ sambaNTPas - sword $ sambaTrustFlags ) MAY ( sambaSID $ sambaPwdLastSet ) ) -olcObjectClasses: {3}( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' DESC 'Samba D - omain Information' SUP top AUXILIARY MUST ( sambaDomainName $ sambaSID ) MAY - ( sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $ sambaAlgorithmicRidBa - se ) ) -olcObjectClasses: {4}( 1.3.6.1.4.1.7165.2.2.7 NAME 'sambaUnixIdPool' DESC 'Poo - l for allocating UNIX uids/gids' SUP top AUXILIARY MUST ( uidNumber $ gidNumb - er ) ) -olcObjectClasses: {5}( 1.3.6.1.4.1.7165.2.2.8 NAME 'sambaIdmapEntry' DESC 'Map - ping from a SID to an ID' SUP top AUXILIARY MUST sambaSID MAY ( uidNumber $ g - idNumber ) ) -olcObjectClasses: {6}( 1.3.6.1.4.1.7165.2.2.9 NAME 'sambaSidEntry' DESC 'Struc - tural Class for a SID' SUP top STRUCTURAL MUST sambaSID ) -olcObjectClasses: {7}( 1.3.6.1.4.1.7165.1.2.2.10 NAME 'sambaConfig' DESC 'Samb - a Configuration Section' SUP top AUXILIARY MAY description ) -olcObjectClasses: {8}( 1.3.6.1.4.1.7165.2.2.11 NAME 'sambaShare' DESC 'Samba S - hare Section' SUP top STRUCTURAL MUST sambaShareName MAY description ) -olcObjectClasses: {9}( 1.3.6.1.4.1.7165.2.2.12 NAME 'sambaConfigOption' DESC ' - Samba Configuration Option' SUP top STRUCTURAL MUST sambaOptionName MAY ( sam - baBoolOption $ sambaIntegerOption $ sambaStringOption $ sambaStringListoption - $ description ) ) -olcObjectClasses: {10}( 1.3.6.1.4.1.7165.2.2.13 NAME 'sambaPrivilege' DESC 'Sa - mba Privilege' SUP top AUXILIARY MUST sambaSID MAY sambaPrivilegeList ) -structuralObjectClass: olcSchemaConfig -entryUUID: 5606a71a-6a95-1032-977b-cf219862f309 -creatorsName: cn=config -createTimestamp: 20130616055713Z -entryCSN: 20130616055713.639138Z#000000#000#000000 -modifiersName: cn=config -modifyTimestamp: 20130616055713Z diff --git a/lsexample/slapd/slapd.d/cn=config/cn=schema/cn={5}lsexample.ldif b/lsexample/slapd/slapd.d/cn=config/cn=schema/cn={5}lsexample.ldif deleted file mode 100644 index 6ffe0b03..00000000 --- a/lsexample/slapd/slapd.d/cn=config/cn=schema/cn={5}lsexample.ldif +++ /dev/null @@ -1,39 +0,0 @@ -# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. -# CRC32 5c6a815f -dn: cn={5}lsexample -objectClass: olcSchemaConfig -cn: {5}lsexample -olcObjectIdentifier: {0}EeRoot 1.3.6.1.4.1.10650 -olcObjectIdentifier: {1}LeRoot EeRoot:4 -olcObjectIdentifier: {2}LsRoot LeRoot:10000 -olcObjectIdentifier: {3}LsLDAP LsRoot:2 -olcObjectIdentifier: {4}LsLDAPAttribute LsLDAP:1 -olcObjectIdentifier: {5}LsLDAPObjectClass LsLDAP:2 -olcAttributeTypes: {0}( LsLDAPAttribute:1 NAME 'lsAllowedServices' DESC 'List - of allowed services' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatc - h SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) -olcAttributeTypes: {1}( LsLDAPAttribute:2 NAME 'lsRecoveryHash' DESC 'Password - Recover Hash' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 - ) -olcAttributeTypes: {2}( LsLDAPAttribute:3 NAME 'lsGodfatherDn' DESC 'Godfather - dn of this entry' SUP distinguishedName ) -olcObjectClasses: {0}( LsLDAPObjectClass:1 NAME 'lspeople' DESC 'LS people Obj - ectclass' STRUCTURAL MUST ( uid $ cn ) MAY ( jpegPhoto $ sn $ givenName $ pos - talAddress $ postalCode $ l $ st $ c $ telephoneNumber $ mobile $ fax $ mail - $ personalTitle $ description $ userPassword $ lsallowedservices $ lsRecovery - Hash $ lsGodfatherDn ) ) -olcObjectClasses: {1}( LsLDAPObjectClass:3 NAME 'lsgroup' DESC 'LS group Objec - tclass' AUXILIARY MUST cn MAY ( uniquemember $ description $ lsGodfatherDn ) - ) -olcObjectClasses: {2}( LsLDAPObjectClass:4 NAME 'lssysaccount' DESC 'LS system - account Objectclass' STRUCTURAL MUST uid MAY ( userpassword $ description ) - ) -olcObjectClasses: {3}( LsLDAPObjectClass:5 NAME 'lscompany' SUP organizational - Unit STRUCTURAL MUST ou MAY ( description $ lsGodfatherDn ) ) -structuralObjectClass: olcSchemaConfig -entryUUID: 076f2732-6a9d-1032-82eb-95e24cffa2a0 -creatorsName: cn=config -createTimestamp: 20130616065217Z -entryCSN: 20130616065217.757414Z#000000#000#000000 -modifiersName: cn=config -modifyTimestamp: 20130616065217Z diff --git a/lsexample/slapd/slapd.d/cn=config/olcDatabase={-1}frontend.ldif b/lsexample/slapd/slapd.d/cn=config/olcDatabase={-1}frontend.ldif deleted file mode 100644 index f684d76f..00000000 --- a/lsexample/slapd/slapd.d/cn=config/olcDatabase={-1}frontend.ldif +++ /dev/null @@ -1,20 +0,0 @@ -# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. -# CRC32 c50de41a -dn: olcDatabase={-1}frontend -objectClass: olcDatabaseConfig -objectClass: olcFrontendConfig -olcDatabase: {-1}frontend -olcAddContentAcl: FALSE -olcLastMod: TRUE -olcMaxDerefDepth: 0 -olcReadOnly: FALSE -olcSchemaDN: cn=Subschema -olcSyncUseSubentry: FALSE -olcMonitoring: FALSE -structuralObjectClass: olcDatabaseConfig -entryUUID: 5606cc0e-6a95-1032-977d-cf219862f309 -creatorsName: cn=config -createTimestamp: 20130616055713Z -entryCSN: 20130616055713.639138Z#000000#000#000000 -modifiersName: cn=config -modifyTimestamp: 20130616055713Z diff --git a/lsexample/slapd/slapd.d/cn=config/olcDatabase={0}config.ldif b/lsexample/slapd/slapd.d/cn=config/olcDatabase={0}config.ldif deleted file mode 100644 index 0b7bb773..00000000 --- a/lsexample/slapd/slapd.d/cn=config/olcDatabase={0}config.ldif +++ /dev/null @@ -1,16 +0,0 @@ -# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. -# CRC32 96dac74f -dn: olcDatabase={0}config -objectClass: olcDatabaseConfig -olcDatabase: {0}config -olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external - ,cn=auth manage by * break -olcRootDN: cn=admin,cn=config -structuralObjectClass: olcDatabaseConfig -entryUUID: 6db4d93a-6a91-1032-8cb8-d5eaa14a6b52 -creatorsName: cn=config -createTimestamp: 20130616052915Z -olcRootPW:: dG90bw== -entryCSN: 20130616061517.456231Z#000000#000#000000 -modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth -modifyTimestamp: 20130616061517Z diff --git a/lsexample/slapd/slapd.d/cn=config/olcDatabase={1}hdb.ldif b/lsexample/slapd/slapd.d/cn=config/olcDatabase={1}hdb.ldif deleted file mode 100644 index 151ed078..00000000 --- a/lsexample/slapd/slapd.d/cn=config/olcDatabase={1}hdb.ldif +++ /dev/null @@ -1,97 +0,0 @@ -# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. -# CRC32 4ba4a558 -dn: olcDatabase={1}hdb -objectClass: olcDatabaseConfig -objectClass: olcHdbConfig -olcDatabase: {1}hdb -olcSuffix: o=ls -olcAccess: {0}to dn.regex="^o=ls$" attrs=entry,children,objectclass by group - /lsgroup/uniqueMember.exact="cn=adminldap,ou=groups,o=ls" write by dn.base=" - uid=ldapsaisie,ou=sysaccounts,o=ls" write by users read by * read -olcAccess: {1}to dn.regex="^ou=groups,o=ls$" attrs=children,objectclass by g - roup/lsgroup/uniqueMember.exact="cn=adminldap,ou=groups,o=ls" write by dn.ba - se="uid=ldapsaisie,ou=sysaccounts,o=ls" write by users read by * none -olcAccess: {2}to dn.regex="^cn=[^,]+,ou=groups,o=ls$" attrs=entry,objectclass - by group/lsgroup/uniqueMember.exact="cn=adminldap,ou=groups,o=ls" write by - dn.base="uid=ldapsaisie,ou=sysaccounts,o=ls" write by users read by * none -olcAccess: {3}to dn.regex="^cn=[^,]+,ou=groups,o=ls$" by group/lsgroup/unique - Member.exact="cn=adminldap,ou=groups,o=ls" write by dn.base="uid=ldapsaisie, - ou=sysaccounts,o=ls" write by users read by * none -olcAccess: {4}to dn.regex="^ou=people,o=ls$" attrs=children,objectclass by g - roup/lsgroup/uniqueMember.exact="cn=adminldap,ou=groups,o=ls" write by dn.ba - se="uid=ldapsaisie,ou=sysaccounts,o=ls" write by users read by * read -olcAccess: {5}to dn.regex="^uid=[^,]+,ou=people,o=ls$" attrs=entry,objectclas - s by group/lsgroup/uniqueMember.exact="cn=adminldap,ou=groups,o=ls" write b - y dn.base="uid=ldapsaisie,ou=sysaccounts,o=ls" write by users read by * rea - d -olcAccess: {6}to dn.regex="^uid=[^,]+,ou=people,o=ls$" attrs=userPassword by - group/lsgroup/uniqueMember.exact="cn=adminldap,ou=groups,o=ls" write by dn. - base="uid=samba,ou=sysaccounts,o=ls" write by dn.base="uid=ldapsaisie,ou=sys - accounts,o=ls" write by self write by anonymous auth by * none -olcAccess: {7}to dn.regex="^uid=[^,]+,ou=sysaccounts,o=ls$" attrs=userPasswor - d by group/lsgroup/uniqueMember.exact="cn=adminldap,ou=groups,o=ls" write b - y dn.base="uid=ldapsaisie,ou=sysaccounts,o=ls" write by anonymous auth by * - none -olcAccess: {8}to dn.regex="^uid=[^,]+,ou=people,o=ls$" attrs=uid,lsallowedser - vices,uidNumber,gidNumber,homeDirectory,loginShell,sambaSID,sambaAcctFlags,sa - mbaPrimaryGroupSID by group/lsgroup/uniqueMember.exact="cn=adminldap,ou=grou - ps,o=ls" write by dn.base="uid=ldapsaisie,ou=sysaccounts,o=ls" write by use - rs read by * none -olcAccess: {9}to dn.regex="^uid=[^,]+,ou=people,o=ls$" attrs=sambaLMPassword, - sambaNTPassword by group/lsgroup/uniqueMember.exact="cn=adminldap,ou=groups, - o=ls" write by dn.base="uid=ldapsaisie,ou=sysaccounts,o=ls" write by dn.bas - e="uid=samba,ou=sysaccounts,o=ls" write by self write by * none -olcAccess: {10}to dn.regex="^uid=[^,]+,ou=people,o=ls$" attrs=c,cn,jpegPhoto, - personalTitle,sn,givenName,postalAddress,postalCode,l,st,telephoneNumber,mobi - le,fax,mail,description by group/lsgroup/uniqueMember.exact="cn=adminldap,ou - =groups,o=ls" write by dn.base="uid=ldapsaisie,ou=sysaccounts,o=ls" write b - y self write by users read by * read -olcAccess: {11}to attrs=entry by group/lsgroup/uniqueMember.exact="cn=adminld - ap,ou=groups,o=ls" write by dn.base="uid=ldapsaisie,ou=sysaccounts,o=ls" wri - te by users read by * none -olcAccess: {12}to * by group/lsgroup/uniqueMember.exact="cn=adminldap,ou=grou - ps,o=ls" write by dn.base="uid=ldapsaisie,ou=sysaccounts,o=ls" write by * n - one -olcAddContentAcl: FALSE -olcLastMod: TRUE -olcMaxDerefDepth: 15 -olcReadOnly: FALSE -olcSyncUseSubentry: FALSE -olcMonitoring: FALSE -olcDbDirectory: /var/lib/ldap -olcDbCacheSize: 1000 -olcDbCheckpoint: 512 30 -olcDbConfig: {0}set_cachesize 0 2097152 0 -olcDbConfig: {1}set_lk_max_objects 1500 -olcDbConfig: {2}set_lk_max_locks 1500 -olcDbConfig: {3}set_lk_max_lockers 1500 -olcDbNoSync: FALSE -olcDbDirtyRead: FALSE -olcDbIDLcacheSize: 0 -olcDbIndex: objectClass eq -olcDbIndex: cn eq,approx,sub -olcDbIndex: uid eq,approx,sub -olcDbIndex: uidNumber eq -olcDbIndex: gidNumber eq -olcDbIndex: sambaSID eq -olcDbIndex: lsAllowedServices eq -olcDbIndex: lsGodfatherDn eq -olcDbIndex: uniqueMember eq -olcDbIndex: sambaDomainName eq -olcDbIndex: memberUid eq -olcDbIndex: givenName eq,approx,sub -olcDbIndex: sn eq,approx,sub -olcDbIndex: mail eq,approx,sub -olcDbLinearIndex: FALSE -olcDbMode: 0600 -olcDbSearchStack: 16 -olcDbShmKey: 0 -olcDbCacheFree: 1 -olcDbDNcacheSize: 0 -structuralObjectClass: olcHdbConfig -entryUUID: a17059aa-6aa2-1032-8f84-37b4f3699116 -creatorsName: cn=config -createTimestamp: 20130616073223Z -entryCSN: 20130616073223.616056Z#000000#000#000000 -modifiersName: cn=config -modifyTimestamp: 20130616073223Z diff --git a/src/conf/LSaddons/config.LSaddons.dyngroup.php b/src/conf/LSaddons/config.LSaddons.dyngroup.php new file mode 100644 index 00000000..72884d5f --- /dev/null +++ b/src/conf/LSaddons/config.LSaddons.dyngroup.php @@ -0,0 +1,56 @@ + array( + 'LSdyngroup', + 'posixGroup', + ), + 'rdn' => 'cn', + 'container_dn' => 'ou=dyngroups', + 'container_auto_create' => array( + 'objectclass' => array( + 'top', + 'organizationalUnit', + ), + 'attrs' => array( + 'ou' => 'dyngroups', + ), + ), + 'display_name_format' => '%{cn}', + 'label' => 'Dynamic groups', + + 'customActions' => array ( + 'showTechInfo' => array ( + 'function' => 'showTechInfo', + 'label' => 'Show technical information', + 'hideLabel' => True, + 'noConfirmation' => true, + 'disableOnSuccessMsg' => true, + 'icon' => 'tech_info', + 'rights' => array ( + 'admin', + ), + ), + 'updateDynGroupMembersCache' => array ( + 'function' => 'updateDynGroupMembersCache', + 'label' => 'Update members cache', + 'question_format' => 'Are you sure you want to update members cache of this dynamic group ?', + 'onSuccessMsgFormat' => 'Members cache updated.', + 'icon' => 'refresh', + 'rights' => array ( + 'admin', + ), + ), + ), + + 'LSsearch' => array ( + 'attrs' => array ( + 'cn', + 'gidNumber' => array ( + 'searchLSformat' => '(gidNumber=%{pattern})', + 'approxLSformat' => '(gidNumber=%{pattern})', + ), + 'description', + ), + 'params' => array ( + 'sortBy' => 'displayName' + ), + 'customActions' => array ( + 'updateDynGroupsMembersCache' => array ( + 'function' => 'updateDynGroupsMembersCache', + 'label' => 'Update members cache', + 'question_format' => 'Are you sure you want to update members cache of all dynamic groups (could be quite long) ?', + 'onSuccessMsgFormat' => 'Dynamic groups members cache updated.', + 'icon' => 'refresh', + 'rights' => array ( + 'admin', + ), + ), + ), + ), + + 'after_delete' => 'updateGroupMembersAllowedServices', + 'after_create' => 'updateDynGroupMembersCache', + + 'attrs' => array ( + + /* ----------- start -----------*/ + 'cn' => array ( + 'label' => 'Name', + 'ldap_type' => 'ascii', + 'html_type' => 'text', + 'required' => 1, + 'check_data' => array ( + 'alphanumeric' => array( + 'msg' => 'Name must contain alphanumeric values only.', + ), + ), + 'validation' => array ( + array ( + 'filter' => 'cn=%{val}', + 'result' => 0, + ), + ), + 'view' => 1, + 'rights' => array( + 'user' => 'r', + 'admin' => 'w', + 'godfather' => 'r', + ), + 'form' => array ( + 'modify' => 1, + 'create' => 1, + ), + ), + /* ----------- end -----------*/ + + /* ----------- start -----------*/ + 'gidNumber' => array ( + 'label' => 'Identifier', + 'ldap_type' => 'numeric', + 'html_type' => 'text', + 'required' => 1, + 'generate_function' => 'generate_samba_gidNumber', + 'validation' => array ( + array ( + 'filter' => 'gidNumber=%{val}', + 'result' => 0, + ), + ), + 'view' => 1, + 'rights' => array( + 'user' => 'r', + 'admin' => 'w', + ), + 'form' => array ( + 'modify' => 1, + ), + ), + /* ----------- end -----------*/ + + /* ----------- start -----------*/ + 'lsDynGroupMemberDnURI' => array ( + 'label' => 'Member search URI', + 'help_info' => "

LDAP search URI or group members. A LDAP search URI is composed of the following parts separated by semicolons :

Example : ldap:///ou=people,o=ls??one?(&(objectClass=lspeople)(mail=*@ls.com))

", + 'ldap_type' => 'ascii', + 'html_type' => 'textarea', + 'required' => 0, + 'default_value' => 'ldap:///ou=people,o=ls??one?(objectClass=lspeople)', + 'check_data' => array ( + 'ldapSearchURI' => array( + 'msg' => "Invalid LDAP search URI.", + ), + ), + 'view' => 1, + 'rights' => array( + 'admin' => 'w', + ), + 'form' => array ( + 'modify' => 1, + 'create' => 1, + ), + 'dependAttrs' => array( + 'lsDynGroupMemberUidURI' + ), + 'after_modify' => array( + 'updateGroupMembersAllowedServices', + 'updateDynGroupMembersCache', + ), + ), + /* ----------- end -----------*/ + + /* ----------- start -----------*/ + 'lsDynGroupMemberUidURI' => array ( + 'label' => 'Member search URI (UID)', + 'ldap_type' => 'ascii', + 'html_type' => 'textarea', + 'required' => 0, + 'generate_function' => 'generateDyngroupMemberUidURI', + 'rights' => array( + 'admin' => 'w', + ), + ), + /* ----------- end -----------*/ + + /* ----------- start -----------*/ + 'lsDynGroupMemberDn' => array ( + 'label' => 'Members', + 'ldap_type' => 'ascii', + 'html_type' => 'select_object', + 'html_options' => array( + 'selectable_object' => array( + 'object_type' => 'LSpeople', + 'display_name_format' => '%{cn} (%{dn})', + 'value_attribute' => 'dn', + ), + ), + 'required' => 0, + 'multiple' => 1, + 'view' => 1, + 'rights' => array( + 'user' => 'r', + 'admin' => 'w', + 'godfather' => 'w', + ), + ), + /* ----------- end -----------*/ + + /* ----------- start -----------*/ + 'lsDynGroupMemberUid' => array ( + 'label' => 'Members UID', + 'ldap_type' => 'ascii', + 'html_type' => 'select_object', + 'html_options' => array( + 'selectable_object' => array( + 'object_type' => 'LSpeople', + 'display_name_format' => '%{cn} (%{uid})', + 'value_attribute' => 'uid', + ) + ), + 'required' => 0, + 'multiple' => 1, + 'view' => 1, + 'rights' => array( + 'user' => 'r', + 'admin' => 'w', + 'godfather' => 'w', + ), + ), + /* ----------- end -----------*/ + + /* ----------- start -----------*/ + 'uniqueMember' => array ( + 'label' => 'Members (cache)', + 'ldap_type' => 'ascii', + 'html_type' => 'select_object', + 'html_options' => array( + 'selectable_object' => array( + array( + 'object_type' => 'LSpeople', + 'display_name_format' => '%{cn} (%{dn})', + 'value_attribute' => 'dn', + ), + ), + 'ordered' => true, + ), + 'required' => 0, + 'multiple' => 1, + 'validation' => array ( + array ( + 'object_type' => 'LSpeople', + 'basedn' => '%{val}', + 'result' => 1, + ), + ), + 'view' => 1, + 'rights' => array( + 'admin' => 'w', + 'admingroup' => 'w', + 'godfather' => 'w', + ), + ), + /* ----------- end -----------*/ + + /* ----------- start -----------*/ + 'memberUid' => array ( + 'label' => 'Members UID (cache)', + 'ldap_type' => 'ascii', + 'html_type' => 'select_object', + 'html_options' => array( + 'selectable_object' => array( + array( + 'object_type' => 'LSpeople', + 'display_name_format' => '%{cn} (%{uid})', + 'value_attribute' => 'uid', + ), + ), + 'ordered' => true, + ), + 'required' => 0, + 'multiple' => 1, + 'validation' => array ( + array ( + 'object_type' => 'LSpeople', + 'filter' => '(uid=%{val})', + 'result' => 1, + ), + ), + 'view' => 1, + 'rights' => array( + 'admin' => 'w', + 'admingroup' => 'w', + 'godfather' => 'w', + ), + ), + /* ----------- end -----------*/ + + /* ----------- start -----------*/ + 'description' => array ( + 'label' => 'Description', + 'ldap_type' => 'ascii', + 'html_type' => 'textarea', + 'multiple' => 1, + 'rights' => array( + 'user' => 'r', + 'admin' => 'w', + 'godfather' => 'r', + ), + 'view' => 1, + 'form' => array ( + 'modify' => 1, + 'create' => 1, + ), + ), + /* ----------- end -----------*/ + + /* ----------- start -----------*/ + 'lsGodfatherDn' => array ( + 'label' => 'Accountable(s)', + 'ldap_type' => 'ascii', + 'html_type' => 'select_object', + 'html_options' => array ( + 'selectable_object' => array( + 'object_type' => 'LSpeople', + 'value_attribute' => 'dn', + ), + ), + 'validation' => array ( + array ( + 'basedn' => '%{val}', + 'result' => 1, + 'msg' => "One or several of these users don't exist.", + ), + ), + 'multiple' => 0, + 'rights' => array( + 'admin' => 'w', + ), + 'view' => 1, + 'form' => array ( + 'modify' => 1, + 'create' => 1, + ), + ), + /* ----------- end -----------*/ + + ), +); diff --git a/src/conf/LSobjects/config.LSobjects.LSpeople.php b/src/conf/LSobjects/config.LSobjects.LSpeople.php index c6cf891e..f2244681 100644 --- a/src/conf/LSobjects/config.LSobjects.LSpeople.php +++ b/src/conf/LSobjects/config.LSobjects.LSpeople.php @@ -148,6 +148,17 @@ $GLOBALS['LSobjects']['LSpeople'] = array ( 'admingroup' => 'w', ), ), + 'dyngroups' => array( + 'label' => 'Belongs to dynamic groups ...', + 'emptyText' => "Doesn't belong to any dynamic group.", + 'LSobject' => "LSdyngroup", + 'linkAttribute' => "uniqueMember", + 'linkAttributeValue' => "dn", + 'rights' => array( + 'self' => 'r', + 'admin' => 'r', + ), + ), 'godfather' => array( 'label' => 'Godfather of ...', 'emptyText' => "Doesn't sponsor any user.", @@ -160,6 +171,30 @@ $GLOBALS['LSobjects']['LSpeople'] = array ( 'admingroup' => 'w', ), ), + 'group_godfather' => array( + 'label' => 'Godfather of groups ...', + 'emptyText' => "Doesn't sponsor any group.", + 'LSobject' => "LSgroup", + 'linkAttribute' => "lsGodfatherDn", + 'linkAttributeValue' => "dn", + 'rights' => array( + 'self' => 'r', + 'admin' => 'w', + 'admingroup' => 'w', + ), + ), + 'dyngroup_godfather' => array( + 'label' => 'Godfather of dynamic groups ...', + 'emptyText' => "Doesn't sponsor any dynamic group.", + 'LSobject' => "LSdyngroup", + 'linkAttribute' => "lsGodfatherDn", + 'linkAttributeValue' => "dn", + 'rights' => array( + 'self' => 'r', + 'admin' => 'w', + 'admingroup' => 'w', + ), + ), ), // LSform @@ -278,6 +313,10 @@ $GLOBALS['LSobjects']['LSpeople'] = array ( ), ), + 'after_create' => 'triggerUpdateDynGroupsMembersCacheOnUserCreateOrDelete', + 'after_modify' => 'triggerUpdateDynGroupsMembersCacheOnUserModify', + 'after_delete' => 'triggerUpdateDynGroupsMembersCacheOnUserCreateOrDelete', + // Attributes 'attrs' => array_merge($GLOBALS['pwdPolicyAccountAttrs'], array ( diff --git a/src/conf/config.LSaddons.php b/src/conf/config.LSaddons.php index 7eed5627..0f75fd56 100644 --- a/src/conf/config.LSaddons.php +++ b/src/conf/config.LSaddons.php @@ -25,6 +25,7 @@ $GLOBALS['LSaddons']['loads'] = array ( 'posix', 'ftp', 'maildir', + 'dyngroup', 'showTechInfo', 'LSaccessRightsMatrixView', ); diff --git a/src/conf/config.inc.php b/src/conf/config.inc.php index b0e8f70f..0ed2189d 100644 --- a/src/conf/config.inc.php +++ b/src/conf/config.inc.php @@ -96,6 +96,7 @@ $GLOBALS['LSconfig'] = array( 'LSaccess' => array( 'LSpeople', 'LSgroup', + 'LSdyngroup', 'LSsysaccount', 'pwdPolicy', ), diff --git a/src/includes/addons/LSaddons.dyngroup.php b/src/includes/addons/LSaddons.dyngroup.php new file mode 100644 index 00000000..8f5b10d3 --- /dev/null +++ b/src/includes/addons/LSaddons.dyngroup.php @@ -0,0 +1,359 @@ + + * + * @retval boolean true if dyngroup are fully supported, false otherwise + */ +function LSaddon_dyngroup_support() { + $retval = true; + + $MUST_DEFINE_CONST = array( + 'DYNGROUP_OBJECT_TYPE', + ); + + foreach($MUST_DEFINE_CONST as $const) { + if ( !defined($const) || !constant($const) ) { + LSerror :: addErrorCode('DYNGROUP_SUPPORT_01', $const); + $retval = false; + } + } + + if ( + !(constant('DYNGROUP_MEMBER_DN_URI_ATTRIBUTE') && constant('DYNGROUP_MEMBER_DN_ATTRIBUTE') && constant('DYNGROUP_MEMBER_DN_STATIC_ATTRIBUTE')) && + !