ldaptic 0.2.0 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -52,6 +52,7 @@ module Ldaptic
52
52
  def base=(dn)
53
53
  @base = Ldaptic::DN(dn, self)
54
54
  end
55
+ alias dn= base=
55
56
  # Access the base DN.
56
57
  def base
57
58
  @base ||= Ldaptic::DN(adapter.default_base_dn, self)
@@ -140,14 +141,14 @@ module Ldaptic
140
141
  private :search_options
141
142
 
142
143
  def find_one(dn, options)
143
- objects = search(options.merge(:base => dn, :scope => :base, :limit => false))
144
- unless objects.size == 1
144
+ object = search(options.merge(:base => dn, :scope => :base, :limit => true))
145
+ unless object
145
146
  # For a missing DN, the error will be raised automatically. If the
146
147
  # DN does exist but is not returned (e.g., it doesn't match the given
147
148
  # filter), we'll simulate it instead.
148
149
  Ldaptic::Errors.raise(Ldaptic::Errors::NoSuchObject.new("record not found for #{dn}"))
149
150
  end
150
- objects.first
151
+ object
151
152
  end
152
153
  private :find_one
153
154
 
@@ -248,19 +249,21 @@ module Ldaptic
248
249
 
249
250
  # Performs an LDAP add.
250
251
  def add(dn, attributes)
251
- log_dispatch(:add, dn, attributes)
252
252
  attributes = normalize_attributes(attributes)
253
+ log_dispatch(:add, dn, attributes)
253
254
  adapter.add(dn, attributes)
254
255
  end
255
256
 
256
257
  # Performs an LDAP modify.
257
258
  def modify(dn, attributes)
258
- log_dispatch(:modify, dn, attributes)
259
259
  if attributes.kind_of?(Hash)
260
260
  attributes = normalize_attributes(attributes)
261
261
  else
262
- attributes = attributes.map {|(action, key, values)| [action, Ldaptic.encode(key), Array(values)]}
262
+ attributes = attributes.map do |(action, key, values)|
263
+ [action, Ldaptic.encode(key), values.respond_to?(:before_type_cast) ? values.before_type_cast : Array(values)]
264
+ end
263
265
  end
266
+ log_dispatch(:modify, dn, attributes)
264
267
  adapter.modify(dn, attributes) unless attributes.empty?
265
268
  end
266
269
 
@@ -272,7 +275,7 @@ module Ldaptic
272
275
 
273
276
  # Performs an LDAP modrdn.
274
277
  def rename(dn, new_rdn, delete_old, *args)
275
- log_dispatch(:delete, dn, new_rdn, delete_old, *args)
278
+ log_dispatch(:rename, dn, new_rdn, delete_old, *args)
276
279
  adapter.rename(dn, new_rdn.to_str, delete_old, *args)
277
280
  end
278
281
 
@@ -200,6 +200,11 @@ module Ldaptic
200
200
  Ldaptic::SYNTAXES[syntax_oid]
201
201
  end
202
202
  alias syntax syntax_object
203
+
204
+ def matchable(value)
205
+ Ldaptic::MatchingRules.for(equality).new.matchable(Ldaptic.encode(value))
206
+ end
207
+
203
208
  end
204
209
 
205
210
  class MatchingRule < NameDescObsoleteDefiniton
@@ -244,3 +249,4 @@ module Ldaptic
244
249
  end
245
250
 
246
251
  require 'ldaptic/syntaxes'
252
+ require 'ldaptic/matching_rules'
@@ -11,7 +11,7 @@ class LdapticAdaptersTest < Test::Unit::TestCase
11
11
 
12
12
  def test_should_parameterize_search_options
13
13
  assert_equal(
14
- ["DC=org", 0, "(objectClass=*)", nil, false, 1, 10_000, "", nil],
14
+ ["DC=org", 0, "(objectClass=*)", nil, false, 1, 10_000],
15
15
  @ldap_conn.instance_eval { search_parameters(
16
16
  :base => "DC=org",
17
17
  :scope => 0,
@@ -35,6 +35,7 @@ class LdapticAttributeSetTest < Test::Unit::TestCase
35
35
  assert_equal ["foo", "bar"], @description
36
36
  assert_same @description, @description.unshift([["baz"]])
37
37
  assert_equal ["baz", "foo", "bar"], @description
38
+ assert_equal 1, @description.index('foo')
38
39
  assert_equal "foo", @description.delete("foo")
39
40
  assert_nil @description.delete("foo")
40
41
  @description.clear
@@ -107,4 +107,9 @@ class LdapticDNTest < Test::Unit::TestCase
107
107
