Versions Compared

Old Version 18

changes.mady.by.user Emmanuel Lécharny

Saved on

compared with

New Version Current

changes.mady.by.user Emmanuel Lécharny

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3
Note
titleWork in progress

This site is in the process of being reviewed and updated.

Table of Contents
indent20px
typelist

Introduction

We want to store the schema into ADS as any other entries. We have to define the minimum set of ObjectClasses an AttributeTypes needed to be able to bootstrap the schema.

...

Note

The new Syntaxes will use the OIDs OIDs  1.3.6.1.4.1.18060.10.14.0.10.N
The new MatchingRules will use the OIDs 1.3.6.1.4.1.18060.10.14.0.21.N
The new AttributesType will use the OIDs 1.3.6.1.4.1.18060.10.14.0.32.N
The new ObjectClasses will use the OIDs 1.3.6.1.4.1.18060.10.14.0.43.N
Here, the prefix The new DITStructureRules will use the OIDs 1.3.6.1.4.1.18060 is the one declared to IANA to represent the Apache Foundation and the next 1.1 values are used specifically for Apache Directory.

Elements of the Meta-Schema

Syntaxes

We must define the minimum set of syntaxes.

Those are following the following grammar (from RFC 4512 ) :

.0.4.0.4.N
The new NameForms will use the OIDs 1.3.6.1.4.1.18060.0.4.0.5.N

We will use OIDs  1.3.6.1.4.1.18060.1.1.0.0.N for Meta objects.

Here, the prefix 1.3.6.1.4.1.18060 is the one declared to IANA to represent the Apache Foundation and the next 1.1 values are used specifically for Apache Directory.

Elements of the Meta-Schema

The MetaSchema will be presented in MetaSchema schema, but before, we must define some elements in this page.

Syntaxes

We must define the minimum set of syntaxes.

Those are following the following grammar (from RFC 4512 ) :

No Format

<SyntaxDescription> ::=
    <LPAREN> <WSP>
Code Block

<SyntaxDescription> ::=
    <LPAREN> <WSP>
         <numericoid>
         ( <SP> "DESC" <SP> <qdstring> )?
         <extensions><numericoid>
 <WSP>
    <RPAREN>

Only one is already defined: in http://www.rfc-archive.org/getrfc.php?rfc=4517

Code Block

3.3.3.  Boolean

  ( A<SP> value"DESC" of<SP> the<qdstring> Boolean)?
 syntax is one of the Boolean values, true or
<extensions> <WSP>
    <RPAREN>

34 of them are defined in  RFC 4517. For instance, here the definition of Boolean syntax :

No Format

3.3.3  false.  The LDAP-specific encoding of aBoolean

   A value of the thisBoolean syntax is
 one of definedthe byBoolean thevalues, followingtrue ABNF:or

   false.  The LDAP-specific encoding of a value of this syntax is
   defined by the following ABNF:

      Boolean = "TRUE" / "FALSE"

   The LDAP definition for the Boolean syntax is:

      ( 1.3.6.1.4.1.1466.115.121.1.7 DESC 'Boolean' )

   This syntax corresponds to the BOOLEAN ASN.1 type from [ASN.1].

They Here are the new one we need to implement the MetaSchema, described in the following table :

Desc

OID

Extensions

rules

NameOrOid objectClassType

1.3.6.1.4.1.18060.10.14.0.10.1

-

Should be one of those 3 strings :

  • ABSTRACT
  • STRUCTURAL
  • AUXILIARY

numericOid

Must be a valid Name or a valid OID

Type

1.3.6.1.4.1.18060.10.14.0.10.2

-

Must be a valid numeric OID

attributeTypeUsage

Should be one of those 3 strings :

  • ABSTRACT
  • STRUCTURAL
  • AUXILIARY

Usage

1.3.6.1.4.1.18060.10.14.0.10.4 3

-

Should be one of those 4 strings :

  • userApplications
  • directoryOperation
  • distributedOperation
  • dSAOperation