(constant('DYNGROUP_MEMBER_UID_URI_ATTRIBUTE') && constant('DYNGROUP_MEMBER_UID_ATTRIBUTE') && constant('DYNGROUP_MEMBER_UID_STATIC_ATTRIBUTE')) + ) { + LSerror :: addErrorCode('DYNGROUP_SUPPORT_02'); + $retval = false; + } + + if ($retval && php_sapi_name() == 'cli') { + LScli :: add_command( + 'update_dyngroups_members_cache', + 'cli_updateDynGroupsMembersCache', + 'Update dynamic groups members cache' + ); + } + + return $retval; +} + +/* + * Parse LDAP search URI + * + * @param[in] $uri string The LDAP search URI to parse + * + * @retval array|false Array of parsed LDAP search URI info, or false + */ +function parseLdapSearchURI($uri) { + $uri_parts = explode('?', $uri); + if (count($uri_parts) < 2) { + return false; + } + + return array ( + 'ldap_base_uri' => $uri_parts[0], + 'requested_attributes' => $uri_parts[1], + 'scope' => (isset($uri_parts[2])?$uri_parts[2]:null), + 'filter' => (isset($uri_parts[3])?$uri_parts[3]:null), + ); +} + +/* + * Extract attributes cited in an LDAP filter string + * + * @param[in] $filter string The LDAP filter string + * + * @retval array|false Array of the attributes cited in the LDAP filter string, or false + */ +function extractAttributesFromLdapFilterString($filter) { + if ($filter[0] != '(') + $filter = "($filter)"; + + if (!preg_match_all('#\((?P[a-z0-9]+)(?P[~<>]?=)(?P[^\)]+)\)#i', $filter, $parts)) + return false; + + return $parts['attr']; +} + +/** + * Generate dyngroup memberUid URI attribute value from memberDN URI attribute + * + * @author Benjamin Renard + * + * @param[in] $ldapObject The LSldapObject + * + * @retval array|null array of memberUid URI attribute values or null in case of error + */ +function generateDyngroupMemberUidURI($ldapObject) { + if (!isset($ldapObject -> attrs[ DYNGROUP_MEMBER_DN_URI_ATTRIBUTE ])) { + LSerror :: addErrorCode( + 'DYNGROUP_01', + array('dependency' => DYNGROUP_MEMBER_DN_URI_ATTRIBUTE, 'attr' => DYNGROUP_MEMBER_UID_URI_ATTRIBUTE) + ); + return; + } + + $dn_uri = $ldapObject -> attrs[ DYNGROUP_MEMBER_DN_URI_ATTRIBUTE ] -> getValue(); + if (empty($dn_uri)) + return; + + $uri_parts = explode('?', $dn_uri[0]); + if (count($uri_parts) < 2) { + LSerror :: addErrorCode('DYNGROUP_02', DYNGROUP_MEMBER_DN_URI_ATTRIBUTE); + return; + } + $uri_parts[1] = 'uid'; + return array( + implode('?', $uri_parts) + ); +} + +/** + * Update dyngroup cache members attributes + * + * @author Benjamin Renard + * + * @param[in] $dyngroup The LSldapObject + * + * @retval boolean True on success, False otherwise + */ +function updateDynGroupMembersCache($dyngroup, $reload=true) { + if ($reload && !$dyngroup -> reloadData()) { + LSlog :: get_logger('LSaddon_dyngroup') -> error("Fail to reload $dyngroup data"); + return false; + } + $attrs_map = array( + 'DYNGROUP_MEMBER_DN_ATTRIBUTE' => 'DYNGROUP_MEMBER_DN_STATIC_ATTRIBUTE', + 'DYNGROUP_MEMBER_UID_ATTRIBUTE' => 'DYNGROUP_MEMBER_UID_STATIC_ATTRIBUTE' + ); + $old_attrs = array(); + $attrs = array(); + foreach ($attrs_map as $src_attr => $dst_attr) { + $src_attr = constant($src_attr); + $dst_attr = constant($dst_attr); + if (!$src_attr || !$dst_attr) + continue; + LSlog :: get_logger('LSaddon_dyngroup') -> trace( + "updateDynGroupMembersCache($dyngroup): update attribute '$dst_attr' from '$dst_attr'" + ); + $old_attrs[$dst_attr] = $dyngroup -> getValue($dst_attr, false, array()); + ksort($old_attrs[$dst_attr]); + + $attrs[$dst_attr] = $dyngroup -> getValue($src_attr, false, array()); + ksort($attrs[$dst_attr]); + } + + if ($attrs == $old_attrs) { + LSlog :: get_logger('LSaddon_dyngroup') -> debug( + "updateDynGroupMembersCache($dyngroup): no member change" + ); + return true; + } + LSlog :: get_logger('LSaddon_dyngroup') -> debug( + "updateDynGroupMembersCache($dyngroup): change detected:\n - Current: ".varDump($old_attrs). + "\n\n - New: ".varDump($attrs) + ); + + if (!$old_attrs) { + LSlog :: get_logger('LSaddon_dyngroup') -> error( + "updateDynGroupMembersCache($dyngroup): No member attribute defined !" + ); + return false; + } + + if (!LSldap :: update(DYNGROUP_OBJECT_TYPE, $dyngroup -> getDn(), $attrs)) { + LSlog :: get_logger('LSaddon_dyngroup') -> error("Fail to update $dyngroup cache members attributes"); + return false; + } + LSlog :: get_logger('LSaddon_dyngroup') -> debug( + "updateDynGroupMembersCache($dyngroup): cache members attributes updated" + ); + return true; +} + +function updateDynGroupsMembersCache() { + if (!LSsession :: loadLSobject(DYNGROUP_OBJECT_TYPE)) + LSlog :: get_logger('LSaddon_dyngroup') -> fatal('Fail to load dyngroup object type'); + + // List dyn groups + $dyngroup_class = constant('DYNGROUP_OBJECT_TYPE'); + $dyngroup = new $dyngroup_class(); + $error = false; + foreach($dyngroup -> listObjects(null, null, array('withoutCache' => true)) as $group) { + if (!updateDynGroupMembersCache($group, false)) + $error = true; + } + return !$error; +} + +function triggerUpdateDynGroupsMembersCacheOnUserModify($user) { + $changed_attrs = array(); + foreach($user -> attrs as $attr_name => $attr) { + if ($attr -> isUpdate()) + $changed_attrs[] = strtolower($attr_name); + } + if (!$changed_attrs) { + LSlog :: get_logger('LSaddon_dyngroup') -> debug( + "triggerUpdateDynGroupsMembersCacheOnUserModify($user): no attribute changed" + ); + return true; + } + LSlog :: get_logger('LSaddon_dyngroup') -> debug( + "triggerUpdateDynGroupsMembersCacheOnUserModify($user): changed attributes = ".implode(', ', $changed_attrs) + ); + + return triggerUpdateDynGroupsMembersCacheOnUserChanges($user, $changed_attrs); +} + +function triggerUpdateDynGroupsMembersCacheOnUserCreateOrDelete($user) { + $changed_attrs = array_keys($user -> attrs); + return triggerUpdateDynGroupsMembersCacheOnUserChanges($user, $changed_attrs); +} + +function triggerUpdateDynGroupsMembersCacheOnUserChanges(&$user, &$changed_attrs) { + if (!LSsession :: loadLSobject(DYNGROUP_OBJECT_TYPE)) { + LSlog :: get_logger('LSaddon_dyngroup') -> error('Fail to load dyngroup object type'); + return false; + } + + // List dyn groups + $dyngroup_class = constant('DYNGROUP_OBJECT_TYPE'); + $dyngroup = new $dyngroup_class(); + $error = false; + $impacted_dyngroups = 0; + $updated_dyngroups = 0; + foreach($dyngroup -> listObjects() as $group) { // Leave cache enabled + $uri = null; + foreach(array(DYNGROUP_MEMBER_DN_URI_ATTRIBUTE, DYNGROUP_MEMBER_UID_URI_ATTRIBUTE) as $uri_attr) { + $uri = $group -> getValue($uri_attr, true); + if ($uri) break; + } + + if (!$uri) { + LSlog :: get_logger('LSaddon_dyngroup') -> debug( + "triggerUpdateDynGroupsMembersCacheOnUserChanges($user): $group hasn't member URI attribute." + ); + continue; + } + $parsed_uri = parseLdapSearchURI($uri); + if (!$parsed_uri) { + LSlog :: get_logger('LSaddon_dyngroup') -> warning( + "triggerUpdateDynGroupsMembersCacheOnUserChanges($user): fail to parse member URI attribute of $group." + ); + continue; + } + + if (!$parsed_uri['filter']) { + LSlog :: get_logger('LSaddon_dyngroup') -> warning( + "triggerUpdateDynGroupsMembersCacheOnUserChanges($user): no LDAP filter found in member URI attribute of $group." + ); + continue; + } + + $filter_attrs = extractAttributesFromLdapFilterString($parsed_uri['filter']); + LSlog :: get_logger('LSaddon_dyngroup') -> debug( + "triggerUpdateDynGroupsMembersCacheOnUserChanges($user): attributes of LDAP filter of member URI attribute of $group = ".implode(', ', $filter_attrs) + ); + + if (!$filter_attrs) { + LSlog :: get_logger('LSaddon_dyngroup') -> warning( + "triggerUpdateDynGroupsMembersCacheOnUserChanges($user): fail to extract attribute from LDAP filter '".$parsed_uri['filter']."' from member URI attribute of $group." + ); + continue; + } + + $is_impacted = false; + foreach($filter_attrs as $attr) { + if (in_array(strtolower($attr), $changed_attrs)) { + $is_impacted = true; + break; + } + } + + if (!$is_impacted) { + LSlog :: get_logger('LSaddon_dyngroup') -> debug( + "triggerUpdateDynGroupsMembersCacheOnUserChanges($user): $group is NOT impacted by user's changes." + ); + continue; + } + LSlog :: get_logger('LSaddon_dyngroup') -> debug( + "triggerUpdateDynGroupsMembersCacheOnUserChanges($user): $group is impacted by user's changes ". + "(at least by attribute '$attr')." + ); + $impacted_dyngroups++; + if (updateDynGroupMembersCache($group, false)) + $updated_dyngroups++; + else + $error = true; + } + LSlog :: get_logger('LSaddon_dyngroup') -> debug( + "triggerUpdateDynGroupsMembersCacheOnUserChanges($user): $impacted_dyngroups impacted dyngroups found, ". + "$updated_dyngroups updated." + ); + if ($impacted_dyngroups && $impacted_dyngroups == $updated_dyngroups) { + LSsession :: addInfo( + getFData( + _('Members cache of %{count} dynamic group(s) have been updated because thes were potentially impacted by your changes.'), + $updated_dyngroups) + ); + } + else if ($error) { + LSsession :: addInfo( + getFData( + _('Members cache of %{count} dynamic group(s) have NOT been updated but thes were potentially impacted by your changes. A delay of some minutes could be necessary to handle your changes on this groups.'), + ($impacted_dyngroups-$updated_dyngroups) + ) + ); + } + return !$error; +} + + +if (php_sapi_name() != 'cli') + return true; + +function cli_updateDynGroupsMembersCache($command_args) { + return updateDynGroupsMembersCache(); +} diff --git a/src/includes/class/class.LScli.php b/src/includes/class/class.LScli.php index 50c42a9a..c19cc4ea 100644 --- a/src/includes/class/class.LScli.php +++ b/src/includes/class/class.LScli.php @@ -638,14 +638,25 @@ class LScli extends LSlog_staticLoggerClass { * * @retval array List of available options **/ - public static function autocomplete_int($prefix='') { + public static function autocomplete_int($prefix='', $quote_char='') { $opts = array(); for ($i=0; $i < 10; $i++) { - $opts[] = "$prefix$i"; + $opts[] = self :: quote_word("$prefix$i", $quote_char); } return $opts; } + /** + * Autocomplete boolean option + * + * @param[in] $prefix string Option prefix (optional, default=empty string) + * + * @retval array List of available options + **/ + public static function autocomplete_bool($prefix='', $quote_char='') { + return self :: autocomplete_opts(array('0', '1'), $prefix, false, $quote_char); + } + /** * Autocomplete LSobject type option * diff --git a/src/includes/class/class.LSformRule_ldapSearchURI.php b/src/includes/class/class.LSformRule_ldapSearchURI.php new file mode 100644 index 00000000..7093fca5 --- /dev/null +++ b/src/includes/class/class.LSformRule_ldapSearchURI.php @@ -0,0 +1,179 @@ + + */ +class LSformRule_ldapSearchURI extends LSformRule { + + // CLI parameters autocompleters + protected static $cli_params_autocompleters = array( + 'check_resolving_ldap_host' => array('LScli', 'autocomplete_bool'), + 'host_required' => array('LScli', 'autocomplete_bool'), + 'scope_required' => array('LScli', 'autocomplete_bool'), + 'attr_required' => array('LScli', 'autocomplete_bool'), + 'max_attrs_count' => array('LScli', 'autocomplete_int'), + 'filter_required' => array('LScli', 'autocomplete_bool'), + ); + + /** + * Check an LDAP search URI value + * + * @param mixed $value The value to check + * @param array $options Validation option + * @param object $formElement The LSformElement object + * + * @return boolean true if the value is valid, false otherwise + */ + public static function validate($value, $options=array(), &$formElement) { + self :: log_trace("validate($value): options = ".varDump($options)); + $uri_parts = explode('?', $value); + + self :: log_trace("validate($value): URI parts = ".varDump($uri_parts)); + + /* + * The LDAP URI + */ + if (!preg_match('/^(?Pldaps?)