sda-php
/
nur-sery
11
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ajout ldap

This commit is contained in:
Jephté Clain 2024-04-04 22:21:20 +04:00
parent 5ca55e1919
commit d4eb43c3d9
94 changed files with 15867 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
composer.json
View File

@ -32,7 +32,8 @@
"ext-oci8": "*",
"ext-pdo": "*",
"ext-pgsql": "*",
"ext-sqlite3": "*"
"ext-sqlite3": "*",
"ext-ldap": "*"
},
"autoload": {
"psr-4": {
@ -49,6 +50,17 @@
"nur\\": "nur_tests"
}
},
"bin": [
"nur_bin/compctl.php",
"nur_bin/compdep.php",
"nur_bin/cachectl.php",
"nur_bin/dumpser.php",
"nur_bin/datectl.php",
"nur_bin/fsvdiff.php",
"nur_bin/ldap-delete.php",
"nur_bin/ldap-get-infos.php",
"nur_bin/ldap-search.php"
],
"scripts": {
"uc": "@php sbin/update_classes.php"
},

19
composer.lock generated
View File

@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
"content-hash": "4bd0015796ba3b74f5a4e1a85f3a2287",
"content-hash": "b2f686c0f06bd9d7e888d6daa662c8ff",
"packages": [
{
"name": "nulib/php",
@ -12,7 +12,7 @@
"dist": {
"type": "path",
"url": "../nulib",
"reference": "e34adce2605b9189d5232c97c510ae5123096e66"
"reference": "f57228278482619edd57baef9fc08a5dd4c63216"
},
"require": {
"php": ">=7.4"
@ -49,16 +49,16 @@
},
{
"name": "symfony/deprecation-contracts",
"version": "v2.5.2",
"version": "v2.5.3",
"source": {
"type": "git",
"url": "https://github.com/symfony/deprecation-contracts.git",
"reference": "e8b495ea28c1d97b5e0c121748d6f9b53d075c66"
"reference": "80d075412b557d41002320b96a096ca65aa2c98d"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/deprecation-contracts/zipball/e8b495ea28c1d97b5e0c121748d6f9b53d075c66",
"reference": "e8b495ea28c1d97b5e0c121748d6f9b53d075c66",
"url": "https://api.github.com/repos/symfony/deprecation-contracts/zipball/80d075412b557d41002320b96a096ca65aa2c98d",
"reference": "80d075412b557d41002320b96a096ca65aa2c98d",
"shasum": ""
},
"require": {
@ -96,7 +96,7 @@
"description": "A generic function and convention to trigger deprecation notices",
"homepage": "https://symfony.com",
"support": {
"source": "https://github.com/symfony/deprecation-contracts/tree/v2.5.2"
"source": "https://github.com/symfony/deprecation-contracts/tree/v2.5.3"
},
"funding": [
{
@ -112,7 +112,7 @@
"type": "tidelift"
}
],
"time": "2022-01-02T09:53:40+00:00"
"time": "2023-01-24T14:02:46+00:00"
},
{
"name": "symfony/polyfill-ctype",
@ -2067,7 +2067,8 @@
"ext-oci8": "*",
"ext-pdo": "*",
"ext-pgsql": "*",
"ext-sqlite3": "*"
"ext-sqlite3": "*",
"ext-ldap": "*"
},
"plugin-api-version": "2.2.0"
}

5
nur_bin/ldap-delete.php Executable file
View File

@ -0,0 +1,5 @@
#!/usr/bin/php
<?php
require $_composer_autoload_path?? __DIR__.'/../vendor/autoload.php';
\nur\ldap\app\LdapDeleteApp::run();

5
nur_bin/ldap-get-infos.php Executable file
View File

@ -0,0 +1,5 @@
#!/usr/bin/php
<?php
require $_composer_autoload_path?? __DIR__.'/../vendor/autoload.php';
\nur\ldap\app\LdapGetInfosApp::run();

5
nur_bin/ldap-search.php Executable file
View File

@ -0,0 +1,5 @@
#!/usr/bin/php
<?php
require $_composer_autoload_path?? __DIR__.'/../vendor/autoload.php';
\nur\ldap\app\LdapSearchApp::run();

62
nur_src/ldap/CompositeAttr.php Normal file
View File

@ -0,0 +1,62 @@
<?php
namespace nur\ldap;
use nur\A;
use nur\b\IllegalAccessException;
use nur\ldap\syntaxes\CompositeSyntax;
/**
* Class CompositeAttr: une liste de valeurs composites
*/
class CompositeAttr extends LdapAttr {
function reset(?array &$values): self {
if ($values !== null) {
/** @var CompositeSyntax $syntax */
$syntax = $this->syntax;
$tmp = [];
foreach ($values as $value) {
$cvalue = $syntax->ldap2php($value);
$key = $cvalue->getKey();
$value = $cvalue->formatLdap();
$tmp[$key] = $value;
}
$values = $tmp;
}
$this->data =& $values;
return $this;
}
function add($value, bool $unique=true, bool $strict=false): self {
/** @var CompositeSyntax $syntax */
$syntax = $this->syntax;
$value = A::first($syntax->ensureArray($value));
$cvalue = $syntax->ensureComposite($value);
if ($cvalue !== null) {
$key = $cvalue->getKey();
$value = $cvalue->formatLdap();
$this->data[$key] = $value;
}
return $this;
}
function del($value, int $maxCount=-1, bool $strict=false): self {
if ($value !== null && $this->data !== null) {
/** @var CompositeSyntax $syntax */
$syntax = $this->syntax;
$value = A::first($syntax->ensureArray($value));
$cvalue = $syntax->ensureComposite($value);
if ($cvalue !== null) {
$key = $cvalue->getKey();
unset($this->data[$key]);
}
}
return $this;
}
function ins(int $index, $value): self {
throw IllegalAccessException::not_allowed("composite attrs don't use indexes");
}
function unset(int $index): self {
throw IllegalAccessException::not_allowed("composite attrs don't use indexes");
}
}

