<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd"> <appendix id="a_schema"> <title>LDAP schema files</title> <para>Here is a list of needed LDAP schema files for the different LAM modules. For OpenLDAP we also provide a source where you can get the files.</para> <table frame="none" lang="" role="" tabstyle="nogrid"> <title>LDAP schema files</title> <tgroup cols="6"> <thead> <row> <entry/> <entry>Account type</entry> <entry>Object class(es)</entry> <entry>Schema name</entry> <entry>Source</entry> <entry>Notes</entry> </row> </thead> <tbody> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_unix.png"/> </imageobject> </inlinemediaobject></entry> <entry>Unix accounts</entry> <entry>posixAccount, shadowAccount, hostObject, posixGroup</entry> <entry>nis.schema, rfc2307bis.schema, ldapns.schema (hostObject)</entry> <entry>Part of OpenLDAP installation, part of libpam-ldap (ldapns.schema)</entry> <entry>The rfc2307bis.schema is only supported by LAM Pro. Use the nis.schema if you do not want to upgrade to LAM Pro.</entry> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_inetOrgPerson.png"/> </imageobject> </inlinemediaobject></entry> <entry>Address book entries</entry> <entry>inetOrgPerson</entry> <entry>inetorgperson.schema</entry> <entry>Part of OpenLDAP installation</entry> <entry/> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_samba.png"/> </imageobject> </inlinemediaobject></entry> <entry>Samba 3 accounts</entry> <entry>sambaSamAccount, sambaGroupMapping, sambaDomain</entry> <entry>samba.schema</entry> <entry>Part of Samba tarball (examples/LDAP/samba.schema)</entry> <entry/> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_samba.png"/> </imageobject> </inlinemediaobject></entry> <entry>Windows AD (Samba 4)</entry> <entry>user, group, computer</entry> <entry/> <entry>Samba 4 built-in</entry> <entry/> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_kolab.png"/> </imageobject> </inlinemediaobject></entry> <entry>Kolab 2/3 users</entry> <entry>kolabUser</entry> <entry>kolab2/3.schema, rfc2739.schema</entry> <entry>Part of Kolab 2/3 installation</entry> <entry/> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_asterisk.png"/> </imageobject> </inlinemediaobject></entry> <entry>Asterisk (extension)</entry> <entry>AsteriskSIPUser, AsteriskExtension</entry> <entry>asterisk.schema</entry> <entry>Part of Asterisk installation</entry> <entry/> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_pykota.png"/> </imageobject> </inlinemediaobject></entry> <entry>PyKota users, groups, printers and billing codes</entry> <entry>pykotaObject, pykotaAccount, pykotaAccountBalance, pykotaGroup, pykotaPrinter, pykotaBilling</entry> <entry>pykota.schema</entry> <entry>Part of PyKota installation</entry> <entry/> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_mailAlias.png"/> </imageobject> </inlinemediaobject></entry> <entry>Mail routing</entry> <entry>inetLocalMailRecipient</entry> <entry>misc.schema</entry> <entry>Part of OpenLDAP installation</entry> <entry/> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_hostObject.png"/> </imageobject> </inlinemediaobject></entry> <entry>Hosts</entry> <entry>hostObject, device</entry> <entry>ldapns.schema</entry> <entry>Part of libpam-ldap installation</entry> <entry>The device object class is only available in LAM Pro.</entry> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_authorizedServices.png"/> </imageobject> </inlinemediaobject></entry> <entry>Authorized services</entry> <entry>authorizedServiceObject</entry> <entry>ldapns.schema</entry> <entry>Part of libpam-ldap installation</entry> <entry/> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_mailAlias.png"/> </imageobject> </inlinemediaobject></entry> <entry>Mail aliases</entry> <entry>nisMailAlias</entry> <entry>misc.schema</entry> <entry>Part of OpenLDAP installation</entry> <entry/> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_mailAlias.png"/> </imageobject> </inlinemediaobject></entry> <entry>Qmail