mirror of
https://gitlab.easter-eggs.com/ee/ldapsaisie.git
synced 2024-12-24 09:23:47 +01:00
e099a27533
Add LSaddon dyngroup with feature to handle update static cache members attributes on users or dyngroup URI changes. The update process could also be runned using CLI update_dyngroups_members_cache command (allowing cron task configuration). LSexample also evoluate to add example of dynamic groups implementation. On this occasion, the restore_lsexample script was completely rewrited.
176 lines
11 KiB
Text
176 lines
11 KiB
Text
dn: cn=samba,cn=schema,cn=config
|
|
cn: samba
|
|
objectclass: olcSchemaConfig
|
|
olcattributetypes: {0}( 1.3.6.1.4.1.7165.2.1.24 NAME 'sambaLMPassword' DESC
|
|
'LanManager Password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.1
|
|
15.121.1.26{32} SINGLE-VALUE )
|
|
olcattributetypes: {1}( 1.3.6.1.4.1.7165.2.1.25 NAME 'sambaNTPassword' DESC
|
|
'MD4 hash of the unicode password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6
|
|
.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE )
|
|
olcattributetypes: {2}( 1.3.6.1.4.1.7165.2.1.26 NAME 'sambaAcctFlags' DESC '
|
|
Account Flags' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.
|
|
1.26{16} SINGLE-VALUE )
|
|
olcattributetypes: {3}( 1.3.6.1.4.1.7165.2.1.27 NAME 'sambaPwdLastSet' DESC
|
|
'Timestamp of the last password update' EQUALITY integerMatch SYNTAX 1.3.6.
|
|
1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
olcattributetypes: {4}( 1.3.6.1.4.1.7165.2.1.28 NAME 'sambaPwdCanChange' DES
|
|
C 'Timestamp of when the user is allowed to update the password' EQUALITY i
|
|
ntegerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
olcattributetypes: {5}( 1.3.6.1.4.1.7165.2.1.29 NAME 'sambaPwdMustChange' DE
|
|
SC 'Timestamp of when the password will expire' EQUALITY integerMatch SYNTA
|
|
X 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
olcattributetypes: {6}( 1.3.6.1.4.1.7165.2.1.30 NAME 'sambaLogonTime' DESC '
|
|
Timestamp of last logon' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.
|
|
121.1.27 SINGLE-VALUE )
|
|
olcattributetypes: {7}( 1.3.6.1.4.1.7165.2.1.31 NAME 'sambaLogoffTime' DESC
|
|
'Timestamp of last logoff' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.11
|
|
5.121.1.27 SINGLE-VALUE )
|
|
olcattributetypes: {8}( 1.3.6.1.4.1.7165.2.1.32 NAME 'sambaKickoffTime' DESC
|
|
'Timestamp of when the user will be logged off automatically' EQUALITY int
|
|
egerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
olcattributetypes: {9}( 1.3.6.1.4.1.7165.2.1.48 NAME 'sambaBadPasswordCount'
|
|
DESC 'Bad password attempt count' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1
|
|
.1466.115.121.1.27 SINGLE-VALUE )
|
|
olcattributetypes: {10}( 1.3.6.1.4.1.7165.2.1.49 NAME 'sambaBadPasswordTime'
|
|
DESC 'Time of the last bad password attempt' EQUALITY integerMatch SYNTAX
|
|
1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
olcattributetypes: {11}( 1.3.6.1.4.1.7165.2.1.55 NAME 'sambaLogonHours' DESC
|
|
'Logon Hours' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.
|
|
1.26{42} SINGLE-VALUE )
|
|
olcattributetypes: {12}( 1.3.6.1.4.1.7165.2.1.33 NAME 'sambaHomeDrive' DESC
|
|
'Driver letter of home directory mapping' EQUALITY caseIgnoreIA5Match SYNTA
|
|
X 1.3.6.1.4.1.1466.115.121.1.26{4} SINGLE-VALUE )
|
|
olcattributetypes: {13}( 1.3.6.1.4.1.7165.2.1.34 NAME 'sambaLogonScript' DES
|
|
C 'Logon script path' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.
