391 lines
14 KiB
Plaintext
391 lines
14 KiB
Plaintext
# Copyright 2004-2017 Univention GmbH
|
|
#
|
|
# http://www.univention.de/
|
|
#
|
|
# All rights reserved.
|
|
#
|
|
# The source code of this program is made available
|
|
# under the terms of the GNU Affero General Public License version 3
|
|
# (GNU AGPL V3) as published by the Free Software Foundation.
|
|
#
|
|
# Binary versions of this program provided by Univention to you as
|
|
# well as other copyrighted, protected or trademarked materials like
|
|
# Logos, graphics, fonts, specific documentations and configurations,
|
|
# cryptographic keys etc. are subject to a license agreement between
|
|
# you and Univention and not subject to the GNU AGPL V3.
|
|
#
|
|
# In the case you use this program under the terms of the GNU AGPL V3,
|
|
# the program is provided in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU Affero General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU Affero General Public
|
|
# License with the Debian GNU/Linux or Univention distribution in file
|
|
# /usr/share/common-licenses/AGPL-3; if not, see
|
|
# <http://www.gnu.org/licenses/>.
|
|
#
|
|
# univention namespace: 10176
|
|
|
|
#attributetype ( 1.3.6.1.4.1.10176.41 NAME 'univentionDesktopServer'
|
|
# DESC 'terminal server (i.e. application server) to use [client]'
|
|
# EQUALITY caseIgnoreIA5Match
|
|
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE)
|
|
#
|
|
#attributetype ( 1.3.6.1.4.1.10176.44 NAME 'univentionWindowsServer'
|
|
# DESC 'Univention windows server to use [client]'
|
|
# EQUALITY caseIgnoreIA5Match
|
|
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE)
|
|
#
|
|
#attributetype ( 1.3.6.1.4.1.10176.45 NAME 'univentionWindowsDomain'
|
|
# DESC 'windows domain of windows server [client]'
|
|
# EQUALITY caseIgnoreIA5Match
|
|
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE)
|
|
#
|
|
#attributetype ( 1.3.6.1.4.1.10176.46 NAME 'univentionFileServer'
|
|
# DESC 'Univention file server to use [client]'
|
|
# EQUALITY caseIgnoreIA5Match
|
|
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE)
|
|
#
|
|
#attributetype ( 1.3.6.1.4.1.10176.56 NAME 'univentionLdapServer'
|
|
# DESC 'Univention ldap server to use [client]'
|
|
# EQUALITY caseIgnoreIA5Match
|
|
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE)
|
|
#
|
|
#attributetype ( 1.3.6.1.4.1.10176.57 NAME 'univentionLdapBase'
|
|
# DESC 'base of ldap server'
|
|
# EQUALITY caseExactMatch
|
|
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE)
|
|
#
|
|
attributetype ( 1.3.6.1.4.1.10176.61 NAME 'univentionServerRole'
|
|
DESC 'server role of this machine [ldap master,ldap slave,...]'
|
|
EQUALITY caseExactMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
|
|
|
|
#attributetype ( 1.3.6.1.4.1.10176.62 NAME 'univentionKerberosRealm'
|
|
# DESC 'Kerberos REALM'
|
|
# EQUALITY caseExactMatch
|
|
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE)
|
|
#
|
|
#attributetype ( 1.3.6.1.4.1.10176.63 NAME 'univentionKerberosKDC'
|
|
# DESC 'Kerberos KDC Server'
|
|
# EQUALITY caseExactMatch
|
|
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE)
|
|
#
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.64 NAME 'univentionWindowsReinstall'
|
|
DESC 'schedule host to be reinstalled'
|
|
EQUALITY caseExactMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.65 NAME 'univentionServerReinstall'
|
|
DESC 'schedule host to be reinstalled'
|
|
EQUALITY caseExactMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.66 NAME 'univentionService'
|
|
DESC 'server services'
|
|
EQUALITY caseExactMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
|
|
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.1000.11.1.1 NAME 'univentionServerInstallationProfile'
|
|
DESC 'Path of profile file. Must be present on installation server.'
