# Novell Consulting UK, Feb 2006 # # This file contains custom LDAP Directory schema attributes for SecureLogin # # Sample ICE command to import this file : # ice -S LDIF -f NSLSchema.ldif -D LDAP -s 127.0.0.1 -p 636 -d cn=admin,ou=services,o=corp -w secret # # # version 1.0 # # David Guest: 11/10/06 # #########################################################################################This LDIF file was generated by Novell's ICE and the LDIF destination handler. version: 1 dn: cn=schema changetype: modify dn: cn=schema changetype: modify add: attributeTypes attributeTypes: ( 2.16.840.1.113719.2.26.4.2.1 NAME 'protocom-SSO-Entries' DES C 'SecureLogin Entries' SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{64512} X-NDS_NA ME 'Prot:SSO Entry' )dn: cn=schema dn: cn=schema changetype: modify add: attributeTypes attributeTypes: ( 2.16.840.1.113719.2.26.4.3.1 NAME 'protocom-SSO-Profile' DES C 'SecureLogin Profile' SYNTAX 2.16.840.1.113719.1.1.5.1.15{64512} SINGLE-VA LUE X-NDS_NAME 'Prot:SSO Profile' )dn: cn=schema dn: cn=schema changetype: modify add: attributeTypes attributeTypes: ( 2.16.840.1.113719.2.26.4.4.1 NAME 'protocom-SSO-Security-Pre fs' DESC 'SecureLogin Entries' SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{64512} X -NDS_NAME 'Prot:SSO Security Prefs' )dn: cn=schema dn: cn=schema changetype: modify add: attributeTypes attributeTypes: ( 2.16.840.1.113719.2.26.4.6.1 NAME 'protocom-SSO-Security-Pre fs-Checksum' DESC 'SecureLogin Security Prefs Checksum' SYNTAX 1.3.6.1.4.1.1 466.115.121.1.40{64512} SINGLE-VALUE X-NDS_NAME 'Prot:SSO Security Prefs Che cksum' )dn: cn=schema dn: cn=schema changetype: modify add: attributeTypes attributeTypes: ( 2.16.840.1.113719.2.26.4.5.1 NAME 'protocom-SSO-Entries-Chec ksum' DESC 'SecureLogin Entries Checksum' SYNTAX 1.3.6.1.4.1.1466.115.121.1. 40{64512} SINGLE-VALUE X-NDS_NAME 'Prot:SSO Entry Checksum' ) dn: cn=schema changetype: modify add: attributeTypes attributeTypes: ( 2.16.840.1.113719.2.26.4.1.1 NAME 'protocom-SSO-Auth-Data' D ESC 'SecureLogin Authorization Data' SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{64 512} SINGLE-VALUE X-NDS_NAME 'Prot:SSO Auth' ) dn: cn=schema changetype: Modify delete: objectClasses objectClasses: ( 2.5.6.2 NAME 'Country' ) - add: objectClasses objectClasses: ( 2.5.6.2 NAME 'Country' SUP Top STRUCTURAL MUST c MAY ( descri ption $ searchGuide $ sssActiveServerList $ sssServerPolicyOverrideDN $ prot ocom-SSO-Entries $ protocom-SSO-Profile $ protocom-SSO-Security-Prefs $ prot ocom-SSO-Security-Prefs-Checksum $ protocom-SSO-Entries-Checksum ) X-NDS_NAM ING 'c' X-NDS_CONTAINMENT ( 'Top' 'treeRoot' 'domain' ) X-NDS_NONREMOVABLE ' 1' ) dn: cn=schema changetype: Modify delete: objectClasses objectClasses: ( 2.5.6.3 NAME 'Locality' ) - add: objectClasses objectClasses: ( 2.5.6.3 NAME 'Locality' SUP Top STRUCTURAL MAY ( description $ l $ seeAlso $ st $ street $ searchGuide $ sssActiveServerList $ sssServerP olicyOverrideDN $ protocom-SSO-Entries $ protocom-SSO-Profile $ protocom-SSO -Security-Prefs $ protocom-SSO-Security-Prefs-Checksum $ protocom-SSO-Entrie s-Checksum ) X-NDS_NAMING ( 'l' 'st' ) X-NDS_CONTAINMENT ( 'Country' 'organi zationalUnit' 'Locality' 'Organization' 'domain' ) X-NDS_NONREMOVABLE '1' ) dn: cn=schema changetype: Modify delete: objectClasses objectClasses: ( 2.5.6.4 NAME 'Organization' ) - add: objectClasses objectClasses: ( 2.5.6.4 NAME 'Organization' SUP ( ndsLoginProperties $ ndsCon tainerLoginProperties ) STRUCTURAL MUST o MAY ( description $ facsimileTelep honeNumber $ l $ loginScript $ eMailAddress $ physicalDeliveryOfficeName $ p ostalAddress $ postalCode $ postOfficeBox $ printJobConfiguration $ printerC ontrol $ seeAlso $ st $ street $ telephoneNumber $ loginIntruderLimit $ intr uderAttemptResetInterval $ detectIntruder $ lockoutAfterDetection $ intruder LockoutResetInterval $ nNSDomain $ mailboxLocation $ mailboxID $ x121Address $ registeredAddress $ destinationIndicator $ preferredDeliveryMethod $ tele xNumber $ teletexTerminalIdentifier $ internationaliSDNNumber $ businessCate gory $ searchGuide $ rADIUSAttributeLists $ rADIUSDefaultProfile $ rADIUSDia lAccessGroup $ rADIUSEnableDialAccess $ rADIUSServiceList $ sssActiveServerL ist $ sssServerPolicyOverrideDN $ protocom-SSO-Entries $ protocom-SSO-Profil e $ protocom-SSO-Security-Prefs $ protocom-SSO-Security-Prefs-Checksum $ pro tocom-SSO-Entries-Checksum $ userPassword ) X-NDS_NAMING 'o' X-NDS_CONTAINME NT ( 'Top' 'treeRoot' 'Country' 'Locality' 'domain' ) X-NDS_NONREMOVABLE '1' X-NDS_ACL_TEMPLATES ( '2#entry#[Self]#loginScript' '2#entry#[Self]#printJob Configuration') ) dn: cn=schema changetype: Modify delete: objectClasses objectClasses: ( 2.5.6.5 NAME 'organizationalUnit' ) - add: objectClasses objectClasses: ( 2.5.6.5 NAME 'organizationalUnit' SUP ( ndsLoginProperties $ ndsContainerLoginProperties ) STRUCTURAL MUST ou MAY ( description $ facsimi leTelephoneNumber $ l $ loginScript $ eMailAddress $ physicalDeliveryOfficeN ame $ postalAddress $ postalCode $ postOfficeBox $ printJobConfiguration $ p rinterControl $ seeAlso $ st $ street $ telephoneNumber $ loginIntruderLimit $ intruderAttemptResetInterval $ detectIntruder $ lockoutAfterDetection $ i ntruderLockoutResetInterval $ nNSDomain $ mailboxLocation $ mailboxID $ x121 Address $ registeredAddress $ destinationIndicator $ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ internationaliSDNNumber $ busin essCategory $ searchGuide $ rADIUSAttributeLists $ rADIUSDefaultProfile $ rA DIUSDialAccessGroup $ rADIUSEnableDialAccess $ rADIUSServiceList $ sssActive ServerList $ sssServerPolicyOverrideDN $ protocom-SSO-Entries $ protocom-SSO -Profile $ protocom-SSO-Security-Prefs $ protocom-SSO-Security-Prefs-Checksu m $ protocom-SSO-Entries-Checksum $ userPassword ) X-NDS_NAMING 'ou' X-NDS_C ONTAINMENT ( 'Locality' 'Organization' 'organizationalUnit' 'domain' ) X-NDS _NAME 'Organizational Unit' X-NDS_NONREMOVABLE '1' X-NDS_ACL_TEMPLATES ( '2# entry#[Self]#loginScript' '2#entry#[Self]#printJobConfiguration') ) dn: cn=schema changetype: Modify delete: objectClasses objectClasses: ( 2.16.840.1.113730.3.2.2 NAME 'inetOrgPerson' ) - add: objectClasses objectClasses: ( 2.16.840.1.113730.3.2.2 NAME 'inetOrgPerson' SUP organization alPerson STRUCTURAL MAY ( groupMembership $ ndsHomeDirectory $ loginAllowedT imeMap $ loginDisabled $ loginExpirationTime $ loginGraceLimit $ loginGraceR emaining $ loginIntruderAddress $ loginIntruderAttempts $ loginIntruderReset Time $ loginMaximumSimultaneous $ loginScript $ loginTime $ networkAddressRe striction $ networkAddress $ passwordsUsed $ passwordAllowChange $ passwordE xpirationInterval $ passwordExpirationTime $ passwordMinimumLength $ passwor dRequired $ passwordUniqueRequired $ printJobConfiguration $ privateKey $ Pr ofile $ publicKey $ securityEquals $ accountBalance $ allowUnlimitedCredit $ minimumAccountBalance $ messageServer $ Language $ lockedByIntruder $ serve rHolds $ lastLoginTime $ typeCreatorMap $ higherPrivileges $ printerControl $ securityFlags $ profileMembership $ Timezone $ sASServiceDN $ sASSecretSto re $ sASSecretStoreKey $ sASSecretStoreData $ sASPKIStoreKeys $ userCertific ate $ nDSPKIUserCertificateInfo $ nDSPKIKeystore $ rADIUSActiveConnections $ rADIUSAttributeLists $ rADIUSConcurrentLimit $ rADIUSConnectionHistory $ rA DIUSDefaultProfile $ rADIUSDialAccessGroup $ rADIUSEnableDialAccess $ rADIUS Password $ rADIUSServiceList $ audio $ businessCategory $ carLicense $ depar tmentNumber $ employeeNumber $ employeeType $ givenName $ homePhone $ homePo stalAddress $ initials $ jpegPhoto $ labeledUri $ mail $ manager $ mobile $ pager $ ldapPhoto $ preferredLanguage $ roomNumber $ secretary $ uid $ userS MIMECertificate $ x500UniqueIdentifier $ displayName $ userPKCS12 $ sssProxy StoreKey $ sssProxyStoreSecrets $ sssServerPolicyOverrideDN $ protocom-SSO-E ntries $ protocom-SSO-Profile $ protocom-SSO-Security-Prefs $ protocom-SSO-S ecurity-Prefs-Checksum $ protocom-SSO-Entries-Checksum $ protocom-SSO-Auth-D ata ) X-NDS_NAME 'User' X-NDS_NOT_CONTAINER '1' X-NDS_NONREMOVABLE '1' X-NDS _ACL_TEMPLATES ( '2#subtree#[Self]#[All Attributes Rights]' '6#entry#[Self]# loginScript' '1#subtree#[Root Template]#[Entry Rights]' '2#entry#[Public]#me ssageServer' '2#entry#[Root Template]#groupMembership' '6#entry#[Self]#print JobConfiguration' '2#entry#[Root Template]#networkAddress') )dn: cn=schema