159
nur_src/ldap/CompositeValue.php Normal file
View File

@ -0,0 +1,159 @@
<?php
namespace nur\ldap;
use nur\A;
use nur\b\coll\BaseArray;
use nur\b\ValueException;
use nur\data\types\Metadata;
use nur\ldap\syntaxes\AbstractSyntax;
use nur\ldap\syntaxes\cvalues;
/**
* Class CompositeValue: une valeur composite
*/
abstract class CompositeValue extends BaseArray {
/** @var array schéma des champs de la valeur composite */
const SCHEMA = null;
/** @var array syntaxes associées aux champs */
const SYNTAXES = null;
/** @var array liste et ordre des éléments obligatoires */
const MANDATORY_KEYS = null;
/** @var array liste et ordre des éléments facultatifs connus */
const OPTIONAL_KEYS = null;
/** @var array liste des clés qui identifient cet objet */
const KEY_KEYS = null;
static function compute_keys(array $values): string {
$keys = static::KEY_KEYS;
if ($keys === null) $keys = static::MANDATORY_KEYS;
if ($keys === null) $keys = array_keys($values);
$parts = [];
foreach ($keys as $key) {
$parts[] = A::get($values, $key);
}
return implode("-", $parts);
}
protected $ldapKeys, $keys, $optionalKeys;
protected $syntaxes;
/** initialiser l'objet */
function setup(LdapConn $conn): self {
$ldapKeys = [];
$keys = [];
$mandatoryKeys = ValueException::check_nn(static::MANDATORY_KEYS
, "Vous devez définir MANDATORY_KEYS");
$index = 0;
foreach ($mandatoryKeys as $key => $ldapKey) {
if ($key === $index) {
$index++;
$key = $ldapKey;
}
$ldapKeys[$key] = $ldapKey;
$keys[$ldapKey] = $key;
}
$optionalKeys = [];
$index = 0;
foreach (A::with(static::OPTIONAL_KEYS) as $key => $ldapKey) {
if ($key === $index) {
$index++;
$key = $ldapKey;
}
$ldapKeys[$key] = $ldapKey;
$keys[$ldapKey] = $key;
$optionalKeys[] = $key;
}
$schemaKeys = A::keys(static::SCHEMA);
foreach ($schemaKeys as $key) {
if (!in_array($key, $keys)) {
$ldapKeys[$key] = $key;
$keys[$key] = $key;
$optionalKeys[] = $key;
}
}
$this->ldapKeys = $ldapKeys;
$this->keys = $keys;
$this->optionalKeys = $optionalKeys;
##
$syntaxClasses = static::SYNTAXES;
if ($syntaxClasses !== null) {
$syntaxes = [];
foreach ($schemaKeys as $key) {
$class = A::get($syntaxClasses, $key);
if ($class !== null) {
$syntaxes[$key] = $conn->getSyntax($class);
}
}
$this->syntaxes = $syntaxes;
}
##
return $this;
}
function has($key): bool { return $this->_has($key); }
function &get($key, $default=null) { return $this->_get($key, $default); }
function set($key, $value): self { return $this->_set($key, $value); }
function add($value): self { return $this->_set(null, $value); }
function del($key): self { return $this->_del($key); }
/** obtenir la clé qui identifie cet objet */
function getKey(): string {
return self::compute_keys($this->data);
}
/** initialiser cet objet avec une valeur LDAP */
function parseLdap(string $value): self {
if (!preg_match_all('/\[.*?]/', $value, $ms)) {
throw ValueException::invalid_value($value, "composite value");
}
$this->data = [];
foreach ($ms[0] as $nameValue) {
if (preg_match('/\[(.*?)=(.*)]/', $nameValue, $ms)) {
$ldapKey = names::ldap_unescape($ms[1]);
$key = A::get($this->keys, $ldapKey, $ldapKey);
$value = names::ldap_unescape($ms[2]);
/** @var AbstractSyntax $syntax */
$syntax = A::get($this->syntaxes, $key);
if ($syntax !== null) $value = $syntax->ldap2php($value);
$this->data[$key] = $value;
}
}
return $this;
}
/** retourner cette valeur au format LDAP */
function formatLdap(): string {
$optionalKeys = $this->optionalKeys;
$parts = [];
foreach ($this->ldapKeys as $key => $ldapKey) {
$value = A::get($this->data, $key);
if ($value === null && in_array($key, $optionalKeys)) continue;
/** @var AbstractSyntax $syntax */
$syntax = A::get($this->syntaxes, $key);
if ($syntax !== null) $value = $syntax->php2ldap($value);
$ldapKey = ldap_escape($ldapKey, 0, LDAP_ESCAPE_FILTER);
$value = ldap_escape($value, 0, LDAP_ESCAPE_FILTER);
$parts[] = "[$ldapKey=$value]";
}
return implode("", $parts);
}
function reset(?array $values): CompositeValue {
$md = Metadata::with(static::SCHEMA);
$md->ensureSchema($values);
$this->data = $values;
return $this;
}
#############################################################################
static function _AUTOGEN_PROPERTIES(): array {
return cvalues::autogen_properties(static::SCHEMA);
}
## rajouter ceci dans les classes dérivées
#const _AUTOGEN_PROPERTIES = [[self::class, "_AUTOGEN_PROPERTIES"]];
}

10
nur_src/ldap/ILdapWalker.php Normal file
View File

@ -0,0 +1,10 @@
<?php
namespace nur\ldap;
use nur\b\ICloseable;
interface ILdapWalker extends ICloseable {
function resetSearch(LdapSearch $search): ILdapWalker;
function next(): bool;
}

31
nur_src/ldap/IObjectWorkflow.php Normal file
View File

@ -0,0 +1,31 @@
<?php
namespace nur\ldap;
/**
* Interface IObjectWorkflow: un objet permettant de créer et/ou mettre à jour
* un objet LDAP dans le cadre d'une synchronisation
*/
interface IObjectWorkflow {
/** retourner le nom du workflox */
function getWorkflowName(): string;
/**
* synchroniser les données spécifiées vers l'objet correspndant, en le créant
* si nécessaire
*/
function createOrUpdate(array $data, ?array $params=null): LdapObject;
/**
* modifier uniquement le mot de passe de l'objet correspondant
*
* @return bool true si l'objet correspondant a été trouvé et qu'il a été mis
* à jour
*/
function updatePassword(array $data, string $password): bool;
/**
* supprimer l'objet correspondant. retourner true si l'objet a été supprimé,
* false s'il n'existait pas
*/
function delete(array $data, ?array $params=null): bool;
}

