Bug: 479753 - Update core schema

This patch updates and reorganizes our core schema to follow
the most recently defined standards.  The layout of the core
schema files is as follows:

  00core.ldif - RFC 4512, RFC 4519, LDAP Subentry Internet Draft
  01core389.ldif - 389 specific schema (required to start server)
  02common.ldif - 389 specific schema (highly recommended,
      Changelog Internet Draft, plug-in schema)
  05rfc2927.ldif - MIME Directory Profile for LDAP Schema
  05rfc4523.ldif - Schema Definitions for X.509 Certificates
  05rfc4524.ldif - Cosine LDAP/X.500 Schema
  06inetorgperson.ldif - RFC 2798 (pulls in RFC 2079 and part of
      the obsolete RFC 1274 due to required attributes)

There are still a handful of syntaxes that we don't support, so
I've substituted syntaxes for about 15 attributes.  The schema and
DIT related description syntaxes are not supported, so I've used
the "Directory String" syntax instead in 00core.ldif.  The
certificate syntaxes defined in 4523 are not supported, so I've
used the "Octet String" syntax instead.  All of these deviations
are commented with a "TODO" listing the syntax that we need to
implement.

I have also updated the Mozilla address book schema to the latest
from upstream for a minor bug fix.  I changed the nsSymmetricKey
attribute to use the "Octet String" syntax since the "Binary"
syntax is deprecated.

10 files changed, 1492 insertions, 395 deletions

diff --git a/ldap/schema/00core.ldif b/ldap/schema/00core.ldif
index b2d8b869..d07aef73 100644
--- a/ldap/schema/00core.ldif
+++ b/ldap/schema/00core.ldif
@@ -1,47 +1,15 @@
+# 00core.ldif - Required Schema
+#
+# Contains standard schema from the following sources:
+#
+#  - RFC 4512
+#  - RFC 4519
+#  - LDAP Subentry Internet Draft
+#
+# The DS specific "aci" attribute is also defined here so we can
+# set a default aci # on the schema entry.
+################################################################################
 #
-# BEGIN COPYRIGHT BLOCK
-# This Program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License as published by the Free Software
-# Foundation; version 2 of the License.
-# 
-# This Program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
-# 
-# You should have received a copy of the GNU General Public License along with
-# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
-# Place, Suite 330, Boston, MA 02111-1307 USA.
-# 
-# In addition, as a special exception, Red Hat, Inc. gives You the additional
-# right to link the code of this Program with code not covered under the GNU
-# General Public License ("Non-GPL Code") and to distribute linked combinations
-# including the two, subject to the limitations in this paragraph. Non-GPL Code
-# permitted under this exception must only link to the code of this Program
-# through those well defined interfaces identified in the file named EXCEPTION
-# found in the source code files (the "Approved Interfaces"). The files of
-# Non-GPL Code may instantiate templates or use macros or inline functions from
-# the Approved Interfaces without causing the resulting work to be covered by
-# the GNU General Public License. Only Red Hat, Inc. may make changes or
-# additions to the list of Approved Interfaces. You must obey the GNU General
-# Public License in all respects for all of the Program code and other code used
-# in conjunction with the Program except the Non-GPL Code covered by this
-# exception. If you modify this file, you may extend this exception to your
-# version of the file, but you are not obligated to do so. If you do not wish to
-# provide this exception without modification, you must delete this exception
-# statement from your version and license this file solely under the GPL without
-# exception. 
-# 
-# 
-# Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
-# Copyright (C) 2005 Red Hat, Inc.
-# All rights reserved.
-# END COPYRIGHT BLOCK
-#
-#
-# Recommended core schema from the X.500 and LDAP standards (RFCs), and 
-# schema used by the Directory Server itself.
-# This is the schema that is required to bootstrap the server, to start it
-# and enable it to read in the other config and schema.
 dn: cn=schema
 objectclass: top
 objectclass: ldapSubentry
@@ -53,100 +21,771 @@ cn: schema
 #
 aci: (target="ldap:///cn=schema")(targetattr !="aci")(version 3.0;acl "anonymous, no acis"; allow (read, search, compare) userdn = "ldap:///anyone";)
 #
-# attribute types:
-#
-attributeTypes: ( 2.5.4.0 NAME 'objectClass' DESC 'Standard LDAP attribute type' EQUALITY objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.41 NAME 'name' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} X-ORIGIN 'RFC 2256')
-attributeTypes: ( 2.5.4.49 NAME ( 'dn' 'distinguishedName' ) DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.3 NAME ( 'cn' 'commonName' ) DESC 'Standard LDAP attribute type' SUP name X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.13 NAME 'description' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.34 NAME 'seeAlso' DESC 'Standard LDAP attribute type' SUP distinguishedName X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.35 NAME 'userPassword' DESC 'Standard LDAP attribute type' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.18.1 NAME 'createTimestamp' DESC 'Standard LDAP attribute type' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation X-ORIGIN 'RFC 2252' )
-attributeTypes: ( 2.5.18.2 NAME 'modifyTimestamp' DESC 'Standard LDAP attribute type' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation X-ORIGIN 'RFC 2252' )
-attributeTypes: ( 2.5.18.3 NAME 'creatorsName' DESC 'Standard LDAP attribute type' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation X-ORIGIN 'RFC 2252' )
-attributeTypes: ( 2.5.18.4 NAME 'modifiersName' DESC 'Standard LDAP attribute type' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation X-ORIGIN 'RFC 2252' )
-attributeTypes: ( 2.5.21.5 NAME 'attributeTypes' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 2252' )
-attributeTypes: ( 2.5.21.6 NAME 'objectClasses' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 2252' )
-attributeTypes: ( 2.5.21.4 NAME 'matchingRules' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 2252' )
-attributeTypes: ( 2.5.21.8 NAME 'matchingRuleUse' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 2252' )
-attributeTypes: ( 2.5.21.1 NAME 'dITStructureRules' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 2252' )
-attributeTypes: ( 2.5.21.2 NAME 'dITContentRules' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 2252' )
-attributeTypes: ( 2.5.21.7 NAME 'nameForms' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 2252' )
-attributeTypes: ( 2.16.840.1.113730.3.1.55 NAME 'aci' DESC 'Netscape defined access control information attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 USAGE directoryOperation X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.215 NAME 'oid' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.224 NAME 'nsslapd-pluginPath' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.225 NAME 'nsslapd-pluginInitfunc' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.226 NAME 'nsslapd-pluginType' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.227 NAME 'nsslapd-pluginId' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.228 NAME 'nsslapd-pluginVersion' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.229 NAME 'nsslapd-pluginVendor' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.230 NAME 'nsslapd-pluginDescription' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.231 NAME 'nsslapd-pluginEnabled' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.232 NAME 'nsSNMPEnabled' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.233 NAME 'nsSNMPOrganization' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.234 NAME 'nsSNMPLocation' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.235 NAME 'nsSNMPContact' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.236 NAME 'nsSNMPDescription' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.237 NAME 'nsSNMPMasterHost' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.238 NAME 'nsSNMPMasterPort' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.593 NAME 'nsSNMPName' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.242 NAME 'nsSystemIndex' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.327 NAME 'nsIndexType' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.328 NAME 'nsMatchingRule' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.542 NAME 'nsUniqueId' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.543 NAME 'nsState' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.544 NAME 'nsParentUniqueId' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.545 NAME 'nscpEntryDN' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 1.3.6.1.4.1.250.1.2 NAME 'multiLineDescription' DESC 'Pilot attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Internet White Pages Pilot' )
-attributeTypes: ( 2.16.840.1.113730.3.1.578 NAME 'nsDS5ReplicaHost' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.579 NAME 'nsDS5ReplicaPort' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.580 NAME 'nsDS5ReplicaTransportInfo' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.581 NAME 'nsDS5ReplicaBindDN' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.582 NAME 'nsDS5ReplicaCredentials' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.583 NAME 'nsDS5ReplicaBindMethod' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.584 NAME 'nsDS5ReplicaRoot' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.585 NAME 'nsDS5ReplicatedAttributeList' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.586 NAME 'nsDS5ReplicaUpdateSchedule' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.587 NAME 'nsds50ruv' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.2027 NAME 'nsruvReplicaLastModified' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.588 NAME 'nsDS5ReplicaId' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.589 NAME 'nsDS5ReplicaType' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.590 NAME 'nsDS5ReplicaName' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.591 NAME 'nsDS5ReplicaReferral' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.592 NAME 'nsDS5ReplicaAutoReferral' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.607 NAME 'nsDS5Flags' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.608 NAME 'nsDS5Task' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.609 NAME 'nsds5BeginReplicaRefresh' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.682 NAME 'nsds5ReplicaPurgeDelay' DESC 'Netscape defined attribute type' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.684 NAME 'nsds5ReplicaChangeCount' DESC 'Netscape defined attribute type' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.683 NAME 'nsds5ReplicaTombstonePurgeInterval' DESC 'Netscape defined attribute type' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.685 NAME 'nsds5replicaLastUpdateStart' DESC 'Netscape defined attribute type' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE NO-USER-MODIFICATION X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.686 NAME 'nsds5replicaLastUpdateEnd' DESC 'Netscape defined attribute type' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE NO-USER-MODIFICATION X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.687 NAME 'nsds5replicaChangesSentSinceStartup' DESC 'Netscape defined attribute type' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE NO-USER-MODIFICATION X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.688 NAME 'nsds5replicaLastUpdateStatus' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE NO-USER-MODIFICATION X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.689 NAME 'nsds5replicaUpdateInProgress' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE NO-USER-MODIFICATION X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.802 NAME 'nsds5ReplicaLegacyConsumer' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.804 NAME 'nsSchemaCSN' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15  SINGLE-VALUE USAGE directoryOperation X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.805 NAME 'nsds5replicaTimeout' DESC 'Netscape defined attribute type' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.807 NAME 'nsds5replicaLastInitStart' DESC 'Netscape defined attribute type' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE NO-USER-MODIFICATION X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.808 NAME 'nsds5replicaLastInitEnd' DESC 'Netscape defined attribute type' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE NO-USER-MODIFICATION X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.809 NAME 'nsds5replicaLastInitStatus' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE NO-USER-MODIFICATION X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.1097 NAME 'nsds5replicaBusyWaitTime' DESC 'Netscape defined attribute type' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.1098 NAME 'nsds5replicaSessionPauseTime' DESC 'Netscape defined attribute type' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.9999999 NAME 'nsds5debugreplicatimeout' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
