[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#6151) Update cosine.schema to RFC 4524
On Jun 1, 2009, at 4:30 AM, michael@stroeder.com wrote:
> This is a multi-part message in MIME format.
> --------------080004030402080700020504
> Content-Type: text/plain; charset=3DISO-8859-1
> Content-Transfer-Encoding: 8bit
>
> Updated schema file cosine-update.schema attached.
I note that differs are generally preferred, even where the file is =20
mostly changed. This helps ensure changes that others might make to =20
the file you started with are not lost.
> Note that some schema
> descriptions were copied from old cosine.schema to preserve backward
> compability since RFC 4524 does not contain all schema descriptions =20=
> e.g.
> needed for 'pilotPerson'. Note that 'pilotPerson' is used as superior
> class for 'OpenLDAPperson'. Also some aliases were added to NAME of
> attribute type descriptions.
>
> IPR notice:
> This patch file is derived from OpenLDAP Software and RFC 4524 and RFC
> 1274. All of the modifications to OpenLDAP Software represented in the
> attached file were developed by Michael Str=F6der =20
> <michael@stroeder.com>.
> I have not assigned rights and/or interest in this work to any party.
While this notice of origin is fine, you did not include a rights =20
statement.
>
>
> --------------080004030402080700020504
> Content-Type: text/plain;
> name=3D"cosine-update.schema"
> Content-Transfer-Encoding: 7bit
> Content-Disposition: inline;
> filename=3D"cosine-update.schema"
>
> # RFC 4524: COSINE LDAP/X.500 Schema
> # $OpenLDAP: pkg/ldap/servers/slapd/schema/cosine.schema,v 1.26 =20
> 2009/01/21 23:40:40 kurt Exp $
> ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
> ##
> ## Copyright 1998-2009 The OpenLDAP Foundation.
> ## All rights reserved.
> ##
> ## Redistribution and use in source and binary forms, with or without
> ## modification, are permitted only as authorized by the OpenLDAP
> ## Public License.
> ##
> ## A copy of this license is available in the file LICENSE in the
> ## top-level directory of the distribution or, alternatively, at
> ## <http://www.OpenLDAP.org/license.html>.
> #
> # RFC 4524: COSINE LDAP/X.500 Schema
> # This file is mainly based on the schema descriptions found in RFC =20=
> 4524.
> # To preserve backwards compability with 'pilotPerson' schema some =20
> attribute
> # types and object classes not declared in RFC 4524 were copied from
> # (obsoleted) RFC 1274 and some attribute type descriptions were =20
> extended
> # with aliases for NAME.
> #
> # Depends on core.schema
>
> # =20
> =
--------------------------------------------------------------------------=
> # 2. COSINE Attribute Types
> # =20
> =
--------------------------------------------------------------------------=
> #
> # This section details COSINE attribute types for use in LDAP.
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 2.1. associatedDomain
> #
> # The 'associatedDomain' attribute specifies DNS [RFC1034][RFC2181]
> # host names [RFC1123] that are associated with an object. That =20=
> is,
> # values of this attribute should conform to the following ABNF:
> #
> # domain =3D root / label *( DOT label )
> # root =3D SPACE
> # label =3D LETDIG [ *61( LETDIG / HYPHEN ) LETDIG ]
> # LETDIG =3D %x30-39 / %x41-5A / %x61-7A ; "0" - "9" / "A"-"Z" / =20=
> "a"-"z"
> # SPACE =3D %x20 ; space (" ")
> # HYPHEN =3D %x2D ; hyphen ("-")
> # DOT =3D %x2E ; period (".")
> #
> # For example, the entry in the DIT with a DN <DC=3Dexample,DC=3Dcom>=
=20
> might
> # have an associated domain of "example.com".
> #
> # (OpenLDAP-specific: Declared in core.schema)
> # attributetype ( 0.9.2342.19200300.100.1.37
> # NAME 'associatedDomain'
> # EQUALITY caseIgnoreIA5Match
> # SUBSTR caseIgnoreIA5SubstringsMatch
> # SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
> #
> # The IA5String (1.3.6.1.4.1.1466.115.121.1.26) syntax and the
> # 'caseIgnoreIA5Match' and 'caseIgnoreIA5SubstringsMatch' rules are
> # described in [RFC4517].
> #
> # Note that the directory will not ensure that values of this =20
> attribute
> # conform to the <domain> production provided above. It is the
> # application's responsibility to ensure that domains it stores =20
> in this
> # attribute are appropriately represented.
> #
> # Also note that applications supporting Internationalized Domain =20=
> Names
> # SHALL use the ToASCII method [RFC3490] to produce <label> =20
> components
> # of the <domain> production.
>
> # =20
> =
--------------------------------------------------------------------------=
> # 2.2. associatedName
> #
> # The 'associatedName' attribute specifies names of entries in the
> # organizational DIT associated with a DNS domain [RFC1034]=20
> [RFC2181].
> #
>
> attributetype ( 0.9.2342.19200300.100.1.38
> NAME 'associatedName'
> EQUALITY distinguishedNameMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
>
> #
> # The DistinguishedName (1.3.6.1.4.1.1466.115.121.1.12) syntax =20
> and the
> # 'distinguishedNameMatch' rule are described in [RFC4517].
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 2.3. buildingName
> #
> # The 'buildingName' attribute specifies names of the buildings =20
> where
> # an organization or organizational unit is based, for example, =20
> "The
> # White House".
