From 4f44efb40acce8023405cdc09f5e52346455ac98 Mon Sep 17 00:00:00 2001 From: Tomas Babej Date: Thu, 31 Jul 2014 11:57:53 +0200 Subject: idviews: Add necessary schema for the ID views --- install/share/60basev2.ldif | 4 +++- install/share/71idviews.ldif | 6 ++++++ install/share/Makefile.am | 1 + ipaserver/install/dsinstance.py | 1 + 4 files changed, 11 insertions(+), 1 deletion(-) create mode 100644 install/share/71idviews.ldif diff --git a/install/share/60basev2.ldif b/install/share/60basev2.ldif index 044acc413..00712ddda 100644 --- a/install/share/60basev2.ldif +++ b/install/share/60basev2.ldif @@ -12,8 +12,10 @@ attributeTypes: (2.16.840.1.113730.3.8.3.18 NAME 'managedBy' DESC 'DNs of entrie attributeTypes: (2.16.840.1.113730.3.8.3.24 NAME 'ipaEntitlementId' DESC 'Entitlement Unique identifier' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'IPA v2' ) # ipaKrbAuthzData added here. Even though it is a v3 attribute it is updating # a v2 objectClass so needs to be here. +# Same for the ipaAssignedIDView. attributeTypes: (2.16.840.1.113730.3.8.11.37 NAME 'ipaKrbAuthzData' DESC 'type of PAC preferred by a service' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'IPA v3' ) -objectClasses: (2.16.840.1.113730.3.8.4.1 NAME 'ipaHost' AUXILIARY MUST ( fqdn ) MAY ( userPassword $ ipaClientVersion $ enrolledBy $ memberOf $ userClass ) X-ORIGIN 'IPA v2' ) +attributeTypes: (2.16.840.1.113730.3.8.12.33 NAME 'ipaAssignedIDView' DESC 'DN of view assigned to this particular host' SUP distinguishedName EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE X-ORIGIN 'IPA v4' ) +objectClasses: (2.16.840.1.113730.3.8.4.1 NAME 'ipaHost' AUXILIARY MUST ( fqdn ) MAY ( userPassword $ ipaClientVersion $ enrolledBy $ memberOf $ userClass $ ipaAssignedIDView ) X-ORIGIN 'IPA v2' ) objectClasses: (2.16.840.1.113730.3.8.4.12 NAME 'ipaObject' DESC 'IPA objectclass' AUXILIARY MUST ( ipaUniqueID ) X-ORIGIN 'IPA v2' ) objectClasses: (2.16.840.1.113730.3.8.4.14 NAME 'ipaEntitlement' DESC 'IPA Entitlement object' AUXILIARY MUST ( ipaEntitlementId ) MAY ( userPKCS12 $ userCertificate ) X-ORIGIN 'IPA v2' ) objectClasses: (2.16.840.1.113730.3.8.4.15 NAME 'ipaPermission' DESC 'IPA Permission objectclass' AUXILIARY MAY ( ipaPermissionType ) X-ORIGIN 'IPA v2' ) diff --git a/install/share/71idviews.ldif b/install/share/71idviews.ldif new file mode 100644 index 000000000..c146be344 --- /dev/null +++ b/install/share/71idviews.ldif @@ -0,0 +1,6 @@ +dn: cn=schema +attributeTypes: (2.16.840.1.113730.3.8.11.62 NAME 'ipaAnchorUUID' DESC 'Unique Anchor Identifier' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'IPA v4') +objectClasses: (2.16.840.1.113730.3.8.12.29 NAME 'ipaIDView' SUP nsContainer STRUCTURAL MAY ( description ) X-ORIGIN 'IPA v4' ) +objectClasses: (2.16.840.1.113730.3.8.12.30 NAME 'ipaOverrideAnchor' SUP top STRUCTURAL MUST ( ipaAnchorUUID ) MAY ( description ) X-ORIGIN 'IPA v4' ) +objectClasses: (2.16.840.1.113730.3.8.12.31 NAME 'ipaUserOverride' DESC 'Override for User Attributes' SUP ipaOverrideAnchor STRUCTURAL MAY ( uid $ uidNumber $ gidNumber $ homeDirectory $ loginShell $ gecos ) X-ORIGIN 'IPA v4' ) +objectClasses: (2.16.840.1.113730.3.8.12.32 NAME 'ipaGroupOverride' DESC 'Override for Group Attributes' SUP ipaOverrideAnchor STRUCTURAL MAY ( gidNumber $ cn ) X-ORIGIN 'IPA v4' ) diff --git a/install/share/Makefile.am b/install/share/Makefile.am index 7d5b67a78..e72623ad7 100644 --- a/install/share/Makefile.am +++ b/install/share/Makefile.am @@ -19,6 +19,7 @@ app_DATA = \ 65ipacertstore.ldif \ 65ipasudo.ldif \ 70ipaotp.ldif \ + 71idviews.ldif \ anonymous-vlv.ldif \ bootstrap-template.ldif \ caJarSigningCert.cfg.template \ diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py index 0518dd0e0..88455cbac 100644 --- a/ipaserver/install/dsinstance.py +++ b/ipaserver/install/dsinstance.py @@ -62,6 +62,7 @@ IPA_SCHEMA_FILES = ("60kerberos.ldif", "65ipacertstore.ldif", "65ipasudo.ldif", "70ipaotp.ldif", + "71idviews.ldif", "15rfc2307bis.ldif", "15rfc4876.ldif") -- cgit