-#
-# objectclasses
-#
-objectClasses: ( 2.5.6.0 NAME 'top' DESC 'Standard LDAP objectclass' ABSTRACT MUST objectClass X-ORIGIN 'RFC 2256' )
-objectClasses: ( 2.5.20.1 NAME 'subschema' DESC 'Standard LDAP objectclass' SUP top AUXILIARY MAY ( dITStructureRules $ nameForms $ dITContentRules $ objectClasses $ attributeTypes $ matchingRules $ matchingRuleUse ) X-ORIGIN 'RFC 2252' )
-objectClasses: (  2.16.840.1.113719.2.142.6.1.1  NAME 'ldapSubEntry' DESC 'LDAP Subentry class, version 1' SUP top STRUCTURAL MAY ( cn ) X-ORIGIN 'LDAP Subentry Internet Draft' )
-objectClasses: ( 2.16.840.1.113730.3.2.40 NAME 'directoryServerFeature' DESC 'Netscape defined objectclass' SUP top MAY ( oid $ cn $ multiLineDescription ) X-ORIGIN 'Netscape Directory Server' )
-objectClasses: ( 2.16.840.1.113730.3.2.41 NAME 'nsslapdPlugin' DESC 'Netscape defined objectclass' SUP top MUST ( cn $ nsslapd-pluginPath $ nsslapd-pluginInitFunc $ nsslapd-pluginType $ nsslapd-pluginId $ nsslapd-pluginVersion $ nsslapd-pluginVendor $ nsslapd-pluginDescription $ nsslapd-pluginEnabled ) X-ORIGIN 'Netscape Directory Server' )
-objectClasses: ( 2.16.840.1.113730.3.2.44 NAME 'nsIndex' DESC 'Netscape defined objectclass' SUP top MUST ( cn $ nsSystemIndex ) MAY ( description $ nsIndexType $ nsMatchingRule ) X-ORIGIN 'Netscape Directory Server' )
-objectClasses: ( 2.16.840.1.113730.3.2.109 NAME 'nsBackendInstance' DESC 'Netscape defined objectclass' SUP top  MUST ( CN ) X-ORIGIN 'Netscape Directory Server' )
-objectClasses: ( 2.16.840.1.113730.3.2.110 NAME 'nsMappingTree' DESC 'Netscape defined objectclass' SUP top  MUST ( CN ) X-ORIGIN 'Netscape Directory Server' )
-objectClasses: ( 2.16.840.1.113730.3.2.104 NAME 'nsContainer' DESC 'Netscape defined objectclass' SUP top  MUST ( CN ) X-ORIGIN 'Netscape Directory Server' )
-objectClasses: ( 2.16.840.1.113730.3.2.108 NAME 'nsDS5Replica' DESC 'Netscape defined objectclass' SUP top  MUST ( nsDS5ReplicaRoot $  nsDS5ReplicaId ) MAY (cn $ nsDS5ReplicaType $ nsDS5ReplicaBindDN $ nsState $ nsDS5ReplicaName $ nsDS5Flags $ nsDS5Task $ nsDS5ReplicaReferral $ nsDS5ReplicaAutoReferral $ nsds5ReplicaPurgeDelay $ nsds5ReplicaTombstonePurgeInterval $ nsds5ReplicaChangeCount $ nsds5ReplicaLegacyConsumer) X-ORIGIN 'Netscape Directory Server' )
-objectClasses: ( 2.16.840.1.113730.3.2.113 NAME 'nsTombstone' DESC 'Netscape defined objectclass' SUP top MAY ( nsParentUniqueId $ nscpEntryDN ) X-ORIGIN 'Netscape Directory Server' )
-objectClasses: ( 2.16.840.1.113730.3.2.103 NAME 'nsDS5ReplicationAgreement' DESC 'Netscape defined objectclass' SUP top MUST ( cn ) MAY ( nsDS5ReplicaHost $ nsDS5ReplicaPort $ nsDS5ReplicaTransportInfo $ nsDS5ReplicaBindDN $ nsDS5ReplicaCredentials $ nsDS5ReplicaBindMethod $ nsDS5ReplicaRoot $ nsDS5ReplicatedAttributeList $ nsDS5ReplicaUpdateSchedule $ nsds5BeginReplicaRefresh $ description $ nsds50ruv $ nsruvReplicaLastModified $ nsds5ReplicaTimeout $ nsds5replicaChangesSentSinceStartup $ nsds5replicaLastUpdateEnd $ nsds5replicaLastUpdateStart $ nsds5replicaLastUpdateStatus $ nsds5replicaUpdateInProgress $ nsds5replicaLastInitEnd $ nsds5replicaLastInitStart $ nsds5replicaLastInitStatus $ nsds5debugreplicatimeout $ nsds5replicaBusyWaitTime $ nsds5replicaSessionPauseTime ) X-ORIGIN 'Netscape Directory Server' )
+################################################################################
+#
+attributeTypes: ( 2.16.840.1.113730.3.1.55 NAME 'aci'
+  DESC 'Netscape defined access control information attribute type'
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
+  USAGE directoryOperation
+  X-ORIGIN 'Netscape Directory Server' )
+#
+################################################################################
+#
+objectClasses: ( 2.5.6.0 NAME 'top'
+  ABSTRACT
+  MUST objectClass
+  X-ORIGIN 'RFC 4512' )
+  
+#
+################################################################################
+#
+objectClasses: ( 2.5.6.1 NAME 'alias'
+  SUP top STRUCTURAL
+  MUST aliasedObjectName
+  X-ORIGIN 'RFC 4512' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.1 NAME 'aliasedObjectName'
+  EQUALITY distinguishedNameMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
+  SINGLE-VALUE
+  X-ORIGIN 'RFC 4512' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.0 NAME 'objectClass'
+  EQUALITY objectIdentifierMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.38
+  X-ORIGIN 'RFC 4512' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.18.3 NAME 'creatorsName'
+  EQUALITY distinguishedNameMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
+  SINGLE-VALUE NO-USER-MODIFICATION
+  USAGE directoryOperation
+  X-ORIGIN 'RFC 4512' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.18.1 NAME 'createTimestamp'
+  EQUALITY generalizedTimeMatch
+  ORDERING generalizedTimeOrderingMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
+  SINGLE-VALUE NO-USER-MODIFICATION
+  USAGE directoryOperation
+  X-ORIGIN 'RFC 4512' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.18.4 NAME 'modifiersName'
+  EQUALITY distinguishedNameMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
+  SINGLE-VALUE NO-USER-MODIFICATION
+  USAGE directoryOperation
+  X-ORIGIN 'RFC 4512' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.18.2 NAME 'modifyTimestamp'
+  EQUALITY generalizedTimeMatch
+  ORDERING generalizedTimeOrderingMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
+  SINGLE-VALUE NO-USER-MODIFICATION
+  USAGE directoryOperation
+  X-ORIGIN 'RFC 4512' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.21.9 NAME 'structuralObjectClass'
+  EQUALITY objectIdentifierMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.38
+  SINGLE-VALUE NO-USER-MODIFICATION
+  USAGE directoryOperation
+  X-ORIGIN 'RFC 4512' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.21.10 NAME 'governingStructureRule'
+  EQUALITY integerMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
+  SINGLE-VALUE NO-USER-MODIFICATION
+  USAGE directoryOperation
+  X-ORIGIN 'RFC 4512' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.18.10 NAME 'subschemaSubentry'
+  EQUALITY distinguishedNameMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
+  SINGLE-VALUE NO-USER-MODIFICATION
+  USAGE directoryOperation
+  X-ORIGIN 'RFC 4512' )
+#
+################################################################################
+#
+objectClasses: ( 2.5.20.1 NAME 'subschema' AUXILIARY
+  MAY ( dITStructureRules $ nameForms $ ditContentRules $
+    objectClasses $ attributeTypes $ matchingRules $
+    matchingRuleUse )
+  X-ORIGIN 'RFC 4512' )
+#
+################################################################################
+# TODO - Add Object Class Description syntax
+#attributeTypes: ( 2.5.21.6 NAME 'objectClasses'
+#  EQUALITY objectIdentifierFirstComponentMatch
+#  SYNTAX 1.3.6.1.4.1.1466.115.121.1.37
+#  USAGE directoryOperation
+#  X-ORIGIN 'RFC 4512' )
+attributeTypes: ( 2.5.21.6 NAME 'objectClasses'
+  EQUALITY objectIdentifierFirstComponentMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+  USAGE directoryOperation
+  X-ORIGIN 'RFC 4512' )
+#
+################################################################################
+# TODO - Add Attribute Type Description syntax
+#attributeTypes: ( 2.5.21.5 NAME 'attributeTypes'
+#  EQUALITY objectIdentifierFirstComponentMatch
+#  SYNTAX 1.3.6.1.4.1.1466.115.121.1.3
+#  USAGE directoryOperation
+#  X-ORIGIN 'RFC 4512' )
+attributeTypes: ( 2.5.21.5 NAME 'attributeTypes'
+  EQUALITY objectIdentifierFirstComponentMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+  USAGE directoryOperation
+  X-ORIGIN 'RFC 4512' )
+#
+################################################################################
+# TODO - Add Matching Rule Description syntax
+#attributeTypes: ( 2.5.21.4 NAME 'matchingRules'
+#  EQUALITY objectIdentifierFirstComponentMatch
+#  SYNTAX 1.3.6.1.4.1.1466.115.121.1.30
+#  USAGE directoryOperation
+#  X-ORIGIN 'RFC 4512' )
+attributeTypes: ( 2.5.21.4 NAME 'matchingRules'
+  EQUALITY objectIdentifierFirstComponentMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+  USAGE directoryOperation
+  X-ORIGIN 'RFC 4512' )
+#
+################################################################################
+# TODO - Add Matching Rule Use Description syntax
+#attributeTypes: ( 2.5.21.8 NAME 'matchingRuleUse'
+#  EQUALITY objectIdentifierFirstComponentMatch
+#  SYNTAX 1.3.6.1.4.1.1466.115.121.1.31
+#  USAGE directoryOperation
+#  X-ORIGIN 'RFC 4512' )
+attributeTypes: ( 2.5.21.8 NAME 'matchingRuleUse'
+  EQUALITY objectIdentifierFirstComponentMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+  USAGE directoryOperation
+  X-ORIGIN 'RFC 4512' )
+#
+################################################################################
+# TODO - Add LDAP Syntax Description syntax
+#attributeTypes: ( 1.3.6.1.4.1.1466.101.120.16 NAME 'ldapSyntaxes'
+#  EQUALITY objectIdentifierFirstComponentMatch
+#  SYNTAX 1.3.6.1.4.1.1466.115.121.1.54
+#  USAGE directoryOperation
+#  X-ORIGIN 'RFC 4512' )
+attributeTypes: ( 1.3.6.1.4.1.1466.101.120.16 NAME 'ldapSyntaxes'
+  EQUALITY objectIdentifierFirstComponentMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+  USAGE directoryOperation
+  X-ORIGIN 'RFC 4512' )
+#
+################################################################################
+# TODO - Add DIT Content Rule Description syntax
+#attributeTypes: ( 2.5.21.2 NAME 'dITContentRules'
+#  EQUALITY objectIdentifierFirstComponentMatch
+#  SYNTAX 1.3.6.1.4.1.1466.115.121.1.16
+#  USAGE directoryOperation
+#  X-ORIGIN 'RFC 4512' )
+attributeTypes: ( 2.5.21.2 NAME 'dITContentRules'
+  EQUALITY objectIdentifierFirstComponentMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+  USAGE directoryOperation
+  X-ORIGIN 'RFC 4512' )
+#
+################################################################################
+# TODO - Add DIT Structure Rule Description syntax
+#attributeTypes: ( 2.5.21.1 NAME 'dITStructureRules'
+#  EQUALITY integerFirstComponentMatch
+#  SYNTAX 1.3.6.1.4.1.1466.115.121.1.17
+#  USAGE directoryOperation
+#  X-ORIGIN 'RFC 4512' )
+attributeTypes: ( 2.5.21.1 NAME 'dITStructureRules'
+  EQUALITY integerFirstComponentMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+  USAGE directoryOperation
+  X-ORIGIN 'RFC 4512' )
+#
+################################################################################
+# TODO - Add Name Form Description syntax
+#attributeTypes: ( 2.5.21.7 NAME 'nameForms'
+#  EQUALITY objectIdentifierFirstComponentMatch
+#  SYNTAX 1.3.6.1.4.1.1466.115.121.1.35
+#  USAGE directoryOperation
+#  X-ORIGIN 'RFC 4512' )
+attributeTypes: ( 2.5.21.7 NAME 'nameForms'
+  EQUALITY objectIdentifierFirstComponentMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+  USAGE directoryOperation
+  X-ORIGIN 'RFC 4512' )
+#
+################################################################################
+#
+objectClasses: ( 1.3.6.1.4.1.1466.101.120.111 NAME 'extensibleObject'
+  SUP top AUXILIARY
+  X-ORIGIN 'RFC 4512' )
+#
+################################################################################
+#
+attributeTypes: ( 1.3.6.1.4.1.1466.101.120.6 NAME 'altServer'
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
+  USAGE dSAOperation
+  X-ORIGIN 'RFC 4512' )
+#
+################################################################################
+#
+attributeTypes: ( 1.3.6.1.4.1.1466.101.120.5 NAME 'namingContexts'
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
+  USAGE dSAOperation
+  X-ORIGIN 'RFC 4512' )
+#
+################################################################################
+#
+attributeTypes: ( 1.3.6.1.4.1.1466.101.120.13 NAME 'supportedControl'
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.38
+  USAGE dSAOperation
+  X-ORIGIN 'RFC 4512' )
+#
+################################################################################
+#
+attributeTypes: ( 1.3.6.1.4.1.1466.101.120.7 NAME 'supportedExtension'
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.38
+  USAGE dSAOperation
+  X-ORIGIN 'RFC 4512' )
+#
+################################################################################
+#
+attributeTypes: ( 1.3.6.1.4.1.4203.1.3.5 NAME 'supportedFeatures'
+  EQUALITY objectIdentifierMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.38
+  USAGE dSAOperation
+  X-ORIGIN 'RFC 4512' )
+#
+################################################################################
+#
+attributeTypes: ( 1.3.6.1.4.1.1466.101.120.15 NAME 'supportedLDAPVersion'