MatchingRules

The Matching rules are deifned in RFC 4512 :

number

1.3.6.1.4.1.18060.0.4.0.0.4

-

Must be a number

oidLen

1.3.6.1.4.1.18060.0.4.0.0.5

-

Must be a valid numeric oid followed
by a length constraint

objectName

1.3.6.1.4.1.18060.0.4.0.0.6

-

Must be a valid name a-zA-Z(a-zA-Z0-9-;)*

MatchingRules

The Matching rules are defined in RFC 4512 :

No Format

<MatchingRuleDescription> ::= <LPAREN> <WSP>
         <numericoid> <MRParameters>
         <SP> "SYNTAX" <SP> <numericoid>
         <extensions> <WSP> <RPAREN>

<MRParameters> ::=
    ( <SP> "NAME" <SP> <qdstrings> |
    <SP>
Code Block

<MatchingRuleDescription> ::= <LPAREN> <WSP>
         <numericoid> <MRParameters>
         <SP> "SYNTAX" <SP> <numericoid>
         <extensions> <WSP> <RPAREN>

<MRParameters> ::=
    ( <SP> "NAME" <SP> <qdstrings> |
    <SP> "DESC" <SP> <qdstring> |
    <SP> "OBSOLETE" )+

...

Name

OID

Desc

Obsolete

Syntax

Extensions

OidMatch BooleanMatch

1.3.6.1.4.1.18060.1.1.0.2.1

Match an OID

no

OID

-

BooleanMatch

1.3.6.1.4.1.18060.1.1.0.2.2

Match a Boolean

no

Boolean

-

NameOrOidMatch

1.3.6.1.4.1.18060.1.1.0.2.2 3

Match a name or an OID

no

NameOrOid

-

TypeMatch

1.3.6.1.4.1.18060.1.1.0.2.3 4

Match a type of ObjectClass

no

Type

-

UsageMatch

1.3.6.1.4.1.18060.1.1.0.2.4 5

Match an attributeType Usage

no

Usage

-

...

The ObjectClass element is described in RFC 4512 :

Code Blocknoformat
<ObjectClassDescription> ::=
          <LPAREN> <SP> <numericoid> <ocparameters> <extensions> <WSP> <RPAREN>

// Each parameters should not be seen more than once
<ocparameters>  ::=
    ( <SP> "NAME" <SP> <qdescrs>
    | <SP> "DESC" <SP> <qdstring>
    | <SP> "OBSOLETE"
    | <SP> "SUP" <SP> <oids>
    | <SP> ( "ABSTRACT" | "STRUCTURAL" | "AUXILIARY" )
    | <SP> "MUST" <SP> <oids>
    | <SP> "MAY" <SP> <oids> )+

Here we have some elements which are already in the schema :

Code Blocknoformat
attributetype ( 2.5.4.0
	NAME 'objectClass'
	DESC 'RFC2256: object classes of the entity'
	EQUALITY objectIdentifierMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.38
 )
Code Blocknoformat
attributetype ( 2.5.4.13
	NAME 'description'
	DESC 'RFC2256: descriptive information'
	EQUALITY caseIgnoreMatch
	SUBSTR caseIgnoreSubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024}
 )
Code Blocknoformat
attributetype ( 2.5.4.41
	NAME 'name'
	DESC 'RFC2256: common supertype of name attributes'
	EQUALITY caseIgnoreMatch
	SUBSTR caseIgnoreSubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768}
 )

...

