[Pkg-openldap-devel] r1165 - openldap/vendor/openldap-release/servers/slapd/schema

vorlon at alioth.debian.org vorlon at alioth.debian.org
Mon Jul 7 01:03:22 UTC 2008


Author: vorlon
Date: 2008-07-07 01:03:22 +0000 (Mon, 07 Jul 2008)
New Revision: 1165

Removed:
   openldap/vendor/openldap-release/servers/slapd/schema/collective.schema
   openldap/vendor/openldap-release/servers/slapd/schema/corba.schema
   openldap/vendor/openldap-release/servers/slapd/schema/core.ldif
   openldap/vendor/openldap-release/servers/slapd/schema/core.schema
   openldap/vendor/openldap-release/servers/slapd/schema/cosine.schema
   openldap/vendor/openldap-release/servers/slapd/schema/java.schema
   openldap/vendor/openldap-release/servers/slapd/schema/ppolicy.schema
Log:
Load openldap2.3_2.4.10.orig into openldap-release.

Deleted: openldap/vendor/openldap-release/servers/slapd/schema/collective.schema
===================================================================
--- openldap/vendor/openldap-release/servers/slapd/schema/collective.schema	2008-07-07 00:16:51 UTC (rev 1164)
+++ openldap/vendor/openldap-release/servers/slapd/schema/collective.schema	2008-07-07 01:03:22 UTC (rev 1165)
@@ -1,190 +0,0 @@
-# collective.schema -- Collective attribute schema
-# $OpenLDAP: pkg/ldap/servers/slapd/schema/collective.schema,v 1.12.2.3 2008/02/11 23:26:49 kurt Exp $
-## This work is part of OpenLDAP Software <http://www.openldap.org/>.
-##
-## Copyright 1998-2008 The OpenLDAP Foundation.
-## All rights reserved.
-##
-## Redistribution and use in source and binary forms, with or without
-## modification, are permitted only as authorized by the OpenLDAP
-## Public License.
-##
-## A copy of this license is available in the file LICENSE in the
-## top-level directory of the distribution or, alternatively, at
-## <http://www.OpenLDAP.org/license.html>.
-#
-## Portions Copyright (C) The Internet Society (2003).
-## Please see full copyright statement below.
-
-# From RFC 3671 [portions trimmed]:
-# 	Collective Attributes in LDAP
-
-#Abstract
-#
-#  X.500 collective attributes allow common characteristics to be shared
-#  between collections of entries.  This document summarizes the X.500
-#  information model for collective attributes and describes use of
-#  collective attributes in LDAP (Lightweight Directory Access Protocol).
-#  This document provides schema definitions for collective attributes
-#  for use in LDAP.
-
-#3. Collective Attribute Types
-#
-#  A userApplications attribute type can be defined to be COLLECTIVE
-#  [RFC2252].  This indicates that the same attribute values will appear
-#  in the entries of an entry collection subject to the use of the
-#  collectiveExclusions attribute and other administrative controls.
-#
-#  Collective attribute types are commonly defined as subtypes of non-
-#  collective attribute types.  By convention, collective attributes are
-#  named by prefixing the name of their non-collective supertype with
-#  "c-".  For example, the collective telephone attribute is named
-#  c-TelephoneNumber after its non-collective supertype telephoneNumber.
-#
-#  Non-collective attributes types SHALL NOT subtype collective
-#  attributes.
-#
-#  Collective attributes SHALL NOT be SINGLE-VALUED.  Collective
-#  attribute types SHALL NOT appear in the attribute types of an object
-#  class definition.
-#
-#  Operational attributes SHALL NOT be defined to be collective.
-#
-#  The remainder of section provides a summary of collective attributes
-#  derived from those defined in [X.520].  Implementations of this
-#  specification SHOULD support the following collective attributes and
-#  MAY support additional collective attributes.
-#
-#
-#3.1. Collective Locality Name
-#
-#  The c-l attribute type specifies a locality name for a collection of
-#  entries.
-#
-attributeType      ( 2.5.4.7.1 NAME 'c-l'
-	SUP l COLLECTIVE )
-#
-#
-#3.2. Collective State or Province Name
-#
-#  The c-st attribute type specifies a state or province name for a
-#  collection of entries.
-#
-attributeType      ( 2.5.4.8.1 NAME 'c-st'
-	SUP st COLLECTIVE )
-#
-#
-#3.3. Collective Street Address
-#
-#  The c-street attribute type specifies a street address for a
-#  collection of entries.
-#
-attributeType      ( 2.5.4.9.1 NAME 'c-street'
-	SUP street COLLECTIVE )
-#
-#
-#3.4. Collective Organization Name
-#
-#  The c-o attribute type specifies an organization name for a collection
-#  of entries.
-#
-attributeType      ( 2.5.4.10.1 NAME 'c-o'
-	SUP o COLLECTIVE )
-#
-#
-#3.5. Collective Organizational Unit Name
-#
-#  The c-ou attribute type specifies an organizational unit name for a
-#  collection of entries.
-#
-attributeType      ( 2.5.4.11.1 NAME 'c-ou'
-	SUP ou COLLECTIVE )
-#
-#
-#3.6. Collective Postal Address
-#
-#  The c-PostalAddress attribute type specifies a postal address for a
-#  collection of entries.
-#
-attributeType      ( 2.5.4.16.1 NAME 'c-PostalAddress'
-	SUP postalAddress COLLECTIVE )
-#
-#
-#3.7. Collective Postal Code
-#
-#  The c-PostalCode attribute type specifies a postal code for a
-#  collection of entries.
-#
-attributeType      ( 2.5.4.17.1 NAME 'c-PostalCode'
-	SUP postalCode COLLECTIVE )
-#
-#
-#3.8. Collective Post Office Box
-#
-#  The c-PostOfficeBox attribute type specifies a post office box for a
-#  collection of entries.
-#
-attributeType ( 2.5.4.18.1 NAME 'c-PostOfficeBox'
-	SUP postOfficeBox COLLECTIVE )
-#
-#
-#3.9. Collective Physical Delivery Office Name
-#
-#  The c-PhysicalDeliveryOfficeName attribute type specifies a physical
-#  delivery office name for a collection of entries.
-#
-attributeType ( 2.5.4.19.1 NAME 'c-PhysicalDeliveryOfficeName'
-	SUP physicalDeliveryOfficeName COLLECTIVE )
-#
-#
-#3.10. Collective Telephone Number
-#
-#  The c-TelephoneNumber attribute type specifies a telephone number for
-#  a collection of entries.
-#
-attributeType ( 2.5.4.20.1 NAME 'c-TelephoneNumber'
-	SUP telephoneNumber COLLECTIVE )
-#
-#
-#3.11. Collective Telex Number
-#
-#  The c-TelexNumber attribute type specifies a telex number for a
-#  collection of entries.
-#
-attributeType ( 2.5.4.21.1 NAME 'c-TelexNumber'
-	SUP telexNumber COLLECTIVE )
-#
-#
-#3.13. Collective Facsimile Telephone Number
-#
-#  The c-FacsimileTelephoneNumber attribute type specifies a facsimile
-#  telephone number for a collection of entries.
-#
-attributeType ( 2.5.4.23.1 NAME 'c-FacsimileTelephoneNumber'
-	SUP facsimileTelephoneNumber COLLECTIVE )
-#
-#
-#3.14. Collective International ISDN Number
-#
-#  The c-InternationalISDNNumber attribute type specifies an
-#  international ISDN number for a collection of entries.
-#
-attributeType ( 2.5.4.25.1 NAME 'c-InternationalISDNNumber'
-	SUP internationalISDNNumber COLLECTIVE )
-
-# Full Copyright
-#
-# Copyright (C) The Internet Society (2003). All Rights Reserved.
-# 
-# This document and translations of it may be copied and furnished
-# to others, and derivative works that comment on or otherwise explain
-# it or assist in its implmentation may be prepared, copied, published
-# and distributed, in whole or in part, without restriction of any
-# kind, provided that the above copyright notice and this paragraph
-# are included on all such copies and derivative works.  However,
-# this document itself may not be modified in any way, such as by
-# removing the copyright notice or references to the Internet Society
-# or other Internet organizations, except as needed for the  purpose
-# of developing Internet standards in which case the procedures for
-# copyrights defined in the Internet Standards process must be followed,
-# or as required to translate it into languages other than English.

Deleted: openldap/vendor/openldap-release/servers/slapd/schema/corba.schema
===================================================================
--- openldap/vendor/openldap-release/servers/slapd/schema/corba.schema	2008-07-07 00:16:51 UTC (rev 1164)
+++ openldap/vendor/openldap-release/servers/slapd/schema/corba.schema	2008-07-07 01:03:22 UTC (rev 1165)
@@ -1,239 +0,0 @@
-# corba.schema -- Corba Object Schema
-#	depends upon core.schema
-# $OpenLDAP: pkg/ldap/servers/slapd/schema/corba.schema,v 1.7.2.3 2008/02/11 23:26:49 kurt Exp $
-# $OpenLDAP: pkg/ldap/servers/slapd/schema/corba.schema,v 1.7.2.3 2008/02/11 23:26:49 kurt Exp $
-## This work is part of OpenLDAP Software <http://www.openldap.org/>.
-##
-## Copyright 1998-2008 The OpenLDAP Foundation.
-## All rights reserved.
-##
-## Redistribution and use in source and binary forms, with or without
-## modification, are permitted only as authorized by the OpenLDAP
-## Public License.
-##
-## A copy of this license is available in the file LICENSE in the
-## top-level directory of the distribution or, alternatively, at
-## <http://www.OpenLDAP.org/license.html>.
-#
-## Portions Copyright (C) The Internet Society (1999).
-## Please see full copyright statement below.
-
-
-# Network Working Group                                            V. Ryan
-# Request for Comments: 2714                                        R. Lee
-# Category: Informational                                      S. Seligman
-#                                                   Sun Microsystems, Inc.
-#                                                             October 1999
-# 
-# 
-#   Schema for Representing CORBA Object References in an LDAP Directory
-# 
-# Status of this Memo
-# 
-#    This memo provides information for the Internet community.  It does
-#    not specify an Internet standard of any kind.  Distribution of this
-#    memo is unlimited.
-# 
-# Copyright Notice
-# 
-#    Copyright (C) The Internet Society (1999).  All Rights Reserved.
-# 
-# Abstract
-# 
-#    CORBA [CORBA] is the Common Object Request Broker Architecture
-#    defined by the Object Management Group. This document defines the
-#    schema for representing CORBA object references in an LDAP directory
-#    [LDAPv3].
-# 
-# [trimmed]
-
-# 3. Attribute Type Definitions
-# 
-#    The following attribute types are defined in this document:
-# 
-#        corbaIor
-#        corbaRepositoryId
-# 
-# 3.1 corbaIor
-# 
-#    This attribute stores the string representation of the interoperable
-#    object reference (IOR) for a CORBA object. An IOR is an opaque handle
-#    for the object which contains the information necessary to locate the
-#    object, even if the object is in another ORB.
-# 
-#    This attribute's syntax is 'IA5 String' and its case is
-#    insignificant.
-# 
-#    ( 1.3.6.1.4.1.42.2.27.4.1.14
-#     NAME 'corbaIor'
-#     DESC 'Stringified interoperable object reference of a CORBA object'
-#     EQUALITY caseIgnoreIA5Match
-#     SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
-#     SINGLE-VALUE
-#    )
-# 
-attributetype ( 1.3.6.1.4.1.42.2.27.4.1.14
-	NAME 'corbaIor'
-	DESC 'Stringified interoperable object reference of a CORBA object'
-	EQUALITY caseIgnoreIA5Match
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
-	SINGLE-VALUE )
-
-# 3.2 corbaRepositoryId
-# 
-#    Each CORBA interface has a unique "repository id" (also called "type
-#    id") that identifies the interface.  A CORBA object has one or more
-#    repository ids, one for each interface that it implements.
-# 
-#    The format of a repository id can be any string, but the OMG
-#    specifies four standard formats:
-# 
-#       a. IDL-style
-# 
-#        IDL:Prefix/ModuleName/InterfaceName:VersionNumber
-# 
-#    For example, the repository id for the "NamingContext" in OMG's COS
-#    Naming module is:  "IDL:omg.org/CosNaming/NamingContext:1.0".
-# 
-#       b. RMI-style
-# 
-#        RMI:ClassName:HashCode[:SUID]
-# 
-#    This format is used by RMI-IIOP remote objects [RMI-IIOP].
-#    "ClassName" is the fully qualified name of the class (for example,
-#    "java.lang.String"). "HashCode" is the object's hash code (that is,
-#    that obtained by invoking the "hashCode()" method).  "SUID" is the
-#    "stream unique identifier", which is a 64-bit number that uniquely
-#    identifies the serialization version of the class; SUID is optional
-#    in the repository id.
-# 
-#       c. DCE-style
-# 
-#        DCE:UUID
-# 
-#    This format is used for DCE/CORBA interoperability [CORBA-DCE].
-#    "UUID" represents a DCE UUID.
-# 
-#       d. "local"
-# 
-#    This format is defined by the local Object Request Broker (ORB).
-# 
-#    The corbaRepositoryId attribute is a multivalued attribute; each
-#    value records a single repository id of an interface implemented by
-#    the CORBA object.  This attribute need not contain a complete list of
-#    the interfaces implemented by the CORBA object.
-# 
-#    This attribute's syntax is 'Directory String' and its case is
-#    significant.  The values of this attribute are encoded using UTF-8.
-#    Some values may require translation from their native representation
-#    in order to be correctly encoded using UTF-8.
-# 
-#    ( 1.3.6.1.4.1.42.2.27.4.1.15
-#     NAME 'corbaRepositoryId'
-#     DESC 'Repository ids of interfaces implemented by a CORBA object'
-#     EQUALITY caseExactMatch
-#     SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
-#    )
-# 
-# 
-attributetype ( 1.3.6.1.4.1.42.2.27.4.1.15
-	NAME 'corbaRepositoryId'
-	DESC 'Repository ids of interfaces implemented by a CORBA object'
-	EQUALITY caseExactMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
-
-# 4. Object Class Definitions
-# 
-#    The following object classes are defined in this document:
-# 
-#        corbaContainer
-#        corbaObject
-#        corbaObjectReference
-# 
-# 4.1 corbaContainer
-# 
-#    This structural object class represents a container for a CORBA
-#    object.
-# 
-#    ( 1.3.6.1.4.1.42.2.27.4.2.10
-#     NAME 'corbaContainer'
-#     DESC 'Container for a CORBA object'
-#     SUP top
-#     STRUCTURAL
-#     MUST ( cn )
-#    )
-# 
-objectclass ( 1.3.6.1.4.1.42.2.27.4.2.10
-	NAME 'corbaContainer'
-	DESC 'Container for a CORBA object'
-	SUP top
-	STRUCTURAL
-	MUST cn )
-
-# 4.2 corbaObject
-# 
-#    This abstract object class is the root class for representing a CORBA
-#    object.
-# 
-#    ( 1.3.6.1.4.1.42.2.27.4.2.9
-#     NAME 'corbaObject'
-#     DESC 'CORBA object representation'
-#     SUP top
-#     ABSTRACT
-#     MAY ( corbaRepositoryId $ description )
-#    )
-# 
-objectclass ( 1.3.6.1.4.1.42.2.27.4.2.9
-	NAME 'corbaObject'
-	DESC 'CORBA object representation'
-	SUP top
-	ABSTRACT
-	MAY ( corbaRepositoryId $ description ) )
-
-# 4.3 corbaObjectReference
-# 
-#    This auxiliary object class represents a CORBA object reference.  It
-#    must be mixed in with a structural object class.
-# 
-#    ( 1.3.6.1.4.1.42.2.27.4.2.11
-#     NAME 'corbaObjectReference'
-#     DESC 'CORBA interoperable object reference'
-#     SUP corbaObject
-#     AUXILIARY
-#     MUST ( corbaIor )
-#    )
-# 
-objectclass ( 1.3.6.1.4.1.42.2.27.4.2.11
-	NAME 'corbaObjectReference'
-	DESC 'CORBA interoperable object reference'
-	SUP corbaObject
-	AUXILIARY
-	MUST corbaIor )
- 
-# 10.  Full Copyright Statement
-#
-#    Copyright (C) The Internet Society (1999).  All Rights Reserved.
-# 
-#    This document and translations of it may be copied and furnished to
-#    others, and derivative works that comment on or otherwise explain it
-#    or assist in its implementation may be prepared, copied, published
-#    and distributed, in whole or in part, without restriction of any
-#    kind, provided that the above copyright notice and this paragraph are
-#    included on all such copies and derivative works.  However, this
-#    document itself may not be modified in any way, such as by removing
-#    the copyright notice or references to the Internet Society or other
-#    Internet organizations, except as needed for the purpose of
-#    developing Internet standards in which case the procedures for
-#    copyrights defined in the Internet Standards process must be
-#    followed, or as required to translate it into languages other than
-#    English.
-# 
-#    The limited permissions granted above are perpetual and will not be
-#    revoked by the Internet Society or its successors or assigns.
-# 
-#    This document and the information contained herein is provided on an
-#    "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
-#    TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
-#    BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
-#    HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
-#    MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Deleted: openldap/vendor/openldap-release/servers/slapd/schema/core.ldif
===================================================================
--- openldap/vendor/openldap-release/servers/slapd/schema/core.ldif	2008-07-07 00:16:51 UTC (rev 1164)
+++ openldap/vendor/openldap-release/servers/slapd/schema/core.ldif	2008-07-07 01:03:22 UTC (rev 1165)
@@ -1,591 +0,0 @@
-# OpenLDAP Core schema
-# $OpenLDAP: pkg/ldap/servers/slapd/schema/core.ldif,v 1.2.2.5 2008/02/11 23:26:49 kurt Exp $
-## This work is part of OpenLDAP Software <http://www.openldap.org/>.
-##
-## Copyright 1998-2008 The OpenLDAP Foundation.
-## All rights reserved.
-##
-## Redistribution and use in source and binary forms, with or without
-## modification, are permitted only as authorized by the OpenLDAP
-## Public License.
-##
-## A copy of this license is available in the file LICENSE in the
-## top-level directory of the distribution or, alternatively, at
-## <http://www.OpenLDAP.org/license.html>.
-#
-## Portions Copyright (C) The Internet Society (1997-2003).
-## All Rights Reserved.
-##
-## This document and translations of it may be copied and furnished to
-## others, and derivative works that comment on or otherwise explain it
-## or assist in its implementation may be prepared, copied, published
-## and distributed, in whole or in part, without restriction of any
-## kind, provided that the above copyright notice and this paragraph are
-## included on all such copies and derivative works.  However, this
-## document itself may not be modified in any way, such as by removing
-## the copyright notice or references to the Internet Society or other
-## Internet organizations, except as needed for the purpose of
-## developing Internet standards in which case the procedures for
-## copyrights defined in the Internet Standards process must be         
-## followed, or as required to translate it into languages other than
-## English.
-##                                                                      
-## The limited permissions granted above are perpetual and will not be  
-## revoked by the Internet Society or its successors or assigns.        