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
+  USAGE dSAOperation
+  X-ORIGIN 'RFC 4512' )
+#
+################################################################################
+#
+attributeTypes: ( 1.3.6.1.4.1.1466.101.120.14 NAME 'supportedSASLMechanisms'
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+  USAGE dSAOperation
+  X-ORIGIN 'RFC 4512' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.41 NAME 'name'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.15 NAME 'businessCategory'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.6 NAME 'c'
+  SUP name
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.11
+  SINGLE-VALUE
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.3 NAME 'cn'
+  SUP name
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 0.9.2342.19200300.100.1.25 NAME 'dc'
+  EQUALITY caseIgnoreIA5Match
+  SUBSTR caseIgnoreIA5SubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
+  SINGLE-VALUE
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.13 NAME 'description'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.27 NAME 'destinationIndicator'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.44
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.49 NAME 'distinguishedName'
+  EQUALITY distinguishedNameMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.46 NAME 'dnQualifier'
+  EQUALITY caseIgnoreMatch
+  ORDERING caseIgnoreOrderingMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.44
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.47 NAME 'enhancedSearchGuide'
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.21
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.23 NAME 'facsimileTelephoneNumber'
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.22
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.44 NAME 'generationQualifier'
+  SUP name
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.42 NAME 'givenName'
+  SUP name
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.51 NAME 'houseIdentifier'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.43 NAME 'initials'
+  SUP name
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.25 NAME 'internationalISDNNumber'
+  EQUALITY numericStringMatch
+  SUBSTR numericStringSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.36
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.7 NAME 'l'
+  SUP name
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.31 NAME 'member'
+  SUP distinguishedName
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.10 NAME 'o'
+  SUP name
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.11 NAME 'ou'
+  SUP name
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.32 NAME 'owner'
+  SUP distinguishedName
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.19 NAME 'physicalDeliveryOfficeName'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.16 NAME 'postalAddress'
+  EQUALITY caseIgnoreListMatch
+  SUBSTR caseIgnoreListSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.41
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.17 NAME 'postalCode'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.18 NAME 'postOfficeBox'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.28 NAME 'preferredDeliveryMethod'
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.14
+  SINGLE-VALUE
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.26 NAME 'registeredAddress'
+  SUP postalAddress
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.41
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.33 NAME 'roleOccupant'
+  SUP distinguishedName
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.14 NAME 'searchGuide'
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.25
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.34 NAME 'seeAlso'
+  SUP distinguishedName
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.5 NAME 'serialNumber'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.44
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.4 NAME 'sn'
+  SUP name
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.8 NAME 'st'
+  SUP name
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.9 NAME 'street'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.20 NAME 'telephoneNumber'
+  EQUALITY telephoneNumberMatch
+  SUBSTR telephoneNumberSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.50
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.22 NAME 'teletexTerminalIdentifier'
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.51
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.21 NAME 'telexNumber'
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.52
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.12 NAME 'title'
+  SUP name
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 0.9.2342.19200300.100.1.1 NAME 'uid'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.50 NAME 'uniqueMember'
+  EQUALITY uniqueMemberMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.34
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.35 NAME 'userPassword'
+  EQUALITY octetStringMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.24 NAME 'x121Address'
+  EQUALITY numericStringMatch
+  SUBSTR numericStringSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.36
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+attributeTypes: ( 2.5.4.45 NAME 'x500UniqueIdentifier'
+  EQUALITY bitStringMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.6
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+objectClasses: ( 2.5.6.11 NAME 'applicationProcess'
+  SUP top
+  STRUCTURAL
+  MUST cn
+  MAY ( seeAlso $
+        ou $
+        l $
+        description )
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+objectClasses: ( 2.5.6.2 NAME 'country'
+  SUP top
+  STRUCTURAL
+  MUST c
+  MAY ( searchGuide $
+        description )
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+objectClasses: ( 1.3.6.1.4.1.1466.344 NAME 'dcObject'
+  SUP top
+  AUXILIARY
+  MUST dc
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+objectClasses: ( 2.5.6.14 NAME 'device'
+  SUP top
+  STRUCTURAL
+  MUST cn
+  MAY ( serialNumber $
+        seeAlso $
+        owner $
+        ou $
+        o $
+        l $
+        description )
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+objectClasses: ( 2.5.6.9 NAME 'groupOfNames'
+  SUP top
+  STRUCTURAL
+  MUST ( member $
+        cn )
+  MAY ( businessCategory $
+        seeAlso $
+        owner $
+        ou $
+        o $
+        description )
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+objectClasses: ( 2.5.6.17 NAME 'groupOfUniqueNames'
+  SUP top
+  STRUCTURAL
+  MUST ( uniqueMember $
+        cn )
+  MAY ( businessCategory $
+        seeAlso $
+        owner $
+        ou $
+        o $
+        description )
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+objectClasses: ( 2.5.6.3 NAME 'locality'
+  SUP top
+  STRUCTURAL
+  MAY ( street $
+        seeAlso $
+        searchGuide $
+        st $
+        l $
+        description )
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+objectClasses: ( 2.5.6.4 NAME 'organization'
+  SUP top
+  STRUCTURAL
+  MUST o
+  MAY ( userPassword $ searchGuide $ seeAlso $
+        businessCategory $ x121Address $ registeredAddress $
+        destinationIndicator $ preferredDeliveryMethod $
+        telexNumber $ teletexTerminalIdentifier $
+        telephoneNumber $ internationalISDNNumber $
+        facsimileTelephoneNumber $ street $ postOfficeBox $
+        postalCode $ postalAddress $ physicalDeliveryOfficeName $
+        st $ l $ description )
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+objectClasses: ( 2.5.6.6 NAME 'person'
+  SUP top
+  STRUCTURAL
+  MUST ( sn $
+        cn )
+  MAY ( userPassword $
+        telephoneNumber $
+        seeAlso $ description )
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+objectClasses: ( 2.5.6.7 NAME 'organizationalPerson'
+  SUP person
+  STRUCTURAL
+  MAY ( title $ x121Address $ registeredAddress $
+        destinationIndicator $ preferredDeliveryMethod $
+        telexNumber $ teletexTerminalIdentifier $
+        telephoneNumber $ internationalISDNNumber $
+        facsimileTelephoneNumber $ street $ postOfficeBox $
+        postalCode $ postalAddress $ physicalDeliveryOfficeName $
+        ou $ st $ l )
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+objectClasses: ( 2.5.6.8 NAME 'organizationalRole'
+  SUP top
+  STRUCTURAL
+  MUST cn
+  MAY ( x121Address $ registeredAddress $ destinationIndicator $
+        preferredDeliveryMethod $ telexNumber $
+        teletexTerminalIdentifier $ telephoneNumber $
+        internationalISDNNumber $ facsimileTelephoneNumber $
+        seeAlso $ roleOccupant $ preferredDeliveryMethod $
+        street $ postOfficeBox $ postalCode $ postalAddress $
+        physicalDeliveryOfficeName $ ou $ st $ l $
+        description )
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+objectClasses: ( 2.5.6.5 NAME 'organizationalUnit'
+  SUP top
+  STRUCTURAL
+  MUST ou
+  MAY ( businessCategory $ description $ destinationIndicator $
+        facsimileTelephoneNumber $ internationalISDNNumber $ l $
+        physicalDeliveryOfficeName $ postalAddress $ postalCode $
+        postOfficeBox $ preferredDeliveryMethod $
+        registeredAddress $ searchGuide $ seeAlso $ st $ street $
+        telephoneNumber $ teletexTerminalIdentifier $
+        telexNumber $ userPassword $ x121Address )
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+objectClasses: ( 2.5.6.10 NAME 'residentialPerson'
+  SUP person
+  STRUCTURAL
+  MUST l
+  MAY ( businessCategory $ x121Address $ registeredAddress $
+        destinationIndicator $ preferredDeliveryMethod $
+        telexNumber $ teletexTerminalIdentifier $
+        telephoneNumber $ internationalISDNNumber $
+        facsimileTelephoneNumber $ preferredDeliveryMethod $
+        street $ postOfficeBox $ postalCode $ postalAddress $
+        physicalDeliveryOfficeName $ st $ l )
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+objectClasses: ( 1.3.6.1.1.3.1 NAME 'uidObject'
+  SUP top
+  AUXILIARY
+  MUST uid
+  X-ORIGIN 'RFC 4519' )
+#
+################################################################################
+#
+objectClasses: (  2.16.840.1.113719.2.142.6.1.1  NAME 'ldapSubEntry'
+  DESC 'LDAP Subentry class, version 1'
+  SUP top
+  STRUCTURAL
+  MAY ( cn )
+  X-ORIGIN 'LDAP Subentry Internet Draft' )
+#
+################################################################################
+#
diff --git a/ldap/schema/01core389.ldif b/ldap/schema/01core389.ldif
new file mode 100644
index 00000000..5046e5d0
--- /dev/null
+++ b/ldap/schema/01core389.ldif
@@ -0,0 +1,120 @@
+#
+# BEGIN COPYRIGHT BLOCK
+# This Program is free software; you can redistribute it and/or modify it under
+# the terms of the GNU General Public License as published by the Free Software
+# Foundation; version 2 of the License.
+# 
+# This Program is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License along with
+# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
+# Place, Suite 330, Boston, MA 02111-1307 USA.
+# 
+# In addition, as a special exception, Red Hat, Inc. gives You the additional
+# right to link the code of this Program with code not covered under the GNU
+# General Public License ("Non-GPL Code") and to distribute linked combinations
+# including the two, subject to the limitations in this paragraph. Non-GPL Code
+# permitted under this exception must only link to the code of this Program
+# through those well defined interfaces identified in the file named EXCEPTION
+# found in the source code files (the "Approved Interfaces"). The files of
+# Non-GPL Code may instantiate templates or use macros or inline functions from
+# the Approved Interfaces without causing the resulting work to be covered by
+# the GNU General Public License. Only Red Hat, Inc. may make changes or
+# additions to the list of Approved Interfaces. You must obey the GNU General
+# Public License in all respects for all of the Program code and other code used
+# in conjunction with the Program except the Non-GPL Code covered by this
+# exception. If you modify this file, you may extend this exception to your
+# version of the file, but you are not obligated to do so. If you do not wish to
+# provide this exception without modification, you must delete this exception
+# statement from your version and license this file solely under the GPL without
+# exception. 
+# 
+# 
+# Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
+# Copyright (C) 2005 Red Hat, Inc.
+# All rights reserved.
+# END COPYRIGHT BLOCK
+#
+#
+# Recommended core schema used by the Directory Server itself.
+# This is the schema that is required to bootstrap the server, to start it
+# and enable it to read in the other config and schema.