Name

OID

Desc

Sup

Equality

Ordering

Substr

Syntax

SingleValue

Collective

NoUserModification

Usage

m-oid

obsolete

1.3.6.1.4.1.18060.10.14.0.32.1

The type is obsolete Object Identifier

-

OidMatch BooleanMatch

-

-

Boolean OID

yes

-

yes

dSAOperation

sup

m-name

1.3.6.1.4.1.18060.10.14.0.32.2

The list of superiors Object name

-

NameOrOidMatch caseIgnoreMatch

-

-

caseIgnoreSubstringsMatch

objectName {32768} NameOrOid

no

-

yes

dSAOperation

must

m-description

1.3.6.1.4.1.18060.10.14.0.32.3

The list of mandatory ATs object description

-

NameOrOidMatch caseIgnoreMatch

-

-

NameOrOid

no

-

yes

dSAOperation

may

caseIgnoreSubstringsMatch

1.3.6.1.4.1.180601466.115.1121.1.0.3.4 15{1024}

yes The list of authorized ATs

-

NameOrOidMatch

-

-

NameOrOid

no

m-obsolete

-

yes

dSAOperation

type

1.3.6.1.4.1.18060.10.14.0.32.5 4

The ObjectClass type is obsolete

-

TypeMatch BooleanMatch

-

-

Type Boolean

yes

-

yes

dSAOperation

AttributeType

The AttributeType element is described in RFC 4512 :

m-supObjectClass

1.3.6.1.4.1.18060.0.4.0.2.5

The list of superiors

-

NameOrOidMatch

-

-

NameOrOid

no

-

m-must

1.3.6.1.4.1.18060.0.4.0.2.6

The list of mandatory ATs

-

NameOrOidMatch

-

-

NameOrOid

no

-

m-may

1.3.6.1.4.1.18060.0.4.0.2.7

The list of authorized ATs

-

NameOrOidMatch

-

-

NameOrOid

no

-

m-typeObjectClass

1.3.6.1.4.1.18060.0.4.0.2.8

The ObjectClass type

-

TypeObjectClassMatch

-

-

TypeObjectClass

yes

-

m-extensionObjectClass

1.3.6.1.4.1.18060.0.4.0.2.9

An objectclass
extension

-

caseIgnoreMatch

-

-

1.3.6.1.4.1.1466.115.121.1.15{32768}

no

-

AttributeType

The AttributeType element is described in RFC 4512 :

No Format

<AttributeTypeDescription> = <LPAREN> <WSP> <numericoid> <atparameters> <extensions> <WSP> <RPAREN>

// Each parameters should not be seen more than once
<atparameters>  ::=
    (<SP> "NAME" <SP> <qdescrs>
Code Block

<AttributeTypeDescription> = <LPAREN> <WSP> <numericoid> <atparameters> <extensions> <WSP> <RPAREN>

// Each parameters should not be seen more than once
<atparameters>  ::=
    (<SP> "NAME" <SP> <qdescrs>
    | <SP> "DESC" <SP> qdstring
    | <SP> "OBSOLETE"
    | <SP> "SUP" <SP> <oid>
    | <SP> "EQUALITY" <SP> <oid>
    | <SP> "ORDERING" <SP> <oid>
    | <SP> "SUBSTR" <SP> <oid>
    | <SP> "SYNTAX" <SP> <noidlen>
    | <SP> "SINGLE-VALUE"
    | <SP> "COLLECTIVE"
    | <SP> "NO-USER-MODIFICATION"
    | <SP> "USAGEDESC" <SP> <usage>)+

Here we have some elements which are already in the schema :

Code Block

attributetype ( 2.5.4.13
	NAME 'description'
	DESC 'RFC2256: descriptive information'
	EQUALITY caseIgnoreMatch
	SUBSTR caseIgnoreSubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024}
 )
Code Block

attributetype ( 2.5.4.41
	NAME 'name'
	DESC 'RFC2256: common supertype of name attributes'
	EQUALITY caseIgnoreMatch
	SUBSTR caseIgnoreSubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768}
 )

The other ones must be defined. Here is a table grouping all the missing elements :

...

Name

...

OID

...

Desc

...

Sup

...

Equality

...

Ordering

...

Substr

...

Syntax

...

SingleValue

...

Collective

...

NoUserModification

...