-## 
-## This document and the information contained herein is provided on an 
-## "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
-## TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
-## BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
-## HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
-## MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-#
-#
-#
-# Includes LDAPv3 schema items from:
-#	RFC 2252/2256 (LDAPv3)
-#
-# Select standard track schema items:
-#	RFC 1274 (uid/dc)
-#	RFC 2079 (URI)
-#	RFC 2247 (dc/dcObject)
-#	RFC 2587 (PKI)
-#	RFC 2589 (Dynamic Directory Services)
-#
-# Select informational schema items:
-#	RFC 2377 (uidObject)
-#
-#
-# Standard attribute types from RFC 2256
-#
-dn: cn=core,cn=schema,cn=config
-objectClass: olcSchemaConfig
-cn: core
-#
-# system schema
-#olcAttributeTypes: ( 2.5.4.0 NAME 'objectClass'
-#	DESC 'RFC2256: object classes of the entity'
-#	EQUALITY objectIdentifierMatch
-#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
-#
-# system schema
-#olcAttributeTypes: ( 2.5.4.1 NAME ( 'aliasedObjectName' 'aliasedEntryName' )
-#	DESC 'RFC2256: name of aliased object'
-#	EQUALITY distinguishedNameMatch
-#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
-#
-olcAttributeTypes: ( 2.5.4.2 NAME 'knowledgeInformation'
-  DESC 'RFC2256: knowledge information'
-  EQUALITY caseIgnoreMatch
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
-#
-# system schema
-#olcAttributeTypes: ( 2.5.4.3 NAME ( 'cn' 'commonName' )
-#	DESC 'RFC2256: common name(s) for which the entity is known by'
-#	SUP name )
-#
-olcAttributeTypes: ( 2.5.4.4 NAME ( 'sn' 'surname' )
-  DESC 'RFC2256: last (family) name(s) for which the entity is known by'
-  SUP name )
-#
-olcAttributeTypes: ( 2.5.4.5 NAME 'serialNumber'
-  DESC 'RFC2256: serial number of the entity'
-  EQUALITY caseIgnoreMatch
-  SUBSTR caseIgnoreSubstringsMatch
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} )
-#
-# RFC 4519 definition ('countryName' in X.500 and RFC2256)
-olcAttributeTypes: ( 2.5.4.6 NAME ( 'c' 'countryName' )
-  DESC 'RFC4519: two-letter ISO-3166 country code'
-  SUP name
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.11
-  SINGLE-VALUE )
-#
-olcAttributeTypes: ( 2.5.4.7 NAME ( 'l' 'localityName' )
-  DESC 'RFC2256: locality which this object resides in'
-  SUP name )
-#
-olcAttributeTypes: ( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' )
-  DESC 'RFC2256: state or province which this object resides in'
-  SUP name )
-#
-olcAttributeTypes: ( 2.5.4.9 NAME ( 'street' 'streetAddress' )
-  DESC 'RFC2256: street address of this object'
-  EQUALITY caseIgnoreMatch
-  SUBSTR caseIgnoreSubstringsMatch
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
-#
-olcAttributeTypes: ( 2.5.4.10 NAME ( 'o' 'organizationName' )
-  DESC 'RFC2256: organization this object belongs to'
-  SUP name )
-#
-olcAttributeTypes: ( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' )
-  DESC 'RFC2256: organizational unit this object belongs to'
-  SUP name )
-#
-olcAttributeTypes: ( 2.5.4.12 NAME 'title'
-  DESC 'RFC2256: title associated with the entity'
-  SUP name )
-#
-# system schema
-#olcAttributeTypes: ( 2.5.4.13 NAME 'description'
-#	DESC 'RFC2256: descriptive information'
-#	EQUALITY caseIgnoreMatch
-#	SUBSTR caseIgnoreSubstringsMatch
-#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} )
-#
-# Deprecated by enhancedSearchGuide
-olcAttributeTypes: ( 2.5.4.14 NAME 'searchGuide'
-  DESC 'RFC2256: search guide, deprecated by enhancedSearchGuide'
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.25 )
-#
-olcAttributeTypes: ( 2.5.4.15 NAME 'businessCategory'
-  DESC 'RFC2256: business category'
-  EQUALITY caseIgnoreMatch
-  SUBSTR caseIgnoreSubstringsMatch
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
-#
-olcAttributeTypes: ( 2.5.4.16 NAME 'postalAddress'
-  DESC 'RFC2256: postal address'
-  EQUALITY caseIgnoreListMatch
-  SUBSTR caseIgnoreListSubstringsMatch
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
-#
-olcAttributeTypes: ( 2.5.4.17 NAME 'postalCode'
-  DESC 'RFC2256: postal code'
-  EQUALITY caseIgnoreMatch
-  SUBSTR caseIgnoreSubstringsMatch
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )
-#
-olcAttributeTypes: ( 2.5.4.18 NAME 'postOfficeBox'
-  DESC 'RFC2256: Post Office Box'
-  EQUALITY caseIgnoreMatch
-  SUBSTR caseIgnoreSubstringsMatch
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )
-#
-olcAttributeTypes: ( 2.5.4.19 NAME 'physicalDeliveryOfficeName'
-  DESC 'RFC2256: Physical Delivery Office Name'
-  EQUALITY caseIgnoreMatch
-  SUBSTR caseIgnoreSubstringsMatch
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
-#
-olcAttributeTypes: ( 2.5.4.20 NAME 'telephoneNumber'
-  DESC 'RFC2256: Telephone Number'
-  EQUALITY telephoneNumberMatch
-  SUBSTR telephoneNumberSubstringsMatch
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} )
-#
-olcAttributeTypes: ( 2.5.4.21 NAME 'telexNumber'
-  DESC 'RFC2256: Telex Number'
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 )
-#
-olcAttributeTypes: ( 2.5.4.22 NAME 'teletexTerminalIdentifier'
-  DESC 'RFC2256: Teletex Terminal Identifier'
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 )
-#
-olcAttributeTypes: ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' )
-  DESC 'RFC2256: Facsimile (Fax) Telephone Number'
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 )
-#
-olcAttributeTypes: ( 2.5.4.24 NAME 'x121Address'
-  DESC 'RFC2256: X.121 Address'
-  EQUALITY numericStringMatch
-  SUBSTR numericStringSubstringsMatch
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} )
-#
-olcAttributeTypes: ( 2.5.4.25 NAME 'internationaliSDNNumber'
-  DESC 'RFC2256: international ISDN number'
-  EQUALITY numericStringMatch
-  SUBSTR numericStringSubstringsMatch
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} )
-#
-olcAttributeTypes: ( 2.5.4.26 NAME 'registeredAddress'
-  DESC 'RFC2256: registered postal address'
-  SUP postalAddress
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
-#
-olcAttributeTypes: ( 2.5.4.27 NAME 'destinationIndicator'
-  DESC 'RFC2256: destination indicator'
-  EQUALITY caseIgnoreMatch
-  SUBSTR caseIgnoreSubstringsMatch
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} )
-#
-olcAttributeTypes: ( 2.5.4.28 NAME 'preferredDeliveryMethod'
-  DESC 'RFC2256: preferred delivery method'
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.14
-  SINGLE-VALUE )
-#
-olcAttributeTypes: ( 2.5.4.29 NAME 'presentationAddress'
-  DESC 'RFC2256: presentation address'
-  EQUALITY presentationAddressMatch
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.43
-  SINGLE-VALUE )
-#
-olcAttributeTypes: ( 2.5.4.30 NAME 'supportedApplicationContext'
-  DESC 'RFC2256: supported application context'
-  EQUALITY objectIdentifierMatch
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
-#
-olcAttributeTypes: ( 2.5.4.31 NAME 'member'
-  DESC 'RFC2256: member of a group'
-  SUP distinguishedName )
-#
-olcAttributeTypes: ( 2.5.4.32 NAME 'owner'
-  DESC 'RFC2256: owner (of the object)'
-  SUP distinguishedName )
-#
-olcAttributeTypes: ( 2.5.4.33 NAME 'roleOccupant'
-  DESC 'RFC2256: occupant of role'
-  SUP distinguishedName )
-#
-# system schema
-#olcAttributeTypes: ( 2.5.4.34 NAME 'seeAlso'
-#	DESC 'RFC2256: DN of related object'
-#	SUP distinguishedName )
-#
-# system schema
-#olcAttributeTypes: ( 2.5.4.35 NAME 'userPassword'
-#	DESC 'RFC2256/2307: password of user'
-#	EQUALITY octetStringMatch
-#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
-#
-# Must be transferred using ;binary
-# with certificateExactMatch rule (per X.509)
-olcAttributeTypes: ( 2.5.4.36 NAME 'userCertificate'
-  DESC 'RFC2256: X.509 user certificate, use ;binary'
-  EQUALITY certificateExactMatch
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
-#
-# Must be transferred using ;binary
-# with certificateExactMatch rule (per X.509)
-olcAttributeTypes: ( 2.5.4.37 NAME 'cACertificate'
-  DESC 'RFC2256: X.509 CA certificate, use ;binary'
-  EQUALITY certificateExactMatch
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
-#
-# Must be transferred using ;binary
-olcAttributeTypes: ( 2.5.4.38 NAME 'authorityRevocationList'
-  DESC 'RFC2256: X.509 authority revocation list, use ;binary'
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
-#
-# Must be transferred using ;binary
-olcAttributeTypes: ( 2.5.4.39 NAME 'certificateRevocationList'
-  DESC 'RFC2256: X.509 certificate revocation list, use ;binary'
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
-#
-# Must be stored and requested in the binary form
-olcAttributeTypes: ( 2.5.4.40 NAME 'crossCertificatePair'
-  DESC 'RFC2256: X.509 cross certificate pair, use ;binary'
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.10 )
-#
-# 2.5.4.41 is defined above as it's used for subtyping
-#olcAttributeTypes: ( 2.5.4.41 NAME 'name'
-#	EQUALITY caseIgnoreMatch
-#	SUBSTR caseIgnoreSubstringsMatch
-#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
-#
-olcAttributeTypes: ( 2.5.4.42 NAME ( 'givenName' 'gn' )
-  DESC 'RFC2256: first name(s) for which the entity is known by'
-  SUP name )
-#
-olcAttributeTypes: ( 2.5.4.43 NAME 'initials'
-  DESC 'RFC2256: initials of some or all of names, but not the surname(s).'
-  SUP name )
-#
-olcAttributeTypes: ( 2.5.4.44 NAME 'generationQualifier'
-  DESC 'RFC2256: name qualifier indicating a generation'
-  SUP name )
-#
-olcAttributeTypes: ( 2.5.4.45 NAME 'x500UniqueIdentifier'
-  DESC 'RFC2256: X.500 unique identifier'
-  EQUALITY bitStringMatch
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 )
-#
-olcAttributeTypes: ( 2.5.4.46 NAME 'dnQualifier'
-  DESC 'RFC2256: DN qualifier'
-  EQUALITY caseIgnoreMatch
-  ORDERING caseIgnoreOrderingMatch
-  SUBSTR caseIgnoreSubstringsMatch
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 )
-#
-olcAttributeTypes: ( 2.5.4.47 NAME 'enhancedSearchGuide'
-  DESC 'RFC2256: enhanced search guide'
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 )
-#
-olcAttributeTypes: ( 2.5.4.48 NAME 'protocolInformation'
-  DESC 'RFC2256: protocol information'
-  EQUALITY protocolInformationMatch
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.42 )
-#
-# 2.5.4.49 is defined above as it's used for subtyping
-#olcAttributeTypes: ( 2.5.4.49 NAME 'distinguishedName'
-#	EQUALITY distinguishedNameMatch
-#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
-#
-olcAttributeTypes: ( 2.5.4.50 NAME 'uniqueMember'
-  DESC 'RFC2256: unique member of a group'
-  EQUALITY uniqueMemberMatch
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 )
-#
-olcAttributeTypes: ( 2.5.4.51 NAME 'houseIdentifier'
-  DESC 'RFC2256: house identifier'
-  EQUALITY caseIgnoreMatch
-  SUBSTR caseIgnoreSubstringsMatch
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
-#
-# Must be transferred using ;binary
-olcAttributeTypes: ( 2.5.4.52 NAME 'supportedAlgorithms'
-  DESC 'RFC2256: supported algorithms'
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 )
-#
-# Must be transferred using ;binary
-olcAttributeTypes: ( 2.5.4.53 NAME 'deltaRevocationList'
-  DESC 'RFC2256: delta revocation list; use ;binary'
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
-#
-olcAttributeTypes: ( 2.5.4.54 NAME 'dmdName'
-  DESC 'RFC2256: name of DMD'
-  SUP name )
-#
-olcAttributeTypes: ( 2.5.4.65 NAME 'pseudonym'
-  DESC 'X.520(4th): pseudonym for the object'
-  SUP name )
-#
-# Standard object classes from RFC2256
-#
-# system schema
-#olcObjectClasses: ( 2.5.6.1 NAME 'alias'
-#	DESC 'RFC2256: an alias'
-#	SUP top STRUCTURAL
-#	MUST aliasedObjectName )
-#
-olcObjectClasses: ( 2.5.6.2 NAME 'country'
-  DESC 'RFC2256: a country'
-  SUP top STRUCTURAL
-  MUST c
-  MAY ( searchGuide $ description ) )
-#
-olcObjectClasses: ( 2.5.6.3 NAME 'locality'
-  DESC 'RFC2256: a locality'
-  SUP top STRUCTURAL
-  MAY ( street $ seeAlso $ searchGuide $ st $ l $ description ) )
-#
-olcObjectClasses: ( 2.5.6.4 NAME 'organization'
-  DESC 'RFC2256: an organization'
-  SUP top STRUCTURAL
-  MUST o
-  MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
-  x121Address $ registeredAddress $ destinationIndicator $
-  preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
-  telephoneNumber $ internationaliSDNNumber $ 
-  facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
-  postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) )
-#
-olcObjectClasses: ( 2.5.6.5 NAME 'organizationalUnit'
-  DESC 'RFC2256: an organizational unit'
-  SUP top STRUCTURAL
-  MUST ou
-  MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
-  x121Address $ registeredAddress $ destinationIndicator $
-  preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
-  telephoneNumber $ internationaliSDNNumber $
-  facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
-  postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) )
-#
-olcObjectClasses: ( 2.5.6.6 NAME 'person'
-  DESC 'RFC2256: a person'
-  SUP top STRUCTURAL
-  MUST ( sn $ cn )
-  MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) )
-#
-olcObjectClasses: ( 2.5.6.7 NAME 'organizationalPerson'
-  DESC 'RFC2256: an organizational person'
-  SUP person STRUCTURAL
-  MAY ( title $ x121Address $ registeredAddress $ destinationIndicator $
-  preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
-  telephoneNumber $ internationaliSDNNumber $ 
-  facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
-  postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l ) )
-#
-olcObjectClasses: ( 2.5.6.8 NAME 'organizationalRole'
-  DESC 'RFC2256: an organizational role'
-  SUP top STRUCTURAL
-  MUST cn
-  MAY ( x121Address $ registeredAddress $ destinationIndicator $
-  preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
-  telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
-  seeAlso $ roleOccupant $ preferredDeliveryMethod $ street $
-  postOfficeBox $ postalCode $ postalAddress $
-  physicalDeliveryOfficeName $ ou $ st $ l $ description ) )
-#
-olcObjectClasses: ( 2.5.6.9 NAME 'groupOfNames'
-  DESC 'RFC2256: a group of names (DNs)'
-  SUP top STRUCTURAL
-  MUST ( member $ cn )
-  MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) )
-#
-olcObjectClasses: ( 2.5.6.10 NAME 'residentialPerson'
-  DESC 'RFC2256: an residential person'
-  SUP person STRUCTURAL
-  MUST l
-  MAY ( businessCategory $ x121Address $ registeredAddress $
-  destinationIndicator $ preferredDeliveryMethod $ telexNumber $
-  teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $
-  facsimileTelephoneNumber $ preferredDeliveryMethod $ street $
-  postOfficeBox $ postalCode $ postalAddress $
-  physicalDeliveryOfficeName $ st $ l ) )
-#
-olcObjectClasses: ( 2.5.6.11 NAME 'applicationProcess'
-  DESC 'RFC2256: an application process'
-  SUP top STRUCTURAL
-  MUST cn
-  MAY ( seeAlso $ ou $ l $ description ) )
-#
-olcObjectClasses: ( 2.5.6.12 NAME 'applicationEntity'
-  DESC 'RFC2256: an application entity'
-  SUP top STRUCTURAL
-  MUST ( presentationAddress $ cn )
-  MAY ( supportedApplicationContext $ seeAlso $ ou $ o $ l $
-  description ) )
-#
-olcObjectClasses: ( 2.5.6.13 NAME 'dSA'
-  DESC 'RFC2256: a directory system agent (a server)'
-  SUP applicationEntity STRUCTURAL
-  MAY knowledgeInformation )
-#
-olcObjectClasses: ( 2.5.6.14 NAME 'device'
-  DESC 'RFC2256: a device'
-  SUP top STRUCTURAL
-  MUST cn
-  MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l $ description ) )
-#
-olcObjectClasses: ( 2.5.6.15 NAME 'strongAuthenticationUser'
-  DESC 'RFC2256: a strong authentication user'
-  SUP top AUXILIARY
-  MUST userCertificate )
-#
-olcObjectClasses: ( 2.5.6.16 NAME 'certificationAuthority'
-  DESC 'RFC2256: a certificate authority'
-  SUP top AUXILIARY
-  MUST ( authorityRevocationList $ certificateRevocationList $
-  cACertificate ) MAY crossCertificatePair )
-#
-olcObjectClasses: ( 2.5.6.17 NAME 'groupOfUniqueNames'
-  DESC 'RFC2256: a group of unique names (DN and Unique Identifier)'
-  SUP top STRUCTURAL
-  MUST ( uniqueMember $ cn )
-  MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) )
-#
-olcObjectClasses: ( 2.5.6.18 NAME 'userSecurityInformation'
-  DESC 'RFC2256: a user security information'
-  SUP top AUXILIARY
-  MAY ( supportedAlgorithms ) )
-#
-olcObjectClasses: ( 2.5.6.16.2 NAME 'certificationAuthority-V2'
-  SUP certificationAuthority
-  AUXILIARY MAY ( deltaRevocationList ) )
-#
-olcObjectClasses: ( 2.5.6.19 NAME 'cRLDistributionPoint'
-  SUP top STRUCTURAL
-  MUST ( cn )
-  MAY ( certificateRevocationList $ authorityRevocationList $
-  deltaRevocationList ) )
-#
-olcObjectClasses: ( 2.5.6.20 NAME 'dmd'
-  SUP top STRUCTURAL
-  MUST ( dmdName )
-  MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
-  x121Address $ registeredAddress $ destinationIndicator $
-  preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
-  telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
-  street $ postOfficeBox $ postalCode $ postalAddress $
-  physicalDeliveryOfficeName $ st $ l $ description ) )
-#
-#
-# Object Classes from RFC 2587
-#
-olcObjectClasses: ( 2.5.6.21 NAME 'pkiUser'
-  DESC 'RFC2587: a PKI user'
-  SUP top AUXILIARY
-  MAY userCertificate )
-#
-olcObjectClasses: ( 2.5.6.22 NAME 'pkiCA'
-  DESC 'RFC2587: PKI certificate authority'
-  SUP top AUXILIARY
-  MAY ( authorityRevocationList $ certificateRevocationList $
-  cACertificate $ crossCertificatePair ) )
-#
-olcObjectClasses: ( 2.5.6.23 NAME 'deltaCRL'
-  DESC 'RFC2587: PKI user'
-  SUP top AUXILIARY
-  MAY deltaRevocationList )
-#
-#
-# Standard Track URI label schema from RFC 2079
-# system schema
-#olcAttributeTypes: ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI'
-#	DESC 'RFC2079: Uniform Resource Identifier with optional label'
-#	EQUALITY caseExactMatch
-#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
-#
-olcObjectClasses: ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject'
-  DESC 'RFC2079: object that contains the URI attribute type'
-  MAY ( labeledURI )
-  SUP top AUXILIARY )
-#
-#
-# Derived from RFC 1274, but with new "short names"
-#
-#olcAttributeTypes: ( 0.9.2342.19200300.100.1.1
-#	NAME ( 'uid' 'userid' )
-#	DESC 'RFC1274: user identifier'
-#	EQUALITY caseIgnoreMatch
-#	SUBSTR caseIgnoreSubstringsMatch
-#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
-#
-olcAttributeTypes: ( 0.9.2342.19200300.100.1.3
-  NAME ( 'mail' 'rfc822Mailbox' )
-  DESC 'RFC1274: RFC822 Mailbox'
-    EQUALITY caseIgnoreIA5Match
-    SUBSTR caseIgnoreIA5SubstringsMatch
-    SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
-#
-olcObjectClasses: ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject'
-  DESC 'RFC1274: simple security object'
-  SUP top AUXILIARY
-  MUST userPassword )
-#
-# RFC 1274 + RFC 2247
-olcAttributeTypes: ( 0.9.2342.19200300.100.1.25
-  NAME ( 'dc' 'domainComponent' )
-  DESC 'RFC1274/2247: domain component'
-  EQUALITY caseIgnoreIA5Match
-  SUBSTR caseIgnoreIA5SubstringsMatch
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
-#
-# RFC 2247
-olcObjectClasses: ( 1.3.6.1.4.1.1466.344 NAME 'dcObject'
-  DESC 'RFC2247: domain component object'
-  SUP top AUXILIARY MUST dc )
-#
-# RFC 2377
-olcObjectClasses: ( 1.3.6.1.1.3.1 NAME 'uidObject'
-  DESC 'RFC2377: uid object'
-  SUP top AUXILIARY MUST uid )
-#
-# From COSINE Pilot
-olcAttributeTypes: ( 0.9.2342.19200300.100.1.37
-  NAME 'associatedDomain'
-  DESC 'RFC1274: domain associated with object'
-  EQUALITY caseIgnoreIA5Match
-  SUBSTR caseIgnoreIA5SubstringsMatch
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-#
-# RFC 2459 -- deprecated in favor of 'mail' (in cosine.schema)
-olcAttributeTypes: ( 1.2.840.113549.1.9.1
-  NAME ( 'email' 'emailAddress' 'pkcs9email' )
-  DESC 'RFC3280: legacy attribute for email addresses in DNs'
-  EQUALITY caseIgnoreIA5Match
-  SUBSTR caseIgnoreIA5SubstringsMatch
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
-#

Deleted: openldap/vendor/openldap-release/servers/slapd/schema/core.schema
===================================================================
--- openldap/vendor/openldap-release/servers/slapd/schema/core.schema	2008-07-07 00:16:51 UTC (rev 1164)
+++ openldap/vendor/openldap-release/servers/slapd/schema/core.schema	2008-07-07 01:03:22 UTC (rev 1165)
@@ -1,610 +0,0 @@
-# OpenLDAP Core schema
-# $OpenLDAP: pkg/ldap/servers/slapd/schema/core.schema,v 1.88.2.6 2008/02/11 23:26:49 kurt Exp $
-## This work is part of OpenLDAP Software <http://www.openldap.org/>.
-##
-## Copyright 1998-2008 The OpenLDAP Foundation.
-## All rights reserved.
-##
-## Redistribution and use in source and binary forms, with or without
-## modification, are permitted only as authorized by the OpenLDAP
-## Public License.
-##
-## A copy of this license is available in the file LICENSE in the
-## top-level directory of the distribution or, alternatively, at
-## <http://www.OpenLDAP.org/license.html>.
-#
-## Portions Copyright (C) The Internet Society (1997-2006).
-## All Rights Reserved.
-##
-## This document and translations of it may be copied and furnished to
-## others, and derivative works that comment on or otherwise explain it
-## or assist in its implementation may be prepared, copied, published
-## and distributed, in whole or in part, without restriction of any
-## kind, provided that the above copyright notice and this paragraph are
-## included on all such copies and derivative works.  However, this
-## document itself may not be modified in any way, such as by removing
-## the copyright notice or references to the Internet Society or other
-## Internet organizations, except as needed for the purpose of
-## developing Internet standards in which case the procedures for
-## copyrights defined in the Internet Standards process must be         
-## followed, or as required to translate it into languages other than
-## English.
-##                                                                      
-## The limited permissions granted above are perpetual and will not be  
-## revoked by the Internet Society or its successors or assigns.        