225
nur_src/ldap/LdapAttr.php Normal file
View File

@ -0,0 +1,225 @@
<?php
namespace nur\ldap;
use ArrayAccess;
use Countable;
use Iterator;
use nur\A;
use nur\b\coll\TIterableArray;
use nur\ldap\syntaxes\AbstractSyntax;
use nur\str;
class LdapAttr implements ArrayAccess, Countable, Iterator {
use TIterableArray;
const MONOVALUED = 1, BINARY = 2, ORDERED = 4, NOT_HUMAN_READABLE = 8;
function __construct(string $name, ?array &$values, ?AbstractSyntax $syntax, ?int $flags) {
$this->name = $name;
$this->syntax = $syntax;
$this->flags = $flags;
$this->reset($values);
}
/** @var string */
protected $name;
function name(): string {
return $this->name;
}
/** @var ?array */
protected $data;
function reset(?array &$values): self {
$this->data =& $values;
return $this;
}
/** @var AbstractSyntax */
protected $syntax;
/** @var int */
protected $flags;
function isMonovalued(): bool {
return $this->flags !== null && $this->flags & self::MONOVALUED != 0;
}
function isBinary(): bool {
return $this->flags !== null && $this->flags & self::BINARY != 0;
}
function isOrdered(): bool {
return $this->flags !== null && $this->flags & self::ORDERED != 0;
}
function isNotHumanReadable(): bool {
return $this->flags !== null && $this->flags & self::NOT_HUMAN_READABLE != 0;
}
protected function fromLdap($value) {
$syntax = $this->syntax;
if ($syntax !== null) {
if ($this->isMonovalued()) $value = $syntax->fromMonovaluedLdap($value);
else $value = $syntax->fromMultivaluedLdap($value);
}
return $value;
}
protected function fromPhp($value): ?iterable {
$syntax = $this->syntax;
if ($syntax !== null) $value = $syntax->fromPhp($value);
else A::ensure_narray($value);
return $value;
}
/** retourner un tableau si multivalué, une valeur scalaire si monovalué */
function get($index=null) {
$value = $this->fromLdap($this->data);
if ($index !== null && is_array($value)) {
$value = array_key_exists($index, $value)? $value[$index]: null;
}
return $value;
}
/**
* retourner toutes les valeurs
*
* @param string $checkPrefixDel ne retourner que les valeurs qui commencent
* par ce préfixe ET enlever le préfixe
*/
function all(?string $checkPrefixDel=null): ?array {
if ($this->syntax === null) $values = $this->data;
else $values = $this->syntax->fromMultivaluedLdap($this->data);
if ($checkPrefixDel !== null) {
$filtered = [];
foreach ($values as $value) {
if (str::del_prefix($value, $checkPrefixDel)) {
$filtered[] = $value;
}
}
$values = $filtered;
}
return $values;
}
/** retourner la première valeur */
function first(?string $checkPrefixDel=null) {
return A::first($this->all($checkPrefixDel));
}
function set($values, bool $unlessNn=false): self {
if ($values instanceof LdapAttr) $values = $values->array();
if (!$unlessNn || $this->data === null) {
$this->data = $this->fromPhp($values);
}
return $this;
}
protected static function in_array(string $needle, array $haystack, bool $strict, ?int &$index=null): bool {
if (!$strict) $needle = strtolower($needle);
foreach ($haystack as $index => $hay) {
if ($strict && $hay === $needle) return true;
if (!$strict && strtolower($hay) == $needle) return true;
}
return false;
}
/** vérifier si la valeur spécifiée figure dans l'attribut */
function contains($value, bool $strict=false): bool {
$value = A::first($this->fromPhp($value));
if ($value === null || $this->data === null) return false;
return self::in_array($value, $this->data, $strict);
}
/**
* l'unicité est calculée ainsi:
* - en mode strict, ce doit être une égalité parfaite
* - en mode non strict, la comparaison est insensible à la casse
* XXX à terme, implémenter la comparaison en fonction de la syntaxe
*/
function add($value, bool $unique=true, bool $strict=false): self {
$value = A::first($this->fromPhp($value));
if ($value !== null) {
if (!$unique || $this->data === null ||
!self::in_array($value, $this->data, $strict)) {
$this->data[] = $value;
}
}
return $this;
}
function addAll(?iterable $values): self {
if ($values !== null) {
foreach ($values as $value) {
$this->add($value);
}
}
return $this;
}
function del($value, int $maxCount=-1, bool $strict=false): self {
if ($value !== null && $this->data !== null) {
$value = A::first($this->fromPhp($value));
$rekey = false;
while ($maxCount != 0) {
if (!self::in_array($value, $this->data, $strict, $index)) break;
unset($this->data[$index]);
$rekey = true;
if ($maxCount > 0) $maxCount--;
}
if ($rekey) $this->data = array_values($this->data);
}
return $this;
}
function ins(int $index, $value): self {
$value = A::first($this->fromPhp($value));
if ($value !== null) {
A::insert($this->data, $index, $value);
}
return $this;
}
function unset(int $index): self {
if ($this->data !== null) {
$count = count($this->array());
if ($count > 0 && $index < 0) {
while ($index < 0) $index += $count;
}
unset($this->data[$index]);
$this->data = array_values($this->data);
}
return $this;
}
function key() { return $this->_key(); }
function current() {
$current = $this->_current();
$syntax = $this->syntax;
if ($syntax !== null) $current = $syntax->ldap2php($current);
return $current;
}
#############################################################################
# données au format LDAP
function __toString() {
return implode("\n", $this->data);
}
/** retourner les données au format LDAP */
function &array(): ?array { return $this->data; }
function count(): int { return count($this->data); }
function keys(): array { return array_keys($this->data); }
function offsetExists($key) {
return $this->data !== null && array_key_exists($key, $this->data);
}
function offsetGet($key) { return array_key_exists($key, $this->data)? $this->data[$key]: null; }
function offsetSet($key, $value) { $this->data[$key] = $value; }
function offsetUnset($key) { unset($this->data[$key]); }
function __isset($key) { return $this->offsetExists($key); }
function __get($key) { return $this->offsetGet($key); }
function __set($key, $value) { $this->offsetSet($key, $value); }
function __unset($key) { $this->offsetUnset($key); }
}

