1 """
2 Test cases for ldaptor.schema module.
3 """
4
5 from twisted.trial import unittest
6 from ldaptor import schema
7
8 OBJECTCLASSES = {
9 'organization': """( 2.5.6.4 NAME 'organization'
10 DESC 'RFC2256: an organization'
11 SUP top STRUCTURAL
12 MUST o
13 MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
14 x121Address $ registeredAddress $ destinationIndicator $
15 preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
16 telephoneNumber $ internationaliSDNNumber $
17 facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
18 postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) )""",
19
20 'organizationalUnit': """( 2.5.6.5 NAME 'organizationalUnit'
21 DESC 'RFC2256: an organizational unit'
22 SUP top STRUCTURAL
23 MUST ou
24 MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
25 x121Address $ registeredAddress $ destinationIndicator $
26 preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
27 telephoneNumber $ internationaliSDNNumber $
28 facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
29 postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) )""",
30
31 'country': """( 2.5.6.2 NAME 'country'
32 DESC 'RFC2256: a country'
33 SUP top STRUCTURAL
34 MUST c
35 MAY ( searchGuide $ description ) )""",
36 }
37
39 knownValues = [
40
41 ("""( 2.5.4.4 NAME ( 'sn' 'surname' )
42 DESC 'RFC2256: last (family) name(s) for which the entity is known by'
43 SUP name )""",
44 { 'oid': '2.5.4.4',
45 'name': ('sn', 'surname',),
46 'desc': 'RFC2256: last (family) name(s) for which the entity is known by',
47 'sup': 'name',
48 }),
49
50 ("""( 2.5.4.2 NAME 'knowledgeInformation'
51 DESC 'RFC2256: knowledge information'
52 EQUALITY caseIgnoreMatch
53 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )""",
54 { 'oid': '2.5.4.2',
55 'name': ('knowledgeInformation',),
56 'desc': 'RFC2256: knowledge information',
57 'equality': 'caseIgnoreMatch',
58 'syntax': '1.3.6.1.4.1.1466.115.121.1.15{32768}',
59 }),
60
61 ("""( 2.5.4.5 NAME 'serialNumber'
62 DESC 'RFC2256: serial number of the entity'
63 EQUALITY caseIgnoreMatch
64 SUBSTR caseIgnoreSubstringsMatch
65 SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} )""",
66 { 'oid': '2.5.4.5',
67 'name': ('serialNumber',),
68 'desc': 'RFC2256: serial number of the entity',
69 'equality': 'caseIgnoreMatch',
70 'substr': 'caseIgnoreSubstringsMatch',
71 'syntax': '1.3.6.1.4.1.1466.115.121.1.44{64}',
72 }),
73
74
75 ("""( 2.5.4.6 NAME ( 'c' 'countryName' )
76 DESC 'RFC2256: ISO-3166 country 2-letter code'
77 SUP name SINGLE-VALUE )""",
78 { 'oid': '2.5.4.6',
79 'name': ('c', 'countryName',),
80 'desc': 'RFC2256: ISO-3166 country 2-letter code',
81 'sup': 'name',
82 'single_value': 1,
83 }),
84
85 ("""( 1.2.840.113549.1.9.1
86 NAME ( 'email' 'emailAddress' 'pkcs9email' )
87 DESC 'RFC2459: legacy attribute for email addresses in DNs'
88 EQUALITY caseIgnoreIA5Match
89 SUBSTR caseIgnoreIA5SubstringsMatch
90 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )""",
91 { 'oid': '1.2.840.113549.1.9.1',
92 'name': ('email', 'emailAddress', 'pkcs9email', ),
93 'desc': 'RFC2459: legacy attribute for email addresses in DNs',
94 'equality': 'caseIgnoreIA5Match',
95 'substr': 'caseIgnoreIA5SubstringsMatch',
96 'syntax': '1.3.6.1.4.1.1466.115.121.1.26{128}',
97 }),
98
99 ]
100
102 defaults = {
103 'name': None,
104 'desc': None,
105 'obsolete': 0,
106 'sup': [],
107 'equality': None,
108 'ordering': None,
109 'substr': None,
110 'syntax': None,
111 'single_value': 0,
112 'collective': 0,
113 'no_user_modification': 0,
114 'usage': None,
115 }
116 for text, expected in self.knownValues:
