2
# Schema elements which do not exist in AD, but which we use in Samba4
4
## Samba4 OID allocation from Samba3's examples/LDAP/samba.schema
5
## 1.3.6.1.4.1.7165.4.1.x - attributetypes
7
## 1.3.6.1.4.1.7165.4.2.x - objectclasses
9
## 1.3.6.1.4.1.7165.4.3.x - LDB/LDAP Controls
10
### see dsdb/samdb/samdb.h
12
## 1.3.6.1.4.1.7165.4.4.x - LDB/LDAP Extended Operations
13
### see dsdb/samdb/samdb.h
15
## 1.3.6.1.4.1.7165.4.255.x - mapped OIDs due to conflicts between AD and standards-track
23
#dn: cn=ntpwdHash,${SCHEMADN}
27
#objectClass: attributeSchema
28
#lDAPDisplayName: ntpwdhash
32
#schemaIDGUID: E961130F-5084-458C-9E9C-DEC16DA08592
33
#adminDisplayName: NT-PWD-Hash
34
#attributeID: 1.3.6.1.4.1.7165.4.1.1
35
#attributeSyntax: 2.5.5.10
41
#dn: cn=lmpwdHash,${SCHEMADN}
45
#objectClass: attributeSchema
46
#lDAPDisplayName: lmpwdhash
50
#schemaIDGUID: CBD0D18C-9C54-4A77-87C4-5CEEAF781253
51
#adminDisplayName: LM-PWD-Hash
52
#attributeID: 1.3.6.1.4.1.7165.4.1.2
53
#attributeSyntax: 2.5.5.10
59
#dn: cn=sambaNtPwdHistory,${SCHEMADN}
60
#cn: sambaNtPwdHistory
61
#name: sambaNtPwdHistory
63
#objectClass: attributeSchema
64
#lDAPDisplayName: sambaNtPwdHistory
68
#schemaIDGUID: 8CCD7658-C574-4435-A38C-99572E349E6B
69
#adminDisplayName: SAMBA-NT-PWD-History
70
#attributeID: 1.3.6.1.4.1.7165.4.1.3
71
#attributeSyntax: 2.5.5.10
77
#dn: cn=sambaLmPwdHistory,${SCHEMADN}
78
#cn: sambaLmPwdHistory
79
#name: sambaLmPwdHistory
81
#objectClass: attributeSchema
82
#lDAPDisplayName: sambaLmPwdHistory
83
#isSingleValued: FALSE
86
#schemaIDGUID: 0EAFE3DD-0F53-495E-8A34-97BB28AF17A4
87
#adminDisplayName: SAMBA-LM-PWDHistory
88
#attributeID: 1.3.6.1.4.1.7165.4.1.4
89
#attributeSyntax: 2.5.5.10
95
#dn: CN=sambaPassword,${SCHEMADN}
97
#objectClass: attributeSchema
98
#lDAPDisplayName: sambaPassword
99
#isSingleValued: FALSE
102
#schemaIDGUID: 87F10301-229A-4E69-B63A-998339ADA37A
103
#adminDisplayName: SAMBA-Password
104
#attributeID: 1.3.6.1.4.1.7165.4.1.5
105
#attributeSyntax: 2.5.5.5
111
#dn: cn=dnsDomain,${SCHEMADN}
113
#objectClass: attributeSchema
114
#lDAPDisplayName: dnsDomain
115
#isSingleValued: FALSE
118
#schemaIDGUID: A40165E6-5E45-44A7-A8FA-186C94333018
119
#adminDisplayName: DNS-Domain
120
#attributeID: 1.3.6.1.4.1.7165.4.1.6
121
#attributeSyntax: 2.5.5.4
124
dn: cn=privilege,${SCHEMADN}
126
objectClass: attributeSchema
127
lDAPDisplayName: privilege
128
isSingleValued: FALSE
131
schemaIDGUID: 7429BC94-CC6A-4481-8B2C-A97E316EB182
132
adminDisplayName: Privilege
133
attributeID: 1.3.6.1.4.1.7165.4.1.7
134
attributeSyntax: 2.5.5.4
140
#dn: CN=unixName,${SCHEMADN}
144
#objectClass: attributeSchema
145
#lDAPDisplayName: unixName
146
#isSingleValued: TRUE
149
#schemaIDGUID: bf9679f2-0de6-11d0-a285-00aa003049e2
150
#adminDisplayName: Unix-Name
151
#attributeID: 1.3.6.1.4.1.7165.4.1.9
152
#attributeSyntax: 2.5.5.4
158
#dn: cn=krb5Key,${SCHEMADN}
162
#objectClass: attributeSchema
163
#lDAPDisplayName: krb5Key
164
#isSingleValued: FALSE
167
#schemaIDGUID: 0EAFE3DD-0F53-495E-8A34-97BB28AF17A4
168
#adminDisplayName: krb5-Key
169
#attributeID: 1.3.6.1.4.1.5322.10.1.10
170
#attributeSyntax: 2.5.5.10
173
#Allocated: (not used anymore) DSDB_CONTROL_REPLICATED_OBJECT_OID 1.3.6.1.4.1.7165.4.3.1
175
#Allocated: DSDB_CONTROL_CURRENT_PARTITION_OID 1.3.6.1.4.1.7165.4.3.2
177
#Allocated: DSDB_CONTROL_REPLICATED_UPDATE_OID 1.3.6.1.4.1.7165.4.3.3