Usage

...

obsolete 

qdstring
    | <SP> "OBSOLETE"
    | <SP> "SUP" <SP> <oid>
    | <SP> "EQUALITY" <SP> <oid>
    | <SP> "ORDERING" <SP> <oid>
    | <SP> "SUBSTR" <SP> <oid>
    | <SP> "SYNTAX" <SP> <noidlen>
    | <SP> "SINGLE-VALUE"
    | <SP> "COLLECTIVE"
    | <SP> "NO-USER-MODIFICATION"
    | <SP> "USAGE" <SP> <usage>)+

Here we have some elements which are already in the schema :

No Format

attributetype ( 2.5.4.13
	NAME 'description'
	DESC 'RFC2256: descriptive information'
	EQUALITY caseIgnoreMatch
	SUBSTR caseIgnoreSubstringsMatch
	SYNTAX 1.3.6.1.4.1.

...

1466.115.

...

121.1.

...

The type is obsolete

...

-

...

BooleanMatch

...

-

...

-

...

Boolean

...

yes

...

-

...

yes

...

dSAOperation 

15{1024}
 )
No Format

attributetype ( 2.5.4.41
	NAME 'name'
	DESC 'RFC2256: common supertype of name attributes'
	EQUALITY caseIgnoreMatch
	SUBSTR caseIgnoreSubstringsMatch
	SYNTAX

...

sup

...

1.3.6.1.4.1.18060.1.1.0.3.7

...

The list of superior

...

-

...

nameOrOidMatch

...

-

...

-

...

NameOrOid

...

yes

...

-

...

yes

...

dSAOperation

...

equality 

1.3.6.1.4.1.1466.

...

115.

...

121.1.15{32768}
 )

The other ones must be defined. Here is a table grouping all the missing elements :

0.3.8

Name

OID

Desc

Sup

Equality

Ordering

Substr

Syntax

SingleValue

Collective

m-supAttributeType

Equality matching rule

-

nameOrOidMatch

-

-

NameOrOid

yes

-

yes

dSAOperation

ordering

1.3.6.1.4.1.18060.10.14.0.32.9 10

The list of superior Ordering matching rule

-

nameOrOidMatch

-

-

NameOrOid

yes

-

m-equality

yes

dSAOperation

substr

1.3.6.1.4.1.18060.10.14.0.32.10 11

Substring Equality matching rule

-

nameOrOidMatch

-

-

NameOrOid

yes

-

yes

dSAOperation

syntax

m-ordering

1.3.6.1.4.1.18060.10.14.0.32.11 12

Ordering matching rule The attribute syntax

-

nameOrOidMatch

-

-

NameOrOid

yes

-

yes

dSAOperation

single-value m-substr

1.3.6.1.4.1.18060.10.14.0.32.12 13

Substring matching rule The attribute is single valued

-

BooleanMatch nameOrOidMatch

-

-

Boolean NameOrOid

yes

-

yes

dSAOperation

collective

m-syntax

1.3.6.1.4.1.18060.10.14.0.32.13 14

The attribute is collective syntax

-

BooleanMatch nameOrOidMatch

-

-

Boolean NameOrOid

yes

-

yes

dSAOperation

no-user-modification m-singleValue

1.3.6.1.4.1.18060.10.14.0.32.14 15

The attribute is protected single valued

-

BooleanMatch

-

-

Boolean

yes

-

yes

dSAOperation

usage m-collective

1.3.6.1.4.1.18060.10.14.0.32.15 16

The attribute is collective Type of operation

-

UsageMatch BooleanMatch

-

-

Usage Boolean

yes

-

yes

dSAOperation

Ordering is useless, so is Substr.

Description of CORE.SCHEMA

We now can define the schemas, using this meta schema

system

ObjectClass top

Section
Column
width50%

RFC 4512

Code Block

objectclass ( 2.5.6.0
    NAME 'top'
    DESC 'top of the superclass chain'
    ABSTRACT
    MUST objectClass
)
Column
width50%

Using MetaSchema

top is a very special ObjectClass, as it is the only one which can't be described with the MetaSchema, because top can't depend on itself because it can't exist before being created ! top will be hard wired in the server. Here is the LDIF file which could be used if we were to include it into the server :

Code Block

dn: name=top,cn=metaSchema
objectclass: metaObjectClass
name: top
desc: top of the superclass chain
type: ABSTRACT
must: objectClass