117 a=schema.AttributeTypeDescription(text)
118 self.failIfEqual(a.oid, None)
119 for key, want in expected.items():
120 if key in defaults:
121 del defaults[key]
122 got = getattr(a, key)
123 self.assertEquals(got, want)
124
125 for key, want in defaults.items():
126 got = getattr(a, key)
127 self.assertEquals(got, want)
128
138
140 knownValues = [
141
142 (OBJECTCLASSES['organization'],
143 { 'oid': '2.5.6.4',
144 'name': ('organization',),
145 'desc': 'RFC2256: an organization',
146 'sup': ['top'],
147 'type': 'STRUCTURAL',
148 'must': ['o'],
149 'may': ['userPassword', 'searchGuide', 'seeAlso',
150 'businessCategory', 'x121Address', 'registeredAddress',
151 'destinationIndicator', 'preferredDeliveryMethod',
152 'telexNumber', 'teletexTerminalIdentifier',
153 'telephoneNumber', 'internationaliSDNNumber',
154 'facsimileTelephoneNumber', 'street', 'postOfficeBox',
155 'postalCode', 'postalAddress',
156 'physicalDeliveryOfficeName', 'st', 'l', 'description'],
157 }),
158
159 (OBJECTCLASSES['organizationalUnit'],
160 { 'oid': '2.5.6.5',
161 'name': ('organizationalUnit',),
162 'desc': 'RFC2256: an organizational unit',
163 'sup': ['top'],
164 'type': 'STRUCTURAL',
165 'must': ['ou'],
166 'may': [ 'userPassword', 'searchGuide', 'seeAlso',
167 'businessCategory', 'x121Address', 'registeredAddress',
168 'destinationIndicator', 'preferredDeliveryMethod',
169 'telexNumber', 'teletexTerminalIdentifier',
170 'telephoneNumber', 'internationaliSDNNumber',
171 'facsimileTelephoneNumber', 'street', 'postOfficeBox',
172 'postalCode', 'postalAddress', 'physicalDeliveryOfficeName',
173 'st', 'l', 'description', ],
174 }),
175
176
177 ]
178
180 defaults = {
181 'name': None,
182 'desc': None,
183 'obsolete': 0,
184 'sup': None,
185 'type': 'STRUCTURAL',
186 'must': [],
187 'may': [],
188 }
189 for text, expected in self.knownValues:
190 a=schema.ObjectClassDescription(text)
191 self.failIfEqual(a.oid, None)
192 for key, want in expected.items():
193 if key in defaults:
194 del defaults[key]
195 got = getattr(a, key)
196 self.assertEquals(got, want)
197
198 for key, want in defaults.items():
199 got = getattr(a, key)
200 self.assertEquals(got, want)
201
211
212
214 ORDER = [
215 'country',
216 'organization',
217 'organizationalUnit',
218 ]
224
226 for k1 in self.data:
227 for k2 in self.data:
228 if k1 == k2:
229 self.failUnless(self.data[k1] == self.data[k2])
230 else:
231 self.failIf(self.data[k1] == self.data[k2])
232
234 for k1 in self.data:
235 for k2 in self.data:
236 if k1 == k2:
237 self.failIf(self.data[k1] != self.data[k2])
238 else:
239 self.failUnless(self.data[k1] != self.data[k2])
240
242 for i,base in enumerate(self.ORDER):
243 self.failUnless(self.data[base] <= self.data[base])
244 self.failUnless(self.data[base] >= self.data[base])
245 self.failIf(self.data[base] < self.data[base])
246 self.failIf(self.data[base] > self.data[base])
247 for lower in self.ORDER[:i]:
248 self.failUnless(self.data[lower] < self.data[base])
249 self.failUnless(self.data[lower] <= self.data[base])
250 self.failIf(self.data[base] < self.data[lower])
251 self.failIf(self.data[base] <= self.data[lower])
252 for higher in self.ORDER[i+1:]:
253 self.failUnless(self.data[higher] > self.data[base])
254 self.failUnless(self.data[higher] >= self.data[base])
255 self.failIf(self.data[base] > self.data[higher])
256 self.failIf(self.data[base] >= self.data[higher])
257
258 """
259
260
261 attributetype ( 2.5.4.7 NAME ( 'l' 'localityName' )
262 DESC 'RFC2256: locality which this object resides in'
263 SUP name )
264
265 attributetype ( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' )
266 DESC 'RFC2256: state or province which this object resides in'
267 SUP name )
268
269 attributetype ( 2.5.4.9 NAME ( 'street' 'streetAddress' )
270 DESC 'RFC2256: street address of this object'
271 EQUALITY caseIgnoreMatch
272 SUBSTR caseIgnoreSubstringsMatch
273 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
274
275 attributetype ( 2.5.4.10 NAME ( 'o' 'organizationName' )
276 DESC 'RFC2256: organization this object belongs to'
277 SUP name )
278
279 attributetype ( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' )
280 DESC 'RFC2256: organizational unit this object belongs to'
281 SUP name )
282
283 attributetype ( 2.5.4.12 NAME 'title'
284 DESC 'RFC2256: title associated with the entity'
285 SUP name )
286
287 attributetype ( 2.5.4.13 NAME 'description'
288 DESC 'RFC2256: descriptive information'
289 EQUALITY caseIgnoreMatch
290 SUBSTR caseIgnoreSubstringsMatch
291 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} )
292
293 attributetype ( 2.5.4.14 NAME 'searchGuide'
294 DESC 'RFC2256: search guide, obsoleted by enhancedSearchGuide'
295 SYNTAX 1.3.6.1.4.1.1466.115.121.1.25 )
296
297 attributetype ( 2.5.4.15 NAME 'businessCategory'
298 DESC 'RFC2256: business category'
299 EQUALITY caseIgnoreMatch
300 SUBSTR caseIgnoreSubstringsMatch
301 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
302
303 attributetype ( 2.5.4.16 NAME 'postalAddress'
304 DESC 'RFC2256: postal address'
305 EQUALITY caseIgnoreListMatch
306 SUBSTR caseIgnoreListSubstringsMatch
307 SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
308
309 attributetype ( 2.5.4.17 NAME 'postalCode'
310 DESC 'RFC2256: postal code'
311 EQUALITY caseIgnoreMatch
312 SUBSTR caseIgnoreSubstringsMatch
313 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )
314
315 attributetype ( 2.5.4.18 NAME 'postOfficeBox'
316 DESC 'RFC2256: Post Office Box'
317 EQUALITY caseIgnoreMatch
318 SUBSTR caseIgnoreSubstringsMatch
319 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )
320
321 attributetype ( 2.5.4.19 NAME 'physicalDeliveryOfficeName'
322 DESC 'RFC2256: Physical Delivery Office Name'
323 EQUALITY caseIgnoreMatch
324 SUBSTR caseIgnoreSubstringsMatch
325 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
326
327 attributetype ( 2.5.4.20 NAME 'telephoneNumber'
328 DESC 'RFC2256: Telephone Number'
329 EQUALITY telephoneNumberMatch
330 SUBSTR telephoneNumberSubstringsMatch
331 SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} )
332
333 attributetype ( 2.5.4.21 NAME 'telexNumber'
334 DESC 'RFC2256: Telex Number'
335 SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 )
336
337 attributetype ( 2.5.4.22 NAME 'teletexTerminalIdentifier'
338 DESC 'RFC2256: Teletex Terminal Identifier'
339 SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 )
340
341 attributetype ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' )
342 DESC 'RFC2256: Facsimile (Fax) Telephone Number'
343 SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 )
344
345 attributetype ( 2.5.4.24 NAME 'x121Address'
346 DESC 'RFC2256: X.121 Address'
347 EQUALITY numericStringMatch
348 SUBSTR numericStringSubstringsMatch
349 SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} )
350
351 attributetype ( 2.5.4.25 NAME 'internationaliSDNNumber'
352 DESC 'RFC2256: international ISDN number'
353 EQUALITY numericStringMatch
354 SUBSTR numericStringSubstringsMatch
355 SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} )
356
357 attributetype ( 2.5.4.26 NAME 'registeredAddress'
358 DESC 'RFC2256: registered postal address'
359 SUP postalAddress
360 SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
361
