4. Principal Entries at krbPrincipalName=princname,cn=OX.AC.UK,cn=KerberosRealms,dc=oak,dc=ox,dc=ac,dc=uk

4.1. Example Entry

dn: krbPrincipalName=oucs0047@OX.AC.UK,cn=OX.AC.UK,cn=KerberosRealms,dc=oak,dc=ox,dc=ac,dc=uk
displayName: oucs0047
krbPrincipalName: oucs0047@OX.AC.UK
oakPerson: oakPrimaryPersonID=38463,ou=people,dc=oak,dc=ox,dc=ac,dc=uk
objectClass: krbPrincipalAux
objectClass: oakPrincipal

4.2. displayName Attribute Type

This is the part of the principal name before the realm. This used to be called the Oxford Username.

This standard attribute type is defined in the following places:

This attribute type's matching rule makes it case sensitive.

4.2.1. Example

displayName: oucs0047

4.2.2. Release Policy

4.3. krbPrincipalName Attribute Type

The full name of the principal, including the realm.

4.3.1. Example

krbPrincipalName: oucs0047@OX.AC.UK

4.3.2. Release Policy

4.4. oakPerson Attribute Type

DN reference to the Oak LDAP entry of the person who owns this principal

4.4.1. Example

oakPerson: oakPrimaryPersonID=38463,ou=people,dc=oak,dc=ox,dc=ac,dc=uk

4.4.2. OpenLDAP-Compatible Attribute Type Declaration

This is a locally-defined attribute type. Its definition from the schema follows, in an OpenLDAP-Compatible format.

attributeType ( 1.3.6.1.4.1.11023.1.1.7.2.1.12
    NAME          'oakPerson'
    DESC          'DN of person who owns this principal'
    SYNTAX        1.3.6.1.4.1.1466.115.121.1.12
    SINGLE-VALUE
    EQUALITY      distinguishedNameMatch
 )

4.4.3. Release Policy

4.5. objectClass Attribute Type

This standard attribute type is defined in the following places:

This attribute type's matching rule (see also RFC 4512 section-1.4 ) makes it case insensitive.

4.5.1. Example

objectClass: krbPrincipalAux
objectClass: oakPrincipal

4.5.2. Release Policy

Up: Contents Previous: 3. Unit Entries at oakUnitCode=code,ou=units,dc=oak,dc=ox,dc=ac,dc=uk Next: 5. Group Entries