> #
>
> attributetype ( 0.9.2342.19200300.100.1.48
> NAME 'buildingName'
> EQUALITY caseIgnoreMatch
> SUBSTR caseIgnoreSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>
> #
> # The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and =20=
> the
> # 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are =20
> described
> # in [RFC4517].
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 2.4. co
> #
> # The 'co' (Friendly Country Name) attribute specifies names of
> # countries in human-readable format, for example, "Germany" and
> # "Federal Republic of Germany". It is commonly used in =20
> conjunction
> # with the 'c' (Country Name) [RFC4519] attribute (whose values are
> # restricted to the two-letter codes defined in [ISO3166]).
> #
>
> attributetype ( 0.9.2342.19200300.100.1.43
> NAME 'co'
> EQUALITY caseIgnoreMatch
> SUBSTR caseIgnoreSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
>
> #
> # The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and =20=
> the
> # 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are =20
> described
> # in [RFC4517].
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 2.5. documentAuthor
> #
> # The 'documentAuthor' attribute specifies the distinguished =20
> names of
> # authors (or editors) of a document. For example,
> #
>
> attributetype ( 0.9.2342.19200300.100.1.14
> NAME 'documentAuthor'
> EQUALITY distinguishedNameMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
>
> #
> # The DistinguishedName (1.3.6.1.4.1.1466.115.121.1.12) syntax =20
> and the
> # 'distinguishedNameMatch' rule are described in [RFC4517].
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 2.6. documentIdentifier
> #
> # The 'documentIdentifier' attribute specifies unique identifiers =20=
> for a
> # document. A document may be identified by more than one unique
> # identifier. For example, RFC 3383 and BCP 64 are unique =20
> identifiers
> # that (presently) refer to the same document.
> #
>
> attributetype ( 0.9.2342.19200300.100.1.11
> NAME 'documentIdentifier'
> EQUALITY caseIgnoreMatch
> SUBSTR caseIgnoreSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>
> #
> # The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and =20=
> the
> # 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are =20
> described
> # in [RFC4517].
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 2.7. documentLocation
> #
> # The 'documentLocation' attribute specifies locations of the =20
> document
> # original.
> #
>
> attributetype ( 0.9.2342.19200300.100.1.15
> NAME 'documentLocation'
> EQUALITY caseIgnoreMatch
> SUBSTR caseIgnoreSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>
> #
> # The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and =20=
> the
> # 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are =20
> described
> # in [RFC4517].
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 2.8. documentPublisher
> #
> # The 'documentPublisher' attribute is the persons and/or =20
> organizations
> # that published the document. Documents that are jointly =20
> published
> # have one value for each publisher.
> #
>
> attributetype ( 0.9.2342.19200300.100.1.56
> NAME 'documentPublisher'
> EQUALITY caseIgnoreMatch
> SUBSTR caseIgnoreSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
>
> #
> # The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and =20=
> the
> # 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are =20
> described
> # in [RFC4517].
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 2.9. documentTitle
> #
> # The 'documentTitle' attribute specifies the titles of a document.
> # Multiple values are allowed to accommodate both long and short
> # titles, or other situations where a document has multiple =20
> titles, for
> # example, "The Lightweight Directory Access Protocol Technical
> # Specification" and "The LDAP Technical Specification".
> #
>
> attributetype ( 0.9.2342.19200300.100.1.12
> NAME 'documentTitle'
> EQUALITY caseIgnoreMatch
> SUBSTR caseIgnoreSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>
> #
> # The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and =20=
> the
> # 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are =20
> described
> # in [RFC4517].
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 2.10. documentVersion
> #
> # The 'documentVersion' attribute specifies the version =20
> information of
> # a document.
> #
>
> attributetype ( 0.9.2342.19200300.100.1.13
> NAME 'documentVersion'
> EQUALITY caseIgnoreMatch
> SUBSTR caseIgnoreSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>
> #
> # The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and =20=
> the
> # 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are =20
> described
> # in [RFC4517].
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 2.11. drink
> #
> # The 'drink' (favouriteDrink) attribute specifies the favorite =20
> drinks
> # of an object (or person), for instance, "cola" and "beer".
> #
>
> attributetype ( 0.9.2342.19200300.100.1.5
> NAME ( 'drink' 'favouriteDrink' )
> EQUALITY caseIgnoreMatch
> SUBSTR caseIgnoreSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>
> #
> # The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and =20=
> the
> # 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are =20
> described
> # in [RFC4517].
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 2.12. homePhone
> #
> # The 'homePhone' (Home Telephone Number) attribute specifies home
> # telephone numbers (e.g., "+1 775 555 1234") associated with a =20
> person.
> #
>
> attributetype ( 0.9.2342.19200300.100.1.20
> NAME ( 'homePhone' 'homeTelephoneNumber' )
> EQUALITY telephoneNumberMatch
> SUBSTR telephoneNumberSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
>
> #
> # The telephoneNumber (1.3.6.1.4.1.1466.115.121.1.50) syntax and =20=
> the
> # 'telephoneNumberMatch' and 'telephoneNumberSubstringsMatch' =20
> rules are
> # described in [RFC4517].
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 2.13. homePostalAddress
> #
> # The 'homePostalAddress' attribute specifies home postal =20
> addresses for
> # an object. Each value should be limited to up to 6 directory =20
> strings
> # of 30 characters each. (Note: It is not intended that the =20
> directory
> # service enforce these limits.)