-## 
-## This document and the information contained herein is provided on an 
-## "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
-## TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
-## BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
-## HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
-## MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-#
-#
-# Includes LDAPv3 schema items from:
-#	RFC 2252/2256 (LDAPv3)
-#
-# Select standard track schema items:
-#	RFC 1274 (uid/dc)
-#	RFC 2079 (URI)
-#	RFC 2247 (dc/dcObject)
-#	RFC 2587 (PKI)
-#	RFC 2589 (Dynamic Directory Services)
-#	RFC 4524 (associatedDomain)
-#
-# Select informational schema items:
-#	RFC 2377 (uidObject)
-
-#
-# Standard attribute types from RFC 2256
-#
-
-# system schema
-#attributetype ( 2.5.4.0 NAME 'objectClass'
-#	DESC 'RFC2256: object classes of the entity'
-#	EQUALITY objectIdentifierMatch
-#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
-
-# system schema
-#attributetype ( 2.5.4.1 NAME ( 'aliasedObjectName' 'aliasedEntryName' )
-#	DESC 'RFC2256: name of aliased object'
-#	EQUALITY distinguishedNameMatch
-#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
-
-attributetype ( 2.5.4.2 NAME 'knowledgeInformation'
-	DESC 'RFC2256: knowledge information'
-	EQUALITY caseIgnoreMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
-
-# system schema
-#attributetype ( 2.5.4.3 NAME ( 'cn' 'commonName' )
-#	DESC 'RFC2256: common name(s) for which the entity is known by'
-#	SUP name )
-
-attributetype ( 2.5.4.4 NAME ( 'sn' 'surname' )
-	DESC 'RFC2256: last (family) name(s) for which the entity is known by'
-	SUP name )
-
-attributetype ( 2.5.4.5 NAME 'serialNumber'
-	DESC 'RFC2256: serial number of the entity'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} )
-
-# RFC 4519 definition ('countryName' in X.500 and RFC2256)
-attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' )
-	DESC 'RFC4519: two-letter ISO-3166 country code'
-	SUP name
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.11
-	SINGLE-VALUE )
-
-#attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' )
-#	DESC 'RFC2256: ISO-3166 country 2-letter code'
-#	SUP name SINGLE-VALUE )
-
-attributetype ( 2.5.4.7 NAME ( 'l' 'localityName' )
-	DESC 'RFC2256: locality which this object resides in'
-	SUP name )
-
-attributetype ( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' )
-	DESC 'RFC2256: state or province which this object resides in'
-	SUP name )
-
-attributetype ( 2.5.4.9 NAME ( 'street' 'streetAddress' )
-	DESC 'RFC2256: street address of this object'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
-
-attributetype ( 2.5.4.10 NAME ( 'o' 'organizationName' )
-	DESC 'RFC2256: organization this object belongs to'
-	SUP name )
-
-attributetype ( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' )
-	DESC 'RFC2256: organizational unit this object belongs to'
-	SUP name )
-
-attributetype ( 2.5.4.12 NAME 'title'
-	DESC 'RFC2256: title associated with the entity'
-	SUP name )
-
-# system schema
-#attributetype ( 2.5.4.13 NAME 'description'
-#	DESC 'RFC2256: descriptive information'
-#	EQUALITY caseIgnoreMatch
-#	SUBSTR caseIgnoreSubstringsMatch
-#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} )
-
-# Deprecated by enhancedSearchGuide
-attributetype ( 2.5.4.14 NAME 'searchGuide'
-	DESC 'RFC2256: search guide, deprecated by enhancedSearchGuide'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.25 )
-
-attributetype ( 2.5.4.15 NAME 'businessCategory'
-	DESC 'RFC2256: business category'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
-
-attributetype ( 2.5.4.16 NAME 'postalAddress'
-	DESC 'RFC2256: postal address'
-	EQUALITY caseIgnoreListMatch
-	SUBSTR caseIgnoreListSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
-
-attributetype ( 2.5.4.17 NAME 'postalCode'
-	DESC 'RFC2256: postal code'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )
-
-attributetype ( 2.5.4.18 NAME 'postOfficeBox'
-	DESC 'RFC2256: Post Office Box'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )
-
-attributetype ( 2.5.4.19 NAME 'physicalDeliveryOfficeName'
-	DESC 'RFC2256: Physical Delivery Office Name'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
-
-attributetype ( 2.5.4.20 NAME 'telephoneNumber'
-	DESC 'RFC2256: Telephone Number'
-	EQUALITY telephoneNumberMatch
-	SUBSTR telephoneNumberSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} )
-
-attributetype ( 2.5.4.21 NAME 'telexNumber'
-	DESC 'RFC2256: Telex Number'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 )
-
-attributetype ( 2.5.4.22 NAME 'teletexTerminalIdentifier'
-	DESC 'RFC2256: Teletex Terminal Identifier'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 )
-
-attributetype ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' )
-	DESC 'RFC2256: Facsimile (Fax) Telephone Number'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 )
-
-attributetype ( 2.5.4.24 NAME 'x121Address'
-	DESC 'RFC2256: X.121 Address'
-	EQUALITY numericStringMatch
-	SUBSTR numericStringSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} )
-
-attributetype ( 2.5.4.25 NAME 'internationaliSDNNumber'
-	DESC 'RFC2256: international ISDN number'
-	EQUALITY numericStringMatch
-	SUBSTR numericStringSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} )
-
-attributetype ( 2.5.4.26 NAME 'registeredAddress'
-	DESC 'RFC2256: registered postal address'
-	SUP postalAddress
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
-
-attributetype ( 2.5.4.27 NAME 'destinationIndicator'
-	DESC 'RFC2256: destination indicator'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} )
-
-attributetype ( 2.5.4.28 NAME 'preferredDeliveryMethod'
-	DESC 'RFC2256: preferred delivery method'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.14
-	SINGLE-VALUE )
-
-attributetype ( 2.5.4.29 NAME 'presentationAddress'
-	DESC 'RFC2256: presentation address'
-	EQUALITY presentationAddressMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.43
-	SINGLE-VALUE )
-
-attributetype ( 2.5.4.30 NAME 'supportedApplicationContext'
-	DESC 'RFC2256: supported application context'
-	EQUALITY objectIdentifierMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
-
-attributetype ( 2.5.4.31 NAME 'member'
-	DESC 'RFC2256: member of a group'
-	SUP distinguishedName )
-
-attributetype ( 2.5.4.32 NAME 'owner'
-	DESC 'RFC2256: owner (of the object)'
-	SUP distinguishedName )
-
-attributetype ( 2.5.4.33 NAME 'roleOccupant'
-	DESC 'RFC2256: occupant of role'
-	SUP distinguishedName )
-
-# system schema
-#attributetype ( 2.5.4.34 NAME 'seeAlso'
-#	DESC 'RFC2256: DN of related object'
-#	SUP distinguishedName )
-
-# system schema
-#attributetype ( 2.5.4.35 NAME 'userPassword'
-#	DESC 'RFC2256/2307: password of user'
-#	EQUALITY octetStringMatch
-#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
-
-# Must be transferred using ;binary
-# with certificateExactMatch rule (per X.509)
-attributetype ( 2.5.4.36 NAME 'userCertificate'
-	DESC 'RFC2256: X.509 user certificate, use ;binary'
-	EQUALITY certificateExactMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
-
-# Must be transferred using ;binary
-# with certificateExactMatch rule (per X.509)
-attributetype ( 2.5.4.37 NAME 'cACertificate'
-	DESC 'RFC2256: X.509 CA certificate, use ;binary'
-	EQUALITY certificateExactMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
-
-# Must be transferred using ;binary
-attributetype ( 2.5.4.38 NAME 'authorityRevocationList'
-	DESC 'RFC2256: X.509 authority revocation list, use ;binary'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
-
-# Must be transferred using ;binary
-attributetype ( 2.5.4.39 NAME 'certificateRevocationList'
-	DESC 'RFC2256: X.509 certificate revocation list, use ;binary'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
-
-# Must be stored and requested in the binary form
-attributetype ( 2.5.4.40 NAME 'crossCertificatePair'
-	DESC 'RFC2256: X.509 cross certificate pair, use ;binary'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.10 )
-
-# system schema
-#attributetype ( 2.5.4.41 NAME 'name'
-#	EQUALITY caseIgnoreMatch
-#	SUBSTR caseIgnoreSubstringsMatch
-#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
-
-attributetype ( 2.5.4.42 NAME ( 'givenName' 'gn' )
-	DESC 'RFC2256: first name(s) for which the entity is known by'
-	SUP name )
-
-attributetype ( 2.5.4.43 NAME 'initials'
-	DESC 'RFC2256: initials of some or all of names, but not the surname(s).'
-	SUP name )
-
-attributetype ( 2.5.4.44 NAME 'generationQualifier'
-	DESC 'RFC2256: name qualifier indicating a generation'
-	SUP name )
-
-attributetype ( 2.5.4.45 NAME 'x500UniqueIdentifier'
-	DESC 'RFC2256: X.500 unique identifier'
-	EQUALITY bitStringMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 )
-
-attributetype ( 2.5.4.46 NAME 'dnQualifier'
-	DESC 'RFC2256: DN qualifier'
-	EQUALITY caseIgnoreMatch
-	ORDERING caseIgnoreOrderingMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 )
-
-attributetype ( 2.5.4.47 NAME 'enhancedSearchGuide'
-	DESC 'RFC2256: enhanced search guide'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 )
-
-attributetype ( 2.5.4.48 NAME 'protocolInformation'
-	DESC 'RFC2256: protocol information'
-	EQUALITY protocolInformationMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.42 )
-
-# system schema
-#attributetype ( 2.5.4.49 NAME 'distinguishedName'
-#	EQUALITY distinguishedNameMatch
-#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
-
-attributetype ( 2.5.4.50 NAME 'uniqueMember'
-	DESC 'RFC2256: unique member of a group'
-	EQUALITY uniqueMemberMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 )
-
-attributetype ( 2.5.4.51 NAME 'houseIdentifier'
-	DESC 'RFC2256: house identifier'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
-
-# Must be transferred using ;binary
-attributetype ( 2.5.4.52 NAME 'supportedAlgorithms'
-	DESC 'RFC2256: supported algorithms'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 )
-
-# Must be transferred using ;binary
-attributetype ( 2.5.4.53 NAME 'deltaRevocationList'
-	DESC 'RFC2256: delta revocation list; use ;binary'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
-
-attributetype ( 2.5.4.54 NAME 'dmdName'
-	DESC 'RFC2256: name of DMD'
-	SUP name )
-
-attributetype ( 2.5.4.65 NAME 'pseudonym'
-	DESC 'X.520(4th): pseudonym for the object'
-	SUP name )
-
-# Standard object classes from RFC2256
-
-# system schema
-#objectclass ( 2.5.6.0 NAME 'top'
-#	DESC 'RFC2256: top of the superclass chain'
-#	ABSTRACT
-#	MUST objectClass )
-
-# system schema
-#objectclass ( 2.5.6.1 NAME 'alias'
-#	DESC 'RFC2256: an alias'
-#	SUP top STRUCTURAL
-#	MUST aliasedObjectName )
-
-objectclass ( 2.5.6.2 NAME 'country'
-	DESC 'RFC2256: a country'
-	SUP top STRUCTURAL
-	MUST c
-	MAY ( searchGuide $ description ) )
-
-objectclass ( 2.5.6.3 NAME 'locality'
-	DESC 'RFC2256: a locality'
-	SUP top STRUCTURAL
-	MAY ( street $ seeAlso $ searchGuide $ st $ l $ description ) )
-
-objectclass ( 2.5.6.4 NAME 'organization'
-	DESC 'RFC2256: an organization'
-	SUP top STRUCTURAL
-	MUST o
-	MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
-		x121Address $ registeredAddress $ destinationIndicator $
-		preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
-		telephoneNumber $ internationaliSDNNumber $ 
-		facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
-		postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) )
-
-objectclass ( 2.5.6.5 NAME 'organizationalUnit'
-	DESC 'RFC2256: an organizational unit'
-	SUP top STRUCTURAL
-	MUST ou
-	MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
-		x121Address $ registeredAddress $ destinationIndicator $
-		preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
-		telephoneNumber $ internationaliSDNNumber $
-		facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
-		postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) )
-
-objectclass ( 2.5.6.6 NAME 'person'
-	DESC 'RFC2256: a person'
-	SUP top STRUCTURAL
-	MUST ( sn $ cn )
-	MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) )
-
-objectclass ( 2.5.6.7 NAME 'organizationalPerson'
-	DESC 'RFC2256: an organizational person'
-	SUP person STRUCTURAL
-	MAY ( title $ x121Address $ registeredAddress $ destinationIndicator $
-		preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
-		telephoneNumber $ internationaliSDNNumber $ 
-		facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
-		postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l ) )
-
-objectclass ( 2.5.6.8 NAME 'organizationalRole'
-	DESC 'RFC2256: an organizational role'
-	SUP top STRUCTURAL
-	MUST cn
-	MAY ( x121Address $ registeredAddress $ destinationIndicator $
-		preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
-		telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
-		seeAlso $ roleOccupant $ preferredDeliveryMethod $ street $
-		postOfficeBox $ postalCode $ postalAddress $
-		physicalDeliveryOfficeName $ ou $ st $ l $ description ) )
-
-objectclass ( 2.5.6.9 NAME 'groupOfNames'
-	DESC 'RFC2256: a group of names (DNs)'
-	SUP top STRUCTURAL
-	MUST ( member $ cn )
-	MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) )
-
-objectclass ( 2.5.6.10 NAME 'residentialPerson'
-	DESC 'RFC2256: an residential person'
-	SUP person STRUCTURAL
-	MUST l
-	MAY ( businessCategory $ x121Address $ registeredAddress $
-		destinationIndicator $ preferredDeliveryMethod $ telexNumber $
-		teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $
-		facsimileTelephoneNumber $ preferredDeliveryMethod $ street $
-		postOfficeBox $ postalCode $ postalAddress $
-		physicalDeliveryOfficeName $ st $ l ) )
-
-objectclass ( 2.5.6.11 NAME 'applicationProcess'
-	DESC 'RFC2256: an application process'
-	SUP top STRUCTURAL
-	MUST cn
-	MAY ( seeAlso $ ou $ l $ description ) )
-
-objectclass ( 2.5.6.12 NAME 'applicationEntity'
-	DESC 'RFC2256: an application entity'
-	SUP top STRUCTURAL
-	MUST ( presentationAddress $ cn )
-	MAY ( supportedApplicationContext $ seeAlso $ ou $ o $ l $
-	description ) )
-
-objectclass ( 2.5.6.13 NAME 'dSA'
-	DESC 'RFC2256: a directory system agent (a server)'
-	SUP applicationEntity STRUCTURAL
-	MAY knowledgeInformation )
-
-objectclass ( 2.5.6.14 NAME 'device'
-	DESC 'RFC2256: a device'
-	SUP top STRUCTURAL
-	MUST cn
-	MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l $ description ) )
-
-objectclass ( 2.5.6.15 NAME 'strongAuthenticationUser'
-	DESC 'RFC2256: a strong authentication user'
-	SUP top AUXILIARY
-	MUST userCertificate )
-
-objectclass ( 2.5.6.16 NAME 'certificationAuthority'
-	DESC 'RFC2256: a certificate authority'
-	SUP top AUXILIARY
-	MUST ( authorityRevocationList $ certificateRevocationList $
-		cACertificate ) MAY crossCertificatePair )
-
-objectclass ( 2.5.6.17 NAME 'groupOfUniqueNames'
-	DESC 'RFC2256: a group of unique names (DN and Unique Identifier)'
-	SUP top STRUCTURAL
-	MUST ( uniqueMember $ cn )
-	MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) )
-
-objectclass ( 2.5.6.18 NAME 'userSecurityInformation'
-	DESC 'RFC2256: a user security information'
-	SUP top AUXILIARY
-	MAY ( supportedAlgorithms ) )
-
-objectclass ( 2.5.6.16.2 NAME 'certificationAuthority-V2'
-	SUP certificationAuthority
-	AUXILIARY MAY ( deltaRevocationList ) )
-
-objectclass ( 2.5.6.19 NAME 'cRLDistributionPoint'
-	SUP top STRUCTURAL
-	MUST ( cn )
-	MAY ( certificateRevocationList $ authorityRevocationList $
-		deltaRevocationList ) )
-
-objectclass ( 2.5.6.20 NAME 'dmd'
-	SUP top STRUCTURAL
-	MUST ( dmdName )
-	MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
-		x121Address $ registeredAddress $ destinationIndicator $
-		preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
-		telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
-		street $ postOfficeBox $ postalCode $ postalAddress $
-		physicalDeliveryOfficeName $ st $ l $ description ) )
-
-#
-# Object Classes from RFC 2587
-#
-objectclass ( 2.5.6.21 NAME 'pkiUser'
-	DESC 'RFC2587: a PKI user'
-	SUP top AUXILIARY
-	MAY userCertificate )
-
-objectclass ( 2.5.6.22 NAME 'pkiCA'
-	DESC 'RFC2587: PKI certificate authority'
-	SUP top AUXILIARY
-	MAY ( authorityRevocationList $ certificateRevocationList $
-		cACertificate $ crossCertificatePair ) )
-
-objectclass ( 2.5.6.23 NAME 'deltaCRL'
-	DESC 'RFC2587: PKI user'
-	SUP top AUXILIARY
-	MAY deltaRevocationList )
-
-#
-# Standard Track URI label schema from RFC 2079
-# system schema
-#attributetype ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI'
-#	DESC 'RFC2079: Uniform Resource Identifier with optional label'
-#	EQUALITY caseExactMatch
-#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
-
-objectclass ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject'
-	DESC 'RFC2079: object that contains the URI attribute type'
-	SUP top AUXILIARY
-	MAY ( labeledURI ) )
-
-#
-# Derived from RFC 1274, but with new "short names"
-#
-#attributetype ( 0.9.2342.19200300.100.1.1
-#	NAME ( 'uid' 'userid' )
-#	DESC 'RFC1274: user identifier'
-#	EQUALITY caseIgnoreMatch
-#	SUBSTR caseIgnoreSubstringsMatch
-#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
-
-attributetype ( 0.9.2342.19200300.100.1.3
-	NAME ( 'mail' 'rfc822Mailbox' )
-	DESC 'RFC1274: RFC822 Mailbox'
-    EQUALITY caseIgnoreIA5Match
-    SUBSTR caseIgnoreIA5SubstringsMatch
-    SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
-
-objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject'
-	DESC 'RFC1274: simple security object'
-	SUP top AUXILIARY
-	MUST userPassword )
-
-# RFC 1274 + RFC 2247
-attributetype ( 0.9.2342.19200300.100.1.25
-	NAME ( 'dc' 'domainComponent' )
-	DESC 'RFC1274/2247: domain component'
-	EQUALITY caseIgnoreIA5Match
-	SUBSTR caseIgnoreIA5SubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
-
-# RFC 2247
-objectclass ( 1.3.6.1.4.1.1466.344 NAME 'dcObject'
-	DESC 'RFC2247: domain component object'
-	SUP top AUXILIARY MUST dc )
-
-# RFC 2377
-objectclass ( 1.3.6.1.1.3.1 NAME 'uidObject'
-	DESC 'RFC2377: uid object'
-	SUP top AUXILIARY MUST uid )
-
-# RFC 4524
-#   The 'associatedDomain' attribute specifies DNS [RFC1034][RFC2181]
-#   host names [RFC1123] that are associated with an object.   That is,
-#   values of this attribute should conform to the following ABNF:
-#
-#    domain = root / label *( DOT label )
-#    root   = SPACE
-#    label  = LETDIG [ *61( LETDIG / HYPHEN ) LETDIG ]
-#    LETDIG = %x30-39 / %x41-5A / %x61-7A ; "0" - "9" / "A"-"Z" / "a"-"z"
-#    SPACE  = %x20                        ; space (" ")
-#    HYPHEN = %x2D                        ; hyphen ("-")
-#    DOT    = %x2E                        ; period (".")
-attributetype ( 0.9.2342.19200300.100.1.37
-	NAME 'associatedDomain'
-	DESC 'RFC1274: domain associated with object'
-	EQUALITY caseIgnoreIA5Match
-	SUBSTR caseIgnoreIA5SubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-
-# RFC 2459 -- deprecated in favor of 'mail' (in cosine.schema)
-attributetype ( 1.2.840.113549.1.9.1
-	NAME ( 'email' 'emailAddress' 'pkcs9email' )
-	DESC 'RFC3280: legacy attribute for email addresses in DNs'
-	EQUALITY caseIgnoreIA5Match
-	SUBSTR caseIgnoreIA5SubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
-

Deleted: openldap/vendor/openldap-release/servers/slapd/schema/cosine.schema
===================================================================
--- openldap/vendor/openldap-release/servers/slapd/schema/cosine.schema	2008-07-07 00:16:51 UTC (rev 1164)
+++ openldap/vendor/openldap-release/servers/slapd/schema/cosine.schema	2008-07-07 01:03:22 UTC (rev 1165)
@@ -1,2571 +0,0 @@
-# RFC1274: Cosine and Internet X.500 schema
-# $OpenLDAP: pkg/ldap/servers/slapd/schema/cosine.schema,v 1.23.2.3 2008/02/11 23:26:49 kurt Exp $
-## This work is part of OpenLDAP Software <http://www.openldap.org/>.
-##
-## Copyright 1998-2008 The OpenLDAP Foundation.
-## All rights reserved.
-##
-## Redistribution and use in source and binary forms, with or without
-## modification, are permitted only as authorized by the OpenLDAP
-## Public License.
-##
-## A copy of this license is available in the file LICENSE in the
-## top-level directory of the distribution or, alternatively, at
-## <http://www.OpenLDAP.org/license.html>.
-#
-# RFC1274: Cosine and Internet X.500 schema
-#
-# This file contains LDAPv3 schema derived from X.500 COSINE "pilot"
-# schema.  As this schema was defined for X.500(89), some
-# oddities were introduced in the mapping to LDAPv3.  The
-# mappings were based upon: draft-ietf-asid-ldapv3-attributes-03.txt
-# (a work in progress)
-#
-# Note: It seems that the pilot schema evolved beyond what was
-# described in RFC1274.  However, this document attempts to describes
-# RFC1274 as published.
-#
-# Depends on core.schema
-
-
-# Network Working Group                                          P. Barker
-# Request for Comments: 1274                                      S. Kille
-#                                              University College London
-#                                                          November 1991
-#
-#                 The COSINE and Internet X.500 Schema
-#
-# [trimmed]
-#
-# Abstract
-#
-#  This document suggests an X.500 Directory Schema, or Naming
-#  Architecture, for use in the COSINE and Internet X.500 pilots.  The
-#  schema is independent of any specific implementation.  As well as
-#  indicating support for the standard object classes and attributes, a
-#  large number of generally useful object classes and attributes are
-#  also defined.  An appendix to this document includes a machine
-#  processable version of the schema.