|
|
121.1.15{255} SINGLE-VALUE )
|
|
olcattributetypes: {14}( 1.3.6.1.4.1.7165.2.1.35 NAME 'sambaProfilePath' DES
|
|
C 'Roaming profile path' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.1
|
|
15.121.1.15{255} SINGLE-VALUE )
|
|
olcattributetypes: {15}( 1.3.6.1.4.1.7165.2.1.36 NAME 'sambaUserWorkstations
|
|
' DESC 'List of user workstations the user is allowed to logon to' EQUALITY
|
|
caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE )
|
|
olcattributetypes: {16}( 1.3.6.1.4.1.7165.2.1.37 NAME 'sambaHomePath' DESC '
|
|
Home directory UNC path' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.1
|
|
15.121.1.15{128} )
|
|
olcattributetypes: {17}( 1.3.6.1.4.1.7165.2.1.38 NAME 'sambaDomainName' DESC
|
|
'Windows NT domain to which the user belongs' EQUALITY caseIgnoreMatch SYN
|
|
TAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
|
|
olcattributetypes: {18}( 1.3.6.1.4.1.7165.2.1.47 NAME 'sambaMungedDial' DESC
|
|
'Base64 encoded user parameter string' EQUALITY caseExactMatch SYNTAX 1.3.
|
|
6.1.4.1.1466.115.121.1.15{1050} )
|
|
olcattributetypes: {19}( 1.3.6.1.4.1.7165.2.1.54 NAME 'sambaPasswordHistory'
|
|
DESC 'Concatenated MD4 hashes of the unicode passwords used on this accoun
|
|
t' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} )
|
|
olcattributetypes: {20}( 1.3.6.1.4.1.7165.2.1.20 NAME 'sambaSID' DESC 'Secur
|
|
ity ID' EQUALITY caseIgnoreIA5Match SUBSTR caseExactIA5SubstringsMatch SYNT
|
|
AX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE )
|
|
olcattributetypes: {21}( 1.3.6.1.4.1.7165.2.1.23 NAME 'sambaPrimaryGroupSID'
|
|
DESC 'Primary Group Security ID' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.
|
|
1.4.1.1466.115.121.1.26{64} SINGLE-VALUE )
|
|
olcattributetypes: {22}( 1.3.6.1.4.1.7165.2.1.51 NAME 'sambaSIDList' DESC 'S
|
|
ecurity ID List' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.12
|
|
1.1.26{64} )
|
|
olcattributetypes: {23}( 1.3.6.1.4.1.7165.2.1.19 NAME 'sambaGroupType' DESC
|
|
'NT Group Type' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
|
|
SINGLE-VALUE )
|
|
olcattributetypes: {24}( 1.3.6.1.4.1.7165.2.1.21 NAME 'sambaNextUserRid' DES
|
|
C 'Next NT rid to give our for users' EQUALITY integerMatch SYNTAX 1.3.6.1.
|
|
4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
olcattributetypes: {25}( 1.3.6.1.4.1.7165.2.1.22 NAME 'sambaNextGroupRid' DE
|
|
SC 'Next NT rid to give out for groups' EQUALITY integerMatch SYNTAX 1.3.6.