  assert_raise(TypeError) { Ldaptic::RDN(Object.new => "whee") }
108
108
  end
109
109
 
110
+ def test_domain
111
+ assert_equal 'example.com', Ldaptic::DN('ou=Users,dc=example,dc=com').domain
112
+ assert_nil Ldaptic::DN('ou=Users').domain
113
+ end
114
+
110
115
  end
@@ -11,6 +11,7 @@ class LdapticHierarchyTest < Test::Unit::TestCase
11
11
  assert_raise(NoMethodError) { Mock.new }
12
12
  assert_equal Mock::Top, Mock::Person.superclass
13
13
  assert Mock::Person.method_defined?(:sn)
14
+ assert Mock::Person.method_defined?(:surname)
14
15
  assert !Mock::Top.method_defined?(:sn)
15
16
  assert_equal [], Mock::Top.aux
16
17
  assert_equal %w(simpleSecurityObject), Mock::Person.aux
@@ -0,0 +1,38 @@
1
+ require File.join(File.dirname(File.expand_path(__FILE__)),'test_helper')
2
+ require 'ldaptic/matching_rules'
3
+
4
+ class LdapticMatchingRulesTest < Test::Unit::TestCase
5
+ include Ldaptic::MatchingRules
6
+
7
+ def test_for
8
+ assert_equal GeneralizedTimeMatch, Ldaptic::MatchingRules.for("generalizedTimeMatch")
9
+ end
10
+
11
+ def test_case_exact_match
12
+ assert CaseExactMatch.new.match(' A bc', 'A bc')
13
+ assert !CaseExactMatch.new.match(' A bc', 'a bC')
14
+ end
15
+
16
+ def test_case_ignore_match
17
+ assert CaseIgnoreMatch.new.match(' A bc', 'a bC')
18
+ end
19
+
20
+ def test_generalized_time_match
21
+ assert_equal Time.utc(2000,1,1,12,34,56), GeneralizedTimeMatch.new.matchable("20000101123456.0Z")
22
+ end
23
+
24
+ def test_numeric_string
25
+ assert NumericStringMatch.new.match(' 123 4', '123 4')
26
+ assert !NumericStringMatch.new.match('1234', '1235')
27
+ end
28
+
29
+ def test_distinguished_name_match
30
+ assert DistinguishedNameMatch.new.match('a=1+b=2', 'B=2+A=1')
31
+ assert !DistinguishedNameMatch.new.match('a=1,b=2', 'b=2,a=1')
32
+ end
33
+
34
+ def test_telephone_number_match
35
+ assert TelephoneNumberMatch.new.match("911", "9 1-1-")
36
+ end
37
+
38
+ end
metadata CHANGED
@@ -1,12 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ldaptic
3
3
  version: !ruby/object:Gem::Version
4
+ hash: 21
4
5
  prerelease: false
5
6
  segments:
6
7
  - 0
7
8
  - 2
8
- - 0
9
- version: 0.2.0
9
+ - 1
10
+ version: 0.2.1
10
11
  platform: ruby
11
12
  authors:
12
13
  - Tim Pope
@@ -14,7 +15,7 @@ autorequire:
14
15
  bindir: bin
15
16
  cert_chain: []
16
17
 
17
- date: 2011-01-25 00:00:00 -05:00
18
+ date: 2011-01-30 00:00:00 -05:00
18
19
  default_executable:
19
20
  dependencies:
20
21
  - !ruby/object:Gem::Dependency
@@ -25,6 +26,7 @@ dependencies:
25
26
  requirements:
26
27
  - - ~>
27
28
  - !ruby/object:Gem::Version
29
+ hash: 59
28
30
  segments:
29
31
  - 0
30
32
  - 9
@@ -40,6 +42,7 @@ dependencies:
40
42
  requirements:
41
43
  - - ~>
42
44
  - !ruby/object:Gem::Version
45
+ hash: 27
43
46
  segments:
44
47
  - 0
45
48
  - 1
@@ -55,6 +58,7 @@ dependencies:
55
58
  requirements:
56
59
  - - ~>
57
60
  - !ruby/object:Gem::Version
61
+ hash: 7
58
62
  segments:
59
63
  - 3
60
64
  - 0
@@ -76,7 +80,6 @@ files:
76
80
  - LICENSE
77
81
  - lib/ldaptic/adapters.rb
78
82
  - lib/ldaptic/syntaxes.rb
79
- - lib/ldaptic/railtie.rb
80
83
  - lib/ldaptic/entry.rb
81
84
  - lib/ldaptic/filter.rb
82
85
  - lib/ldaptic/error_set.rb
@@ -92,8 +95,9 @@ files:
92
95
  - lib/ldaptic/adapters/active_directory_ext.rb
93
96
  - lib/ldaptic/adapters/net_ldap_adapter.rb
94
97
  - lib/ldaptic/adapters/ldap_conn_adapter.rb
95
- - lib/ldaptic/active_model.rb
98
+ - lib/ldaptic/matching_rules.rb
96
99
  - lib/ldaptic.rb
100
+ - test/ldaptic_matching_rules_test.rb
97
101
  - test/ldaptic_escape_test.rb
98
102
  - test/ldaptic_schema_test.rb
99
103
  - test/ldaptic_adapters_test.rb
@@ -104,11 +108,8 @@ files:
104
108
  - test/ldaptic_dn_test.rb
105
109
  - test/test_helper.rb
106
110
