From 586e2eaf6c02205ca6d335393bcebd8f29e345e7 Mon Sep 17 00:00:00 2001
From: Simo Sorce <ssorce@redhat.com>
Date: Mon, 15 Aug 2011 15:02:19 -0400
Subject: v3-schema: Add new ipaExternalGroup objectclass

This construct allows to have a group of ipaExternalMember attributes, that can
be nested in a normal ipa Group ('memberOf' is allowed).

It cannot contain normal ipa users/groups and cannot be nested with another
group of the same type ('member' is not allowed).
---
 install/share/60basev3.ldif     | 8 ++++++++
 install/share/Makefile.am       | 1 +
 ipaserver/install/dsinstance.py | 1 +
 3 files changed, 10 insertions(+)
 create mode 100644 install/share/60basev3.ldif

diff --git a/install/share/60basev3.ldif b/install/share/60basev3.ldif
new file mode 100644
index 000000000..bdeee4b66
--- /dev/null
+++ b/install/share/60basev3.ldif
@@ -0,0 +1,8 @@
+## IPA Base OID:	2.16.840.1.113730.3.8
+##
+## Attributes:		2.16.840.1.113730.3.8.11 - V2 base attributres
+## ObjectClasses:	2.16.840.1.113730.3.8.12 - V2 base objectclasses
+##
+dn: cn=schema
+attributeTypes: (2.16.840.1.113730.3.8.11.1 NAME 'ipaExternalMember' DESC 'External Group Member Identifier' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'IPA v3' )
+objectClasses: (2.16.840.1.113730.3.8.12.1 NAME 'ipaExternalGroup' SUP top STRUCTURAL MUST ( cn ) MAY ( ipaExternalMember $ memberOf $ description $ owner) X-ORIGIN 'IPA v3' )
diff --git a/install/share/Makefile.am b/install/share/Makefile.am
index ca6216afa..cab9e17b5 100644
--- a/install/share/Makefile.am
+++ b/install/share/Makefile.am
@@ -7,6 +7,7 @@ app_DATA =				\
 	60samba.ldif			\
 	60ipaconfig.ldif		\
 	60basev2.ldif			\
+	60basev3.ldif			\
 	60ipadns.ldif			\
 	60ipasudo.ldif			\
 	anonymous-vlv.ldif		\
diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py
index 6f6b57ed9..2ad692dc9 100644
--- a/ipaserver/install/dsinstance.py
+++ b/ipaserver/install/dsinstance.py
@@ -402,6 +402,7 @@ class DsInstance(service.Service):
                              "60samba.ldif",
                              "60ipaconfig.ldif",
                              "60basev2.ldif",
+                             "60basev3.ldif",
                              "60ipadns.ldif",
                              "60ipasudo.ldif"):
             target_fname = schema_dirname(self.serverid) + schema_fname
-- 
cgit