From 7752b83be144949d124a94d9acd0fb2b99dfa85e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mika=C3=ABl=20Ates?= Date: Mon, 26 Dec 2011 10:42:21 +0100 Subject: [PATCH] Sync attribute_aggregator with Authentic 2. --- acs/attribute_aggregator/core.py | 119 +- acs/attribute_aggregator/ldap_sources.py | 156 +- acs/attribute_aggregator/mapping.py | 2295 +++++++++++++++++++++- acs/attribute_aggregator/models.py | 193 +- acs/attribute_aggregator/signals.py | 16 +- acs/attribute_aggregator/tests.py | 16 + acs/attribute_aggregator/user_profile.py | 117 ++ acs/attribute_aggregator/utils.py | 27 + 8 files changed, 2745 insertions(+), 194 deletions(-) create mode 100644 acs/attribute_aggregator/tests.py create mode 100644 acs/attribute_aggregator/user_profile.py create mode 100644 acs/attribute_aggregator/utils.py diff --git a/acs/attribute_aggregator/core.py b/acs/attribute_aggregator/core.py index 103b608..c20646a 100644 --- a/acs/attribute_aggregator/core.py +++ b/acs/attribute_aggregator/core.py @@ -26,8 +26,8 @@ import re from django.db import transaction from django.core.exceptions import ObjectDoesNotExist -from attribute_aggregator.xacml_constants import * -from attribute_aggregator.mapping import ATTRIBUTE_MAPPING +from acs.attribute_aggregator.xacml_constants import * +from acs.attribute_aggregator.mapping import ATTRIBUTE_MAPPING logger = logging.getLogger('attribute_aggregator') @@ -50,7 +50,7 @@ def get_all_attribute_definitions(): def get_all_sources(): - from attribute_aggregator.models import AttributeSource + from acs.attribute_aggregator.models import AttributeSource return AttributeSource.objects.all() @@ -60,14 +60,79 @@ def get_full_definition(definition): return ATTRIBUTE_MAPPING[definition] +def get_def_name_from_oid(oid): + if not oid: + return None + for def_name, content in ATTRIBUTE_MAPPING.items(): + if 'oid' in content: + if content['oid'] == oid: + return def_name + return None + + +def get_oid_from_def_name(definition_name): + if not definition_name or not definition_name in ATTRIBUTE_MAPPING \ + or not 'oid' in ATTRIBUTE_MAPPING[definition_name]: + return None + return ATTRIBUTE_MAPPING[definition_name]['oid'] + + +def get_def_name_from_alias(alias): + if not alias: + return None + for def_name, content in ATTRIBUTE_MAPPING.items(): + if 'alias' in content: + if alias in content['alias']: + return def_name + return None + + +def get_definition_from_oid(oid): + if not oid: + return None + for def_name, content in ATTRIBUTE_MAPPING.items(): + if 'oid' in content: + if content['oid'] == oid: + return ATTRIBUTE_MAPPING[def_name] + return None + + +def get_definition_from_alias(alias): + if not alias: + return None + for def_name, content in ATTRIBUTE_MAPPING.items(): + if 'alias' in content: + if alias in content['alias']: + return ATTRIBUTE_MAPPING[def_name] + return None + + +def get_profile_field_name_from_definition(definition): + if definition and definition in ATTRIBUTE_MAPPING \ + and 'profile_field_name' in ATTRIBUTE_MAPPING[definition]: + return ATTRIBUTE_MAPPING[definition]['profile_field_name'] + return None + + +def get_definition_from_profile_field_name(field_name): + if not field_name: + return None + for def_name, content in ATTRIBUTE_MAPPING.items(): + if 'profile_field_name' in content: + if field_name == content['profile_field_name']: + return def_name + return None + + def get_def_name_from_name_and_ns_of_attribute(name, namespace): if not name or not namespace: return None for def_name, content in ATTRIBUTE_MAPPING.items(): - if namespace in content["definitions"].keys(): - if name in content["definitions"][namespace]["identifiers"]: + if "namespaces" in content \ + and namespace in content["namespaces"].keys(): + if name in content["namespaces"][namespace]["identifiers"]: return def_name - if name in content["definitions"][namespace]["friendly_name"]: + if name in content["namespaces"][namespace]["friendly_names"]: return def_name return None @@ -75,10 +140,26 @@ def get_def_name_from_name_and_ns_of_attribute(name, namespace): def get_attribute_name_in_namespace(definition, namespace): if not definition or not namespace: return None + logger.debug('get_attribute_name_in_namespace: look for %s in %s' \ + % (definition, namespace)) if definition in ATTRIBUTE_MAPPING: - if namespace in ATTRIBUTE_MAPPING[definition]["definitions"]: + logger.debug('get_attribute_name_in_namespace: definition found') + if "namespaces" in ATTRIBUTE_MAPPING[definition]\ + and namespace in ATTRIBUTE_MAPPING[definition]["namespaces"]: + logger.debug('get_attribute_name_in_namespace: namespace found') return ATTRIBUTE_MAPPING[definition]\ - ["definitions"][namespace]["identifiers"][0] + ["namespaces"][namespace]["identifiers"][0] + return None + + +def get_attribute_friendly_name_in_namespace(definition, namespace): + if not definition or not namespace: + return None + if definition in ATTRIBUTE_MAPPING: + if "namespaces" in ATTRIBUTE_MAPPING[definition]\ + and namespace in ATTRIBUTE_MAPPING[definition]["namespaces"]: + return ATTRIBUTE_MAPPING[definition]\ + ["namespaces"][namespace]["friendly_names"][0] return None @@ -89,6 +170,22 @@ def get_attribute_type_of_definition(definition): return ATTRIBUTE_MAPPING[definition]["type"] +def is_alias_of_definition(definition_name, alias): + if definition_name in ATTRIBUTE_MAPPING \ + and 'alias' in ATTRIBUTE_MAPPING[definition_name] \ + and alias in ATTRIBUTE_MAPPING[definition_name]['alias']: + return True + return False + + +def is_oid_of_definition(definition_name, oid): + if definition_name in ATTRIBUTE_MAPPING \ + and 'oid' in ATTRIBUTE_MAPPING[definition_name] \ + and oid == ATTRIBUTE_MAPPING[definition_name]['oid']: + return True + return False + + def convert_from_string(definition_name, value): if not definition_name in ATTRIBUTE_MAPPING: return None @@ -153,7 +250,7 @@ def load_or_create_user_profile(user=None, no_cleanup=False): If no_cleanup: return profile if any without removing outdated assertions ''' - from attribute_aggregator.models import UserAttributeProfile + from acs.attribute_aggregator.models import UserAttributeProfile profile = None try: if user: @@ -194,7 +291,7 @@ def load_or_create_user_profile(user=None, no_cleanup=False): def get_user_alias_in_source(user, source): - from attribute_aggregator.models import UserAliasInSource + from acs.attribute_aggregator.models import UserAliasInSource try: alias = UserAliasInSource.objects.get(user=user, source=source) return alias.name @@ -203,7 +300,7 @@ def get_user_alias_in_source(user, source): def set_user_alias_in_source(user, source, name, force_change=False): - from attribute_aggregator.models import UserAliasInSource + from acs.attribute_aggregator.models import UserAliasInSource logger.debug('set_user_alias_in_source: set alias %s for user %s in \ source %s' % (name, user, source)) alias = None diff --git a/acs/attribute_aggregator/ldap_sources.py b/acs/attribute_aggregator/ldap_sources.py index 3c60644..67dede1 100644 --- a/acs/attribute_aggregator/ldap_sources.py +++ b/acs/attribute_aggregator/ldap_sources.py @@ -21,22 +21,28 @@ import logging import ldap -from attribute_aggregator.core import get_user_alias_in_source, \ - get_attribute_name_in_namespace +from acs.attribute_aggregator.core import get_user_alias_in_source -logger = logging.getLogger('acs') +logger = logging.getLogger('attribute_aggregator.ldap_sources') -def get_all_attributes(user, definitions=None, **kwargs): +def get_attributes(user, definitions=None, source=None, **kwargs): ''' + Return attributes dictionnary + Dictionnary format: attributes = dict() data_from_source = list() a1 = dict() - a1['definition'] = definition_name - a1['name'] = attribute_name_in_ns - a1['namespace'] = ns_name + a1['oid'] = definition_name + Or + a1['definition'] = definition_name + definition may be the definition name like 'gn' + or an alias like 'givenName' + Or + a1['name'] = attribute_name_in_ns + a1['namespace'] = ns_name a1['values'] = list_of_values data_from_source.append(a1) ... @@ -47,28 +53,82 @@ def get_all_attributes(user, definitions=None, **kwargs): Else, definition is searched by 'name' and 'namespece' keys. ''' if not user: - logger.error('get_all_attributes: No user provided') + logger.error('get_attributes: No user provided') return None - logger.debug('get_all_attributes: Searching attributes for user %s' % user) + logger.debug('get_attributes: Searching attributes for user %s' \ + % user) - from attribute_aggregator.models import LdapSource - sources = LdapSource.objects.all() + from acs.attribute_aggregator.models import LdapSource + sources = None + if source: + logger.debug('get_attributes: The required source is %s' % source) + try: + sources = [source.ldapsource] + logger.debug('get_attributes: The source is an LDAP source!') + except: + logger.debug('get_attributes: \ + The required source is not a LDAP one') + return None + else: + sources = LdapSource.objects.all() if not sources: - logger.debug('get_all_attributes: No LDAP source configured') + logger.debug('get_attributes: No LDAP source configured') return None - attributes = {} + attributes = dict() for source in sources: - logger.debug('get_all_attributes: The LDAP source is known as %s' \ + logger.debug('get_attributes: The LDAP source is known as %s' \ % source.name) - identifier = get_user_alias_in_source(user, source) + identifier = None + ''' + Check if the user is authenticated by LDAP. + If it is, grab the user dn from the LDAPUser object + ''' + try: + from django_auth_ldap.backend import LDAPBackend + backend = LDAPBackend() + u = backend.get_user(user.id) + dn = u.ldap_user.dn + if not dn: + logger.debug('get_attributes: \ + User not logged with LDAP') + else: + logger.debug('get_attributes: \ + User logged with dn %s' % dn) + '''is it logged in that source?''' + logger.debug('get_attributes: \ + Is the user logged with the source %s?' % source.name) + try: + l = ldap.open(source.server) + l.protocol_version = ldap.VERSION3 + username = source.user + password = source.password + if username and password: + l.simple_bind(username, password) + ldap_result_id = \ + l.search(dn, ldap.SCOPE_BASE, + attrlist=['objectClass']) + result_type, result_data = l.result(ldap_result_id, 0) + logger.debug('get_attributes: Yes it is, result %s %s' \ + % (result_type, result_data)) + identifier = dn + except ldap.LDAPError, err: + logger.debug('get_attributes: \ + User dn %s unknown in %s or error %s' \ + % (dn, source.name, str(err))) + except Exception, err: + logger.error('get_attributes: \ + Error working with the LDAP backend %s' %str(err)) if not identifier: - logger.error('get_all_attributes: No user identifier known into that \ - source') + identifier = get_user_alias_in_source(user, source) + if not identifier: + logger.error('get_attributes: \ + No user identifier known into that source') else: - logger.debug('get_all_attributes: the user is known as %s in source %s' \ + logger.debug('get_attributes: \ + the user is known as %s in source %s' \ % (identifier, source.name)) try: @@ -79,52 +139,56 @@ def get_all_attributes(user, definitions=None, **kwargs): if username and password: l.simple_bind(username, password) except ldap.LDAPError, err: - logger.error('get_all_attributes: an error occured at binding due \ - to %s' % err) + logger.error('get_attributes: \ + an error occured at binding due to %s' % err) else: - base_dn = source.base - search_scope = ldap.SCOPE_SUBTREE + ''' + No seach of user with the scope, only exact dn + ''' +# base_dn = source.base +# search_scope = ldap.SCOPE_SUBTREE + search_scope = ldap.SCOPE_BASE retrieve_attributes = None if definitions: - retrieve_attributes = [\ - get_attribute_name_in_namespace(definition, - 'X500') for definition in definitions] - dn = ldap.dn.explode_dn(identifier, - flags=ldap.DN_FORMAT_LDAPV3) - search_filter = dn[0] - logger.debug('get_all_attributes: rdn is %s' % search_filter) + #The definition name is the ldap attribute name + logger.debug('get_attributes: attributes requested \ + are %s' % definitions) + retrieve_attributes = \ + [d.encode('utf-8') for d in definitions] +# dn = ldap.dn.explode_dn(identifier, +# flags=ldap.DN_FORMAT_LDAPV3) +# search_filter = dn[0] +# logger.debug('get_attributes: rdn is %s' % search_filter) data = [] try: - ldap_result_id = l.search(base_dn, search_scope, - search_filter, retrieve_attributes) +# ldap_result_id = l.search(base_dn, search_scope, +# search_filter, retrieve_attributes) + ldap_result_id = l.search(identifier, search_scope, + attrlist=retrieve_attributes) result_type, result_data = l.result(ldap_result_id, 0) - logger.debug('get_all_attributes: result %s %s' % (result_type, - result_data)) + logger.debug('get_attributes: result %s %s' \ + % (result_type, result_data)) for d, dic in result_data: - logger.debug('get_all_attributes: found %s' % d) + logger.debug('get_attributes: found %s' % d) if d == identifier: - logger.debug('get_all_attributes: Attributes are %s' \ - % dic) + logger.debug('get_attributes: \ + Attributes are %s' % dic) for key in dic.keys(): attr = {} - attr['name'] = key + attr['definition'] = key attr['values'] = [\ a.decode('utf-8') for a in dic[key]] - attr['namespace'] = 'X500' data.append(attr) except ldap.LDAPError, err: - logger.error('get_all_attributes: an error occured at searching \ - due to %s' % err) + logger.error('get_attributes: \ + an error occured at searching due to %s' % err) else: if not data: - logger.error('get_all_attributes: no attribute found') + logger.error('get_attributes: no attribute found') else: attributes[source.name] = data - logger.debug('get_all_attributes: the attributes returned are %s' % attributes) + logger.debug('get_attributes: the attributes returned are %s' \ + % attributes) return attributes - - -def get_listed_attributes(user, definitions, **kwargs): - return get_all_attributes(user, definitions=definitions, **kwargs) diff --git a/acs/attribute_aggregator/mapping.py b/acs/attribute_aggregator/mapping.py index 0326d6a..ba1ba57 100644 --- a/acs/attribute_aggregator/mapping.py +++ b/acs/attribute_aggregator/mapping.py @@ -19,153 +19,2262 @@ from django.utils.translation import ugettext as _ + +ATTRIBUTE_NAMESPACES = \ + ("http://schemas.xmlsoap.org/ws/2005/05/identity/claims",) + ATTRIBUTE_MAPPING = { -"unique_ID": { +#Extracted from openldap system schema +"top": { + "oid": "2.5.6.0", + "display_name": "top", "type": "http://www.w3.org/2001/XMLSchema#string", - "friendly_name": _("Unique Identifier"), - "definitions": { - "X500": { - "identifiers": - [ - "uid", - ], - "friendly_name" : - [] - }, +}, + +#Extracted from openldap system schema +"extensibleObject": { + "oid": "1.3.6.1.4.1.1466.101.120.111", + "display_name": "extensibleObject", + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from openldap system schema +"alias": { + "oid": "2.5.6.1", + "display_name": "alias", + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from openldap system schema +"referral": { + "oid": "2.16.840.1.113730.3.2.6", + "display_name": "referral", + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from openldap system schema +"OpenLDAProotDSE": { + "oid": "1.3.6.1.4.1.4203.1.4.1", + "display_name": "OpenLDAProotDSE LDAProotDSE", + "alias": ['LDAProotDSE'], + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from openldap system schema +"subentry": { + "oid": "2.5.17.0", + "display_name": "subentry", + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from openldap system schema +"subschema": { + "oid": "2.5.20.1", + "display_name": "subschema", + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from openldap system schema +"collectiveAttributeSubentry": { + "oid": "2.5.17.2", + "display_name": "collectiveAttributeSubentry", + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from openldap system schema +"dynamicObject": { + "oid": "1.3.6.1.4.1.1466.101.119.2", + "display_name": "dynamicObject", + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from openldap system schema +"glue": { + "oid": "1.3.6.1.4.1.4203.666.3.4", + "display_name": "glue", + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from openldap system schema +"syncConsumerSubentry": { + "oid": "1.3.6.1.4.1.4203.666.3.5", + "display_name": "syncConsumerSubentry", + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from openldap system schema +"syncProviderSubentry": { + "oid": "1.3.6.1.4.1.4203.666.3.6", + "display_name": "syncProviderSubentry", + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from openldap system schema +"objectClass": { + "oid": "2.5.4.0", + "display_name": "objectClass", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.38", +}, + +#Extracted from openldap system schema +"structuralObjectClass": { + "oid": "2.5.21.9", + "display_name": "structuralObjectClass", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.38", +}, + +#Extracted from openldap system schema +"createTimestamp": { + "oid": "2.5.18.1", + "display_name": "createTimestamp", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.24", +}, + +#Extracted from openldap system schema +"modifyTimestamp": { + "oid": "2.5.18.2", + "display_name": "modifyTimestamp", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.24", +}, + +#Extracted from openldap system schema +"creatorsName": { + "oid": "2.5.18.3", + "display_name": "creatorsName", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.12", +}, + +#Extracted from openldap system schema +"modifiersName": { + "oid": "2.5.18.4", + "display_name": "modifiersName", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.12", +}, + +#Extracted from openldap system schema +"hasSubordinates": { + "oid": "2.5.18.9", + "display_name": "hasSubordinates", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.7", +}, + +#Extracted from openldap system schema +"subschemaSubentry": { + "oid": "2.5.18.10", + "display_name": "subschemaSubentry", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.12", +}, + +#Extracted from openldap system schema +"collectiveAttributeSubentries": { + "oid": "2.5.18.12", + "display_name": "collectiveAttributeSubentries", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.12", +}, + +#Extracted from openldap system schema +"collectiveExclusions": { + "oid": "2.5.18.7", + "display_name": "collectiveExclusions", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.38", +}, + +#Extracted from openldap system schema +"entryDN": { + "oid": "1.3.6.1.1.20", + "display_name": "entryDN", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.12", +}, + +#Extracted from openldap system schema +"entryUUID": { + "oid": "1.3.6.1.1.16.4", + "display_name": "entryUUID", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.1.16.1", +}, + +#Extracted from openldap system schema +"entryCSN": { + "oid": "1.3.6.1.4.1.4203.666.1.7", + "display_name": "entryCSN", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.4203.666.11.2.1{64}", +}, + +#Extracted from openldap system schema +"namingCSN": { + "oid": "1.3.6.1.4.1.4203.666.1.13", + "display_name": "namingCSN", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.4203.666.11.2.1{64}", +}, + +#Extracted from openldap system schema +"superiorUUID": { + "oid": "1.3.6.1.4.1.4203.666.1.11", + "display_name": "superiorUUID", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.1.16.1", +}, + +#Extracted from openldap system schema +"syncreplCookie": { + "oid": "1.3.6.1.4.1.4203.666.1.23", + "display_name": "syncreplCookie", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.40", +}, + +#Extracted from openldap system schema +"contextCSN": { + "oid": "1.3.6.1.4.1.4203.666.1.25", + "display_name": "contextCSN", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.4203.666.11.2.1{64}", +}, + +#Extracted from openldap system schema +"syncTimestamp": { + "oid": "1.3.6.1.4.1.4203.666.1.26", + "display_name": "syncTimestamp", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.24", +}, + +#Extracted from openldap system schema +"altServer": { + "oid": "1.3.6.1.4.1.1466.101.120.6", + "display_name": "altServer", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.26", +}, + +#Extracted from openldap system schema +"namingContexts": { + "oid": "1.3.6.1.4.1.1466.101.120.5", + "display_name": "namingContexts", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.12", +}, + +#Extracted from openldap system schema +"supportedControl": { + "oid": "1.3.6.1.4.1.1466.101.120.13", + "display_name": "supportedControl", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.38", +}, + +#Extracted from openldap system schema +"supportedExtension": { + "oid": "1.3.6.1.4.1.1466.101.120.7", + "display_name": "supportedExtension", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.38", +}, + +#Extracted from openldap system schema +"supportedLDAPVersion": { + "oid": "1.3.6.1.4.1.1466.101.120.15", + "display_name": "supportedLDAPVersion", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.27", +}, + +#Extracted from openldap system schema +"supportedSASLMechanisms": { + "oid": "1.3.6.1.4.1.1466.101.120.14", + "display_name": "supportedSASLMechanisms", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15", +}, + +#Extracted from openldap system schema +"supportedFeatures": { + "oid": "1.3.6.1.4.1.4203.1.3.5", + "display_name": "supportedFeatures", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.38", +}, + +#Extracted from openldap system schema +"monitorContext": { + "oid": "1.3.6.1.4.1.4203.666.1.10", + "display_name": "monitorContext", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.12", +}, + +#Extracted from openldap system schema +"configContext": { + "oid": "1.3.6.1.4.1.4203.1.12.2.1", + "display_name": "configContext", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.12", +}, + +#Extracted from openldap system schema +"vendorName": { + "oid": "1.3.6.1.1.4", + "display_name": "vendorName", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15", +}, + +#Extracted from openldap system schema +"vendorVersion": { + "oid": "1.3.6.1.1.5", + "display_name": "vendorVersion", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15", +}, + +#Extracted from openldap system schema +"administrativeRole": { + "oid": "2.5.18.5", + "display_name": "administrativeRole", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.38", +}, + +#Extracted from openldap system schema +"subtreeSpecification": { + "oid": "2.5.18.6", + "display_name": "subtreeSpecification", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.45", +}, + +#Extracted from openldap system schema +"dITStructureRules": { + "oid": "2.5.21.1", + "display_name": "dITStructureRules", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.17", +}, + +#Extracted from openldap system schema +"dITContentRules": { + "oid": "2.5.21.2", + "display_name": "dITContentRules", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.16", +}, + +#Extracted from openldap system schema +"matchingRules": { + "oid": "2.5.21.4", + "display_name": "matchingRules", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.30", +}, + +#Extracted from openldap system schema +"attributeTypes": { + "oid": "2.5.21.5", + "display_name": "attributeTypes", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.3", +}, + +#Extracted from openldap system schema +"objectClasses": { + "oid": "2.5.21.6", + "display_name": "objectClasses", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.37", +}, + +#Extracted from openldap system schema +"nameForms": { + "oid": "2.5.21.7", + "display_name": "nameForms", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.35", +}, + +#Extracted from openldap system schema +"matchingRuleUse": { + "oid": "2.5.21.8", + "display_name": "matchingRuleUse", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.31", +}, + +#Extracted from openldap system schema +"ldapSyntaxes": { + "oid": "1.3.6.1.4.1.1466.101.120.16", + "display_name": "ldapSyntaxes", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.54", +}, + +#Extracted from openldap system schema +"aliasedObjectName": { + "oid": "2.5.4.1", + "display_name": "aliasedObjectName aliasedEntryName", + "alias": ['aliasedEntryName'], + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.12", +}, + +#Extracted from openldap system schema +"ref": { + "oid": "2.16.840.1.113730.3.1.34", + "display_name": "ref", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15", +}, + +#Extracted from openldap system schema +"entry": { + "oid": "1.3.6.1.4.1.4203.1.3.1", + "display_name": "entry", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.4203.1.1.1", +}, + +#Extracted from openldap system schema +"children": { + "oid": "1.3.6.1.4.1.4203.1.3.2", + "display_name": "children", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.4203.1.1.1", +}, + +#Extracted from openldap system schema +"authzTo": { + "oid": "1.3.6.1.4.1.4203.666.1.8", + "display_name": "authzTo saslAuthzTo", + "alias": ['saslAuthzTo'], + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.4203.666.2.7", +}, + +#Extracted from openldap system schema +"authzFrom": { + "oid": "1.3.6.1.4.1.4203.666.1.9", + "display_name": "authzFrom saslAuthzFrom", + "alias": ['saslAuthzFrom'], + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.4203.666.2.7", +}, + +#Extracted from openldap system schema +"entryTtl": { + "oid": "1.3.6.1.4.1.1466.101.119.3", + "display_name": "entryTtl", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.27", +}, + +#Extracted from openldap system schema +"dynamicSubtrees": { + "oid": "1.3.6.1.4.1.1466.101.119.4", + "display_name": "dynamicSubtrees", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.12", +}, + +#Extracted from openldap system schema +"distinguishedName": { + "oid": "2.5.4.49", + "display_name": "distinguishedName", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.12", +}, + +#Extracted from openldap system schema +"name": { + "oid": "2.5.4.41", + "display_name": "name", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{32768}", +}, + +#Extracted from openldap system schema +"cn": { + "oid": "2.5.4.3", + "display_name": "cn commonName", + "alias": ['commonName'], + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from openldap system schema +"uid": { + "oid": "0.9.2342.19200300.100.1.1", + "display_name": "uid userid", + "alias": ['userid'], + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{256}", +}, + +#Extracted from openldap system schema +"uidNumber": { + "oid": "1.3.6.1.1.1.1.0", + "display_name": "uidNumber", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.27", +}, + +#Extracted from openldap system schema +"gidNumber": { + "oid": "1.3.6.1.1.1.1.1", + "display_name": "gidNumber", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.27", +}, + +#Extracted from openldap system schema +"userPassword": { + "oid": "2.5.4.35", + "display_name": "userPassword", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.40{128}", +}, + +#Extracted from openldap system schema +"labeledURI": { + "oid": "1.3.6.1.4.1.250.1.57", + "display_name": "labeledURI", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15", +}, + +#Extracted from openldap system schema +"authPassword": { + "oid": "1.3.6.1.4.1.4203.1.3.4", + "display_name": "authPassword", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.4203.1.1.2", +}, + +#Extracted from openldap system schema +"supportedAuthPasswordSchemes": { + "oid": "1.3.6.1.4.1.4203.1.3.3", + "display_name": "supportedAuthPasswordSchemes", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.26{32}", +}, + +#Extracted from openldap system schema +"description": { + "oid": "2.5.4.13", + "display_name": "description", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{1024}", +}, + +#Extracted from openldap system schema +"seeAlso": { + "oid": "2.5.4.34", + "display_name": "seeAlso", + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from openldap schema /etc/ldap/schema/inetorgperson.ldif +"carLicense": { + "oid": "2.16.840.1.113730.3.1.1", + "display_name": "carLicense", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15", +}, + +#Extracted from openldap schema /etc/ldap/schema/inetorgperson.ldif +"departmentNumber": { + "oid": "2.16.840.1.113730.3.1.2", + "display_name": "departmentNumber", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15", +}, + +#Extracted from openldap schema /etc/ldap/schema/inetorgperson.ldif +"displayName": { + "oid": "2.16.840.1.113730.3.1.241", + "display_name": "displayName", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15", +}, + +#Extracted from openldap schema /etc/ldap/schema/inetorgperson.ldif +"employeeNumber": { + "oid": "2.16.840.1.113730.3.1.3", + "display_name": "employeeNumber", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15", +}, + +#Extracted from openldap schema /etc/ldap/schema/inetorgperson.ldif +"employeeType": { + "oid": "2.16.840.1.113730.3.1.4", + "display_name": "employeeType", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15", +}, + +#Extracted from openldap schema /etc/ldap/schema/inetorgperson.ldif +"jpegPhoto": { + "oid": "0.9.2342.19200300.100.1.60", + "display_name": "jpegPhoto", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.28", +}, + +#Extracted from openldap schema /etc/ldap/schema/inetorgperson.ldif +"preferredLanguage": { + "oid": "2.16.840.1.113730.3.1.39", + "display_name": "preferredLanguage", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15", +}, + +#Extracted from openldap schema /etc/ldap/schema/inetorgperson.ldif +"userSMIMECertificate": { + "oid": "2.16.840.1.113730.3.1.40", + "display_name": "userSMIMECertificate", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.5", +}, + +#Extracted from openldap schema /etc/ldap/schema/inetorgperson.ldif +"userPKCS12": { + "oid": "2.16.840.1.113730.3.1.216", + "display_name": "userPKCS12", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.5", +}, + + +#Extracted from openldap schema /etc/ldap/schema/nis.ldif +"gecos": { + "oid": "1.3.6.1.1.1.1.2", + "display_name": "gecos", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.26", +}, + +#Extracted from openldap schema /etc/ldap/schema/nis.ldif +"homeDirectory": { + "oid": "1.3.6.1.1.1.1.3", + "display_name": "homeDirectory", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.26", +}, + +#Extracted from openldap schema /etc/ldap/schema/nis.ldif +"loginShell": { + "oid": "1.3.6.1.1.1.1.4", + "display_name": "loginShell", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.26", +}, + +#Extracted from openldap schema /etc/ldap/schema/nis.ldif +"shadowLastChange": { + "oid": "1.3.6.1.1.1.1.5", + "display_name": "shadowLastChange", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.27", +}, + +#Extracted from openldap schema /etc/ldap/schema/nis.ldif +"shadowMin": { + "oid": "1.3.6.1.1.1.1.6", + "display_name": "shadowMin", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.27", +}, + +#Extracted from openldap schema /etc/ldap/schema/nis.ldif +"shadowMax": { + "oid": "1.3.6.1.1.1.1.7", + "display_name": "shadowMax", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.27", +}, + +#Extracted from openldap schema /etc/ldap/schema/nis.ldif +"shadowWarning": { + "oid": "1.3.6.1.1.1.1.8", + "display_name": "shadowWarning", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.27", +}, + +#Extracted from openldap schema /etc/ldap/schema/nis.ldif +"shadowInactive": { + "oid": "1.3.6.1.1.1.1.9", + "display_name": "shadowInactive", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.27", +}, + +#Extracted from openldap schema /etc/ldap/schema/nis.ldif +"shadowExpire": { + "oid": "1.3.6.1.1.1.1.10", + "display_name": "shadowExpire", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.27", +}, + +#Extracted from openldap schema /etc/ldap/schema/nis.ldif +"shadowFlag": { + "oid": "1.3.6.1.1.1.1.11", + "display_name": "shadowFlag", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.27", +}, + +#Extracted from openldap schema /etc/ldap/schema/nis.ldif +"memberUid": { + "oid": "1.3.6.1.1.1.1.12", + "display_name": "memberUid", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.26", +}, + +#Extracted from openldap schema /etc/ldap/schema/nis.ldif +"memberNisNetgroup": { + "oid": "1.3.6.1.1.1.1.13", + "display_name": "memberNisNetgroup", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.26", +}, + +#Extracted from openldap schema /etc/ldap/schema/nis.ldif +"nisNetgroupTriple": { + "oid": "1.3.6.1.1.1.1.14", + "display_name": "nisNetgroupTriple", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.1.1.0.0", +}, + +#Extracted from openldap schema /etc/ldap/schema/nis.ldif +"ipServicePort": { + "oid": "1.3.6.1.1.1.1.15", + "display_name": "ipServicePort", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.27", +}, + +#Extracted from openldap schema /etc/ldap/schema/nis.ldif +"ipServiceProtocolSUPname": { + "oid": "1.3.6.1.1.1.1.16", + "display_name": "ipServiceProtocolSUPname", + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from openldap schema /etc/ldap/schema/nis.ldif +"ipProtocolNumber": { + "oid": "1.3.6.1.1.1.1.17", + "display_name": "ipProtocolNumber", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.27", +}, + +#Extracted from openldap schema /etc/ldap/schema/nis.ldif +"oncRpcNumber": { + "oid": "1.3.6.1.1.1.1.18", + "display_name": "oncRpcNumber", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.27", +}, + +#Extracted from openldap schema /etc/ldap/schema/nis.ldif +"ipHostNumber": { + "oid": "1.3.6.1.1.1.1.19", + "display_name": "ipHostNumber", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.26{128}", +}, + +#Extracted from openldap schema /etc/ldap/schema/nis.ldif +"ipNetworkNumber": { + "oid": "1.3.6.1.1.1.1.20", + "display_name": "ipNetworkNumber", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.26{128}", +}, + +#Extracted from openldap schema /etc/ldap/schema/nis.ldif +"ipNetmaskNumber": { + "oid": "1.3.6.1.1.1.1.21", + "display_name": "ipNetmaskNumber", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.26{128}", +}, + +#Extracted from openldap schema /etc/ldap/schema/nis.ldif +"macAddress": { + "oid": "1.3.6.1.1.1.1.22", + "display_name": "macAddress", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.26{128}", +}, + +#Extracted from openldap schema /etc/ldap/schema/nis.ldif +"bootParameter": { + "oid": "1.3.6.1.1.1.1.23", + "display_name": "bootParameter", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.1.1.0.1", +}, + +#Extracted from openldap schema /etc/ldap/schema/nis.ldif +"bootFile": { + "oid": "1.3.6.1.1.1.1.24", + "display_name": "bootFile", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.26", +}, + +#Extracted from openldap schema /etc/ldap/schema/nis.ldif +"nisMapNameSUPname": { + "oid": "1.3.6.1.1.1.1.26", + "display_name": "nisMapNameSUPname", + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from openldap schema /etc/ldap/schema/nis.ldif +"nisMapEntry": { + "oid": "1.3.6.1.1.1.1.27", + "display_name": "nisMapEntry", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.26{1024}", +}, + + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"knowledgeInformation": { + "oid": "2.5.4.2", + "display_name": "knowledgeInformation", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{32768}", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"sn": { + "oid": "2.5.4.4", + "display_name": _("Last name") + "(sn surname)", + "alias": ['surname'], + "profile_field_name": 'last_name', + "type": "http://www.w3.org/2001/XMLSchema#string", + "namespaces": { "http://schemas.xmlsoap.org/ws/2005/05/identity/claims": { "identifiers": [ -"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/\ - privatepersonalidentifier", + "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname", + ], + "friendly_names": + [ + "Last Name", ], - "friendly_name": - [], } } }, -"surname": { +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"serialNumber": { + "oid": "2.5.4.5", + "display_name": "serialNumber", "type": "http://www.w3.org/2001/XMLSchema#string", - "friendly_name": _("Surname"), - "definitions": { - "X500": { - "identifiers": - [ - "sn", - "2.5.4.4", - ], - "friendly_name" : - [] - }, + "syntax": "1.3.6.1.4.1.1466.115.121.1.44{64}", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"c": { + "oid": "2.5.4.6", + "display_name": "c countryName", + "alias": ['countryName'], + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"l": { + "oid": "2.5.4.7", + "display_name": "l localityName", + "alias": ['localityName'], + "type": "http://www.w3.org/2001/XMLSchema#string", + "namespaces": { "http://schemas.xmlsoap.org/ws/2005/05/identity/claims": { "identifiers": [ -"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname", - "Last Name" + "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/locality", + ], + "friendly_names": + [ + "Locality Name or City", ], - "friendly_name": - [], } } }, -"firstname": { +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"st": { + "oid": "2.5.4.8", + "display_name": "st stateOrProvinceName", + "alias": ['stateOrProvinceName'], "type": "http://www.w3.org/2001/XMLSchema#string", - "friendly_name": _("First Name"), - "definitions": { - "X500": { - "identifiers": - [ - "givenName", - ], - "friendly_name" : - [] - }, + "namespaces": { "http://schemas.xmlsoap.org/ws/2005/05/identity/claims": { "identifiers": [ -"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname", + "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/stateorprovince", + ], + "friendly_names": + [ + "State or Province", ], - "friendly_name": - [], } } }, -"displayname": { +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"street": { + "oid": "2.5.4.9", + "display_name": "street streetAddress", + "alias": ['streetAddress'], "type": "http://www.w3.org/2001/XMLSchema#string", - "friendly_name": _("Display Name"), - "definitions": { - "X500": { + "namespaces": { + "http://schemas.xmlsoap.org/ws/2005/05/identity/claims": { "identifiers": [ - "displayName", + "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/streetaddress", ], - "friendly_name" : - [] - }, + "friendly_names": + [ + "Street Address", + ], + } } }, -"email": { - "type": "urn:oasis:names:tc:xacml:1.0:data-type:rfc822Name", - "friendly_name": _("Email Address"), - "definitions": { - "X500": { - "identifiers": - [ - "mail", - ], - "friendly_name" : - [] - }, - } +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"o": { + "oid": "2.5.4.10", + "display_name": _("Organization") + "(o organizationName)", + "alias": ['organizationName'], + "profile_field_name": 'company', + "type": "http://www.w3.org/2001/XMLSchema#string", }, +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"ou": { + "oid": "2.5.4.11", + "display_name": "ou organizationalUnitName", + "alias": ['organizationalUnitName'], + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif "title": { + "oid": "2.5.4.12", + "display_name": "title", "type": "http://www.w3.org/2001/XMLSchema#string", - "friendly_name": _("Title"), - "definitions": { - "X500": { - "identifiers": - [ - "title", - ], - "friendly_name" : - [] - }, - } }, -"age": { - "type": "http://www.w3.org/2001/XMLSchema#integer", - "friendly_name": _("Title"), - "definitions": { +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"searchGuide": { + "oid": "2.5.4.14", + "display_name": "searchGuide", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.25", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"businessCategory": { + "oid": "2.5.4.15", + "display_name": "businessCategory", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{128}", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"postalAddress": { + "oid": "2.5.4.16", + "display_name": _("Postal address") + "(postalAddress)", + "profile_field_name": 'postal_address', + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.41", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"postalCode": { + "oid": "2.5.4.17", + "display_name": "postalCode", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{40}", + "namespaces": { "http://schemas.xmlsoap.org/ws/2005/05/identity/claims": { "identifiers": [ -"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dateofbirth", + "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/postalcode", ], - "friendly_name" : - [] - }, + "friendly_names": + [ + "Postal Code", + ], + } } }, -"nationality": { +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"postOfficeBox": { + "oid": "2.5.4.18", + "display_name": "postOfficeBox", "type": "http://www.w3.org/2001/XMLSchema#string", - "friendly_name": _("Nationality"), - "definitions": { - "ISO7501-1": { + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{40}", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"physicalDeliveryOfficeName": { + "oid": "2.5.4.19", + "display_name": "physicalDeliveryOfficeName", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{128}", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"telephoneNumber": { + "oid": "2.5.4.20", + "display_name": _("Phone") + "(telephoneNumber)", + "profile_field_name": 'phone', + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.50{32}", + "namespaces": { + "http://schemas.xmlsoap.org/ws/2005/05/identity/claims": { "identifiers": [ - "Nationality", + "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/otherphone", ], - "friendly_name" : - [] - }, + "friendly_names": + [ + "Secondary or Work Telephone Number", + ], + } } }, +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"telexNumber": { + "oid": "2.5.4.21", + "display_name": "telexNumber", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.52", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"teletexTerminalIdentifier": { + "oid": "2.5.4.22", + "display_name": "teletexTerminalIdentifier", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.51", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"fax": { + "oid": "2.5.4.23", + "display_name": "fax