\:\/\/(?P[^\/\:]+)?(:(?P[0-9]+))?\/(?P.*)$/', $uri_parts[0], $m)) { + throw new LSformRuleException(getFData(_('Invalid LDAP server URI (%{uri})'), $uri_parts[0])); + } + self :: log_trace("validate($value): parsed LDAP URI:".varDump($m)); + + // Check LDAP host + if ($m['host']) { + if (filter_var($m['host'], FILTER_VALIDATE_IP)) { + self :: log_trace("validate($value): '".$m['host']."' is a valid IP address"); + } + elseif ( + filter_var($m['host'], FILTER_VALIDATE_DOMAIN) && + (!LSconfig :: get('params.check_resolving_ldap_host', true, 'bool', $options) || @gethostbyname($m['host']) != $m['host']) + ) { + self :: log_trace("validate($value): '".$m['host']."' is a valid domain name"); + } + else { + throw new LSformRuleException(getFData(_('Invalid LDAP host (%{host})'), $m['host'])); + } + + if ($m['port'] && $m['port'] < 1 || $m['port'] > 65535) { + throw new LSformRuleException(getFData(_('Invalid LDAP port (%{port})'), $m['port'])); + } + } + elseif ($m['port']) { + throw new LSformRuleException(getFData(_('A LDAP URI could not contain port without host (%{host}:%{port})'), $m)); + } + else { + self :: log_trace("validate($value): URI doesn't contain LDAP host"); + if (LSconfig :: get('params.host_required', False, 'bool', $options)) + throw new LSformRuleException(_('LDAP host not provided but required')); + } + + // Check base DN + if (isset($m['basedn']) && $m['basedn']) { + if (!isCompatibleDNs($m['basedn'], LSsession :: getRootDn())) + throw new LSformRuleException(getFData(_('Invalid base DN (%{basedn})'), $m['basedn'])); + self :: log_trace("validate($value): base DN '".$m['basedn']."' is valid"); + } + else { + self :: log_trace("validate($value): URI doesn't contain search base DN"); + if (LSconfig :: get('params.basedn_required', False, 'bool', $options)) + throw new LSformRuleException(_('Search base DN not provided but required')); + } + + /* + * Attributes (optionals) + */ + $max_attrs_count = LSconfig :: get('params.max_attrs_count', null, null, $options); + if (isset($uri_parts[1]) && $uri_parts[1]) { + $attrs = explode(',', $uri_parts[1]); + if (!is_empty($max_attrs_count) && count($attrs) > $max_attrs_count) + throw new LSformRuleException( + getFData( + _('Invalid searched attributes count (%{attrCount} > %{maxAttrsCount})'), + array('attrCount' => count($attrs), 'maxAttrsCount' => $max_attrs_count) + ) + ); + foreach($attrs as $attr) { + if (!preg_match('/^[a-z][a-z0-9\-]+$/i', $attr)) { + throw new LSformRuleException(getFData(_('Invalid attribute name (%{attr})'), $attr)); + } + } + } + else { + self :: log_trace("validate($value): no attribute name provided"); + if ( + LSconfig :: get('params.attr_required', False, 'bool', $options) || + (!is_empty($max_attrs_count) && $max_attrs_count > 0) + ) + throw new LSformRuleException(_('Attribute name not provided but required')); + } + + /* + * Scope + */ + if (isset($uri_parts[2]) && $uri_parts[2]) { + if (!in_array($uri_parts[2], array('base', 'one', 'sub'))) { + throw new LSformRuleException( + getFData( + _('Invalid search scope (%{scope}). Must be one of the following value : base, one or sub.'), + $uri_parts[2] + ) + ); + } + } + else { + self :: log_trace("validate($value): no search scope provided"); + if (LSconfig :: get('params.scope_required', true, 'bool', $options)) + throw new LSformRuleException(_('Search scope not provided but required')); + } + + /* + * LDAP Filter (optinal) + */ + if (isset($uri_parts[3]) && $uri_parts[3]) { + /* + Try to parse LDAP filter string to validate it + + Due to a limitation of Net_LDAP2_Filter::parse() that only + support filter enclosed by parentheses, if string does not + start with "(", enclose the filter with parentheses. + */ + $filter = @Net_LDAP2_Filter::parse( + ($uri_parts[3][0]=='('?$uri_parts[3]:"(".$uri_parts[3].")") + ); + if (!$filter instanceof Net_LDAP2_Filter) { + throw new LSformRuleException(getFData(_('Invalid LDAP filter ("%{filter}")'), $uri_parts[3])); + } + self :: log_trace("validate($value): LDAP search filter '".$uri_parts[3]."' is valid."); + } + else { + self :: log_trace("validate($value): no search filter provided"); + if (LSconfig :: get('params.filter_required', false, 'bool', $options)) + throw new LSformRuleException(_('Search filter not provided but required')); + } + + self :: log_trace("validate($value): LDAP search URI is valid."); + return True; + } + +} diff --git a/src/lang/fr_FR.UTF8/LC_MESSAGES/ldapsaisie.mo b/src/lang/fr_FR.UTF8/LC_MESSAGES/ldapsaisie.mo index 6ae7f13381aa3d04f0a174de1ed0f9b23b6e76b1..4ef29b40a4b65ab3920ecc8b13d72f3359b55de4 100644 GIT binary patch delta 15604 zcmb{12Y3`!-}mv^5PDDO1XxM}p@iN-3mv3|5~Rx}*^q@K8?qZ9KwJx;prR51MNt%$ zcH@l(6#)@MK>-VbfP#n>G}apnD9ZEw&6!ZV^?9%7y56}s`JDfmvomK-n_XS=~UHK~b8Ei1c?Wkusmq>8jJk12Joi} z&c!&q3sZ4Bj>ZNZ%=H5}nRqLX$B2%)ZpgAS$mjxFu_C^XPvH@)g?XJUt28ddQn(7s z;N#c`H)2D43nTG+RQ(d2c^E8@T*^wq7I+uxL0-fJ?r$9;Qxz+Av8<8U04Lx~?5*?2 zKdVw#h6x8^S-cz7V=J&azJlTSKB}P~Vg!ET#6O`L_B+@n0BK8qUTcd!C}hxP@XxI{P0Do1%0RC!%ggBqi*(+t(a@u+%(y3zkC7)?PX z^k8kwMm^CItc+_=PqYQ~L@#13Jb=2M?PkadV!3h3nS&hY!xDgxSCDi8|a4}Yx zH4vNNe2l@zaR|PFu~?0ZQa@z%B-4O`G}H$cp}J@j>Pfa@IPO4obb=5;a@TV=4R-)sT_{ zO+#y-CTRm~h^H#+49F^cs!|g{b(bqnnE|->eK&k3EZ8u3us= zY%-R|Vd7h3w;%PwXsK1RHDl4U)BeJ7jQeFB*_Ry5s16)O{O z!Z(pqRxE)UbO-jrou~)6gc|CYsm9PuGFs0&QIoHVhiw;UA;V|6XqCD?5jCc3un(3^ zF;6%YTM^I1cK8@3;Ct8tBU8--^};&D8K|DU1KVmk?IROM!3FG!O=*QLX|=K7jB+rw(7A+?^^-XcPY3^N?nvS%;{ zzeP>9smxG%-+B%;RFxTU)fhvY(+t4w z7{J?6bL3YHsjHGGRfVJ2AL|C0>F7b)V!h|sJD0Ufyah+$Ic$vGW|_%&6DnSZP4FPL z#~&~To6I&2K@DxrZ2Dgp`WFRt@iI=qx^v7+WiAdPUX6N^FHy6%W}ewEk};Ne8)}FA z6!l~c=9)>JkE(wdHFQz)%v_p+itm|6|Eq=XP|yNP%r{$ZYt)Sc*bH}K0)BzLFecv& zNgArBUPWD}J>5wsTGNo>wNB#gIGFqN#kY`uR@Ga~26ummOeYGy!FX(Zs~P(#*oyc? z$1kt}apZ00$=f?FMmoj%81(?-xSJZh0DItOEQ3W@1AoFQSbl*SqEHl>(iHT@k~kPk z;Rw_X$6_ST!f0HA&2bB=;U`fIk636NhAO`kJL4-DhrePwj9Fy94Uflu>Wq8IbmhcR z$4YmY1`R@uZ6c1xxfrc_7>>VTWxR}4vGSc}h#KNP;$&prTCt1G^&Z7i#7|>W+>G}7 z|9z*z$5?_BXHhpO!gBZnmdD>wU08aFsaGGvh#O%PMq^p*gVk{;Mqo0Q!(7z)Td)Ey z!A_bCE6He#-p1*89Q8zf?lKJ-gO!NKqZ*Kox^M{fxn)=qAI94FIF7{~*byV{Haq7a zEKQt?ngjV5(uJ3j(S=rHEqod^`CdVd-M2UzqwX=^WU^6n;(pZUo!wSsaoq&Uh=VN2shwbre zOv3sPm}M43Ex%2eh+kqm?7ZB}f$5k)ya)9_VJpo3P!_ccLhZ=JkePrr@K&sb4`Ld9L_ zXx4ikwjh2C>)}Diudpt0>4(gQ)EM8R`S)QM1)rZ6;?a)R0w1J#i=05KO`Hn1bqZKi0g z=)W=4jLb==ApB9&(l*$d^1fIV16UImq8hXs!*C<2A)8T8bQJZZr%^Zj5kF!*|BM}p zkE}7vv+Uz$lGl5j{-3~!@f5`4R&0phqxSl$PnZp-Gu9^_=QtZRNmpQX+=P8_531qe zYt7561A2(Z;AngS>teYl&GllQr2hv}(4PXe{2pwBYcLfL<3#NAl=ab?`RSWL=Hw*`1hxXK^|<+hTr@6kuJg|BGa9 z!0OMkIp9>(*qz1z4t&l$@eWi^yoKfQC~An#pc-%vD`Ck(^Q*TS>bm2x7e0wvC7+`{ z*K{lWuMe~)(-C`Oe+;5}WIK+*y_ku$o;Sa67NN>d;}C5Bf-!_`h!0|Cyo72%hZoJH z3*k`WcW^RBZKMCkk(s;A*-|llWOb>R*e zh260xj(5suqSk*NYRHzMJ=d@b@wyNhU0@q(R`13}_#SE!{ftpq?Par1v_;MC8&TzX zsO7c--MAg|@FXT<(k}Bh-G&;9uvg5g8HU}7LzBtWBeM#1<87!5pTrt?0o!8b-KJh| zj3K@W)y0c21q*N@{)$U+^d5eM;HT)rX|I}}IR~{0wxd2* zgc`E;@0ju={DF88_UHcA>~~4{GPcK#hs_0j7)!h#d*YAS7u&pN#x#iSh`xpMI%{r_f$E~~Q6Ct5&dlcLaV~M(SLXZv2E3E_40cD~*XFz9(|9}aLG zBJ)M%B^*aw{~J?28`FqC!5jbVEjy4a+5SP4c{s-j*)L82`vu6Et?1Sr3v9wWKR#uj6|t7)`;)I1<~JGA_h!#K%!Lj4bW4yKpe}CSHc= zc+`n|lrcRKLN(xJY>x*}%lS`KgYGWtvcHCJD;sjzuiae~L~!C=R0BR!>|zp@GanpO z-ete0k6{_kpT;;mi)FD!1@q)?3?pue;n*C@VQW+m#bZqzfTeLth)fAGY3Ro3sFvU5 z#1Epn?j@)EZLCau5^G=)4#BXBF8fF4aGXs%37g?j)Q$f@eXeXJm;HsLHZ~#-wIfrJ zOcIvF6s(IrOvZ)S70;o%vQcHz^0BCfPQfZT!-?l(1LDP~$-DuzT0X(aSf`51{)sjR zt83-1C!-eb!b*4mH54CU0)B&4Oa+fp ziLP&Uwn3Iq}qF8fJ3Ge2SQ}jh3inu={V|wpQC2?C9I7V8kzMTgR0j9HOX#3P1Z4}^*$XNVgYJZJn#4h zmL@*w_!-6#hleMye~fJ6vNy8v zsCcdu??&~&C#VOwj9f2dRfsmTy9(;WV61~AN(;P?aoWwO>m z+~btbA>W0(uJ>9GD$}y z>1HRt-BIOQvM-YIC~HePO#V)ijvd$3dy)JSQ*6H*E)qXXT1g6h&k5~rIzAxnB;BXL zIaW|f$1_-ih87>1y*kEHe%`6`82&)g7t9l+QRGue?~^}H8bRtr+@172iT6gxdXK`P z1fP(?oE!9`>r&0oOJ?Ey;xY{Y#q||Z9U|pu1uL;&Kq;Ax!O8GeQKVci<#pKlas zekVOm+?fVxuNX*P$0!ot+^pqxWPXmvljpmL{j={gd;L-HwNv4c^TA$R=yA$g6TeJa zPkN5{Nvz1ZaPrGYHOcEJL3tmOwT|IFVto&bB56A>KK@iWhYKU@&kiyFQBZ}gDA10j zLvJ@7RVlj%@8kpbl6u%5vQOE6W>EI16Q&d#j)@FulkGw2Ih>BgM|VECka#0$425g) z1=1PPcTS}*@$TXeIR3_Y9qUPLxyGl&2~I0YViB=6avi*;%UOJBu#S_;7L05e8FJ>g z^*pEhQvEJ`kh8_dm*n-PZSIr}#$@9CIGl6``H`f_B;9qdQ*SBxjw;}In=;;y_R#^S zkX|54)bL&;^9}{SU^*6HeNsJ=j*lt3M5@Ha60r(aAk`$V;{fTjo#O{CWmCvkBobuAxo47gY4^nF_@9!w=gHKbSV>qc6X(;InQW;Vc&bzTIb$`P(qzqE=!8ElV z;@pk6j?{|uGU;v7e3GA}Bf?_hS&lll=qMY`K5-%r^R@<|wpACPvE za)_fa7N?O~k?*a|e;1jrC}@T{e585gUm|&(vZi>1@=i1`oHUHM9o|6MtK_q=_=qAi zgtBtj&?(%Fw>$aQIk$+^oX=}^THg|UM5;qUHgP{ZO01(4=`!ggaW%>xz$&B)q)#ZH zgF5yZtlq>gk^h-Ai2PTi+njUaXQzGxuGNw_)Y>_@2s1cYnG-t7;TyzrNhOGPkv=8e zPkfe?LpnuVpL)H>wC zIeFFphI~n!h-2|RY=rUG)FHGAh)+0W)rdEce}(kAPIAm5y-WP6`o9vHTPQe!jcJUI z{^WHe;j=gb>vC=renD!Zlc-}Ejx$-SGWi_r z?~{V0$)wGcoh1#_NsbvL52-WfijQbA(@AfUwv%qT=3I61Udm!=^snUaBfU%9lK2(; zhNQ#3|AS;cb3VKk-Bj9)wJGmNdW3ZCG2f|MTsD9>wK#CRk+Ke4N5?|aN;_x%ciKEB z4^8b~f!nD3oO989Y|NQveE2+eBQ>xJ7sWl|>M^um??iXfsKM?Oe{M#qJIfy=mlgE* zvfSDJoS=KQFPQGn4Z73)fuOrt^gNj#A3aYe^9$>@2`e3PXLvoF^k;e9vpgBOUbipc z&hgI7_2qa|hVc#VE})c2*hr{(x_vjgrxZnj!jaQN#0^Ck@!wWm2dacEbXi!ddntRasvJ z`R>S`^nIphPH&0=rYyFwsBbe@eY=}9-~V=g6;|y3OU=G!ct)g+)w~YGyAwS*%u4k? zm%L`l@Eo+9;$XUmg>$u*FRSpENeiMwo;kkE+|29O2-A$uutbJAXYGbww?eK~@oJv% zh@KQWivEh8XFqNJ^;5H1Al9AkndNm4A2Ei`^=7$qvr|1mZ^$ejIyvB`nO@d*(3=(X zas52EFEiVd64d(2bLaVUbKEIB#58Xp&fVLc>do-v>3#t}tC0oF8nru`y@H3%@}_tL z0Z&ezraGTW&G24#2_Bd(@dZN8y5w2^j}LOqL+Fkvo?NEc|M5AjVTE&V%cu~tXJYX@ z{l}5FMw=B>jSv}@~b z+cmyjm%@W9C%R%2Gjel08LbBRb26E9S=n|N=+Um5+hlt*%X0U0w~g&q82!*st{z&k z_R44P%J#BJY6tgb`EnROvx^5jSpj$Y-mO7<4PL*8M?T!8Oo*M(@1stx*~Gof0FQ2SJ@#7ec5O{|F|9T&N^7`3)1BJ1c#X21XSGUWie>re4_*_+ z*DpBmN2S8aYloMtKiX{Ev^-$u44U0{CM$4-%hfUT_ovuYXZdrf?49ME>-H44HFfU> z_H?=;$XkqSW!TgA%HIAD*J1_R`+Kg|vf1DV>cyhQG_coSE$p1boTNdmb~( zlaUuFn76BL!F{ik>CVXcGm}|t8U=QDAD?jceR}hMf6(QtU1JM3t*=?G)d2Q;u3?XF z@u&Z?`wy}QRy7I^KUY1JsQ30?>R;LMHCJelz1K6y|5eRw`+pg>tM|RK?e}rE`)f~` zeLswif6sHf?Pl!VU_X71mtBk30ACHvi|YDUK|jAQ=-#_gkE!{mG2!iK=2ot6mU#2-%) z|7u_=47Equleu@j9z-j=csZI!^JS&&-H_wc(qeYn?+B+VFNrSiZfF(K0&`vke_4l~ z+@L?l7oa=MGW@R>#?^&*wJPh7Hkmhu`ZSZRHwPL1D{l|`>ylTmjnur5zCkgs6=gNm zqE75R+MUgQVjduq1-o~Rdphe^U$A^^CWN#6T-l%MOY^08fg< z;5YZ8r`){yQv8|Ov@t+^K3%+<{Bx&-{#@{;=c zk3*G0#S4pGDW1#v8eF_@YG!fw;*FCYv78;^A3pHk^|e3j-N0k~-6yKEH~;rN);(Xr ZRr1A8s=9WEJMS*0D(|k9YihWr{|_%L8`b~- delta 12228 zcmZA72Yk)f|Htv~C6U+(f{=v-k%$p{rgqR8p|J@G4MAl^n+hQ!yJ3Kwlh=>YTAy3|C-&Jd8U2BF5uQ ztc=n8h{Enz0H^>!2D|A2l>h zZQdExkYrSkrlB{EM>SwFswWqtyE%oO6#UVbyJ@V7pvJNq=E6kuT+rren1lKewtfPt zLDNvznThJr<*4H}*?bq~AwPc!t3m&lqEN1enazp#7WrIkh__K)7FE+swm4K* zwnEK?MAQ&;!=l&=bK-c6z!}!BF_iogs)t{o&I@$cGF=shT1GL*KBqnEfH~L*7hzlc z85>~r+KfAn#wK_GRiBeJsRwF_%wuOb*2OPT5A+aqUPUSs&^?rbCf`xitPYAZ7pRL& zV5b*`<034H`>`3`!$_>eOw|p$U?@&R9lr|IL&s1Lat6Kd5^C9AM~2MpJhl~H^~`Jy zK%Eecnw+tyAsB-i<2k6wwHh@iwxU+Y9t^=Fs7ZDgb;ArSgfCE&F+Y#5>xZCc{YOwx zORJzJVO`hvTtFQ%nvothU+G2J50yP(IApe}Q9Hjhx z>k;H(odPXQPqjzpsWTm!ZqD(RJP*U~^+M1H`IWTEGvllhC!7LG7cm&dW&NZXSg1lJ7wNIc4ZaIUlQ{ zFFW}nj0ksnAzO~OOn5DU5*;+qp0h6(cSK%6cQ=u$p&F@JdI88 zDVE1NG`}hKN4+P$!ASHQY~F}9P){}t6YwnR_{bq<=muj9`Bt0X##r)FL+Sr03LS@< zPo)o0H$H}?vA{6XwY9M>`DoOT>_HyZDKgw#Xe!bsXD`yLPV5MV1(#ucjChYH#Z+YF zIrp&&HW*254GJSinz7%CWy$ltZ>)`>(K2z#r zLGtG4hdoe3G#GtwzMFzKg=Lrxzd+q^1LnsQ7=bsj4EoYwwLI1~ytj3wt-p>{*GBp>k$f~(#!c7&@1kefM~^jyo~RZrMUCxhY>%f=4Tv6RK2BR>Uh+ir$6l!OMxY*G zESADam>oCT{oi0#@&o9FhcSmn4}!8v2KUDZYt_J!?7@qMa{7V7{mRYBNP(w8HQoAiDvB6P$!N-wRkeB z>lb1zT!