user</entry> <entry>qmailUser</entry> <entry>qmail.schema</entry> <entry>Part of <ulink url="http://www.nrg4u.com/">qmail_ldap</ulink></entry> <entry>LAM Pro only</entry> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_mac.png"/> </imageobject> </inlinemediaobject></entry> <entry>MAC addresses</entry> <entry>ieee802device</entry> <entry>nis.schema</entry> <entry>Part of OpenLDAP installation</entry> <entry/> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_ipHost.png"/> </imageobject> </inlinemediaobject></entry> <entry>IP addresses</entry> <entry>ipHost</entry> <entry>nis.schema</entry> <entry>Part of OpenLDAP installation</entry> <entry>LAM Pro only</entry> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_puppet.png"/> </imageobject> </inlinemediaobject></entry> <entry>Puppet</entry> <entry>puppetClient</entry> <entry>puppet.schema</entry> <entry><ulink url="https://github.com/puppetlabs/puppet/blob/master/ext/ldap/puppet.schema">Puppet on GitHub</ulink></entry> <entry/> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_eduPerson.png"/> </imageobject> </inlinemediaobject></entry> <entry>EDU person</entry> <entry>eduPerson</entry> <entry>eduperson.schema</entry> <entry><ulink url="http://middleware.internet2.edu/eduperson/">http://middleware.internet2.edu</ulink></entry> <entry/> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_user.png"/> </imageobject> </inlinemediaobject></entry> <entry>Simple Accounts</entry> <entry>account</entry> <entry>cosine.schema</entry> <entry>Part of OpenLDAP installation</entry> <entry/> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_ssh.png"/> </imageobject> </inlinemediaobject></entry> <entry>SSH public keys</entry> <entry>ldapPublicKey</entry> <entry>openssh-lpk.schema</entry> <entry>Included in patch from <ulink url="http://code.google.com/p/openssh-lpk/">http://code.google.com/p/openssh-lpk/</ulink></entry> <entry/> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_quota.png"/> </imageobject> </inlinemediaobject></entry> <entry>Filesystem quotas</entry> <entry>systemQuotas</entry> <entry>quota.schema</entry> <entry><ulink url="http://sourceforge.net/projects/linuxquota/">Linux DiskQuota</ulink></entry> <entry/> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_group.png"/> </imageobject> </inlinemediaobject></entry> <entry>Group of (unique) names</entry> <entry>groupOfNames, groupOfUniqueNames, groupOfMembers</entry> <entry>core.schema</entry> <entry>Part of OpenLDAP installation</entry> <entry>LAM Pro only</entry> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_group.png"/> </imageobject> </inlinemediaobject></entry> <entry>Groups</entry> <entry>organizationalRole</entry> <entry>core.schema</entry> <entry>Part of OpenLDAP installation</entry> <entry>LAM Pro only</entry> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_dhcp.png"/> </imageobject> </inlinemediaobject></entry> <entry>DHCP</entry> <entry>dhcpOptions, dhcpSubnet, dhcpServer</entry> <entry>dhcp.schema</entry> <entry>docs/schema/dhcp.schema</entry> <entry>The LDAP suffix should be set to your dhcpServer entry.</entry> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_bind.png"/> </imageobject> </inlinemediaobject></entry> <entry>Bind DLZ DNS</entry> <entry>dlzZone, dlzHost, dlzSOARecord, dlzNSRecord, dlzARecord, dlzMXRecord, dlzCNameRecord, dlzPTRRecord</entry> <entry>dlz.schema</entry> <entry>part of <ulink url="http://bind-dlz.sourceforge.net/">Bind DLZ patch</ulink></entry> <entry>LAM Pro only</entry> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_alias.png"/> </imageobject> </inlinemediaobject></entry> <entry>Aliases</entry> <entry>alias, uidObject</entry> <entry>core.schema</entry> <entry>Part of OpenLDAP installation</entry> <entry>LAM Pro only</entry> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_netgroup.png"/> </imageobject> </inlinemediaobject></entry> <entry>NIS netgroups</entry> <entry>nisNetgroup</entry> <entry>nis.schema</entry> <entry>Part of OpenLDAP