diff --git a/files/schema/core.schema b/files/schema/core.schema
index 8b633fa..cf0968a 100644
--- a/files/schema/core.schema
+++ b/files/schema/core.schema
@@ -199,9 +199,7 @@ attributetype ( 2.5.4.22 NAME 'teletexTerminalIdentifier'
 
 attributetype ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' )
 	DESC 'RFC2256: Facsimile (Fax) Telephone Number'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{64} )
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 )
 
 attributetype ( 2.5.4.24 NAME 'x121Address'
 	DESC 'RFC2256: X.121 Address'
@@ -340,8 +338,8 @@ attributetype ( 2.5.4.48 NAME 'protocolInformation'
 
 attributetype ( 2.5.4.50 NAME 'uniqueMember'
 	DESC 'RFC2256: unique member of a group'
-	EQUALITY distinguishedNameMatch
-	SUP distinguishedName )
+	EQUALITY uniqueMemberMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 )
 
 attributetype ( 2.5.4.51 NAME 'houseIdentifier'
 	DESC 'RFC2256: house identifier'
diff --git a/files/schema/cosine.schema b/files/schema/cosine.schema
index 6cf77af..a0f5ae2 100644
--- a/files/schema/cosine.schema
+++ b/files/schema/cosine.schema
@@ -162,7 +162,6 @@ attributetype ( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox'
 ## incorrect syntax?
 attributetype ( 0.9.2342.19200300.100.1.26 NAME 'aRecord'
 	EQUALITY caseIgnoreIA5Match
-	SUBSTR caseIgnoreIA5SubstringsMatch
 	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
 
 ## missing from RFC1274
diff --git a/files/schema/dyngroup.schema b/files/schema/dyngroup.schema
index 035e23f..ed17202 100644
--- a/files/schema/dyngroup.schema
+++ b/files/schema/dyngroup.schema
@@ -2,7 +2,7 @@
 # $OpenLDAP$
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2015 The OpenLDAP Foundation.
+## Copyright 1998-2018 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without
diff --git a/files/schema/misc.schema b/files/schema/misc.schema
index e636135..e1bbf9d 100644
--- a/files/schema/misc.schema
+++ b/files/schema/misc.schema
@@ -2,7 +2,7 @@
 # $OpenLDAP$
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2015 The OpenLDAP Foundation.
+## Copyright 1998-2018 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without
diff --git a/files/schema/nis.schema b/files/schema/nis.schema
index 15ccc2c..31b4eb8 100644
--- a/files/schema/nis.schema
+++ b/files/schema/nis.schema
@@ -1,7 +1,7 @@
 # $OpenLDAP$
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2015 The OpenLDAP Foundation.
+## Copyright 1998-2018 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without
@@ -54,8 +54,8 @@ attributetype ( 1.3.6.1.1.1.1.2 NAME 'gecos'
 
 attributetype ( 1.3.6.1.1.1.1.3 NAME 'homeDirectory'
 	DESC 'The absolute path to the home directory'
-	EQUALITY caseExactMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
+	EQUALITY caseExactIA5Match
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
 
 attributetype ( 1.3.6.1.1.1.1.4 NAME 'loginShell'
 	DESC 'The path to the login shell'
@@ -84,7 +84,6 @@ attributetype ( 1.3.6.1.1.1.1.9 NAME 'shadowInactive'
 
 attributetype ( 1.3.6.1.1.1.1.10 NAME 'shadowExpire'
 	EQUALITY integerMatch
-	ORDERING integerOrderingMatch
 	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
 
 attributetype ( 1.3.6.1.1.1.1.11 NAME 'shadowFlag'
@@ -92,9 +91,9 @@ attributetype ( 1.3.6.1.1.1.1.11 NAME 'shadowFlag'
 	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
 
 attributetype ( 1.3.6.1.1.1.1.12 NAME 'memberUid'
-	EQUALITY caseExactMatch
-	SUBSTR caseExactSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+	EQUALITY caseExactIA5Match
+	SUBSTR caseExactIA5SubstringsMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
 
 attributetype ( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup'
 	EQUALITY caseExactIA5Match
@@ -138,7 +137,6 @@ attributetype ( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber'
 attributetype ( 1.3.6.1.1.1.1.22 NAME 'macAddress'
 	DESC 'MAC address'
 	EQUALITY caseIgnoreIA5Match
-	SUBSTR caseIgnoreIA5SubstringsMatch
 	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
 
 attributetype ( 1.3.6.1.1.1.1.23 NAME 'bootParameter'
diff --git a/files/schema/openldap.schema b/files/schema/openldap.schema
index cd00946..ae49ad5 100644
--- a/files/schema/openldap.schema
+++ b/files/schema/openldap.schema
@@ -1,7 +1,7 @@
 # $OpenLDAP$
 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
 ##
-## Copyright 1998-2015 The OpenLDAP Foundation.
+## Copyright 1998-2018 The OpenLDAP Foundation.
 ## All rights reserved.
 ##
 ## Redistribution and use in source and binary forms, with or without
diff --git a/files/schema/ppolicy.schema b/files/schema/ppolicy.schema
index 8720a22..3207658 100644
--- a/files/schema/ppolicy.schema
+++ b/files/schema/ppolicy.schema
@@ -135,11 +135,18 @@ attributetype ( 1.3.6.1.4.1.42.2.27.8.1.15
       SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
       SINGLE-VALUE )
 
+attributetype ( 1.3.6.1.4.1.42.2.27.8.1.30
+      NAME 'pwdMaxRecordedFailure'
+      EQUALITY integerMatch
+      ORDERING integerOrderingMatch
+      SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
+      SINGLE-VALUE )
+
 attributetype ( 1.3.6.1.4.1.4754.1.99.1
      NAME 'pwdCheckModule'
      EQUALITY caseExactIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
-     DESC 'Loadable module that instantiates "check_password() function'
+     DESC 'Loadable module that instantiates check_password() function'
      SINGLE-VALUE )
 
 objectclass ( 1.3.6.1.4.1.4754.2.99.1
@@ -156,4 +163,5 @@ objectclass ( 1.3.6.1.4.1.42.2.27.8.2.1
       MAY ( pwdMinAge $ pwdMaxAge $ pwdInHistory $ pwdCheckQuality $
       pwdMinLength $ pwdExpireWarning $ pwdGraceAuthNLimit $ pwdLockout
       $ pwdLockoutDuration $ pwdMaxFailure $ pwdFailureCountInterval $
-      pwdMustChange $ pwdAllowUserChange $ pwdSafeModify ) )
+      pwdMustChange $ pwdAllowUserChange $ pwdSafeModify $
+      pwdMaxRecordedFailure ) )