mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-01-13 09:41:55 -06:00
1816643a43
Add new attributes and objectclasses to support new features: - global bind-dyndb-ldap settings in LDAP - conditional per-zone forwarding - per-zone configuration of automatic PTR updates - AllowQuery and AllowTransfer ACIs https://fedorahosted.org/freeipa/ticket/2215 https://fedorahosted.org/freeipa/ticket/2072
72 lines
2.7 KiB
Plaintext
72 lines
2.7 KiB
Plaintext
#
|
|
# New schema enhancements from:
|
|
# https://fedorahosted.org/bind-dyndb-ldap/browser/doc/schema
|
|
#
|
|
dn: cn=schema
|
|
add:attributeTypes:
|
|
( 2.16.840.1.113730.3.8.5.11
|
|
NAME 'idnsAllowQuery'
|
|
DESC 'BIND9 allow-query ACL element'
|
|
EQUALITY caseIgnoreIA5Match
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
|
|
SINGLE-VALUE
|
|
X-ORIGIN 'IPA v2')
|
|
add:attributeTypes:
|
|
( 2.16.840.1.113730.3.8.5.12
|
|
NAME 'idnsAllowTransfer'
|
|
DESC 'BIND9 allow-transfer ACL element'
|
|
EQUALITY caseIgnoreIA5Match
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
|
|
SINGLE-VALUE
|
|
X-ORIGIN 'IPA v2')
|
|
add:attributeTypes:
|
|
( 2.16.840.1.113730.3.8.5.13
|
|
NAME 'idnsAllowSyncPTR'
|
|
DESC 'permit synchronization of PTR records'
|
|
EQUALITY booleanMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
|
|
SINGLE-VALUE
|
|
X-ORIGIN 'IPA v2' )
|
|
add:attributeTypes:
|
|
( 2.16.840.1.113730.3.8.5.14
|
|
NAME 'idnsForwardPolicy'
|
|
DESC 'forward policy: only or first'
|
|
EQUALITY caseIgnoreIA5Match
|
|
SUBSTR caseIgnoreIA5SubstringsMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
|
|
SINGLE-VALUE
|
|
X-ORIGIN 'IPA v2' )
|
|
add:attributeTypes:
|
|
( 2.16.840.1.113730.3.8.5.15
|
|
NAME 'idnsForwarders'
|
|
DESC 'list of forwarders'
|
|
EQUALITY caseIgnoreIA5Match
|
|
SUBSTR caseIgnoreIA5SubstringsMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
|
|
X-ORIGIN 'IPA v2' )
|
|
add:attributeTypes:
|
|
( 2.16.840.1.113730.3.8.5.16
|
|
NAME 'idnsZoneRefresh'
|
|
DESC 'zone refresh interval'
|
|
EQUALITY integerMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
|
|
SINGLE-VALUE
|
|
X-ORIGIN 'IPA v2' )
|
|
add:attributeTypes:
|
|
( 2.16.840.1.113730.3.8.5.17
|
|
NAME 'idnsPersistentSearch'
|
|
DESC 'allow persistent searches'
|
|
EQUALITY booleanMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
|
|
SINGLE-VALUE
|
|
X-ORIGIN 'IPA v2' )
|
|
add:objectClasses:
|
|
( 2.16.840.1.113730.3.8.6.2
|
|
NAME 'idnsConfigObject'
|
|
DESC 'DNS global config options'
|
|
STRUCTURAL
|
|
MAY ( idnsForwardPolicy $$ idnsForwarders $$ idnsAllowSyncPTR $$
|
|
idnsZoneRefresh $$ idnsPersistentSearch
|
|
) )
|
|
replace:objectClasses:( 2.16.840.1.113730.3.8.6.1 NAME 'idnsZone' DESC 'Zone class' SUP idnsRecord STRUCTURAL MUST ( idnsZoneActive $$ idnsSOAmName $$ idnsSOArName $$ idnsSOAserial $$ idnsSOArefresh $$ idnsSOAretry $$ idnsSOAexpire $$ idnsSOAminimum ) MAY idnsUpdatePolicy )::( 2.16.840.1.113730.3.8.6.1 NAME 'idnsZone' DESC 'Zone class' SUP idnsRecord STRUCTURAL MUST ( idnsName $$ idnsZoneActive $$ idnsSOAmName $$ idnsSOArName $$ idnsSOAserial $$ idnsSOArefresh $$ idnsSOAretry $$ idnsSOAexpire $$ idnsSOAminimum ) MAY ( idnsUpdatePolicy $$ idnsAllowQuery $$ idnsAllowTransfer $$ idnsAllowSyncPTR $$ idnsForwardPolicy $$ idnsForwarders ) )
|