# $HeadURL: https://svn.oucs.ox.ac.uk/sites/www.oucs.ox.ac.uk/preview/services/oak/sp/ldap/oak.schema $ # $LastChangedRevision: 104273 $ # $LastChangedDate: 2009-12-04 13:27:00 +0000 (Fri, 04 Dec 2009) $ # $LastChangedBy: tom $ # # If you are including this file, you will also need to include # # core.schema, for organizationalPerson # inetorgperson.schema, for inetOrgPerson # cosine.schema, for the personalTitle attribute type # 1.3.6.1.4.1.11023.1.1.7 is reserved for Oak, see # . objectIdentifier oakRoot 1.3.6.1.4.1.11023.1.1.7 objectIdentifier oakThisVersion 1.3.6.1.4.1.11023.1.1.7.2 objectIdentifier oakAttributeTypes 1.3.6.1.4.1.11023.1.1.7.2.1 objectIdentifier oakObjectClasses 1.3.6.1.4.1.11023.1.1.7.2.2 objectIdentifier syntaxDN 1.3.6.1.4.1.1466.115.121.1.12 objectIdentifier syntaxDirectoryString 1.3.6.1.4.1.1466.115.121.1.15 objectIdentifier syntaxGeneralizedTime 1.3.6.1.4.1.1466.115.121.1.24 objectIdentifier syntaxIA5String 1.3.6.1.4.1.1466.115.121.1.26 objectIdentifier syntaxInteger 1.3.6.1.4.1.1466.115.121.1.27 attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.1 NAME 'oakInternalID' DESC 'Unique identifier, internal to Oak system' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseExactMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.2 NAME 'oakPrincipal' DESC 'DN of principal entry owned by this person' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 EQUALITY distinguishedNameMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.3 NAME 'oakPrimaryPrincipal' DESC 'DN of primary principal entry owned by this person' SUP oakPrincipal SINGLE-VALUE ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.4 NAME 'dateOfBirth' DESC 'Date of Birth' SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.5 NAME 'oakCardExpiry' DESC 'Card Expiry Date' SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.6 NAME 'oakStatus' DESC 'Status' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.7 NAME 'oakUniversityBarcode' DESC 'University Barcode' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE EQUALITY integerMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.8 NAME 'oakUniversityBarcodeCheckCharacter' DESC 'University Barcode Check Character' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{1} SINGLE-VALUE EQUALITY caseIgnoreIA5Match ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.9 NAME 'oakUniversityBarcodeFull' DESC 'University Barcode Including Check Character' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE EQUALITY caseIgnoreIA5Match ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.10 NAME 'oakAlternativeMail' DESC 'RFC822 Mailbox' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.11 NAME 'memberOf' DESC 'DN of group of which this person is a member' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 EQUALITY distinguishedNameMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.12 NAME 'oakPerson' DESC 'DN of person who owns this principal' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE EQUALITY distinguishedNameMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.13 NAME 'oakRole' DESC 'name of role' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseExactMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.14 NAME 'oakMailDomain' DESC 'mail domain' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 EQUALITY caseIgnoreIA5Match ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.15 NAME 'oakPreferredMailDomain' DESC 'preferred mail domain' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE EQUALITY caseIgnoreIA5Match ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.16 NAME 'oakSuperUnit' DESC 'Oxford Super Unit' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.17 NAME 'oakDivision' DESC 'Oxford Division' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.18 NAME 'oakUnitURI' DESC 'Uniform Resource Identifier' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseExactMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.19 NAME 'oakITSSFor' DESC 'DN of Unit' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 EQUALITY distinguishedNameMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.20 NAME 'oakPrimaryITSSFor' DESC 'DN of Unit' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 EQUALITY distinguishedNameMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.21 NAME 'oakGN' DESC 'Group Name' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseExactMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.22 NAME 'oakAccessGroup' DESC 'Internal Access Group Name (Private)' SUP oakGN ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.23 NAME 'oakUnitCode' DESC 'Unit Code' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseExactMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.24 NAME 'oakPrimaryPersonID' DESC 'Unique person identifier' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseExactMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.25 NAME 'oakPersonID' DESC 'Multivalued person identifier to handle merged records' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseExactMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.26 NAME 'oakOSSCurrentYear' DESC 'Current academic year.