179
#Allocated: DSDB_EXTENDED_REPLICATED_OBJECTS_OID 1.3.6.1.4.1.7165.4.4.1
180
#Allocated: DSDB_EXTENDED_SCHEMA_UPDATE_NOW_OID 1.3.6.1.4.1.7165.4.4.2
181
#Allocated: LDB_EXTENDED_SEQUENCE_NUMBER 1.3.6.1.4.1.7165.4.4.3
183
#Allocated: (middleName) attributeID: 1.3.6.1.4.1.7165.4.255.1
185
#Allocated: (defaultGroup) attributeID: 1.3.6.1.4.1.7165.4.255.2
187
#Allocated: (modifyTimestamp) samba4ModifyTimestamp: 1.3.6.1.4.1.7165.4.255.3
188
#Allocated: (subSchema) samba4SubSchema: 1.3.6.1.4.1.7165.4.255.4
189
#Allocated: (objectClasses) samba4ObjectClasses: 1.3.6.1.4.1.7165.4.255.5
190
#Allocated: (ditContentRules) samba4DitContentRules: 1.3.6.1.4.1.7165.4.255.6
191
#Allocated: (attributeTypes) samba4AttributeTypes: 1.3.6.1.4.1.7165.4.255.7
192
#Allocated: (dynamicObject) samba4DynamicObject: 1.3.6.1.4.1.7165.4.255.8
193
#Allocated: (entryTTL) samba4EntryTTL: 1.3.6.1.4.1.7165.4.255.9
196
# Fedora DS uses this attribute, and we need to set it via our module stack
198
dn: CN=aci,${SCHEMADN}
202
objectClass: attributeSchema
207
schemaIDGUID: d8e6c1fa-db08-4f26-a53b-23c414aac92d
208
adminDisplayName: aci
209
attributeID: 1.3.6.1.4.1.7165.4.1.11
210
attributeSyntax: 2.5.5.4
214
# Based on domainDNS, but without the DNS bits.
217
dn: CN=Samba4-Local-Domain,${SCHEMADN}
219
objectClass: classSchema
221
governsID: 1.3.6.1.4.1.7165.4.2.2
222
possibleInferiors: group
223
possibleInferiors: lostAndFound
224
possibleInferiors: builtinDomain
225
possibleInferiors: computer
226
possibleInferiors: user
227
possibleInferiors: container
228
possibleInferiors: groupPolicyContainer
229
possibleInferiors: organization
230
possibleInferiors: domainDNS
231
possibleInferiors: locality
232
possibleInferiors: msDS-AzAdminManager
233
possibleInferiors: country
234
possibleInferiors: organizationalUnit
236
showInAdvancedViewOnly: TRUE
237
adminDisplayName: Samba4-Local-Domain
238
adminDescription: Samba4-Local-Domain
239
systemMayContain: msDS-Behavior-Version
240
systemMayContain: managedBy
241
objectClassCategory: 1
242
lDAPDisplayName: samba4LocalDomain
243
schemaIDGUID: 07be1647-8310-4fba-91ae-34e55d5a8293
245
systemAuxiliaryClass: samDomain
246
defaultSecurityDescriptor: D:(A;;RPLCLORC;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)
248
defaultHidingValue: TRUE
249
defaultObjectCategory: CN=Samba4-Local-Domain,${SCHEMADN}
252
dn: CN=Samba4Top,${SCHEMADN}
254
objectClass: classSchema
256
governsID: 1.3.6.1.4.1.7165.4.2.1
257
mayContain: msDS-ObjectReferenceBL
259
showInAdvancedViewOnly: TRUE
260
adminDisplayName: Samba4TopTop
261
adminDescription: Attributes used in top in Samba4 that OpenLDAP does not
262
objectClassCategory: 3
263
lDAPDisplayName: samba4Top
264
schemaIDGUID: 073598d0-635b-4685-a929-da731b98d84e
266
systemPossSuperiors: lostAndFound
267
systemMayContain: url
268
systemMayContain: wWWHomePage
269
systemMayContain: wellKnownObjects
270
systemMayContain: wbemPath
271
systemMayContain: uSNSource
272
systemMayContain: uSNLastObjRem
273
systemMayContain: USNIntersite
274
systemMayContain: uSNDSALastObjRemoved
275
systemMayContain: systemFlags
276
systemMayContain: subRefs
277
systemMayContain: siteObjectBL
278
systemMayContain: serverReferenceBL
279
systemMayContain: sDRightsEffective
280
systemMayContain: revision
281
systemMayContain: repsTo
282
systemMayContain: repsFrom
283