> #
>
> attributetype ( 0.9.2342.19200300.100.1.39
> NAME 'homePostalAddress'
> EQUALITY caseIgnoreListMatch
> SUBSTR caseIgnoreListSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
>
> #
> # The PostalAddress (1.3.6.1.4.1.1466.115.121.1.41) syntax and the
> # 'caseIgnoreListMatch' and 'caseIgnoreListSubstringsMatch' rules =20=
> are
> # described in [RFC4517].
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 2.14. host
> #
> # The 'host' attribute specifies host computers, generally by their
> # primary fully qualified domain name (e.g., my-host.example.com).
> #
>
> attributetype ( 0.9.2342.19200300.100.1.9
> NAME 'host'
> EQUALITY caseIgnoreMatch
> SUBSTR caseIgnoreSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>
> #
> # The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and =20=
> the
> # 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are =20
> described
> # in [RFC4517].
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 2.15. info
> #
> # The 'info' attribute specifies any general information =20
> pertinent to
> # an object. This information is not necessarily descriptive of =20=
> the
> # object.
> #
> # Applications should not attach specific semantics to values of =20=
> this
> # attribute. The 'description' attribute [RFC4519] is available =20=
> for
> # specifying descriptive information pertinent to an object.
> #
>
> attributetype ( 0.9.2342.19200300.100.1.4
> NAME 'info'
> EQUALITY caseIgnoreMatch
> SUBSTR caseIgnoreSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{2048} )
>
> #
> # The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and =20=
> the
> # 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are =20
> described
> # in [RFC4517].
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 2.16. mail
> #
> # The 'mail' (rfc822mailbox) attribute type holds Internet mail
> # addresses in Mailbox [RFC2821] form (e.g., user@example.com).
> #
> # (OpenLDAP-specific: Declared in core.schema)
> # attributetype ( 0.9.2342.19200300.100.1.3
> # NAME 'mail'
> # EQUALITY caseIgnoreIA5Match
> # SUBSTR caseIgnoreIA5SubstringsMatch
> # SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
> #
> # The IA5String (1.3.6.1.4.1.1466.115.121.1.26) syntax and the
> # 'caseIgnoreIA5Match' and 'caseIgnoreIA5SubstringsMatch' rules are
> # described in [RFC4517].
> #
> # Note that the directory will not ensure that values of this =20
> attribute
> # conform to the <Mailbox> production [RFC2821]. It is the
> # application's responsibility to ensure that domains it stores =20
> in this
> # attribute are appropriately represented.
> #
> # Additionally, the directory will compare values per the matching
> # rules named in the above attribute type description. As these =20=
> rules
> # differ from rules that normally apply to <Mailbox> comparisons,
> # operational issues may arise. For example, the assertion
> # (mail=3Djoe@example.com) will match "JOE@example.com" even though =
=20
> the
> # <local-parts> differ. Also, where a user has two <Mailbox>es =20
> whose
> # addresses differ only by case of the <local-part>, both cannot be
> # listed as values of the user's mail attribute (as they are =20
> considered
> # equal by the 'caseIgnoreIA5Match' rule).
> #
> # Also note that applications supporting internationalized domain =20=
> names
> # SHALL use the ToASCII method [RFC3490] to produce <sub-domain>
> # components of the <Mailbox> production.
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 2.17. manager
> #
> # The 'manager' attribute specifies managers, by distinguished =20
> name, of
> # the person (or entity).
> #
>
> attributetype ( 0.9.2342.19200300.100.1.10
> NAME 'manager'
> EQUALITY distinguishedNameMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
>
> #
> # The DistinguishedName (1.3.6.1.4.1.1466.115.121.1.12) syntax =20
> and the
> # 'distinguishedNameMatch' rule are described in [RFC4517].
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 2.18. mobile
> #
> # The 'mobile' (mobileTelephoneNumber) attribute specifies mobile
> # telephone numbers (e.g., "+1 775 555 6789") associated with a =20
> person
> # (or entity).
> #
>
> attributetype ( 0.9.2342.19200300.100.1.41
> NAME ( 'mobile' 'mobileTelephoneNumber' )
> EQUALITY telephoneNumberMatch
> SUBSTR telephoneNumberSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
>
> #
> # The telephoneNumber (1.3.6.1.4.1.1466.115.121.1.50) syntax and =20=
> the
> # 'telephoneNumberMatch' and 'telephoneNumberSubstringsMatch' =20
> rules are
> # described in [RFC4517].
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 2.19. organizationalStatus
> #
> # The 'organizationalStatus' attribute specifies categories by =20
> which a
> # person is often referred to in an organization. Examples of =20
> usage in
> # academia might include "undergraduate student", "researcher",
> # "professor", and "staff". Multiple values are allowed where the
> # person is in multiple categories.
> #
> # Directory administrators and application designers SHOULD =20
> consider
> # carefully the distinctions between this and the 'title' and
> # 'userClass' attributes.
> #
>
> attributetype ( 0.9.2342.19200300.100.1.45
> NAME 'organizationalStatus'
> EQUALITY caseIgnoreMatch
> SUBSTR caseIgnoreSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>
> #
> # The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and =20=
> the
> # 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are =20
> described
> # in [RFC4517].
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 2.20. pager
> #
> # The 'pager' (pagerTelephoneNumber) attribute specifies pager
> # telephone numbers (e.g., "+1 775 555 5555") for an object.
