# Copyright 2004-2017 Univention GmbH # # http://www.univention.de/ # # All rights reserved. # # The source code of this program is made available # under the terms of the GNU Affero General Public License version 3 # (GNU AGPL V3) as published by the Free Software Foundation. # # Binary versions of this program provided by Univention to you as # well as other copyrighted, protected or trademarked materials like # Logos, graphics, fonts, specific documentations and configurations, # cryptographic keys etc. are subject to a license agreement between # you and Univention and not subject to the GNU AGPL V3. # # In the case you use this program under the terms of the GNU AGPL V3, # the program is provided in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU Affero General Public License for more details. # # You should have received a copy of the GNU Affero General Public # License with the Debian GNU/Linux or Univention distribution in file # /usr/share/common-licenses/AGPL-3; if not, see # . # # univention namespace: 10176 #attributetype ( 1.3.6.1.4.1.10176.41 NAME 'univentionDesktopServer' # DESC 'terminal server (i.e. application server) to use [client]' # EQUALITY caseIgnoreIA5Match # SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE) # #attributetype ( 1.3.6.1.4.1.10176.44 NAME 'univentionWindowsServer' # DESC 'Univention windows server to use [client]' # EQUALITY caseIgnoreIA5Match # SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE) # #attributetype ( 1.3.6.1.4.1.10176.45 NAME 'univentionWindowsDomain' # DESC 'windows domain of windows server [client]' # EQUALITY caseIgnoreIA5Match # SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE) # #attributetype ( 1.3.6.1.4.1.10176.46 NAME 'univentionFileServer' # DESC 'Univention file server to use [client]' # EQUALITY caseIgnoreIA5Match # SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE) # #attributetype ( 1.3.6.1.4.1.10176.56 NAME 'univentionLdapServer' # DESC 'Univention ldap server to use [client]' # EQUALITY caseIgnoreIA5Match # SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE) # #attributetype ( 1.3.6.1.4.1.10176.57 NAME 'univentionLdapBase' # DESC 'base of ldap server' # EQUALITY caseExactMatch # SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE) # attributetype ( 1.3.6.1.4.1.10176.61 NAME 'univentionServerRole' DESC 'server role of this machine [ldap master,ldap slave,...]' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) #attributetype ( 1.3.6.1.4.1.10176.62 NAME 'univentionKerberosRealm' # DESC 'Kerberos REALM' # EQUALITY caseExactMatch # SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE) # #attributetype ( 1.3.6.1.4.1.10176.63 NAME 'univentionKerberosKDC' # DESC 'Kerberos KDC Server' # EQUALITY caseExactMatch # SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE) # attributetype ( 1.3.6.1.4.1.10176.64 NAME 'univentionWindowsReinstall' DESC 'schedule host to be reinstalled' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) attributetype ( 1.3.6.1.4.1.10176.65 NAME 'univentionServerReinstall' DESC 'schedule host to be reinstalled' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) attributetype ( 1.3.6.1.4.1.10176.66 NAME 'univentionService' DESC 'server services' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) attributetype ( 1.3.6.1.4.1.10176.1000.11.1.1 NAME 'univentionServerInstallationProfile' DESC 'Path of profile file. Must be present on installation server.' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.10176.1000.11.1.3 NAME 'univentionServerInstallationText' DESC 'Use text installation' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.10176.1000.11.1.6 NAME 'univentionServerInstallationOption' DESC 'Set boot option for unattended installation' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.10176.1000.11.1.4 NAME 'univentionServerInstallationPath' DESC 'Installation Path' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.10176.1000.11.1.2 NAME 'univentionNetworkLink' DESC 'Path of network' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.10176.1000.11.1.5 NAME 'univentionInventoryNumber' DESC 'Inventory number' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) attributetype ( 1.3.6.1.4.1.10176.1000.11.1.7 NAME 'univentionOperatingSystem' DESC 'Operating System' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) attributetype ( 