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 EQUALITY integerMatch ORDERING integerOrderingMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.27 NAME 'oakOSSFinalist' DESC 'True if the student is a finalist.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 EQUALITY booleanMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.28 NAME 'oakGender' DESC 'Gender.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseExactMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.29 NAME 'oakOSSID' DESC 'Unique identifier for people with a record in the Oxford Student System.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseExactMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.30 NAME 'oakOSSProgramAttempt' DESC 'Program attempt status, as held by OSS.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseExactMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.31 NAME 'oakOSSStartYear' DESC 'Year in which this student started this program.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 EQUALITY integerMatch ORDERING integerOrderingMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.32 NAME 'oakOSSYearOfStudy' DESC 'Year of study for this student on this program.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 EQUALITY integerMatch ORDERING integerOrderingMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.33 NAME 'oakOSSCourse' DESC 'Course-related groups of which this person is a member.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 EQUALITY distinguishedNameMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.34 NAME 'oakUniversityCardID' DESC 'Unique identifier from the University Card database.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseExactMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.35 NAME 'oakOSSCourseType' DESC 'Course type.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseExactMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.36 NAME 'oakOSSCourseCode' DESC 'Course code.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseExactMatch SUBSTR caseIgnoreSubstringsMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.37 NAME 'oakOSSCourseDegree' DESC 'Degree type.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseExactMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.38 NAME 'oakOSSCourseAbbreviation' DESC 'Course abbreviation.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseExactMatch SUBSTR caseIgnoreSubstringsMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.39 NAME 'oakOSSCourseLength' DESC 'Course length in months.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 EQUALITY integerMatch ORDERING integerOrderingMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.40 NAME 'oakOSSUnitCode' DESC 'Unit code as assigned by OSS.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseExactMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.41 NAME 'oakOSSCourseStatus' DESC 'Course status.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseExactMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.42 NAME 'oakOSSCourseShortName' DESC 'Course short name.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseExactMatch SUBSTR caseIgnoreSubstringsMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.43 NAME 'oakOSSUnitName' DESC 'Name of unit providing course, as assigned by OSS.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseExactMatch SUBSTR caseIgnoreSubstringsMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.44 NAME 'oakOSSCourseLongName' DESC 'Course full name.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseExactMatch SUBSTR caseIgnoreSubstringsMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.45 NAME 'oakWeblearnGroupName' DESC 'Old style weblearn courses group name.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseExactMatch SUBSTR caseIgnoreSubstringsMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.46 NAME 'oakOUCSProvisionedUsername' DESC 'Username for provisioning as managed by OUCS registration.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseExactMatch SUBSTR caseExactSubstringsMatch ) attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.47 NAME 'oakOxfordSSOUsername' DESC 'Username for provisioning as managed by OUCS registration.