> #
>
> attributetype ( 0.9.2342.19200300.100.1.42
> NAME ( 'pager' 'pagerTelephoneNumber' )
> EQUALITY telephoneNumberMatch
> SUBSTR telephoneNumberSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
>
> #
> # The telephoneNumber (1.3.6.1.4.1.1466.115.121.1.50) syntax and =20=
> the
> # 'telephoneNumberMatch' and 'telephoneNumberSubstringsMatch' =20
> rules are
> # described in [RFC4517].
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 2.21. personalTitle
> #
> # The 'personalTitle' attribute specifies personal titles for a =20
> person.
> # Examples of personal titles are "Frau", "Dr.", "Herr", and
> # "Professor".
> #
>
> attributetype ( 0.9.2342.19200300.100.1.40
> NAME 'personalTitle'
> EQUALITY caseIgnoreMatch
> SUBSTR caseIgnoreSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>
> #
> # The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and =20=
> the
> # 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are =20
> described
> # in [RFC4517].
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 2.22. roomNumber
> #
> # The 'roomNumber' attribute specifies the room number of an =20
> object.
> # During periods of renumbering, or in other circumstances where =20=
> a room
> # has multiple valid room numbers associated with it, multiple =20
> values
> # may be provided. Note that the 'cn' (commonName) attribute type
> # SHOULD be used for naming room objects.
> #
>
> attributetype ( 0.9.2342.19200300.100.1.6
> NAME 'roomNumber'
> EQUALITY caseIgnoreMatch
> SUBSTR caseIgnoreSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>
> #
> # The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and =20=
> the
> # 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are =20
> described
> # in [RFC4517].
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 2.23. secretary
> #
> # The 'secretary' attribute specifies secretaries and/or =20
> administrative
> # assistants, by distinguished name.
> #
>
> attributetype ( 0.9.2342.19200300.100.1.21
> NAME 'secretary'
> EQUALITY distinguishedNameMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
>
> #
> # The DistinguishedName (1.3.6.1.4.1.1466.115.121.1.12) syntax =20
> and the
> # 'distinguishedNameMatch' rule are described in [RFC4517].
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 2.24. uniqueIdentifier
> #
> # The 'uniqueIdentifier' attribute specifies a unique identifier =20=
> for an
> # object represented in the Directory. The domain within which the
> # identifier is unique and the exact semantics of the identifier =20=
> are
> # for local definition. For a person, this might be an =20
> institution-
> # wide payroll number. For an organizational unit, it might be a
> # department code.
> #
>
> attributetype ( 0.9.2342.19200300.100.1.44
> NAME 'uniqueIdentifier'
> EQUALITY caseIgnoreMatch
> SUBSTR caseIgnoreSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>
> #
> # The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and =20=
> the
> # 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are =20
> described
> # in [RFC4517].
> #
> # Note: X.520 also describes an attribute called 'uniqueIdentifier'
> # (2.5.4.45), which is called 'x500UniqueIdentifier' in LDAP
> # [RFC4519]. The attribute detailed here ought not be =20
> confused
> # with 'x500UniqueIdentifier'.
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 2.25. userClass
> #
> # The 'userClass' attribute specifies categories of computer or
> # application user. The semantics placed on this attribute are for
> # local interpretation. Examples of current usage of this =20
> attribute in
> # academia are "student", "staff", and "faculty". Note that the
> # 'organizationalStatus' attribute type is now often preferred, =20
> as it
> # makes no distinction between persons as opposed to users.
> #
>
> attributetype ( 0.9.2342.19200300.100.1.8
> NAME 'userClass'
> EQUALITY caseIgnoreMatch
> SUBSTR caseIgnoreSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>
> #
> # The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and =20=
> the
> # 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are =20
> described
> # in [RFC4517].
> #
>
>
> # =20
> =
--------------------------------------------------------------------------=
> # Attribute types from RFC 1274 which are missing in RFC 4524
> # =20
> =
--------------------------------------------------------------------------=
> #
> # 9.3.2. Text Encoded O/R Address
> #
> # The Text Encoded O/R Address attribute type specifies a text =20
> encoding
> # of an X.400 O/R address, as specified in RFC 987. The use of this
> # attribute is deprecated as the attribute is intended for interim =20=
> use
> # only. This attribute will be the first candidate for the attribute
> # expiry mechanisms!
> #
> # textEncodedORAddress ATTRIBUTE
> # WITH ATTRIBUTE-SYNTAX
> # caseIgnoreStringSyntax
> # (SIZE (1 .. ub-text-encoded-or-address))
> # ::=3D {pilotAttributeType 2}
> #
>
> attributetype ( 0.9.2342.19200300.100.1.2
> NAME 'textEncodedORAddress'
> EQUALITY caseIgnoreMatch
> SUBSTR caseIgnoreSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
>
> # =20
> =
--------------------------------------------------------------------------=
> # 9.3.7. Photo
> #
> # The Photo attribute type specifies a "photograph" for an object.
> # This should be encoded in G3 fax as explained in recommendation T.=20=
> 4,
> # with an ASN.1 wrapper to make it compatible with an X.400 =20
> BodyPart as
> # defined in X.420.