  - test/ldaptic_errors_test.rb
107
- - test/rbslapd1.rb
108
111
  - test/ldaptic_hierarchy_test.rb
109
112
  - test/ldaptic_attribute_set_test.rb
110
- - test/core.schema
111
- - test/rbslapd4.rb
112
113
  - test/ldaptic_syntaxes_test.rb
113
114
  has_rdoc: true
114
115
  homepage: http://github.com/tpope/ldaptic
@@ -124,6 +125,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
124
125
  requirements:
125
126
  - - ">="
126
127
  - !ruby/object:Gem::Version
128
+ hash: 3
127
129
  segments:
128
130
  - 0
129
131
  version: "0"
@@ -132,6 +134,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
132
134
  requirements:
133
135
  - - ">="
134
136
  - !ruby/object:Gem::Version
137
+ hash: 3
135
138
  segments:
136
139
  - 0
137
140
  version: "0"
@@ -1,37 +0,0 @@
1
- require 'active_model'
2
- require 'ldaptic'
3
-
4
- ActiveModel::EachValidator.class_eval do
5
- def validate(record)
6
- attributes.each do |attribute|
7
- values = record.read_attribute_for_validation(attribute)
8
- values = [values] unless values.respond_to?(:before_type_cast)
9
- values.each do |value|
10
- next if (value.nil? && options[:allow_nil]) || (value.blank? && options[:allow_blank])
11
- validate_each(record, attribute, value)
12
- end
13
- end
14
- end
15
- end
16
-
17
- class Ldaptic::Entry
18
- include ActiveModel::Validations
19
- include ActiveModel::Serializers::Xml
20
- include ActiveModel::Serializers::JSON
21
- include ActiveModel::Dirty
22
- include ActiveModel::Callbacks
23
-
24
- def read_attribute_for_validation(attribute)
25
- read_attribute(attribute.to_sym, true)
26
- end
27
-
28
- # define_model_callbacks(:save, :destroy)
29
-
30
- validate do
31
- @attributes.keys.each do |key|
32
- self[key].errors.each do |error|
33
- errors.add(key, error)
34
- end
35
- end
36
- end if respond_to?(:validate)
37
- end
@@ -1,9 +0,0 @@
1
- require 'ldaptic'
2
- require 'ldaptic/before_type_cast'
3
-
4
- class Ldaptic::Entry
5
- include Ldaptic::BeforeTypeCast
6
- if defined?(ActiveModel)
7
- extend ActiveModel::Naming
8
- end
9
- end
data/test/core.schema DELETED
@@ -1,582 +0,0 @@
1
- # OpenLDAP Core schema
2
- # $OpenLDAP: pkg/ldap/servers/slapd/schema/core.schema,v 1.68.2.6 2005/01/20 17:01:18 kurt Exp $
3
- ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
4
- ##
5
- ## Copyright 1998-2005 The OpenLDAP Foundation.
6
- ## All rights reserved.
7
- ##
8
- ## Redistribution and use in source and binary forms, with or without
9
- ## modification, are permitted only as authorized by the OpenLDAP
10
- ## Public License.
11
- ##
12
- ## A copy of this license is available in the file LICENSE in the
13
- ## top-level directory of the distribution or, alternatively, at
14
- ## <http://www.OpenLDAP.org/license.html>.
15
- #
16
- ## Portions Copyright (C) The Internet Society (1997-2003).
17
- ## All Rights Reserved.
18
- ##
19
- ## This document and translations of it may be copied and furnished to
20
- ## others, and derivative works that comment on or otherwise explain it
21
- ## or assist in its implementation may be prepared, copied, published
22
- ## and distributed, in whole or in part, without restriction of any
23
- ## kind, provided that the above copyright notice and this paragraph are
24
- ## included on all such copies and derivative works. However, this
25
- ## document itself may not be modified in any way, such as by removing
26
- ## the copyright notice or references to the Internet Society or other
27
- ## Internet organizations, except as needed for the purpose of
28
- ## developing Internet standards in which case the procedures for
29
- ## copyrights defined in the Internet Standards process must be
30
- ## followed, or as required to translate it into languages other than
31
- ## English.