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseExactMatch SUBSTR caseExactSubstringsMatch ) objectClass ( 1.3.6.1.4.1.11023.1.1.7.2.2.1 NAME 'oakObject' DESC 'University of Oxford LDAP Directory Object' SUP top ABSTRACT MUST displayName MAY cn ) objectClass ( 1.3.6.1.4.1.11023.1.1.7.2.2.2 NAME 'oakPersonAbs' DESC 'University of Oxford Person -- Abstract Class' SUP oakObject ABSTRACT MUST oakPrimaryPersonID MAY ( oakPersonID $ memberOf $ personalTitle $ dateOfBirth $ oakPrincipal $ oakPrimaryPrincipal $ oakCardExpiry $ oakStatus $ oakAlternativeMail $ oakUniversityBarcode $ oakUniversityBarcodeCheckCharacter $ oakUniversityBarcodeFull $ oakITSSFor $ oakPrimaryITSSFor $ oakGender $ oakOSSID $ oakUniversityCardID $ oakOUCSProvisionedUsername $ oakOxfordSSOUsername ) ) objectClass ( 1.3.6.1.4.1.11023.1.1.7.2.2.3 NAME 'oakPerson' DESC 'University of Oxford Person' SUP ( inetOrgPerson $ oakPersonAbs ) STRUCTURAL ) objectClass ( 1.3.6.1.4.1.11023.1.1.7.2.2.4 NAME 'oakPrincipalAbs' DESC 'University of Oxford Account Principal -- Abstract Class' SUP oakObject ABSTRACT MAY ( oakPerson $ mail ) ) objectClass ( 1.3.6.1.4.1.11023.1.1.7.2.2.5 NAME 'oakPrincipal' DESC 'University of Oxford Account Principal' SUP oakPrincipalAbs STRUCTURAL ) objectClass ( 1.3.6.1.4.1.11023.1.1.7.2.2.6 NAME 'oakGroupAbs' DESC 'University of Oxford Group -- Abstract Class' SUP oakObject ABSTRACT MAY ( oakGN $ member $ oakRole ) ) objectClass ( 1.3.6.1.4.1.11023.1.1.7.2.2.7 NAME 'oakGroup' DESC 'University of Oxford Group' SUP oakGroupAbs STRUCTURAL ) objectClass ( 1.3.6.1.4.1.11023.1.1.7.2.2.8 NAME 'oakOrganizationalUnitAbs' DESC 'University of Oxford Organizational Unit -- Abstract Class' SUP oakObject ABSTRACT MAY ( oakUnitCode $ oakMailDomain $ oakPreferredMailDomain $ oakSuperUnit $ oakDivision $ oakUnitURI $ mail $ cn ) ) objectClass ( 1.3.6.1.4.1.11023.1.1.7.2.2.9 NAME 'oakOrganizationalUnit' DESC 'University of Oxford Organizational Unit' SUP ( organizationalUnit $ oakOrganizationalUnitAbs $ oakGroupAbs ) STRUCTURAL ) objectClass ( 1.3.6.1.4.1.11023.1.1.7.2.2.10 NAME 'oakRealmAbs' DESC 'Authentication Realm -- Abstract Class' SUP oakObject ABSTRACT ) objectClass ( 1.3.6.1.4.1.11023.1.1.7.2.2.11 NAME 'oakRealm' DESC 'Authentication Realm' SUP oakRealmAbs AUXILIARY ) objectClass ( 1.3.6.1.4.1.11023.1.1.7.2.2.12 NAME 'oakAccessGroup' DESC 'OpenLDAP Internal Access Control Related Group' SUP oakObject STRUCTURAL MAY ( oakAccessGroup $ member ) ) objectClass ( 1.3.6.1.4.1.11023.1.1.7.2.2.13 NAME 'oakStructuralClass' DESC 'Oak structural class' SUP top STRUCTURAL MAY cn ) objectClass ( 1.3.6.1.4.1.11023.1.1.7.2.2.14 NAME 'oakInternalPrincipalAbs' DESC 'University of Oxford principal internal to LDAP -- Abstract Class' SUP oakPrincipalAbs ABSTRACT MAY userPassword ) objectClass ( 1.3.6.1.4.1.11023.1.1.7.2.2.15 NAME 'oakInternalPrincipal' DESC 'University of Oxford principal internal to LDAP' SUP oakInternalPrincipalAbs STRUCTURAL ) objectClass ( 1.3.6.1.4.1.11023.1.1.7.2.2.16 NAME 'oakOSSPersonAbs' DESC 'Person with a record on the Oxford Student System -- Abstract Class' SUP oakObject ABSTRACT MAY ( oakOSSCurrentYear $ oakOSSFinalist $ oakOSSID $ oakOSSProgramAttempt $ oakOSSStartYear $ oakOSSYearOfStudy $ oakOSSCourse ) ) objectClass ( 1.3.6.1.4.1.11023.1.1.7.2.2.17 NAME 'oakOSSPerson' DESC 'Person with records on the Oxford Student System' SUP oakOSSPersonAbs AUXILIARY ) objectClass ( 1.3.6.1.4.1.11023.1.1.7.2.2.18 NAME 'oakOSSCourseAbs' DESC 'Course as defined in the Oxford Student System -- Abstract Class' SUP oakObject ABSTRACT MAY ( oakOSSCourseType $ oakOSSCourseCode $ oakOSSCourseDegree $ oakOSSCourseAbbreviation $ oakOSSCourseLength $ oakOSSUnitCode $ oakOSSCourseStatus $ oakOSSCourseShortName $ oakOSSUnitName $ oakOSSCourseLongName ) ) objectClass ( 1.3.6.1.4.1.11023.1.1.7.2.2.19 NAME 'oakOSSCourse' DESC 'Course as defined in the Oxford Student System' SUP oakOSSCourseAbs AUXILIARY ) objectClass ( 1.3.6.1.4.1.11023.1.1.7.2.2.20 NAME 'oakWebLearnGroupAbs' DESC 'Group with extra attributes for Weblearn -- Abstract Class' SUP oakObject ABSTRACT MAY oakWebLearnGroupName ) objectClass ( 1.3.6.1.4.1.11023.1.1.7.2.2.21 NAME 'oakWebLearnGroup' DESC 'Group with extra attributes for Weblearn -- Auxiliary Class' SUP oakWebLearnGroupAbs AUXILIARY ) objectClass ( 1.3.6.1.4.1.11023.1.1.7.2.2.22 NAME 'oakPersonAux' DESC 'University of Oxford Person -- Auxiliary Class' SUP oakPersonAbs AUXILIARY ) objectClass ( 1.3.6.1.4.1.11023.1.1.7.2.2.23 NAME 'oakSkelPerson' DESC 'University of Oxford Person, Skeleton Record Only' SUP ( oakObject $ oakPersonAbs ) STRUCTURAL )