installation</entry> <entry/> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_nisObject.png"/> </imageobject> </inlinemediaobject></entry> <entry>NIS objects</entry> <entry>nisObject</entry> <entry>nis.schema</entry> <entry>Part of OpenLDAP installation</entry> <entry>LAM Pro only</entry> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_nisObject.png"/> </imageobject> </inlinemediaobject></entry> <entry>Automount objects</entry> <entry>automount</entry> <entry>autofs.schema, rfc2307bis.schema</entry> <entry>Autofs LDAP</entry> <entry>LAM Pro only</entry> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_oracle.png"/> </imageobject> </inlinemediaobject></entry> <entry>Oracle databases</entry> <entry>orclNetService</entry> <entry>oidbase.schema, oidnet.schema, oidrdbms.schema, alias.schema</entry> <entry>Preinstalled on Oracle directory server, OpenLDAP schemas can be downloaded e.g. <ulink url="http://www.idevelopment.info/data/Oracle/DBA_tips/LDAP/LDAP_8.shtml">here</ulink></entry> <entry>LAM Pro only</entry> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_ppolicy.png"/> </imageobject> </inlinemediaobject></entry> <entry>Password policies</entry> <entry>pwdPolicy, device</entry> <entry>ppolicy.schema, core.schema</entry> <entry>Part of OpenLDAP installation</entry> <entry>LAM Pro only</entry> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_freeRadius.png"/> </imageobject> </inlinemediaobject></entry> <entry>FreeRadius users</entry> <entry>radiusprofile</entry> <entry>openldap.schema</entry> <entry>Part of FreeRadius installation</entry> <entry/> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_heimdal.png"/> </imageobject> </inlinemediaobject></entry> <entry>Heimdal Kerberos</entry> <entry>krb5KDCEntry</entry> <entry>hdb.schema</entry> <entry>Part of Heimdal Kerberos installation</entry> <entry>LAM Pro only</entry> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_mitKerberos.png"/> </imageobject> </inlinemediaobject></entry> <entry>MIT Kerberos</entry> <entry>krbPrincipal, krbPrincipalAux, krbTicketPolicyAux</entry> <entry>kerberos.schema</entry> <entry>Part of MIT Kerberos installation</entry> <entry>LAM Pro only</entry> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_sudo.png"/> </imageobject> </inlinemediaobject></entry> <entry>Sudo roles</entry> <entry>sudoRole</entry> <entry>sudo.schema</entry> <entry>Part of sudo-ldap installation</entry> <entry>LAM Pro only</entry> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_kopano.png"/> </imageobject> </inlinemediaobject></entry> <entry>Kopano</entry> <entry>kopano-user, kopano-contact, kopano-group, kopano-dynamicgroup, kopano-addresslist, kopano-server</entry> <entry>kopano.ldif</entry> <entry>Part of Kopano installation</entry> <entry>LAM Pro only</entry> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_zarafa.png"/> </imageobject> </inlinemediaobject></entry> <entry>Zarafa</entry> <entry>zarafa-user, zarafa-group, zarafa-server</entry> <entry>zarafa.schema</entry> <entry>Part of Zarafa installation</entry> <entry>LAM Pro only</entry> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_mailAlias.png"/> </imageobject> </inlinemediaobject></entry> <entry>IMAP mailboxes</entry> <entry>-</entry> <entry>-</entry> <entry>-</entry> <entry>Does not require any schema.</entry> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_nsview.png"/> </imageobject> </inlinemediaobject></entry> <entry>LDAP views</entry> <entry>nsview, organizationalunit</entry> <entry>built-in</entry> <entry>Part of LDAP server installation (e.g. 389 server)</entry> <entry>LAM Pro only</entry> </row> <row> <entry><inlinemediaobject> <imageobject> <imagedata fileref="images/schema_autoDelete.png"/> </imageobject> </inlinemediaobject></entry> <entry>All</entry> <entry>dynamicObject</entry> <entry>built-in with DDS module</entry> <entry>Part of LDAP server installation</entry> <entry>LAM Pro only, requires DDS extension on LDAP server side</entry> </row> </tbody> </tgroup> </table> </appendix>