> #
> # IMPORT G3FacsimileBodyPart FROM { mhs-motis ipms modules
> # information-objects }
> #
> # photo ATTRIBUTE
> # WITH ATTRIBUTE-SYNTAX
> # CHOICE {
> # g3-facsimile [3] G3FacsimileBodyPart
> # }
> # (SIZE (1 .. ub-photo))
> # ::=3D {pilotAttributeType 7}
> #
>
> attributetype ( 0.9.2342.19200300.100.1.7
> NAME 'photo'
> DESC 'RFC1274: photo (G3 fax)'
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.23{25000} )
>
> # =20
> =
--------------------------------------------------------------------------=
> # 9.3.18. Other Mailbox
> #
> # The Other Mailbox attribute type specifies values for electronic
> # mailbox types other than X.400 and rfc822.
> #
> # otherMailbox ATTRIBUTE
> # WITH ATTRIBUTE-SYNTAX
> # SEQUENCE {
> # mailboxType PrintableString, -- e.g. Telemail
> # mailbox IA5String -- e.g. X378:Joe
> # }
> # ::=3D {pilotAttributeType 22}
> #
>
> attributetype ( 0.9.2342.19200300.100.1.22
> NAME 'otherMailbox'
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.39 )
>
> # =20
> =
--------------------------------------------------------------------------=
> # 9.3.22. DNS ARecord
> #
> # The A Record attribute type specifies a type A (Address) DNS =20
> resource
> # record [6] [7].
> #
> # aRecord ATTRIBUTE
> # WITH ATTRIBUTE-SYNTAX
> # DNSRecordSyntax
> # ::=3D {pilotAttributeType 26}
> #
> ## incorrect syntax?
> attributetype ( 0.9.2342.19200300.100.1.26
> NAME 'aRecord'
> EQUALITY caseIgnoreIA5Match
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
>
> ## missing from RFC1274
> ## incorrect syntax?
> attributetype ( 0.9.2342.19200300.100.1.27
> NAME 'mDRecord'
> EQUALITY caseIgnoreIA5Match
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
>
> # =20
> =
--------------------------------------------------------------------------=
> # 9.3.23. MX Record
> #
> # The MX Record attribute type specifies a type MX (Mail Exchange) =20=
> DNS
> # resource record [6] [7].
> #
> # mXRecord ATTRIBUTE
> # WITH ATTRIBUTE-SYNTAX
> # DNSRecordSyntax
> # ::=3D {pilotAttributeType 28}
> #
> ## incorrect syntax!!
> attributetype ( 0.9.2342.19200300.100.1.28
> NAME 'mXRecord'
> EQUALITY caseIgnoreIA5Match
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
>
> # =20
> =
--------------------------------------------------------------------------=
> # 9.3.24. NS Record
> #
> # The NS Record attribute type specifies an NS (Name Server) DNS
> # resource record [6] [7].
> #
> # nSRecord ATTRIBUTE
> # WITH ATTRIBUTE-SYNTAX
> # DNSRecordSyntax
> # ::=3D {pilotAttributeType 29}
> #
> ## incorrect syntax!!
>
> attributetype ( 0.9.2342.19200300.100.1.29
> NAME 'nSRecord'
> EQUALITY caseIgnoreIA5Match
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
>
> # =20
> =
--------------------------------------------------------------------------=
> # 9.3.25. SOA Record
> #
> # The SOA Record attribute type specifies a type SOA (Start of
> # Authority) DNS resorce record [6] [7].
> #
> # sOARecord ATTRIBUTE
> # WITH ATTRIBUTE-SYNTAX
> # DNSRecordSyntax
> # ::=3D {pilotAttributeType 30}
> #
> ## incorrect syntax!!
>
> attributetype ( 0.9.2342.19200300.100.1.30
> NAME 'sOARecord'
> EQUALITY caseIgnoreIA5Match
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
>
> # =20
> =
--------------------------------------------------------------------------=
> # 9.3.26. CNAME Record
> #
> # The CNAME Record attribute type specifies a type CNAME (Canonical
> # Name) DNS resource record [6] [7].
> #
> # cNAMERecord ATTRIBUTE
> # WITH ATTRIBUTE-SYNTAX
> # iA5StringSyntax
> # ::=3D {pilotAttributeType 31}
> #
> ## incorrect syntax!!
>
> attributetype ( 0.9.2342.19200300.100.1.31
> NAME 'cNAMERecord'
> EQUALITY caseIgnoreIA5Match
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
>
> # =20
> =
--------------------------------------------------------------------------=
> # 9.3.36. Janet Mailbox
> #
> # The Janet Mailbox attribute type specifies an electronic mailbox
> # attribute following the syntax specified in the Grey Book of the
> # Coloured Book series. This attribute is intended for the =20
> convenience
> # of U.K users unfamiliar with rfc822 and little-endian mail =20
> addresses.
> # Entries using this attribute MUST also include an rfc822Mailbox
> # attribute.
> #
> # janetMailbox ATTRIBUTE
> # WITH ATTRIBUTE-SYNTAX
> # caseIgnoreIA5StringSyntax
> # (SIZE (1 .. ub-janet-mailbox))
> # ::=3D {pilotAttributeType 46}
> #
> attributetype ( 0.9.2342.19200300.100.1.46
> NAME 'janetMailbox'
> DESC 'RFC1274: Janet mailbox'
> EQUALITY caseIgnoreIA5Match
> SUBSTR caseIgnoreIA5SubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
>
> # =20
> =
--------------------------------------------------------------------------=
> # 9.3.37. Mail Preference Option
> #
> # An attribute to allow users to indicate a preference for =20
> inclusion of
> # their names on mailing lists (electronic or physical). The absence
> # of such an attribute should be interpreted as if the attribute was
> # present with value "no-list-inclusion". This attribute should be
> # interpreted by anyone using the directory to derive mailing lists,
> # and its value respected.