ObjectClass alias

Section
Column
width50%

RFC 4512

Code Block

objectclass ( 2.5.6.1
    NAME 'alias'
    DESC 'RFC2256: an alias'
    SUP top
    STRUCTURAL
    MUST aliasedObjectName
)
Column
width50%

Using MetaSchema

Code Block

dn: name=alias,cn=schema
objectclass: top
name: alias
desc: RFC2256: an alias
sup: top
type: STRUCTURAL
must: aliasedObjectName

core

ObjectClass country

Section
Column
width50%

RFC 4512

Code Block

objectclass ( 2.5.6.2
    NAME 'country'
    DESC 'RFC2256: a country'
    SUP top
    STRUCTURAL
    MUST c
    MAY ( searchGuide $ description )
 )
Column
width50%

Using MetaSchema

Code Block

dn: name=country,dc=core,cn=schema
objectclass: top
name: country
desc: RFC2256: a country
sup: top
type: STRUCTURAL
must: c
may: searchGuide
may: description

ObjectClass locality

Section
Column
width50%

RFC 4512

Code Block

objectclass ( 2.5.6.3
    NAME 'locality'
    DESC 'RFC2256: a locality'
    SUP top
    STRUCTURAL
    MAY ( street $ seeAlso $ searchGuide $ st $ l $ description )
)
Column
width50%

Using MetaSchema

Code Block

dn: name=locality,dc=core,cn=schema
objectclass: top
name: locality
desc: RFC2256: a locality
sup: top
type: STRUCTURAL
may: street
may: seeAlso
may: searchGuide
may: st
may: l
may: description

ObjectClass organization

Section
Column
width50%

RFC 4512

Code Block

objectclass ( 2.5.6.4
    NAME 'organization'
    DESC 'RFC2256: an organization'
    SUP top
    STRUCTURAL
    MUST o
    MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ x121Address $ registeredAddress $ destinationIndicator $ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName $ st $ l $ description )
)
Column
width50%

Using MetaSchema

Code Block

dn: name=organization,dc=core,cn=schema
objectclass: top
name: organization
desc: RFC2256: an organization
sup: top
type: STRUCTURAL
must: o
may: userPassword
may: searchGuide
may: seeAlso
may: businessCategory
may: x121Address
may: registeredAddress
may: destinationIndicator
may: preferredDeliveryMethod
may: telexNumber
may: teletexTerminalIdentifier
may: telephoneNumber
may: internationaliSDNNumber
may: facsimileTelephoneNumber
may: street
may: postOfficeBox
may: postalCode
may: postalAddress
may: physicalDeliveryOfficeName
may: st
may: l
may: description

ObjectClass organizationalUnit

Section
Column
width50%

RFC 4512

Code Block

objectclass ( 2.5.6.5
    NAME 'organizationalUnit'
    DESC 'RFC2256: an organizational unit'
    SUP top
    STRUCTURAL
    MUST ou
    MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ x121Address $ registeredAddress $ destinationIndicator $ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName $ st $ l $ description )
)
Column
width50%

Using MetaSchema

Code Block

dn: name=organizationalUnit,dc=core,cn=schema
objectclass: top
name: organizationalUnit
desc: RFC2256: an organizational unit
sup: top
type: STRUCTURAL
must: ou
may: userPassword 
may: searchGuide 
may: seeAlso 
may: businessCategory
may: x121Address
may: registeredAddress 
may: destinationIndicator
may: preferredDeliveryMethod
may: telexNumber
may: teletexTerminalIdentifier
may: telephoneNumber
may: internationaliSDNNumber
may: facsimileTelephoneNumber
may: street
may: postOfficeBox
may: postalCode
may: postalAddress
may: physicalDeliveryOfficeName
may: st
may: l
may: description

ObjectClass

...

width50%

RFC 4512

...

Column
width50%

Using MetaSchema

Code Block

dn: name=,dc=core,cn=schema
objectclass: top
name:
desc:
sup: top
type:
may:

ObjectClass

...

width50%

RFC 4512

...