424
nur_src/ldap/LdapConn.php Normal file
View File

@ -0,0 +1,424 @@
<?php
namespace nur\ldap;
use nur\A;
use nur\b\ICloseable;
use nur\b\params\Parametrable;
use nur\b\params\Tparametrable;
use nur\ldap\schemas\LdapSchemaExtractor;
use nur\ldap\schemas\SchemaManager;
use nur\ldap\syntaxes\AbstractSyntax;
use nur\path;
use nur\php\SrcGenerator;
use nur\str;
use nur\writer;
/**
* Class LdapConn: une connexion à un serveur LDAP
*/
class LdapConn extends Parametrable implements ICloseable {
use Tparametrable;
const URI = "ldap://localhost:389";
const BINDDN = null;
const PASSWORD = null;
const CONTROLS = null;
const PARAMETRABLE_PARAMS_SCHEMA = [
"uri" => ["string", null, "URI du serveur LDAP"],
"binddn" => ["?string", null, "DN avec lequel se lier"],
"password" => ["?string", null, "mot de passe"],
"controls" => ["array", [], "contrôle de connexion"],
"protocol" => ["int", 3, "version du protocole"],
"autoconnect" => ["bool", true, "faut-il se connecter dès la création de l'objet?"],
# paramètres par défaut
"suffix" => ["?string", null, "DN de base du serveur"],
"domain" => ["?string", null, "domaine DNS de l'établissement"],
"etab" => ["?string", null, "code de l'établissement"],
"autofill_params" => ["bool", true, "faut-il calculer automatiquement les paramètres par défaut?"],
# configuration du serveur
"root_dse" => ["?array", null, "configuration du serveur"],
"ldap_syntaxes" => ["?array", null, "définition des syntaxes"],
"attribute_types" => ["?array", null, "définition des attributs"],
"object_classes" => ["?array", null, "définition des classes d'objets"],
];
function __construct(?array $params=null) {
self::set_parametrable_params_defaults($params, [
"uri" => static::URI,
"binddn" => static::BINDDN,
"password" => static::PASSWORD,
"controls" => static::CONTROLS,
]);
parent::__construct($params);
if ($this->ppAutoconnect) $this->connect();
if ($this->ppAutofillParams) $this->fillParams();
}
/** @var string */
protected $ppUri;
/** @var ?string */
protected $ppBinddn;
/** @var ?string */
protected $ppPassword;
/** @var ?array */
protected $ppControls;
/** @var int */
protected $ppProtocol;
/** @var bool */
protected $ppAutoconnect;
/** @var ?string */
protected $ppSuffix;
function getSuffix(): ?string {
return $this->ppSuffix;
}
/** @var ?string */
protected $ppDomain;
function getDomain(): ?string {
return $this->ppDomain;
}
/** @var ?string */
protected $ppEtab;
function getEtab(bool $withPrefix=true): ?string {
$etab = $this->ppEtab;
if (!$withPrefix) {
$etab = preg_replace('/^\{[^}]+}/', "", $etab);
}
return $etab;
}
/** @var bool */
protected $ppAutofillParams;
/**
* @param resource $conn
* @throws LdapException
*/
function tryConnect(?string $binddn=null, ?string $password=null, ?array $controls=null, $conn=null) {
if ($conn === null) {
$uri = $this->ppUri;
$conn = LdapException::check("connect $uri", null
, ldap_connect($uri));
$procotol = $this->ppProtocol;
LdapException::check("set_option protocol=$procotol", $conn
, ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION, $procotol));
}
if ($binddn === null) $binddn = $this->ppBinddn;
if ($password === null) $password = $this->ppPassword;
if ($controls === null) $controls = $this->ppControls;
$operation = "bind $binddn";
$r = LdapException::check($operation, $conn
, ldap_bind_ext($conn, $binddn, $password, $controls));
LdapException::check_result($operation, $conn, $r);
return $conn;
}
/** @var resource */
protected $conn;
function connect(?string $binddn=null, ?string $password=null, ?array $controls=null): void {
$this->conn = $this->tryConnect($binddn, $password, $controls, $this->conn);
}
/** @return resource */
protected function conn() {
if ($this->conn === null) $this->connect();
return $this->conn;
}
/** retourner un objet vide permettant de construire un objet depuis zéro */
function empty(?LdapObject $object=null): LdapObject {
if ($object === null) $object = new LdapObject();
return $object->reset(null, null, [], $this);
}
function _search(?string $searchbase=null, $params=null): LdapSearch {
LdapSearch::search_md()->ensureSchema($params);
A::replace_n($params, "searchbase", $searchbase);
A::replace_n($params, "suffix", $this->ppSuffix);
return new LdapSearch($this->conn(), $params);
}
function search(?string $searchbase=null, $params=null, ?ILdapWalker $walker=null): ILdapWalker {
if ($walker === null) {
$walker = new LdapWalker($this);
} else {
$walker->close();
$walker->reset(null, null, null, $this);
}
return $walker->resetSearch($this->_search($searchbase, $params));
}
function first(?string $searchbase=null, $params=null, ?LdapObject $object=null): ?LdapObject {
$search = $this->_search($searchbase, $params);
$entry = $search->first($dn);
if ($entry === null) return null;
else return $this->empty($object)->load($dn, $entry);
}
function read(string $dn, ?array $params=null, ?LdapObject $object=null): ?LdapObject {
A::merge($params, [
"scope" => "base",
"suffix" => $dn,
]);
return $this->first(null, $params, $object);
}
function add(string $dn, array $attrs, $params=null): void {
ldap::add($this->conn(), $dn, $attrs, $params);
}
function modify(string $dn, array $modattrs, $params=null): void {
ldap::modify($this->conn(), $dn, $modattrs, $params);
}
function rename(string $dn, string $newRdn, $params=null): string {
if (ldap::prepare_rename($dn, $newRdn, $params)) {
return ldap::rename($this->conn(), $dn, $newRdn, $params);
} else {
# renommage non nécessaire
return $dn;
}
}
function delete(string $dn, $params=null): void {
ldap::delete($this->conn(), $dn, $params);
}
function close(): void {
if ($this->conn !== null) {
ldap_unbind($this->conn);
$this->conn = null;
}
}
#############################################################################
/**
* Si $rdn se termine par le suffixe, le retourner tel quel, sinon rajouter