-#
-# [trimmed]
-
-# 7.  Object Identifiers
-#
-#  Some additional object identifiers are defined for this schema.
-#  These are also reproduced in Appendix C.
-#
-#    data OBJECT IDENTIFIER ::= {ccitt 9}
-#    pss OBJECT IDENTIFIER ::= {data 2342}
-#    ucl OBJECT IDENTIFIER ::= {pss 19200300}
-#    pilot OBJECT IDENTIFIER ::= {ucl 100}
-#
-#    pilotAttributeType OBJECT IDENTIFIER ::= {pilot 1}
-#    pilotAttributeSyntax OBJECT IDENTIFIER ::= {pilot 3}
-#    pilotObjectClass OBJECT IDENTIFIER ::= {pilot 4}
-#    pilotGroups OBJECT IDENTIFIER ::= {pilot 10}
-#
-#    iA5StringSyntax OBJECT IDENTIFIER ::= {pilotAttributeSyntax 4}
-#    caseIgnoreIA5StringSyntax OBJECT IDENTIFIER ::=
-#                                          {pilotAttributeSyntax 5}
-#
-# 8.  Object Classes
-# [relocated after 9]
-
-#
-# 9.  Attribute Types
-#
-# 9.1.  X.500 standard attribute types
-#
-#  A number of generally useful attribute types are defined in X.520,
-#  and these are supported.  Refer to that document for descriptions of
-#  the suggested usage of these attribute types.  The ASN.1 for these
-#  attribute types is reproduced for completeness in Appendix C.
-#
-# 9.2.  X.400 standard attribute types
-#
-#  The standard X.400 attribute types are supported.  See X.402 for full
-#  details.  The ASN.1 for these attribute types is reproduced in
-#  Appendix C.
-#
-# 9.3.  COSINE/Internet attribute types
-#
-#  This section describes all the attribute types defined for use in the
-#  COSINE and Internet pilots.  Descriptions are given as to the
-#  suggested usage of these attribute types.  The ASN.1 for these
-#  attribute types is reproduced in Appendix C.
-#
-# 9.3.1.  Userid
-#
-#  The Userid attribute type specifies a computer system login name.
-#
-#    userid ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#            (SIZE (1 .. ub-user-identifier))
-#    ::= {pilotAttributeType 1}
-#
-#(in core.schema)
-##attributetype ( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' )
-##	EQUALITY caseIgnoreMatch
-##	SUBSTR caseIgnoreSubstringsMatch
-##	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
-
-# 9.3.2.  Text Encoded O/R Address
-#
-#  The Text Encoded O/R Address attribute type specifies a text encoding
-#  of an X.400 O/R address, as specified in RFC 987.  The use of this
-#  attribute is deprecated as the attribute is intended for interim use
-#  only.  This attribute will be the first candidate for the attribute
-#  expiry mechanisms!
-#
-#    textEncodedORAddress ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#        (SIZE (1 .. ub-text-encoded-or-address))
-#    ::= {pilotAttributeType 2}
-#
-attributetype ( 0.9.2342.19200300.100.1.2 NAME 'textEncodedORAddress'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
-
-# 9.3.3.  RFC 822 Mailbox
-#
-#  The RFC822 Mailbox attribute type specifies an electronic mailbox
-#  attribute following the syntax specified in RFC 822.  Note that this
-#  attribute should not be used for greybook or other non-Internet order
-#  mailboxes.
-#
-#    rfc822Mailbox ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreIA5StringSyntax
-#            (SIZE (1 .. ub-rfc822-mailbox))
-#    ::= {pilotAttributeType 3}
-#
-#(in core.schema)
-##attributetype ( 0.9.2342.19200300.100.1.3 NAME ( 'mail' 'rfc822Mailbox' )
-##	EQUALITY caseIgnoreIA5Match
-##	SUBSTR caseIgnoreIA5SubstringsMatch
-##	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
-
-# 9.3.4.  Information
-#
-#  The Information attribute type specifies any general information
-#  pertinent to an object.  It is recommended that specific usage of
-#  this attribute type is avoided, and that specific requirements are
-#  met by other (possibly additional) attribute types.
-#
-#    info ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#            (SIZE (1 .. ub-information))
-#    ::= {pilotAttributeType 4}
-#
-attributetype ( 0.9.2342.19200300.100.1.4 NAME 'info'
-	DESC 'RFC1274: general information'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{2048} )
-
-
-# 9.3.5.  Favourite Drink
-#
-#  The Favourite Drink attribute type specifies the favourite drink of
-#  an object (or person).
-#
-#    favouriteDrink ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#            (SIZE (1 .. ub-favourite-drink))
-#    ::= {pilotAttributeType 5}
-#
-attributetype ( 0.9.2342.19200300.100.1.5
-	NAME ( 'drink' 'favouriteDrink' )
-	DESC 'RFC1274: favorite drink'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
-
-# 9.3.6.  Room Number
-#
-#  The Room Number attribute type specifies the room number of an
-#  object.  Note that the commonName attribute should be used for naming
-#  room objects.
-#
-#    roomNumber ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#            (SIZE (1 .. ub-room-number))
-#    ::= {pilotAttributeType 6}
-#
-attributetype ( 0.9.2342.19200300.100.1.6 NAME 'roomNumber'
-	DESC 'RFC1274: room number'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
-
-# 9.3.7.  Photo
-#
-#  The Photo attribute type specifies a "photograph" for an object.
-#  This should be encoded in G3 fax as explained in recommendation T.4,
-#  with an ASN.1 wrapper to make it compatible with an X.400 BodyPart as
-#  defined in X.420.
-#
-#    IMPORT  G3FacsimileBodyPart  FROM  {   mhs-motis   ipms   modules
-#    information-objects }
-#
-#    photo ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            CHOICE {
-#                g3-facsimile [3] G3FacsimileBodyPart
-#                }
-#        (SIZE (1 .. ub-photo))
-#    ::= {pilotAttributeType 7}
-#
-attributetype ( 0.9.2342.19200300.100.1.7 NAME 'photo'
-	DESC 'RFC1274: photo (G3 fax)'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.23{25000} )
-
-# 9.3.8.  User Class
-#
-#  The User Class attribute type specifies a category of computer user.
-#  The semantics placed on this attribute are for local interpretation.
-#  Examples of current usage od this attribute in academia are
-#  undergraduate student, researcher, lecturer, etc.  Note that the
-#  organizationalStatus attribute may now often be preferred as it makes
-#  no distinction between computer users and others.
-#
-#    userClass ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#            (SIZE (1 .. ub-user-class))
-#    ::= {pilotAttributeType 8}
-#
-attributetype ( 0.9.2342.19200300.100.1.8 NAME 'userClass'
-	DESC 'RFC1274: category of user'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
-
-# 9.3.9.  Host
-#
-#  The Host attribute type specifies a host computer.
-#
-#    host ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#            (SIZE (1 .. ub-host))
-#    ::= {pilotAttributeType 9}
-#
-attributetype ( 0.9.2342.19200300.100.1.9 NAME 'host'
-	DESC 'RFC1274: host computer'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
-
-# 9.3.10.  Manager
-#
-#  The Manager attribute type specifies the manager of an object
-#  represented by an entry.
-#
-#    manager ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            distinguishedNameSyntax
-#    ::= {pilotAttributeType 10}
-#
-attributetype ( 0.9.2342.19200300.100.1.10 NAME 'manager'
-	DESC 'RFC1274: DN of manager'
-	EQUALITY distinguishedNameMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
-
-# 9.3.11.  Document Identifier
-#
-#  The Document Identifier attribute type specifies a unique identifier
-#  for a document.
-#
-#    documentIdentifier ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#            (SIZE (1 .. ub-document-identifier))
-#    ::= {pilotAttributeType 11}
-#
-attributetype ( 0.9.2342.19200300.100.1.11 NAME 'documentIdentifier'
-	DESC 'RFC1274: unique identifier of document'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
-
-# 9.3.12.  Document Title
-#
-#  The Document Title attribute type specifies the title of a document.
-#
-#    documentTitle ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#        (SIZE (1 .. ub-document-title))
-#    ::= {pilotAttributeType 12}
-#
-attributetype ( 0.9.2342.19200300.100.1.12 NAME 'documentTitle'
-	DESC 'RFC1274: title of document'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
-
-# 9.3.13.  Document Version
-#
-#  The Document Version attribute type specifies the version number of a
-#  document.
-#
-#    documentVersion ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#            (SIZE (1 .. ub-document-version))
-#    ::= {pilotAttributeType 13}
-#
-attributetype ( 0.9.2342.19200300.100.1.13 NAME 'documentVersion'
-	DESC 'RFC1274: version of document'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
-
-# 9.3.14.  Document Author
-#
-#  The Document Author attribute type specifies the distinguished name
-#  of the author of a document.
-#
-#    documentAuthor ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            distinguishedNameSyntax
-#    ::= {pilotAttributeType 14}
-#
-attributetype ( 0.9.2342.19200300.100.1.14 NAME 'documentAuthor'
-	DESC 'RFC1274: DN of author of document'
-	EQUALITY distinguishedNameMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
-
-# 9.3.15.  Document Location
-#
-#  The Document Location attribute type specifies the location of the
-#  document original.
-#
-#    documentLocation ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#            (SIZE (1 .. ub-document-location))
-#    ::= {pilotAttributeType 15}
-#
-attributetype ( 0.9.2342.19200300.100.1.15 NAME 'documentLocation'
-	DESC 'RFC1274: location of document original'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
-
-# 9.3.16.  Home Telephone Number
-#
-#  The Home Telephone Number attribute type specifies a home telephone
-#  number associated with a person.  Attribute values should follow the
-#  agreed format for international telephone numbers: i.e., "+44 71 123
-#  4567".
-#
-#    homeTelephoneNumber ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            telephoneNumberSyntax
-#    ::= {pilotAttributeType 20}
-#
-attributetype ( 0.9.2342.19200300.100.1.20
-	NAME ( 'homePhone' 'homeTelephoneNumber' )
-	DESC 'RFC1274: home telephone number'
-	EQUALITY telephoneNumberMatch
-	SUBSTR telephoneNumberSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
-
-# 9.3.17.  Secretary
-#
-#  The Secretary attribute type specifies the secretary of a person.
-#  The attribute value for Secretary is a distinguished name.
-#
-#    secretary ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            distinguishedNameSyntax
-#    ::= {pilotAttributeType 21}
-#
-attributetype ( 0.9.2342.19200300.100.1.21 NAME 'secretary'
-	DESC 'RFC1274: DN of secretary'
-	EQUALITY distinguishedNameMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
-
-# 9.3.18.  Other Mailbox
-#
-#  The Other Mailbox attribute type specifies values for electronic
-#  mailbox types other than X.400 and rfc822.
-#
-#    otherMailbox ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            SEQUENCE {
-#                    mailboxType PrintableString, -- e.g. Telemail
-#                    mailbox IA5String  -- e.g. X378:Joe
-#            }
-#    ::= {pilotAttributeType 22}
-#
-attributetype ( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.39 )
-
-# 9.3.19.  Last Modified Time
-#
-#  The Last Modified Time attribute type specifies the last time, in UTC
-#  time, that an entry was modified.  Ideally, this attribute should be
-#  maintained by the DSA.
-#
-#    lastModifiedTime ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            uTCTimeSyntax
-#    ::= {pilotAttributeType 23}
-#
-## Deprecated in favor of modifyTimeStamp
-#attributetype ( 0.9.2342.19200300.100.1.23 NAME 'lastModifiedTime'
-#	DESC 'RFC1274: time of last modify, replaced by modifyTimestamp'
-#	OBSOLETE
-#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.53
-#	USAGE directoryOperation )
-
-# 9.3.20.  Last Modified By
-#
-#  The Last Modified By attribute specifies the distinguished name of
-#  the last user to modify the associated entry.  Ideally, this
-#  attribute should be maintained by the DSA.
-#
-#    lastModifiedBy ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            distinguishedNameSyntax
-#    ::= {pilotAttributeType 24}
-#
-## Deprecated in favor of modifiersName
-#attributetype ( 0.9.2342.19200300.100.1.24 NAME 'lastModifiedBy'
-#	DESC 'RFC1274: last modifier, replaced by modifiersName'
-#	OBSOLETE
-#	EQUALITY distinguishedNameMatch
-#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
-#	USAGE directoryOperation )
-
-# 9.3.21.  Domain Component
-#
-#  The Domain Component attribute type specifies a DNS/NRS domain.  For
-#  example, "uk" or "ac".
-#
-#    domainComponent ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreIA5StringSyntax
-#            SINGLE VALUE
-#    ::= {pilotAttributeType 25}
-#
-##(in core.schema)
-##attributetype ( 0.9.2342.19200300.100.1.25 NAME ( 'dc' 'domainComponent' )
-##	EQUALITY caseIgnoreIA5Match
-##	SUBSTR caseIgnoreIA5SubstringsMatch
-##	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
-
-# 9.3.22.  DNS ARecord
-#
-#  The A Record attribute type specifies a type A (Address) DNS resource
-#  record [6] [7].
-#
-#    aRecord ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            DNSRecordSyntax
-#    ::= {pilotAttributeType 26}
-#
-## incorrect syntax?
-attributetype ( 0.9.2342.19200300.100.1.26 NAME 'aRecord'
-	EQUALITY caseIgnoreIA5Match
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-
-## missing from RFC1274
-## incorrect syntax?
-attributetype ( 0.9.2342.19200300.100.1.27 NAME 'mDRecord'
-	EQUALITY caseIgnoreIA5Match
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-
-# 9.3.23.  MX Record
-#
-#  The MX Record attribute type specifies a type MX (Mail Exchange) DNS
-#  resource record [6] [7].
-#
-#    mXRecord ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            DNSRecordSyntax
-#    ::= {pilotAttributeType 28}
-#
-## incorrect syntax!!
-attributetype ( 0.9.2342.19200300.100.1.28 NAME 'mXRecord'
-	EQUALITY caseIgnoreIA5Match
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-
-# 9.3.24.  NS Record
-#
-#  The NS Record attribute type specifies an NS (Name Server) DNS
-#  resource record [6] [7].
-#
-#    nSRecord ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            DNSRecordSyntax
-#    ::= {pilotAttributeType 29}
-#
-## incorrect syntax!!
-attributetype ( 0.9.2342.19200300.100.1.29 NAME 'nSRecord'
-	EQUALITY caseIgnoreIA5Match
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-
-# 9.3.25.  SOA Record
-#
-#  The SOA Record attribute type specifies a type SOA (Start of
-#  Authority) DNS resorce record [6] [7].
-#
-#    sOARecord ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            DNSRecordSyntax
-#    ::= {pilotAttributeType 30}
-#
-## incorrect syntax!!
-attributetype ( 0.9.2342.19200300.100.1.30 NAME 'sOARecord'
-	EQUALITY caseIgnoreIA5Match
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-
-# 9.3.26.  CNAME Record
-#
-#  The CNAME Record attribute type specifies a type CNAME (Canonical
-#  Name) DNS resource record [6] [7].
-#
-#    cNAMERecord ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            iA5StringSyntax
-#    ::= {pilotAttributeType 31}
-#
-## incorrect syntax!!
-attributetype ( 0.9.2342.19200300.100.1.31 NAME 'cNAMERecord'
-	EQUALITY caseIgnoreIA5Match
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-
-# 9.3.27.  Associated Domain
-#
-#  The Associated Domain attribute type specifies a DNS or NRS domain
-#  which is associated with an object in the DIT. For example, the entry
-#  in the DIT with a distinguished name "C=GB, O=University College
-#  London" would have an associated domain of "UCL.AC.UK.  Note that all
-#  domains should be represented in rfc822 order.  See [3] for more
-#  details of usage of this attribute.
-#
-#    associatedDomain ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreIA5StringSyntax
-#    ::= {pilotAttributeType 37}
-#
-#attributetype ( 0.9.2342.19200300.100.1.37 NAME 'associatedDomain'
-#	EQUALITY caseIgnoreIA5Match
-#	SUBSTR caseIgnoreIA5SubstringsMatch
-#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-
-# 9.3.28.  Associated Name
-#
-#  The Associated Name attribute type specifies an entry in the
-#  organisational DIT associated with a DNS/NRS domain.  See [3] for
-#  more details of usage of this attribute.
-#
-#    associatedName ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            distinguishedNameSyntax
-#    ::= {pilotAttributeType 38}
-#
-attributetype ( 0.9.2342.19200300.100.1.38 NAME 'associatedName'
-	DESC 'RFC1274: DN of entry associated with domain'
-	EQUALITY distinguishedNameMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
-
-# 9.3.29.  Home postal address
-#
-#  The Home postal address attribute type specifies a home postal
-#  address for an object.  This should be limited to up to 6 lines of 30
-#  characters each.
-#
-#    homePostalAddress ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            postalAddress
-#            MATCHES FOR EQUALITY
-#    ::= {pilotAttributeType 39}
-#
-attributetype ( 0.9.2342.19200300.100.1.39 NAME 'homePostalAddress'
-	DESC 'RFC1274: home postal address'
-	EQUALITY caseIgnoreListMatch
-	SUBSTR caseIgnoreListSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
-
-# 9.3.30.  Personal Title
-#
-#  The Personal Title attribute type specifies a personal title for a
-#  person. Examples of personal titles are "Ms", "Dr", "Prof" and "Rev".
-#
-#    personalTitle ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#            (SIZE (1 .. ub-personal-title))
-#    ::= {pilotAttributeType 40}
-#
-attributetype ( 0.9.2342.19200300.100.1.40 NAME 'personalTitle'
-	DESC 'RFC1274: personal title'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
-
-# 9.3.31.  Mobile Telephone Number
-#
-#  The Mobile Telephone Number attribute type specifies a mobile
-#  telephone number associated with a person.  Attribute values should
-#  follow the agreed format for international telephone numbers: i.e.,
-#  "+44 71 123 4567".
-#
-#    mobileTelephoneNumber ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            telephoneNumberSyntax
-#    ::= {pilotAttributeType 41}
-#
-attributetype ( 0.9.2342.19200300.100.1.41
-	NAME ( 'mobile' 'mobileTelephoneNumber' )
-	DESC 'RFC1274: mobile telephone number'
-	EQUALITY telephoneNumberMatch
-	SUBSTR telephoneNumberSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
-
-# 9.3.32.  Pager Telephone Number
-#
-#  The Pager Telephone Number attribute type specifies a pager telephone
-#  number for an object. Attribute values should follow the agreed
-#  format for international telephone numbers: i.e., "+44 71 123 4567".
-#
-#    pagerTelephoneNumber ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            telephoneNumberSyntax
-#    ::= {pilotAttributeType 42}
-#
-attributetype ( 0.9.2342.19200300.100.1.42
-	NAME ( 'pager' 'pagerTelephoneNumber' )
-	DESC 'RFC1274: pager telephone number'
-	EQUALITY telephoneNumberMatch
-	SUBSTR telephoneNumberSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
-
-# 9.3.33.  Friendly Country Name
-#
-#  The Friendly Country Name attribute type specifies names of countries
-#  in human readable format.  The standard attribute country name must
-#  be one of the two-letter codes defined in ISO 3166.
-#
-#    friendlyCountryName ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#    ::= {pilotAttributeType 43}
-#
-attributetype ( 0.9.2342.19200300.100.1.43
-	NAME ( 'co' 'friendlyCountryName' )
-	DESC 'RFC1274: friendly country name'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
-
-# 9.3.34.  Unique Identifier
-#
-#  The Unique Identifier attribute type specifies a "unique identifier"
-#  for an object represented in the Directory.  The domain within which
-#  the identifier is unique, and the exact semantics of the identifier,
-#  are for local definition.  For a person, this might be an
-#  institution-wide payroll number.  For an organisational unit, it
-#  might be a department code.
-#
-#    uniqueIdentifier ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#            (SIZE (1 .. ub-unique-identifier))
-#    ::= {pilotAttributeType 44}
-#
-attributetype ( 0.9.2342.19200300.100.1.44 NAME 'uniqueIdentifier'
-	DESC 'RFC1274: unique identifer'
-	EQUALITY caseIgnoreMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
-
-# 9.3.35.  Organisational Status
-#
-#  The Organisational Status attribute type specifies a category by
-#  which a person is often referred to in an organisation.  Examples of
-#  usage in academia might include undergraduate student, researcher,
-#  lecturer, etc.
-#
-#  A Directory administrator should probably consider carefully the
-#  distinctions between this and the title and userClass attributes.
-#
-#    organizationalStatus ATTRIBUTE
-#            WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#            (SIZE (1 .. ub-organizational-status))
-#    ::= {pilotAttributeType 45}
-#
-attributetype ( 0.9.2342.19200300.100.1.45 NAME 'organizationalStatus'
-	DESC 'RFC1274: organizational status'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
-
-# 9.3.36.  Janet Mailbox
-#
-#  The Janet Mailbox attribute type specifies an electronic mailbox
-#  attribute following the syntax specified in the Grey Book of the
-#  Coloured Book series.  This attribute is intended for the convenience
-#  of U.K users unfamiliar with rfc822 and little-endian mail addresses.
-#  Entries using this attribute MUST also include an rfc822Mailbox
-#  attribute.
-#
-#    janetMailbox ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreIA5StringSyntax
-#            (SIZE (1 .. ub-janet-mailbox))
-#    ::= {pilotAttributeType 46}
-#
-attributetype ( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox'
-	DESC 'RFC1274: Janet mailbox'
-	EQUALITY caseIgnoreIA5Match
-	SUBSTR caseIgnoreIA5SubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
-
-# 9.3.37.  Mail Preference Option
-#
-#  An attribute to allow users to indicate a preference for inclusion of
-#  their names on mailing lists (electronic or physical).  The absence
-#  of such an attribute should be interpreted as if the attribute was
-#  present with value "no-list-inclusion".  This attribute should be
-#  interpreted by anyone using the directory to derive mailing lists,
-#  and its value respected.