+dn: cn=schema
+#
+# attribute types:
+#
+attributeTypes: ( 2.16.840.1.113730.3.1.215 NAME 'oid' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.224 NAME 'nsslapd-pluginPath' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.225 NAME 'nsslapd-pluginInitfunc' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.226 NAME 'nsslapd-pluginType' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.227 NAME 'nsslapd-pluginId' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.228 NAME 'nsslapd-pluginVersion' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.229 NAME 'nsslapd-pluginVendor' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.230 NAME 'nsslapd-pluginDescription' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.231 NAME 'nsslapd-pluginEnabled' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.232 NAME 'nsSNMPEnabled' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.233 NAME 'nsSNMPOrganization' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.234 NAME 'nsSNMPLocation' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.235 NAME 'nsSNMPContact' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.236 NAME 'nsSNMPDescription' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.237 NAME 'nsSNMPMasterHost' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.238 NAME 'nsSNMPMasterPort' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.593 NAME 'nsSNMPName' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.242 NAME 'nsSystemIndex' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.327 NAME 'nsIndexType' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.328 NAME 'nsMatchingRule' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.542 NAME 'nsUniqueId' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.543 NAME 'nsState' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.544 NAME 'nsParentUniqueId' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.545 NAME 'nscpEntryDN' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 1.3.6.1.4.1.250.1.2 NAME 'multiLineDescription' DESC 'Pilot attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Internet White Pages Pilot' )
+attributeTypes: ( 2.16.840.1.113730.3.1.578 NAME 'nsDS5ReplicaHost' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.579 NAME 'nsDS5ReplicaPort' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.580 NAME 'nsDS5ReplicaTransportInfo' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.581 NAME 'nsDS5ReplicaBindDN' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.582 NAME 'nsDS5ReplicaCredentials' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.583 NAME 'nsDS5ReplicaBindMethod' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.584 NAME 'nsDS5ReplicaRoot' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.585 NAME 'nsDS5ReplicatedAttributeList' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.586 NAME 'nsDS5ReplicaUpdateSchedule' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.587 NAME 'nsds50ruv' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.2027 NAME 'nsruvReplicaLastModified' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.588 NAME 'nsDS5ReplicaId' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.589 NAME 'nsDS5ReplicaType' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.590 NAME 'nsDS5ReplicaName' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.591 NAME 'nsDS5ReplicaReferral' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.592 NAME 'nsDS5ReplicaAutoReferral' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.607 NAME 'nsDS5Flags' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.608 NAME 'nsDS5Task' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.609 NAME 'nsds5BeginReplicaRefresh' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.682 NAME 'nsds5ReplicaPurgeDelay' DESC 'Netscape defined attribute type' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.684 NAME 'nsds5ReplicaChangeCount' DESC 'Netscape defined attribute type' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.683 NAME 'nsds5ReplicaTombstonePurgeInterval' DESC 'Netscape defined attribute type' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.685 NAME 'nsds5replicaLastUpdateStart' DESC 'Netscape defined attribute type' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE NO-USER-MODIFICATION X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.686 NAME 'nsds5replicaLastUpdateEnd' DESC 'Netscape defined attribute type' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE NO-USER-MODIFICATION X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.687 NAME 'nsds5replicaChangesSentSinceStartup' DESC 'Netscape defined attribute type' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE NO-USER-MODIFICATION X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.688 NAME 'nsds5replicaLastUpdateStatus' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE NO-USER-MODIFICATION X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.689 NAME 'nsds5replicaUpdateInProgress' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE NO-USER-MODIFICATION X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.802 NAME 'nsds5ReplicaLegacyConsumer' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.804 NAME 'nsSchemaCSN' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15  SINGLE-VALUE USAGE directoryOperation X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.805 NAME 'nsds5replicaTimeout' DESC 'Netscape defined attribute type' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.807 NAME 'nsds5replicaLastInitStart' DESC 'Netscape defined attribute type' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE NO-USER-MODIFICATION X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.808 NAME 'nsds5replicaLastInitEnd' DESC 'Netscape defined attribute type' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE NO-USER-MODIFICATION X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.809 NAME 'nsds5replicaLastInitStatus' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE NO-USER-MODIFICATION X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.1097 NAME 'nsds5replicaBusyWaitTime' DESC 'Netscape defined attribute type' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.1098 NAME 'nsds5replicaSessionPauseTime' DESC 'Netscape defined attribute type' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.9999999 NAME 'nsds5debugreplicatimeout' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
+#
+# objectclasses
+#
+objectClasses: ( 2.16.840.1.113730.3.2.40 NAME 'directoryServerFeature' DESC 'Netscape defined objectclass' SUP top MAY ( oid $ cn $ multiLineDescription ) X-ORIGIN 'Netscape Directory Server' )
+objectClasses: ( 2.16.840.1.113730.3.2.41 NAME 'nsslapdPlugin' DESC 'Netscape defined objectclass' SUP top MUST ( cn $ nsslapd-pluginPath $ nsslapd-pluginInitFunc $ nsslapd-pluginType $ nsslapd-pluginId $ nsslapd-pluginVersion $ nsslapd-pluginVendor $ nsslapd-pluginDescription $ nsslapd-pluginEnabled ) X-ORIGIN 'Netscape Directory Server' )
+objectClasses: ( 2.16.840.1.113730.3.2.44 NAME 'nsIndex' DESC 'Netscape defined objectclass' SUP top MUST ( cn $ nsSystemIndex ) MAY ( description $ nsIndexType $ nsMatchingRule ) X-ORIGIN 'Netscape Directory Server' )
+objectClasses: ( 2.16.840.1.113730.3.2.109 NAME 'nsBackendInstance' DESC 'Netscape defined objectclass' SUP top  MUST ( CN ) X-ORIGIN 'Netscape Directory Server' )
+objectClasses: ( 2.16.840.1.113730.3.2.110 NAME 'nsMappingTree' DESC 'Netscape defined objectclass' SUP top  MUST ( CN ) X-ORIGIN 'Netscape Directory Server' )
+objectClasses: ( 2.16.840.1.113730.3.2.104 NAME 'nsContainer' DESC 'Netscape defined objectclass' SUP top  MUST ( CN ) X-ORIGIN 'Netscape Directory Server' )
+objectClasses: ( 2.16.840.1.113730.3.2.108 NAME 'nsDS5Replica' DESC 'Netscape defined objectclass' SUP top  MUST ( nsDS5ReplicaRoot $  nsDS5ReplicaId ) MAY (cn $ nsDS5ReplicaType $ nsDS5ReplicaBindDN $ nsState $ nsDS5ReplicaName $ nsDS5Flags $ nsDS5Task $ nsDS5ReplicaReferral $ nsDS5ReplicaAutoReferral $ nsds5ReplicaPurgeDelay $ nsds5ReplicaTombstonePurgeInterval $ nsds5ReplicaChangeCount $ nsds5ReplicaLegacyConsumer) X-ORIGIN 'Netscape Directory Server' )
+objectClasses: ( 2.16.840.1.113730.3.2.113 NAME 'nsTombstone' DESC 'Netscape defined objectclass' SUP top MAY ( nsParentUniqueId $ nscpEntryDN ) X-ORIGIN 'Netscape Directory Server' )
+objectClasses: ( 2.16.840.1.113730.3.2.103 NAME 'nsDS5ReplicationAgreement' DESC 'Netscape defined objectclass' SUP top MUST ( cn ) MAY ( nsDS5ReplicaHost $ nsDS5ReplicaPort $ nsDS5ReplicaTransportInfo $ nsDS5ReplicaBindDN $ nsDS5ReplicaCredentials $ nsDS5ReplicaBindMethod $ nsDS5ReplicaRoot $ nsDS5ReplicatedAttributeList $ nsDS5ReplicaUpdateSchedule $ nsds5BeginReplicaRefresh $ description $ nsds50ruv $ nsruvReplicaLastModified $ nsds5ReplicaTimeout $ nsds5replicaChangesSentSinceStartup $ nsds5replicaLastUpdateEnd $ nsds5replicaLastUpdateStart $ nsds5replicaLastUpdateStatus $ nsds5replicaUpdateInProgress $ nsds5replicaLastInitEnd $ nsds5replicaLastInitStart $ nsds5replicaLastInitStatus $ nsds5debugreplicatimeout $ nsds5replicaBusyWaitTime $ nsds5replicaSessionPauseTime ) X-ORIGIN 'Netscape Directory Server' )
diff --git a/ldap/schema/01common.ldif b/ldap/schema/02common.ldif
index 01e0727d..d284779c 100644
--- a/ldap/schema/01common.ldif
+++ b/ldap/schema/02common.ldif
@@ -44,71 +44,6 @@ dn: cn=schema
 #
 # attributes
 #
-attributeTypes: ( 2.5.4.1 NAME 'aliasedObjectName' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.2 NAME 'knowledgeInformation' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.4 NAME ( 'sn' 'surName' ) DESC 'Standard LDAP attribute type' SUP name X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.5 NAME 'serialNumber' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.6 NAME ( 'c' 'countryName' ) DESC 'Standard LDAP attribute type' SUP name SINGLE-VALUE X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.7 NAME ( 'l' 'locality' 'localityname' ) DESC 'Standard LDAP attribute type' SUP name X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' ) DESC 'Standard LDAP attribute type' SUP name X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.9 NAME ( 'street' 'streetaddress' ) DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.10 NAME ( 'o' 'organizationname' ) DESC 'Standard LDAP attribute type' SUP name X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' ) DESC 'Standard LDAP attribute type' SUP name X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.12 NAME 'title' DESC 'Standard LDAP attribute type' SUP name X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.14 NAME 'searchGuide' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.15 NAME 'businessCategory' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.16 NAME 'postalAddress' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.17 NAME 'postalCode' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.18 NAME 'postOfficeBox' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.19 NAME 'physicalDeliveryOfficeName' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.20 NAME 'telephoneNumber' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.21 NAME 'telexNumber' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.22 NAME 'teletexTerminalIdentifier' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' ) DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.24 NAME 'x121Address' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.25 NAME 'internationaliSDNNumber' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.26 NAME 'registeredAddress' DESC 'Standard LDAP attribute type' SUP postalAddress X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.27 NAME 'destinationIndicator' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.28 NAME 'preferredDeliveryMethod' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.29 NAME 'presentationAddress' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.30 NAME 'supportedApplicationContext' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.31 NAME 'member' DESC 'Standard LDAP attribute type' SUP distinguishedName X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.32 NAME 'owner' DESC 'Standard LDAP attribute type' SUP distinguishedName X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.33 NAME 'roleOccupant' DESC 'Standard LDAP attribute type' SUP distinguishedName X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.36 NAME 'userCertificate' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.37 NAME 'cACertificate' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.38 NAME 'authorityRevocationList' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.39 NAME 'certificateRevocationList' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.40 NAME 'crossCertificatePair' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.42 NAME 'givenName' DESC 'Standard LDAP attribute type' SUP name X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.43 NAME 'initials' DESC 'Standard LDAP attribute type' SUP name X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.44 NAME 'generationQualifier' DESC 'Standard LDAP attribute type' SUP name X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.45 NAME 'x500UniqueIdentifier' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.46 NAME 'dnQualifier' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.47 NAME 'enhancedSearchGuide' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.48 NAME 'protocolInformation' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.50 NAME 'uniqueMember' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.51 NAME 'houseIdentifier' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.52 NAME 'supportedAlgorithms' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.53 NAME 'deltaRevocationList' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 2.5.4.54 NAME 'dmdName' SUP name X-ORIGIN 'RFC 2256' )
-attributeTypes: ( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' ) DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.3 NAME ( 'mail' 'rfc822mailbox' ) DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.6 NAME 'roomNumber' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.10 NAME 'manager' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.20 NAME ( 'homePhone' 'homeTelephoneNumber' ) DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.21 NAME 'secretary' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.39 NAME 'homePostalAddress' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.41 NAME ( 'mobile' 'mobileTelephoneNumber' ) DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.42 NAME ( 'pager' 'pagerTelephoneNumber' ) DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.43 NAME ( 'co' 'friendlycountryname' ) DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.55 NAME 'audio' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.60 NAME 'jpegPhoto' DESC 'inetOrgPerson attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 X-ORIGIN 'RFC 2798' )
-attributeTypes: ( 1.3.6.1.4.1.250.1.57 NAME ( 'labeledUri' 'labeledurl' ) DESC 'Uniform Resource Identifier with optional label' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'RFC 2079' )
-attributeTypes: ( 2.16.840.1.113730.3.1.1 NAME 'carLicense' DESC 'inetOrgPerson attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 2798' )
-attributeTypes: ( 2.16.840.1.113730.3.1.2 NAME 'departmentNumber' DESC 'inetOrgPerson attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 2798' )