* le suffixe si ce n'est pas un DN qui est dans un des contextes valides
*/
function ensureDn(string $rdn): string {
$suffix = $this->ppSuffix;
if (names::have_suffix($rdn, $suffix)) return $rdn;
$rootDse = $this->getRootDseForContexts();
$namingContexts = $rootDse->get("namingContexts", []);
foreach ($namingContexts as $namingContext) {
if (names::have_suffix($rdn, $suffix)) return $rdn;
}
return names::join($rdn, $suffix);
}
/**
* Corriger un label de la forme {UAI::XXX} en insérant le code de
* l'établissement
*/
function fixLabel(string $labeledValue): string {
if (!preg_match('/^(\{[A-Za-z0-9:._-]+})(.*)/', $labeledValue, $ms)) {
return $labeledValue;
}
$label = $ms[1];
$value = $ms[2];
if (str::del_prefix($label, "{UAI::")) {
$label = "{UAI:".$this->getEtab(false).":$label";
} elseif (str::del_prefix($label, "{UAI:}")) {
$label = "{UAI:".$this->getEtab(false)."}$label";
}
return $label.$value;
}
#############################################################################
/** @var SchemaManager */
protected $scheman;
protected function scheman(): SchemaManager {
if ($this->scheman === null) {
$this->scheman = new SchemaManager($this);
}
return $this->scheman;
}
function getSyntax($class): AbstractSyntax {
$syntax = $this->scheman()->getSyntax($class);
$syntax->initConn($this);
return $syntax;
}
#############################################################################
protected function loadRootDse(?array $attrs=null): LdapObject {
if ($attrs === null) $attrs = ["+", "*"];
$entry = $this->_search(null, [
"attrs" => $attrs,
"scope" => "base",
"suffix" => "",
])->first($dn);
return $this->empty()->load($dn, $entry);
}
/** @var LdapObject */
protected $ppRootDse;
function pp_setRootDse(array $rootDse) {
$this->ppRootDse = $this->empty()->reset("", $rootDse);
}
function getRootDse(): LdapObject {
if ($this->ppRootDse === null) $this->ppRootDse = $this->loadRootDse();
return $this->ppRootDse;
}
protected function getRootDseForContexts(): LdapObject {
$rootDse = $this->ppRootDse;
if ($rootDse === null) {
$rootDse = $this->loadRootDse(["defaultNamingContext", "namingContexts"]);
}
return $rootDse;
}
protected function loadTopObject(?array $attrs=null): LdapObject {
if ($attrs === null) $attrs = ["+", "*"];
$entry = $this->_search("", [
"attrs" => $attrs,
"scope" => "base",
])->first($dn);
return $this->empty()->load($dn, $entry);
}
protected $ppLdapSyntaxes;
protected $ppAttributeTypes;
protected $ppObjectClasses;
function getSchemaInfos(): array {
$ldapSyntaxes = $this->ppLdapSyntaxes;
$attributeTypes = $this->ppAttributeTypes;
$objectClasses = $this->ppObjectClasses;
if ($ldapSyntaxes === null || $attributeTypes === null || $objectClasses === null) {
$lse = new LdapSchemaExtractor();
[
"ldap_syntaxes" => $ldapSyntaxes,
"attribute_types" => $attributeTypes,
"object_classes" => $objectClasses,
] = $lse->loadSchema($this);
}
return [
"ldap_syntaxes" => $this->ppLdapSyntaxes = $ldapSyntaxes,
"attribute_types" => $this->ppAttributeTypes = $attributeTypes,
"object_classes" => $this->ppObjectClasses = $objectClasses,
];
}
function saveConfig($output, bool $overwriteShared=false): void {
$uri = $this->ppUri;
$sharedname = ldap_config::get_shared_file($uri);
if (is_string($output)) {
# corriger éventuellement le nom du fichier
$output = ldap_config::get_file($output);
# calculer le chemin vers fichier partagé
$shared = path::join(path::dirname($output), $sharedname);
# écrire la configuration partagée
if ($overwriteShared) {
# forcer le recalcul
$this->ppRootDse = null;
$this->ppLdapSyntaxes = null;
$this->ppAttributeTypes = null;
$this->ppObjectClasses = null;
}
if (!file_exists($shared) || $overwriteShared) {
$rootDse = $this->getRootDse()->array();
[
"ldap_syntaxes" => $ldapSyntaxes,
"attribute_types" => $attributeTypes,
"object_classes" => $objectClasses,
] = $this->getSchemaInfos();
$config = [
"uri" => $uri,
"controls" => $this->ppControls,
"protocol" => $this->ppProtocol,
"suffix" => $this->ppSuffix,
"domain" => $this->ppDomain,
"etab" => $this->ppEtab,
"root_dse" => $rootDse,
"ldap_syntaxes" => $ldapSyntaxes,
"attribute_types" => $attributeTypes,
"object_classes" => $objectClasses,
];
$src = new SrcGenerator();
$literals = [];
foreach (consts::LDAP_CONTROL_CONSTANTS as $constant) {
if (defined($constant)) {
$literals[] = [constant($constant), $constant];
}
}
A::merge($literals, consts::ROOT_DSE_LITERALS);
$src
->genSof()
->genLiteral("# shared configuration for $uri")
->genReturn($config, null, $literals);
writer::with($shared, "wb")->writeLines($src->getLines())->close();
}
}
# écrire la configuration
$config = [
"binddn" => $this->ppBinddn,
"password" => $this->ppPassword,
];
$src = new SrcGenerator();
$src
->genSof()
->genLiteral("return array_merge(require __DIR__.'/$sharedname',")
->addValue($config)
->genLiteral(");");
writer::with($output, "wb")->writeLines($src->getLines())->close();
}
/**
* calculer automatiquement les paramètres par défaut s'ils ne sont pas
* spécifiés, tels que:
* - suffix
* - domain
* - etab
*/
function fillParams(): void {
if ($this->ppSuffix === null) {
$rootDse = $this->getRootDseForContexts();
$suffix = $rootDse->get("defaultNamingContext");
if ($suffix === null) {
$namingContexts = $rootDse->get("namingContexts", []);
foreach ($namingContexts as $namingContext) {
if (str::_starts_with("dc=", strtolower($namingContext))) {
$suffix = $namingContext;
break;
}
}
if ($suffix === null) $suffix = $namingContexts[0];
}
$this->ppSuffix = $suffix;
}
if ($this->ppDomain === null) {
$parts = ldap_explode_dn($this->ppSuffix, 1);
unset($parts["count"]);
$this->ppDomain = implode(".", $parts);
}
if ($this->ppEtab === null) {
$topObject = $this->loadTopObject();
$this->ppEtab = $topObject->first("supannEtablissement");
}
}
}

