mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-25 08:21:05 -06:00
46 lines
4.1 KiB
Plaintext
46 lines
4.1 KiB
Plaintext
## schema file for ipa configuration
|
|
##
|
|
## IPA Base OID: 2.16.840.1.113730.3.8
|
|
##
|
|
## Attributes: 2.16.840.1.113730.3.8.1
|
|
## ObjectClasses: 2.16.840.1.113730.3.8.2
|
|
dn: cn=schema
|
|
###############################################
|
|
##
|
|
## Attributes
|
|
##
|
|
## ipaUserSearchFields - attribute names to search against when looking for users
|
|
attributetypes: ( 2.16.840.1.113730.3.8.1.1 NAME 'ipaUserSearchFields' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
|
|
## ipaGroupSearchFields - attribute names to search against when looking for groups
|
|
attributetypes: ( 2.16.840.1.113730.3.8.1.2 NAME 'ipaGroupSearchFields' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
|
|
## ipaSearchTimeLimit - search time limit in seconds
|
|
attributetypes: ( 2.16.840.1.113730.3.8.1.3 NAME 'ipaSearchTimeLimit' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
|
|
## ipaSearchRecordsLimit - maximum number of records to return
|
|
attributetypes: ( 2.16.840.1.113730.3.8.1.4 NAME 'ipaSearchRecordsLimit' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
|
|
## ipaCustomFields - custom fields to show in the UI in addition to pre-defined ones
|
|
attributetypes: ( 2.16.840.1.113730.3.8.1.5 NAME 'ipaCustomFields' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
|
|
## ipaHomesRootDir - default posix home directory root dir to use when creating new accounts
|
|
attributetypes: ( 2.16.840.1.113730.3.8.1.6 NAME 'ipaHomesRootDir' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE)
|
|
## ipaDefaultLoginShell - default posix login shell to use when creating new accounts
|
|
attributetypes: ( 2.16.840.1.113730.3.8.1.7 NAME 'ipaDefaultLoginShell' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE)
|
|
## ipaDefaultPrimaryGroup - default posix primary group to assign when creating new accounts
|
|
attributetypes: ( 2.16.840.1.113730.3.8.1.8 NAME 'ipaDefaultPrimaryGroup' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE)
|
|
## ipaMaxUsernameLength - maximum username length to allow in the UI
|
|
attributetypes: ( 2.16.840.1.113730.3.8.1.9 NAME 'ipaMaxUsernameLength' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
|
|
## ipaPwdExpAdvNotify - time in days to send out paswword expiration notification before passwpord actually expires
|
|
attributetypes: ( 2.16.840.1.113730.3.8.1.10 NAME 'ipaPwdExpAdvNotify' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
|
|
# ipaUserObjectClasses - required objectclasses for users
|
|
attributetypes: ( 2.16.840.1.113730.3.8.1.11 NAME 'ipaUserObjectClasses' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
|
|
# ipaGroupObjectClasses - required objectclasses for groups
|
|
attributetypes: ( 2.16.840.1.113730.3.8.1.12 NAME 'ipaGroupObjectClasses' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
|
|
attributetypes: ( 2.16.840.1.113730.3.8.1.13 NAME 'ipaDefaultEmailDomain' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
|
|
attributeTypes: ( 2.16.840.1.113730.3.8.3.50 NAME 'ipaObsoleteEscrowPacketLifetime' DESC 'Number of days before an obsolete escrow packet is deleted (if a newer packet for the same volume is available)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
|
|
attributeTypes: (2.16.840.1.113730.3.8.3.51 NAME 'ipaEscrowKeyCertificate' DESC 'Certificate for encrypting escrow packets' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 SINGLE-VALUE)
|
|
attributeTypes: (2.16.840.1.113730.3.8.3.52 NAME 'ipaEscrowKey' DESC 'PKCS#12-formatted encrypted certificate and private key for encrypting escrow packets' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5)
|
|
###############################################
|
|
##
|
|
## ObjectClasses
|
|
##
|
|
## ipaGuiConfig - GUI config parameters objectclass
|
|
objectClasses: ( 2.16.840.1.113730.3.8.2.1 NAME 'ipaGuiConfig' AUXILIARY MAY ( ipaUserSearchFields $ ipaGroupSearchFields $ ipaSearchTimeLimit $ ipaSearchRecordsLimit $ ipaCustomFields $ ipaHomesRootDir $ ipaDefaultLoginShell $ ipaDefaultPrimaryGroup $ ipaMaxUsernameLength $ ipaPwdExpAdvNotify $ ipaUserObjectClasses $ ipaGroupObjectClasses $ ipaDefaultEmailDomain $ ipaObsoleteEscrowPacketLifetime $ ipaEscrowKeyCertificate $ ipaEscrowKey) )
|