facsimileTelephoneNumber", + "alias": ['facsimileTelephoneNumber'], + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"x121Address": { + "oid": "2.5.4.24", + "display_name": "x121Address", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.36{15}", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"internationaliSDNNumber": { + "oid": "2.5.4.25", + "display_name": "internationaliSDNNumber", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.36{16}", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"registeredAddress": { + "oid": "2.5.4.26", + "display_name": "registeredAddress", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.41", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"destinationIndicator": { + "oid": "2.5.4.27", + "display_name": "destinationIndicator", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.44{128}", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"preferredDeliveryMethod": { + "oid": "2.5.4.28", + "display_name": "preferredDeliveryMethod", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.14", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"presentationAddress": { + "oid": "2.5.4.29", + "display_name": "presentationAddress", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.43", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"supportedApplicationContext": { + "oid": "2.5.4.30", + "display_name": "supportedApplicationContext", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.38", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"member": { + "oid": "2.5.4.31", + "display_name": "member", + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"owner": { + "oid": "2.5.4.32", + "display_name": "owner", + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"roleOccupant": { + "oid": "2.5.4.33", + "display_name": "roleOccupant", + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"userCertificate": { + "oid": "2.5.4.36", + "display_name": "userCertificate", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.8", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"cACertificate": { + "oid": "2.5.4.37", + "display_name": "cACertificate", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.8", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"authorityRevocationList": { + "oid": "2.5.4.38", + "display_name": "authorityRevocationList", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.9", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"certificateRevocationList": { + "oid": "2.5.4.39", + "display_name": "certificateRevocationList", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.9", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"crossCertificatePair": { + "oid": "2.5.4.40", + "display_name": "crossCertificatePair", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.10", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"gn": { + "oid": "2.5.4.42", + "display_name": _("First name") + "(gn givenName)", + "alias": ['givenName'], + "profile_field_name": 'first_name', + "type": "http://www.w3.org/2001/XMLSchema#string", + "namespaces": { + "http://schemas.xmlsoap.org/ws/2005/05/identity/claims": { + "identifiers": + [ + "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname", + ], + "friendly_names": + [ + "First Name", + ], + } + } +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"initials": { + "oid": "2.5.4.43", + "display_name": "initials", + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"generationQualifier": { + "oid": "2.5.4.44", + "display_name": "generationQualifier", + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"x500UniqueIdentifier": { + "oid": "2.5.4.45", + "display_name": "x500UniqueIdentifier", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.6", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"dnQualifier": { + "oid": "2.5.4.46", + "display_name": "dnQualifier", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.44", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"enhancedSearchGuide": { + "oid": "2.5.4.47", + "display_name": "enhancedSearchGuide", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.21", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"protocolInformation": { + "oid": "2.5.4.48", + "display_name": "protocolInformation", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.42", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"uniqueMember": { + "oid": "2.5.4.50", + "display_name": "uniqueMember", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.34", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"houseIdentifier": { + "oid": "2.5.4.51", + "display_name": "houseIdentifier", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{32768}", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"supportedAlgorithms": { + "oid": "2.5.4.52", + "display_name": "supportedAlgorithms", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.49", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"deltaRevocationList": { + "oid": "2.5.4.53", + "display_name": "deltaRevocationList", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.9", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"dmdName": { + "oid": "2.5.4.54", + "display_name": "dmdName", + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"pseudonym": { + "oid": "2.5.4.65", + "display_name": "pseudonym", + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"mail": { + "oid": "0.9.2342.19200300.100.1.3", + "display_name": "mail rfc822Mailbox", + "alias": ['rfc822Mailbox'], + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"dc": { + "oid": "0.9.2342.19200300.100.1.25", + "display_name": "dc domainComponent", + "alias": ['domainComponent'], + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"associatedDomain": { + "oid": "0.9.2342.19200300.100.1.37", + "display_name": "associatedDomain", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.26", +}, + +#Extracted from openldap schema /etc/ldap/schema/core.ldif +"email": { + "oid": "1.2.840.113549.1.9.1", + "display_name": _("Email Address") + "(email pkcs9email emailAddress)", + "alias": ['pkcs9email', 'emailAddress'], + "profile_field_name": 'email', + "type": "http://www.w3.org/2001/XMLSchema#string", + "namespaces": { + "http://schemas.xmlsoap.org/ws/2005/05/identity/claims": { + "identifiers": + [ + "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress", + ], + "friendly_names": + [ + "Email Address", + ], + } + } +}, + + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"textEncodedORAddress": { + "oid": "0.9.2342.19200300.100.1.2", + "display_name": "textEncodedORAddress", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{256}", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"info": { + "oid": "0.9.2342.19200300.100.1.4", + "display_name": "info", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{2048}", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"drink": { + "oid": "0.9.2342.19200300.100.1.5", + "display_name": "drink favouriteDrink", + "alias": ['favouriteDrink'], + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"roomNumber": { + "oid": "0.9.2342.19200300.100.1.6", + "display_name": "roomNumber", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{256}", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"photo": { + "oid": "0.9.2342.19200300.100.1.7", + "display_name": "photo", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.23{25000}", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"userClass": { + "oid": "0.9.2342.19200300.100.1.8", + "display_name": "userClass", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{256}", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"host": { + "oid": "0.9.2342.19200300.100.1.9", + "display_name": "host", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{256}", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"manager": { + "oid": "0.9.2342.19200300.100.1.10", + "display_name": "manager", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.12", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"documentIdentifier": { + "oid": "0.9.2342.19200300.100.1.11", + "display_name": "documentIdentifier", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{256}", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"documentTitle": { + "oid": "0.9.2342.19200300.100.1.12", + "display_name": "documentTitle", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{256}", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"documentVersion": { + "oid": "0.9.2342.19200300.100.1.13", + "display_name": "documentVersion", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{256}", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"documentAuthor": { + "oid": "0.9.2342.19200300.100.1.14", + "display_name": "documentAuthor", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.12", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"documentLocation": { + "oid": "0.9.2342.19200300.100.1.15", + "display_name": "documentLocation", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{256}", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"homePhone": { + "oid": "0.9.2342.19200300.100.1.20", + "display_name": "homePhone homeTelephoneNumber", + "alias": ['homeTelephoneNumber'], + "type": "http://www.w3.org/2001/XMLSchema#string", + "namespaces": { + "http://schemas.xmlsoap.org/ws/2005/05/identity/claims": { + "identifiers": + [ + "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/homephone", + ], + "friendly_names": + [ + "Primary or Home Telephone Number", + ], + } + } +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"secretary": { + "oid": "0.9.2342.19200300.100.1.21", + "display_name": "secretary", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.12", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"otherMailbox": { + "oid": "0.9.2342.19200300.100.1.22", + "display_name": "otherMailbox", + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"aRecord": { + "oid": "0.9.2342.19200300.100.1.26", + "display_name": "aRecord", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.26", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"mDRecord": { + "oid": "0.9.2342.19200300.100.1.27", + "display_name": "mDRecord", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.26", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"mXRecord": { + "oid": "0.9.2342.19200300.100.1.28", + "display_name": "mXRecord", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.26", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"nSRecord": { + "oid": "0.9.2342.19200300.100.1.29", + "display_name": "nSRecord", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.26", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"sOARecord": { + "oid": "0.9.2342.19200300.100.1.30", + "display_name": "sOARecord", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.26", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"cNAMERecord": { + "oid": "0.9.2342.19200300.100.1.31", + "display_name": "cNAMERecord", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.26", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"associatedName": { + "oid": "0.9.2342.19200300.100.1.38", + "display_name": "associatedName", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.12", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"homePostalAddress": { + "oid": "0.9.2342.19200300.100.1.39", + "display_name": "homePostalAddress", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.41", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"personalTitle": { + "oid": "0.9.2342.19200300.100.1.40", + "display_name": "personalTitle", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{256}", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"mobile": { + "oid": "0.9.2342.19200300.100.1.41", + "display_name": "mobile