-attributeTypes: ( 2.16.840.1.113730.3.1.3 NAME 'employeeNumber' DESC 'inetOrgPerson attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'RFC 2798' )
-attributeTypes: ( 2.16.840.1.113730.3.1.4 NAME 'employeeType' DESC 'inetOrgPerson attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 2798' )
 attributeTypes: ( 2.16.840.1.113730.3.1.5 NAME 'changeNumber' DESC 'Changelog attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 X-ORIGIN 'Changelog Internet Draft' )
 attributeTypes: ( 2.16.840.1.113730.3.1.6 NAME 'targetDn' DESC 'Changelog attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'Changelog Internet Draft' )
 attributeTypes: ( 2.16.840.1.113730.3.1.7 NAME 'changeType' DESC 'Changelog attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Changelog Internet Draft' )
@@ -117,20 +52,9 @@ attributeTypes: ( 2.16.840.1.113730.3.1.9 NAME 'newRdn' DESC 'Changelog attribut
 attributeTypes: ( 2.16.840.1.113730.3.1.10 NAME 'deleteOldRdn' DESC 'Changelog attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 X-ORIGIN 'Changelog Internet Draft' )
 attributeTypes: ( 2.16.840.1.113730.3.1.11 NAME 'newSuperior' DESC 'Changelog attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'Changelog Internet Draft' )
 attributeTypes: ( 2.16.840.1.113730.3.1.34 NAME 'ref' DESC 'LDAP referrals attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'LDAPv3 referrals Internet Draft' )
-attributeTypes: ( 2.5.18.10 NAME 'subschemaSubentry' DESC 'Standard LDAP attribute type' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation X-ORIGIN 'RFC 2252' )
-attributeTypes: ( 1.3.6.1.4.1.1466.101.120.5 NAME 'namingContexts' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 USAGE dSAOperation X-ORIGIN 'RFC 2252' )
-attributeTypes: ( 1.3.6.1.4.1.1466.101.120.6 NAME 'altServer' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 USAGE dSAOperation X-ORIGIN 'RFC 2252' )
-attributeTypes: ( 1.3.6.1.4.1.1466.101.120.7 NAME 'supportedExtension' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation X-ORIGIN 'RFC 2252' )
-attributeTypes: ( 1.3.6.1.4.1.1466.101.120.13 NAME 'supportedControl' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation X-ORIGIN 'RFC 2252' )
-attributeTypes: ( 1.3.6.1.4.1.1466.101.120.14 NAME 'supportedSASLMechanisms' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 USAGE dSAOperation X-ORIGIN 'RFC 2252' )
-attributeTypes: ( 1.3.6.1.4.1.1466.101.120.15 NAME 'supportedLDAPVersion' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 USAGE dSAOperation X-ORIGIN 'RFC 2252' )
-attributeTypes: ( 1.3.6.1.4.1.1466.101.120.16 NAME 'ldapSyntaxes' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 USAGE directoryOperation X-ORIGIN 'RFC 2252' )
-attributeTypes: ( 1.3.6.1.4.1.4203.1.3.5 NAME 'supportedFeatures' DESC 'features supported by the server' EQUALITY objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation X-ORIGIN 'RFC 3674')
 attributeTypes: ( 2.16.840.1.113730.3.1.36 NAME 'nsLicensedFor' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Administration Services' )
 attributeTypes: ( 2.16.840.1.113730.3.1.37 NAME 'nsLicenseStartTime' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Administration Services' )
 attributeTypes: ( 2.16.840.1.113730.3.1.38 NAME 'nsLicenseEndTime' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Administration Services' )
-attributeTypes: ( 2.16.840.1.113730.3.1.39 NAME 'preferredLanguage' DESC 'inetOrgPerson attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'RFC 2798' )
-attributeTypes: ( 2.16.840.1.113730.3.1.40 NAME 'userSMIMECertificate' DESC 'inetOrgPerson attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 X-ORIGIN 'RFC 2798' )
 attributeTypes: ( 2.16.840.1.113730.3.1.70 NAME 'serverRoot' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Administration Services' )
 attributeTypes: ( 2.16.840.1.113730.3.1.71 NAME 'serverProductName' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Administration Services' )
 attributeTypes: ( 2.16.840.1.113730.3.1.72 NAME 'serverVersionNumber' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Administration Services' )
@@ -178,13 +102,11 @@ attributeTypes: ( 2.16.840.1.113730.3.1.209 NAME 'vlvFilter' DESC 'Netscape defi
 attributeTypes: ( 2.16.840.1.113730.3.1.210 NAME 'vlvSort' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
 attributeTypes: ( 2.16.840.1.113730.3.1.213 NAME 'vlvEnabled' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 X-ORIGIN 'Netscape Directory Server' )
 attributeTypes: ( 2.16.840.1.113730.3.1.214 NAME 'passwordAllowChangeTime' DESC 'Netscape defined password policy attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE USAGE directoryOperation X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.216 NAME 'userPKCS12' DESC 'inetOrgPerson attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 X-ORIGIN 'RFC 2798' )
 attributeTypes: ( 2.16.840.1.113730.3.1.219 NAME 'vlvUses' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 X-ORIGIN 'Netscape Directory Server' )
 attributeTypes: ( 2.16.840.1.113730.3.1.220 NAME ( 'passwordMustChange' 'pwdMustChange' ) DESC 'Netscape defined password policy attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
 attributeTypes: ( 2.16.840.1.113730.3.1.221 NAME 'passwordStorageScheme' DESC 'Netscape defined password policy attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
 attributeTypes: ( 2.16.840.1.113730.3.1.222 NAME ( 'passwordMinAge' 'pwdMinAge' ) DESC 'Netscape defined password policy attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
 attributeTypes: ( 2.16.840.1.113730.3.1.223 NAME ( 'passwordResetFailureCount' 'pwdFailureCountInterval' ) DESC 'Netscape defined password policy attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.241 NAME 'displayName' DESC 'inetOrgPerson attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'RFC 2798' )
 attributeTypes: ( 2.16.840.1.113730.3.1.550 NAME 'cosAttribute' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
 attributeTypes: ( 2.16.840.1.113730.3.1.551 NAME 'cosspecifier' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
 attributeTypes: ( 2.16.840.1.113730.3.1.552 NAME 'costargettree' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
@@ -194,7 +116,6 @@ attributeTypes: ( 2.16.840.1.113730.3.1.200 NAME 'changeLogMaximumAge' DESC 'Net
 attributeTypes: ( 2.16.840.1.113730.3.1.201 NAME 'changeLogMaximumSize' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
 attributeTypes: ( 2.16.840.1.113730.3.1.205 NAME 'changeLogMaximumConcurrentWrites' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Directory Server' )
 attributeTypes: ( 1.3.6.1.4.1.250.1.60 NAME ( 'ttl' 'timeToLive' ) DESC 'time to live in seconds for cached objects' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'LDAP Caching Internet Draft' )
-attributeTypes: ( 0.9.2342.19200300.100.1.7 NAME 'photo' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 X-ORIGIN 'RFC 1274' )
 attributeTypes: ( 2.16.840.1.113730.3.1.612 NAME 'generation' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'Netscape Directory Server' )
 attributeTypes: ( 1.3.1.1.4.1.453.16.2.103 NAME 'numSubordinates' DESC 'count of immediate subordinates' EQUALITY integerMatch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation X-ORIGIN 'numSubordinates Internet Draft' )
 attributeTypes: ( 2.5.18.9 NAME 'hasSubordinates' DESC 'if TRUE, subordinate entries may exist' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation X-ORIGIN 'numSubordinates Internet Draft' )
@@ -229,33 +150,9 @@ attributeTypes: ( 2.16.840.1.113730.3.1.2066 NAME 'nsSaslMapFilterTemplate' DESC
 #
 # objectclasses:
 #
-objectClasses: ( 2.5.6.1 NAME 'alias' DESC 'Standard LDAP objectclass' SUP top ABSTRACT MUST ( aliasedObjectName ) X-ORIGIN 'RFC 2256' )
-objectClasses: ( 1.3.6.1.4.1.1466.101.120.111 NAME 'extensibleObject' DESC 'LDAPv3 extensible object' SUP top AUXILIARY X-ORIGIN 'RFC 2252' )
-objectClasses: ( 2.5.6.2 NAME 'country' DESC 'Standard LDAP objectclass' SUP top MUST ( c ) MAY ( searchGuide $ description ) X-ORIGIN 'RFC 2256' )
-objectClasses: ( 2.5.6.3 NAME 'locality' DESC 'Standard LDAP attribute type' SUP top MAY ( description $ l $ searchGuide $ seeAlso $ st $ street ) X-ORIGIN 'RFC 2256' )
-objectClasses: ( 2.5.6.4 NAME 'organization' DESC 'Standard LDAP objectclass' SUP top MUST ( o ) MAY ( businessCategory $ description $ destinationIndicator $ facsimileTelephoneNumber $ internationaliSDNNumber $ l $ physicalDeliveryOfficeName $ postOfficeBox $ postalAddress $ postalCode $ preferredDeliveryMethod $ registeredAddress $ searchGuide $ seeAlso $ st $ street $ telephoneNumber $ teletexTerminalIdentifier $ telexNumber $ userPassword $ x121Address ) X-ORIGIN 'RFC 2256' )
-objectClasses: ( 2.5.6.5 NAME 'organizationalUnit' DESC 'Standard LDAP objectclass' SUP top MUST ( ou ) MAY ( businessCategory $ description $ destinationIndicator $ facsimileTelephoneNumber $ internationaliSDNNumber $ l $ physicalDeliveryOfficeName $ postOfficeBox $ postalAddress $ postalCode $ preferredDeliveryMethod $ registeredAddress $ searchGuide $ seeAlso $ st $ street $ telephoneNumber $ teletexTerminalIdentifier $ telexNumber $ userPassword $ x121Address ) X-ORIGIN 'RFC 2256' )
-objectClasses: ( 2.5.6.6 NAME 'person' DESC 'Standard LDAP objectclass' SUP top MUST ( sn $ cn ) MAY ( description $ seeAlso $ telephoneNumber $ userPassword ) X-ORIGIN 'RFC 2256' )
-objectClasses: ( 2.5.6.7 NAME 'organizationalPerson' DESC 'Standard LDAP objectclass' SUP person MAY ( destinationIndicator $ facsimileTelephoneNumber $ internationaliSDNNumber $ l $ ou $ physicalDeliveryOfficeName $ postOfficeBox $ postalAddress $ postalCode $ preferredDeliveryMethod $ registeredAddress $ st $ street $ teletexTerminalIdentifier $ telexNumber $ title $ x121Address ) X-ORIGIN 'RFC 2256' )
-objectClasses: ( 2.16.840.1.113730.3.2.2 NAME 'inetOrgPerson' DESC 'Internet extended organizational person objectclass' SUP organizationalPerson MAY ( audio $ businessCategory $ carLicense $ departmentNumber $ displayName $ employeeType $ employeeNumber $ givenName $ homePhone $ homePostalAddress $ initials $ jpegPhoto $ labeledURI $ manager $ mobile $ pager $ photo $ preferredLanguage $ mail $ o $ roomNumber $ secretary $ uid $ x500uniqueIdentifier $ userCertificate $ userSMimeCertificate $ userPKCS12 ) X-ORIGIN 'RFC 2798' )
-objectClasses: ( 2.5.6.8 NAME 'organizationalRole' DESC 'Standard LDAP objectclass' SUP top MUST ( cn ) MAY ( description $ destinationIndicator $ facsimileTelephoneNumber $ internationaliSDNNumber $ l $ ou $ physicalDeliveryOfficeName $ postOfficeBox $ postalAddress $ postalCode $ preferredDeliveryMethod $ registeredAddress $ roleOccupant $ seeAlso $ st $ street $ telephoneNumber $ teletexTerminalIdentifier $ telexNumber $ x121Address ) X-ORIGIN 'RFC 2256' )
-objectClasses: ( 2.5.6.9 NAME 'groupOfNames' DESC 'Standard LDAP objectclass' SUP top MUST ( cn ) MAY ( member $ businessCategory $ description $ o $ ou $ owner $ seeAlso ) X-ORIGIN 'RFC 2256' )
-objectClasses: ( 2.5.6.17 NAME 'groupOfUniqueNames' DESC 'Standard LDAP objectclass' SUP top MUST ( cn ) MAY ( uniqueMember $ businessCategory $ description $ o $ ou $ owner $ seeAlso ) X-ORIGIN 'RFC 2256' )
 objectClasses: ( 2.16.840.1.113730.3.2.31 NAME 'groupOfCertificates' DESC 'Netscape defined objectclass' SUP top MUST ( cn ) MAY ( memberCertificateDescription $ businessCategory $ description $ o $ ou $ owner $ seeAlso ) X-ORIGIN 'Netscape Directory Server' )
 objectClasses: ( 2.16.840.1.113730.3.2.33 NAME 'groupOfURLs' DESC 'Netscape defined objectclass' SUP top MUST ( cn ) MAY ( memberURL $ businessCategory $ description $ o $ ou $ owner $ seeAlso ) X-ORIGIN 'Netscape Directory Server' )
-objectClasses: ( 2.5.6.10 NAME 'residentialPerson' DESC 'Standard LDAP objectclass' SUP person MUST ( l ) MAY ( businessCategory $ destinationIndicator $ facsimileTelephoneNumber $ internationaliSDNNumber $ physicalDeliveryOfficeName $ postOfficeBox $ postalAddress $ postalCode $ preferredDeliveryMethod $ registeredAddress $ st $ street $ teletexTerminalIdentifier $ telexNumber $ x121Address ) X-ORIGIN 'RFC 2256' )
-objectClasses: ( 2.5.6.11 NAME 'applicationProcess' DESC 'Standard LDAP objectclass' SUP top MUST ( cn ) MAY ( description $ l $ ou $ seeAlso ) X-ORIGIN 'RFC 2256' )
 objectClasses: ( 2.16.840.1.113730.3.2.35 NAME 'LDAPServer' DESC 'Netscape defined objectclass' SUP top MUST ( cn ) MAY ( description $ l $ ou $ seeAlso $ generation $ changeLogMaximumAge $ changeLogMaximumSize ) X-ORIGIN 'Netscape Directory Server' )
-objectClasses: ( 2.5.6.12 NAME 'applicationEntity' DESC 'Standard LDAP objectclass' SUP top MUST ( presentationAddress $ cn ) MAY ( description $ l $ o $ ou $ seeAlso $ supportedApplicationContext ) X-ORIGIN 'RFC 2256' )
-objectClasses: ( 2.5.6.13 NAME 'dSA' DESC 'Standard LDAP objectclass' SUP applicationEntity MAY ( knowledgeInformation ) X-ORIGIN 'RFC 2256' )
-objectClasses: ( 2.5.6.14 NAME 'device' DESC 'Standard LDAP objectclass' SUP top MUST ( cn ) MAY ( description $ l $ o $ ou $ owner $ seeAlso $ serialNumber ) X-ORIGIN 'RFC 2256' )
-objectClasses: ( 2.5.6.15 NAME 'strongAuthenticationUser' DESC 'Standard LDAP objectclass' SUP top AUXILIARY MUST ( userCertificate ) X-ORIGIN 'RFC 2256' )
-objectClasses: ( 2.5.6.16 NAME 'certificationAuthority' DESC 'Standard LDAP objectclass' SUP top AUXILIARY MUST ( authorityRevocationList $ certificateRevocationList $ cACertificate ) MAY crossCertificatePair X-ORIGIN 'RFC 2256' )
-objectClasses: ( 2.5.6.16.2 NAME 'certificationAuthority-V2' DESC 'Standard LDAP objectclass' SUP certificationAuthority MAY deltaRevocationList X-ORIGIN 'RFC 2256' )
-objectClasses: ( 2.5.6.18 NAME 'userSecurityInformation' SUP top AUXILIARY MAY ( supportedAlgorithms ) X-ORIGIN 'RFC 2256' )
-objectClasses: ( 2.5.6.19 NAME 'cRLDistributionPoint' SUP top STRUCTURAL MUST ( cn ) MAY ( certificateRevocationList $ authorityRevocationList $ deltaRevocationList ) X-ORIGIN 'RFC 2256' )
-objectClasses: ( 2.5.6.20 NAME 'dmd' SUP top STRUCTURAL MUST ( dmdName ) MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ x121Address $ registeredAddress $ destinationIndicator $ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) X-ORIGIN 'RFC 2256' )
-objectClasses: ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject' DESC 'object that contains the URI attribute type' SUP top AUXILIARY MAY ( labeledURI ) X-ORIGIN 'RFC 2079' )
 objectClasses: ( 1.3.6.1.4.1.250.3.18 NAME 'cacheObject' DESC 'object that contains the TTL (time to live) attribute type' SUP top MAY ( ttl ) X-ORIGIN 'LDAP Caching Internet Draft' )
 objectClasses: ( 2.16.840.1.113730.3.2.10 NAME 'netscapeServer' DESC 'Netscape defined objectclass' SUP top MUST ( cn ) MAY ( description $ serverRoot $ serverProductName $ serverVersionNumber $ installationTimeStamp $ administratorContactInfo $ userpassword $ adminURL $ serverHostName ) X-ORIGIN 'Netscape Administration Services' )
 objectClasses: ( 2.16.840.1.113730.3.2.7 NAME 'nsLicenseUser' DESC 'Netscape defined objectclass' SUP top MAY ( nsLicensedFor $ nsLicenseStartTime $ nsLicenseEndTime ) X-ORIGIN 'Netscape Administration Services' )
diff --git a/ldap/schema/05rfc2247.ldif b/ldap/schema/05rfc2247.ldif
deleted file mode 100644
index d0da6168..00000000
--- a/ldap/schema/05rfc2247.ldif
+++ /dev/null
@@ -1,48 +0,0 @@
-#
-# BEGIN COPYRIGHT BLOCK
-# This Program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License as published by the Free Software
-# Foundation; version 2 of the License.