362 attributetype ( 2.5.4.27 NAME 'destinationIndicator'
363 DESC 'RFC2256: destination indicator'
364 EQUALITY caseIgnoreMatch
365 SUBSTR caseIgnoreSubstringsMatch
366 SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} )
367
368 attributetype ( 2.5.4.28 NAME 'preferredDeliveryMethod'
369 DESC 'RFC2256: preferred delivery method'
370 SYNTAX 1.3.6.1.4.1.1466.115.121.1.14
371 SINGLE-VALUE )
372
373 attributetype ( 2.5.4.29 NAME 'presentationAddress'
374 DESC 'RFC2256: presentation address'
375 EQUALITY presentationAddressMatch
376 SYNTAX 1.3.6.1.4.1.1466.115.121.1.43
377 SINGLE-VALUE )
378
379 attributetype ( 2.5.4.30 NAME 'supportedApplicationContext'
380 DESC 'RFC2256: supported application context'
381 EQUALITY objectIdentifierMatch
382 SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
383
384 attributetype ( 2.5.4.31 NAME 'member'
385 DESC 'RFC2256: member of a group'
386 SUP distinguishedName )
387
388 attributetype ( 2.5.4.32 NAME 'owner'
389 DESC 'RFC2256: owner (of the object)'
390 SUP distinguishedName )
391
392 attributetype ( 2.5.4.33 NAME 'roleOccupant'
393 DESC 'RFC2256: occupant of role'
394 SUP distinguishedName )
395
396 attributetype ( 2.5.4.34 NAME 'seeAlso'
397 DESC 'RFC2256: DN of related object'
398 SUP distinguishedName )
399
400 attributetype ( 2.5.4.36 NAME 'userCertificate'
401 DESC 'RFC2256: X.509 user certificate, use ;binary'
402 SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
403
404 attributetype ( 2.5.4.37 NAME 'cACertificate'
405 DESC 'RFC2256: X.509 CA certificate, use ;binary'
406 SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
407
408 attributetype ( 2.5.4.38 NAME 'authorityRevocationList'
409 DESC 'RFC2256: X.509 authority revocation list, use ;binary'
410 SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
411
412 attributetype ( 2.5.4.39 NAME 'certificateRevocationList'
413 DESC 'RFC2256: X.509 certificate revocation list, use ;binary'
414 SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
415
416 attributetype ( 2.5.4.40 NAME 'crossCertificatePair'
417 DESC 'RFC2256: X.509 cross certificate pair, use ;binary'
418 SYNTAX 1.3.6.1.4.1.1466.115.121.1.10 )
419
420 attributetype ( 2.5.4.42 NAME ( 'givenName' 'gn' )
421 DESC 'RFC2256: first name(s) for which the entity is known by'
422 SUP name )
423
424 attributetype ( 2.5.4.43 NAME 'initials'
425 DESC 'RFC2256: initials of some or all of names, but not the surname(s).'
426 SUP name )
427
428 attributetype ( 2.5.4.44 NAME 'generationQualifier'
429 DESC 'RFC2256: name qualifier indicating a generation'
430 SUP name )
431
432 attributetype ( 2.5.4.45 NAME 'x500UniqueIdentifier'
433 DESC 'RFC2256: X.500 unique identifier'
434 EQUALITY bitStringMatch
435 SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 )
436
437 attributetype ( 2.5.4.46 NAME 'dnQualifier'
438 DESC 'RFC2256: DN qualifier'
439 EQUALITY caseIgnoreMatch
440 ORDERING caseIgnoreOrderingMatch
441 SUBSTR caseIgnoreSubstringsMatch
442 SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 )
443
444 attributetype ( 2.5.4.47 NAME 'enhancedSearchGuide'
445 DESC 'RFC2256: enhanced search guide'
446 SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 )
447
448 attributetype ( 2.5.4.48 NAME 'protocolInformation'
449 DESC 'RFC2256: protocol information'
450 EQUALITY protocolInformationMatch
451 SYNTAX 1.3.6.1.4.1.1466.115.121.1.42 )
452
453 attributetype ( 2.5.4.50 NAME 'uniqueMember'
454 DESC 'RFC2256: unique member of a group'
455 EQUALITY uniqueMemberMatch
456 SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 )
457
458 attributetype ( 2.5.4.51 NAME 'houseIdentifier'
459 DESC 'RFC2256: house identifier'