-qJdsqj(KQukj0M!F6P(9TNHJ1jW3nyY$oP=)OV46K(4(ftyP)~3eeegW0 z<=0RbdX8#Pu1RJ#hhPEn`qp;nP2LxEok6JMC!jCR#ca4_68&GE!YV4f@H|$+%cy1P zKiRxOn`3A4S*ZPwkwcu4Q%u)?g{{diqpnwOs#*8lup0Ra)Uv#SHL>V4^U6=0M*o+f zVi^^&cnI6#U#Q8`;v>_LiP(~SKWaJUn{MVnLyRL|gnFVYs5x{C)gv!35Bkk8FR)Nl zL%L!P{LD>3U9}q30~@UAScrT(X2+ALp}1)Co7RUIPJIUIL5hBCdZI4IlYfE{cp0NG z%S`hNNQ~9poI+7{^u{tc5li7F)GWV%t+4zj=G*N!tWUlI3!F zs%vXtY3yn98K{Qt#Bz87)l>hXhSqN$*V6hgO+gKaLXCB6)QO!?>$E?nvv3DtW%5$< z%`)tan#}{S1FlD{8s7zGsOqD}J_W;YDu&>f)??@{K*cW<0`L{8r2z}ghfqUIB2U2t z{0@s^(M9G$Rk1Po+o%RF#`3rclkp~Y#KxbQuieX0^^dSCwpmR7H>a>=v1x#7i5bH} z_!ae~QDgWMY6u>q#_lgvPrX7tVfLk_>&sync{|kp5!eUEV{LqddQ+BNW`-bbnVVKn zF@Xy8zy(ahNB9nQ`rJI>A*@B7d%1aoHO2ho38=~13)R4Ws2&|^^QowY%)(&&41IAY z7Q=&X3MDAq!I79_g_-peQFG!m^c;wqy?3lnPz}~!taO8ds0)Xo8Wf2^SROU$-bAf} zuBcVg9}A&-3R%ufzB#3_JvV5s${K=x?m$zgA%QMQ9U*u!*Cx4 z;tf>8USJV@{ulnjOr}^=16pGoj>6u!2U9R|wQ0Z%)Dx}4Y`7b>Ob?noqgKOCtcnk@DTc2%zfJeY=G@=eOQAF7+F-tf_C~!Czr{%W12t=dSQ2HhBSzsw zOvBBnCk)+azC9tJzl^!C*e0`jVo(oU3Ef(^wJ2ydx3Km=&EjFGE}n*saTYRW z&Lz7)1O3T!ZZ^jSqb?kd8iHul+=;jKNvP$ViaBxIX8K=UJDmzYoM#VQjk@qg)ap2Z zVR#2epijE#%CVT2{5Wc|T}Calz%AxOs4A)<9k3t{!wNVZb=7yD!6HuLv@`8b+9W;>rFxE=>!-5ut7n{Wzwz&Gaig{7$L1n%Ua zaJ-wsPzsH9nMt)9hm%L`=KCJ5KuxxoJ?4e92)mGb?=|oIWQ-%=YwXTGQ;U;^n1 zY=zHJL)dh`nIoTIBXaj83N0uUr#YQ*AijYou{`Gc)|^-$i;+)7)vw3j@hWPS{O2Iu zivfqsH>r;E`~ic}Q*&fF*-`;gB>&GvsV$;JEq2sa_0 z@;z%EI~+AV5PHmUx{<$!@8TsKgw2ne53hY#hrIX?=E0Is_gjvMTL0%LsOw@*7{{U- za0cgM9Cz)G=W#05IB9Np7%P#NI%PhFJE3~=Q%uBrsGf{FZGOWVhr#5#uoYfZJ@7dz6Kj(%!0PxDHo|;o%;$Q0tVuo_wf`iBV2-o=LWz;q#rP3<{&OrbT!xxs;pa`m z7h+fPm+0<9q0>)h*6%>QFaj>{n<;ic^~9gpAG=*Nlj948}!EZ(D)DOX)G$GqgoDUWVK;2}tLe#ASdIJ@>OtMr zeluP3A(o-yxXquT8dB?#>B7&k3Hdo}fT1k@A()I4@FJ=qT_2lQ^gQfE?*E5*k&VDM z07! zDOMmqgdOo2X2XQ%X0>#{%H$(3LWBDig`8BJMICqpbKyOV!lzgOi~VKBt_ntzcR{V= zshEIQY+m7SQ$HRxWM@$~^nYP`ura}=Y=*gCnP27F<1q4Gujv2M6s}RB8~Zvg&xr-F zFnKr@$J&@1yP-Gs!=gACyW_`L9iO0jtgOrBX?PNAxm})FyM>Bs zR6NAa7?H*0`Auj%29T$t8u&ft!Lz6?zlCx53^gaJWp#P}PLP7?(XFVS*pE8?6zY1n z(1m}yDQE~@qPp7UEi1{%C)!-c7 zF3$@n5Y@9)P;7Tx_Bwp!&MlM_pv#~W;0zr2G!+1;}Q(^F+I2&`;up1 z947m^Jbx`;iMrksY>ZX1yR^LB&S(masQ4B&b~$pGA*qAC$%kSMyn%HwD5uNw8PEx} zjK0N==$*?nGzr!9>#ziFMNf~QCUpkBg?VzTA#T2_FZE+u~X*hfZFX=QE%@hH`(W9R-~@+`14$$oF6= zyn=codi$BK?Tr3OevN zyCWdKX=yxa`HVnacp_>xFUCOJfLh;2P{&@PN3eElxFa|$Db=5A^5IjVk_!xBquK?4Ev z1x?<)AnRW}FrErsXc_7~uoCq|SFs2_u=}$WGV68}i&s5yALpPpJt@0A-;O;M{P>If zXF}UA#0p{pQGvQbS@ivnLSLdjQJly{`BGwV}i7@tOZu$_KM_jNK zS~c2c5Zj3#IDReR`E-HXl*?POx;PvgcO@_1Y^=%J%J1Qo=R(X!{B!bn-#`@!XhUdH3Mk=Nd`ahwbQ}-EV z-YrfJ@~Py-u`Ic^KkziSO6Erh z2d*S8650~*B&Ok4L>J0;2+j6+9H=dhctWnNHPMXFa-Bq7OG0aXAx^W$6vj=|ohR~fgCpc~ ziMPo+V}F8=5oa55hw$V5<0P^3DT!V*+X!tD#CGb=db0ojqZ9Q5ZB-x2+VmPOPJB(? z1c%vrip~hi-x8;Zc%m-hMdP%+?bZ$o`e1o|dzX4`RdBs2I=uWmTN^w}WDrlN*@`cS zFYR%HH@WBk^-wu4H(Q5Usr!x47EPUtaDPP-LR3`kYugzPGqvG&ju_XSdJEjn6l>hP6@QW$=83 z3{ft#5|0tniCpaW=4KP@Ig{-%tF4*bW&bBO`5ZTsw?}W{f1kf7l>?|4gEa_k1r5#% zTtwYUY)Qlr*~tH~$B}yeKF|Tj6GMpx>>6cM-)Xr+8}kE=ZoaEuv7J$VLOF;k!g2(UiExaSJeWTTXt7_?rkPGPg1m zc9OrN@h`%K?%6%Zt^QU&9LzBnhyonOIg_Ecv6pgz?e*MPc*L>Tb} zbz`xNJ!d+3X<{}pgUH-^X#Bg|tOz?!5`&0WnMYtv;t}zbsLZ~FcmTDHG&t?aQz`eh z`CaQ3>K_sLX^0QLMO z6PFPiDF1-bMCSH6b(=}*5Fbe%(QDUgA%TCi9 zQNB#wb)qU!ihRgx=TPNTBkyhNe6pnXE5FE<-mK!k*?a~MOzl2oa7y}~>VaPAVRZ}n z&U(~%ae8EYh%3EM)87lFuj@W6B7Mo^v|Q=q=eF|-4;z}4HY6pif6uUE{<5&N^%D;)T8yDuz|4R-W z&tP-c^j+)Pd#CT*Tqwt^xx4qKXW84?l|FG_ucEWob\n" "Language-Team: LdapSaisie \n" @@ -19,6 +19,7 @@ msgstr "" "X-Poedit-SourceCharset: utf-8\n" "X-Poedit-Basepath: /var/www/ldapsaisie/trunk\n" "X-Generator: Poedit 2.4.2\n" +"Plural-Forms: nplurals=2; plural=(n > 1);\n" #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.samba.php:27 msgid "SAMBA Support: Unable to load smbHash class." @@ -160,6 +161,52 @@ msgstr "MAIL : Erreur durant l'envoie de votre mail" msgid "PhpLdapAdmin Support : The constant %{const} is not defined." msgstr "Support PhpLdapAdmin : La constante %{const} n'est pas définie." +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.dyngroup.php:27 +msgid "Dynamic groups support: The constant %{const} is not defined." +msgstr "" +"Support des groupes dynamiques : La constante %{const} n'est pas définie." + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.dyngroup.php:30 +msgid "" +"Dynamic groups support: You must at least define all constantes of dynamic " +"groups's by DN or by UID." +msgstr "" +"Support des groupes dynamiques : vous devez au moins définir toutes les " +"constantes des groupes dynamiques par DN ou par UID." + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.dyngroup.php:34 +msgid "" +"Dynamic groups: The attribute %{dependency} is missing. Unable to forge the " +"attribute %{attr}." +msgstr "" +"Support des groupes dynamiques : L'attribut %{dependency} est manquant. " +"Impossible de générer l'attribut %{attr}." + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.dyngroup.php:37 +msgid "Dynamic groups: Fail to parse %{attr} value : invalid number of parts." +msgstr "" +"Groupes dynamiques : Impossible d'analyser la valeur de l'attribut %{attr} : " +"nombre de parties invalide." + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.dyngroup.php:338 +msgid "" +"Members cache of %{count} dynamic group(s) have been updated because thes " +"were potentially impacted by your changes." +msgstr "" +"Le cache des membres de %{count} groupe(s) dynamique(s) as été mis à jours " +"suite à vos modifications qui les impactaient potentiellement." + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.dyngroup.php:345 +msgid "" +"Members cache of %{count} dynamic group(s) have NOT been updated but thes " +"were potentially impacted by your changes. A delay of some minutes could be " +"necessary to handle your changes on this groups." +msgstr "" +"Le cache des membres de %{count} groupe(s) dynamique(s) n'ont PAS put être " +"mis à jours suite à vos modifications qui les impactaient potentiellement. " +"Un délais de quelques minutes pourra être nécessaire pour que vos " +"modifications soient pris en compte sur ces groupes." + #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.posix.php:27 msgid "POSIX Support : The constant %{const} is not defined." msgstr "Support POSIX : La constante %{const} n'est pas définie." @@ -456,19 +503,19 @@ msgstr "État" msgid "Sub-state" msgstr "Sous-état" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule.php:52 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule.php:60 msgid "Invalid syntax checking configuration: unknown rule %{rule}." msgstr "" "Configuration de validation syntaxique invalide : règle %{rule} inconnue." -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule.php:73 -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule.php:100 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule.php:81 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule.php:283 #: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattr_html_date.php:47 #: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattr_html_select_list.php:63 msgid "Invalid value" msgstr "Valeur invalide" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule.php:111 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule.php:294 msgid "LSformRule_%{type}: Parameter %{param} is not found." msgstr "LSformRule_%{type} : Le paramètre %{param} n'est pas défini." @@ -917,21 +964,21 @@ msgstr "" "LSattr_html_select_objet : l'objet sélectionné %{name} n'a pas de valeur " "dans son attribut %{attr}, vous ne pouvez pas le sélectionner." -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_differentPassword.php:90 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_differentPassword.php:95 msgid "" "LSformRule_differentPassword : Other password attribute is not configured." msgstr "" "LSformRule_differentPassword : L'autre attribut mot de passe n'est pas " "configuré." -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_differentPassword.php:93 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_differentPassword.php:98 msgid "" "LSformRule_differentPassword : Fail to load LSattr_ldap :: password class." msgstr "" "LSformRule_differentPassword : Impossible de charger la classe " "LSattr_ldap :: password." -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_differentPassword.php:96 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_differentPassword.php:101 msgid "" "LSformRule_differentPassword : The other password attribute %{attr} does not " "exist." @@ -939,7 +986,7 @@ msgstr "" "LSformRule_differentPassword : L'autre attribut mot de passe %{attr} " "n'existe pas." -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_differentPassword.php:99 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_differentPassword.php:104 msgid "" "LSformRule_differentPassword : The other password attribute could not be the " "same of the current one." @@ -947,7 +994,7 @@ msgstr "" "LSformRule_differentPassword : L'autre attribut mot de passe ne peut être le " "même que l'attribut courant." -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_differentPassword.php:102 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_differentPassword.php:107 msgid "" "LSformRule_differentPassword : The other password attributes must use " "LSattr_ldap :: password. It's not the case of the attribure %{attr}." @@ -955,11 +1002,7 @@ msgstr "" "LSformRule_differentPassword : Les autres attributs mots de passe doivent " "utiliser LSattr_ldap :: password. Ce n'est pas le cas de l'attribut %{attr}." -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:261 -msgid "The value of field %{label} is invalid." -msgstr "La valeur du champ %{label} est incorrecte." - -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:756 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:755 msgid "" "LSattribute : Attribute %{attr} : LDAP or HTML types unknow (LDAP = %{ldap} " "& HTML = %{html})." @@ -967,7 +1010,7 @@ msgstr "" "LSattribute : Attribut %{attr} : Les types LDAP ou HTML sont inconnus (LDAP " "= %{ldap} & HTML = %{html})." -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:759 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:758 msgid "" "LSattribute : The function %{func} to display the attribute %{attr} is " "unknow." @@ -975,14 +1018,14 @@ msgstr "" "LSattribute : La fonction %{func} pour afficher l'attribut %{attr} est " "inconnue." -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:762 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:761 msgid "" "LSattribute : The rule %{rule} to validate the attribute %{attr} is unknow." msgstr "" "LSattribute : La règle %{rule} de validation de l'attribut %{attr} n'existe " "pas." -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:765 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:764 msgid "" "LSattribute : Configuration data to verify the attribute %{attr} are " "incorrect." @@ -990,22 +1033,22 @@ msgstr "" "LSattribute : Les données de configuration pour vérifier l'attribut %{attr} " "sont incorrecte." -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:768 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:767 msgid "" "LSattribute : The function %{func} to save the attribute %{attr} is unknow." msgstr "" "LSattribute : La fonction %{func} pour sauvegarder l'attribut %{attr} est " "inconnue." -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:771 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:770 msgid "LSattribute : The value of the attribute %{attr} can't be generated." msgstr "LSattribute : La valeur de l'attribut %{attr} ne peut être générée." -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:774 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:773 msgid "LSattribute : Generation of the attribute %{attr} failed." msgstr "LSattribute : La génération de l'attribut %{attr} a échouée." -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:777 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:776 msgid "" "LSattribute : Generation of the attribute %{attr} did not return a correct " "value." @@ -1013,14 +1056,14 @@ msgstr "" "LSattribute : La génération de l'attribut %{attr} n'a pas retournée de " "valeur correcte." -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:780 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:779 msgid "" "LSattribute : The attr_%{type} of the attribute %{name} is not yet defined." msgstr "" "LSattribute : L'objet attr_%{type} de l'attribut %{name} n'est pas encore " "défini." -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_callable.php:66 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_callable.php:71 msgid "LSformRule_callable : The given callable option is not callable" msgstr "LSformRule_callable : Le paramètre fournis n'est pas exécutable" @@ -1260,8 +1303,8 @@ msgstr "" "Context:\n" "%{context}" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_mimetype.php:47 -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_mimetype.php:51 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_mimetype.php:53 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_mimetype.php:57 msgid "Invalid file type (%{type})." msgstr "Type de fichier invalide (%{type})." @@ -1523,15 +1566,15 @@ msgstr "" "LSrelation : Des paramètres sont manquant dans l'appel des méthodes de " "manipulation des relations standards." -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_password.php:51 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_password.php:60 msgid "Password is too long (maximum: %{maxLength})." msgstr "Le mot de passe est trop long (maximum : %{maxLength})." -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_password.php:56 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_password.php:65 msgid "Password is too short (minimum: %{minLength})." msgstr "Le mot de passe est trop court (minimum : %{minLength})." -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_password.php:81 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_password.php:90 msgid "" "Password match with only %{valid} rule(s) (at least %{minValidRegex} are " "required)." @@ -1539,11 +1582,11 @@ msgstr "" "Le mot de passe ne respecte que %{valid} règle(s) (au moins %{minValidRegex} " "sont requises)." -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_password.php:92 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_password.php:101 msgid "This password is prohibited." msgstr "Ce mot de passe est interdit." -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_password.php:107 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_password.php:116 msgid "" "LSformRule_password : Invalid regex configured : %{regex}. You must use PCRE " "(begining by '/' caracter)." @@ -1583,6 +1626,67 @@ msgstr "LSldap : Erreur pendant la modification du DN de l'objet." msgid "LSldap: LDAP server base DN not configured." msgstr "LSldap : Le base DN du serveur LDAP n'est pas configuré." +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_ldapSearchURI.php:59 +msgid "Invalid LDAP server URI (%{uri})" +msgstr "URI de serveur LDAP invalide (%{uri})" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_ldapSearchURI.php:75 +msgid "Invalid LDAP host (%{host})" +msgstr "Hôte LDAP invalide (%{type})." + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_ldapSearchURI.php:79 +msgid "Invalid LDAP port (%{port})" +msgstr "Port LDAP invalide (%{port})" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_ldapSearchURI.php:83 +msgid "A LDAP URI could not contain port without host (%{host}:%{port})" +msgstr "Une URI LDAP ne peut contenir de port sans hôte (%{host}:%{port})" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_ldapSearchURI.php:88 +msgid "LDAP host not provided but required" +msgstr "Hôte LDAP non-fourni mais obligatoire" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_ldapSearchURI.php:94 +msgid "Invalid base DN (%{basedn})" +msgstr "Base DN invalide (%{basedn})" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_ldapSearchURI.php:100 +msgid "Search base DN not provided but required" +msgstr "Base DN de recherche non-fournie mais obligatoire" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_ldapSearchURI.php:112 +msgid "Invalid searched attributes count (%{attrCount} > %{maxAttrsCount})" +msgstr "" +"Nombre d'attributs recherchés invalide (%{attrCount} > %{maxAttrsCount})" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_ldapSearchURI.php:118 +msgid "Invalid attribute name (%{attr})" +msgstr "Nom d'attribut invalide (%{attr})" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_ldapSearchURI.php:128 +msgid "Attribute name not provided but required" +msgstr "Nom d'attribut non-fourni mais obligatoire" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_ldapSearchURI.php:138 +msgid "" +"Invalid search scope (%{scope}). Must be one of the following value : base, " +"one or sub." +msgstr "" +"Portée de recherche invalide (%{scope}). Doit être une des valeurs " +"suivantes : base, one ou sub." + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_ldapSearchURI.php:147 +msgid "Search scope not provided but required" +msgstr "Portéé de recherche non-fournie mais obligatoire" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_ldapSearchURI.php:165 +msgid "Invalid LDAP filter (\"%{filter}\")" +msgstr "Filtre LDAP invalide (\"%{filter}\")" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_ldapSearchURI.php:172 +msgid "Search filter not provided but required" +msgstr "Filtre de recherche non-fourni mais obligatoire" + #: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSrelation.php:331 msgid "listing related objects" msgstr "énumaration des objets liés" @@ -1803,11 +1907,11 @@ msgstr "Ajouter ce site internet à mes favoris." msgid "Generate the value" msgstr "Générer une valeur" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_filesize.php:49 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_filesize.php:55 msgid "File is too big." msgstr "Fichier trop gros." -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_filesize.php:53 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_filesize.php:59 msgid "File is too light." msgstr "Fichier trop petit." @@ -1826,6 +1930,30 @@ msgstr "" "des constantes suivantes : LSAUTH_CAS_SERVER_SSL_CACERT ou " "LSAUTH_CAS_SERVER_NO_SSL_VALIDATION" +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_numberOfValues.php:52 +msgid "max (or min)" +msgstr "max (ou min)" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_numberOfValues.php:65 +msgid "At least one value is required." +msgid_plural "At least %{min} values are required." +msgstr[0] "Au moins une valeur est obligatoire." +msgstr[1] "Au moins %{min} valeurs sont obligatoires." + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_numberOfValues.php:77 +msgid "Maximum one value is allowed." +msgid_plural "Maximum %{max} values are allowed." +msgstr[0] "Au maximum une valeur est autorisée." +msgstr[1] "Au maximum %{max} valeurs sont autorisées." + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_numberOfValues.php:93 +msgid "" +"LSformRule_numberOfValues: Parameter max could not be lower than parameter " +"min." +msgstr "" +"LSformRule_numberOfValues : Le paramètre max ne peut être inférieur au " +"paramètre min." + #: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSform.php:126 msgid "Add a field to add another values." msgstr "Ajouter une autre valeur à ce champ." @@ -1919,7 +2047,7 @@ msgstr "" "Cliquer pour activer la création/modification de la maildir en même temps " "que la création/modification du l'utilisateur." -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_regex.php:62 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_regex.php:67 msgid "LSformRule_regex : Regex has not been configured to validate data." msgstr "" "LSformRule_regex : L'expression régulière de vérification des données n'est " @@ -2001,11 +2129,11 @@ msgstr "Cette requête ne peut être traitée." msgid "This request could not be processed correctly." msgstr "Cette requête ne peut être traitée correctement." -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_rangelength.php:50 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_rangelength.php:55 msgid "Value is too short (minimum: %{limit})." msgstr "La valeur est trop courte (minimum : %{limit})." -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_rangelength.php:54 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_rangelength.php:59 msgid "Value is too long (maximum: %{limit})." msgstr "La valeur est trop longue (maximum: %{limit})." @@ -2360,7 +2488,7 @@ msgstr "" "LSattr_html_select_list : Impossible de récupérer les valeurs possibles de " "l'attribut %{attr} en utilisant la fonction configurée %{callable}." -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_inarray.php:57 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_inarray.php:62 msgid "" "LSformRule_inarray : Possible values has not been configured to validate " "data." @@ -2380,7 +2508,7 @@ msgstr "Valeur invalide pour le composant %{component} : \"%{value}\"." msgid "Godfather" msgstr "Parrain" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_date.php:66 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_date.php:72 msgid "LSformRule_date : No date format specify." msgstr "LSformRule_date : Aucun format de date spécifié." @@ -2413,11 +2541,11 @@ msgstr "" "Note: Les paramètres/arguments de la commande doivent être placés après " "celle-ci." -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LScli.php:804 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LScli.php:835 msgid "LScli : The CLI command '%{command}' already exists." msgstr "LScli : La commande CLI '%{command}' existe déjà." -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LScli.php:807 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LScli.php:838 msgid "LScli : The CLI command '%{command}' handler is not callable." msgstr "" "LScli : La fonction de prise en charge de la commande CLI '%{command}' n'est " @@ -2967,6 +3095,12 @@ msgstr "non" msgid "yes" msgstr "oui" +#~ msgid "Invalid LDAP URI format" +#~ msgstr "Format d'URI LDAP invalide" + +#~ msgid "The value of field %{label} is invalid." +#~ msgstr "La valeur du champ %{label} est incorrecte." + #~ msgid "LSformRule: Unknown rule type %{type}." #~ msgstr "LSformRule : Type de règle %{type} inconnu." diff --git a/src/lang/fr_FR.UTF8/lang.php b/src/lang/fr_FR.UTF8/lang.php index e057dbdc..ea9f9384 100644 --- a/src/lang/fr_FR.UTF8/lang.php +++ b/src/lang/fr_FR.UTF8/lang.php @@ -2,12 +2,27 @@ $GLOBALS['LSlang'] = array ( +# LSobjects.LSdyngroup.attrs.lsDynGroupMemberDnURI.help_info +"