32
- ##
33
- ## The limited permissions granted above are perpetual and will not be
34
- ## revoked by the Internet Society or its successors or assigns.
35
- ##
36
- ## This document and the information contained herein is provided on an
37
- ## "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
38
- ## TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
39
- ## BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
40
- ## HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
41
- ## MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
42
-
43
- #
44
- #
45
- # Includes LDAPv3 schema items from:
46
- # RFC 2252/2256 (LDAPv3)
47
- #
48
- # Select standard track schema items:
49
- # RFC 1274 (uid/dc)
50
- # RFC 2079 (URI)
51
- # RFC 2247 (dc/dcObject)
52
- # RFC 2587 (PKI)
53
- # RFC 2589 (Dynamic Directory Services)
54
- #
55
- # Select informational schema items:
56
- # RFC 2377 (uidObject)
57
-
58
- #
59
- # Standard attribute types from RFC 2256
60
- #
61
-
62
- # system schema
63
- #attributetype ( 2.5.4.0 NAME 'objectClass'
64
- # DESC 'RFC2256: object classes of the entity'
65
- # EQUALITY objectIdentifierMatch
66
- # SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
67
-
68
- # system schema
69
- #attributetype ( 2.5.4.1 NAME ( 'aliasedObjectName' 'aliasedEntryName' )
70
- # DESC 'RFC2256: name of aliased object'
71
- # EQUALITY distinguishedNameMatch
72
- # SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
73
-
74
- attributetype ( 2.5.4.2 NAME 'knowledgeInformation'
75
- DESC 'RFC2256: knowledge information'
76
- EQUALITY caseIgnoreMatch
77
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
78
-
79
- # system schema
80
- #attributetype ( 2.5.4.3 NAME ( 'cn' 'commonName' )
81
- # DESC 'RFC2256: common name(s) for which the entity is known by'
82
- # SUP name )
83
-
84
- attributetype ( 2.5.4.4 NAME ( 'sn' 'surname' )
85
- DESC 'RFC2256: last (family) name(s) for which the entity is known by'
86
- SUP name )
87
-
88
- attributetype ( 2.5.4.5 NAME 'serialNumber'
89
- DESC 'RFC2256: serial number of the entity'
90
- EQUALITY caseIgnoreMatch
91
- SUBSTR caseIgnoreSubstringsMatch
92
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} )
93
-
94
- attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' )
95
- DESC 'RFC2256: ISO-3166 country 2-letter code'
96
- EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
97
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.11
98
- SINGLE-VALUE )
99
-
100
- attributetype ( 2.5.4.7 NAME ( 'l' 'localityName' )
101
- DESC 'RFC2256: locality which this object resides in'
102
- SUP name )
103
-
104
- attributetype ( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' )
105
- DESC 'RFC2256: state or province which this object resides in'
106
- SUP name )
107
-
108
- attributetype ( 2.5.4.9 NAME ( 'street' 'streetAddress' )
109
- DESC 'RFC2256: street address of this object'
110
- EQUALITY caseIgnoreMatch
111
- SUBSTR caseIgnoreSubstringsMatch
112
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
113
-
114
- attributetype ( 2.5.4.10 NAME ( 'o' 'organizationName' )
115
- DESC 'RFC2256: organization this object belongs to'
116
- SUP name )
117
-
118
- attributetype ( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' )
119
- DESC 'RFC2256: organizational unit this object belongs to'
120
- SUP name )
121
-
122
- attributetype ( 2.5.4.12 NAME 'title'
123
- DESC 'RFC2256: title associated with the entity'
124
- SUP name )
125
-
126
- attributetype ( 2.5.4.13 NAME 'description'
127
- DESC 'RFC2256: descriptive information'
128
- EQUALITY caseIgnoreMatch
129
- SUBSTR caseIgnoreSubstringsMatch
130
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} )
131
-
132
- # Obsoleted by enhancedSearchGuide
133
- attributetype ( 2.5.4.14 NAME 'searchGuide'
134
- DESC 'RFC2256: search guide, obsoleted by enhancedSearchGuide'
135
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.25 )
136
-
137
- attributetype ( 2.5.4.15 NAME 'businessCategory'
138
- DESC 'RFC2256: business category'
139
- EQUALITY caseIgnoreMatch
140
- SUBSTR caseIgnoreSubstringsMatch
141
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
142
-
143
- attributetype ( 2.5.4.16 NAME 'postalAddress'
144
- DESC 'RFC2256: postal address'
145
- EQUALITY caseIgnoreListMatch
146
- SUBSTR caseIgnoreListSubstringsMatch
147
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
148
-
149
- attributetype ( 2.5.4.17 NAME 'postalCode'
150
- DESC 'RFC2256: postal code'
151
- EQUALITY caseIgnoreMatch
152
- SUBSTR caseIgnoreSubstringsMatch
153
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )
154
-
155
- attributetype ( 2.5.4.18 NAME 'postOfficeBox'
156
- DESC 'RFC2256: Post Office Box'
157
- EQUALITY caseIgnoreMatch
158
- SUBSTR caseIgnoreSubstringsMatch
159
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )
160
-
161
- attributetype ( 2.5.4.19 NAME 'physicalDeliveryOfficeName'
162
- DESC 'RFC2256: Physical Delivery Office Name'
163
- EQUALITY caseIgnoreMatch
164