systemMayContain: directReports
284
systemMayContain: replUpToDateVector
285
systemMayContain: replPropertyMetaData
286
systemMayContain: name
287
systemMayContain: queryPolicyBL
288
systemMayContain: proxyAddresses
289
systemMayContain: proxiedObjectName
290
systemMayContain: possibleInferiors
291
systemMayContain: partialAttributeSet
292
systemMayContain: partialAttributeDeletionList
293
systemMayContain: otherWellKnownObjects
294
systemMayContain: objectVersion
295
systemMayContain: nonSecurityMemberBL
296
systemMayContain: netbootSCPBL
297
systemMayContain: ownerBL
298
systemMayContain: msDS-ReplValueMetaData
299
systemMayContain: msDS-ReplAttributeMetaData
300
systemMayContain: msDS-NonMembersBL
301
systemMayContain: msDS-NCReplOutboundNeighbors
302
systemMayContain: msDS-NCReplInboundNeighbors
303
systemMayContain: msDS-NCReplCursors
304
systemMayContain: msDS-TasksForAzRoleBL
305
systemMayContain: msDS-TasksForAzTaskBL
306
systemMayContain: msDS-OperationsForAzRoleBL
307
systemMayContain: msDS-OperationsForAzTaskBL
308
systemMayContain: msDS-MembersForAzRoleBL
309
systemMayContain: msDs-masteredBy
310
systemMayContain: mS-DS-ConsistencyGuid
311
systemMayContain: mS-DS-ConsistencyChildCount
312
systemMayContain: msDS-Approx-Immed-Subordinates
313
systemMayContain: msCOM-PartitionSetLink
314
systemMayContain: msCOM-UserLink
315
systemMayContain: masteredBy
316
systemMayContain: managedObjects
317
systemMayContain: lastKnownParent
318
systemMayContain: isPrivilegeHolder
319
systemMayContain: isDeleted
320
systemMayContain: isCriticalSystemObject
321
systemMayContain: showInAdvancedViewOnly
322
systemMayContain: fSMORoleOwner
323
systemMayContain: fRSMemberReferenceBL
324
systemMayContain: frsComputerReferenceBL
325
systemMayContain: fromEntry
326
systemMayContain: flags
327
systemMayContain: extensionName
328
systemMayContain: dSASignature
329
systemMayContain: dSCorePropagationData
330
systemMayContain: displayNamePrintable
331
systemMayContain: displayName
332
systemMayContain: description
334
systemMayContain: canonicalName
335
systemMayContain: bridgeheadServerListBL
336
systemMayContain: allowedChildClassesEffective
337
systemMayContain: allowedChildClasses
338
systemMayContain: allowedAttributesEffective
339
systemMayContain: allowedAttributes
340
systemMayContain: adminDisplayName
341
systemMayContain: adminDescription
342
systemMustContain: objectCategory
343
systemMustContain: nTSecurityDescriptor
344
systemMustContain: instanceType
345
systemAuxiliaryClass: samba4TopExtra
346
defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)
348
defaultHidingValue: TRUE
349
objectCategory: CN=Class-Schema,${SCHEMADN}
350
defaultObjectCategory: CN=Samba4Top,${SCHEMADN}
353
dn: CN=Samba4TopExtra,${SCHEMADN}
355
objectClass: classSchema
357
governsID: 1.3.6.1.4.1.7165.4.2.3
359
showInAdvancedViewOnly: TRUE
360
adminDisplayName: Samba4TopExtra
361
adminDescription: Attributes used in top in Samba4 that OpenLDAP does not
362
objectClassCategory: 2
363
lDAPDisplayName: samba4TopExtra
364
schemaIDGUID: 073598d0-635b-4685-a929-da731b98d84e
366
mayContain: privilege
367
systemPossSuperiors: lostAndFound
368
defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)
370
defaultHidingValue: TRUE
371
objectCategory: CN=Class-Schema,${SCHEMADN}
372
defaultObjectCategory: CN=Samba4TopExtra,${SCHEMADN}