Fwd: Re: Debian LDAP Schema
This is a thread that I'm moving from debian-devel.
On Wednesday 25 April 2001 12:45, Stephane Bortzmeyer wrote:
> a message of 35 lines which said:
> > Wichert, some time ago you were talking about the possibility of getting
> > an ISO number assigned to Debian so we can create our own official LDAP
> > schema. Has there been any progress on this issue? If not then what has
> > to be done?
>
> Getting a number is just a matter of two mail exchanges with IANA. It
> is quite simple and takes a few days. I can do it, if you wish.
I've just received a message from Wichert informing me that this is already
under way.
> PS: where can I find the current Debian schema?
AFAIK there isn't one (yet).
How about the following as a start:
# These object classes and attributes are rooted at OID
# DEBIAN for the Debian project
attributetype ( DEBIAN.xx NAME 'ipAllowedClients'
DESC 'IP address or IP address range (either CIDR or
1.2.3.4-1.2.3.100 range allowed to connect'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} )
attributetype ( DEBIAN.xx NAME 'ipDeniedClients'
DESC 'IP address or IP address range (either CIDR or
1.2.3.4-1.2.3.100 range not allowed to connect'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} )
attributetype ( DEBIAN.xx
NAME ( 'allowedService' )
DESC 'Service that this object allows access to, suggested values
include "FTP", "SSH", "HTTP", or other names from /etc/services, or "ALL", or
it can be classes of service EG "STAFF" to mean that the account works on
staff machines'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributetype ( DEBIAN.xx
NAME ( 'deniedService' )
DESC 'Service that this object denies access to, suggested values
include "FTP", "SSH", "HTTP", or other names from /etc/services, or "ALL", or
it can be classes of service EG "STAFF" to mean that the account is denied on
staff machines'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
objectclass ( DEBIAN.xx
NAME 'networkSecurity'
DESC 'A security object to specify the access that a user has to
network services, or the access that a server program provides to the world.'
SUP top
MAY ( ipAllowedClients $ ipDeniedClients $ allowedService $
deniedService )
--
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/projects.html Projects I am working on
http://www.coker.com.au/~russell/ My home page
Reply to: