# # OpenLDAP Schema file # for univention-saml package # attributetype ( 1.3.6.1.4.1.10176.4200.1.2 NAME 'SAMLServiceProviderIdentifier' DESC 'Unique service provider identifier' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) attributetype ( 1.3.6.1.4.1.10176.4200.1.3 NAME 'AssertionConsumerService' DESC 'The URL of the AssertionConsumerService endpoint for this SP' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) attributetype ( 1.3.6.1.4.1.10176.4200.1.4 NAME 'NameIDFormat' DESC 'The NameIDFormat this SP should receive' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) attributetype ( 1.3.6.1.4.1.10176.4200.1.5 NAME 'simplesamlNameIDAttribute' DESC 'The name of the attribute which should be used as the value of the NameID' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) attributetype ( 1.3.6.1.4.1.10176.4200.1.6 NAME 'simplesamlAttributes' DESC 'Whether the SP should receive any attributes from the IdP' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) attributetype ( 1.3.6.1.4.1.10176.4200.1.7 NAME 'simplesamlLDAPattributes' DESC 'A list of attributes the service provider will receive' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) attributetype ( 1.3.6.1.4.1.10176.4200.1.8 NAME 'serviceproviderdescription' DESC 'A description of this service provider that can be shown to users' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) attributetype ( 1.3.6.1.4.1.10176.4200.1.9 NAME 'serviceProviderOrganizationName' DESC 'The name of the organization responsible for the service provider that can be shown to users' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) attributetype ( 1.3.6.1.4.1.10176.4200.1.10 NAME 'privacypolicyURL' DESC 'An absolute URL for the service providers privacy policy' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) attributetype ( 1.3.6.1.4.1.10176.4200.1.11 NAME 'attributesNameFormat' DESC 'Which value will be set in the format field of attribute statements' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) attributetype ( 1.3.6.1.4.1.10176.4200.1.12 NAME 'singleLogoutService' DESC 'The URL of the SingleLogoutService endpoint for this service provider' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) attributetype ( 1.3.6.1.4.1.10176.4200.1.13 NAME 'isServiceProviderActivated' DESC 'True if this service provider is activated and its configuration is written' SINGLE-VALUE EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) attributetype ( 1.3.6.1.4.1.10176.4200.1.14 NAME 'serviceProviderMetadata' DESC 'The raw XML metadata for this service provider entry' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) objectclass ( 1.3.6.1.4.1.10176.4200.1.1 NAME 'univentionSAMLServiceProvider' SUP top STRUCTURAL DESC 'univention simplesamlphp service provider' MAY ( NameIDFormat $ simplesamlNameIDAttribute $ simplesamlAttributes $ simplesamlLDAPattributes $ serviceproviderdescription $ serviceProviderOrganizationName $ privacypolicyURL $ attributesNameFormat $ singleLogoutService $ serviceProviderMetadata ) MUST ( isServiceProviderActivated $ SAMLServiceProviderIdentifier $ AssertionConsumerService ) ) attributetype ( 1.3.6.1.4.1.10176.4200.2.2 NAME 'enabledServiceProviderIdentifier' DESC 'A service provider the user is enabled to use' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) objectclass ( 1.3.6.1.4.1.10176.4200.2.1 NAME 'univentionSAMLEnabled' SUP top AUXILIARY DESC 'The user is enabled to use SAML service providers' MAY ( enabledServiceProviderIdentifier ) )