-#
-#    mailPreferenceOption ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX ENUMERATED {
-#                no-list-inclusion(0),
-#                any-list-inclusion(1),  -- may be added to any lists
-#                professional-list-inclusion(2)
-#                                        -- may be added to lists
-#                                        -- which the list provider
-#                                        -- views as related to the
-#                                        -- users professional inter-
-#                                        -- ests, perhaps evaluated
-#                                        -- from the business of the
-#                                        -- organisation or keywords
-#                                        -- in the entry.
-#                }
-#    ::= {pilotAttributeType 47}
-#
-attributetype ( 0.9.2342.19200300.100.1.47
-	NAME 'mailPreferenceOption'
-	DESC 'RFC1274: mail preference option'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
-
-# 9.3.38.  Building Name
-#
-#  The Building Name attribute type specifies the name of the building
-#  where an organisation or organisational unit is based.
-#
-#    buildingName ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#            (SIZE (1 .. ub-building-name))
-#    ::= {pilotAttributeType 48}
-#
-attributetype ( 0.9.2342.19200300.100.1.48 NAME 'buildingName'
-	DESC 'RFC1274: name of building'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
-
-# 9.3.39.  DSA Quality
-#
-#  The DSA Quality attribute type specifies the purported quality of a
-#  DSA.  It allows a DSA manager to indicate the expected level of
-#  availability of the DSA. See [8] for details of the syntax.
-#
-#    dSAQuality ATTRIBUTE
-#            WITH ATTRIBUTE-SYNTAX DSAQualitySyntax
-#            SINGLE VALUE
-#    ::= {pilotAttributeType 49}
-#
-attributetype ( 0.9.2342.19200300.100.1.49 NAME 'dSAQuality'
-	DESC 'RFC1274: DSA Quality'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.19 SINGLE-VALUE )
-
-# 9.3.40.  Single Level Quality
-#
-#  The Single Level Quality attribute type specifies the purported data
-#  quality at the level immediately below in the DIT.  See [8] for
-#  details of the syntax.
-#
-#    singleLevelQuality ATTRIBUTE
-#            WITH ATTRIBUTE-SYNTAX DataQualitySyntax
-#            SINGLE VALUE
-#    ::= {pilotAttributeType 50}
-#
-attributetype ( 0.9.2342.19200300.100.1.50 NAME 'singleLevelQuality'
-	DESC 'RFC1274: Single Level Quality'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE )
-
-# 9.3.41.  Subtree Minimum Quality
-#
-#  The Subtree Minimum Quality attribute type specifies the purported
-#  minimum data quality for a DIT subtree.  See [8] for more discussion
-#  and details of the syntax.
-#
-#    subtreeMinimumQuality ATTRIBUTE
-#            WITH ATTRIBUTE-SYNTAX DataQualitySyntax
-#            SINGLE VALUE
-#               -- Defaults to singleLevelQuality
-#    ::= {pilotAttributeType 51}
-#
-attributetype ( 0.9.2342.19200300.100.1.51 NAME 'subtreeMinimumQuality'
-	DESC 'RFC1274: Subtree Mininum Quality'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE )
-
-# 9.3.42.  Subtree Maximum Quality
-#
-#  The Subtree Maximum Quality attribute type specifies the purported
-#  maximum data quality for a DIT subtree.  See [8] for more discussion
-#  and details of the syntax.
-#
-#    subtreeMaximumQuality ATTRIBUTE
-#            WITH ATTRIBUTE-SYNTAX DataQualitySyntax
-#            SINGLE VALUE
-#               -- Defaults to singleLevelQuality
-#    ::= {pilotAttributeType 52}
-#
-attributetype ( 0.9.2342.19200300.100.1.52 NAME 'subtreeMaximumQuality'
-	DESC 'RFC1274: Subtree Maximun Quality'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE )
-
-# 9.3.43.  Personal Signature
-#
-#  The Personal Signature attribute type allows for a representation of
-#  a person's signature.  This should be encoded in G3 fax as explained
-#  in recommendation T.4, with an ASN.1 wrapper to make it compatible
-#  with an X.400 BodyPart as defined in X.420.
-#
-#    IMPORT  G3FacsimileBodyPart  FROM  {   mhs-motis   ipms   modules
-#    information-objects }
-#
-#    personalSignature ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            CHOICE {
-#                g3-facsimile [3] G3FacsimileBodyPart
-#                }
-#        (SIZE (1 .. ub-personal-signature))
-#    ::= {pilotAttributeType 53}
-#
-attributetype ( 0.9.2342.19200300.100.1.53 NAME 'personalSignature'
-	DESC 'RFC1274: Personal Signature (G3 fax)'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.23 )
-
-# 9.3.44.  DIT Redirect
-#
-#  The DIT Redirect attribute type is used to indicate that the object
-#  described by one entry now has a newer entry in the DIT.  The entry
-#  containing the redirection attribute should be expired after a
-#  suitable grace period.  This attribute may be used when an individual
-#  changes his/her place of work, and thus acquires a new organisational
-#  DN.
-#
-#    dITRedirect ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            distinguishedNameSyntax
-#    ::= {pilotAttributeType 54}
-#
-attributetype ( 0.9.2342.19200300.100.1.54 NAME 'dITRedirect'
-	DESC 'RFC1274: DIT Redirect'
-	EQUALITY distinguishedNameMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
-
-# 9.3.45.  Audio
-#
-#  The Audio attribute type allows the storing of sounds in the
-#  Directory.  The attribute uses a u-law encoded sound file as used by
-#  the "play" utility on a Sun 4.  This is an interim format.
-#
-#    audio ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            Audio
-#        (SIZE (1 .. ub-audio))
-#    ::= {pilotAttributeType 55}
-#
-attributetype ( 0.9.2342.19200300.100.1.55 NAME 'audio'
-	DESC 'RFC1274: audio (u-law)'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.4{25000} )
-
-# 9.3.46.  Publisher of Document
-#
-#
-#  The Publisher of Document attribute is the person and/or organization
-#  that published a document.
-#
-#    documentPublisher ATTRIBUTE
-#            WITH ATTRIBUTE SYNTAX caseIgnoreStringSyntax
-#    ::= {pilotAttributeType 56}
-#
-attributetype ( 0.9.2342.19200300.100.1.56 NAME 'documentPublisher'
-	DESC 'RFC1274: publisher of document'
-	EQUALITY caseIgnoreMatch
-	SUBSTR caseIgnoreSubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
-
-# 9.4.  Generally useful syntaxes
-#
-#    caseIgnoreIA5StringSyntax ATTRIBUTE-SYNTAX
-#            IA5String
-#            MATCHES FOR EQUALITY SUBSTRINGS
-#
-#    iA5StringSyntax ATTRIBUTE-SYNTAX
-#        IA5String
-#        MATCHES FOR EQUALITY SUBSTRINGS
-#
-#
-#    -- Syntaxes to support the DNS attributes
-#
-#    DNSRecordSyntax ATTRIBUTE-SYNTAX
-#            IA5String
-#            MATCHES FOR EQUALITY
-#
-#
-#    NRSInformationSyntax ATTRIBUTE-SYNTAX
-#            NRSInformation
-#            MATCHES FOR EQUALITY
-#
-#
-#    NRSInformation ::=  SET {
-#                    [0] Context,
-#                    [1] Address-space-id,
-#                    routes [2] SEQUENCE OF SEQUENCE {
-#                    Route-cost,
-#                    Addressing-info }
-#            }
-#
-#
-# 9.5.  Upper bounds on length of attribute values
-#
-#
-#    ub-document-identifier INTEGER ::= 256
-#
-#    ub-document-location INTEGER ::= 256
-#
-#    ub-document-title INTEGER ::= 256
-#
-#    ub-document-version INTEGER ::= 256
-#
-#    ub-favourite-drink INTEGER ::= 256
-#
-#    ub-host INTEGER ::= 256
-#
-#    ub-information INTEGER ::= 2048
-#
-#    ub-unique-identifier INTEGER ::= 256
-#
-#    ub-personal-title INTEGER ::= 256
-#
-#    ub-photo INTEGER ::= 250000
-#
-#    ub-rfc822-mailbox INTEGER ::= 256
-#
-#    ub-room-number INTEGER ::= 256
-#
-#    ub-text-or-address INTEGER ::= 256
-#
-#    ub-user-class INTEGER ::= 256
-#
-#    ub-user-identifier INTEGER ::= 256
-#
-#    ub-organizational-status INTEGER ::= 256
-#
-#    ub-janet-mailbox INTEGER ::= 256
-#
-#    ub-building-name INTEGER ::= 256
-#
-#    ub-personal-signature ::= 50000
-#
-#    ub-audio INTEGER ::= 250000
-#
-
-# [back to 8]
-# 8.  Object Classes
-#
-# 8.1.  X.500 standard object classes
-#
-#  A number of generally useful object classes are defined in X.521, and
-#  these are supported.  Refer to that document for descriptions of the
-#  suggested usage of these object classes.  The ASN.1 for these object
-#  classes is reproduced for completeness in Appendix C.
-#
-# 8.2.  X.400 standard object classes
-#
-#  A number of object classes defined in X.400 are supported.  Refer to
-#  X.402 for descriptions of the usage of these object classes.  The
-#  ASN.1 for these object classes is reproduced for completeness in
-#  Appendix C.
-#
-# 8.3.  COSINE/Internet object classes
-#
-#  This section attempts to fuse together the object classes designed
-#  for use in the COSINE and Internet pilot activities.  Descriptions
-#  are given of the suggested usage of these object classes.  The ASN.1
-#  for these object classes is also reproduced in Appendix C.
-#
-# 8.3.1.  Pilot Object
-#
-#  The PilotObject object class is used as a sub-class to allow some
-#  common, useful attributes to be assigned to entries of all other
-#  object classes.
-#
-#    pilotObject OBJECT-CLASS
-#        SUBCLASS OF top
-#        MAY CONTAIN {
-#            info,
-#            photo,
-#            manager,
-#            uniqueIdentifier,
-#            lastModifiedTime,
-#            lastModifiedBy,
-#            dITRedirect,
-#            audio}
-#    ::= {pilotObjectClass 3}
-#
-#objectclass ( 0.9.2342.19200300.100.4.3 NAME 'pilotObject'
-#	DESC 'RFC1274: pilot object'
-#	SUP top AUXILIARY
-#	MAY ( info $ photo $ manager $ uniqueIdentifier $
-#		lastModifiedTime $ lastModifiedBy $ dITRedirect $ audio )
-#	)
-
-# 8.3.2.  Pilot Person
-#
-#  The PilotPerson object class is used as a sub-class of person, to
-#  allow the use of a number of additional attributes to be assigned to
-#  entries of object class person.
-#
-#    pilotPerson OBJECT-CLASS
-#        SUBCLASS OF person
-#        MAY CONTAIN {
-#                    userid,
-#                    textEncodedORAddress,
-#                    rfc822Mailbox,
-#                    favouriteDrink,
-#                    roomNumber,
-#                    userClass,
-#                    homeTelephoneNumber,
-#                    homePostalAddress,
-#                    secretary,
-#                    personalTitle,
-#                    preferredDeliveryMethod,
-#                    businessCategory,
-#                    janetMailbox,
-#                    otherMailbox,
-#                    mobileTelephoneNumber,
-#                    pagerTelephoneNumber,
-#                    organizationalStatus,
-#                    mailPreferenceOption,
-#                    personalSignature}
-#    ::= {pilotObjectClass 4}
-#
-objectclass ( 0.9.2342.19200300.100.4.4
-	NAME ( 'pilotPerson' 'newPilotPerson' )
-	SUP person STRUCTURAL
-	MAY ( userid $ textEncodedORAddress $ rfc822Mailbox $
-		favouriteDrink $ roomNumber $ userClass $
-		homeTelephoneNumber $ homePostalAddress $ secretary $
-		personalTitle $ preferredDeliveryMethod $ businessCategory $
-		janetMailbox $ otherMailbox $ mobileTelephoneNumber $
-		pagerTelephoneNumber $ organizationalStatus $
-		mailPreferenceOption $ personalSignature )
-	)
-
-# 8.3.3.  Account
-#
-#  The Account object class is used to define entries representing
-#  computer accounts.  The userid attribute should be used for naming
-#  entries of this object class.
-#
-#    account OBJECT-CLASS
-#        SUBCLASS OF top
-#        MUST CONTAIN {
-#            userid}
-#        MAY CONTAIN {
-#            description,
-#            seeAlso,
-#            localityName,
-#            organizationName,
-#            organizationalUnitName,
-#            host}
-#    ::= {pilotObjectClass 5}
-#
-objectclass ( 0.9.2342.19200300.100.4.5 NAME 'account'
-	SUP top STRUCTURAL
-	MUST userid
-	MAY ( description $ seeAlso $ localityName $
-		organizationName $ organizationalUnitName $ host )
-	)
-
-# 8.3.4.  Document
-#
-#  The Document object class is used to define entries which represent
-#  documents.
-#
-#    document OBJECT-CLASS
-#        SUBCLASS OF top
-#        MUST CONTAIN {
-#            documentIdentifier}
-#        MAY CONTAIN {
-#            commonName,
-#            description,
-#            seeAlso,
-#            localityName,
-#            organizationName,
-#            organizationalUnitName,
-#            documentTitle,
-#            documentVersion,
-#            documentAuthor,
-#            documentLocation,
-#            documentPublisher}
-#    ::= {pilotObjectClass 6}
-#
-objectclass ( 0.9.2342.19200300.100.4.6 NAME 'document'
-	SUP top STRUCTURAL
-	MUST documentIdentifier
-	MAY ( commonName $ description $ seeAlso $ localityName $
-		organizationName $ organizationalUnitName $
-		documentTitle $ documentVersion $ documentAuthor $
-		documentLocation $ documentPublisher )
-	)
-
-# 8.3.5.  Room
-#
-#  The Room object class is used to define entries representing rooms.
-#  The commonName attribute should be used for naming pentries of this
-#  object class.
-#
-#    room OBJECT-CLASS
-#        SUBCLASS OF top
-#        MUST CONTAIN {
-#            commonName}
-#        MAY CONTAIN {
-#            roomNumber,
-#            description,
-#            seeAlso,
-#            telephoneNumber}
-#    ::= {pilotObjectClass 7}
-#
-objectclass ( 0.9.2342.19200300.100.4.7 NAME 'room'
-	SUP top STRUCTURAL
-	MUST commonName
-	MAY ( roomNumber $ description $ seeAlso $ telephoneNumber )
-	)
-
-# 8.3.6.  Document Series
-#
-#  The Document Series object class is used to define an entry which
-#  represents a series of documents (e.g., The Request For Comments
-#  papers).
-#
-#    documentSeries OBJECT-CLASS
-#        SUBCLASS OF top
-#        MUST CONTAIN {
-#            commonName}
-#        MAY CONTAIN {
-#            description,
-#            seeAlso,
-#            telephoneNumber,
-#            localityName,
-#            organizationName,
-#            organizationalUnitName}
-#    ::= {pilotObjectClass 9}
-#
-objectclass ( 0.9.2342.19200300.100.4.9 NAME 'documentSeries'
-	SUP top STRUCTURAL
-	MUST commonName
-	MAY ( description $ seeAlso $ telephonenumber $
-		localityName $ organizationName $ organizationalUnitName )
-	)
-
-# 8.3.7.  Domain
-#
-#  The Domain object class is used to define entries which represent DNS
-#  or NRS domains.  The domainComponent attribute should be used for
-#  naming entries of this object class.  The usage of this object class
-#  is described in more detail in [3].
-#
-#    domain OBJECT-CLASS
-#        SUBCLASS OF top
-#        MUST CONTAIN {
-#            domainComponent}
-#        MAY CONTAIN {
-#            associatedName,
-#            organizationName,
-#            organizationalAttributeSet}
-#    ::= {pilotObjectClass 13}
-#
-objectclass ( 0.9.2342.19200300.100.4.13 NAME 'domain'
-	SUP top STRUCTURAL
-	MUST domainComponent
-	MAY ( associatedName $ organizationName $ description $
-		businessCategory $ seeAlso $ searchGuide $ userPassword $
-		localityName $ stateOrProvinceName $ streetAddress $
-		physicalDeliveryOfficeName $ postalAddress $ postalCode $
-		postOfficeBox $ streetAddress $
-		facsimileTelephoneNumber $ internationalISDNNumber $
-		telephoneNumber $ teletexTerminalIdentifier $ telexNumber $
-		preferredDeliveryMethod $ destinationIndicator $
-		registeredAddress $ x121Address )
-	)
-
-# 8.3.8.  RFC822 Local Part
-#
-#  The RFC822 Local Part object class is used to define entries which
-#  represent the local part of RFC822 mail addresses.  This treats this
-#  part of an RFC822 address as a domain.  The usage of this object
-#  class is described in more detail in [3].
-#
-#    rFC822localPart OBJECT-CLASS
-#        SUBCLASS OF domain
-#        MAY CONTAIN {
-#            commonName,
-#            surname,
-#            description,
-#            seeAlso,
-#            telephoneNumber,
-#            postalAttributeSet,
-#            telecommunicationAttributeSet}
-#    ::= {pilotObjectClass 14}
-#
-objectclass ( 0.9.2342.19200300.100.4.14 NAME 'RFC822localPart'
-	SUP domain STRUCTURAL
-	MAY ( commonName $ surname $ description $ seeAlso $ telephoneNumber $
-		physicalDeliveryOfficeName $ postalAddress $ postalCode $
-		postOfficeBox $ streetAddress $
-		facsimileTelephoneNumber $ internationalISDNNumber $
-		telephoneNumber $ teletexTerminalIdentifier $
-		telexNumber $ preferredDeliveryMethod $ destinationIndicator $
-		registeredAddress $ x121Address )
-	)
-
-# 8.3.9.  DNS Domain
-#
-#  The DNS Domain (Domain NameServer) object class is used to define
-#  entries for DNS domains.  The usage of this object class is described
-#  in more detail in [3].
-#
-#    dNSDomain OBJECT-CLASS
-#        SUBCLASS OF domain
-#        MAY CONTAIN {
-#            ARecord,
-#            MDRecord,
-#            MXRecord,
-#            NSRecord,
-#            SOARecord,
-#            CNAMERecord}
-#    ::= {pilotObjectClass 15}
-#
-objectclass ( 0.9.2342.19200300.100.4.15 NAME 'dNSDomain'
-	SUP domain STRUCTURAL
-	MAY ( ARecord $ MDRecord $ MXRecord $ NSRecord $
-		SOARecord $ CNAMERecord )
-	)
-
-# 8.3.10.  Domain Related Object
-#
-#  The Domain Related Object object class is used to define entries
-#  which represent DNS/NRS domains which are "equivalent" to an X.500
-#  domain: e.g., an organisation or organisational unit.  The usage of
-#  this object class is described in more detail in [3].
-#
-#    domainRelatedObject OBJECT-CLASS
-#        SUBCLASS OF top
-#        MUST CONTAIN {
-#            associatedDomain}
-#    ::= {pilotObjectClass 17}
-#
-objectclass ( 0.9.2342.19200300.100.4.17 NAME 'domainRelatedObject'
-	DESC 'RFC1274: an object related to an domain'
-	SUP top AUXILIARY
-	MUST associatedDomain )
-
-# 8.3.11.  Friendly Country
-#
-#  The Friendly Country object class is used to define country entries
-#  in the DIT.  The object class is used to allow friendlier naming of
-#  countries than that allowed by the object class country.  The naming
-#  attribute of object class country, countryName, has to be a 2 letter
-#  string defined in ISO 3166.
-#
-#    friendlyCountry OBJECT-CLASS
-#        SUBCLASS OF country
-#        MUST CONTAIN {
-#            friendlyCountryName}
-#    ::= {pilotObjectClass 18}
-#
-objectclass ( 0.9.2342.19200300.100.4.18 NAME 'friendlyCountry'
-	SUP country STRUCTURAL
-	MUST friendlyCountryName )
-
-# 8.3.12.  Simple Security Object
-#
-#  The Simple Security Object object class is used to allow an entry to
-#  have a userPassword attribute when an entry's principal object
-#  classes do not allow userPassword as an attribute type.
-#
-#    simpleSecurityObject OBJECT-CLASS
-#        SUBCLASS OF top
-#        MUST CONTAIN {
-#            userPassword }
-#    ::= {pilotObjectClass 19}
-#
-## (in core.schema)
-## objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject'
-##	SUP top AUXILIARY
-##	MUST userPassword )
-
-# 8.3.13.  Pilot Organization
-#
-#  The PilotOrganization object class is used as a sub-class of
-#  organization and organizationalUnit to allow a number of additional
-#  attributes to be assigned to entries of object classes organization
-#  and organizationalUnit.
-#
-#    pilotOrganization OBJECT-CLASS
-#        SUBCLASS OF organization, organizationalUnit
-#        MAY CONTAIN {
-#                    buildingName}
-#    ::= {pilotObjectClass 20}
-#
-objectclass ( 0.9.2342.19200300.100.4.20 NAME 'pilotOrganization'
-	SUP ( organization $ organizationalUnit ) STRUCTURAL
-	MAY buildingName )
-
-# 8.3.14.  Pilot DSA
-#
-#  The PilotDSA object class is used as a sub-class of the dsa object
-#  class to allow additional attributes to be assigned to entries for
-#  DSAs.
-#
-#    pilotDSA OBJECT-CLASS
-#        SUBCLASS OF dsa
-#        MUST CONTAIN {
-#            dSAQuality}
-#    ::= {pilotObjectClass 21}
-#
-objectclass ( 0.9.2342.19200300.100.4.21 NAME 'pilotDSA'
-	SUP dsa STRUCTURAL
-	MAY dSAQuality )
-
-# 8.3.15.  Quality Labelled Data
-#
-#  The Quality Labelled Data object class is used to allow the
-#  assignment of the data quality attributes to subtrees in the DIT.
-#
-#  See [8] for more details.