-# 
-# This Program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
-# 
-# You should have received a copy of the GNU General Public License along with
-# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
-# Place, Suite 330, Boston, MA 02111-1307 USA.
-# 
-# In addition, as a special exception, Red Hat, Inc. gives You the additional
-# right to link the code of this Program with code not covered under the GNU
-# General Public License ("Non-GPL Code") and to distribute linked combinations
-# including the two, subject to the limitations in this paragraph. Non-GPL Code
-# permitted under this exception must only link to the code of this Program
-# through those well defined interfaces identified in the file named EXCEPTION
-# found in the source code files (the "Approved Interfaces"). The files of
-# Non-GPL Code may instantiate templates or use macros or inline functions from
-# the Approved Interfaces without causing the resulting work to be covered by
-# the GNU General Public License. Only Red Hat, Inc. may make changes or
-# additions to the list of Approved Interfaces. You must obey the GNU General
-# Public License in all respects for all of the Program code and other code used
-# in conjunction with the Program except the Non-GPL Code covered by this
-# exception. If you modify this file, you may extend this exception to your
-# version of the file, but you are not obligated to do so. If you do not wish to
-# provide this exception without modification, you must delete this exception
-# statement from your version and license this file solely under the GPL without
-# exception. 
-# 
-# 
-# Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
-# Copyright (C) 2005 Red Hat, Inc.
-# All rights reserved.
-# END COPYRIGHT BLOCK
-#
-#
-# Schema from RFC 2247 and related pilot schema
-#	"Using Domains in LDAP/X.500 Distinguished Names"
-#
-dn: cn=schema
-attributeTypes: ( 0.9.2342.19200300.100.1.25 NAME ( 'dc' 'domaincomponent' ) DESC 'Standard LDAP attribute type' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'RFC 2247' )
-attributeTypes: ( 0.9.2342.19200300.100.1.38 NAME 'associatedName' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'RFC 1274' )
-objectClasses: ( 1.3.6.1.4.1.1466.344 NAME 'dcObject' DESC 'Standard LDAP objectclass' SUP top AUXILIARY MUST dc X-ORIGIN 'RFC 2247' )
-objectClasses: ( 0.9.2342.19200300.100.4.13 NAME 'domain' DESC 'Standard LDAP objectclass' SUP top STRUCTURAL MUST dc MAY ( associatedName $ businessCategory $ description $ destinationIndicator $ facsimileTelephoneNumber $ internationaliSDNNumber $ l $ o $ physicalDeliveryOfficeName $ postOfficeBox $ postalAddress $ postalCode $ preferredDeliveryMethod $ registeredAddress $ searchGuide $ seeAlso $ st $ street $ telephoneNumber $ teletexTerminalIdentifier $ telexNumber $ userPassword $ x121Address ) X-ORIGIN 'RFC 2247' )
diff --git a/ldap/schema/05rfc4523.ldif b/ldap/schema/05rfc4523.ldif
new file mode 100644
index 00000000..ed2d5b22
--- /dev/null
+++ b/ldap/schema/05rfc4523.ldif
@@ -0,0 +1,165 @@
+# RFC 4523 - Schema Definitions for X.509 Certificates
+################################################################################
+#
+dn: cn=schema
+#
+################################################################################
+# TODO - Add Certificate syntax
+#attributeTypes: ( 2.5.4.36 NAME 'userCertificate'
+#  DESC 'X.509 user certificate'
+#  EQUALITY certificateExactMatch
+#  SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
+attributeTypes: ( 2.5.4.36 NAME 'userCertificate'
+  DESC 'X.509 user certificate'
+  EQUALITY certificateExactMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
+  X-ORIGIN 'RFC 4523' )
+#
+################################################################################
+# TODO - Add Certificate syntax
+#attributeTypes: ( 2.5.4.37 NAME 'cACertificate'
+#  DESC 'X.509 CA certificate'
+#  EQUALITY certificateExactMatch
+#  SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
+attributeTypes: ( 2.5.4.37 NAME 'cACertificate'
+  DESC 'X.509 CA certificate'
+  EQUALITY certificateExactMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
+  X-ORIGIN 'RFC 4523' )
+#
+################################################################################
+# TODO - Add CertificatePair syntax
+#attributeTypes: ( 2.5.4.40 NAME 'crossCertificatePair'
+#  DESC 'X.509 cross certificate pair'
+#  EQUALITY certificatePairExactMatch
+#  SYNTAX 1.3.6.1.4.1.1466.115.121.1.10
+#  X-ORIGIN 'RFC 4523' )
+attributeTypes: ( 2.5.4.40 NAME 'crossCertificatePair'
+  DESC 'X.509 cross certificate pair'
+  EQUALITY certificatePairExactMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
+  X-ORIGIN 'RFC 4523' )
+#
+################################################################################
+# TODO - Add CertificateList syntax
+#attributeTypes: ( 2.5.4.39 NAME 'certificateRevocationList'
+#  DESC 'X.509 certificate revocation list'
+#  EQUALITY certificateListExactMatch
+#  SYNTAX 1.3.6.1.4.1.1466.115.121.1.9
+#  X-ORIGIN 'RFC 4523' )
+attributeTypes: ( 2.5.4.39 NAME 'certificateRevocationList'
+  DESC 'X.509 certificate revocation list'
+  EQUALITY certificateListExactMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
+  X-ORIGIN 'RFC 4523' )
+#
+################################################################################
+# TODO - Add CertificateList syntax
+#attributeTypes: ( 2.5.4.38 NAME 'authorityRevocationList'
+#  DESC 'X.509 authority revocation list'
+#  EQUALITY certificateListExactMatch
+#  SYNTAX 1.3.6.1.4.1.1466.115.121.1.9
+#  X-ORIGIN 'RFC 4523' )
+attributeTypes: ( 2.5.4.38 NAME 'authorityRevocationList'
+  DESC 'X.509 authority revocation list'
+  EQUALITY certificateListExactMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
+  X-ORIGIN 'RFC 4523' )
+#
+################################################################################
+# TODO - Add CertificateList syntax
+#attributeTypes: ( 2.5.4.53 NAME 'deltaRevocationList'
+#  DESC 'X.509 delta revocation list'
+#  EQUALITY certificateListExactMatch
+#  SYNTAX 1.3.6.1.4.1.1466.115.121.1.9
+#  X-ORIGIN 'RFC 4523' )
+attributeTypes: ( 2.5.4.53 NAME 'deltaRevocationList'
+  DESC 'X.509 delta revocation list'
+  EQUALITY certificateListExactMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
+  X-ORIGIN 'RFC 4523' )
+#
+################################################################################
+# TODO - Add SupportedAlgorithm syntax
+#attributeTypes: ( 2.5.4.52 NAME 'supportedAlgorithms'
+#  DESC 'X.509 supported algorithms'
+#  EQUALITY algorithmIdentifierMatch
+#  SYNTAX 1.3.6.1.4.1.1466.115.121.1.49
+#  X-ORIGIN 'RFC 4523' )
+attributeTypes: ( 2.5.4.52 NAME 'supportedAlgorithms'
+  DESC 'X.509 supported algorithms'
+  EQUALITY algorithmIdentifierMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
+  X-ORIGIN 'RFC 4523' )
+#
+################################################################################
+#
+objectClasses: ( 2.5.6.21 NAME 'pkiUser'
+  DESC 'X.509 PKI User'
+  SUP top AUXILIARY
+  MAY userCertificate
+  X-ORIGIN 'RFC 4523' )
+#
+################################################################################
+#
+objectClasses: ( 2.5.6.22 NAME 'pkiCA'
+  DESC 'X.509 PKI Certificate Authority'
+  SUP top AUXILIARY
+  MAY ( cACertificate $ certificateRevocationList $
+       authorityRevocationList $ crossCertificatePair )
+  X-ORIGIN 'RFC 4523' )
+#
+################################################################################
+#
+objectClasses: ( 2.5.6.19 NAME 'cRLDistributionPoint'
+  DESC 'X.509 CRL distribution point'
+  SUP top STRUCTURAL
+  MUST cn
+  MAY ( certificateRevocationList $
+       authorityRevocationList $ deltaRevocationList )
+  X-ORIGIN 'RFC 4523' )
+#
+################################################################################
+#
+objectClasses: ( 2.5.6.23 NAME 'deltaCRL'
+  DESC 'X.509 delta CRL'
+  SUP top AUXILIARY
+  MAY deltaRevocationList
+  X-ORIGIN 'RFC 4523' )
+#
+################################################################################
+#
+objectClasses: ( 2.5.6.15 NAME 'strongAuthenticationUser'
+  DESC 'X.521 strong authentication user'
+  SUP top AUXILIARY
+  MUST userCertificate
+  X-ORIGIN 'RFC 4523' )
+#
+################################################################################
+#
+objectClasses: ( 2.5.6.18 NAME 'userSecurityInformation'
+  DESC 'X.521 user security information'
+  SUP top AUXILIARY
+  MAY ( supportedAlgorithms )
+  X-ORIGIN 'RFC 4523' )
+#
+################################################################################
+#
+objectClasses: ( 2.5.6.16 NAME 'certificationAuthority'
+  DESC 'X.509 certificate authority'
+  SUP top AUXILIARY
+  MUST ( authorityRevocationList $
+       certificateRevocationList $ cACertificate )
+  MAY crossCertificatePair
+  X-ORIGIN 'RFC 4523' )
+#
+################################################################################
+#
+objectClasses: ( 2.5.6.16.2 NAME 'certificationAuthority-V2'
+  DESC 'X.509 certificate authority, version 2'
+  SUP certificationAuthority AUXILIARY
+  MAY deltaRevocationList
+  X-ORIGIN 'RFC 4523' )
+#
+################################################################################
+#
diff --git a/ldap/schema/05rfc4524.ldif b/ldap/schema/05rfc4524.ldif
new file mode 100644
index 00000000..e6663685
--- /dev/null
+++ b/ldap/schema/05rfc4524.ldif
@@ -0,0 +1,290 @@
+# Cosine LDAP/X.500 Schema
+################################################################################
+#
+dn: cn=schema
+#
+################################################################################
+#
+attributeTypes: ( 0.9.2342.19200300.100.1.37 NAME 'associatedDomain'
+  EQUALITY caseIgnoreIA5Match
+  SUBSTR caseIgnoreIA5SubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+attributeTypes: ( 0.9.2342.19200300.100.1.38 NAME 'associatedName'
+  EQUALITY distinguishedNameMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+attributeTypes: ( 0.9.2342.19200300.100.1.48 NAME 'buildingName'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256}
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+attributeTypes: ( 0.9.2342.19200300.100.1.43 NAME 'co'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+attributeTypes: ( 0.9.2342.19200300.100.1.14 NAME 'documentAuthor'
+  EQUALITY distinguishedNameMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+attributeTypes: ( 0.9.2342.19200300.100.1.11 NAME 'documentIdentifier'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256}
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+attributeTypes: ( 0.9.2342.19200300.100.1.15 NAME 'documentLocation'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256}
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+attributeTypes: ( 0.9.2342.19200300.100.1.56 NAME 'documentPublisher'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+attributeTypes: ( 0.9.2342.19200300.100.1.12 NAME 'documentTitle'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256}
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+attributeTypes: ( 0.9.2342.19200300.100.1.13 NAME 'documentVersion'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256}
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+attributeTypes: ( 0.9.2342.19200300.100.1.5 NAME 'drink'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256}
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+attributeTypes: ( 0.9.2342.19200300.100.1.20 NAME 'homePhone'
+  EQUALITY telephoneNumberMatch
+  SUBSTR telephoneNumberSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.50
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+attributeTypes: ( 0.9.2342.19200300.100.1.39 NAME 'homePostalAddress'
+  EQUALITY caseIgnoreListMatch
+  SUBSTR caseIgnoreListSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.41
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+attributeTypes: ( 0.9.2342.19200300.100.1.9 NAME 'host'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256}