|
|
EQUALITY caseExactMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.1000.11.1.3 NAME 'univentionServerInstallationText'
|
|
DESC 'Use text installation'
|
|
EQUALITY caseExactMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.1000.11.1.6 NAME 'univentionServerInstallationOption'
|
|
DESC 'Set boot option for unattended installation'
|
|
EQUALITY caseExactMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.1000.11.1.4 NAME 'univentionServerInstallationPath'
|
|
DESC 'Installation Path'
|
|
EQUALITY caseExactMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.1000.11.1.2 NAME 'univentionNetworkLink'
|
|
DESC 'Path of network'
|
|
EQUALITY caseExactMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.1000.11.1.5 NAME 'univentionInventoryNumber'
|
|
DESC 'Inventory number'
|
|
EQUALITY caseIgnoreMatch
|
|
SUBSTR caseIgnoreSubstringsMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.1000.11.1.7 NAME 'univentionOperatingSystem'
|
|
DESC 'Operating System'
|
|
EQUALITY caseIgnoreMatch
|
|
SUBSTR caseIgnoreSubstringsMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.1000.11.1.8 NAME 'univentionOperatingSystemVersion'
|
|
DESC 'Operating System version'
|
|
EQUALITY caseIgnoreMatch
|
|
SUBSTR caseIgnoreSubstringsMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
|
|
|
|
objectclass ( 1.3.6.1.4.1.10176.70 NAME 'univentionHost'
|
|
SUP top AUXILIARY
|
|
DESC 'Univention host'
|
|
MUST ( cn )
|
|
MAY ( macAddress $ aRecord $ aAAARecord $ mXRecord $ cNAMERecord $ associatedDomain $ univentionNetworkLink $ univentionInventoryNumber $ univentionOperatingSystem $ univentionOperatingSystemVersion))
|
|
|
|
objectclass ( 1.3.6.1.4.1.10176.71 NAME 'univentionClient'
|
|
SUP 'univentionHost' AUXILIARY
|
|
DESC 'Univention client'
|
|
MUST ( cn )
|
|
MAY ( univentionServerReinstall $ univentionServerInstallationProfile $ univentionServerInstallationText $ univentionServerInstallationPath $ univentionServerInstallationOption) )
|
|
|
|
objectclass ( 1.3.6.1.4.1.10176.99 NAME 'univentionMacOSClient'
|
|
SUP 'univentionHost' AUXILIARY
|
|
DESC 'Univention MacOS X Client'
|
|
MUST ( cn ) )
|
|
|
|
objectclass ( 1.3.6.1.4.1.10176.96 NAME 'univentionMobileClient'
|
|
SUP 'univentionHost' AUXILIARY
|
|
DESC 'Univention mobile client'
|
|
MUST ( cn )
|
|
MAY ( univentionServerReinstall $ univentionServerInstallationProfile $ univentionServerInstallationText $ univentionServerInstallationPath $ univentionServerInstallationOption) )
|
|
|
|
objectclass ( 1.3.6.1.4.1.10176.72 NAME 'univentionThinClient'
|
|
SUP 'univentionHost' AUXILIARY
|
|
DESC 'Univention thin client'
|
|
MUST ( cn ) )
|
|
|
|
objectclass ( 1.3.6.1.4.1.10176.73 NAME 'univentionWindows'
|
|
SUP 'univentionHost' AUXILIARY
|
|
DESC 'Univention windows host'
|
|
MUST ( cn )
|
|
MAY ( univentionServerRole $ univentionWindowsReinstall ) )
|
|
|
|
objectclass ( 1.3.6.1.4.1.10176.74 NAME 'univentionMemberServer'
|
|
SUP 'univentionHost' AUXILIARY
|
|
DESC 'Univention member server'
|
|
MUST ( cn )
|
|
MAY ( univentionServerRole $ univentionService $ univentionServerReinstall $ univentionServerInstallationProfile $ univentionServerInstallationText $ univentionServerInstallationPath $ univentionServerInstallationOption) )
|
|
|
|
objectclass ( 1.3.6.1.4.1.10176.75 NAME 'univentionDomainController'
|
|
SUP 'univentionHost' AUXILIARY
|
|
DESC 'Univention domain controller'
|
|
MUST ( cn )
|
|
MAY ( univentionServerRole $ univentionService $ univentionServerReinstall $ univentionServerInstallationProfile $ univentionServerInstallationText $ univentionServerInstallationPath $ univentionServerInstallationOption) )
|
|
|
|
objectclass ( 1.3.6.1.4.1.10176.76 NAME 'univentionUbuntuClient'
|
|