-#
-#    qualityLabelledData OBJECT-CLASS
-#        SUBCLASS OF top
-#        MUST CONTAIN {
-#            dSAQuality}
-#        MAY CONTAIN {
-#            subtreeMinimumQuality,
-#            subtreeMaximumQuality}
-#    ::= {pilotObjectClass 22}
-objectclass ( 0.9.2342.19200300.100.4.22 NAME 'qualityLabelledData'
-	SUP top AUXILIARY
-	MUST dsaQuality
-	MAY ( subtreeMinimumQuality $ subtreeMaximumQuality )
-	)
-
-
-# References
-#
-#    [1]  CCITT/ISO, "X.500, The Directory - overview of concepts,
-#         models and services, CCITT /ISO IS 9594.
-#
-#    [2]  Kille, S., "The THORN and RARE X.500 Naming Architecture, in
-#         University College London, Department of Computer Science
-#         Research Note 89/48, May 1989.
-#
-#    [3]  Kille, S., "X.500 and Domains", RFC 1279, University College
-#         London, November 1991.
-#
-#    [4]  Rose, M., "PSI/NYSERNet White Pages Pilot Project: Status
-#         Report", Technical Report 90-09-10-1, published by NYSERNet
-#         Inc, 1990.
-#
-#    [5]  Craigie, J., "UK Academic Community Directory Service Pilot
-#         Project, pp. 305-310 in Computer Networks and ISDN Systems
-#         17 (1989), published by North Holland.
-#
-#    [6]  Mockapetris, P., "Domain Names - Concepts and Facilities",
-#         RFC 1034, USC/Information Sciences Institute, November 1987.
-#
-#    [7]  Mockapetris, P., "Domain Names - Implementation and
-#         Specification, RFC 1035, USC/Information Sciences Institute,
-#         November 1987.
-#
-#    [8]  Kille, S., "Handling QOS (Quality of service) in the
-#         Directory," publication in process, March 1991.
-#
-#
-# APPENDIX C - Summary of all Object Classes and Attribute Types
-#
-#    -- Some Important Object Identifiers
-#
-#    data OBJECT IDENTIFIER ::= {ccitt 9}
-#    pss OBJECT IDENTIFIER ::= {data 2342}
-#    ucl OBJECT IDENTIFIER ::= {pss 19200300}
-#    pilot OBJECT IDENTIFIER ::= {ucl 100}
-#
-#    pilotAttributeType OBJECT IDENTIFIER ::= {pilot 1}
-#    pilotAttributeSyntax OBJECT IDENTIFIER ::= {pilot 3}
-#    pilotObjectClass OBJECT IDENTIFIER ::= {pilot 4}
-#    pilotGroups OBJECT IDENTIFIER ::= {pilot 10}
-#
-#    iA5StringSyntax OBJECT IDENTIFIER ::= {pilotAttributeSyntax 4}
-#    caseIgnoreIA5StringSyntax OBJECT IDENTIFIER ::=
-#                                          {pilotAttributeSyntax 5}
-#
-#    -- Standard Object Classes
-#
-#    top OBJECT-CLASS
-#        MUST CONTAIN {
-#            objectClass}
-#    ::= {objectClass 0}
-#
-#
-#    alias OBJECT-CLASS
-#        SUBCLASS OF top
-#        MUST CONTAIN {
-#            aliasedObjectName}
-#    ::= {objectClass 1}
-#
-#
-#    country OBJECT-CLASS
-#        SUBCLASS OF top
-#        MUST CONTAIN {
-#            countryName}
-#        MAY CONTAIN {
-#            description,
-#            searchGuide}
-#    ::= {objectClass 2}
-#
-#
-#    locality OBJECT-CLASS
-#        SUBCLASS OF top
-#        MAY CONTAIN {
-#            description,
-#            localityName,
-#            stateOrProvinceName,
-#            searchGuide,
-#            seeAlso,
-#            streetAddress}
-#    ::= {objectClass 3}
-#
-#
-#    organization OBJECT-CLASS
-#        SUBCLASS OF top
-#        MUST CONTAIN {
-#            organizationName}
-#        MAY CONTAIN {
-#            organizationalAttributeSet}
-#    ::= {objectClass 4}
-#
-#
-#    organizationalUnit OBJECT-CLASS
-#        SUBCLASS OF top
-#        MUST CONTAIN {
-#            organizationalUnitName}
-#        MAY CONTAIN {
-#            organizationalAttributeSet}
-#    ::= {objectClass 5}
-#
-#
-#    person OBJECT-CLASS
-#        SUBCLASS OF top
-#        MUST CONTAIN {
-#            commonName,
-#            surname}
-#        MAY CONTAIN {
-#            description,
-#            seeAlso,
-#            telephoneNumber,
-#            userPassword}
-#    ::= {objectClass 6}
-#
-#
-#    organizationalPerson OBJECT-CLASS
-#        SUBCLASS OF person
-#        MAY CONTAIN {
-#            localeAttributeSet,
-#            organizationalUnitName,
-#            postalAttributeSet,
-#            telecommunicationAttributeSet,
-#            title}
-#    ::= {objectClass 7}
-#
-#
-#    organizationalRole OBJECT-CLASS
-#        SUBCLASS OF top
-#        MUST CONTAIN {
-#            commonName}
-#        MAY CONTAIN {
-#            description,
-#            localeAttributeSet,
-#            organizationalUnitName,
-#            postalAttributeSet,
-#            preferredDeliveryMethod,
-#            roleOccupant,
-#            seeAlso,
-#            telecommunicationAttributeSet}
-#    ::= {objectClass 8}
-#
-#
-#    groupOfNames OBJECT-CLASS
-#        SUBCLASS OF top
-#        MUST CONTAIN {
-#            commonName,
-#            member}
-#        MAY CONTAIN {
-#            description,
-#            organizationName,
-#            organizationalUnitName,
-#            owner,
-#            seeAlso,
-#            businessCategory}
-#    ::= {objectClass 9}
-#
-#
-#    residentialPerson OBJECT-CLASS
-#        SUBCLASS OF person
-#        MUST CONTAIN {
-#            localityName}
-#        MAY CONTAIN {
-#            localeAttributeSet,
-#            postalAttributeSet,
-#            preferredDeliveryMethod,
-#            telecommunicationAttributeSet,
-#            businessCategory}
-#    ::= {objectClass 10}
-#
-#
-#    applicationProcess OBJECT-CLASS
-#        SUBCLASS OF top
-#        MUST CONTAIN {
-#            commonName}
-#        MAY CONTAIN {
-#            description,
-#            localityName,
-#            organizationalUnitName,
-#            seeAlso}
-#    ::= {objectClass 11}
-#
-#
-#    applicationEntity OBJECT-CLASS
-#        SUBCLASS OF top
-#        MUST CONTAIN {
-#            commonName,
-#            presentationAddress}
-#        MAY CONTAIN {
-#            description,
-#            localityName,
-#            organizationName,
-#            organizationalUnitName,
-#            seeAlso,
-#            supportedApplicationContext}
-#    ::= {objectClass 12}
-#
-#
-#    dSA OBJECT-CLASS
-#        SUBCLASS OF applicationEntity
-#        MAY CONTAIN {
-#            knowledgeInformation}
-#    ::= {objectClass 13}
-#
-#
-#    device OBJECT-CLASS
-#        SUBCLASS OF top
-#        MUST CONTAIN {
-#            commonName}
-#        MAY CONTAIN {
-#            description,
-#            localityName,
-#            organizationName,
-#            organizationalUnitName,
-#            owner,
-#            seeAlso,
-#            serialNumber}
-#    ::= {objectClass 14}
-#
-#
-#    strongAuthenticationUser OBJECT-CLASS
-#        SUBCLASS OF top
-#        MUST CONTAIN {
-#            userCertificate}
-#    ::= {objectClass 15}
-#
-#
-#    certificationAuthority OBJECT-CLASS
-#        SUBCLASS OF top
-#        MUST CONTAIN {
-#            cACertificate,
-#            certificateRevocationList,
-#            authorityRevocationList}
-#        MAY CONTAIN {
-#            crossCertificatePair}
-#    ::= {objectClass 16}
-#
-#    -- Standard MHS Object Classes
-#
-#    mhsDistributionList OBJECT-CLASS
-#        SUBCLASS OF top
-#        MUST CONTAIN {
-#            commonName,
-#            mhsDLSubmitPermissions,
-#            mhsORAddresses}
-#        MAY CONTAIN {
-#            description,
-#            organizationName,
-#            organizationalUnitName,
-#            owner,
-#            seeAlso,
-#            mhsDeliverableContentTypes,
-#            mhsdeliverableEits,
-#            mhsDLMembers,
-#            mhsPreferredDeliveryMethods}
-#    ::= {mhsObjectClass 0}
-#
-#
-#    mhsMessageStore OBJECT-CLASS
-#        SUBCLASS OF applicationEntity
-#        MAY CONTAIN {
-#            description,
-#            owner,
-#            mhsSupportedOptionalAttributes,
-#            mhsSupportedAutomaticActions,
-#            mhsSupportedContentTypes}
-#    ::= {mhsObjectClass 1}
-#
-#
-#    mhsMessageTransferAgent OBJECT-CLASS
-#        SUBCLASS OF applicationEntity
-#        MAY CONTAIN {
-#            description,
-#            owner,
-#            mhsDeliverableContentLength}
-#    ::= {mhsObjectClass 2}
-#
-#
-#    mhsOrganizationalUser OBJECT-CLASS
-#        SUBCLASS OF organizationalPerson
-#        MUST CONTAIN {
-#            mhsORAddresses}
-#        MAY CONTAIN {
-#            mhsDeliverableContentLength,
-#            mhsDeliverableContentTypes,
-#            mhsDeliverableEits,
-#            mhsMessageStoreName,
-#            mhsPreferredDeliveryMethods }
-#    ::= {mhsObjectClass 3}
-#
-#
-#    mhsResidentialUser OBJECT-CLASS
-#        SUBCLASS OF residentialPerson
-#        MUST CONTAIN {
-#            mhsORAddresses}
-#        MAY CONTAIN {
-#            mhsDeliverableContentLength,
-#            mhsDeliverableContentTypes,
-#            mhsDeliverableEits,
-#            mhsMessageStoreName,
-#            mhsPreferredDeliveryMethods }
-#    ::= {mhsObjectClass 4}
-#
-#
-#    mhsUserAgent OBJECT-CLASS
-#        SUBCLASS OF applicationEntity
-#        MAY CONTAIN {
-#            mhsDeliverableContentLength,
-#            mhsDeliverableContentTypes,
-#            mhsDeliverableEits,
-#            mhsORAddresses,
-#            owner}
-#    ::= {mhsObjectClass 5}
-#
-#
-#
-#
-#    -- Pilot Object Classes
-#
-#    pilotObject OBJECT-CLASS
-#        SUBCLASS OF top
-#        MAY CONTAIN {
-#            info,
-#            photo,
-#            manager,
-#            uniqueIdentifier,
-#            lastModifiedTime,
-#            lastModifiedBy,
-#            dITRedirect,
-#            audio}
-#    ::= {pilotObjectClass 3}
-#    pilotPerson OBJECT-CLASS
-#        SUBCLASS OF person
-#        MAY CONTAIN {
-#                    userid,
-#                    textEncodedORAddress,
-#                    rfc822Mailbox,
-#                    favouriteDrink,
-#                    roomNumber,
-#                    userClass,
-#                    homeTelephoneNumber,
-#                    homePostalAddress,
-#                    secretary,
-#                    personalTitle,
-#                    preferredDeliveryMethod,
-#                    businessCategory,
-#                    janetMailbox,
-#                    otherMailbox,
-#                    mobileTelephoneNumber,
-#                    pagerTelephoneNumber,
-#                    organizationalStatus,
-#                    mailPreferenceOption,
-#                    personalSignature}
-#    ::= {pilotObjectClass 4}
-#
-#
-#    account OBJECT-CLASS
-#        SUBCLASS OF top
-#        MUST CONTAIN {
-#            userid}
-#        MAY CONTAIN {
-#            description,
-#            seeAlso,
-#            localityName,
-#            organizationName,
-#            organizationalUnitName,
-#            host}
-#    ::= {pilotObjectClass 5}
-#
-#
-#    document OBJECT-CLASS
-#        SUBCLASS OF top
-#        MUST CONTAIN {
-#            documentIdentifier}
-#        MAY CONTAIN {
-#            commonName,
-#            description,
-#            seeAlso,
-#            localityName,
-#            organizationName,
-#            organizationalUnitName,
-#            documentTitle,
-#            documentVersion,
-#            documentAuthor,
-#            documentLocation,
-#            documentPublisher}
-#    ::= {pilotObjectClass 6}
-#
-#
-#    room OBJECT-CLASS
-#        SUBCLASS OF top
-#        MUST CONTAIN {
-#            commonName}
-#        MAY CONTAIN {
-#            roomNumber,
-#            description,
-#            seeAlso,
-#            telephoneNumber}
-#    ::= {pilotObjectClass 7}
-#
-#
-#    documentSeries OBJECT-CLASS
-#        SUBCLASS OF top
-#        MUST CONTAIN {
-#            commonName}
-#        MAY CONTAIN {
-#            description,
-#            seeAlso,
-#            telephoneNumber,
-#            localityName,
-#            organizationName,
-#            organizationalUnitName}
-#    ::= {pilotObjectClass 9}
-#
-#
-#    domain OBJECT-CLASS
-#        SUBCLASS OF top
-#        MUST CONTAIN {
-#            domainComponent}
-#        MAY CONTAIN {
-#            associatedName,
-#            organizationName,
-#            organizationalAttributeSet}
-#    ::= {pilotObjectClass 13}
-#
-#
-#    rFC822localPart OBJECT-CLASS
-#        SUBCLASS OF domain
-#        MAY CONTAIN {
-#            commonName,
-#            surname,
-#            description,
-#            seeAlso,
-#            telephoneNumber,
-#            postalAttributeSet,
-#            telecommunicationAttributeSet}
-#    ::= {pilotObjectClass 14}
-#
-#
-#    dNSDomain OBJECT-CLASS
-#        SUBCLASS OF domain
-#        MAY CONTAIN {
-#            ARecord,
-#            MDRecord,
-#            MXRecord,
-#            NSRecord,
-#            SOARecord,
-#            CNAMERecord}
-#    ::= {pilotObjectClass 15}
-#
-#
-#    domainRelatedObject OBJECT-CLASS
-#        SUBCLASS OF top
-#        MUST CONTAIN {
-#            associatedDomain}
-#    ::= {pilotObjectClass 17}
-#
-#
-#    friendlyCountry OBJECT-CLASS
-#        SUBCLASS OF country
-#        MUST CONTAIN {
-#            friendlyCountryName}
-#    ::= {pilotObjectClass 18}
-#
-#
-#    simpleSecurityObject OBJECT-CLASS
-#        SUBCLASS OF top
-#        MUST CONTAIN {
-#            userPassword }
-#    ::= {pilotObjectClass 19}
-#
-#
-#    pilotOrganization OBJECT-CLASS
-#        SUBCLASS OF organization, organizationalUnit
-#        MAY CONTAIN {
-#                    buildingName}
-#    ::= {pilotObjectClass 20}
-#
-#
-#    pilotDSA OBJECT-CLASS
-#        SUBCLASS OF dsa
-#        MUST CONTAIN {
-#            dSAQuality}
-#    ::= {pilotObjectClass 21}
-#
-#
-#    qualityLabelledData OBJECT-CLASS
-#        SUBCLASS OF top
-#        MUST CONTAIN {
-#            dSAQuality}
-#        MAY CONTAIN {
-#            subtreeMinimumQuality,
-#            subtreeMaximumQuality}
-#    ::= {pilotObjectClass 22}
-#
-#
-#
-#
-#    -- Standard Attribute Types
-#
-#    objectClass ObjectClass
-#        ::= {attributeType 0}
-#
-#
-#    aliasedObjectName AliasedObjectName
-#        ::= {attributeType 1}
-#
-#
-#    knowledgeInformation ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX caseIgnoreString
-#        ::= {attributeType 2}
-#
-#
-#    commonName ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax
-#        (SIZE (1..ub-common-name))
-#        ::= {attributeType 3}
-#
-#
-#    surname ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax
-#        (SIZE (1..ub-surname))
-#        ::= {attributeType 4}
-#
-#
-#    serialNumber ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX printableStringSyntax
-#        (SIZE (1..ub-serial-number))
-#        ::= {attributeType 5}
-#
-#
-#    countryName ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX PrintableString
-#        (SIZE (1..ub-country-code))
-#        SINGLE VALUE
-#        ::= {attributeType 6}
-#
-#
-#    localityName ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax
-#        (SIZE (1..ub-locality-name))
-#        ::= {attributeType 7}
-#
-#
-#    stateOrProvinceName ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax
-#        (SIZE (1..ub-state-name))
-#        ::= {attributeType 8}
-#
-#
-#    streetAddress ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax
-#        (SIZE (1..ub-street-address))
-#        ::= {attributeType 9}
-#
-#
-#    organizationName ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax
-#        (SIZE (1..ub-organization-name))
-#        ::= {attributeType 10}
-#
-#
-#    organizationalUnitName ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax
-#        (SIZE (1..ub-organizational-unit-name))
-#        ::= {attributeType 11}
-#
-#
-#    title ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax
-#        (SIZE (1..ub-title))
-#        ::= {attributeType 12}
-#
-#
-#    description ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax
-#        (SIZE (1..ub-description))
-#        ::= {attributeType 13}
-#
-#
-#    searchGuide ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX Guide
-#        ::= {attributeType 14}
-#
-#
-#    businessCategory ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax
-#        (SIZE (1..ub-business-category))
-#        ::= {attributeType 15}
-#
-#
-#    postalAddress ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX PostalAddress
-#        MATCHES FOR EQUALITY
-#        ::= {attributeType 16}
-#
-#
-#    postalCode ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax
-#        (SIZE (1..ub-postal-code))
-#        ::= {attributeType 17}
-#
-#
-#    postOfficeBox ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax
-#        (SIZE (1..ub-post-office-box))
-#        ::= {attributeType 18}
-#
-#
-#    physicalDeliveryOfficeName ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX caseIgnoreStringSyntax
-#        (SIZE (1..ub-physical-office-name))
-#        ::= {attributeType 19}
-#
-#
-#    telephoneNumber ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX telephoneNumberSyntax
-#        (SIZE (1..ub-telephone-number))
-#        ::= {attributeType 20}
-#
-#
-#    telexNumber ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX TelexNumber
-#        (SIZE (1..ub-telex))
-#        ::= {attributeType 21}
-#
-#
-#    teletexTerminalIdentifier ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX TeletexTerminalIdentifier
-#        (SIZE (1..ub-teletex-terminal-id))
-#        ::= {attributeType 22}
-#
-#
-#    facsimileTelephoneNumber ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX FacsimileTelephoneNumber
-#        ::= {attributeType 23}
-#
-#
-#    x121Address ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX NumericString
-#        (SIZE (1..ub-x121-address))
-#        ::= {attributeType 24}
-#
-#
-#    internationaliSDNNumber ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX NumericString
-#        (SIZE (1..ub-isdn-address))
-#        ::= {attributeType 25}
-#
-#
-#    registeredAddress ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX PostalAddress
-#        ::= {attributeType 26}
-#
-#
-#    destinationIndicator ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX PrintableString
-#        (SIZE (1..ub-destination-indicator))
-#        MATCHES FOR EQUALITY SUBSTRINGS
-#        ::= {attributeType 27}
-#
-#
-#    preferredDeliveryMethod ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX deliveryMethod
-#        ::= {attributeType 28}
-#
-#
-#    presentationAddress ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX PresentationAddress
-#        MATCHES FOR EQUALITY
-#        ::= {attributeType 29}
-#
-#
-#    supportedApplicationContext ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX objectIdentifierSyntax
-#        ::= {attributeType 30}
-#
-#
-#    member ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX distinguishedNameSyntax
-#        ::= {attributeType 31}
-#
-#
-#    owner ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX distinguishedNameSyntax
-#        ::= {attributeType 32}
-#
-#
-#    roleOccupant ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX distinguishedNameSyntax
-#        ::= {attributeType 33}
-#
-#
-#    seeAlso ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX distinguishedNameSyntax
-#        ::= {attributeType 34}
-#
-#
-#    userPassword ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX Userpassword
-#        ::= {attributeType 35}
-#
-#
-#    userCertificate ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX UserCertificate
-#        ::= {attributeType 36}
-#
-#
-#    cACertificate ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX cACertificate
-#        ::= {attributeType 37}
-#
-#
-#    authorityRevocationList ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX AuthorityRevocationList
-#        ::= {attributeType 38}
-#
-#
-#    certificateRevocationList ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX CertificateRevocationList
-#        ::= {attributeType 39}
-#
-#
-#    crossCertificatePair ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX CrossCertificatePair
-#        ::= {attributeType 40}
-#
-#
-#
-#
-#    -- Standard MHS Attribute Types
-#
-#    mhsDeliverableContentLength ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX integer
-#        ::= {mhsAttributeType 0}
-#
-#
-#    mhsDeliverableContentTypes ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX oID
-#        ::= {mhsAttributeType 1}
-#
-#
-#    mhsDeliverableEits ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX oID
-#        ::= {mhsAttributeType 2}
-#
-#
-#    mhsDLMembers ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX oRName
-#        ::= {mhsAttributeType 3}
-#
-#
-#    mhsDLSubmitPermissions ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX dLSubmitPermission
-#        ::= {mhsAttributeType 4}
-#
-#
-#    mhsMessageStoreName ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX dN
-#        ::= {mhsAttributeType 5}
-#
-#
-#    mhsORAddresses ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX oRAddress
-#        ::= {mhsAttributeType 6}
-#
-#
-#    mhsPreferredDeliveryMethods ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX deliveryMethod
-#        ::= {mhsAttributeType 7}
-#
-#
-#    mhsSupportedAutomaticActions ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX oID
-#        ::= {mhsAttributeType 8}
-#
-#
-#    mhsSupportedContentTypes ATTRIBUTE
-#
-#        WITH ATTRIBUTE-SYNTAX oID
-#        ::= {mhsAttributeType 9}
-#
-#
-#    mhsSupportedOptionalAttributes ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX oID
-#        ::= {mhsAttributeType 10}
-#
-#
-#
-#
-#    -- Pilot Attribute Types
-#
-#    userid ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#            (SIZE (1 .. ub-user-identifier))
-#    ::= {pilotAttributeType 1}
-#
-#
-#    textEncodedORAddress ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#        (SIZE (1 .. ub-text-encoded-or-address))
-#    ::= {pilotAttributeType 2}
-#
-#
-#    rfc822Mailbox ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreIA5StringSyntax
-#            (SIZE (1 .. ub-rfc822-mailbox))
-#    ::= {pilotAttributeType 3}
-#
-#
-#    info ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#            (SIZE (1 .. ub-information))
-#    ::= {pilotAttributeType 4}
-#
-#
-#    favouriteDrink ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#            (SIZE (1 .. ub-favourite-drink))
-#    ::= {pilotAttributeType 5}
-#
-#
-#    roomNumber ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#            (SIZE (1 .. ub-room-number))
-#    ::= {pilotAttributeType 6}
-#
-#
-#    photo ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            CHOICE {
-#                g3-facsimile [3] G3FacsimileBodyPart
-#                }
-#        (SIZE (1 .. ub-photo))
-#    ::= {pilotAttributeType 7}
-#
-#
-#    userClass ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#            (SIZE (1 .. ub-user-class))
-#    ::= {pilotAttributeType 8}
-#
-#
-#    host ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#            (SIZE (1 .. ub-host))
-#    ::= {pilotAttributeType 9}
-#
-#
-#    manager ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            distinguishedNameSyntax
-#    ::= {pilotAttributeType 10}
-#
-#
-#    documentIdentifier ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#            (SIZE (1 .. ub-document-identifier))
-#    ::= {pilotAttributeType 11}
-#
-#
-#    documentTitle ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#        (SIZE (1 .. ub-document-title))
-#    ::= {pilotAttributeType 12}
-#
-#
-#    documentVersion ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#            (SIZE (1 .. ub-document-version))
-#    ::= {pilotAttributeType 13}
-#
-#
-#    documentAuthor ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            distinguishedNameSyntax
-#    ::= {pilotAttributeType 14}
-#
-#
-#    documentLocation ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#            (SIZE (1 .. ub-document-location))
-#    ::= {pilotAttributeType 15}
-#
-#
-#    homeTelephoneNumber ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            telephoneNumberSyntax
-#    ::= {pilotAttributeType 20}
-#
-#
-#    secretary ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            distinguishedNameSyntax
-#    ::= {pilotAttributeType 21}
-#
-#
-#    otherMailbox ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            SEQUENCE {
-#                    mailboxType PrintableString, -- e.g. Telemail
-#                    mailbox IA5String  -- e.g. X378:Joe
-#            }
-#    ::= {pilotAttributeType 22}
-#
-#
-#    lastModifiedTime ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            uTCTimeSyntax
-#    ::= {pilotAttributeType 23}
-#
-#
-#    lastModifiedBy ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            distinguishedNameSyntax
-#    ::= {pilotAttributeType 24}
-#
-#
-#    domainComponent ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreIA5StringSyntax
-#            SINGLE VALUE
-#    ::= {pilotAttributeType 25}
-#
-#
-#    aRecord ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            DNSRecordSyntax
-#    ::= {pilotAttributeType 26}
-#
-#
-#    mXRecord ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            DNSRecordSyntax
-#    ::= {pilotAttributeType 28}
-#
-#
-#    nSRecord ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            DNSRecordSyntax
-#    ::= {pilotAttributeType 29}
-#
-#    sOARecord ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            DNSRecordSyntax
-#    ::= {pilotAttributeType 30}
-#
-#
-#    cNAMERecord ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            iA5StringSyntax
-#    ::= {pilotAttributeType 31}
-#
-#
-#    associatedDomain ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreIA5StringSyntax
-#    ::= {pilotAttributeType 37}
-#
-#
-#    associatedName ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            distinguishedNameSyntax
-#    ::= {pilotAttributeType 38}
-#
-#
-#    homePostalAddress ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            postalAddress
-#            MATCHES FOR EQUALITY
-#    ::= {pilotAttributeType 39}
-#
-#
-#    personalTitle ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#            (SIZE (1 .. ub-personal-title))
-#    ::= {pilotAttributeType 40}
-#
-#
-#    mobileTelephoneNumber ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            telephoneNumberSyntax
-#    ::= {pilotAttributeType 41}
-#
-#
-#    pagerTelephoneNumber ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            telephoneNumberSyntax
-#    ::= {pilotAttributeType 42}
-#
-#
-#    friendlyCountryName ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#    ::= {pilotAttributeType 43}
-#
-#
-#    uniqueIdentifier ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#            (SIZE (1 .. ub-unique-identifier))
-#    ::= {pilotAttributeType 44}
-#
-#
-#    organizationalStatus ATTRIBUTE
-#            WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#            (SIZE (1 .. ub-organizational-status))
-#    ::= {pilotAttributeType 45}
-#
-#
-#    janetMailbox ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreIA5StringSyntax
-#            (SIZE (1 .. ub-janet-mailbox))
-#    ::= {pilotAttributeType 46}
-#
-#
-#    mailPreferenceOption ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX ENUMERATED {
-#                no-list-inclusion(0),
-#                any-list-inclusion(1),  -- may be added to any lists
-#                professional-list-inclusion(2)
-#                                        -- may be added to lists
-#                                        -- which the list provider
-#                                        -- views as related to the
-#                                        -- users professional inter-
-#                                        -- ests, perhaps evaluated
-#                                        -- from the business of the
-#                                        -- organisation or keywords
-#                                        -- in the entry.