460 EQUALITY caseIgnoreMatch
461 SUBSTR caseIgnoreSubstringsMatch
462 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
463
464 attributetype ( 2.5.4.52 NAME 'supportedAlgorithms'
465 DESC 'RFC2256: supported algorithms'
466 SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 )
467
468 attributetype ( 2.5.4.53 NAME 'deltaRevocationList'
469 DESC 'RFC2256: delta revocation list; use ;binary'
470 SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
471
472 attributetype ( 2.5.4.54 NAME 'dmdName'
473 DESC 'RFC2256: name of DMD'
474 SUP name )
475
476
477
478
479 objectclass ( 2.5.6.3 NAME 'locality'
480 DESC 'RFC2256: a locality'
481 SUP top STRUCTURAL
482 MAY ( street $ seeAlso $ searchGuide $ st $ l $ description ) )
483
484
485 objectclass ( 2.5.6.6 NAME 'person'
486 DESC 'RFC2256: a person'
487 SUP top STRUCTURAL
488 MUST ( sn $ cn )
489 MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) )
490
491 objectclass ( 2.5.6.7 NAME 'organizationalPerson'
492 DESC 'RFC2256: an organizational person'
493 SUP person STRUCTURAL
494 MAY ( title $ x121Address $ registeredAddress $ destinationIndicator $
495 preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
496 telephoneNumber $ internationaliSDNNumber $
497 facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
498 postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l ) )
499
500 objectclass ( 2.5.6.8 NAME 'organizationalRole'
501 DESC 'RFC2256: an organizational role'
502 SUP top STRUCTURAL
503 MUST cn
504 MAY ( x121Address $ registeredAddress $ destinationIndicator $
505 preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
506 telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
507 seeAlso $ roleOccupant $ preferredDeliveryMethod $ street $
508 postOfficeBox $ postalCode $ postalAddress $
509 physicalDeliveryOfficeName $ ou $ st $ l $ description ) )
510
511 objectclass ( 2.5.6.9 NAME 'groupOfNames'
512 DESC 'RFC2256: a group of names (DNs)'
513 SUP top STRUCTURAL
514 MUST ( member $ cn )
515 MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) )
516
517 objectclass ( 2.5.6.10 NAME 'residentialPerson'
518 DESC 'RFC2256: an residential person'
519 SUP person STRUCTURAL
520 MUST l
521 MAY ( businessCategory $ x121Address $ registeredAddress $
522 destinationIndicator $ preferredDeliveryMethod $ telexNumber $
523 teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $
524 facsimileTelephoneNumber $ preferredDeliveryMethod $ street $
525 postOfficeBox $ postalCode $ postalAddress $
526 physicalDeliveryOfficeName $ st $ l ) )
527
528 objectclass ( 2.5.6.11 NAME 'applicationProcess'
529 DESC 'RFC2256: an application process'
530 SUP top STRUCTURAL
531 MUST cn
532 MAY ( seeAlso $ ou $ l $ description ) )
533
534 objectclass ( 2.5.6.12 NAME 'applicationEntity'
535 DESC 'RFC2256: an application entity'
536 SUP top STRUCTURAL
537 MUST ( presentationAddress $ cn )
538 MAY ( supportedApplicationContext $ seeAlso $ ou $ o $ l $
539 description ) )
540
541 objectclass ( 2.5.6.13 NAME 'dSA'
542 DESC 'RFC2256: a directory system agent (a server)'
543 SUP applicationEntity STRUCTURAL
544 MAY knowledgeInformation )
545
546 objectclass ( 2.5.6.14 NAME 'device'
547 DESC 'RFC2256: a device'
548 SUP top STRUCTURAL
549 MUST cn
550 MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l $ description ) )
551
552 objectclass ( 2.5.6.15 NAME 'strongAuthenticationUser'
553 DESC 'RFC2256: a strong authentication user'
554 SUP top AUXILIARY
555 MUST userCertificate )
556
557 objectclass ( 2.5.6.16 NAME 'certificationAuthority'
558 DESC 'RFC2256: a certificate authority'
559 SUP top AUXILIARY
