Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
tree: 4bec261fec
Fetching contributors…

Cannot retrieve contributors at this time

150 lines (126 sloc) 5.039 kb
# The Private Enterprise Number assigned to TCD Netsoc :D
objectIdentifier netsoc 1.3.6.1.4.1.33566
# Netsoc LDAP attributes
objectIdentifier na netsoc:1
# Netsoc LDAP objectclasses
objectIdentifier no netsoc:2
# OIDs for LDAP syntaxes
objectIdentifier syntax 1.3.6.1.4.1.1466.115.121.1
objectIdentifier boolean syntax:7
objectIdentifier directoryString syntax:15
objectIdentifier distinguishedName syntax:12
objectIdentifier integer syntax:27
objectIdentifier numericString syntax:36
objectIdentifier OID syntax:38
objectIdentifier octetString syntax:40
# ISS username
attributetype ( na:1
NAME 'tcdnetsoc-ISS-username'
DESC 'ISS username'
SINGLE-VALUE
EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX directoryString )
# Year of membership, e.g. "2008-2009"
# This attribute corresponds to payment of the membership fee for that year
# A given user often has multiple values for this attribute
attributetype ( na:3
NAME 'tcdnetsoc-membership-year'
DESC 'Year of membership'
EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX directoryString )
attributetype ( na:4
NAME 'tcdnetsoc-admin-comment'
DESC 'Comment'
EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX directoryString )
attributetype ( na:5
NAME 'tcdnetsoc-service-granted'
DESC 'Service that a privilege grants access to'
EQUALITY distinguishedNameMatch SYNTAX distinguishedName )
attributetype ( na:6
NAME 'tcdnetsoc-granted-by-privilege'
DESC 'Privilege sufficient to grant access to a service'
EQUALITY distinguishedNameMatch SYNTAX distinguishedName )
attributetype ( na:7
NAME 'tcdnetsoc-diskquota'
DESC 'Disk quota entry (host:fs:blocks_soft:blocks_hard:inodes_soft:inodes_hard)'
EQUALITY caseIgnoreMatch SYNTAX directoryString )
attributetype ( na:8
NAME 'tcdnetsoc-diskusage'
DESC 'Disk usage entry (host:fs:blocks_used:blocks_soft:blocks_hard:inodes_used:inodes_soft:inodes_hard)'
EQUALITY caseIgnoreMatch SYNTAX directoryString )
attributetype ( na:9
NAME 'tcdnetsoc-mysql-pw'
DESC 'MySQL password for per-user database'
SINGLE-VALUE
EQUALITY caseExactMatch SYNTAX directoryString )
attributetype ( na:10
NAME 'tcdnetsoc-value'
DESC 'Configuration setting stored in LDAP'
EQUALITY caseExactMatch SYNTAX directoryString )
attributetype ( na:11
NAME 'tcdnetsoc-saved-password'
DESC 'Saved password of a disabled user'
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
# A member or user of Netsoc
# This covers every person in the database. Those who are currently paid-up members
# will have a tcdnetsoc-membership-year attribute storing the current year.
# For those who don't have usernames (e.g. members who paid but never signed up for
# an account, the uid field is the same as the uidNumber field).
# The RDN is given by the uid field (so, user mu may be in LDAP with the DN of
# "uid=mu,ou=people,dc=netsoc,dc=tcd,dc=ie"
# Details pertaining to a shell account are stored in the posixAccount objectclass
# (see nis.schema), so that pam+ldap is possible.
# Mail aliases are also stored here
# there may be other attributes inherited from inetOrgPerson and its parents
# useful ones include sn (required), cn (required), userPassword, jpegPhoto,
# mail, userSMIMECertificate.
# A user may also have an amavisAccount object for amavis prefs.
objectclass ( no:1
NAME 'tcdnetsoc-person'
DESC 'Member or user of Trinity College Dublin Internet Society'
STRUCTURAL
MUST (
uidNumber $ cn )
MAY (
uid $ gidNumber $ homeDirectory $ tcdnetsoc-ISS-username $ tcdnetsoc-membership-year $
tcdnetsoc-admin-comment $ mail $ userPassword $ loginShell $ tcdnetsoc-diskquota $ tcdnetsoc-diskusage $ tcdnetsoc-mysql-pw $
tcdnetsoc-saved-password $
sambaSID $
sambaLMPassword $ sambaNTPassword $ sambaPwdLastSet $
sambaLogonTime $ sambaLogoffTime $ sambaKickoffTime $
sambaPwdCanChange $ sambaPwdMustChange $ sambaAcctFlags $
displayName $ sambaHomePath $ sambaHomeDrive $ sambaLogonScript $
sambaProfilePath $ description $ sambaUserWorkstations $
sambaPrimaryGroupSID $ sambaDomainName $ sambaMungedDial $
sambaBadPasswordCount $ sambaBadPasswordTime $
sambaPasswordHistory $ sambaLogonHours) )
objectclass ( no:2
NAME 'tcdnetsoc-group'
DESC 'Group of TCD Netsoc accounts'
SUP posixGroup
STRUCTURAL
MUST ( gidNumber )
MAY ( member $ sambaSID $ sambaGroupType ) )
objectclass ( no:3
NAME 'tcdnetsoc-idnum'
DESC 'Object to hold an ID number'
SUP top
STRUCTURAL
MUST ( cn $ serialNumber ) )
objectclass ( no:4
NAME 'tcdnetsoc-privilege'
DESC 'Privilege granting access for some users to some services'
SUP tcdnetsoc-group
STRUCTURAL
MAY ( tcdnetsoc-service-granted ) )
objectclass ( no:5
NAME 'tcdnetsoc-service'
DESC 'Service accessible by Netsoc users with the right privileges'
STRUCTURAL
MUST ( cn )
MAY ( tcdnetsoc-granted-by-privilege $ userPassword $ uid $ mail ) )
objectclass ( no:6
NAME 'tcdnetsoc-setting'
DESC 'Arbitrary name-value setting'
STRUCTURAL
MUST ( cn )
MAY ( tcdnetsoc-value ) )
Jump to Line
Something went wrong with that request. Please try again.