#
# eduPerson Objectclass 200806 (30 June 2008)
#
# See http://www.educause.edu/eduperson for background and usage
#
# eduPerson is an effort of Internet2 and EDUCAUSE
#
#
# Upgrade note: When modifying objectclass eduPerson --
# we first must delete the objectclass
# and then re-add -- make sure all replicas
# are functioning. Try to do this during
# an inactive period of services if possible.
#
# 1.3.6.1.4.1.5923 is the toplevel OID for this work
# .1 = MACE related work
# .1.1 = eduPerson
# .1.1.1 = attributes
# .1.1.2 = objectclass
# .1.1.3 = syntax (probably never used)
# .1.2 = eduOrg
# .1.2.1 = attributes
# .1.2.2 = objectclass
# .1.2.3 = syntax (probably never used)
#
# CHANGELOG
#
# Jul 20, 2000 (gettes@georgetown.edu) Original version
# Aug 17, 2000 (gettes@georgetown.edu) Added EPPNEphemeral
# also cleanup and initial documentation
# Jan 22, 2001 (gettes@georgetown.edu) Removed EPPNEphemeral
# EPPNephemeral not part of 1.0
# moved all OIDs below 5923.1
# Apr 29, 2002 Added EQUALITY specs for attrs (Rob Banz)
# (gettes) Added EPEntitlement & EPPrimaryOrgUnitDN
# (gettes) Expanded OID space to include eduOrg
# Oct 23, 2002 (gettes) tabs go to spaces
# Fixed EQUALITY lines with trailing space
# Nov 9, 2011 (dgersic@niu.edu) Updated to 200806
# Updated comments.
# Commented out delete attributes needed only for upgrades
# so as to make new installations of this schema easier.
#
#
# USAGE:
#
# This LDIF file makes modifications to the cn=schema tree
# which should modify the user portion of the schema of your
# directory (if that concept exists). The LDIF is constructed
# to perform this modification in one update. Should any portion
# fail, then the entire update will fail and no change should be
# made. The first part of the LDIF is to delete any attributes
# that may have already been defined so that they can be readded
# in the next section. Same methodology applies to the objectclasses
# which follows.
#
# This file contains lines with trailing spaces so that continuation
# of lines work properly. Please make sure this is respected or you
# may have difficulty in applying the LDIF.
#
dn: cn=schema
changetype: modify
#
# if you need to change the definition of an attribute,
# then first delete and re-add in one step
#
# if this is not the first time you are adding the eduPerson
# objectclass using this LDIF file, then you should uncomment
# out the delete attributetypes modifications.
#
# "eduPerson" attributes
#
# <-- Begin Uncomment Deletes
# delete: attributetypes
# attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.1 NAME 'eduPersonAffiliation' )
# attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.2 NAME 'eduPersonNickname' )
# attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.3 NAME 'eduPersonOrgDN' )
# attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.4 NAME 'eduPersonOrgUnitDN' )
# attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.5 NAME 'eduPersonPrimaryAffiliation' )
# attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.6 NAME 'eduPersonPrincipalName' )
# attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.7 NAME 'eduPersonEntitlement' )
# attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.8 NAME 'eduPersonPrimaryOrgUnitDN' )
# -
# <-- End Uncomment Deletes
#
# re-add the attributes -- in case there is a change of definition
#
#
# "eduPerson" attributes
#
add: attributetypes
attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.1
NAME 'eduPersonAffiliation'
DESC 'eduPerson per Internet2 and EDUCAUSE'
EQUALITY caseIgnoreMatch
SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.2
NAME 'eduPersonNickname'
DESC 'eduPerson per Internet2 and EDUCAUSE'
EQUALITY caseIgnoreMatch
SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.3
NAME 'eduPersonOrgDN'
DESC 'eduPerson per Internet2 and EDUCAUSE'
EQUALITY distinguishedNameMatch
SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE )
attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.4
NAME 'eduPersonOrgUnitDN'
DESC 'eduPerson per Internet2 and EDUCAUSE'
EQUALITY distinguishedNameMatch
SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' )
attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.5
NAME 'eduPersonPrimaryAffiliation'
DESC 'eduPerson per Internet2 and EDUCAUSE'
EQUALITY caseIgnoreMatch
SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.6
NAME 'eduPersonPrincipalName'
DESC 'eduPerson per Internet2 and EDUCAUSE'
EQUALITY caseIgnoreMatch
SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.7
NAME 'eduPersonEntitlement'
DESC 'eduPerson per Internet2 and EDUCAUSE'
EQUALITY caseExactMatch
SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.8
NAME 'eduPersonPrimaryOrgUnitDN'
DESC 'eduPerson per Internet2 and EDUCAUSE'
EQUALITY distinguishedNameMatch
SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE)
attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.9
NAME 'eduPersonScopedAffiliation'
DESC 'eduPerson per Internet2 and EDUCAUSE'
EQUALITY caseIgnoreMatch
SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.10
NAME 'eduPersonTargetedID'
DESC 'eduPerson per Internet2 and EDUCAUSE'
EQUALITY caseIgnoreMatch
SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.11
NAME 'eduPersonAssurance'
DESC 'eduPerson per Internet2 and EDUCAUSE'
EQUALITY caseIgnoreMatch
SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
-
#
# eduPerson objectclass definition
# can only be done after attributes established
#
# if this is not the first time you are adding the eduPerson
# objectclass using this LDIF file, then you should uncomment
# out the delete objectclasses modification.
#
# <-- Begin Uncomment Deletes
# delete: objectclasses
# objectclasses: ( 1.3.6.1.4.1.5923.1.1.2
# NAME 'eduPerson'
# )
# -
# <-- End Uncomment Deletes
#
# now re-add the objectclass properly defined.
#
add: objectclasses
objectclasses: ( 1.3.6.1.4.1.5923.1.1.2
NAME 'eduPerson'
DESC 'eduPerson per Internet2 and EDUCAUSE'
AUXILIARY
MAY ( eduPersonAffiliation $ eduPersonNickname $
eduPersonOrgDN $ eduPersonOrgUnitDN $
eduPersonPrimaryAffiliation $ eduPersonPrincipalName $
eduPersonEntitlement $ eduPersonPrimaryOrgUnitDN $
eduPersonScopedAffiliation $ eduPersonTargetedID $
eduPersonAssurance
))
-
#
# end of LDIF
#
|