74
nur_src/ldap/LdapException.php Normal file
View File

@ -0,0 +1,74 @@
<?php
namespace nur\ldap;
use nur\b\UserException;
class LdapException extends UserException {
/** @param $r ?resource */
static function check(string $message, $r, $value) {
if ($value !== false) return $value;
if ($r !== null) {
throw new self($message, ldap_errno($r), null, ldap_error($r));
} else {
throw new self($message);
}
}
static function check_result(string $message, $conn, $r) {
ldap_parse_result($conn, $r, $errorCode, $matchedDn, $errorMessage, $referrals, $controls);
if ($errorCode != 0) {
if (!$errorMessage) $errorMessage = ldap_err2str($errorCode);
throw new LdapException($message, $errorCode, $matchedDn, $errorMessage, $referrals, $controls);
}
}
function __construct(string $userMessage
, ?int $errorCode=null, ?string $matchedDn=null, ?string $errorMessage=null
, ?array $referrals=null, ?array $controls=null) {
if ($errorCode == 0) {
parent::__construct($userMessage);
} else {
$this->matchedDn = $matchedDn;
$this->errorMessage = $errorMessage;
$this->referrals = $referrals;
$this->controls = $controls;
$parts = ["error $errorCode"];
if ($errorMessage) $parts[] = $errorMessage;
if ($matchedDn) $parts[] = "matched_dn: $matchedDn";
if ($referrals) $parts[] = "referrals: ".implode(" ", $referrals);
$techMessage = implode(", ", $parts);
parent::__construct([
"user" => $userMessage,
"tech" => $techMessage,
], $errorCode);
}
}
/** @var string */
protected $matchedDn;
function getMatchedDn(): ?string {
return $this->matchedDn;
}
/** @var string */
protected $errorMessage;
function getErrorMessage(): ?string {
return $this->errorMessage;
}
/** @var ?array */
protected $referrals;
function getReferrals(): ?array {
return $this->referrals;
}
/** @var ?array */
protected $controls;
function getControls(): ?array {
return $this->controls;
}
}

