LDAP schema files
Here is a list of needed LDAP schema files for the different LAM
modules. For OpenLDAP we also provide a source where you can get the
files.
LDAP schema files
Account type
Object class(es)
Schema name
Source
Notes
Unix accounts
posixAccount, shadowAccount, hostObject, posixGroup
nis.schema, rfc2307bis.schema, ldapns.schema
(hostObject)
Part of OpenLDAP installation, part of libpam-ldap
(ldapns.schema)
The rfc2307bis.schema is only supported by LAM Pro. Use the
nis.schema if you do not want to upgrade to LAM Pro.
Address book entries
inetOrgPerson
inetorgperson.schema
Part of OpenLDAP installation
Samba 3 accounts
sambaSamAccount, sambaGroupMapping, sambaDomain
samba.schema
Part of Samba tarball (examples/LDAP/samba.schema)
Windows AD (Samba 4)
user, group, computer
Samba 4 built-in
Kolab 2/3 users
kolabUser
kolab2/3.schema, rfc2739.schema
Part of Kolab 2/3 installation
Asterisk (extension)
AsteriskSIPUser, AsteriskExtension
asterisk.schema
Part of Asterisk installation
PyKota users, groups, printers and billing codes
pykotaObject, pykotaAccount, pykotaAccountBalance,
pykotaGroup, pykotaPrinter, pykotaBilling
pykota.schema
Part of PyKota installation
Mail routing
inetLocalMailRecipient
misc.schema
Part of OpenLDAP installation
Hosts
hostObject, device
ldapns.schema
Part of libpam-ldap installation
The device object class is only available in LAM Pro.
Authorized services
authorizedServiceObject
ldapns.schema
Part of libpam-ldap installation
Mail aliases
nisMailAlias
misc.schema
Part of OpenLDAP installation
Qmail user
qmailUser
qmail.schema
Part of qmail_ldap
LAM Pro only
MAC addresses
ieee802device
nis.schema
Part of OpenLDAP installation
IP addresses
ipHost
nis.schema
Part of OpenLDAP installation
LAM Pro only
Puppet
puppetClient
puppet.schema
Puppet
on GitHub
EDU person
eduPerson
eduperson.schema
http://middleware.internet2.edu
Simple Accounts
account
cosine.schema
Part of OpenLDAP installation
SSH public keys
ldapPublicKey
openssh-lpk.schema
Included in patch from http://code.google.com/p/openssh-lpk/
Filesystem quotas
systemQuotas
quota.schema
Linux
DiskQuota
Group of (unique) names
groupOfNames, groupOfUniqueNames, groupOfMembers
core.schema
Part of OpenLDAP installation
LAM Pro only
Groups
organizationalRole
core.schema
Part of OpenLDAP installation
LAM Pro only
DHCP
dhcpOptions, dhcpSubnet, dhcpServer
dhcp.schema
docs/schema/dhcp.schema
The LDAP suffix should be set to your dhcpServer
entry.
Bind DLZ DNS
dlzZone, dlzHost, dlzSOARecord, dlzNSRecord, dlzARecord,
dlzMXRecord, dlzCNameRecord, dlzPTRRecord
dlz.schema
part of Bind
DLZ patch
LAM Pro only
Aliases
alias, uidObject
core.schema
Part of OpenLDAP installation
LAM Pro only
NIS netgroups
nisNetgroup
nis.schema
Part of OpenLDAP installation
NIS objects
nisObject
nis.schema
Part of OpenLDAP installation
LAM Pro only
Automount objects
automount
autofs.schema, rfc2307bis.schema
Autofs LDAP
LAM Pro only
Oracle databases
orclNetService
oidbase.schema, oidnet.schema, oidrdbms.schema,
alias.schema
Preinstalled on Oracle directory server, OpenLDAP schemas can
be downloaded e.g. here
LAM Pro only
Password policies
pwdPolicy, device
ppolicy.schema, core.schema
Part of OpenLDAP installation
LAM Pro only
FreeRadius users
radiusprofile
openldap.schema
Part of FreeRadius installation
Heimdal Kerberos
krb5KDCEntry
hdb.schema
Part of Heimdal Kerberos installation
LAM Pro only
MIT Kerberos
krbPrincipal, krbPrincipalAux, krbTicketPolicyAux
kerberos.schema
Part of MIT Kerberos installation
LAM Pro only
Sudo roles
sudoRole
sudo.schema
Part of sudo-ldap installation
LAM Pro only
Kopano
kopano-user, kopano-contact, kopano-group,
kopano-dynamicgroup, kopano-addresslist, kopano-server
kopano.ldif
Part of Kopano installation
LAM Pro only
Zarafa
zarafa-user, zarafa-group, zarafa-server
zarafa.schema
Part of Zarafa installation
LAM Pro only
IMAP mailboxes
-
-
-
Does not require any schema.
LDAP views
nsview, organizationalunit
built-in
Part of LDAP server installation (e.g. 389 server)
LAM Pro only
All
dynamicObject
built-in with DDS module
Part of LDAP server installation
LAM Pro only, requires DDS extension on LDAP server
side