- SUBSTR caseIgnoreSubstringsMatch
165
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
166
-
167
- attributetype ( 2.5.4.20 NAME 'telephoneNumber'
168
- DESC 'RFC2256: Telephone Number'
169
- EQUALITY telephoneNumberMatch
170
- SUBSTR telephoneNumberSubstringsMatch
171
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} )
172
-
173
- attributetype ( 2.5.4.21 NAME 'telexNumber'
174
- DESC 'RFC2256: Telex Number'
175
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 )
176
-
177
- attributetype ( 2.5.4.22 NAME 'teletexTerminalIdentifier'
178
- DESC 'RFC2256: Teletex Terminal Identifier'
179
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 )
180
-
181
- attributetype ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' )
182
- DESC 'RFC2256: Facsimile (Fax) Telephone Number'
183
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 )
184
-
185
- attributetype ( 2.5.4.24 NAME 'x121Address'
186
- DESC 'RFC2256: X.121 Address'
187
- EQUALITY numericStringMatch
188
- SUBSTR numericStringSubstringsMatch
189
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} )
190
-
191
- attributetype ( 2.5.4.25 NAME 'internationaliSDNNumber'
192
- DESC 'RFC2256: international ISDN number'
193
- EQUALITY numericStringMatch
194
- SUBSTR numericStringSubstringsMatch
195
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} )
196
-
197
- attributetype ( 2.5.4.26 NAME 'registeredAddress'
198
- DESC 'RFC2256: registered postal address'
199
- SUP postalAddress
200
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
201
-
202
- attributetype ( 2.5.4.27 NAME 'destinationIndicator'
203
- DESC 'RFC2256: destination indicator'
204
- EQUALITY caseIgnoreMatch
205
- SUBSTR caseIgnoreSubstringsMatch
206
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} )
207
-
208
- attributetype ( 2.5.4.28 NAME 'preferredDeliveryMethod'
209
- DESC 'RFC2256: preferred delivery method'
210
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.14
211
- SINGLE-VALUE )
212
-
213
- attributetype ( 2.5.4.29 NAME 'presentationAddress'
214
- DESC 'RFC2256: presentation address'
215
- EQUALITY presentationAddressMatch
216
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.43
217
- SINGLE-VALUE )
218
-
219
- attributetype ( 2.5.4.30 NAME 'supportedApplicationContext'
220
- DESC 'RFC2256: supported application context'
221
- EQUALITY objectIdentifierMatch
222
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
223
-
224
- attributetype ( 2.5.4.31 NAME 'member'
225
- DESC 'RFC2256: member of a group'
226
- SUP distinguishedName )
227
-
228
- attributetype ( 2.5.4.32 NAME 'owner'
229
- DESC 'RFC2256: owner (of the object)'
230
- SUP distinguishedName )
231
-
232
- attributetype ( 2.5.4.33 NAME 'roleOccupant'
233
- DESC 'RFC2256: occupant of role'
234
- SUP distinguishedName )
235
-
236
- attributetype ( 2.5.4.34 NAME 'seeAlso'
237
- DESC 'RFC2256: DN of related object'
238
- SUP distinguishedName )
239
-
240
- # system schema
241
- #attributetype ( 2.5.4.35 NAME 'userPassword'
242
- # DESC 'RFC2256/2307: password of user'
243
- # EQUALITY octetStringMatch
244
- # SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
245
-
246
- # Must be transferred using ;binary
247
- # with certificateExactMatch rule (per X.509)
248
- attributetype ( 2.5.4.36 NAME 'userCertificate'
249
- DESC 'RFC2256: X.509 user certificate, use ;binary'
250
- EQUALITY certificateExactMatch
251
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
252
-
253
- # Must be transferred using ;binary
254
- # with certificateExactMatch rule (per X.509)
255
- attributetype ( 2.5.4.37 NAME 'cACertificate'
256
- DESC 'RFC2256: X.509 CA certificate, use ;binary'
257
- EQUALITY certificateExactMatch
258
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
259
-
260
- # Must be transferred using ;binary
261
- attributetype ( 2.5.4.38 NAME 'authorityRevocationList'
262
- DESC 'RFC2256: X.509 authority revocation list, use ;binary'
263
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
264
-
265
- # Must be transferred using ;binary
266
- attributetype ( 2.5.4.39 NAME 'certificateRevocationList'
267
- DESC 'RFC2256: X.509 certificate revocation list, use ;binary'
268
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
269
-
270
- # Must be stored and requested in the binary form
271
- attributetype ( 2.5.4.40 NAME 'crossCertificatePair'
272
- DESC 'RFC2256: X.509 cross certificate pair, use ;binary'
273
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.10 )
274
-
275
- # 2.5.4.41 is defined above as it's used for subtyping
276
- #attributetype ( 2.5.4.41 NAME 'name'
277
- # EQUALITY caseIgnoreMatch
278
- # SUBSTR caseIgnoreSubstringsMatch
279
- # SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
280
-
281
- attributetype ( 2.5.4.42 NAME ( 'givenName' 'gn' )
282
- DESC 'RFC2256: first name(s) for which the entity is known by'
283
- SUP name )
284
-
285
- attributetype ( 2.5.4.43 NAME 'initials'
286
- DESC 'RFC2256: initials of some or all of names, but not the surname(s).'