-#                }
-#    ::= {pilotAttributeType 47}
-#
-#
-#    buildingName ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            caseIgnoreStringSyntax
-#            (SIZE (1 .. ub-building-name))
-#    ::= {pilotAttributeType 48}
-#
-#
-#    dSAQuality ATTRIBUTE
-#            WITH ATTRIBUTE-SYNTAX DSAQualitySyntax
-#            SINGLE VALUE
-#    ::= {pilotAttributeType 49}
-#
-#
-#    singleLevelQuality ATTRIBUTE
-#            WITH ATTRIBUTE-SYNTAX DataQualitySyntax
-#            SINGLE VALUE
-#
-#
-#    subtreeMinimumQuality ATTRIBUTE
-#            WITH ATTRIBUTE-SYNTAX DataQualitySyntax
-#            SINGLE VALUE
-#               -- Defaults to singleLevelQuality
-#    ::= {pilotAttributeType 51}
-#
-#
-#    subtreeMaximumQuality ATTRIBUTE
-#            WITH ATTRIBUTE-SYNTAX DataQualitySyntax
-#            SINGLE VALUE
-#               -- Defaults to singleLevelQuality
-#    ::= {pilotAttributeType 52}
-#
-#
-#    personalSignature ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            CHOICE {
-#                g3-facsimile [3] G3FacsimileBodyPart
-#                }
-#        (SIZE (1 .. ub-personal-signature))
-#    ::= {pilotAttributeType 53}
-#
-#
-#    dITRedirect ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            distinguishedNameSyntax
-#    ::= {pilotAttributeType 54}
-#
-#
-#    audio ATTRIBUTE
-#        WITH ATTRIBUTE-SYNTAX
-#            Audio
-#        (SIZE (1 .. ub-audio))
-#    ::= {pilotAttributeType 55}
-#
-#    documentPublisher ATTRIBUTE
-#            WITH ATTRIBUTE SYNTAX caseIgnoreStringSyntax
-#    ::= {pilotAttributeType 56}
-#
-#
-#
-#    -- Generally useful syntaxes
-#
-#
-#    caseIgnoreIA5StringSyntax ATTRIBUTE-SYNTAX
-#            IA5String
-#            MATCHES FOR EQUALITY SUBSTRINGS
-#
-#
-#    iA5StringSyntax ATTRIBUTE-SYNTAX
-#        IA5String
-#        MATCHES FOR EQUALITY SUBSTRINGS
-#
-#
-#    -- Syntaxes to support the DNS attributes
-#
-#    DNSRecordSyntax ATTRIBUTE-SYNTAX
-#            IA5String
-#            MATCHES FOR EQUALITY
-#
-#
-#    NRSInformationSyntax ATTRIBUTE-SYNTAX
-#            NRSInformation
-#            MATCHES FOR EQUALITY
-#
-#
-#    NRSInformation ::=  SET {
-#                    [0] Context,
-#                    [1] Address-space-id,
-#                    routes [2] SEQUENCE OF SEQUENCE {
-#                    Route-cost,
-#                    Addressing-info }
-#            }
-#
-#
-#    -- Upper bounds on length of attribute values
-#
-#
-#    ub-document-identifier INTEGER ::= 256
-#
-#    ub-document-location INTEGER ::= 256
-#
-#    ub-document-title INTEGER ::= 256
-#
-#    ub-document-version INTEGER ::= 256
-#
-#    ub-favourite-drink INTEGER ::= 256
-#
-#    ub-host INTEGER ::= 256
-#
-#    ub-information INTEGER ::= 2048
-#
-#    ub-unique-identifier INTEGER ::= 256
-#
-#    ub-personal-title INTEGER ::= 256
-#
-#    ub-photo INTEGER ::= 250000
-#
-#    ub-rfc822-mailbox INTEGER ::= 256
-#
-#    ub-room-number INTEGER ::= 256
-#
-#    ub-text-or-address INTEGER ::= 256
-#
-#    ub-user-class INTEGER ::= 256
-#
-#    ub-user-identifier INTEGER ::= 256
-#
-#    ub-organizational-status INTEGER ::= 256
-#
-#    ub-janet-mailbox INTEGER ::= 256
-#
-#    ub-building-name INTEGER ::= 256
-#
-#    ub-personal-signature ::= 50000
-#
-#    ub-audio INTEGER ::= 250000
-#
-# [remainder of memo trimmed]
-

Deleted: openldap/vendor/openldap-release/servers/slapd/schema/java.schema
===================================================================
--- openldap/vendor/openldap-release/servers/slapd/schema/java.schema	2008-07-07 00:16:51 UTC (rev 1164)
+++ openldap/vendor/openldap-release/servers/slapd/schema/java.schema	2008-07-07 01:03:22 UTC (rev 1165)
@@ -1,403 +0,0 @@
-# java.schema -- Java Object Schema
-# $OpenLDAP: pkg/ldap/servers/slapd/schema/java.schema,v 1.7.2.3 2008/02/11 23:26:49 kurt Exp $
-## This work is part of OpenLDAP Software <http://www.openldap.org/>.
-##
-## Copyright 1998-2008 The OpenLDAP Foundation.
-## All rights reserved.
-##
-## Redistribution and use in source and binary forms, with or without
-## modification, are permitted only as authorized by the OpenLDAP
-## Public License.
-##
-## A copy of this license is available in the file LICENSE in the
-## top-level directory of the distribution or, alternatively, at
-## <http://www.OpenLDAP.org/license.html>.
-#
-# Java Object Schema (defined in RFC 2713)
-#	depends upon core.schema
-#
-
-# Network Working Group                                            V. Ryan
-# Request for Comments: 2713                                   S. Seligman
-# Category: Informational                                           R. Lee
-#                                                   Sun Microsystems, Inc.
-#                                                             October 1999
-# 
-# 
-#      Schema for Representing Java(tm) Objects in an LDAP Directory
-# 
-# Status of this Memo
-# 
-#    This memo provides information for the Internet community.  It does
-#    not specify an Internet standard of any kind.  Distribution of this
-#    memo is unlimited.
-# 
-# Copyright Notice
-# 
-#    Copyright (C) The Internet Society (1999).  All Rights Reserved.
-# 
-# Abstract
-# 
-#    This document defines the schema for representing Java(tm) objects in
-#    an LDAP directory [LDAPv3].  It defines schema elements to represent
-#    a Java serialized object [Serial], a Java marshalled object [RMI], a
-#    Java remote object [RMI], and a JNDI reference [JNDI].
-# 
-
-# [trimmed]
-
-# 3 Attribute Type Definitions
-# 
-#    The following attribute types are defined in this document:
-# 
-#        javaClassName
-#        javaClassNames
-#        javaCodebase
-#        javaSerializedData
-#        javaFactory
-#        javaReferenceAddress
-#        javaDoc
-# 
-# 3.1 javaClassName
-# 
-#    This attribute stores the fully qualified name of the Java object's
-#    "distinguished" class or interface (for example, "java.lang.String").
-#    It is a single-valued attribute. This attribute's syntax is '
-#    Directory String' and its case is significant.
-# 
-#        ( 1.3.6.1.4.1.42.2.27.4.1.6
-#          NAME 'javaClassName'
-#          DESC 'Fully qualified name of distinguished Java class or
-#                interface'
-#          EQUALITY caseExactMatch
-#          SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
-#          SINGLE-VALUE
-#        )
-# 
-attributetype ( 1.3.6.1.4.1.42.2.27.4.1.6
-	NAME 'javaClassName'
-	DESC 'Fully qualified name of distinguished Java class or interface'
-	EQUALITY caseExactMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
-	SINGLE-VALUE )
- 
-# 3.2 javaCodebase
-# 
-#    This attribute stores the Java class definition's locations.  It
-#    specifies the locations from which to load the class definition for
-#    the class specified by the javaClassName attribute.  Each value of
-#    the attribute contains an ordered list of URLs, separated by spaces.
-#    For example, a value of "url1 url2 url3" means that the three
-#    (possibly interdependent) URLs (url1, url2, and url3) form the
-#    codebase for loading in the Java class definition.
-# 
-#    If the javaCodebase attribute contains more than one value, each
-#    value is an independent codebase. That is, there is no relationship
-#    between the URLs in one value and those in another; each value can be
-#    viewed as an alternate source for loading the Java class definition.
-#    See [Java] for information regarding class loading.
-# 
-#    This attribute's syntax is 'IA5 String' and its case is significant.
-# 
-#        ( 1.3.6.1.4.1.42.2.27.4.1.7
-#          NAME 'javaCodebase'
-#          DESC 'URL(s) specifying the location of class definition'
-#          EQUALITY caseExactIA5Match
-#          SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
-#        )
-# 
-attributetype ( 1.3.6.1.4.1.42.2.27.4.1.7
-	NAME 'javaCodebase'
-	DESC 'URL(s) specifying the location of class definition'
-	EQUALITY caseExactIA5Match
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-
-# 3.3 javaClassNames
-# 
-#    This attribute stores the Java object's fully qualified class or
-#    interface names (for example, "java.lang.String").  It is a
-#    multivalued attribute. When more than one value is present, each is
-#    the name of a class or interface, or ancestor class or interface, of
-#    this object.
-# 
-#    This attribute's syntax is 'Directory String' and its case is
-#    significant.
-# 
-#        ( 1.3.6.1.4.1.42.2.27.4.1.13
-#          NAME 'javaClassNames'
-#          DESC 'Fully qualified Java class or interface name'
-#          EQUALITY caseExactMatch
-#          SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
-#        )
-# 
-# 
-attributetype ( 1.3.6.1.4.1.42.2.27.4.1.13
-	NAME 'javaClassNames'
-	DESC 'Fully qualified Java class or interface name'
-	EQUALITY caseExactMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
- 
-# 3.4 javaSerializedData
-# 
-#    This attribute stores the serialized form of a Java object.  The
-#    serialized form is described in [Serial].
-# 
-#    This attribute's syntax is 'Octet String'.
-# 
-#        ( 1.3.6.1.4.1.42.2.27.4.1.8
-#          NAME 'javaSerializedData
-#          DESC 'Serialized form of a Java object'
-#          SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
-#          SINGLE-VALUE
-#        )
-# 
-attributetype ( 1.3.6.1.4.1.42.2.27.4.1.8
-	NAME 'javaSerializedData'
-	DESC 'Serialized form of a Java object'
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
-	SINGLE-VALUE )
-
-# 3.5 javaFactory
-# 
-#    This attribute stores the fully qualified class name of the object
-#    factory (for example, "com.wiz.jndi.WizObjectFactory") that can be
-#    used to create an instance of the object identified by the
-#    javaClassName attribute.
-# 
-#    This attribute's syntax is 'Directory String' and its case is
-#    significant.
-# 
-#        ( 1.3.6.1.4.1.42.2.27.4.1.10
-#          NAME 'javaFactory'
-#          DESC 'Fully qualified Java class name of a JNDI object factory'
-#          EQUALITY caseExactMatch
-#          SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
-#          SINGLE-VALUE
-#        )
-# 
-attributetype ( 1.3.6.1.4.1.42.2.27.4.1.10
-	NAME 'javaFactory'
-	DESC 'Fully qualified Java class name of a JNDI object factory'
-	EQUALITY caseExactMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
-	SINGLE-VALUE )
-
-# 3.6 javaReferenceAddress
-# 
-#    This attribute represents the sequence of addresses of a JNDI
-#    reference.  Each of its values represents one address, a Java object
-#    of type javax.naming.RefAddr.  Its value is a concatenation of the
-#    address type and address contents, preceded by a sequence number (the
-#    order of addresses in a JNDI reference is significant).  For example:
-# 
-#        #0#TypeA#ValA
-#        #1#TypeB#ValB
-#        #2#TypeC##rO0ABXNyABpq...
-# 
-#    In more detail, the value is encoded as follows:
-# 
-#    The delimiter is the first character of the value.  For readability
-#    the character '#' is recommended when it is not otherwise used
-#    anywhere in the value, but any character may be used subject to
-#    restrictions given below.
-# 
-#    The first delimiter is followed by the sequence number.  The sequence
-#    number of an address is its position in the JNDI reference, with the
-#    first address being numbered 0.  It is represented by its shortest
-#    string form, in decimal notation.
-# 
-#    The sequence number is followed by a delimiter, then by the address
-#    type, and then by another delimiter.  If the address is of Java class
-#    javax.naming.StringRefAddr, then this delimiter is followed by the
-#    value of the address contents (which is a string).  Otherwise, this
-#    delimiter is followed immediately by another delimiter, and then by
-#    the Base64 encoding of the serialized form of the entire address.
-# 
-#    The delimiter may be any character other than a digit or a character
-#    contained in the address type.  In addition, if the address contents
-#    is a string, the delimiter may not be the first character of that
-#    string.
-# 
-#    This attribute's syntax is 'Directory String' and its case is
-#    significant.  It can contain multiple values.
-# 
-#        ( 1.3.6.1.4.1.42.2.27.4.1.11
-#          NAME 'javaReferenceAddress'
-#          DESC 'Addresses associated with a JNDI Reference'
-#          EQUALITY caseExactMatch
-#          SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
-#        )
-# 
-attributetype ( 1.3.6.1.4.1.42.2.27.4.1.11
-	NAME 'javaReferenceAddress'
-	DESC 'Addresses associated with a JNDI Reference'
-	EQUALITY caseExactMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
-
-# 3.7 javaDoc
-# 
-#    This attribute stores a pointer to the Java documentation for the
-#    class.  It's value is a URL. For example, the following URL points to
-#    the specification of the java.lang.String class:
-#    http://java.sun.com/products/jdk/1.2/docs/api/java/lang/String.html
-# 
-#    This attribute's syntax is 'IA5 String' and its case is significant.
-# 
-#        ( 1.3.6.1.4.1.42.2.27.4.1.12
-#          NAME 'javaDoc'
-#          DESC 'The Java documentation for the class'
-#          EQUALITY caseExactIA5Match
-#          SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
-#        )
-# 
-attributetype ( 1.3.6.1.4.1.42.2.27.4.1.12
-	NAME 'javaDoc'
-	DESC 'The Java documentation for the class'
-	EQUALITY caseExactIA5Match
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-
-# 4 Object Class Definitions
-# 
-#    The following object classes are defined in this document:
-# 
-#        javaContainer
-#        javaObject
-#        javaSerializedObject
-#        javaMarshalledObject
-#        javaNamingReference
-# 
-# 4.1 javaContainer
-# 
-#    This structural object class represents a container for a Java
-#    object.
-# 
-#        ( 1.3.6.1.4.1.42.2.27.4.2.1
-#          NAME 'javaContainer'
-#          DESC 'Container for a Java object'
-#          SUP top
-#          STRUCTURAL
-#          MUST ( cn )
-#        )
-# 
-objectclass ( 1.3.6.1.4.1.42.2.27.4.2.1
-	NAME 'javaContainer'
-	DESC 'Container for a Java object'
-	SUP top
-	STRUCTURAL
-	MUST cn )
-
-# 4.2 javaObject
-# 
-#    This abstract object class represents a Java object.  A javaObject
-#    cannot exist in the directory; only auxiliary or structural
-#    subclasses of it can exist in the directory.
-# 
-#        ( 1.3.6.1.4.1.42.2.27.4.2.4
-#          NAME 'javaObject'
-#          DESC 'Java object representation'
-#          SUP top
-#          ABSTRACT
-#          MUST ( javaClassName )
-#          MAY ( javaClassNames $
-#                javaCodebase $
-#                javaDoc $
-#                description )
-#        )
-# 
-objectclass ( 1.3.6.1.4.1.42.2.27.4.2.4
-	NAME 'javaObject'
-	DESC 'Java object representation'
-	SUP top
-	ABSTRACT
-	MUST javaClassName
-	MAY ( javaClassNames $ javaCodebase $
-		javaDoc $ description ) )
-
-# 4.3 javaSerializedObject
-# 
-#    This auxiliary object class represents a Java serialized object.  It
-#    must be mixed in with a structural object class.
-# 
-#        ( 1.3.6.1.4.1.42.2.27.4.2.5
-#          NAME 'javaSerializedObject'
-#          DESC 'Java serialized object'
-#          SUP javaObject
-#          AUXILIARY
-#          MUST ( javaSerializedData )
-#        )
-# 
-objectclass ( 1.3.6.1.4.1.42.2.27.4.2.5
-	NAME 'javaSerializedObject'
-	DESC 'Java serialized object'
-	SUP javaObject
-	AUXILIARY
-	MUST javaSerializedData )
- 
-# 4.4 javaMarshalledObject
-# 
-#    This auxiliary object class represents a Java marshalled object.  It
-#    must be mixed in with a structural object class.