LDAP search URI or group members. A LDAP search URI is composed of the following parts separated by semicolons :

    +
  • The LDAP URI in format ldap://[host]/[base DN]. For instance, to make a request on the same LDAP server, use ldap:///o=ls
    • +
  • The retreived attributes (separated by coma, optional)
    • +
  • The search scope (base, one or sub)
    • +
  • The LDAP filter (optional, default : (objectClass=*))
    • +

Example : ldap:///ou=people,o=ls??one?(&(objectClass=lspeople)(mail=*@ls.com))

" => + "

L'URI LDAP de recherche des membres du groupe. Une URI de recherche LDAP est composée des parties suivantes séparées par des points virgules :

    +
  • L'URI LDAP au format ldap://[host]/[base DN]. Par exemple, pour effectuer une recherche sur le même serveur LDAP, utiliser ldap:///o=ls
    • +
  • Les attributs récupérés (séparés par une virgule, facultatif)
    • +
  • La profondeur de la recherche (base, one ou sub)
    • +
  • Le filtre LDAP (facultatif, par défaut : (objectClass=*))
    • +

Exemple : ldap:///ou=people,o=ls??one?(&(objectClass=lsPeople)(mail=*@ls.com))

", + # LSobjects.pwdPolicy.attrs.pwdCheckModule.help_info "Used with caution ! The name of the OpenLDAP module to used to check the password quality." => "À utiliser avec vigilance ! Nom du module pour OpenLDAP à utiliser pour vérifier la qualité du mot de passe.", # LSobjects.LSpeople.attrs.lsGodfatherDn.label # LSobjects.LSgroup.attrs.lsGodfatherDn.label +# LSobjects.LSdyngroup.attrs.lsGodfatherDn.label # LSobjects.LScompany.attrs.lsGodfatherDn.label "Accountable(s)" => "Responsable(s)", @@ -44,10 +59,22 @@ $GLOBALS['LSlang'] = array ( "Always (disable account)" => "Toujours (compte désactivé)", +# LSobjects.LSdyngroup.LSsearch.customActions.updateDynGroupsMembersCache.question_format +"Are you sure you want to update members cache of all dynamic groups (could be quite long) ?" => + "Êtes-vous sûre de vouloir mettre à jour le cache des membres de tous les groupes dynamiques (peut être assez long) ?", + +# LSobjects.LSdyngroup.customActions.updateDynGroupMembersCache.question_format +"Are you sure you want to update members cache of this dynamic group ?" => + "Êtes-vous sûre de vouloir mettre à jour le cache de membre de ce groupe dynamique ?", + # LSobjects.LSpeople.attrs.sambaPwdMustChange.html_options.special_values.0 "At first login" => "À la première connexion", +# LSobjects.LSpeople.LSrelation.dyngroups.label +"Belongs to dynamic groups ..." => + "Appartient aux groupes dynamiques ...", + # LSobjects.LSpeople.LSrelation.groups.label # LSobjects.LSsysaccount.LSrelation.groups.label "Belongs to groups ..." => @@ -55,7 +82,7 @@ $GLOBALS['LSlang'] = array ( # LSobjects.pwdPolicy.LSform.layout.bruteforce.label "Brute-force attacks protection" => - "Proctetion anti brute-force", + "Protection anti brute-force", # LSobjects.pwdPolicy.attrs.pwdCheckModule.label "Check OpenLDAP module to used" => @@ -123,6 +150,7 @@ $GLOBALS['LSlang'] = array ( # LSobjects.LSpeople.attrs.description.label # LSobjects.LSgroup.attrs.description.label +# LSobjects.LSdyngroup.attrs.description.label # LSobjects.LSsysaccount.attrs.description.label # LSobjects.LScompany.attrs.description.label "Description" => @@ -136,15 +164,35 @@ $GLOBALS['LSlang'] = array ( "Do you confirm change of this user's password?" => "Confirmez-vous le changement du mot de passe de cet utilisateur ?", +# LSobjects.LSpeople.LSrelation.dyngroups.emptyText +"Doesn't belong to any dynamic group." => + "N'appartient à aucun groupe dynamique.", + # LSobjects.LSpeople.LSrelation.groups.emptyText # LSobjects.LSsysaccount.LSrelation.groups.emptyText "Doesn't belong to any group." => "N'appartient à aucun groupe.", +# LSobjects.LSpeople.LSrelation.dyngroup_godfather.emptyText +"Doesn't sponsor any dynamic group." => + "Ne parraine aucun groupe dynamique.", + +# LSobjects.LSpeople.LSrelation.group_godfather.emptyText +"Doesn't sponsor any group." => + "Ne parraine aucun groupe.", + # LSobjects.LSpeople.LSrelation.godfather.emptyText "Doesn't sponsor any user." => "Ne parraine aucun utilisateur.", +# LSobjects.LSdyngroup.label +"Dynamic groups" => + "Groupes dynamiques", + +# LSobjects.LSdyngroup.LSsearch.customActions.updateDynGroupsMembersCache.onSuccessMsgFormat +"Dynamic groups members cache updated." => + "Le cache des membres des groupes dynamiques a été mis à jour.", + # LSobjects.LSpeople.attrs.mail.label "E-mail address" => "Adresse e-mail", @@ -190,6 +238,14 @@ $GLOBALS['LSlang'] = array ( "Godfather of ..." => "Parrain de ...", +# LSobjects.LSpeople.LSrelation.dyngroup_godfather.label +"Godfather of dynamic groups ..." => + "Parrain des groupes dynamiques ...", + +# LSobjects.LSpeople.LSrelation.group_godfather.label +"Godfather of groups ..." => + "Parrain des groupes ...", + # LSobjects.pwdPolicy.attrs.pwdGraceAuthNLimit.label "Grace delay after password expiration" => "Délai de grâce après l'expiration du mot de passe", @@ -251,6 +307,10 @@ $GLOBALS['LSlang'] = array ( "Indicates the time the account was locked time. Delete this date and set pwdReset attribute to unlock the account." => "Indique la durée de blocage du compte. Supprimez cette date et définissez l'attribut pwdReset pour débloquer le compte.", +# LSobjects.LSdyngroup.attrs.lsDynGroupMemberDnURI.check_data.ldapSearchURI.msg +"Invalid LDAP search URI." => + "URI de recherche LDAP invalide.", + # LSobjects.LSpeople.attrs.gidNumber.html_options.possible_values.1.label "LDAP Groups" => "Groupes LDAP", @@ -326,10 +386,35 @@ $GLOBALS['LSlang'] = array ( "Maximum validity duration of a password" => "Durée maximum de validité du mot de passe", +# LSobjects.LSdyngroup.attrs.lsDynGroupMemberDnURI.label +"Member search URI" => + "URI de recherche des membres", + +# LSobjects.LSdyngroup.attrs.lsDynGroupMemberUidURI.label +"Member search URI (UID)" => + "URI de recherche des membres (UID)", + # LSobjects.LSgroup.attrs.uniqueMember.label +# LSobjects.LSdyngroup.attrs.lsDynGroupMemberDn.label "Members" => "Membres", +# LSobjects.LSdyngroup.attrs.uniqueMember.label +"Members (cache)" => + "Membres (cache)", + +# LSobjects.LSdyngroup.attrs.lsDynGroupMemberUid.label +"Members UID" => + "UID des membres", + +# LSobjects.LSdyngroup.attrs.memberUid.label +"Members UID (cache)" => + "UID des membres (cache)", + +# LSobjects.LSdyngroup.customActions.updateDynGroupMembersCache.onSuccessMsgFormat +"Members cache updated." => + "Le cache des membres a été mis à jour.", + # LSobjects.pwdPolicy.attrs.pwdMinLength.label "Minimum length a password" => "Longueur minimum d'un mot de passe", @@ -364,12 +449,14 @@ $GLOBALS['LSlang'] = array ( "Doit être un entier positif.", # LSobjects.LSgroup.attrs.cn.label +# LSobjects.LSdyngroup.attrs.cn.label # LSobjects.pwdPolicy.attrs.cn.label # LSobjects.LScompany.attrs.ou.label "Name" => "Nom", # LSobjects.LSgroup.attrs.cn.check_data.alphanumeric.msg +# LSobjects.LSdyngroup.attrs.cn.check_data.alphanumeric.msg "Name must contain alphanumeric values only." => "Le nom doit contenir uniquement des valeurs alpha-numériques.", @@ -449,6 +536,7 @@ $GLOBALS['LSlang'] = array ( "Identifiant numérique", # LSobjects.LSgroup.attrs.lsGodfatherDn.validation.0.msg +# LSobjects.LSdyngroup.attrs.lsGodfatherDn.validation.0.msg # LSobjects.LScompany.attrs.lsGodfatherDn.validation.0.msg "One or several of these users don't exist." => "Un ou plusieurs utilisateurs n'existent pas.", @@ -594,6 +682,7 @@ $GLOBALS['LSlang'] = array ( # LSobjects.LSpeople.customActions.showTechInfo.label # LSobjects.LSgroup.customActions.showTechInfo.label +# LSobjects.LSdyngroup.customActions.showTechInfo.label # LSobjects.LSsysaccount.customActions.showTechInfo.label # LSobjects.pwdPolicy.customActions.showTechInfo.label # LSobjects.LScompany.customActions.showTechInfo.label @@ -677,6 +766,11 @@ $GLOBALS['LSlang'] = array ( "Until an administrator manually unlock it (default)" => "Tant qu'un administrateur ne le débloque pas (par défaut)", +# LSobjects.LSdyngroup.customActions.updateDynGroupMembersCache.label +# LSobjects.LSdyngroup.LSsearch.customActions.updateDynGroupsMembersCache.label +"Update members cache" => + "Mettre à jour le cache des membres", + # LSobjects.pwdPolicy.attrs.pwdAllowUserChange.label "User can change its password" => "L'utilisateur peut changer son mot de passe", diff --git a/src/lang/ldapsaisie.pot b/src/lang/ldapsaisie.pot index 7d0c1eba..d1fcf105 100644 --- a/src/lang/ldapsaisie.pot +++ b/src/lang/ldapsaisie.pot @@ -117,6 +117,39 @@ msgstr "" msgid "PhpLdapAdmin Support : The constant %{const} is not defined." msgstr "" +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.dyngroup.php:27 +msgid "Dynamic groups support: The constant %{const} is not defined." +msgstr "" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.dyngroup.php:30 +msgid "" +"Dynamic groups support: You must at least define all constantes of dynamic " +"groups's by DN or by UID." +msgstr "" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.dyngroup.php:34 +msgid "" +"Dynamic groups: The attribute %{dependency} is missing. Unable to forge the " +"attribute %{attr}." +msgstr "" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.dyngroup.php:37 +msgid "Dynamic groups: Fail to parse %{attr} value : invalid number of parts." +msgstr "" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.dyngroup.php:338 +msgid "" +"Members cache of %{count} dynamic group(s) have been updated because thes " +"were potentially impacted by your changes." +msgstr "" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.dyngroup.php:345 +msgid "" +"Members cache of %{count} dynamic group(s) have NOT been updated but thes " +"were potentially impacted by your changes. A delay of some minutes could be " +"necessary to handle your changes on this groups." +msgstr "" + #: /home/brenard/dev/ldapsaisie_clean3/src/includes/addons/LSaddons.posix.php:27 msgid "POSIX Support : The constant %{const} is not defined." msgstr "" @@ -379,18 +412,18 @@ msgstr "" msgid "Sub-state" msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule.php:52 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule.php:60 msgid "Invalid syntax checking configuration: unknown rule %{rule}." msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule.php:73 -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule.php:100 