New attributes in LDAP. Comments?

From: Olav Vitters <olav bkor dhs org>
To: gnome-sysadmin gnome org, gnome-infrastructure gnome org
Subject: New attributes in LDAP. Comments?
Date: Mon, 2 Jun 2008 11:01:34 +0200

I don't pretend to know much about LDAP. I'd like to add some attributes
(fields) to the current LDAP schema. Partially based on the debian
design (userlib-ldap.. or something like that)

See attached for the schema.

I wonder about the foundation fields. Basically, if someone hasn't
renewed for 2 years, it means they're not a member anymore. I'd love to
have LDAP query which allows this. Seems I need a different comparison
function or something (only found out yesterday). This is not yet in the
schema.
I'm using the format YYYYMMDD to store the date. This would allow me to
easily(?) compare it.

Also in here I want something with GPG. Either the fingerprint of the
actual key. Not sure what is best.

Note: The LDAP schema is in the docs/schema directory in Mango. Use that
if you want to see the differences (too lazy to do a diff :).

Oh, the 1.3.6.1.4.1.3319 is assigned to the GNOME project. Also figured
this out only last weekend. Meaning: some advice is really appreciated
due to my lack of knowledge.

-- 
Regards,
Olav

# GNOME LDAP schema
#
# 3319 is the OIN number assigned to the GNOME project, see
#      http://www.iana.org/assignments/enterprise-numbers
#

#######################################
#
# 4. SSH and CVS stuff
#
###

# CVS
attributetype ( 1.3.6.1.4.1.3319.4.2 NAME 'pserverPassword'
	EQUALITY octetStringMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )


attributetype ( 1.3.6.1.4.1.3319.4.3 NAME 'pserverEnabled'
	EQUALITY booleanMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )

objectclass (  1.3.6.1.4.1.3319.4.1 NAME 'cvsUser' SUP top AUXILIARY
	DESC 'A user of the GNOME CVS server'
	MUST pserverEnabled
	MAY pserverPassword )


# SSH keys as auxiliary attributes
attributetype ( 1.3.6.1.4.1.3319.4.5
        NAME 'authorizedKey'
        EQUALITY caseExactMatch
        SUBSTR caseExactSubstringsMatch
        DESC 'string representation of an authorized SSH public key'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
objectclass ( 1.3.6.1.4.1.3319.4.4
        NAME 'pubkeyAuthenticationUser'
        DESC 'an object which has authorized keys'
        SUP top
        AUXILIARY
        MAY authorizedKey )



#######################################
#
# 5. module information
#
###

attributetype ( 1.3.6.1.4.1.3319.5.2 NAME 'maintainerUid'
	EQUALITY caseExactIA5Match
        SUBSTR caseExactIA5SubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

objectclass (  1.3.6.1.4.1.3319.5.1 NAME 'gnomeModule'
	SUP top
	AUXILIARY
	DESC 'GNOME module entry which holds maintainer uid'
	MUST ( cn $ maintainerUid )
	MAY description )



#######################################
#
# 6. localization stuff
#
###

attributetype ( 1.3.6.1.4.1.3319.6.2 NAME 'localizationTeam'
	EQUALITY octetStringMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )

attributetype ( 1.3.6.1.4.1.3319.6.3 NAME 'mailingList'
        EQUALITY caseIgnoreIA5Match
        SUBSTR caseIgnoreIA5SubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )

objectclass (  1.3.6.1.4.1.3319.6.1 NAME 'localizationModule' SUP top AUXILIARY
	DESC 'Translation module which holds name of the team'
	MUST localizationTeam
	MAY mailingList )



#######################################
#
# 7. GNOME developer
#
###

attributetype ( 1.3.6.1.4.1.3319.7.6
	NAME 'ircNick'
	DESC 'Internet Relay Chat nickname'
	EQUALITY caseIgnoreIA5Match
	SUBSTR caseIgnoreIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributetype ( 1.3.6.1.4.1.3319.7.7
	NAME 'latitude'
	DESC 'latitude coordinate'
	EQUALITY caseExactIA5Match
	SUBSTR caseExactIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.3319.7.8
	NAME 'longitude'
	DESC 'longitude coordinate'
	EQUALITY caseExactIA5Match
	SUBSTR caseExactIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.3319.7.13
	NAME 'jabberJID'
	DESC 'JID for Jabber instant messaging protocol'
	EQUALITY caseIgnoreIA5Match
	SUBSTR caseIgnoreIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributetype ( 1.3.6.1.4.1.3319.7.30
	NAME 'gender'
	DESC 'ISO 5218 representation of human gender'
	EQUALITY integerMatch
	SINGLE-VALUE
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27{1} )

attributetype ( 1.3.6.1.4.1.3319.7.31
	NAME 'birthDate'
	DESC 'Date of birth in YYYYMMDD format'
	EQUALITY numericStringMatch
	SINGLE-VALUE
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{8} )

# Network Associates also has a schema for PGP keys / key IDs which may
# or may not be applicable:
# http://www.openldap.org/lists/openldap-devel/200010/msg00071.html
attributetype ( 1.3.6.1.4.1.3319.7.44
	NAME 'keyFingerPrint'
	EQUALITY caseIgnoreMatch
	SUBSTR caseIgnoreSubstringsMatch
	SYNTAX  1.3.6.1.4.1.1466.115.121.1.15 )

attributetype ( 1.3.6.1.4.1.3319.7.44
	NAME ( 'mailBugzilla')
	DESC 'Bugzilla email address'
	EQUALITY caseIgnoreIA5Match
	SINGLE-VALUE
	SUBSTR caseIgnoreIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )


# Foundation attributes

attributetype ( 1.3.6.1.4.1.3319.7.32
	NAME 'foundationJoinDate'
	DESC 'Date joining GNOME foundation in YYYYMMDD format'
	EQUALITY numericStringMatch
	SINGLE-VALUE
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{8} )

attributetype ( 1.3.6.1.4.1.3319.7.33
	NAME 'foundationRenewDate'
	DESC 'Date last renewal GNOME foundation in YYYYMMDD format'
	EQUALITY numericStringMatch
	SINGLE-VALUE
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{8} )

attributetype ( 1.3.6.1.4.1.3319.7.34
	NAME 'foundationResignedDate'
	DESC 'Date resigned GNOME foundation in YYYYMMDD format'
	EQUALITY numericStringMatch
	SINGLE-VALUE
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{8} )

attributetype ( 1.3.6.1.4.1.3319.7.35
	NAME 'committeeComment'
	DESC 'Comments from the membership committee'
	EQUALITY caseIgnoreIA5Match
	SUBSTR caseIgnoreIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

#######################################
#
# .8 is for object classes from now on
#
###

objectclass ( 1.3.6.1.4.1.3319.8.1
	NAME 'gnomeDeveloper'
	DESC 'additional account attributes used by GNOME'
	SUP top AUXILIARY
#	MUST ( uid $ cn $ sn )
	MAY ( accountComment $ comment $ countryName $
	      emailForward $ icqUin $ ircNick $
	      jabberJID $ keyFingerPrint $ latitude $ longitude $ mn $
	      onVacation $ gender $ birthDate $ 
	      foundationJoinDate $ foundationRenewDate $ foundationResignedDate $
	      committeeComment
	) )

Follow-Ups:
- Re: New attributes in LDAP. Comments?
  - From: Baris Cicek

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]