SUP 'univentionHost' AUXILIARY
|
|
DESC 'Univention Ubuntu client'
|
|
MUST ( cn ) )
|
|
|
|
objectclass ( 1.3.6.1.4.1.10176.77 NAME 'univentionLinuxClient'
|
|
SUP 'univentionHost' AUXILIARY
|
|
DESC 'Univention Linux client'
|
|
MUST ( cn ) )
|
|
|
|
objectclass ( 1.3.6.1.4.1.10176.78 NAME 'univentionDomain'
|
|
SUP ('domain' $ 'sambaDomain') STRUCTURAL
|
|
DESC 'Additional univention-vars for Groups' )
|
|
|
|
objectclass ( 1.3.6.1.4.1.10176.79 NAME 'univentionBase'
|
|
SUP 'top' AUXILIARY
|
|
DESC 'Additional univention-vars for Groups' )
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.81 NAME 'prohibitedUsername'
|
|
DESC 'Illegal usernames '
|
|
EQUALITY caseIgnoreMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
|
|
|
|
objectclass ( 1.3.6.1.4.1.10176.80 NAME 'univentionProhibitedUsernames'
|
|
MUST ( cn )
|
|
MAY ( prohibitedUsername )
|
|
DESC 'List of prohibited usernames' )
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.83 NAME 'printerModel'
|
|
DESC 'Printer Model '
|
|
EQUALITY caseIgnoreMatch
|
|
SUBSTR caseIgnoreSubstringsMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
|
|
|
|
objectclass ( 1.3.6.1.4.1.10176.82 NAME 'univentionPrinterModels'
|
|
MUST ( cn )
|
|
MAY ( printerModel )
|
|
DESC 'Printer Model List' )
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.1000.300.1.1 NAME 'univentionPackageDefinition'
|
|
DESC 'Packages '
|
|
EQUALITY caseExactMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
|
|
|
|
objectclass ( 1.3.6.1.4.1.10176.1000.300.2.1 NAME 'univentionPackageList'
|
|
MUST ( cn )
|
|
DESC 'Package List '
|
|
MAY ( univentionPackageDefinition))
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.1000.301.1.1 NAME 'printerURI'
|
|
DESC 'Printer URI '
|
|
EQUALITY caseIgnoreMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
|
|
|
|
objectclass ( 1.3.6.1.4.1.10176.1000.301.2.1 NAME 'univentionPrinterURIs'
|
|
MUST ( cn )
|
|
MAY ( printerURI )
|
|
DESC 'Printer URI List' )
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.1000.302.1.1 NAME 'univentionSambaPasswordHistory'
|
|
DESC 'Samba Password History '
|
|
EQUALITY integerMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.1000.302.1.2 NAME 'univentionSambaMinPasswordLength'
|
|
DESC 'Samba Password Length '
|
|
EQUALITY integerMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.1000.302.1.3 NAME 'univentionSambaMinPasswordAge'
|
|
DESC 'Samba Minimum Password Age '
|
|
EQUALITY integerMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.1000.302.1.4 NAME 'univentionSambaBadLockoutAttempts'
|
|
DESC 'Samba Bad Lockout Attempts '
|
|
EQUALITY integerMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.1000.302.1.5 NAME 'univentionSambaLogonToChangePW'
|
|
DESC 'Samba User must logon to change password'
|
|
EQUALITY integerMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.1000.302.1.6 NAME 'univentionSambaMaxPasswordAge'
|
|
DESC 'Samba Maximum Password Age'
|
|
EQUALITY integerMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.1000.302.1.7 NAME 'univentionSambaLockoutDuration'
|
|
DESC 'Samba Lockout Duration'
|
|
EQUALITY integerMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.1000.302.1.8 NAME 'univentionSambaResetCountMinutes'
|
|
DESC 'Samba Reset Count Minutes'
|
|
EQUALITY integerMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.1000.302.1.9 NAME 'univentionSambaDisconnectTime'
|
|
DESC 'Samba Disconnect Time'
|
|
EQUALITY integerMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.1000.302.1.10 NAME 'univentionSambaRefuseMachinePWChange'
|
|
DESC 'Samba Refuse Machine Password Change'
|
|
EQUALITY integerMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
|
|
|