287
- SUP name )
288
-
289
- attributetype ( 2.5.4.44 NAME 'generationQualifier'
290
- DESC 'RFC2256: name qualifier indicating a generation'
291
- SUP name )
292
-
293
- attributetype ( 2.5.4.45 NAME 'x500UniqueIdentifier'
294
- DESC 'RFC2256: X.500 unique identifier'
295
- EQUALITY bitStringMatch
296
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 )
297
-
298
- attributetype ( 2.5.4.46 NAME 'dnQualifier'
299
- DESC 'RFC2256: DN qualifier'
300
- EQUALITY caseIgnoreMatch
301
- ORDERING caseIgnoreOrderingMatch
302
- SUBSTR caseIgnoreSubstringsMatch
303
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 )
304
-
305
- attributetype ( 2.5.4.47 NAME 'enhancedSearchGuide'
306
- DESC 'RFC2256: enhanced search guide'
307
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 )
308
-
309
- attributetype ( 2.5.4.48 NAME 'protocolInformation'
310
- DESC 'RFC2256: protocol information'
311
- EQUALITY protocolInformationMatch
312
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.42 )
313
-
314
- # 2.5.4.49 is defined above as it's used for subtyping
315
- #attributetype ( 2.5.4.49 NAME 'distinguishedName'
316
- # EQUALITY distinguishedNameMatch
317
- # SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
318
-
319
- attributetype ( 2.5.4.50 NAME 'uniqueMember'
320
- DESC 'RFC2256: unique member of a group'
321
- EQUALITY uniqueMemberMatch
322
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 )
323
-
324
- attributetype ( 2.5.4.51 NAME 'houseIdentifier'
325
- DESC 'RFC2256: house identifier'
326
- EQUALITY caseIgnoreMatch
327
- SUBSTR caseIgnoreSubstringsMatch
328
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
329
-
330
- # Must be transferred using ;binary
331
- attributetype ( 2.5.4.52 NAME 'supportedAlgorithms'
332
- DESC 'RFC2256: supported algorithms'
333
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 )
334
-
335
- # Must be transferred using ;binary
336
- attributetype ( 2.5.4.53 NAME 'deltaRevocationList'
337
- DESC 'RFC2256: delta revocation list; use ;binary'
338
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
339
-
340
- attributetype ( 2.5.4.54 NAME 'dmdName'
341
- DESC 'RFC2256: name of DMD'
342
- SUP name )
343
-
344
-
345
- # Standard object classes from RFC2256
346
-
347
- # system schema
348
- #objectclass ( 2.5.6.1 NAME 'alias'
349
- # DESC 'RFC2256: an alias'
350
- # SUP top STRUCTURAL
351
- # MUST aliasedObjectName )
352
-
353
- objectclass ( 2.5.6.2 NAME 'country'
354
- DESC 'RFC2256: a country'
355
- SUP top STRUCTURAL
356
- MUST c
357
- MAY ( searchGuide $ description ) )
358
-
359
- objectclass ( 2.5.6.3 NAME 'locality'
360
- DESC 'RFC2256: a locality'
361
- SUP top STRUCTURAL
362
- MAY ( street $ seeAlso $ searchGuide $ st $ l $ description ) )
363
-
364
- objectclass ( 2.5.6.4 NAME 'organization'
365
- DESC 'RFC2256: an organization'
366
- SUP top STRUCTURAL
367
- MUST o
368
- MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
369
- x121Address $ registeredAddress $ destinationIndicator $
370
- preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
371
- telephoneNumber $ internationaliSDNNumber $
372
- facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
373
- postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) )
374
-
375
- objectclass ( 2.5.6.5 NAME 'organizationalUnit'
376
- DESC 'RFC2256: an organizational unit'
377
- SUP top STRUCTURAL
378
- MUST ou
379
- MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
380
- x121Address $ registeredAddress $ destinationIndicator $
381
- preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
382
- telephoneNumber $ internationaliSDNNumber $
383
- facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
384
- postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) )