mobileTelephoneNumber", + "alias": ['mobileTelephoneNumber'], + "type": "http://www.w3.org/2001/XMLSchema#string", + "namespaces": { + "http://schemas.xmlsoap.org/ws/2005/05/identity/claims": { + "identifiers": + [ + "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/mobilephone", + ], + "friendly_names": + [ + "Mobile Telephone Number", + ], + } + } +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"pager": { + "oid": "0.9.2342.19200300.100.1.42", + "display_name": "pager pagerTelephoneNumber", + "alias": ['pagerTelephoneNumber'], + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"co": { + "oid": "0.9.2342.19200300.100.1.43", + "display_name": "co friendlyCountryName", + "alias": ['friendlyCountryName'], + "type": "http://www.w3.org/2001/XMLSchema#string", + "namespaces": { + "http://schemas.xmlsoap.org/ws/2005/05/identity/claims": { + "identifiers": + [ + "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country", + ], + "friendly_names": + [ + "Country", + ], + } + } +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"uniqueIdentifier": { + "oid": "0.9.2342.19200300.100.1.44", + "display_name": "uniqueIdentifier", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{256}", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"organizationalStatus": { + "oid": "0.9.2342.19200300.100.1.45", + "display_name": "organizationalStatus", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{256}", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"janetMailbox": { + "oid": "0.9.2342.19200300.100.1.46", + "display_name": "janetMailbox", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.26{256}", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"mailPreferenceOption": { + "oid": "0.9.2342.19200300.100.1.47", + "display_name": "mailPreferenceOption", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.27", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"buildingName": { + "oid": "0.9.2342.19200300.100.1.48", + "display_name": "buildingName", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{256}", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"dSAQuality": { + "oid": "0.9.2342.19200300.100.1.49", + "display_name": "dSAQuality", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.19", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"singleLevelQuality": { + "oid": "0.9.2342.19200300.100.1.50", + "display_name": "singleLevelQuality", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.13", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"subtreeMinimumQuality": { + "oid": "0.9.2342.19200300.100.1.51", + "display_name": "subtreeMinimumQuality", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.13", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"subtreeMaximumQuality": { + "oid": "0.9.2342.19200300.100.1.52", + "display_name": "subtreeMaximumQuality", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.13", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"personalSignature": { + "oid": "0.9.2342.19200300.100.1.53", + "display_name": "personalSignature", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"dITRedirect": { + "oid": "0.9.2342.19200300.100.1.54", + "display_name": "dITRedirect", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.12", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"audio": { + "oid": "0.9.2342.19200300.100.1.55", + "display_name": "audio", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.4{25000}", +}, + +#Extracted from openldap schema /etc/ldap/schema/cosine.ldif +"documentPublisher": { + "oid": "0.9.2342.19200300.100.1.56", + "display_name": "documentPublisher", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15", +}, + + +#Extracted from openldap schema /etc/ldap/schema/misc.ldif +"mailLocalAddress": { + "oid": "2.16.840.1.113730.3.1.13", + "display_name": "mailLocalAddress", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.26{256}", +}, + +#Extracted from openldap schema /etc/ldap/schema/misc.ldif +"mailHost": { + "oid": "2.16.840.1.113730.3.1.18", + "display_name": "mailHost", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.26{256}", +}, + +#Extracted from openldap schema /etc/ldap/schema/misc.ldif +"mailRoutingAddress": { + "oid": "2.16.840.1.113730.3.1.47", + "display_name": "mailRoutingAddress", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.26{256}", +}, + +#Extracted from openldap schema /etc/ldap/schema/misc.ldif +"rfc822MailMember": { + "oid": "1.3.6.1.4.1.42.2.27.2.1.15", + "display_name": "rfc822MailMember", + "type": "http://www.w3.org/2001/XMLSchema#string", +}, + +#Extracted from eduPerson schema in ldif format for OpenLDAP +#last edited by Etan E. Weintraub on May 27, 2009 +"eduPersonAffiliation": { + "oid": "1.3.6.1.4.1.5923.1.1.1.1", + "display_name": "eduPersonAffiliation", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15", +}, + +#Extracted from eduPerson schema in ldif format for OpenLDAP +#last edited by Etan E. Weintraub on May 27, 2009 +"eduPersonNickname": { + "oid": "1.3.6.1.4.1.5923.1.1.1.2", + "display_name": "eduPersonNickname", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15", +}, + +#Extracted from eduPerson schema in ldif format for OpenLDAP +#last edited by Etan E. Weintraub on May 27, 2009 +"eduPersonOrgDN": { + "oid": "1.3.6.1.4.1.5923.1.1.1.3", + "display_name": "eduPersonOrgDN", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.12", +}, + +#Extracted from eduPerson schema in ldif format for OpenLDAP +#last edited by Etan E. Weintraub on May 27, 2009 +"eduPersonOrgUnitDN": { + "oid": "1.3.6.1.4.1.5923.1.1.1.4", + "display_name": "eduPersonOrgUnitDN", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.12", +}, + +#Extracted from eduPerson schema in ldif format for OpenLDAP +#last edited by Etan E. Weintraub on May 27, 2009 +"eduPersonPrimaryAffiliation": { + "oid": "1.3.6.1.4.1.5923.1.1.1.5", + "display_name": "eduPersonPrimaryAffiliation", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15", +}, + +#Extracted from eduPerson schema in ldif format for OpenLDAP +#last edited by Etan E. Weintraub on May 27, 2009 +"eduPersonPrincipalName": { + "oid": "1.3.6.1.4.1.5923.1.1.1.6", + "display_name": "eduPersonPrincipalName", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15", +}, + +#Extracted from eduPerson schema in ldif format for OpenLDAP +#last edited by Etan E. Weintraub on May 27, 2009 +"eduPersonEntitlement": { + "oid": "1.3.6.1.4.1.5923.1.1.1.7", + "display_name": "eduPersonEntitlement", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15", +}, + +#Extracted from eduPerson schema in ldif format for OpenLDAP +#last edited by Etan E. Weintraub on May 27, 2009 +"eduPersonPrimaryOrgUnitDN": { + "oid": "1.3.6.1.4.1.5923.1.1.1.8", + "display_name": "eduPersonPrimaryOrgUnitDN", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.12", +}, + +#Extracted from eduPerson schema in ldif format for OpenLDAP +#last edited by Etan E. Weintraub on May 27, 2009 +"eduPersonScopedAffiliation": { + "oid": "1.3.6.1.4.1.5923.1.1.1.9", + "display_name": "eduPersonScopedAffiliation", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15", +}, + +#Extracted from eduPerson schema in ldif format for OpenLDAP +#last edited by Etan E. Weintraub on May 27, 2009 +"eduPersonTargetedID": { + "oid": "1.3.6.1.4.1.5923.1.1.1.10", + "display_name": "eduPersonTargetedID", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15", +}, + +#Extracted from eduPerson schema in ldif format for OpenLDAP +#last edited by Etan E. Weintraub on May 27, 2009 +"eduPersonAssurance": { + "oid": "1.3.6.1.4.1.5923.1.1.1.11", + "display_name": "eduPersonAssurance", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15", +}, + +#Extracted from eduOrg schema in ldif format +#eduOrg Objectclass version 1.1 (2002-10-23) +"eduOrgHomePageURI": { + "oid": ":1.3.6.1.4.1.5923.1.2.1.2", + "display_name": "eduOrgHomePageURI", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15", +}, + +#Extracted from eduOrg schema in ldif format +#eduOrg Objectclass version 1.1 (2002-10-23) +"eduOrgIdentityAuthNPolicyURI": { + "oid": ":1.3.6.1.4.1.5923.1.2.1.3", + "display_name": "eduOrgIdentityAuthNPolicyURI", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15", +}, + +#Extracted from eduOrg schema in ldif format +#eduOrg Objectclass version 1.1 (2002-10-23) +"eduOrgLegalName": { + "oid": ":1.3.6.1.4.1.5923.1.2.1.4", + "display_name": "eduOrgLegalName", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15", +}, + +#Extracted from eduOrg schema in ldif format +#eduOrg Objectclass version 1.1 (2002-10-23) +"eduOrgSuperiorURI": { + "oid": ":1.3.6.1.4.1.5923.1.2.1.5", + "display_name": "eduOrgSuperiorURI", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15", +}, + +#Extracted from eduOrg schema in ldif format +#eduOrg Objectclass version 1.1 (2002-10-23) +"eduOrgWhitePagesURI": { + "oid": ":1.3.6.1.4.1.5923.1.2.1.6", + "display_name": "eduOrgWhitePagesURI", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannListeRouge": { + "oid": "1.3.6.1.4.1.7135.1.2.1.1", + "display_name": "supannListeRouge", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.7", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannActivite": { + "oid": "1.3.6.1.4.1.7135.1.2.1.2", + "display_name": "supannActivite", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{128}", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannOrganisme": { + "oid": "1.3.6.1.4.1.7135.1.2.1.3", + "display_name": "supannOrganisme", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{128}", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannCivilite": { + "oid": "1.3.6.1.4.1.7135.1.2.1.4", + "display_name": "supannCivilite", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.44{32}", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannAffectation": { + "oid": "1.3.6.1.4.1.7135.1.2.1.5", + "display_name": "supannAffectation", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{128}", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannCodeEntite": { + "oid": "1.3.6.1.4.1.7135.1.2.1.6", + "display_name": "supannCodeEntite", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.26{128}", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannCodeEntiteParent": { + "oid": "1.3.6.1.4.1.7135.1.2.1.7", + "display_name": "supannCodeEntiteParent", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.26{128}", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannEntiteAffectation": { + "oid": "1.3.6.1.4.1.7135.1.2.1.8", + "display_name": "supannEntiteAffectation", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.26{128}", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannCodeINE": { + "oid": "1.3.6.1.4.