objectclass ( 1.3.6.1.4.1.10176.1000.302.2.1 NAME 'univentionSambaConfig'
|
|
MUST ( cn )
|
|
MAY ( univentionSambaPasswordHistory $
|
|
univentionSambaMinPasswordLength $
|
|
univentionSambaMinPasswordAge $
|
|
univentionSambaBadLockoutAttempts $
|
|
univentionSambaLogonToChangePW $
|
|
univentionSambaMaxPasswordAge $
|
|
univentionSambaLockoutDuration $
|
|
univentionSambaResetCountMinutes $
|
|
univentionSambaDisconnectTime $
|
|
univentionSambaRefuseMachinePWChange )
|
|
DESC 'Univention Samba LDAP Extensions' )
|
|
|
|
objectclass ( 1.3.6.1.4.1.10176.1000.303.2.1 NAME 'univentionServiceObject'
|
|
MUST ( cn )
|
|
DESC 'Univention Service Object' )
|
|
|
|
|
|
# operations for univention console
|
|
attributetype ( 1.3.6.1.4.1.10176.1000.304.1.1 NAME 'univentionConsoleOperation'
|
|
DESC 'Univention Console command'
|
|
EQUALITY caseExactMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
|
|
|
|
objectclass ( 1.3.6.1.4.1.10176.1000.304.2.1 NAME 'univentionConsoleOperations'
|
|
MUST ( cn )
|
|
MAY ( description $ univentionConsoleOperation )
|
|
DESC 'Univention Console commands' )
|
|
|
|
# ACLs for univention console
|
|
attributetype ( 1.3.6.1.4.1.10176.1000.305.1.1 NAME 'univentionConsoleACLCategory'
|
|
DESC 'Univention Console ACL category'
|
|
EQUALITY caseExactMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.1000.305.1.2 NAME 'univentionConsoleACLHost'
|
|
DESC 'Univention Console ACL host or host group'
|
|
EQUALITY caseExactMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.1000.305.1.3 NAME 'univentionConsoleACLBase'
|
|
DESC 'Univention Console ldap base to find the hosts'
|
|
EQUALITY caseExactMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.1000.305.1.4 NAME 'univentionConsoleACLCommand'
|
|
DESC 'Univention Console ACL command'
|
|
EQUALITY caseExactMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
|
|
|
|
objectclass ( 1.3.6.1.4.1.10176.1000.305.2.1 NAME 'univentionConsoleACL'
|
|
MUST ( cn )
|
|
MAY ( description $ univentionConsoleACLCategory $ univentionConsoleACLHost $ univentionConsoleACLBase $ univentionConsoleACLCommand )
|
|
DESC 'Univention Console commands' )
|
|
|
|
objectclass ( 1.3.6.1.4.1.10176.1000.306.2.1 NAME 'univentionConsoleCategory'
|
|
MUST ( cn )
|
|
MAY ( description )
|
|
DESC 'Univention Console category' )
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.600 NAME 'univentionSambaPrivilegeList'
|
|
DESC 'Samba Privileges List'
|
|
EQUALITY caseIgnoreIA5Match
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} )
|
|
|
|
objectclass ( 1.3.6.1.4.1.10176.60 NAME 'univentionSambaPrivileges'
|
|
SUP top AUXILIARY
|
|
MAY ( univentionSambaPrivilegeList )
|
|
DESC 'Samba Privileges' )
|
|
|
|
# new UMC operation object (UCS 3.0)
|
|
attributetype ( 1.3.6.1.4.1.10176.1000.310.1.1
|
|
NAME 'umcOperationSetCommand'
|
|
DESC 'List of UMC command names and patterns'
|
|
EQUALITY caseExactMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.1000.310.1.2
|
|
NAME 'umcOperationSetFlavor'
|
|
DESC 'Flavor of the UMC module'
|
|
EQUALITY caseExactMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.1000.310.1.3
|
|
NAME 'umcOperationSetHost'
|
|
DESC 'List of host or host group'
|
|
EQUALITY caseExactMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
|
|
|
|
attributetype ( 1.3.6.1.4.1.10176.1000.310.1.4
|
|
NAME 'umcOperationSetBase'
|
|
DESC 'LDAP base used for finding hosts'
|
|
EQUALITY caseExactMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
|
|
|
|
objectclass ( 1.3.6.1.4.1.10176.1000.310.2.1
|
|
NAME 'umcOperationSet'
|
|
DESC 'Defines a set of UMC operations'
|
|
MUST ( cn $ description )
|
|
MAY ( umcOperationSetCommand $ umcOperationSetFlavor $ umcOperationSetHost $ umcOperationSetBase ) )
|