-# 
-#        ( 1.3.6.1.4.1.42.2.27.4.2.8
-#          NAME 'javaMarshalledObject'
-#          DESC 'Java marshalled object'
-#          SUP javaObject
-#          AUXILIARY
-#          MUST ( javaSerializedData )
-#        )
-# 
-objectclass ( 1.3.6.1.4.1.42.2.27.4.2.8
-	NAME 'javaMarshalledObject'
-	DESC 'Java marshalled object'
-	SUP javaObject
-	AUXILIARY
-	MUST javaSerializedData )
-
-# 4.5 javaNamingReference
-# 
-#    This auxiliary object class represents a JNDI reference.  It must be
-#    mixed in with a structural object class.
-# 
-#        ( 1.3.6.1.4.1.42.2.27.4.2.7
-#          NAME 'javaNamingReference'
-#          DESC 'JNDI reference'
-#          SUP javaObject
-#          AUXILIARY
-#          MAY ( javaReferenceAddress $
-#                javaFactory )
-#        )
-# 
-objectclass ( 1.3.6.1.4.1.42.2.27.4.2.7
-	NAME 'javaNamingReference'
-	DESC 'JNDI reference'
-	SUP javaObject
-	AUXILIARY
-	MAY ( javaReferenceAddress $ javaFactory ) )
- 
-# Full Copyright Statement
-# 
-#    Copyright (C) The Internet Society (1999).  All Rights Reserved.
-# 
-#    This document and translations of it may be copied and furnished to
-#    others, and derivative works that comment on or otherwise explain it
-#    or assist in its implementation may be prepared, copied, published
-#    and distributed, in whole or in part, without restriction of any
-#    kind, provided that the above copyright notice and this paragraph are
-#    included on all such copies and derivative works.  However, this
-#    document itself may not be modified in any way, such as by removing
-#    the copyright notice or references to the Internet Society or other
-#    Internet organizations, except as needed for the purpose of
-#    developing Internet standards in which case the procedures for
-#    copyrights defined in the Internet Standards process must be
-#    followed, or as required to translate it into languages other than
-#    English.
-# 
-#    The limited permissions granted above are perpetual and will not be
-#    revoked by the Internet Society or its successors or assigns.
-# 
-#    This document and the information contained herein is provided on an
-#    "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
-#    TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
-#    BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
-#    HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
-#    MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Deleted: openldap/vendor/openldap-release/servers/slapd/schema/ppolicy.schema
===================================================================
--- openldap/vendor/openldap-release/servers/slapd/schema/ppolicy.schema	2008-07-07 00:16:51 UTC (rev 1164)
+++ openldap/vendor/openldap-release/servers/slapd/schema/ppolicy.schema	2008-07-07 01:03:22 UTC (rev 1165)
@@ -1,531 +0,0 @@
-# $OpenLDAP: pkg/ldap/servers/slapd/schema/ppolicy.schema,v 1.7.2.3 2008/02/11 23:26:49 kurt Exp $
-## This work is part of OpenLDAP Software <http://www.openldap.org/>.
-##
-## Copyright 2004-2008 The OpenLDAP Foundation.
-## All rights reserved.
-##
-## Redistribution and use in source and binary forms, with or without
-## modification, are permitted only as authorized by the OpenLDAP
-## Public License.
-##
-## A copy of this license is available in the file LICENSE in the
-## top-level directory of the distribution or, alternatively, at
-## <http://www.OpenLDAP.org/license.html>.
-#
-## Portions Copyright (C) The Internet Society (2004).
-## Please see full copyright statement below.
-
-# Definitions from Draft behera-ldap-password-policy-07 (a work in progress)
-#	Password Policy for LDAP Directories
-# With extensions from Hewlett-Packard:
-#	pwdCheckModule etc.
-
-# Contents of this file are subject to change (including deletion)
-# without notice.
-#
-# Not recommended for production use!
-# Use with extreme caution!
-
-#Network Working Group                                     J. Sermersheim
-#Internet-Draft                                               Novell, Inc
-#Expires: April 24, 2005                                        L. Poitou
-#                                                        Sun Microsystems
-#                                                        October 24, 2004
-#
-#
-#                  Password Policy for LDAP Directories
-#                draft-behera-ldap-password-policy-08.txt
-#
-#Status of this Memo
-#
-#   This document is an Internet-Draft and is subject to all provisions
-#   of section 3 of RFC 3667.  By submitting this Internet-Draft, each
-#   author represents that any applicable patent or other IPR claims of
-#   which he or she is aware have been or will be disclosed, and any of
-#   which he or she become aware will be disclosed, in accordance with
-#   RFC 3668.
-#
-#   Internet-Drafts are working documents of the Internet Engineering
-#   Task Force (IETF), its areas, and its working groups.  Note that
-#   other groups may also distribute working documents as
-#   Internet-Drafts.
-#
-#   Internet-Drafts are draft documents valid for a maximum of six months
-#   and may be updated, replaced, or obsoleted by other documents at any
-#   time.  It is inappropriate to use Internet-Drafts as reference
-#   material or to cite them other than as "work in progress."
-#
-#   The list of current Internet-Drafts can be accessed at
-#   http://www.ietf.org/ietf/1id-abstracts.txt.
-#
-#   The list of Internet-Draft Shadow Directories can be accessed at
-#   http://www.ietf.org/shadow.html.
-#
-#   This Internet-Draft will expire on April 24, 2005.
-#
-#Copyright Notice
-#
-#   Copyright (C) The Internet Society (2004).
-#
-#Abstract
-#
-#   Password policy as described in this document is a set of rules that
-#   controls how passwords are used and administered in Lightweight
-#   Directory Access Protocol (LDAP) based directories.  In order to
-#   improve the security of LDAP directories and make it difficult for
-#   password cracking programs to break into directories, it is desirable
-#   to enforce a set of rules on password usage.  These rules are made to
-#
-#  [trimmed]
-#
-#5.  Schema used for Password Policy
-#
-#   The schema elements defined here fall into two general categories.  A
-#   password policy object class is defined which contains a set of
-#   administrative password policy attributes, and a set of operational
-#   attributes are defined that hold general password policy state
-#   information for each user.
-#
-#5.2  Attribute Types used in the pwdPolicy ObjectClass
-#
-#   Following are the attribute types used by the pwdPolicy object class.
-#
-#5.2.1  pwdAttribute
-#
-#   This holds the name of the attribute to which the password policy is
-#   applied.  For example, the password policy may be applied to the
-#   userPassword attribute.
-
-attributetype ( 1.3.6.1.4.1.42.2.27.8.1.1
-      NAME 'pwdAttribute'
-      EQUALITY objectIdentifierMatch
-      SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
-
-#5.2.2  pwdMinAge
-#
-#   This attribute holds the number of seconds that must elapse between
-#   modifications to the password.  If this attribute is not present, 0
-#   seconds is assumed.
-
-attributetype ( 1.3.6.1.4.1.42.2.27.8.1.2
-      NAME 'pwdMinAge'
-      EQUALITY integerMatch
-      SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
-      SINGLE-VALUE )
-
-#5.2.3  pwdMaxAge
-#
-#   This attribute holds the number of seconds after which a modified
-#   password will expire.
-#
-#   If this attribute is not present, or if the value is 0 the password
-#   does not expire.  If not 0, the value must be greater than or equal
-#   to the value of the pwdMinAge.
-
-attributetype ( 1.3.6.1.4.1.42.2.27.8.1.3
-      NAME 'pwdMaxAge'
-      EQUALITY integerMatch
-      SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
-      SINGLE-VALUE )
-
-#5.2.4  pwdInHistory
-#
-#   This attribute specifies the maximum number of used passwords stored
-#   in the pwdHistory attribute.
-#
-#   If this attribute is not present, or if the value is 0, used
-#   passwords are not stored in the pwdHistory attribute and thus may be
-#   reused.
-
-attributetype ( 1.3.6.1.4.1.42.2.27.8.1.4
-      NAME 'pwdInHistory'
-      EQUALITY integerMatch
-      SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
-      SINGLE-VALUE )
-
-#5.2.5  pwdCheckQuality
-#
-#   {TODO: Consider changing the syntax to OID.  Each OID will list a
-#   quality rule (like min len, # of special characters, etc).  These
-#   rules can be specified outsid ethis document.}
-#
-#   {TODO: Note that even though this is meant to be a check that happens
-#   during password modification, it may also be allowed to happen during
-#   authN.  This is useful for situations where the password is encrypted
-#   when modified, but decrypted when used to authN.}
-#
-#   This attribute indicates how the password quality will be verified
-#   while being modified or added.  If this attribute is not present, or
-#   if the value is '0', quality checking will not be enforced.  A value
-#   of '1' indicates that the server will check the quality, and if the
-#   server is unable to check it (due to a hashed password or other
-#   reasons) it will be accepted.  A value of '2' indicates that the
-#   server will check the quality, and if the server is unable to verify
-#   it, it will return an error refusing the password.
-
-attributetype ( 1.3.6.1.4.1.42.2.27.8.1.5
-      NAME 'pwdCheckQuality'
-      EQUALITY integerMatch
-      SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
-      SINGLE-VALUE )
-
-#5.2.6  pwdMinLength
-#
-#   When quality checking is enabled, this attribute holds the minimum
-#   number of characters that must be used in a password.  If this
-#   attribute is not present, no minimum password length will be
-#   enforced.  If the server is unable to check the length (due to a
-#   hashed password or otherwise), the server will, depending on the
-#   value of the pwdCheckQuality attribute, either accept the password
-#   without checking it ('0' or '1') or refuse it ('2').
-
-attributetype ( 1.3.6.1.4.1.42.2.27.8.1.6
-      NAME 'pwdMinLength'
-      EQUALITY integerMatch
-      SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
-      SINGLE-VALUE )
-
-#5.2.7  pwdExpireWarning
-#
-#   This attribute specifies the maximum number of seconds before a
-#   password is due to expire that expiration warning messages will be
-#   returned to an authenticating user.
-#
-#   If this attribute is not present, or if the value is 0 no warnings
-#   will be returned.  If not 0, the value must be smaller than the value
-#   of the pwdMaxAge attribute.
-
-attributetype ( 1.3.6.1.4.1.42.2.27.8.1.7
-      NAME 'pwdExpireWarning'
-      EQUALITY integerMatch
-      SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
-      SINGLE-VALUE )
-
-#5.2.8  pwdGraceAuthNLimit
-#
-#   This attribute specifies the number of times an expired password can
-#   be used to authenticate.  If this attribute is not present or if the
-#   value is 0, authentication will fail.
-
-attributetype ( 1.3.6.1.4.1.42.2.27.8.1.8
-      NAME 'pwdGraceAuthNLimit'
-      EQUALITY integerMatch
-      SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
-      SINGLE-VALUE )
-
-#5.2.9  pwdLockout
-#
-#   This attribute indicates, when its value is "TRUE", that the password
-#   may not be used to authenticate after a specified number of
-#   consecutive failed bind attempts.  The maximum number of consecutive
-#   failed bind attempts is specified in pwdMaxFailure.
-#
-#   If this attribute is not present, or if the value is "FALSE", the
-#   password may be used to authenticate when the number of failed bind
-#   attempts has been reached.
-
-attributetype ( 1.3.6.1.4.1.42.2.27.8.1.9
-      NAME 'pwdLockout'
-      EQUALITY booleanMatch
-      SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
-      SINGLE-VALUE )
-
-#5.2.10  pwdLockoutDuration
-#
-#   This attribute holds the number of seconds that the password cannot
-#   be used to authenticate due to too many failed bind attempts.  If
-#   this attribute is not present, or if the value is 0 the password
-#   cannot be used to authenticate until reset by a password
-#   administrator.
-
-attributetype ( 1.3.6.1.4.1.42.2.27.8.1.10
-      NAME 'pwdLockoutDuration'
-      EQUALITY integerMatch
-      SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
-      SINGLE-VALUE )
-
-#5.2.11  pwdMaxFailure
-#
-#   This attribute specifies the number of consecutive failed bind
-#   attempts after which the password may not be used to authenticate.
-#   If this attribute is not present, or if the value is 0, this policy
-#   is not checked, and the value of pwdLockout will be ignored.
-
-attributetype ( 1.3.6.1.4.1.42.2.27.8.1.11
-      NAME 'pwdMaxFailure'
-      EQUALITY integerMatch
-      SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
-      SINGLE-VALUE )
-
-#5.2.12  pwdFailureCountInterval
-#
-#   This attribute holds the number of seconds after which the password
-#   failures are purged from the failure counter, even though no
-#   successful authentication occurred.
-#
-#   If this attribute is not present, or if its value is 0, the failure
-#   counter is only reset by a successful authentication.
-
-attributetype ( 1.3.6.1.4.1.42.2.27.8.1.12
-      NAME 'pwdFailureCountInterval'
-      EQUALITY integerMatch
-      SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
-      SINGLE-VALUE )
-
-#5.2.13  pwdMustChange
-#
-#   This attribute specifies with a value of "TRUE" that users must
-#   change their passwords when they first bind to the directory after a
-#   password is set or reset by a password administrator.  If this
-#   attribute is not present, or if the value is "FALSE", users are not
-#   required to change their password upon binding after the password
-#   administrator sets or resets the password.  This attribute is not set
-#   due to any actions specified by this document, it is typically set by
-#   a password administrator after resetting a user's password.
-
-attributetype ( 1.3.6.1.4.1.42.2.27.8.1.13
-      NAME 'pwdMustChange'
-      EQUALITY booleanMatch
-      SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
-      SINGLE-VALUE )
-
-#5.2.14  pwdAllowUserChange
-#
-#   This attribute indicates whether users can change their own
-#   passwords, although the change operation is still subject to access
-#   control.  If this attribute is not present, a value of "TRUE" is
-#   assumed.  This attribute is intended to be used in the absense of an
-#   access control mechanism.
-
-attributetype ( 1.3.6.1.4.1.42.2.27.8.1.14
-      NAME 'pwdAllowUserChange'
-      EQUALITY booleanMatch
-      SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
-      SINGLE-VALUE )
-
-#5.2.15  pwdSafeModify
-#
-#   This attribute specifies whether or not the existing password must be
-#   sent along with the new password when being changed.  If this
-#   attribute is not present, a "FALSE" value is assumed.
-
-attributetype ( 1.3.6.1.4.1.42.2.27.8.1.15
-      NAME 'pwdSafeModify'
-      EQUALITY booleanMatch
-      SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
-      SINGLE-VALUE )
-
-# HP extensions
-#
-# pwdCheckModule
-#
-#    This attribute names a user-defined loadable module that provides
-#    a check_password() function. If pwdCheckQuality is set to '1' or '2'
-#    this function will be called after all of the internal password
-#    quality checks have been passed. The function has this prototype:
-#
-#    int check_password( char *password, char **errormessage, void *arg )
-#
-#    The function should return LDAP_SUCCESS for a valid password.
-
-attributetype ( 1.3.6.1.4.1.4754.1.99.1
-     NAME 'pwdCheckModule'
-     EQUALITY caseExactIA5Match
-     SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
-     DESC 'Loadable module that instantiates "check_password() function'
-     SINGLE-VALUE )
-
-objectclass ( 1.3.6.1.4.1.4754.2.99.1
-      NAME 'pwdPolicyChecker'
-      SUP top
-      AUXILIARY
-      MAY ( pwdCheckModule ) )
-
-#5.1  The pwdPolicy Object Class
-#
-#   This object class contains the attributes defining a password policy
-#   in effect for a set of users.  Section 10 describes the
-#   administration of this object, and the relationship between it and
-#   particular objects.
-#
-objectclass ( 1.3.6.1.4.1.42.2.27.8.2.1
-      NAME 'pwdPolicy'
-      SUP top
-      AUXILIARY
-      MUST ( pwdAttribute )
-      MAY ( pwdMinAge $ pwdMaxAge $ pwdInHistory $ pwdCheckQuality $
-      pwdMinLength $ pwdExpireWarning $ pwdGraceAuthNLimit $ pwdLockout
-      $ pwdLockoutDuration $ pwdMaxFailure $ pwdFailureCountInterval $
-      pwdMustChange $ pwdAllowUserChange $ pwdSafeModify ) )
-
-#5.3  Attribute Types for Password Policy State Information
-#
-#   Password policy state information must be maintained for each user.
-#   The information is located in each user entry as a set of operational
-#   attributes.  These operational attributes are: pwdChangedTime,
-#   pwdAccountLockedTime, pwdFailureTime, pwdHistory, pwdGraceUseTime,
-#   pwdReset, pwdPolicySubEntry.
-#
-#5.3.1  Password Policy State Attribute Option
-#
-#   Since the password policy could apply to several attributes used to
-#   store passwords, each of the above operational attributes must have
-#   an option to specify which pwdAttribute it applies to.  The password
-#   policy option is defined as the following:
-#
-#   pwd-<passwordAttribute>
-#
-#   where passwordAttribute a string following the OID syntax
-#   (1.3.6.1.4.1.1466.115.121.1.38).  The attribute type descriptor
-#   (short name) MUST be used.
-#
-#   For example, if the pwdPolicy object has for pwdAttribute
-#   "userPassword" then the pwdChangedTime operational attribute, in a
-#   user entry, will be:
-#
-#   pwdChangedTime;pwd-userPassword: 20000103121520Z
-#
-#   This attribute option follows sub-typing semantics.  If a client
-#   requests a password policy state attribute to be returned in a search
-#   operation, and does not specify an option, all subtypes of that
-#   policy state attribute are returned.
-#
-#5.3.2  pwdChangedTime
-#
-#   This attribute specifies the last time the entry's password was
-#   changed.  This is used by the password expiration policy.  If this
-#   attribute does not exist, the password will never expire.
-#
-#      ( 1.3.6.1.4.1.42.2.27.8.1.16
-#      NAME 'pwdChangedTime'
-#      DESC 'The time the password was last changed'
-#      EQUALITY generalizedTimeMatch
-#      ORDERING generalizedTimeOrderingMatch
-#      SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
-#      SINGLE-VALUE
-#      USAGE directoryOperation )
-#
-#5.3.3  pwdAccountLockedTime
-#
-#   This attribute holds the time that the user's account was locked.  A
-#   locked account means that the password may no longer be used to
-#   authenticate.  A 000001010000Z value means that the account has been
-#   locked permanently, and that only a password administrator can unlock
-#   the account.
-#
-#      ( 1.3.6.1.4.1.42.2.27.8.1.17
-#      NAME 'pwdAccountLockedTime'
-#      DESC 'The time an user account was locked'
-#      EQUALITY generalizedTimeMatch
-#      ORDERING generalizedTimeOrderingMatch
-#      SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
-#      SINGLE-VALUE
-#      USAGE directoryOperation )
-#
-#5.3.4  pwdFailureTime
-#
-#   This attribute holds the timestamps of the consecutive authentication
-#   failures.
-#
-#      ( 1.3.6.1.4.1.42.2.27.8.1.19
-#      NAME 'pwdFailureTime'
-#      DESC 'The timestamps of the last consecutive authentication
-#      failures'
-#      EQUALITY generalizedTimeMatch
-#      ORDERING generalizedTimeOrderingMatch
-#      SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
-#      USAGE directoryOperation )
-#
-#5.3.5  pwdHistory
-#
-#   This attribute holds a history of previously used passwords.  Values
-#   of this attribute are transmitted in string format as given by the
-#   following ABNF:
-#
-#   pwdHistory = time "#" syntaxOID "#" length "#" data
-#
-#   time       = <generalizedTimeString as specified in 6.14
-#                 of [RFC2252]>
-#
-#   syntaxOID  = numericoid    ; the string representation of the
-#                              ; dotted-decimal OID that defines the
-#                              ; syntax used to store the password.
-#                              ; numericoid is described in 4.1
-#                              ; of [RFC2252].
-#
-#   length     = numericstring ; the number of octets in data.
-#                              ; numericstring is described in 4.1
-#                              ; of [RFC2252].
-#
-#   data       = <octets representing the password in the format
-#                 specified by syntaxOID>.
-#
-#   This format allows the server to store, and transmit a history of
-#   passwords that have been used.  In order for equality matching to
-#   function properly, the time field needs to adhere to a consistent
-#   format.  For this purpose, the time field MUST be in GMT format.
-#
-#      ( 1.3.6.1.4.1.42.2.27.8.1.20
-#      NAME 'pwdHistory'
-#      DESC 'The history of user s passwords'
-#      EQUALITY octetStringMatch
-#      SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
-#      USAGE directoryOperation )
-#
-#5.3.6  pwdGraceUseTime
-#
-#   This attribute holds the timestamps of grace authentications after a
-#   password has expired.
-#
-#      ( 1.3.6.1.4.1.42.2.27.8.1.21
-#      NAME 'pwdGraceUseTime'
-#      DESC 'The timestamps of the grace authentication after the
-#      password has expired'
-#      EQUALITY generalizedTimeMatch
-#      SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
-#
-#5.3.7  pwdReset
-#
-#   This attribute holds a flag to indicate (when TRUE) that the password
-#   has been updated by the password administrator and must be changed by
-#   the user on first authentication.
-#
-#      ( 1.3.6.1.4.1.42.2.27.8.1.22
-#      NAME 'pwdReset'
-#      DESC 'The indication that the password has been reset'
-#      EQUALITY booleanMatch
-#      SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
-#      SINGLE-VALUE
-#      USAGE directoryOperation )
-#
-#5.3.8  pwdPolicySubentry
-#
-#   This attribute points to the pwdPolicy subentry in effect for this
-#   object.
-#
-#      ( 1.3.6.1.4.1.42.2.27.8.1.23
-#      NAME 'pwdPolicySubentry'
-#      DESC 'The pwdPolicy subentry in effect for this object'
-#      EQUALITY distinguishedNameMatch
-#      SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
-#      SINGLE-VALUE
-#      USAGE directoryOperation )
-#
-#
-#Disclaimer of Validity
-#
-#   This document and the information contained herein are provided on an
-#   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
-#   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
-#   ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
-#   INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
-#   INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
-#   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-#
-#
-#Copyright Statement
-#
-#   Copyright (C) The Internet Society (2004).  This document is subject
-#   to the rights, licenses and restrictions contained in BCP 78, and
-#   except as set forth therein, the authors retain all their rights.
-




More information about the Pkg-openldap-devel mailing list