1.7135.1.2.1.9", + "display_name": "supannCodeINE", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.44{128}", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannEtuId": { + "oid": "1.3.6.1.4.1.7135.1.2.1.10", + "display_name": "supannEtuId", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{128}", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannEmpId": { + "oid": "1.3.6.1.4.1.7135.1.2.1.11", + "display_name": "supannEmpId", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{128}", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannAutreTelephone": { + "oid": "1.3.6.1.4.1.7135.1.2.1.12", + "display_name": "supannAutreTelephone", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.50", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannEntiteAffectationPrincipale": { + "oid": "1.3.6.1.4.1.7135.1.2.1.13", + "display_name": "supannEntiteAffectationPrincipale", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.26{128}", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannEtablissement": { + "oid": "1.3.6.1.4.1.7135.1.2.1.14", + "display_name": "supannEtablissement", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{128}", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannMailPerso": { + "oid": "1.3.6.1.4.1.7135.1.2.1.15", + "display_name": "supannMailPerso", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.26{256}", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannTypeEntite": { + "oid": "1.3.6.1.4.1.7135.1.2.1.16", + "display_name": "supannTypeEntite", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{128}", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannParrainDN": { + "oid": "1.3.6.1.4.1.7135.1.2.1.17", + "display_name": "supannParrainDN", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.12", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannGroupeDateFin": { + "oid": "1.3.6.1.4.1.7135.1.2.1.18", + "display_name": "supannGroupeDateFin", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.24", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannGroupeAdminDN": { + "oid": "1.3.6.1.4.1.7135.1.2.1.19", + "display_name": "supannGroupeAdminDN", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.12", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannAliasLogin": { + "oid": "1.3.6.1.4.1.7135.1.2.1.20", + "display_name": "supannAliasLogin", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{128}", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannRole": { + "oid": "1.3.6.1.4.1.7135.1.2.1.21", + "display_name": "supannRole", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{128}", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannGroupeLecteurDN": { + "oid": "1.3.6.1.4.1.7135.1.2.1.22", + "display_name": "supannGroupeLecteurDN", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.12", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannRoleGenerique": { + "oid": "1.3.6.1.4.1.7135.1.2.1.23", + "display_name": "supannRoleGenerique", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{256}", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannRoleEntite": { + "oid": "1.3.6.1.4.1.7135.1.2.1.24", + "display_name": "supannRoleEntite", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{512}", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannEtuAnneeInscription": { + "oid": "1.3.6.1.4.1.7135.1.2.1.25", + "display_name": "supannEtuAnneeInscription", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.36{4}", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannEtuCursusAnnee": { + "oid": "1.3.6.1.4.1.7135.1.2.1.26", + "display_name": "supannEtuCursusAnnee", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{128}", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannEtuDiplome": { + "oid": "1.3.6.1.4.1.7135.1.2.1.27", + "display_name": "supannEtuDiplome", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{128}", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannEtuElementPedagogique": { + "oid": "1.3.6.1.4.1.7135.1.2.1.28", + "display_name": "supannEtuElementPedagogique", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{128}", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannEtuEtape": { + "oid": "1.3.6.1.4.1.7135.1.2.1.29", + "display_name": "supannEtuEtape", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{128}", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannEtuInscription": { + "oid": "1.3.6.1.4.1.7135.1.2.1.30", + "display_name": "supannEtuInscription", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{4096}", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannEtuRegimeInscription": { + "oid": "1.3.6.1.4.1.7135.1.2.1.31", + "display_name": "supannEtuRegimeInscription", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{128}", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannEtuSecteurDisciplinaire": { + "oid": "1.3.6.1.4.1.7135.1.2.1.32", + "display_name": "supannEtuSecteurDisciplinaire", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{128}", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannEtuTypeDiplome": { + "oid": "1.3.6.1.4.1.7135.1.2.1.33", + "display_name": "supannEtuTypeDiplome", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{128}", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannAutreMail": { + "oid": "1.3.6.1.4.1.7135.1.2.1.34", + "display_name": "supannAutreMail", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.26{256}", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannEmpCorps": { + "oid": "1.3.6.1.4.1.7135.1.2.1.35", + "display_name": "supannEmpCorps", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{128}", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannTypeEntiteAffectation": { + "oid": "1.3.6.1.4.1.7135.1.2.1.36", + "display_name": "supannTypeEntiteAffectation", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{128}", +}, + +#Extracted from version 389 Directory Server du schema +#SupAnn version 2009.6 +#http://www.cru.fr/_media/documentation/supann/supann_2009.schema.txt +"supannRefId": { + "oid": "1.3.6.1.4.1.7135.1.2.1.37", + "display_name": "supannRefId", + "type": "http://www.w3.org/2001/XMLSchema#string", + "syntax": "1.3.6.1.4.1.1466.115.121.1.15{128}", +}, + } diff --git a/acs/attribute_aggregator/models.py b/acs/attribute_aggregator/models.py index 843faf2..c7a523e 100644 --- a/acs/attribute_aggregator/models.py +++ b/acs/attribute_aggregator/models.py @@ -27,19 +27,31 @@ from django.utils.translation import ugettext as _ from django.db import models from django.contrib.auth.models import User -from attribute_aggregator.signals import any_attributes_call, \ - listed_attributes_call -from attribute_aggregator.mapping import ATTRIBUTE_MAPPING -from attribute_aggregator.core import convert_from_string, \ - get_def_name_from_name_and_ns_of_attribute, iso8601_to_datetime +from acs.attribute_aggregator.signals import any_attributes_call, \ + listed_attributes_call, listed_attributes_with_source_call +from acs.attribute_aggregator.mapping import ATTRIBUTE_MAPPING, \ + ATTRIBUTE_NAMESPACES +from acs.attribute_aggregator.core import convert_from_string, \ + get_def_name_from_name_and_ns_of_attribute, iso8601_to_datetime, \ + get_def_name_from_oid, get_def_name_from_alias, \ + is_alias_of_definition, is_oid_of_definition logger = logging.getLogger('attribute_aggregator') +ATTRIBUTES_NS = [('Default', 'Default')] \ + + [(ns, ns) for ns in ATTRIBUTE_NAMESPACES] + + class AttributeSource(models.Model): - name = models.CharField(max_length = 200, unique=True) - namespace = models.CharField(max_length = 200, blank=True, null=True) + name = models.CharField( + verbose_name = _("Name"), + max_length = 200, unique=True) + namespace = models.CharField( + verbose_name = _("Namespace"), + max_length = 100, + choices = ATTRIBUTES_NS, default = ATTRIBUTES_NS[0]) def __unicode__(self): return self.name @@ -67,14 +79,30 @@ def get_all_sources(): class LdapSource(AttributeSource): - server = models.CharField(max_length=200, unique=True) - user = models.CharField(max_length=200, blank=True, null=True) - password = models.CharField(max_length=200, blank=True, null=True) - base = models.CharField(max_length=200) - port = models.IntegerField(default=389) - ldaps = models.BooleanField(default=False) - certificate = models.TextField(blank=True) - is_auth_backend = models.BooleanField(default=False) + server = models.CharField( + verbose_name = _("Server"), + max_length=200, unique=True) + user = models.CharField( + verbose_name = _("User"), + max_length=200, blank=True, null=True) + password = models.CharField( + verbose_name = _("Password"), + max_length=200, blank=True, null=True) + base = models.CharField( + verbose_name = _("Base"), + max_length=200) + port = models.IntegerField( + verbose_name = _("Port"), + default=389) + ldaps = models.BooleanField( + verbose_name = _("LDAPS"), + default=False) + certificate = models.TextField( + verbose_name = _("Certificate"), + blank=True) + is_auth_backend = models.BooleanField( + verbose_name = _("Is it used for authentication?"), + default=False) def __init__(self, *args, **kwargs): super(LdapSource, self).__init__(*args, **kwargs) @@ -82,10 +110,14 @@ class LdapSource(AttributeSource): class UserAliasInSource(models.Model): - name = models.CharField(max_length = 200) + name = models.CharField( + verbose_name = _("Name"), + max_length = 200) source = models.ForeignKey(AttributeSource, verbose_name = _('Attribute Source')) - user = models.ForeignKey(User, related_name='user_alias_in_source') + user = models.ForeignKey(User, + verbose_name = _("User"), + related_name='user_alias_in_source') class Meta: verbose_name = _('alias in source') @@ -101,11 +133,24 @@ class AttributeData: def __init__(self, definition, values=None, source=None, expiration_date=None): - self.definition = definition + ''' + definition can be given by its name, an alias or an oid + ''' + self.definition = None + if definition in ATTRIBUTE_MAPPING: + self.definition = definition + else: + d = get_def_name_from_oid(definition) + if d: + self.definition = d + else: + self.definition = get_def_name_from_alias(definition) + if not self.definition: + raise Exception('Definition not found.') self.values = list() if values: for value in values: - if convert_from_string(definition, value): + if convert_from_string(self.definition, value): self.values.append(value.encode('utf-8')) if isinstance(source, AttributeSource): self.source_id = source.id @@ -155,7 +200,8 @@ class AttributeData: return list() def get_converted_values(self): - return [convert_from_string(self.definition, value) for value in self.values] + return [convert_from_string(self.definition, value) \ + for value in self.values] def get_source(self): try: @@ -196,8 +242,7 @@ class AttributeData: s = "AttributeData" values = self.get_values() if values: - s += " %s with values %s" % (self.get_definition(), - [v for v in values]) + s += " %s with values %s" % (self.get_definition(), values) source = self.get_source() if source: s += " from %s" % str(source) @@ -244,6 +289,9 @@ class UserAttributeProfile(models.Model): return [] def get_data_of_definition(self, definition, in_list=None): + ''' + definition can be given by its name, an alias or an oid + ''' l = None if in_list: l = in_list @@ -251,7 +299,9 @@ class UserAttributeProfile(models.Model): l = self.get_all_data() if not l: return [] - return [d for d in l if d.get_definition() == definition] + return [d for d in l if d.get_definition() == definition \ + or is_alias_of_definition(d.get_definition(), definition) \ + or is_oid_of_definition(d.get_definition(), definition)] def get_freshest_data_of_definition(self, definition): l = self.get_data_of_definition(definition) @@ -297,9 +347,14 @@ class UserAttributeProfile(models.Model): attributes = dict() data_from_source = list() a1 = dict() - a1['definition'] = definition_name - a1['name'] = attribute_name_in_ns - a1['namespace'] = ns_name + a1['oid'] = definition_name + Or + a1['definition'] = definition_name + definition may be the definition name like 'gn' + or an alias like 'givenName' + Or + a1['name'] = attribute_name_in_ns + a1['namespace'] = ns_name a1['values'] = list_of_values data_from_source.append(a1) ... @@ -321,9 +376,8 @@ class UserAttributeProfile(models.Model): logger.debug('load_by_dic: attributes: %s' \ % str(dictionnary[source_name])) for attribute in dictionnary[source_name]: - if (not ('definition' in attribute \ - and attribute['definition'] \ - in ATTRIBUTE_MAPPING) \ + if (not 'oid' in attribute \ + and not 'definition' in attribute \ and not('name' in attribute \ and 'namespace' in attribute)) \ or not 'values' in attribute: @@ -331,10 +385,15 @@ class UserAttributeProfile(models.Model): missing data to treat %s' % str(attribute)) else: definition = None - if 'definition' in attribute \ - and attribute['definition'] \ - in ATTRIBUTE_MAPPING: - definition = attribute['definition'] + if 'oid' in attribute: + definition = \ + get_def_name_from_oid(attribute['oid']) + elif 'definition' in attribute: + if attribute['definition'] in ATTRIBUTE_MAPPING: + definition = attribute['definition'] + else: + definition = \ + get_def_name_from_alias(attribute['definition']) else: definition = \ get_def_name_from_name_and_ns_of_attribute(\ @@ -399,16 +458,70 @@ class UserAttributeProfile(models.Model): self.load_by_dic(attrs[1]) def load_listed_attributes(self, definitions): + ''' + definitions can be given by its name, an alias or an oid + ''' if self.user: - attributes_provided = listed_attributes_call.send(sender=None, - user=self.user, definitions=definitions) - for attrs in attributes_provided: + defs = [] + for d in definitions: + if d in ATTRIBUTE_MAPPING: + defs.append(d) + else: + df = get_def_name_from_oid(d) + if df: + defs.append(df) + else: + df = get_def_name_from_alias(d) + if df: + defs.append(df) + if defs: logger.info('load_listed_attributes: \ - attributes_call connected to function %s' % \ - attrs[0].__name__) + attributes required are %s' % defs) + attributes_provided = listed_attributes_call.send(sender=None, + user=self.user, definitions=defs) + for attrs in attributes_provided: + logger.info('load_listed_attributes: \ + attributes_call connected to function %s' % \ + attrs[0].__name__) + logger.info('load_listed_attributes: \ + attributes provided are %s' %str(attrs[1])) + self.load_by_dic(attrs[1]) + else: + logger.info('load_listed_attributes: no definitions \ + of attributes to load with %s' % str(definitions)) + + def load_listed_attributes_with_source(self, definitions, source): + if not source: + return + if self.user: + defs = [] + for d in definitions: + if d in ATTRIBUTE_MAPPING: + defs.append(d) + else: + df = get_def_name_from_oid(d) + if df: + defs.append(df) + else: + df = get_def_name_from_alias(d) + if df: + defs.append(df) + if defs: logger.info('load_listed_attributes: \ - attributes provided are %s' %str(attrs[1])) - self.load_by_dic(attrs[1]) + attributes required are %s from %s' % (defs, source)) + attributes_provided = \ + listed_attributes_with_source_call.send(sender=None, + user=self.user, definitions=defs, source=source) + for attrs in attributes_provided: + logger.info('load_listed_attributes: \ + attributes_call connected to function %s' % \ + attrs[0].__name__) + logger.info('load_listed_attributes: \ + attributes provided are %s' %str(attrs[1])) + self.load_by_dic(attrs[1]) + else: + logger.info('load_listed_attributes: no definitions \ + of attributes to load with %s' % str(definitions)) def cleanup(self): l = self.get_all_data() diff --git a/acs/attribute_aggregator/signals.py b/acs/attribute_aggregator/signals.py index a53c7dc..7e90ecc 100644 --- a/acs/attribute_aggregator/signals.py +++ b/acs/attribute_aggregator/signals.py @@ -18,13 +18,21 @@ ''' +import ldap_sources +import user_profile + from django.dispatch import Signal -from attribute_aggregator.ldap_sources import get_all_attributes, \ - get_listed_attributes any_attributes_call = Signal(providing_args = ["user"]) listed_attributes_call = Signal(providing_args = ["user", "definitions"]) +listed_attributes_with_source_call = Signal(providing_args = \ + ["user", "definitions", "source"]) -any_attributes_call.connect(get_all_attributes) -listed_attributes_call.connect(get_listed_attributes) +any_attributes_call.connect(ldap_sources.get_attributes) +listed_attributes_call.connect(ldap_sources.get_attributes) +listed_attributes_with_source_call.connect(ldap_sources.get_attributes) + +any_attributes_call.connect(user_profile.get_attributes) +listed_attributes_call.connect(user_profile.get_attributes) +listed_attributes_with_source_call.connect(user_profile.get_attributes) diff --git a/acs/attribute_aggregator/tests.py b/acs/attribute_aggregator/tests.py new file mode 100644 index 0000000..501deb7 --- /dev/null +++ b/acs/attribute_aggregator/tests.py @@ -0,0 +1,16 @@ +""" +This file demonstrates writing tests using the unittest module. These will pass +when you run "manage.py test". + +Replace this with more appropriate tests for your application. +""" + +from django.test import TestCase + + +class SimpleTest(TestCase): + def test_basic_addition(self): + """ + Tests that 1 + 1 always equals 2. + """ + self.assertEqual(1 + 1, 2) diff --git a/acs/attribute_aggregator/user_profile.py b/acs/attribute_aggregator/user_profile.py new file mode 100644 index 0000000..94f977a --- /dev/null +++ b/acs/attribute_aggregator/user_profile.py @@ -0,0 +1,117 @@ +''' + VERIDIC - Towards a centralized access control system + + Copyright (C) 2011 Mikael Ates + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU Affero General Public License as + published by the Free Software Foundation, either version 3 of the + License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License + along with this program. If not, see . +''' + + +import logging + +from django.contrib.auth.models import SiteProfileNotAvailable +from django.core.exceptions import ObjectDoesNotExist + +from acs.attribute_aggregator.core import get_profile_field_name_from_definition, \ + get_definition_from_profile_field_name + + +logger = logging.getLogger('attribute_aggregator.user_profile') + + +SOURCE_NAME = 'USER_PROFILE' + +def get_attributes(user, definitions=None, source=None, **kwargs): + ''' + Return attributes dictionnary + + Dictionnary format: + attributes = dict() + data_from_source = list() + a1 = dict() + a1['oid'] = definition_name + Or + a1['definition'] = definition_name + definition may be the definition name like 'gn' + or an alias like 'givenName' + Or + a1['name'] = attribute_name_in_ns + a1['namespace'] = ns_name + a1['values'] = list_of_values + data_from_source.append(a1) + ... + data_from_source.append(a2) + attributes[source_name] = data_from_source + + First attempt on 'definition' key. + Else, definition is searched by 'name' and 'namespece' keys. + ''' + from models import AttributeSource + try: + AttributeSource.objects.get(name=SOURCE_NAME) + except: + logger.debug('get_attributes: \ + Profile source not configured') + return None + if source and source.name != SOURCE_NAME: + logger.debug('get_attributes: \ + The required source %s is not user profile' % source) + return None + + attributes = dict() + data = [] + try: + user_profile = user.get_profile() + fields = [] + if definitions: + for definition in definitions: + logger.debug('get_attributes: looking for %s' % definition) + field_name = get_profile_field_name_from_definition(definition) + if not field_name: + ''' + Profile model may be extended without modifying the + mapping file if the attribute name is the same as the + definition + ''' + logger.debug('get_attributes: \ + field name will be the definition') + field_name = definition + if field_name in user_profile._meta.get_all_field_names(): + fields.append((field_name, definition)) + else: + logger.debug('get_attributes: Field not found in profile') + else: + fields = [(field_name, + get_definition_from_profile_field_name(field_name)) \ + for field_name \ + in user_profile._meta.get_all_field_names() \ + if get_definition_from_profile_field_name(field_name)] + for field_name, definition in fields: + field = user_profile._meta.get_field_by_name(field_name)[0] + logger.debug('get_attributes: found field %s aka %s' \ + % (field_name, field.verbose_name)) + value = getattr(user_profile, field_name) + if value: + logger.debug('get_attributes: found value %s' % value) + attr = {} + attr['definition'] = definition + attr['values'] = [value] + data.append(attr) + else: + logger.debug('get_attributes: no value found') + except (SiteProfileNotAvailable, ObjectDoesNotExist): + logger.debug('get_attributes: No user profile') + return None + attributes[SOURCE_NAME] = data + return attributes diff --git a/acs/attribute_aggregator/utils.py b/acs/attribute_aggregator/utils.py new file mode 100644 index 0000000..d3990b7 --- /dev/null +++ b/acs/attribute_aggregator/utils.py @@ -0,0 +1,27 @@ +''' + VERIDIC Project - Towards a centralized access control system + + Copyright (C) 2011 Mikael Ates + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU Affero General Public License as + published by the Free Software Foundation, either version 3 of the + License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License + along with this program. If not, see . +''' + + +def urn_to_oid(urn): + _, _, oid = urn.partition('urn:oid:') + return oid + + +def oid_to_urn(oid): + return 'urn:oid:%s' % oid