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+attributeTypes: ( 0.9.2342.19200300.100.1.4 NAME 'info'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{2048}
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+attributeTypes: ( 0.9.2342.19200300.100.1.3 NAME 'mail'
+  EQUALITY caseIgnoreIA5Match
+  SUBSTR caseIgnoreIA5SubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+attributeTypes: ( 0.9.2342.19200300.100.1.10 NAME 'manager'
+  EQUALITY distinguishedNameMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+attributeTypes: ( 0.9.2342.19200300.100.1.41 NAME 'mobile'
+  EQUALITY telephoneNumberMatch
+  SUBSTR telephoneNumberSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.50
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+attributeTypes: ( 0.9.2342.19200300.100.1.45 NAME 'organizationalStatus'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256}
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+attributeTypes: ( 0.9.2342.19200300.100.1.42 NAME 'pager'
+  EQUALITY telephoneNumberMatch
+  SUBSTR telephoneNumberSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.50
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+attributeTypes: ( 0.9.2342.19200300.100.1.40 NAME 'personalTitle'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256}
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+attributeTypes: ( 0.9.2342.19200300.100.1.6 NAME 'roomNumber'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256}
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+attributeTypes: ( 0.9.2342.19200300.100.1.21 NAME 'secretary'
+  EQUALITY distinguishedNameMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+attributeTypes: ( 0.9.2342.19200300.100.1.44 NAME 'uniqueIdentifier'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256}
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+attributeTypes: ( 0.9.2342.19200300.100.1.8 NAME 'userClass'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256}
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+# ObjectClasses
+#
+################################################################################
+#
+objectClasses: ( 0.9.2342.19200300.100.4.5 NAME 'account'
+  SUP top STRUCTURAL
+  MUST uid
+  MAY ( description $ seeAlso $ l $ o $ ou $ host )
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+objectClasses: ( 0.9.2342.19200300.100.4.6 NAME 'document'
+  SUP top STRUCTURAL
+  MUST documentIdentifier
+  MAY ( cn $ description $ seeAlso $ l $ o $ ou $
+    documentTitle $ documentVersion $ documentAuthor $
+    documentLocation $ documentPublisher )
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+objectClasses: ( 0.9.2342.19200300.100.4.9 NAME 'documentSeries'
+  SUP top STRUCTURAL
+  MUST cn
+  MAY ( description $ l $ o $ ou $ seeAlso $
+    telephonenumber )
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+objectClasses: ( 0.9.2342.19200300.100.4.13 NAME 'domain'
+  SUP top STRUCTURAL
+  MUST dc
+  MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
+    x121Address $ registeredAddress $ destinationIndicator $
+    preferredDeliveryMethod $ telexNumber $
+    teletexTerminalIdentifier $ telephoneNumber $
+    internationaliSDNNumber $ facsimileTelephoneNumber $ street $
+    postOfficeBox $ postalCode $ postalAddress $
+    physicalDeliveryOfficeName $ st $ l $ description $ o $
+    associatedName )
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+objectClasses: ( 0.9.2342.19200300.100.4.17 NAME 'domainRelatedObject'
+  SUP top AUXILIARY
+  MUST associatedDomain
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+objectClasses: ( 0.9.2342.19200300.100.4.18 NAME 'friendlyCountry'
+  SUP country STRUCTURAL
+  MUST co
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+objectClasses: ( 0.9.2342.19200300.100.4.14 NAME 'rFC822localPart'
+  SUP domain STRUCTURAL
+  MAY ( cn $ description $ destinationIndicator $
+    facsimileTelephoneNumber $ internationaliSDNNumber $
+    physicalDeliveryOfficeName $ postalAddress $ postalCode $
+    postOfficeBox $ preferredDeliveryMethod $ registeredAddress $
+    seeAlso $ sn $ street $ telephoneNumber $
+    teletexTerminalIdentifier $ telexNumber $ x121Address )
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+objectClasses: ( 0.9.2342.19200300.100.4.7 NAME 'room'
+  SUP top STRUCTURAL
+  MUST cn
+  MAY ( roomNumber $ description $ seeAlso $ telephoneNumber )
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
+objectClasses: ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject'
+  SUP top AUXILIARY
+  MUST userPassword
+  X-ORIGIN 'RFC 4524' )
+#
+################################################################################
+#
diff --git a/ldap/schema/06inetorgperson.ldif b/ldap/schema/06inetorgperson.ldif
new file mode 100644
index 00000000..9eb97657
--- /dev/null
+++ b/ldap/schema/06inetorgperson.ldif
@@ -0,0 +1,134 @@
+# RFC 2798 - inetorgperson schema (2079, 1274 (partial))
+################################################################################
+dn: cn=schema
+#
+################################################################################
+#
+attributeTypes: ( 2.16.840.1.113730.3.1.1 NAME 'carLicense'
+  DESC 'vehicle license or registration plate'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+  X-ORIGIN 'RFC 2798' )
+#
+################################################################################
+#
+attributeTypes: ( 2.16.840.1.113730.3.1.2
+  NAME 'departmentNumber'
+  DESC 'identifies a department within an organization'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+  X-ORIGIN 'RFC 2798' )
+#
+################################################################################
+#
+attributeTypes: ( 2.16.840.1.113730.3.1.241
+  NAME 'displayName'
+  DESC 'preferred name of a person to be used when displaying entries'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+  SINGLE-VALUE
+  X-ORIGIN 'RFC 2798' )
+#
+################################################################################
+#
+attributeTypes: ( 2.16.840.1.113730.3.1.3
+  NAME 'employeeNumber'
+  DESC 'numerically identifies an employee within an organization'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+  SINGLE-VALUE
+  X-ORIGIN 'RFC 2798' )
+#
+################################################################################
+#
+attributeTypes: ( 2.16.840.1.113730.3.1.4
+  NAME 'employeeType'
+  DESC 'type of employment for a person'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+  X-ORIGIN 'RFC 2798' )
+#
+################################################################################
+#
+attributeTypes: ( 0.9.2342.19200300.100.1.60
+  NAME 'jpegPhoto'
+  DESC 'a JPEG image'
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.28
+  X-ORIGIN 'RFC 2798' )
+#
+################################################################################
+#
+attributeTypes: ( 2.16.840.1.113730.3.1.39
+  NAME 'preferredLanguage'
+  DESC 'preferred written or spoken language for a person'
+  EQUALITY caseIgnoreMatch
+  SUBSTR caseIgnoreSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+  SINGLE-VALUE
+  X-ORIGIN 'RFC 2798' )
+#
+################################################################################
+#
+attributeTypes: ( 2.16.840.1.113730.3.1.40
+  NAME 'userSMIMECertificate'
+  DESC 'signed message used to support S/MIME'
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
+  X-ORIGIN 'RFC 2798' )
+#
+################################################################################
+#
+attributeTypes: ( 2.16.840.1.113730.3.1.216
+  NAME 'userPKCS12'
+  DESC 'PKCS #12 PFX PDU for exchange of personal identity information'
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
+  X-ORIGIN 'RFC 2798' )
+#
+################################################################################
+#
+# RFC 1274 is obsoleted by RFC 4524.  The inetOrgPerson objectclass defined
+# in RFC 2798 allows the "audio" and "photo" attributes from RFC 1274 however,
+# which are not defined in RFC 4524.  We define these attributes here.
+#
+################################################################################
+#
+attributeTypes: ( 0.9.2342.19200300.100.1.55 NAME 'audio'
+  EQUALITY octetStringMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{250000}
+  X-ORIGIN 'RFC 1274' )
+#
+################################################################################
+#
+attributeTypes: ( 0.9.2342.19200300.100.1.7 NAME 'photo'
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.23{25000}
+  X-ORIGIN 'RFC 1274' )
+#
+################################################################################
+#
+attributeTypes: ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI'
+  EQUALITY caseExactMatch
+  SUBSTR caseExactSubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+  X-ORIGIN 'RFC 2079' )
+#
+################################################################################
+#
+objectClasses: ( 2.16.840.1.113730.3.2.2
+  NAME 'inetOrgPerson'
+  SUP organizationalPerson
+  STRUCTURAL
+  MAY ( audio $ businessCategory $ carLicense $ departmentNumber $
+      displayName $ employeeNumber $ employeeType $ givenName $
+      homePhone $ homePostalAddress $ initials $ jpegPhoto $
+      labeledURI $ mail $ manager $ mobile $ o $ pager $
+      photo $ roomNumber $ secretary $ uid $ userCertificate $
+      x500uniqueIdentifier $ preferredLanguage $
+      userSMIMECertificate $ userPKCS12)
+  X-ORIGIN 'RFC 2798' )
+#
+################################################################################
+#
diff --git a/ldap/schema/28pilot.ldif b/ldap/schema/28pilot.ldif
deleted file mode 100644
index 3b2b1e66..00000000
--- a/ldap/schema/28pilot.ldif
+++ /dev/null
@@ -1,102 +0,0 @@
-#
-# BEGIN COPYRIGHT BLOCK
-# This Program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License as published by the Free Software
-# Foundation; version 2 of the License.
-# 
-# This Program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
-# 
-# You should have received a copy of the GNU General Public License along with
-# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
-# Place, Suite 330, Boston, MA 02111-1307 USA.
-# 
-# In addition, as a special exception, Red Hat, Inc. gives You the additional
-# right to link the code of this Program with code not covered under the GNU
-# General Public License ("Non-GPL Code") and to distribute linked combinations
-# including the two, subject to the limitations in this paragraph. Non-GPL Code
-# permitted under this exception must only link to the code of this Program
-# through those well defined interfaces identified in the file named EXCEPTION
-# found in the source code files (the "Approved Interfaces"). The files of
-# Non-GPL Code may instantiate templates or use macros or inline functions from
-# the Approved Interfaces without causing the resulting work to be covered by
-# the GNU General Public License. Only Red Hat, Inc. may make changes or
-# additions to the list of Approved Interfaces. You must obey the GNU General
-# Public License in all respects for all of the Program code and other code used
-# in conjunction with the Program except the Non-GPL Code covered by this
-# exception. If you modify this file, you may extend this exception to your
-# version of the file, but you are not obligated to do so. If you do not wish to
-# provide this exception without modification, you must delete this exception
-# statement from your version and license this file solely under the GPL without
-# exception. 
-# 
-# 
-# Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
-# Copyright (C) 2005 Red Hat, Inc.
-# All rights reserved.
-# END COPYRIGHT BLOCK
-#
-#
-# Schema from the pilot RFCs, especially RFC 1274, that is no longer 
-# recommended by Netscape for use in new deployments.  Please be aware
-# that future RFCs that succeed RFC 1274 may deprecate some or all of
-# these attribute types and classes.