560 MUST ( authorityRevocationList $ certificateRevocationList $
561 cACertificate ) MAY crossCertificatePair )
562
563 objectclass ( 2.5.6.17 NAME 'groupOfUniqueNames'
564 DESC 'RFC2256: a group of unique names (DN and Unique Identifier)'
565 SUP top STRUCTURAL
566 MUST ( uniqueMember $ cn )
567 MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) )
568
569 objectclass ( 2.5.6.18 NAME 'userSecurityInformation'
570 DESC 'RFC2256: a user security information'
571 SUP top AUXILIARY
572 MAY ( supportedAlgorithms ) )
573
574 objectclass ( 2.5.6.16.2 NAME 'certificationAuthority-V2'
575 SUP certificationAuthority
576 AUXILIARY MAY ( deltaRevocationList ) )
577
578 objectclass ( 2.5.6.19 NAME 'cRLDistributionPoint'
579 SUP top STRUCTURAL
580 MUST ( cn )
581 MAY ( certificateRevocationList $ authorityRevocationList $
582 deltaRevocationList ) )
583
584 objectclass ( 2.5.6.20 NAME 'dmd'
585 SUP top STRUCTURAL
586 MUST ( dmdName )
587 MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
588 x121Address $ registeredAddress $ destinationIndicator $
589 preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
590 telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
591 street $ postOfficeBox $ postalCode $ postalAddress $
592 physicalDeliveryOfficeName $ st $ l $ description ) )
593
594 objectclass ( 2.5.6.21 NAME 'pkiUser'
595 DESC 'RFC2587: a PKI user'
596 SUP top AUXILIARY
597 MAY userCertificate )
598
599 objectclass ( 2.5.6.22 NAME 'pkiCA'
600 DESC 'RFC2587: PKI certificate authority'
601 SUP top AUXILIARY
602 MAY ( authorityRevocationList $ certificateRevocationList $
603 cACertificate $ crossCertificatePair ) )
604
605 objectclass ( 2.5.6.23 NAME 'deltaCRL'
606 DESC 'RFC2587: PKI user'
607 SUP top AUXILIARY
608 MAY deltaRevocationList )
609
610 attributetype ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI'
611 DESC 'RFC2079: Uniform Resource Identifier with optional label'
612 EQUALITY caseExactMatch
613 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
614
615 objectclass ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject'
616 DESC 'RFC2079: object that contains the URI attribute type'
617 MAY ( labeledURI )
618 SUP top AUXILIARY )
619
620 attributetype ( 0.9.2342.19200300.100.1.1
621 NAME ( 'uid' 'userid' )
622 DESC 'RFC1274: user identifier'
623 EQUALITY caseIgnoreMatch
624 SUBSTR caseIgnoreSubstringsMatch
625 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
626
627 attributetype ( 0.9.2342.19200300.100.1.3
628 NAME ( 'mail' 'rfc822Mailbox' )
629 DESC 'RFC1274: RFC822 Mailbox'
630 EQUALITY caseIgnoreIA5Match
631 SUBSTR caseIgnoreIA5SubstringsMatch
632 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
633
634 objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject'
635 DESC 'RFC1274: simple security object'
636 SUP top AUXILIARY
637 MUST userPassword )
638
639 attributetype ( 0.9.2342.19200300.100.1.25
640 NAME ( 'dc' 'domainComponent' )
641 DESC 'RFC1274/2247: domain component'
642 EQUALITY caseIgnoreIA5Match
643 SUBSTR caseIgnoreIA5SubstringsMatch
644 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
645
646 objectclass ( 1.3.6.1.4.1.1466.344 NAME 'dcObject'
647 DESC 'RFC2247: domain component object'
648 SUP top AUXILIARY MUST dc )
649
650 objectclass ( 1.3.6.1.1.3.1 NAME 'uidObject'
651 DESC 'RFC2377: uid object'
652 SUP top AUXILIARY MUST uid )
653
654 attributetype ( 0.9.2342.19200300.100.1.37
655 NAME 'associatedDomain'
656 DESC 'RFC1274: domain associated with object'
657 EQUALITY caseIgnoreIA5Match
658 SUBSTR caseIgnoreIA5SubstringsMatch
659 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
660
661 """
662