385
-
386
- objectclass ( 2.5.6.6 NAME 'person'
387
- DESC 'RFC2256: a person'
388
- SUP top STRUCTURAL
389
- MUST ( sn $ cn )
390
- MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) )
391
-
392
- objectclass ( 2.5.6.7 NAME 'organizationalPerson'
393
- DESC 'RFC2256: an organizational person'
394
- SUP person STRUCTURAL
395
- MAY ( title $ x121Address $ registeredAddress $ destinationIndicator $
396
- preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
397
- telephoneNumber $ internationaliSDNNumber $
398
- facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
399
- postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l ) )
400
-
401
- objectclass ( 2.5.6.8 NAME 'organizationalRole'
402
- DESC 'RFC2256: an organizational role'
403
- SUP top STRUCTURAL
404
- MUST cn
405
- MAY ( x121Address $ registeredAddress $ destinationIndicator $
406
- preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
407
- telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
408
- seeAlso $ roleOccupant $ preferredDeliveryMethod $ street $
409
- postOfficeBox $ postalCode $ postalAddress $
410
- physicalDeliveryOfficeName $ ou $ st $ l $ description ) )
411
-
412
- objectclass ( 2.5.6.9 NAME 'groupOfNames'
413
- DESC 'RFC2256: a group of names (DNs)'
414
- SUP top STRUCTURAL
415
- MUST ( member $ cn )
416
- MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) )
417
-
418
- objectclass ( 2.5.6.10 NAME 'residentialPerson'
419
- DESC 'RFC2256: an residential person'
420
- SUP person STRUCTURAL
421
- MUST l
422
- MAY ( businessCategory $ x121Address $ registeredAddress $
423
- destinationIndicator $ preferredDeliveryMethod $ telexNumber $
424
- teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $
425
- facsimileTelephoneNumber $ preferredDeliveryMethod $ street $
426
- postOfficeBox $ postalCode $ postalAddress $
427
- physicalDeliveryOfficeName $ st $ l ) )
428
-
429
- objectclass ( 2.5.6.11 NAME 'applicationProcess'
430
- DESC 'RFC2256: an application process'
431
- SUP top STRUCTURAL
432
- MUST cn
433
- MAY ( seeAlso $ ou $ l $ description ) )
434
-
435
- objectclass ( 2.5.6.12 NAME 'applicationEntity'
436
- DESC 'RFC2256: an application entity'
437
- SUP top STRUCTURAL
438
- MUST ( presentationAddress $ cn )
439
- MAY ( supportedApplicationContext $ seeAlso $ ou $ o $ l $
440
- description ) )
441
-
442
- objectclass ( 2.5.6.13 NAME 'dSA'
443
- DESC 'RFC2256: a directory system agent (a server)'
444
- SUP applicationEntity STRUCTURAL
445
- MAY knowledgeInformation )
446
-
447
- objectclass ( 2.5.6.14 NAME 'device'
448
- DESC 'RFC2256: a device'
449
- SUP top STRUCTURAL
450
- MUST cn
451
- MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l $ description ) )
452
-
453
- objectclass ( 2.5.6.15 NAME 'strongAuthenticationUser'
454
- DESC 'RFC2256: a strong authentication user'
455
- SUP top AUXILIARY
456
- MUST userCertificate )
457
-
458
- objectclass ( 2.5.6.16 NAME 'certificationAuthority'
459
- DESC 'RFC2256: a certificate authority'
460
- SUP top AUXILIARY
461
- MUST ( authorityRevocationList $ certificateRevocationList $
462
- cACertificate ) MAY crossCertificatePair )
463
-
464
- objectclass ( 2.5.6.17 NAME 'groupOfUniqueNames'
465
- DESC 'RFC2256: a group of unique names (DN and Unique Identifier)'
466
- SUP top STRUCTURAL
467
- MUST ( uniqueMember $ cn )
468
- MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) )
469
-
470
- objectclass ( 2.5.6.18 NAME 'userSecurityInformation'
471
- DESC 'RFC2256: a user security information'
472
- SUP top AUXILIARY
473
- MAY ( supportedAlgorithms ) )
474
-
475
- objectclass ( 2.5.6.16.2 NAME 'certificationAuthority-V2'
476
- SUP certificationAuthority
477
- AUXILIARY MAY ( deltaRevocationList ) )
478
-
479