Column
width50%

Using MetaSchema

Code Block

dn: name=,dc=core,cn=schema
objectclass: top
name:
desc:
sup: top
type:
may:

ObjectClass

...

width50%

RFC 4512

...

Column
width50%

Using MetaSchema

Code Block

dn: name=,dc=core,cn=schema
objectclass: top
name:
desc:
sup: top
type:
may:

ObjectClass

...

width50%

RFC 4512

...

Column
width50%

Using MetaSchema

Code Block

dn: name=,dc=core,cn=schema
objectclass: top
name:
desc:
sup: top
type:
may:

ObjectClass

...

width50%

RFC 4512

...

Column
width50%

Using MetaSchema

Code Block

dn: name=,dc=core,cn=schema
objectclass: top
name:
desc:
sup: top
type:
may:

ObjectClass

...

width50%

RFC 4512

...

Column
width50%

Using MetaSchema

Code Block

dn: name=,dc=core,cn=schema
objectclass: top
name:
desc:
sup: top
type:
may:

ObjectClass

...

width50%

RFC 4512

...

width50%

Using MetaSchema

...

m-noUserModification

1.3.6.1.4.1.18060.0.4.0.2.17

The attribute is protected

-

BooleanMatch

-

-

Boolean

yes

-

m-usage

1.3.6.1.4.1.18060.0.4.0.2.18

Type of operation

-

UsageMatch

-

-

Usage

yes

-

m-extensionAttribyteType

1.3.6.1.4.1.18060.0.4.0.2.19

Extension for attributeType

-

caseIgnoreMatch

-

-

1.3.6.1.4.1.1466.115.121.1.15{32768}

no

-

Ordering is useless, so is Substr.

DITStructureRules

The DITStructureRule element is described in RFC 4512 :

No Format

<DITStructureRule> = <LPAREN> <WSP> <ruleid> <dsrparameters> <extensions> <WSP> <RPAREN>

// Each parameters should not be seen more than once
<dsrparameters>  ::=
    ( <SP> "NAME" <SP> <qdescrs>
    | <SP> "DESC" <SP> qdstring
    | <SP> "OBSOLETE"
    | <SP> "FORM" <SP> <oid>
    | <SP> "SUP" <SP> <ruleids>) +

The other ones must be defined. Here is a table grouping all the missing elements :

Name

OID

Desc

Sup

Equality

Ordering

Substr

Syntax

SingleValue

Collective

m-ruleId

1.3.6.1.4.1.18060.0.4.0.2.20

The rule ID

-

ruleIdMatch

-

-

RuleId

yes

-

m-form 

1.3.6.1.4.1.18060.0.4.0.2.21

The name form associated
with this DITStructure rule

-

oidMatch

-

-

RuleIds

yes

-

m-supDitStructureRule

1.3.6.1.4.1.18060.0.4.0.2.22

The list of superiors

-

ruleIdsMatch

-

-

Oid

no

-

m-extensionDITStructureRule

1.3.6.1.4.1.18060.0.4.0.2.23

Extensions for DITStructureRule

-

caseIgnoreMatch

-

-

1.3.6.1.4.1.1466.115.121.1.15{32768}

no

-

NameForms

The NameForm element is described in RFC 4512 :

No Format

<NameForm> = <LPAREN> <WSP> <numericOid> <nfParameters> <extensions> <WSP> <RPAREN>

// Each parameters should not be seen more than once
<nfParameters>  ::=
    ( <SP> "NAME" <SP> <qdescrs>
    | <SP> "DESC" <SP> qdstring
    | <SP> "OBSOLETE"
    | <SP> "OC" <SP> <oid>
    | <SP> "MUST" <SP> <oids>
    | <SP> "MAY" <SP> <oids> ) +

The other ones must be defined. Here is a table grouping all the missing elements :