|
|
1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
olcattributetypes: {26}( 1.3.6.1.4.1.7165.2.1.39 NAME 'sambaNextRid' DESC 'N
|
|
ext NT rid to give out for anything' EQUALITY integerMatch SYNTAX 1.3.6.1.4
|
|
.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
olcattributetypes: {27}( 1.3.6.1.4.1.7165.2.1.40 NAME 'sambaAlgorithmicRidBa
|
|
se' DESC 'Base at which the samba RID generation algorithm should operate'
|
|
EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
olcattributetypes: {28}( 1.3.6.1.4.1.7165.2.1.41 NAME 'sambaShareName' DESC
|
|
'Share Name' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
|
|
SINGLE-VALUE )
|
|
olcattributetypes: {29}( 1.3.6.1.4.1.7165.2.1.42 NAME 'sambaOptionName' DESC
|
|
'Option Name' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SY
|
|
NTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
|
|
olcattributetypes: {30}( 1.3.6.1.4.1.7165.2.1.43 NAME 'sambaBoolOption' DESC
|
|
'A boolean option' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1
|
|
.7 SINGLE-VALUE )
|
|
olcattributetypes: {31}( 1.3.6.1.4.1.7165.2.1.44 NAME 'sambaIntegerOption' D
|
|
ESC 'An integer option' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.1
|
|
21.1.27 SINGLE-VALUE )
|
|
olcattributetypes: {32}( 1.3.6.1.4.1.7165.2.1.45 NAME 'sambaStringOption' DE
|
|
SC 'A string option' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115
|
|
.121.1.26 SINGLE-VALUE )
|
|
olcattributetypes: {33}( 1.3.6.1.4.1.7165.2.1.46 NAME 'sambaStringListOption
|
|
' DESC 'A string list option' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1
|
|
466.115.121.1.15 )
|
|
olcattributetypes: {34}( 1.3.6.1.4.1.7165.2.1.53 NAME 'sambaTrustFlags' DESC
|
|
'Trust Password Flags' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466
|
|
.115.121.1.26 )
|
|
olcattributetypes: {35}( 1.3.6.1.4.1.7165.2.1.58 NAME 'sambaMinPwdLength' DE
|
|
SC 'Minimal password length (default: 5)' EQUALITY integerMatch SYNTAX 1.3.
|
|
6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
olcattributetypes: {36}( 1.3.6.1.4.1.7165.2.1.59 NAME 'sambaPwdHistoryLength
|
|
' DESC 'Length of Password History Entries (default: 0 => off)' EQUALITY in
|
|
tegerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
olcattributetypes: {37}( 1.3.6.1.4.1.7165.2.1.60 NAME 'sambaLogonToChgPwd' D
|
|
ESC 'Force Users to logon for password change (default: 0 => off, 2 => on)'
|
|
EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
olcattributetypes: {38}( 1.3.6.1.4.1.7165.2.1.61 NAME 'sambaMaxPwdAge' DESC
|
|
'Maximum password age, in seconds (default: -1 => never expire passwords)'
|
|
EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
olcattributetypes: {39}( 1.3.6.1.4.1.7165.2.1.62 NAME 'sambaMinPwdAge' DESC
|
|
'Minimum password age, in seconds (default: 0 => allow immediate password c
|
|
hange)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-V
|
|
ALUE )
|
|
olcattributetypes: {40}( 1.3.6.1.4.1.7165.2.1.63 NAME 'sambaLockoutDuration'
|
|
DESC 'Lockout duration in minutes (default: 30, -1 => forever)' EQUALITY i
|
|
ntegerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
olcattributetypes: {41}( 1.3.6.1.4.1.7165.2.1.64 NAME 'sambaLockoutObservati
|
|
onWindow' DESC 'Reset time after lockout in minutes (default: 30)' EQUALITY
|
|
integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