> #
> # mailPreferenceOption ATTRIBUTE
> # WITH ATTRIBUTE-SYNTAX ENUMERATED {
> # no-list-inclusion(0),
> # any-list-inclusion(1), -- may be added to any lists
> # professional-list-inclusion(2)
> # -- may be added to lists
> # -- which the list provider
> # -- views as related to the
> # -- users professional inter-
> # -- ests, perhaps evaluated
> # -- from the business of the
> # -- organisation or keywords
> # -- in the entry.
> # }
> # ::=3D {pilotAttributeType 47}
> #
>
> attributetype ( 0.9.2342.19200300.100.1.47
> NAME 'mailPreferenceOption'
> DESC 'RFC1274: mail preference option'
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
>
> # =20
> =
--------------------------------------------------------------------------=
> # 9.3.43. Personal Signature
> #
> # The Personal Signature attribute type allows for a representation =20=
> of
> # a person's signature. This should be encoded in G3 fax as =20
> explained
> # in recommendation T.4, with an ASN.1 wrapper to make it compatible
> # with an X.400 BodyPart as defined in X.420.
> #
> # IMPORT G3FacsimileBodyPart FROM { mhs-motis ipms modules
> # information-objects }
> #
> # personalSignature ATTRIBUTE
> # WITH ATTRIBUTE-SYNTAX
> # CHOICE {
> # g3-facsimile [3] G3FacsimileBodyPart
> # }
> # (SIZE (1 .. ub-personal-signature))
> # ::=3D {pilotAttributeType 53}
> #
>
> attributetype ( 0.9.2342.19200300.100.1.53
> NAME 'personalSignature'
> DESC 'RFC1274: Personal Signature (G3 fax)'
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.23 )
>
> # =20
> =
--------------------------------------------------------------------------=
> # 9.3.45. Audio
> #
> # The Audio attribute type allows the storing of sounds in the
> # Directory. The attribute uses a u-law encoded sound file as used =20=
> by
> # the "play" utility on a Sun 4. This is an interim format.
> #
> # audio ATTRIBUTE
> # WITH ATTRIBUTE-SYNTAX
> # Audio
> # (SIZE (1 .. ub-audio))
> # ::=3D {pilotAttributeType 55}
> #
>
> attributetype ( 0.9.2342.19200300.100.1.55
> NAME 'audio'
> DESC 'RFC1274: audio (u-law)'
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.4{25000} )
>
>
> # =20
> =
--------------------------------------------------------------------------=
> # 3. COSINE Object Classes
> # =20
> =
--------------------------------------------------------------------------=
> #
> # This section details COSINE object classes for use in LDAP.
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 3.1. account
> #
> # The 'account' object class is used to define entries representing
> # computer accounts. The 'uid' attribute SHOULD be used for naming
> # entries of this object class.
> #
>
> objectclass ( 0.9.2342.19200300.100.4.5
> NAME 'account'
> SUP top STRUCTURAL
> MUST uid
> MAY ( description $ seeAlso $ l $ o $ ou $ host ) )
>
> #
> # The 'top' object class is described in [RFC4512]. The =20
> 'description',
> # 'seeAlso', 'l', 'o', 'ou', and 'uid' attribute types are =20
> described in
> # [RFC4519]. The 'host' attribute type is described in Section 2 =20=
> of
> # this document.
> #
> # Example:
> #
> # dn: uid=3Dkdz,cn=3DAccounts,dc=3DExample,dc=3DCOM
> # objectClass: account
> # uid: kdz
> # seeAlso: cn=3DKurt D. Zeilenga,cn=3DPersons,dc=3DExample,dc=3DCO=
M
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 3.2. document
> #
> # The 'document' object class is used to define entries that =20
> represent
> # documents.
> #
>
> objectclass ( 0.9.2342.19200300.100.4.6
> NAME 'document'
> SUP top STRUCTURAL
> MUST documentIdentifier
> MAY ( cn $ description $ seeAlso $ l $ o $ ou $
> documentTitle $ documentVersion $ documentAuthor $
> documentLocation $ documentPublisher ) )
>
> #
> # The 'top' object class is described in [RFC4512]. The 'cn',
> # 'description', 'seeAlso', 'l', 'o', and 'ou' attribute types are
> # described in [RFC4519]. The 'documentIdentifier', =20
> 'documentTitle',
> # 'documentVersion', 'documentAuthor', 'documentLocation', and
> # 'documentPublisher' attribute types are described in Section 2 of
> # this document.
> #
> # Example:
> #
> # dn: documentIdentifier=3DRFC 4524,cn=3DRFC,dc=3DExample,dc=3DCOM=
> # objectClass: document
> # documentIdentifier: RFC 4524
> # documentTitle: COSINE LDAP/X.500 Schema
> # documentAuthor: cn=3DKurt D. =20
> Zeilenga,cn=3DPersons,dc=3DExample,dc=3DCOM
> # documentLocation: http://www.rfc-editor.org/rfc/rfc4524.txt
> # documentPublisher: Internet Engineering Task Force
> # description: A collection of schema elements for use in LDAP
> # description: Obsoletes RFC 1274
> # seeAlso: documentIdentifier=3DRFC =
4510,cn=3DRFC,dc=3DExample,dc=3DCOM
> # seeAlso: documentIdentifier=3DRFC =
1274,cn=3DRFC,dc=3DExample,dc=3DCOM
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 3.3. documentSeries
> #
> # The 'documentSeries' object class is used to define an entry that
> # represents a series of documents (e.g., The Request For Comments
> # memos).