1.3.6.1.4.1.10176.1000.11.1.8 NAME 'univentionOperatingSystemVersion' DESC 'Operating System version' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) objectclass ( 1.3.6.1.4.1.10176.70 NAME 'univentionHost' SUP top AUXILIARY DESC 'Univention host' MUST ( cn ) MAY ( macAddress $ aRecord $ aAAARecord $ mXRecord $ cNAMERecord $ associatedDomain $ univentionNetworkLink $ univentionInventoryNumber $ univentionOperatingSystem $ univentionOperatingSystemVersion)) objectclass ( 1.3.6.1.4.1.10176.71 NAME 'univentionClient' SUP 'univentionHost' AUXILIARY DESC 'Univention client' MUST ( cn ) MAY ( univentionServerReinstall $ univentionServerInstallationProfile $ univentionServerInstallationText $ univentionServerInstallationPath $ univentionServerInstallationOption) ) objectclass ( 1.3.6.1.4.1.10176.99 NAME 'univentionMacOSClient' SUP 'univentionHost' AUXILIARY DESC 'Univention MacOS X Client' MUST ( cn ) ) objectclass ( 1.3.6.1.4.1.10176.96 NAME 'univentionMobileClient' SUP 'univentionHost' AUXILIARY DESC 'Univention mobile client' MUST ( cn ) MAY ( univentionServerReinstall $ univentionServerInstallationProfile $ univentionServerInstallationText $ univentionServerInstallationPath $ univentionServerInstallationOption) ) objectclass ( 1.3.6.1.4.1.10176.72 NAME 'univentionThinClient' SUP 'univentionHost' AUXILIARY DESC 'Univention thin client' MUST ( cn ) ) objectclass ( 1.3.6.1.4.1.10176.73 NAME 'univentionWindows' SUP 'univentionHost' AUXILIARY DESC 'Univention windows host' MUST ( cn ) MAY ( univentionServerRole $ univentionWindowsReinstall ) ) objectclass ( 1.3.6.1.4.1.10176.74 NAME 'univentionMemberServer' SUP 'univentionHost' AUXILIARY DESC 'Univention member server' MUST ( cn ) MAY ( univentionServerRole $ univentionService $ univentionServerReinstall $ univentionServerInstallationProfile $ univentionServerInstallationText $ univentionServerInstallationPath $ univentionServerInstallationOption) ) objectclass ( 1.3.6.1.4.1.10176.75 NAME 'univentionDomainController' SUP 'univentionHost' AUXILIARY DESC 'Univention domain controller' MUST ( cn ) MAY ( univentionServerRole $ univentionService $ univentionServerReinstall $ univentionServerInstallationProfile $ univentionServerInstallationText $ univentionServerInstallationPath $ univentionServerInstallationOption) ) objectclass ( 1.3.6.1.4.1.10176.76 NAME 'univentionUbuntuClient' SUP 'univentionHost' AUXILIARY DESC 'Univention Ubuntu client' MUST ( cn ) ) objectclass ( 1.3.6.1.4.1.10176.77 NAME 'univentionLinuxClient' SUP 'univentionHost' AUXILIARY DESC 'Univention Linux client' MUST ( cn ) ) objectclass ( 1.3.6.1.4.1.10176.78 NAME 'univentionDomain' SUP ('domain' $ 'sambaDomain') STRUCTURAL DESC 'Additional univention-vars for Groups' ) objectclass ( 1.3.6.1.4.1.10176.79 NAME 'univentionBase' SUP 'top' AUXILIARY DESC 'Additional univention-vars for Groups' ) attributetype ( 1.3.6.1.4.1.10176.81 NAME 'prohibitedUsername' DESC 'Illegal usernames ' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) objectclass ( 1.3.6.1.4.1.10176.80 NAME 'univentionProhibitedUsernames' MUST ( cn ) MAY ( prohibitedUsername ) DESC 'List of prohibited usernames' ) attributetype ( 1.3.6.1.4.1.10176.83 NAME 'printerModel' DESC 'Printer Model ' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) objectclass ( 1.3.6.1.4.1.10176.82 NAME 'univentionPrinterModels' MUST ( cn ) MAY ( printerModel ) DESC 'Printer Model List' ) attributetype ( 1.3.6.1.4.1.10176.1000.300.1.1 NAME 'univentionPackageDefinition' DESC 'Packages ' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) objectclass ( 1.3.6.1.4.1.10176.1000.300.2.1 NAME 'univentionPackageList' MUST ( cn ) DESC 'Package List ' MAY ( univentionPackageDefinition)) attributetype ( 1.3.6.1.4.1.10176.1000.301.1.1 NAME 'printerURI' DESC 'Printer URI ' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) objectclass ( 1.3.6.1.4.1.10176.1000.301.2.1 NAME 'univentionPrinterURIs' MUST ( cn ) MAY ( printerURI ) DESC 'Printer URI List' ) attributetype ( 1.3.6.1.4.1.10176.1000.302.1.1 NAME 'univentionSambaPasswordHistory' DESC 'Samba Password History ' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.10176.1000.302.1.2 NAME 'univentionSambaMinPasswordLength' DESC 'Samba Password Length ' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.10176.1000.302.1.3 NAME 'univentionSambaMinPasswordAge' DESC 'Samba Minimum Password Age ' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.10176.1000.302.1.4 NAME 'univentionSambaBadLockoutAttempts' DESC 'Samba Bad Lockout Attempts ' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.10176.1000.302.1.5 NAME 'univentionSambaLogonToChangePW' DESC 'Samba User must logon to change password' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.10176.1000.302.1.6 NAME 'univentionSambaMaxPasswordAge' DESC 'Samba Maximum Password Age' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.10176.1000.302.1.7 NAME 'univentionSambaLockoutDuration' DESC 'Samba Lockout Duration' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.10176.1000.302.1.8 NAME 'univentionSambaResetCountMinutes' DESC 'Samba Reset Count Minutes' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.10176.1000.302.1.9 NAME 'univentionSambaDisconnectTime' DESC 'Samba Disconnect Time' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.10176.1000.302.1.10 NAME 'univentionSambaRefuseMachinePWChange' DESC 'Samba Refuse Machine Password Change' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) objectclass ( 1.3.6.1.4.1.10176.1000.302.2.1 NAME 'univentionSambaConfig' MUST ( cn ) MAY ( univentionSambaPasswordHistory $ univentionSambaMinPasswordLength $ univentionSambaMinPasswordAge $ univentionSambaBadLockoutAttempts $ univentionSambaLogonToChangePW $ univentionSambaMaxPasswordAge $ univentionSambaLockoutDuration $ univentionSambaResetCountMinutes $ univentionSambaDisconnectTime $ univentionSambaRefuseMachinePWChange ) DESC 'Univention Samba LDAP Extensions' ) objectclass ( 1.3.6.1.4.1.10176.1000.303.2.1 NAME 'univentionServiceObject' MUST ( cn ) DESC 'Univention Service Object' ) # operations for univention console attributetype ( 1.3.6.1.4.1.10176.1000.304.1.1 NAME 'univentionConsoleOperation' DESC 'Univention Console command' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) objectclass ( 1.3.6.1.4.1.10176.1000.304.2.1 NAME 'univentionConsoleOperations' MUST ( cn ) MAY ( description $ univentionConsoleOperation ) DESC 'Univention Console commands' ) # ACLs for univention console attributetype ( 1.3.6.1.4.1.10176.1000.305.1.1 NAME 'univentionConsoleACLCategory' DESC 'Univention Console ACL category' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.10176.1000.305.1.2 NAME 'univentionConsoleACLHost' DESC 'Univention Console ACL host or host group' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) attributetype ( 1.3.6.1.4.1.10176.1000.305.1.3 NAME 'univentionConsoleACLBase' DESC 'Univention Console ldap base to find the hosts' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.10176.1000.305.1.4 NAME 'univentionConsoleACLCommand' DESC 'Univention Console ACL command' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) objectclass ( 1.3.6.1.4.1.10176.1000.305.2.1 NAME 'univentionConsoleACL' MUST ( cn ) MAY ( description $ univentionConsoleACLCategory $ univentionConsoleACLHost $ univentionConsoleACLBase $ univentionConsoleACLCommand ) DESC 'Univention Console commands' ) objectclass ( 1.3.6.1.4.1.10176.1000.306.2.1 NAME 'univentionConsoleCategory' MUST ( cn ) MAY ( description ) DESC 'Univention Console category' ) attributetype ( 1.3.6.1.4.1.10176.600 NAME 'univentionSambaPrivilegeList' DESC 'Samba Privileges List' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} ) objectclass ( 1.3.6.1.4.1.10176.60 NAME 'univentionSambaPrivileges' SUP top AUXILIARY MAY ( univentionSambaPrivilegeList ) DESC 'Samba Privileges' ) # new UMC operation object (UCS 3.0) attributetype ( 1.3.6.1.4.1.10176.1000.310.1.1 NAME 'umcOperationSetCommand' DESC 'List of UMC command names and patterns' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) attributetype ( 1.3.6.1.4.1.10176.1000.310.1.2 NAME 'umcOperationSetFlavor' DESC 'Flavor of the UMC module' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.10176.1000.310.1.3 NAME 'umcOperationSetHost' DESC 'List of host or host group' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) attributetype ( 1.3.6.1.4.1.10176.1000.310.1.4 NAME 'umcOperationSetBase' DESC 'LDAP base used for finding hosts' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) objectclass ( 1.3.6.1.4.1.10176.1000.310.2.1 NAME 'umcOperationSet' DESC 'Defines a set of UMC operations' MUST ( cn $ description ) MAY ( umcOperationSetCommand $ umcOperationSetFlavor $ umcOperationSetHost $ umcOperationSetBase ) )