Name

OID

Desc

Sup

Equality

Ordering

Substr

Syntax

SingleValue

Collective

m-oc

1.3.6.1.4.1.18060.0.4.0.2.24

The structural ObjectClass

-

numericOidMatch

-

-

Oid

yes

-

m-extensionNameForm

1.3.6.1.4.1.18060.0.4.0.2.25

Extensions for NameForm

-

caseIgnoreMatch

-

-

1.3.6.1.4.1.1466.115.121.1.15{32768}

no

-

DITContentRules

The DITContentRule element is described in RFC 4512 :

No Format

<DITContentRule> = <LPAREN> <WSP> <numericOid> <dcrParameters> <extensions> <WSP> <RPAREN>

// Each parameters should not be seen more than once
<dcrParameters>  ::=
    ( <SP> "NAME" <SP> <qdescrs>
    | <SP> "DESC" <SP> qdstring
    | <SP> "OBSOLETE"
    | <SP> "AUX" <SP> <oids>
    | <SP> "MUST" <SP> <oids>
    | <SP> "MAY" <SP> <oids>
    | <SP> "NOT" <SP> <oids> ) +

The other ones must be defined. Here is a table grouping all the missing elements :

Name

OID

Desc

Sup

Equality

Ordering

Substr

Syntax

SingleValue

Collective

m-aux

1.3.6.1.4.1.18060.0.4.0.2.26

List of auxiliary ObjectClasses

-

numericOidMatch

-

-

Oids

no

-

m-not

1.3.6.1.4.1.18060.0.4.0.2.27

List of precluded attribute types

-

numericOidMatch

-

-

Oids

no

-

m-extensionDITContentRule

1.3.6.1.4.1.18060.0.4.0.2.28

Extensions for DITContentRule

-

caseIgnoreMatch

-

-

1.3.6.1.4.1.1466.115.121.1.15{32768}

no

-

MatchingRuleUses

The MatchingRuleUse element is described in RFC 4512 :

No Format

<MatchingRuleUse> = <LPAREN> <WSP> <numericOid> <mruParameters> <extensions> <WSP> <RPAREN>

// Each parameters should not be seen more than once
<mruParameters>  ::=
    ( <SP> "NAME" <SP> <qdescrs>
    | <SP> "DESC" <SP> qdstring
    | <SP> "OBSOLETE"
    | <SP> "APPLIES" <SP> <oids> ) +

The other ones must be defined. Here is a table grouping all the missing elements :

Name

OID

Desc

Sup

Equality

Ordering

Substr

Syntax

SingleValue

Collective

m-applies

1.3.6.1.4.1.18060.0.4.0.2.29

List of attribute types the matching rule applies to

-

numericOidMatch

-

-

Oids

no

-

m-extensionMatchingRuleUse

1.3.6.1.4.1.18060.0.4.0.2.30

Extensions for DITContentRule

-

caseIgnoreMatch

-

-

1.3.6.1.4.1.1466.115.121.1.15{32768}

no

-

Description of currently existing schemas

All the current schemas objects are described with the new syntax in those pages :

Schema

ObjectClasses

AttributeTypes

apache

apache ObjectClasses

apache AttributeTypes

apachedns

apachedns ObjectClasses

apachedns AttributeTypes

autofs

autofs ObjectClasses

autofs AttributeTypes

collective

collective ObjectClasses

collective AttributeTypes

corba

corba ObjectClasses

corba AttributeTypes

core

core ObjectClasses

core AttributeTypes

cosine

cosine ObjectClasses

cosine AttributeTypes

dhcp

dhcp ObjectClasses

dhcp AttributeTypes

inetorgPerson

inetorgPerson ObjectClasses

inetorgPerson AttributeTypes

java

java ObjectClasses

java AttributeTypes

krb5kdc

krb5kdc ObjectClasses

krb5kdc AttributeTypes

misc

misc ObjectClasses

misc AttributeTypes

mozilla

mozilla ObjectClasses

mozilla AttributeTypes

nis

nis ObjectClasses

nis AttributeTypes

samba

samba ObjectClasses

samba AttributeTypes

system

system ObjectClasses

system AttributeTypes