> #
>
> objectclass ( 0.9.2342.19200300.100.4.9
> NAME 'documentSeries'
> SUP top STRUCTURAL
> MUST cn
> MAY ( description $ l $ o $ ou $ seeAlso $ telephonenumber ) )
>
> #
> # The 'top' object class is described in [RFC4512]. The =20
> 'description',
> # 'l', 'o', 'ou', 'seeAlso', and 'telephoneNumber' attribute =20
> types are
> # described in [RFC4519].
> #
> # Example:
> #
> # dn: cn=3DRFC,dc=3DExample,dc=3DCOM
> # objectClass: documentSeries
> # cn: Request for Comments
> # cn: RFC
> # description: a series of memos about the Internet
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 3.4. domain
> #
> # The 'domain' object class is used to define entries that =20
> represent
> # DNS domains for objects that are not organizations, =20
> organizational
> # units, or other kinds of objects more appropriately defined =20
> using an
> # object class specific to the kind of object being defined (e.g.,
> # 'organization', 'organizationUnit').
> #
> # The 'dc' attribute should be used for naming entries of the =20
> 'domain'
> # object class.
> #
>
> objectclass ( 0.9.2342.19200300.100.4.13
> NAME 'domain'
> SUP top STRUCTURAL
> MUST dc
> MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
> x121Address $ registeredAddress $ destinationIndicator $
> preferredDeliveryMethod $ telexNumber $
> teletexTerminalIdentifier $ telephoneNumber $
> internationaliSDNNumber $ facsimileTelephoneNumber $ street $
> postOfficeBox $ postalCode $ postalAddress $
> physicalDeliveryOfficeName $ st $ l $ description $ o $
> associatedName ) )
>
> #
> # The 'top' object class and the 'dc', 'userPassword', =20
> 'searchGuide',
> # 'seeAlso', 'businessCategory', 'x121Address', =20
> 'registeredAddress',
> # 'destinationIndicator', 'preferredDeliveryMethod', 'telexNumber',
> # 'teletexTerminalIdentifier', 'telephoneNumber',
> # 'internationaliSDNNumber', 'facsimileTelephoneNumber', 'street',
> # 'postOfficeBox', 'postalCode', 'postalAddress',
> # 'physicalDeliveryOfficeName', 'st', 'l', 'description', and 'o' =20=
> types
> # are described in [RFC4519]. The 'associatedName' attribute =20
> type is
> # described in Section 2 of this document.
> #
> # Example:
> #
> # dn: dc=3Dcom
> # objectClass: domain
> # dc: com
> # description: the .COM TLD
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 3.5. domainRelatedObject
> #
> # The 'domainRelatedObject' object class is used to define =20
> entries that
> # represent DNS domains that are "equivalent" to an X.500 domain, =20=
> e.g.,
> # an organization or organizational unit.
> #
>
> objectclass ( 0.9.2342.19200300.100.4.17
> NAME 'domainRelatedObject'
> SUP top AUXILIARY
> MUST associatedDomain )
>
> #
> # The 'top' object class is described in [RFC4512]. The
> # 'associatedDomain' attribute type is described in Section 2 of =20=
> this
> # document.
> #
> # Example:
> #
> # dn: dc=3Dexample,dc=3Dcom
> # objectClass: organization
> # objectClass: dcObject
> # objectClass: domainRelatedObject
> # dc: example
> # associatedDomain: example.com
> # o: Example Organization
> #
> # The 'organization' and 'dcObject' object classes and the 'dc' =20
> and 'o'
> # attribute types are described in [RFC4519].
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 3.6. friendlyCountry
> #
> # The 'friendlyCountry' object class is used to define entries
> # representing countries in the DIT. The object class is used to =20=
> allow
> # friendlier naming of countries than that allowed by the object =20=
> class
> # 'country' [RFC4519].
> #
>
> objectclass ( 0.9.2342.19200300.100.4.18
> NAME 'friendlyCountry'
> SUP country STRUCTURAL
> MUST co )
>
> #
> # The 'country' object class is described in [RFC4519]. The 'co'
> # attribute type is described in Section 2 of this document.
> #
> # Example:
> #
> # dn: c=3DDE
> # objectClass: country
> # objectClass: friendlyCountry
> # c: DE
> # co: Deutschland
> # co: Germany
> # co: Federal Republic of Germany
> # co: FRG
> #
> # The 'c' attribute type is described in [RFC4519].
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 3.7. rFC822LocalPart
> #
> # The 'rFC822LocalPart' object class is used to define entries that
> # represent the local part of Internet mail addresses [RFC2822]. =20=
> This
> # treats the local part of the address as a 'domain' object.