olcattributetypes: {42}( 1.3.6.1.4.1.7165.2.1.65 NAME 'sambaLockoutThreshold
|
|
' DESC 'Lockout users after bad logon attempts (default: 0 => off)' EQUALIT
|
|
Y integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
olcattributetypes: {43}( 1.3.6.1.4.1.7165.2.1.66 NAME 'sambaForceLogoff' DES
|
|
C 'Disconnect Users outside logon hours (default: -1 => off, 0 => on)' EQUA
|
|
LITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
olcattributetypes: {44}( 1.3.6.1.4.1.7165.2.1.67 NAME 'sambaRefuseMachinePwd
|
|
Change' DESC 'Allow Machine Password changes (default: 0 => off)' EQUALITY
|
|
integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
olcobjectclasses: {0}( 1.3.6.1.4.1.7165.2.2.6 NAME 'sambaSamAccount' DESC 'S
|
|
amba 3.0 Auxilary SAM Account' SUP top AUXILIARY MUST ( uid $ sambaSID ) MA
|
|
Y ( cn $ sambaLMPassword $ sambaNTPassword $ sambaPwdLastSet $ sambaLogonTi
|
|
me $ sambaLogoffTime $ sambaKickoffTime $ sambaPwdCanChange $ sambaPwdMustC
|
|
hange $ sambaAcctFlags $ displayName $ sambaHomePath $ sambaHomeDrive $ sam
|
|
baLogonScript $ sambaProfilePath $ description $ sambaUserWorkstations $ sa
|
|
mbaPrimaryGroupSID $ sambaDomainName $ sambaMungedDial $ sambaBadPasswordCo
|
|
unt $ sambaBadPasswordTime $ sambaPasswordHistory $ sambaLogonHours ) )
|
|
olcobjectclasses: {1}( 1.3.6.1.4.1.7165.2.2.4 NAME 'sambaGroupMapping' DESC
|
|
'Samba Group Mapping' SUP top AUXILIARY MUST ( gidNumber $ sambaSID $ samba
|
|
GroupType ) MAY ( displayName $ description $ sambaSIDList ) )
|
|
olcobjectclasses: {2}( 1.3.6.1.4.1.7165.2.2.14 NAME 'sambaTrustPassword' DES
|
|
C 'Samba Trust Password' SUP top STRUCTURAL MUST ( sambaDomainName $ sambaN
|
|
TPassword $ sambaTrustFlags ) MAY ( sambaSID $ sambaPwdLastSet ) )
|
|
olcobjectclasses: {3}( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' DESC 'Samba
|
|
Domain Information' SUP top STRUCTURAL MUST ( sambaDomainName $ sambaSID )
|
|
MAY ( sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $ sambaAlgorithm
|
|
icRidBase $ sambaMinPwdLength $ sambaPwdHistoryLength $ sambaLogonToChgPwd
|
|
$ sambaMaxPwdAge $ sambaMinPwdAge $ sambaLockoutDuration $ sambaLockoutObse
|
|
rvationWindow $ sambaLockoutThreshold $ sambaForceLogoff $ sambaRefuseMachi
|
|
nePwdChange ) )
|
|
olcobjectclasses: {4}( 1.3.6.1.4.1.7165.2.2.7 NAME 'sambaUnixIdPool' DESC 'P
|
|
ool for allocating UNIX uids/gids' SUP top AUXILIARY MUST ( uidNumber $ gid
|
|
Number ) )
|
|
olcobjectclasses: {5}( 1.3.6.1.4.1.7165.2.2.8 NAME 'sambaIdmapEntry' DESC 'M
|
|
apping from a SID to an ID' SUP top AUXILIARY MUST sambaSID MAY ( uidNumber
|
|
$ gidNumber ) )
|
|
olcobjectclasses: {6}( 1.3.6.1.4.1.7165.2.2.9 NAME 'sambaSidEntry' DESC 'Str
|
|
uctural Class for a SID' SUP top STRUCTURAL MUST sambaSID )
|
|
olcobjectclasses: {7}( 1.3.6.1.4.1.7165.2.2.10 NAME 'sambaConfig' DESC 'Samb
|
|
a Configuration Section' SUP top AUXILIARY MAY description )
|
|
olcobjectclasses: {8}( 1.3.6.1.4.1.7165.2.2.11 NAME 'sambaShare' DESC 'Samba
|
|
Share Section' SUP top STRUCTURAL MUST sambaShareName MAY description )
|
|
olcobjectclasses: {9}( 1.3.6.1.4.1.7165.2.2.12 NAME 'sambaConfigOption' DESC
|
|
'Samba Configuration Option' SUP top STRUCTURAL MUST sambaOptionName MAY (
|
|
sambaBoolOption $ sambaIntegerOption $ sambaStringOption $ sambaStringList
|
|
option $ description ) )
|