- objectclass ( 2.5.6.19 NAME 'cRLDistributionPoint'
480
- SUP top STRUCTURAL
481
- MUST ( cn )
482
- MAY ( certificateRevocationList $ authorityRevocationList $
483
- deltaRevocationList ) )
484
-
485
- objectclass ( 2.5.6.20 NAME 'dmd'
486
- SUP top STRUCTURAL
487
- MUST ( dmdName )
488
- MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
489
- x121Address $ registeredAddress $ destinationIndicator $
490
- preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
491
- telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
492
- street $ postOfficeBox $ postalCode $ postalAddress $
493
- physicalDeliveryOfficeName $ st $ l $ description ) )
494
-
495
- #
496
- # Object Classes from RFC 2587
497
- #
498
- objectclass ( 2.5.6.21 NAME 'pkiUser'
499
- DESC 'RFC2587: a PKI user'
500
- SUP top AUXILIARY
501
- MAY userCertificate )
502
-
503
- objectclass ( 2.5.6.22 NAME 'pkiCA'
504
- DESC 'RFC2587: PKI certificate authority'
505
- SUP top AUXILIARY
506
- MAY ( authorityRevocationList $ certificateRevocationList $
507
- cACertificate $ crossCertificatePair ) )
508
-
509
- objectclass ( 2.5.6.23 NAME 'deltaCRL'
510
- DESC 'RFC2587: PKI user'
511
- SUP top AUXILIARY
512
- MAY deltaRevocationList )
513
-
514
- #
515
- # Standard Track URI label schema from RFC 2079
516
- # system schema
517
- #attributetype ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI'
518
- # DESC 'RFC2079: Uniform Resource Identifier with optional label'
519
- # EQUALITY caseExactMatch
520
- # SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
521
-
522
- objectclass ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject'
523
- DESC 'RFC2079: object that contains the URI attribute type'
524
- SUP top AUXILIARY
525
- MAY labeledURI )
526
-
527
- #
528
- # Derived from RFC 1274, but with new "short names"
529
- #
530
- attributetype ( 0.9.2342.19200300.100.1.1
531
- NAME ( 'uid' 'userid' )
532
- DESC 'RFC1274: user identifier'
533
- EQUALITY caseIgnoreMatch
534
- SUBSTR caseIgnoreSubstringsMatch
535
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
536
-
537
- attributetype ( 0.9.2342.19200300.100.1.3
538
- NAME ( 'mail' 'rfc822Mailbox' )
539
- DESC 'RFC1274: RFC822 Mailbox'
540
- EQUALITY caseIgnoreIA5Match
541
- SUBSTR caseIgnoreIA5SubstringsMatch
542
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
543
-
544
- objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject'
545
- DESC 'RFC1274: simple security object'
546
- SUP top AUXILIARY
547
- MUST userPassword )
548
-
549
- # RFC 1274 + RFC 2247
550
- attributetype ( 0.9.2342.19200300.100.1.25
551
- NAME ( 'dc' 'domainComponent' )
552
- DESC 'RFC1274/2247: domain component'
553
- EQUALITY caseIgnoreIA5Match
554
- SUBSTR caseIgnoreIA5SubstringsMatch
555
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
556
-
557
- # RFC 2247
558
- objectclass ( 1.3.6.1.4.1.1466.344 NAME 'dcObject'
559
- DESC 'RFC2247: domain component object'
560
- SUP top AUXILIARY MUST dc )
561
-
562
- # RFC 2377
563
- objectclass ( 1.3.6.1.1.3.1 NAME 'uidObject'
564
- DESC 'RFC2377: uid object'
565
- SUP top AUXILIARY MUST uid )
566
-
567
- # From COSINE Pilot
568
- attributetype ( 0.9.2342.19200300.100.1.37
569
- NAME 'associatedDomain'
570
- DESC 'RFC1274: domain associated with object'
571
- EQUALITY caseIgnoreIA5Match
572
- SUBSTR caseIgnoreIA5SubstringsMatch
573
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
574
-
575
- # RFC 2459 -- deprecated in favor of 'mail' (in cosine.schema)
576
- attributetype ( 1.2.840.113549.1.9.1
577
- NAME ( 'email' 'emailAddress' 'pkcs9email' )
578
- DESC 'RFC2459: legacy attribute for email addresses in DNs'
579
- EQUALITY caseIgnoreIA5Match
580
- SUBSTR caseIgnoreIA5SubstringsMatch
581
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
582
-