> #
>
> objectclass ( 0.9.2342.19200300.100.4.14
> NAME 'rFC822localPart'
> SUP domain STRUCTURAL
> MAY ( cn $ description $ destinationIndicator $
> facsimileTelephoneNumber $ internationaliSDNNumber $
> physicalDeliveryOfficeName $ postalAddress $ postalCode $
> postOfficeBox $ preferredDeliveryMethod $ registeredAddress $
> seeAlso $ sn $ street $ telephoneNumber $
> teletexTerminalIdentifier $ telexNumber $ x121Address ) )
>
> #
> # The 'domain' object class is described in Section 3.4 of this
> # document. The 'cn', 'description', 'destinationIndicator',
> # 'facsimileTelephoneNumber', 'internationaliSDNNumber,
> # 'physicalDeliveryOfficeName', 'postalAddress', 'postalCode',
> # 'postOfficeBox', 'preferredDeliveryMethod', 'registeredAddress',
> # 'seeAlso', 'sn, 'street', 'telephoneNumber',
> # 'teletexTerminalIdentifier', 'telexNumber', and 'x121Address'
> # attribute types are described in [RFC4519].
> #
> # Example:
> #
> # dn: dc=3Dkdz,dc=3Dexample,dc=3Dcom
> # objectClass: domain
> # objectClass: rFC822LocalPart
> # dc: kdz
> # associatedName: cn=3DKurt D. =20
> Zeilenga,cn=3DPersons,dc=3DExample,dc=3DCOM
> #
> # The 'dc' attribute type is described in [RFC4519].
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 3.8. room
> #
> # The 'room' object class is used to define entries representing =20=
> rooms.
> # The 'cn' (commonName) attribute SHOULD be used for naming =20
> entries of
> # this object class.
> #
>
> objectclass ( 0.9.2342.19200300.100.4.7
> NAME 'room'
> SUP top STRUCTURAL
> MUST cn
> MAY ( roomNumber $ description $ seeAlso $ telephoneNumber ) )
>
> #
> # The 'top' object class is described in [RFC4512]. The 'cn',
> # 'description', 'seeAlso', and 'telephoneNumber' attribute types =20=
> are
> # described in [RFC4519]. The 'roomNumber' attribute type is =20
> described
> # in Section 2 of this document.
> #
> # dn: cn=3Dconference room,dc=3Dexample,dc=3Dcom
> # objectClass: room
> # cn: conference room
> # telephoneNumber: +1 755 555 1111
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # 3.9. simpleSecurityObject
> #
> # The 'simpleSecurityObject' object class is used to require an =20
> entry
> # to have a 'userPassword' attribute when the entry's structural =20=
> object
> # class does not require (or allow) the 'userPassword attribute'.
> #
> # (OpenLDAP-specific: Declared in core.schema)
> # objectclass ( 0.9.2342.19200300.100.4.19
> # NAME 'simpleSecurityObject'
> # SUP top AUXILIARY
> # MUST userPassword )
> #
> # The 'top' object class is described in [RFC4512]. The =20
> 'userPassword'
> # attribute type is described in [RFC4519].
> #
> # dn: dc=3Dkdz,dc=3DExample,dc=3DCOM
> # objectClass: account
> # objectClass: simpleSecurityObject
> # uid: kdz
> # userPassword: My Password
> # seeAlso: cn=3DKurt D. Zeilenga,cn=3DPersons,dc=3DExample,dc=3DCO=
M
> #
>
> # =20
> =
--------------------------------------------------------------------------=
> # Object classes from RFC 1274 which are missing in RFC 4524
> # =20
> =
--------------------------------------------------------------------------=
> #
> # 8.3.2. Pilot Person
> #
> # The PilotPerson object class is used as a sub-class of person, to
> # allow the use of a number of additional attributes to be assigned =20=
> to
> # entries of object class person.
> #
> # pilotPerson OBJECT-CLASS
> # SUBCLASS OF person
> # MAY CONTAIN {
> # userid,
> # textEncodedORAddress,
> # rfc822Mailbox,
> # favouriteDrink,
> # roomNumber,
> # userClass,
> # homeTelephoneNumber,
> # homePostalAddress,
> # secretary,
> # personalTitle,
> # preferredDeliveryMethod,
> # businessCategory,
> # janetMailbox,
> # otherMailbox,
> # mobileTelephoneNumber,
> # pagerTelephoneNumber,
> # organizationalStatus,
> # mailPreferenceOption,
> # personalSignature}
> # ::=3D {pilotObjectClass 4}
> #
>
> objectclass ( 0.9.2342.19200300.100.4.4
> NAME ( 'pilotPerson' 'newPilotPerson' )
> SUP person STRUCTURAL
> MAY ( userid $ textEncodedORAddress $ rfc822Mailbox $
> favouriteDrink $ roomNumber $ userClass $
> homeTelephoneNumber $ homePostalAddress $ secretary $
> personalTitle $ preferredDeliveryMethod $ businessCategory $
> janetMailbox $ otherMailbox $ mobileTelephoneNumber $
> pagerTelephoneNumber $ organizationalStatus $
> mailPreferenceOption $ personalSignature ) )
>
> # 8.3.9. DNS Domain
> #
> # The DNS Domain (Domain NameServer) object class is used to define
> # entries for DNS domains. The usage of this object class is =20
> described
> # in more detail in [3].
> #
> # dNSDomain OBJECT-CLASS
> # SUBCLASS OF domain
> # MAY CONTAIN {
> # ARecord,
> # MDRecord,
> # MXRecord,
> # NSRecord,
> # SOARecord,
> # CNAMERecord}
> # ::=3D {pilotObjectClass 15}
> #
>
> objectclass ( 0.9.2342.19200300.100.4.15
> NAME 'dNSDomain'
> SUP domain STRUCTURAL
> MAY ( ARecord $ MDRecord $ MXRecord $ NSRecord $
> SOARecord $ CNAMERecord ) )
>
>
> --------------080004030402080700020504--
>
>