376
nur_src/ldap/LdapObject.php Normal file
View File

@ -0,0 +1,376 @@
<?php
namespace nur\ldap;
use ArrayAccess;
use Countable;
use nur\A;
use nur\b\IllegalAccessException;
use nur\ldap\syntaxes\CompositeSyntax;
use nur\ldap\syntaxes\StringSyntax;
/**
* Class LdapObject: un objet LDAP
*/
class LdapObject implements ArrayAccess, Countable {
static function with(?string $dn, ?array $entry): ?self {
if ($entry === null) return null;
else return (new self())->load($dn, $entry);
}
/** @var string[] liste des classes par défaut lors de la création de l'objet */
const OBJECT_CLASSES = ["top"];
/** @var string DN dans lequel cet objet est créé par défaut */
const PARENT_RDN = null;
/**
* @var array|string nom des attribut(s) utilisé(s) pour nommer cet objet par
* défaut
*/
const DN_NAMES = null;
function __construct(?string $dn=null, ?array $attrs=null, ?array $initialNames=null, ?LdapConn $conn=null) {
$this->reset($dn, $attrs, A::with($initialNames), $conn);
}
/** @var LdapConn */
protected $conn;
function getConn(): LdapConn {
return $this->conn;
}
/** @var array attributs initialement demandés lors de la recherche */
protected $initialNames;
protected function initialNames(): array {
return $this->initialNames;
}
/** @var array valeurs originale des attributs avant modification */
protected $orig;
/** @var array */
protected $data;
/** @var array */
protected $lkey2names;
/** @var array liste des attributs utilisés pour nommer l'objet */
protected $dnNames;
/**
* @var LdapAttr[] pour chaque attribut, l'instance de {@link LdapAttr} qui
* gère les valeurs correspondantes de $data
*/
protected $attrs;
protected function resetAttrs(): void {
# refaire les attributs le cas échéant
if ($this->attrs === null) return;
foreach (array_keys($this->data) as $name) {
if (array_key_exists($name, $this->attrs)) {
$this->attrs[$name]->reset($this->data[$name]);
}
}
}
private function n($key): string {
$lkey = strtolower(strval($key));
$name = A::get($this->lkey2names, $lkey);
if ($name === null) {
# si $key n'existe pas, l'ajouter
$name = $this->lkey2names[$lkey] = $key;
}
return $name;
}
function &array(): ?array { return $this->data; }
function count(): int { return count($this->data); }
function keys(): array { return array_keys($this->data); }
function has($name): bool {
return $this->data !== null && array_key_exists($this->n($name), $this->data);
}
function _get(string $name): LdapAttr {
$name = $this->n($name);
if ($this->attrs === null || !array_key_exists($name, $this->attrs)) {
$attribute = A::get(static::SCHEMA(), strtolower($name));
if ($attribute !== null && $this->conn !== null) {
["class" => $class, "flags" => $flags] = $attribute;
$syntax = $this->conn->getSyntax($class);
} else {
$syntax = $flags = null;
}
if ($syntax !== null) {
$attr = $syntax->newAttr($name, $this->data[$name], $flags);
} else {
$attr = new LdapAttr($name, $this->data[$name], $syntax, $flags);
}
$this->attrs[$name] = $attr;
}
return $this->attrs[$name];
}
function _del(string $name): void {
unset($this->data[$this->n($name)]);
}
function get($name) { return $this->_get($name)->get(); }
function first($name) { return $this->_get($name)->first(); }
function all($name): iterable { return $this->_get($name)->all(); }
function set($name, $values, bool $unlessNn=false): self { $this->_get($name)->set($values, $unlessNn); return $this; }
function add($name, $value, bool $unique=true): self { $this->_get($name)->add($value, $unique); return $this; }
function del($name, $value, int $maxCount=-1, bool $strict=false): self { $this->_get($name)->del($value, $maxCount, $strict); return $this; }
function ins($name, int $index, $value): self { $this->_get($name)->ins($index, $value); return $this; }
function unset($name, int $index): self { $this->_get($name)->unset($index); return $this; }
function merge(?array $attrs): self {
if ($attrs !== null) {
foreach ($attrs as $name => $values) {
$this->set($name, $values);
}
}
return $this;
}
function offsetExists($key) { return $this->has($key); }
function offsetGet($key) { return $this->_get($key)->get(); }
function offsetSet($key, $value) { $this->_get($key)->set($value); }
function offsetUnset($key) { $this->_del($key); }
function __isset($key) { return $this->has($key); }
function __get($key) { return $this->_get($key)->get(); }
function __set($key, $value) { $this->_get($key)->set($value); }
function __unset($key) { $this->_del($key); }
/**
* initialiser cet objet avec des données construites à la volée.
* - si $dn === null, c'est un nouvel objet
* - sinon c'est un objet existant déjà dans LDAP
*/
function reset(?string $dn, ?array $attrs=null, ?array $initialNames=null, ?LdapConn $conn=null): self {
if ($conn !== null) $this->conn = $conn;
if ($initialNames !== null) $this->initialNames = $initialNames;
# attributs demandés
$lkey2names = ["dn" => "dn"];
foreach ($this->initialNames() as $name) {
if ($name == "+" || $name == "*") continue;
$lkey2names[strtolower($name)] = $name;
}
# attributs obtenus effectivement
A::merge_nn($attrs, [
"objectClass" => static::OBJECT_CLASSES,
]);
$orig = ["dn" => [$dn]];
foreach ($attrs as $name => $value) {
$orig[$name] = $value;
$lkey2names[strtolower($name)] = $name;
}
# ensuite, mettre à null les attributs qui n'ont pas été obtenus
foreach ($lkey2names as $name) {
if (!array_key_exists($name, $orig)) {
$orig[$name] = null;
}
}
# calculer les clés qui composent le DN
$dnNames = names::get_dn_names($dn, $lkey2names);
# finaliser le paramétrage
$this->data = $this->orig = $orig;
$this->lkey2names = $lkey2names;
$this->dnNames = $dnNames;
$this->resetAttrs();
return $this;
}
/** initialiser cet objet avec le résultat d'une recherche */
function load(string $dn, array $entry): self {
[$this->orig, $this->lkey2names, $this->dnNames,
] = LdapSearch::cook($this->initialNames(), $dn, $entry);
$this->data = $this->orig;
$this->resetAttrs();
return $this;
}
/** recharger l'objet depuis le serveur */
function reload(?LdapConn $conn=null): self {
if ($conn === null) $conn = $this->conn;
$dn = $this->data["dn"][0];
$entry = $conn->_search($dn, [
"attrs" => $this->initialNames(),
"scope" => "base",
])->first($dn);
if ($entry === null) {
throw new IllegalAccessException("object $dn no longer exists");
}
return $this->load($dn, $entry);
}
function initDn(?string $parentDn=null, $dnNames=null, ?LdapConn $conn=null): void {
if ($conn === null) $conn = $this->conn;
if ($parentDn === null) $parentDn = static::PARENT_RDN;
if ($conn !== null) $parentDn = $conn->ensureDn($parentDn);
if ($dnNames === null) $dnNames = static::DN_NAMES;
$rdn = [];
foreach (A::with($dnNames) as $name) {
$rdn[$name] = $this->get($name);
}
$dn = names::join($rdn, $parentDn);
$this->data["dn"] = [$dn];
$this->dnNames = names::get_dn_names($dn, $this->lkey2names);
}
function computeAddattrs(array $data): array {
$attrs = [];
$first = true;
foreach ($data as $name => $values) {
if ($first) {
# ne pas inclure le DN
$first = false;
continue;
}
# ne pas inclure les valeurs vides et nulles
if ($values === null || $values === []) continue;
# utiliser array_values pour être sûr d'avoir un tableau séquentiel (les
# valeurs composites sont indexées sur la clé calculée)
$attrs[$name] = array_values(A::with($values));
}
return $attrs;
}
function computeModattr(string $name, $orig, $value): array {
# utiliser array_values pour être sûr d'avoir un tableau séquentiel (les
# valeurs composites sont indexées sur la clé calculée)
$orig = array_values(A::with($orig));
$value = array_values(A::with($value));
if ($value === $orig) return [];
if (!$orig) return [["add", $name => $value]];
elseif (!$value) return [["delete", $name]];
else return [["replace", $name => $value]];
#XXX pour certains attributs (comme member), ou si le nombre d'éléments
# dépasse un certain seuil, remplacer replace par un ensemble de add et/ou
# delete
}
/**
* retourner true si update() provoquerait une mise à jour du serveur LDAP, en
* d'autres termes si l'objet est nouveau ou a des modifications
*/
function willUpdate(): bool {
$create = $this->orig["dn"][0] === null;
if ($create) return true;
foreach ($this->data as $name => $value) {
$orig = A::get($this->orig, $name);
$modattr = $this->computeModattr($name, $orig, $value);
if ($modattr != null) return true;
}
return false;
}
/**
* @return bool true si la modification a été faite, false si elle n'était pas
* nécessaire
*/
function update($params=null, ?LdapConn $conn=null, ?bool $create=null): bool {
if ($conn === null) $conn = $this->conn;
$dn = $this->data["dn"][0];
if ($create === null) {
$origDn = $this->orig["dn"][0];
$create = $origDn === null;
}
if ($create) {
# création de l'objet
$attrs = $this->computeAddattrs($this->data);
$conn->add($dn, $attrs, $params);
} else {
# mise à jour de l'objet
$modattrs = [];
foreach ($this->data as $name => $value) {
$orig = A::get($this->orig, $name);
$modattr = $this->computeModattr($name, $orig, $value);
if ($modattr != null) {
if (in_array($name, $this->dnNames)) {
throw IllegalAccessException::not_allowed("modifying DN attrs");
}
A::merge($modattrs, $modattr);
}
}
if (!$modattrs) return false;
$conn->modify($dn, $modattrs);
}
# s'il y a des références sur $this->data, alors une simple "copie" fera
# que $this->orig garde ces références. c'est la raison pour laquelle on
# doit refaire les attributs
$this->orig = $this->data;
$this->attrs = null;
return true;
}
function rename(string $newRdn, $params=null, ?LdapConn $conn=null): void {
if ($conn === null) $conn = $this->conn;
$dn = $this->data["dn"][0];
if (ldap::prepare_rename($dn, $newRdn, $params)) {
$dn = $conn->rename($dn, $newRdn, $params);
$this->orig["dn"] = [$dn];
$this->data["dn"] = [$dn];
$this->dnNames = names::get_dn_names($dn, $this->lkey2names);
}
}
function delete($params=null, ?LdapConn $conn=null): void {
if ($conn === null) $conn = $this->conn;
$conn->delete($this->data["dn"][0], $params);
}
/**
* tester s'il existe un objet nommé $attr=$value dans branche $parent qui
* vaut par défaut la branche dans laquelle est situé cet objet
*/
function existsSibling(string $value, ?string $attr=null, ?string $parent=null, ?LdapConn $conn=null): bool {
if ($conn === null) $conn = $this->conn;
$dn = $this->data["dn"][0];
names::split_dn($dn, $myRdn, $myParent);
if ($attr === null) {
$myAttrs = names::split_rdn($myRdn);
$attr = A::first_key($myAttrs);
}
if ($parent === null) $parent = $myParent;
$entry = $conn->_search(null, [
"scope" => "one",
"suffix" => $parent,
"filter" => [$attr => $value],
"attrs" => ["dn"],
])->first();
return $entry !== null;
}
#############################################################################
static function _AUTOGEN_SCHEMA(): array {
return scheman::autogen_schema(static::OBJECT_CLASSES);
}
static function _AUTOGEN_PROPERTIES(): array {
return scheman::autogen_properties(self::_AUTOGEN_SCHEMA());
}
static function _AUTOGEN_METHODS(): array {
return scheman::autogen_methods(self::_AUTOGEN_SCHEMA());
}
const SCHEMA = null;
protected static function SCHEMA(): array {
# il faut au moins la définition qui indique que dn est monovalué
$schema = static::SCHEMA;
if ($schema === null) {
$schema = [
"dn" => [
"name" => "dn",
"class" => StringSyntax::class,
"flags" => LdapAttr::MONOVALUED,
],
];
}
return $schema;
}
function __call(string $name, ?array $args) {
$schema = static::SCHEMA();
if (is_array($schema) && array_key_exists(strtolower($name), $schema)) {
return $this->_get($name);
}
throw IllegalAccessException::not_implemented($name);
}
## rajouter ceci dans les classes dérivées
#const _AUTOGEN_CONSTS = ["SCHEMA"];
#const _AUTOGEN_PROPERTIES = [[self::class, "_AUTOGEN_PROPERTIES"]];
#const _AUTOGEN_METHODS = [[self::class, "_AUTOGEN_METHODS"]];
}