-#
-dn: cn=schema
-attributeTypes: ( 0.9.2342.19200300.100.1.48 NAME 'buildingName' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.40 NAME 'personalTitle' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.37 NAME 'associatedDomain' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.102.1.9 NAME 'abstract' DESC 'Pilot attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Internet White Pages Pilot' )
-attributeTypes: ( 0.9.2342.19200300.102.1.11 NAME ( 'authorCn' 'documentauthorcommonname' ) DESC 'Pilot attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Internet White Pages Pilot' )
-attributeTypes: ( 0.9.2342.19200300.102.1.12 NAME ( 'authorSn' 'documentauthorsurname' ) DESC 'Pilot attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Internet White Pages Pilot' )
-attributeTypes: ( 0.9.2342.19200300.100.1.54 NAME 'ditRedirect' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.11 NAME 'documentIdentifier' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.12 NAME 'documentTitle' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.13 NAME 'documentVersion' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.14 NAME 'documentAuthor' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.15 NAME 'documentLocation' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.56 NAME 'documentPublisher' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.102.1.10 NAME 'documentStore' DESC 'Pilot attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Internet White Pages Pilot' )
-attributeTypes: ( 0.9.2342.19200300.100.1.5 NAME ( 'drink' 'favouriteDrink' ) DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.49 NAME 'dSAQuality' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.102.1.7 NAME 'keyWords' DESC 'Pilot attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Internet White Pages Pilot' )
-attributeTypes: ( 0.9.2342.19200300.100.1.24 NAME 'lastModifiedBy' DESC 'old variant of modifiersName' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.23 NAME 'lastModifiedTime' DESC 'old variant of modifyTimestamp' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.47 NAME 'mailPreferenceOption' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.102.1.4 NAME 'obsoletedByDocument' DESC 'Pilot attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'Internet White Pages Pilot' )
-attributeTypes: ( 0.9.2342.19200300.102.1.3 NAME 'obsoletesDocument' DESC 'Pilot attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'Internet White Pages Pilot' )
-attributeTypes: ( 0.9.2342.19200300.100.1.45 NAME 'organizationalStatus' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.53 NAME 'personalSignature' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 2.6.6.5.2.4.10 NAME 'reciprocalNamingLink' DESC 'NADF attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'North American Directory Forum (NADF)' )
-attributeTypes: ( 0.9.2342.19200300.100.1.50 NAME 'singleLevelQuality' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.102.1.8 NAME 'subject' DESC 'Pilot attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Internet White Pages Pilot' )
-attributeTypes: ( 0.9.2342.19200300.100.1.51 NAME 'subtreeMinimumQuality' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.52 NAME 'subtreeMaximumQuality' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.2 NAME 'textEncodedORAddress' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.102.1.6 NAME 'updatedByDocument' DESC 'Pilot attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'Internet White Pages Pilot' )
-attributeTypes: ( 0.9.2342.19200300.102.1.5 NAME 'updatesDocument' DESC 'Pilot attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'Internet White Pages Pilot' )
-attributeTypes: ( 0.9.2342.19200300.100.1.44 NAME 'uniqueIdentifier' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.4 NAME 'info' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.8 NAME 'userClass' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.9 NAME 'host' DESC 'Standard LDAP attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'RFC 1274' )
-attributeTypes: ( 0.9.2342.19200300.100.1.26 NAME ( 'ARecord' 'DNSRecord' ) DESC 'Pilot attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'Internet directory pilot' )
-attributeTypes: ( 0.9.2342.19200300.100.1.27 NAME ( 'MDRecord' ) DESC 'Pilot attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'Internet directory pilot' )
-attributeTypes: ( 0.9.2342.19200300.100.1.28 NAME ( 'MXRecord' ) DESC 'Pilot attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'Internet directory pilot' )
-attributeTypes: ( 0.9.2342.19200300.100.1.29 NAME ( 'NSRecord' ) DESC 'Pilot attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'Internet directory pilot' )
-attributeTypes: ( 0.9.2342.19200300.100.1.30 NAME ( 'SOARecord' ) DESC 'Pilot attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'Internet directory pilot' )
-attributeTypes: ( 0.9.2342.19200300.100.1.31 NAME ( 'CNAMERecord' ) DESC 'Pilot attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'Internet directory pilot' )
-objectClasses: ( 0.9.2342.19200300.100.4.3 NAME 'pilotObject' DESC 'Standard LDAP objectclass' SUP top MAY ( audio $ dITRedirect $ info $ jpegPhoto $ lastModifiedBy $ lastModifiedTime $ manager $ photo $ uniqueIdentifier ) X-ORIGIN 'RFC 1274' )
-objectClasses: ( 0.9.2342.19200300.100.4.4 NAME 'newPilotPerson' DESC 'Pilot objectclass' SUP person MAY ( businessCategory $ drink $ homePhone $ homePostalAddress $ janetMailbox $ mail $ mailPreferenceOption $ mobile $ organizationalStatus $ otherMailbox $ pager $ personalSignature $ personalTitle $ preferredDeliveryMethod $ roomNumber $ secretary $ textEncodedORAddress $ uid $ userClass ) X-ORIGIN 'Internet White Pages Pilot' )
-objectClasses: ( 0.9.2342.19200300.100.4.5 NAME 'account' DESC 'Standard LDAP objectclass' SUP top MUST ( uid ) MAY ( description $ host $ l $ o $ ou $ seeAlso ) X-ORIGIN 'RFC 1274' )
-objectClasses: ( 0.9.2342.19200300.100.4.6 NAME 'document' DESC 'Standard LDAP objectclass' SUP pilotObject MUST ( documentIdentifier ) MAY ( abstract $ authorCN $ authorSN $ cn $ description $ documentAuthor $ documentLocation $ documentPublisher $ documentStore $ documentTitle $ documentVersion $ keywords $ l $ o $ obsoletedByDocument $ obsoletesDocument $ ou $ seeAlso $ subject $ updatedByDocument $ updatesDocument ) X-ORIGIN 'RFC 1274' )
-objectClasses: ( 0.9.2342.19200300.100.4.7 NAME 'room' DESC 'Standard LDAP objectclass' SUP top MUST ( cn ) MAY ( description $ roomNumber $ seeAlso $ telephoneNumber ) X-ORIGIN 'RFC 1274' )
-objectClasses: ( 0.9.2342.19200300.100.4.9 NAME 'documentSeries' DESC 'Standard LDAP objectclass' SUP top MUST ( cn ) MAY ( description $ l $ o $ ou $ seeAlso $ telephoneNumber ) X-ORIGIN 'RFC 1274' )
-objectClasses: ( 0.9.2342.19200300.100.4.14 NAME 'RFC822localPart' DESC 'Pilot objectclass' SUP domain MAY ( cn $ sn ) X-ORIGIN 'Internet directory pilot' )
-objectClasses: ( 0.9.2342.19200300.100.4.15 NAME 'DNSDomain' DESC 'Pilot objectclass' SUP domain MAY ( ARecord $ MDRecord $ MXRecord $ NSRecord $ SOARecord $ CNAMERecord ) X-ORIGIN 'Internet directory pilot' )
-objectClasses: ( 0.9.2342.19200300.100.4.17 NAME 'domainRelatedObject' DESC 'Standard LDAP objectclass' SUP top AUXILIARY MUST ( associatedDomain ) X-ORIGIN 'RFC 1274' )
-objectClasses: ( 0.9.2342.19200300.100.4.18 NAME 'friendlyCountry' DESC 'Standard LDAP objectclass' SUP country MUST ( co ) X-ORIGIN 'RFC 1274' )
-objectClasses: ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject' DESC 'Standard LDAP objectclass' SUP top AUXILIARY MUST ( userPassword ) X-ORIGIN 'RFC 1274' )
-objectClasses: ( 0.9.2342.19200300.100.4.20 NAME 'pilotOrganization' DESC 'Standard LDAP objectclass' SUP top MUST ( ou $ o ) MAY ( buildingName $ businessCategory $ description $ destinationIndicator $ facsimileTelephoneNumber $ internationaliSDNNumber $ l $ physicalDeliveryOfficeName $ postOfficeBox $ postalAddress $ postalCode $ preferredDeliveryMethod $ registeredAddress $ searchGuide $ seeAlso $ st $ street $ telephoneNumber $ teletexTerminalIdentifier $ telexNumber $ userPassword $ x121Address ) X-ORIGIN 'RFC 1274' )
diff --git a/ldap/schema/50ns-directory.ldif b/ldap/schema/50ns-directory.ldif
index 943938da..294a0a82 100644
--- a/ldap/schema/50ns-directory.ldif
+++ b/ldap/schema/50ns-directory.ldif
@@ -110,7 +110,7 @@ attributeTypes: ( 2.16.840.1.113730.3.1.54 NAME 'replicaUseSSL' DESC 'Netscape d
 attributeTypes: ( 2.16.840.1.113730.3.1.57 NAME 'replicaRoot' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'Netscape Directory Server' )
 attributeTypes: ( 2.16.840.1.113730.3.1.58 NAME 'replicaBindDn' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'Netscape Directory Server' )
 attributeTypes: ( 2.16.840.1.113730.3.1.69 NAME 'subtreeACI' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'Netscape Directory Server 1.0' )
-attributeTypes: ( 2.16.840.1.113730.3.1.2084 NAME 'nsSymmetricKey' DESC 'A symmetric key - currently used by attribute encryption' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 SINGLE-VALUE X-ORIGIN 'attribute encryption' )
+attributeTypes: ( 2.16.840.1.113730.3.1.2084 NAME 'nsSymmetricKey' DESC 'A symmetric key - currently used by attribute encryption' SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE X-ORIGIN 'attribute encryption' )
 objectClasses: ( 2.16.840.1.113730.3.2.23 NAME 'netscapeDirectoryServer' DESC 'Netscape defined objectclass' SUP top MUST ( objectclass ) X-ORIGIN 'Netscape Directory Server' )
 objectClasses: ( nsDirectoryServer-oid NAME 'nsDirectoryServer' DESC 'Netscape defined objectclass' SUP top MUST ( objectclass $ nsServerID ) MAY ( serverHostName $ nsServerPort $ nsSecureServerPort $ nsBindPassword $ nsBindDN $ nsBaseDN ) X-ORIGIN 'Netscape Directory Server' )
 objectClasses: ( 2.16.840.1.113730.3.2.8 NAME 'ntUser' DESC 'Netscape defined objectclass' SUP top MUST ( ntUserDomainId ) MAY ( description $ l $ ou $ seeAlso $ ntUserPriv $ ntUserHomeDir $ ntUserComment $ ntUserFlags $ ntUserScriptPath $ ntUserAuthFlags $ ntUserUsrComment $ ntUserParms $ ntUserWorkstations $ ntUserLastLogon $ ntUserLastLogoff $ ntUserAcctExpires $ ntUserMaxStorage $ ntUserUnitsPerWeek $ ntUserLogonHours $ ntUserBadPwCount $ ntUserNumLogons $ ntUserLogonServer $ ntUserCountryCode $ ntUserCodePage $ ntUserUniqueId $ ntUserPrimaryGroupId $ ntUserProfile $ ntUserHomeDirDrive $ ntUserPasswordExpired $ ntUserCreateNewAccount $ ntUserDeleteAccount $ ntUniqueId) X-ORIGIN 'Netscape NT Synchronization' )
diff --git a/ldap/schema/60mozilla.ldif b/ldap/schema/60mozilla.ldif
index e53e442e..38376a3b 100644
--- a/ldap/schema/60mozilla.ldif
+++ b/ldap/schema/60mozilla.ldif
@@ -2,6 +2,8 @@
 # mozillaAbPersonAlpha
 #
 # Created initial version --[[User:Standard8|Standard8]] 12:21, 5 Dec 2005 (PST)
+# Change fax to facsimileTelephoneNumber to reflect core.schema
+# ({{bug|327872}} --[[User:Standard8|Standard8]] 12:45, 11 Dec 2008 (PST)
 #
 # This file contains LDAPv3 schema for use with the Mozilla Address Book
 # and is intended to ...
@@ -223,7 +225,7 @@ objectClasses: (
   SUP top
   AUXILIARY
   MUST ( cn )
-  MAY ( c $ description $ displayName $ fax $ givenName $ homePhone $ l $ mail $ mobile $ mozillaCustom1 $ mozillaCustom2 $ mozillaCustom3 $ mozillaCustom4 $ mozillaHomeCountryName $ mozillaHomeLocalityName $ mozillaHomePostalCode $ mozillaHomeState $ mozillaHomeStreet $ mozillaHomeStreet2 $ mozillaHomeUrl $ mozillaNickname $ mozillaSecondEmail $ mozillaUseHtmlMail $ mozillaWorkStreet2 $ mozillaWorkUrl $ nsAIMid $ o $ ou $ pager $ postalCode $ postOfficeBox $ sn $ st $ street $ telephoneNumber $ title )
+  MAY ( c $ description $ displayName $ facsimileTelephoneNumber $ givenName $ homePhone $ l $ mail $ mobile $ mozillaCustom1 $ mozillaCustom2 $ mozillaCustom3 $ mozillaCustom4 $ mozillaHomeCountryName $ mozillaHomeLocalityName $ mozillaHomePostalCode $ mozillaHomeState $ mozillaHomeStreet $ mozillaHomeStreet2 $ mozillaHomeUrl $ mozillaNickname $ mozillaSecondEmail $ mozillaUseHtmlMail $ mozillaWorkStreet2 $ mozillaWorkUrl $ nsAIMid $ o $ ou $ pager $ postalCode $ postOfficeBox $ sn $ st $ street $ telephoneNumber $ title )
   X-ORIGIN 'Mozilla Address Book'
   )
 #