diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2009-08-10 10:38:51 -0400 |
|---|---|---|
| committer | Jason Gerard DeRose <jderose@redhat.com> | 2009-08-10 16:38:18 -0600 |
| commit | dbeb409ebd0396ce58102b118452c6e4c6802937 (patch) | |
| tree | e88d3bbe282ac3378b6b0935d57fc39f8ca21f9d /install/share/60ipaconfig.ldif | |
| parent | c0f558d98b46df6131b221b746e8dc54787225e7 (diff) | |
| download | freeipa-dbeb409ebd0396ce58102b118452c6e4c6802937.tar.gz freeipa-dbeb409ebd0396ce58102b118452c6e4c6802937.tar.xz freeipa-dbeb409ebd0396ce58102b118452c6e4c6802937.zip | |
Include schema for key escrow management
https://fedoraproject.org/wiki/Disk_encryption_key_escrow_in_IPA
Diffstat (limited to 'install/share/60ipaconfig.ldif')
| -rw-r--r-- | install/share/60ipaconfig.ldif | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/install/share/60ipaconfig.ldif b/install/share/60ipaconfig.ldif index f4edbcc97..b7eb9d7df 100644 --- a/install/share/60ipaconfig.ldif +++ b/install/share/60ipaconfig.ldif @@ -34,9 +34,12 @@ attributetypes: ( 2.16.840.1.113730.3.8.1.11 NAME 'ipaUserObjectClasses' SYNTAX # ipaGroupObjectClasses - required objectclasses for groups attributetypes: ( 2.16.840.1.113730.3.8.1.12 NAME 'ipaGroupObjectClasses' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) attributetypes: ( 2.16.840.1.113730.3.8.1.13 NAME 'ipaDefaultEmailDomain' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +attributeTypes: ( 2.16.840.1.113730.3.8.3.50 NAME 'ipaObsoleteEscrowPacketLifetime' DESC 'Number of days before an obsolete escrow packet is deleted (if a newer packet for the same volume is available)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE) +attributeTypes: (2.16.840.1.113730.3.8.3.51 NAME 'ipaEscrowKeyCertificate' DESC 'Certificate for encrypting escrow packets' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 SINGLE-VALUE) +attributeTypes: (2.16.840.1.113730.3.8.3.52 NAME 'ipaEscrowKey' DESC 'PKCS#12-formatted encrypted certificate and private key for encrypting escrow packets' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5) ############################################### ## ## ObjectClasses ## ## ipaGuiConfig - GUI config parameters objectclass -objectClasses: ( 2.16.840.1.113730.3.8.2.1 NAME 'ipaGuiConfig' AUXILIARY MAY ( ipaUserSearchFields $ ipaGroupSearchFields $ ipaSearchTimeLimit $ ipaSearchRecordsLimit $ ipaCustomFields $ ipaHomesRootDir $ ipaDefaultLoginShell $ ipaDefaultPrimaryGroup $ ipaMaxUsernameLength $ ipaPwdExpAdvNotify $ ipaUserObjectClasses $ ipaGroupObjectClasses $ ipaDefaultEmailDomain) ) +objectClasses: ( 2.16.840.1.113730.3.8.2.1 NAME 'ipaGuiConfig' AUXILIARY MAY ( ipaUserSearchFields $ ipaGroupSearchFields $ ipaSearchTimeLimit $ ipaSearchRecordsLimit $ ipaCustomFields $ ipaHomesRootDir $ ipaDefaultLoginShell $ ipaDefaultPrimaryGroup $ ipaMaxUsernameLength $ ipaPwdExpAdvNotify $ ipaUserObjectClasses $ ipaGroupObjectClasses $ ipaDefaultEmailDomain $ ipaObsoleteEscrowPacketLifetime $ ipaEscrowKeyCertificate $ ipaEscrowKey) ) |