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule.php:81 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule.php:283 #: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattr_html_date.php:47 #: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattr_html_select_list.php:63 msgid "Invalid value" msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule.php:111 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule.php:294 msgid "LSformRule_%{type}: Parameter %{param} is not found." msgstr "" @@ -793,86 +826,82 @@ msgid "" "value, you can't select it." msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_differentPassword.php:90 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_differentPassword.php:95 msgid "" "LSformRule_differentPassword : Other password attribute is not configured." msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_differentPassword.php:93 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_differentPassword.php:98 msgid "" "LSformRule_differentPassword : Fail to load LSattr_ldap :: password class." msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_differentPassword.php:96 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_differentPassword.php:101 msgid "" "LSformRule_differentPassword : The other password attribute %{attr} does not " "exist." msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_differentPassword.php:99 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_differentPassword.php:104 msgid "" "LSformRule_differentPassword : The other password attribute could not be the " "same of the current one." msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_differentPassword.php:102 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_differentPassword.php:107 msgid "" "LSformRule_differentPassword : The other password attributes must use " "LSattr_ldap :: password. It's not the case of the attribure %{attr}." msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:261 -msgid "The value of field %{label} is invalid." -msgstr "" - -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:756 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:755 msgid "" "LSattribute : Attribute %{attr} : LDAP or HTML types unknow (LDAP = %{ldap} " "& HTML = %{html})." msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:759 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:758 msgid "" "LSattribute : The function %{func} to display the attribute %{attr} is " "unknow." msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:762 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:761 msgid "" "LSattribute : The rule %{rule} to validate the attribute %{attr} is unknow." msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:765 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:764 msgid "" "LSattribute : Configuration data to verify the attribute %{attr} are " "incorrect." msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:768 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:767 msgid "" "LSattribute : The function %{func} to save the attribute %{attr} is unknow." msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:771 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:770 msgid "LSattribute : The value of the attribute %{attr} can't be generated." msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:774 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:773 msgid "LSattribute : Generation of the attribute %{attr} failed." msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:777 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:776 msgid "" "LSattribute : Generation of the attribute %{attr} did not return a correct " "value." msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:780 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSattribute.php:779 msgid "" "LSattribute : The attr_%{type} of the attribute %{name} is not yet defined." msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_callable.php:66 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_callable.php:71 msgid "LSformRule_callable : The given callable option is not callable" msgstr "" @@ -1072,8 +1101,8 @@ msgid "" "%{context}" msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_mimetype.php:47 -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_mimetype.php:51 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_mimetype.php:53 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_mimetype.php:57 msgid "Invalid file type (%{type})." msgstr "" @@ -1275,25 +1304,25 @@ msgid "" "standard relations (Method : %{meth})." msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_password.php:51 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_password.php:60 msgid "Password is too long (maximum: %{maxLength})." msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_password.php:56 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_password.php:65 msgid "Password is too short (minimum: %{minLength})." msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_password.php:81 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_password.php:90 msgid "" "Password match with only %{valid} rule(s) (at least %{minValidRegex} are " "required)." msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_password.php:92 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_password.php:101 msgid "This password is prohibited." msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_password.php:107 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_password.php:116 msgid "" "LSformRule_password : Invalid regex configured : %{regex}. You must use PCRE " "(begining by '/' caracter)." @@ -1331,6 +1360,64 @@ msgstr "" msgid "LSldap: LDAP server base DN not configured." msgstr "" +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_ldapSearchURI.php:59 +msgid "Invalid LDAP server URI (%{uri})" +msgstr "" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_ldapSearchURI.php:75 +msgid "Invalid LDAP host (%{host})" +msgstr "" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_ldapSearchURI.php:79 +msgid "Invalid LDAP port (%{port})" +msgstr "" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_ldapSearchURI.php:83 +msgid "A LDAP URI could not contain port without host (%{host}:%{port})" +msgstr "" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_ldapSearchURI.php:88 +msgid "LDAP host not provided but required" +msgstr "" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_ldapSearchURI.php:94 +msgid "Invalid base DN (%{basedn})" +msgstr "" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_ldapSearchURI.php:100 +msgid "Search base DN not provided but required" +msgstr "" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_ldapSearchURI.php:112 +msgid "Invalid searched attributes count (%{attrCount} > %{maxAttrsCount})" +msgstr "" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_ldapSearchURI.php:118 +msgid "Invalid attribute name (%{attr})" +msgstr "" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_ldapSearchURI.php:128 +msgid "Attribute name not provided but required" +msgstr "" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_ldapSearchURI.php:138 +msgid "" +"Invalid search scope (%{scope}). Must be one of the following value : base, " +"one or sub." +msgstr "" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_ldapSearchURI.php:147 +msgid "Search scope not provided but required" +msgstr "" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_ldapSearchURI.php:165 +msgid "Invalid LDAP filter (\"%{filter}\")" +msgstr "" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_ldapSearchURI.php:172 +msgid "Search filter not provided but required" +msgstr "" + #: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSrelation.php:331 msgid "listing related objects" msgstr "" @@ -1519,11 +1606,11 @@ msgstr "" msgid "Generate the value" msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_filesize.php:49 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_filesize.php:55 msgid "File is too big." msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_filesize.php:53 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_filesize.php:59 msgid "File is too light." msgstr "" @@ -1538,6 +1625,28 @@ msgid "" "LSAUTH_CAS_SERVER_SSL_CACERT or LSAUTH_CAS_SERVER_NO_SSL_VALIDATION" msgstr "" +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_numberOfValues.php:52 +msgid "max (or min)" +msgstr "" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_numberOfValues.php:65 +msgid "At least one value is required." +msgid_plural "At least %{min} values are required." +msgstr[0] "" +msgstr[1] "" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_numberOfValues.php:77 +msgid "Maximum one value is allowed." +msgid_plural "Maximum %{max} values are allowed." +msgstr[0] "" +msgstr[1] "" + +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_numberOfValues.php:93 +msgid "" +"LSformRule_numberOfValues: Parameter max could not be lower than parameter " +"min." +msgstr "" + #: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSform.php:126 msgid "Add a field to add another values." msgstr "" @@ -1620,7 +1729,7 @@ msgid "" "Click to enable maildir creation/modification on user creation/modification." msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_regex.php:62 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_regex.php:67 msgid "LSformRule_regex : Regex has not been configured to validate data." msgstr "" @@ -1700,11 +1809,11 @@ msgstr "" msgid "This request could not be processed correctly." msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_rangelength.php:50 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_rangelength.php:55 msgid "Value is too short (minimum: %{limit})." msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_rangelength.php:54 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_rangelength.php:59 msgid "Value is too long (maximum: %{limit})." msgstr "" @@ -2014,7 +2123,7 @@ msgid "" "%{attr} using configured function %{callable}." msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_inarray.php:57 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_inarray.php:62 msgid "" "LSformRule_inarray : Possible values has not been configured to validate " "data." @@ -2032,7 +2141,7 @@ msgstr "" msgid "Godfather" msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_date.php:66 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LSformRule_date.php:72 msgid "LSformRule_date : No date format specify." msgstr "" @@ -2062,11 +2171,11 @@ msgid "" "Note: Command's parameter/argument must be place after the command." msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LScli.php:804 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LScli.php:835 msgid "LScli : The CLI command '%{command}' already exists." msgstr "" -#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LScli.php:807 +#: /home/brenard/dev/ldapsaisie_clean3/src/includes/class/class.LScli.php:838 msgid "LScli : The CLI command '%{command}' handler is not callable." msgstr ""