Introduction
We want to store the schema into ADS as any other entries. We have to define the minimum set of ObjectClasses an AttributeTypes needed to be able to bootstrap the schema.
ObjectClasses
The ObjectClass element is described in RFC 4512 :
<ObjectClassDescription> ::= <LPAREN> <SP> <numericoid> <ocparameters> <extensions> <WSP> <RPAREN> // Each parameters should not be seen more than once <ocparameters> ::= ( <SP> "NAME" <SP> <qdescrs> | <SP> "DESC" <SP> <qdstring> | <SP> "OBSOLETE" | <SP> "SUP" <SP> <oids> | <SP> ( "ABSTRACT" | "STRUCTURAL" | "AUXILIARY" ) | <SP> "MUST" <SP> <oids> | <SP> "MAY" <SP> <oids> )+
Here we have some elements which are already in the schema :
attributetype ( 2.5.4.0 NAME 'objectClass' DESC 'RFC2256: object classes of the entity' EQUALITY objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
attributetype ( 2.5.4.13 NAME 'description' DESC 'RFC2256: descriptive information' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} )
attributetype ( 2.5.4.41 NAME 'name' DESC 'RFC2256: common supertype of name attributes' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
The other ones must be defined. Here is a table grouping all the missing elements :
Name |
OID |
Desc |
Sup |
Equality |
Ordering |
Substr |
Syntax |
SingleValue |
Collective |
NoUserModification |
Usage |
---|---|---|---|---|---|---|---|---|---|---|---|
obsolete |
2.5.4.70 |
- |
- |
BooleanMatch |
- |
- |
Boolean (1.3.6.1.4.1.1466.115.121.1.7) |
yes |
- |
yes |
dSAOperation |
sup |
2.5.4.71 |
The list of superior |
- |
caseIgnoreListMatch |
- |
- |
NameOrOids |
no |
- |
yes |
dSAOperation |
must |
2.5.4.71 |
The list of mandatory AT |
- |
caseIgnoreListMatch |
- |
- |
NameOrOids |
no |
- |
yes |
dSAOperation |
may |
2.5.4.71 |
The list of authorized AT |
- |
caseIgnoreListMatch |
- |
- |
NameOrOids |
no |
- |
yes |
dSAOperation |
type |
2.5.4.72 |
The ObjectClass type |
- |
caseIgnoreMatch |
- |
- |
Directory String (1.3.6.1.4.1.1466.115.121.1.15) |
yes |
- |
yes |
dSAOperation |
AttributeType
The AttributeType element is described in RFC 4512 :
<AttributeTypeDescription> = <LPAREN> <WSP> <numericoid> <atparameters> <extensions> <WSP> <RPAREN> // Each parameters should not be seen more than once <atparameters> ::= <SP> "NAME" <SP> <qdescrs> | <SP> "DESC" <SP> qdstring | <SP> "OBSOLETE" | <SP> "SUP" <SP> <oid> | <SP> "EQUALITY" <SP> <oid> | <SP> "ORDERING" <SP> <oid> | <SP> "SUBSTR" <SP> <oid> | <SP> "SYNTAX" <SP> <noidlen> | <SP> "SINGLE-VALUE" | <SP> "COLLECTIVE" | <SP> "NO-USER-MODIFICATION" | <SP> "USAGE" <SP> <usage>
Here we have some elements which are already in the schema :
attributetype ( 2.5.4.13 NAME 'description' DESC 'RFC2256: descriptive information' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} )
attributetype ( 2.5.4.41 NAME 'name' DESC 'RFC2256: common supertype of name attributes' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
The other ones must be defined. Here is a table grouping all the missing elements :
Name |
OID |
Desc |
Sup |
Equality |
Ordering |
Substr |
Syntax |
SingleValue |
Collective |
NoUserModification |
Usage |
---|---|---|---|---|---|---|---|---|---|---|---|
obsolete |
2.5.4.70 |
- |
- |
BooleanMatch |
- |
- |
Boolean (1.3.6.1.4.1.1466.115.121.1.7) |
yes |
- |
yes |
dSAOperation |
sup |
2.5.4.71 |
The list of superior |
- |
caseIgnoreListMatch |
- |
- |
NameOrOids |
no |
- |
yes |
dSAOperation |
equality |
2.5.4.73 |
Equality matching rule |
- |
- |
- |
yes |
- |
yes |
dSAOperation |
||
ordering |
2.5.4.74 |
Ordering matching rule |
- |
- |
- |
yes |
- |
yes |
dSAOperation |
||
substr |
2.5.4.75 |
- |
- |
- |
Directory String (1.3.6.1.4.1.1466.115.121.1.15) |
yes |
- |
yes |
dSAOperation |
||
syntax |
2.5.4.76 |
The syntax that must respect the attribute |
- |
- |
- |
Directory String (1.3.6.1.4.1.1466.115.121.1.15) |
yes |
- |
yes |
dSAOperation |
|
single-value |
2.5.4.77 |
The attribute is single valued |
- |
BooleanMatch |
- |
- |
Boolean (1.3.6.1.4.1.1466.115.121.1.7) |
yes |
- |
yes |
dSAOperation |
collective |
2.5.4.78 |
The attribute is collective |
- |
BooleanMatch |
- |
- |
Boolean (1.3.6.1.4.1.1466.115.121.1.7) |
yes |
- |
yes |
dSAOperation |
no-user-modification |
2.5.4.79 |
The attribute is protected |
- |
BooleanMatch |
- |
- |
Boolean (1.3.6.1.4.1.1466.115.121.1.7) |
yes |
- |
yes |
dSAOperation |
usage |
2.5.4.80 |
Type of operation |
- |
usageMatch |
- |
- |
Directory String (1.3.6.1.4.1.1466.115.121.1.15) |
yes |
- |
yes |
dSAOperation |