221
nur_src/ldap/LdapSearch.php Normal file
View File

@ -0,0 +1,221 @@
<?php
namespace nur\ldap;
use IteratorAggregate;
use nur\A;
use nur\b\params\Parametrable;
use nur\b\params\Tparametrable;
use nur\b\StopException;
use nur\b\ValueException;
use nur\data\types\md_utils;
use nur\data\types\Metadata;
use nur\iter;
use nur\log;
class LdapSearch extends Parametrable implements IteratorAggregate {
use Tparametrable;
static function parse_args(?array &$params, ?array $args
, ?string $searchbase=null, ?string $searchbase_exact=null
, ?string $scope=null): void {
$first = true;
$filter = null;
$attrs = null;
foreach ($args as $arg) {
if ($first) {
$first = false;
if (strpos($arg, "=") !== false) $filter = $arg;
else $attrs[] = $arg;
} else {
$attrs[] = $arg;
}
}
if ($filter !== null) $params["filter"] = $filter;
if ($attrs !== null) $params["attrs"] = $attrs;
if ($searchbase_exact !== null) {
$searchbase = $searchbase_exact;
$params["suffix"] = "";
}
if ($searchbase !== null) $params["searchbase"] = $searchbase;
if ($scope !== null) $params["scope"] = $scope;
}
const SCOPE_SUBTREE = 2, SCOPE_ONELEVEL = 1, SCOPE_BASE = 0;
const PARAMETRABLE_PARAMS_SCHEMA = [
"filter" => ["?content", "objectClass=*", "filtre de recherche"],
"attrs" => ["?array", [], "attributs à retourner"],
"searchbase" => ["?string", null, "DN de base pour la recherche"],
"scope" => ["?string", "sub", "étendue de la recherche"],
"suffix" => ["?string", null, "DN de base du serveur"],
"attributes_only" => ["bool", false, "faut-il ne retourner que les attributs?"],
"sizelimit" => ["int", -1, "limite de taille"],
"timelimit" => ["int", -1, "limite de temps"],
"deref" => ["int", LDAP_DEREF_NEVER, "type de déférencement"],
"controls" => ["array", [], "contrôles de la recherche"],
];
private static $search_md;
static function search_md(): Metadata {
return md_utils::ensure_md(self::$search_md, self::PARAMETRABLE_PARAMS_SCHEMA);
}
function __construct($conn, array $params) {
$this->conn = $conn;
parent::__construct($params);
}
/** @var resource */
protected $conn;
/** @var string */
protected $ppSearchbase;
/** @var string */
protected $filter;
function pp_setFilter($filter): void {
$this->filter = filters::parse($filter);
}
/** @var array */
protected $ppAttrs;
/** retourner la liste des attributs demandés */
function getAttrs(): array {
return $this->ppAttrs;
}
/** @var int */
protected $scope;
function pp_setScope(string $scope): void {
switch ($scope) {
case self::SCOPE_SUBTREE:
case "subtree":
case "sub":
case "s":
$this->scope = self::SCOPE_SUBTREE;
break;
case self::SCOPE_ONELEVEL:
case "onelevel":
case "one":
case "o":
$this->scope = self::SCOPE_ONELEVEL;
break;
case self::SCOPE_BASE:
case "base":
case "b":
$this->scope = self::SCOPE_BASE;
break;
default:
throw ValueException::invalid_value($scope, "scope");
}
}
/** @var string */
protected $ppSuffix;
/** @var bool */
protected $ppAttributesOnly;
/** @var int */
protected $ppSizelimit;
/** @var int */
protected $ppTimelimit;
/** @var int */
protected $ppDeref;
/** @var array */
protected $ppControls;
function getIterator() {
$conn = $this->conn;
$args = [$conn];
$base = [];
if ($this->ppSearchbase) $base[] = $this->ppSearchbase;
if ($this->ppSuffix) $base[] = $this->ppSuffix;
$args[] = implode(",", $base);
A::merge($args, [
$this->filter?: "",
$this->ppAttrs?: [],
$this->ppAttributesOnly,
$this->ppSizelimit,
$this->ppTimelimit,
$this->ppDeref,
$this->ppControls,
]);
log::debug("Searching searchbase=$args[1] filter=$args[2]");
$scope = $this->scope;
if ($scope == self::SCOPE_SUBTREE) $rr = @ldap_search(...$args);
elseif ($scope == self::SCOPE_ONELEVEL) $rr = @ldap_list(...$args);
elseif ($scope == self::SCOPE_BASE) $rr = @ldap_read(...$args);
else throw ValueException::invalid_value($scope, "scope");
// pas trouvé
if ($rr === false && ldap_errno($conn) == 32) return;
$rr = LdapException::check("search", $conn, $rr);
try {
$er = ldap_first_entry($conn, $rr);
while ($er !== false) {
$dn = ldap_get_dn($conn, $er);
$entry = ldap_get_attributes($conn, $er);
yield $dn => $entry;
$er = ldap_next_entry($conn, $er);
}
} catch (StopException $e) {
} finally {
ldap_free_result($rr);
}
}
/**
* retourner la première entrée du résultat de la recherche ou null si la
* recherche ne retourne aucun résultat
*/
function first(?string &$dn=null): ?array {
$it = $this->getIterator();
$it->rewind();
if (!$it->valid()) return null;
try {
$dn = $it->key();
return $it->current();
} finally {
iter::close($it);
}
}
static function cook(array $initial_names, string $dn, array $entry): array {
# attributs demandés
$lkey2names = ["dn" => "dn"];
foreach ($initial_names as $name) {
if ($name == "+" || $name == "*") continue;
$lkey2names[strtolower($name)] = $name;
}
# attributs obtenus effectivement
$count = $entry["count"];
$attrs = ["dn" => [$dn]];
for ($i = 0; $i < $count; $i++) {
$name = $entry[$i];
$attr = $entry[$name];
unset($attr["count"]);
$attrs[$name] = $attr;
$lkey2names[strtolower($name)] = $name;
}
# ensuite, mettre à null les attributs qui n'ont pas été obtenus
foreach ($lkey2names as $name) {
if (!array_key_exists($name, $attrs)) {
$attrs[$name] = null;
}
}
# calculer les clés qui composent le DN
$dn_names = names::get_dn_names($dn, $lkey2names);
return [$attrs, $lkey2names, $dn_names];
}
}

10
nur_src/ldap/LdapWalker.php Normal file
View File

@ -0,0 +1,10 @@
<?php
namespace nur\ldap;
/**
* Class LdapWalker: une classe permettant de parcourir les résultats d'une
* recherche
*/
class LdapWalker extends LdapObject implements ILdapWalker {
use TLdapWalker;
}

25
nur_src/ldap/TCompositeValue.php Normal file
View File

@ -0,0 +1,25 @@
<?php
namespace nur\ldap;
use nur\b\coll\TArrayMd;
trait TCompositeValue {
use TArrayMd;
/** @var array */
private static $optional_keys;
protected function getOptionalKeys(): array {
$optionalKeys = self::$optional_keys;
if ($optionalKeys === null) {
$optionalKeys = self::$optional_keys = parent::getOptionalKeys();
}
return $optionalKeys;
}
function reset(?array $values): CompositeValue {
$this->md()->ensureSchema($values);
$this->data = $values;
return $this;
}
}

54
nur_src/ldap/TLdapWalker.php Normal file
View File

@ -0,0 +1,54 @@
<?php
namespace nur\ldap;
use Iterator;
use nur\iter;
trait TLdapWalker {
function __construct(?LdapConn $conn=null, ?LdapSearch $search=null) {
parent::__construct(null, null, null, $conn);
if ($search !== null) $this->resetSearch($search);
}
/** @var LdapSearch */
protected $search;
function resetSearch(LdapSearch $search): ILdapWalker {
$this->close();
$this->reset(null, null, $search->getAttrs());
$this->search = $search;
return $this;
}
/** @var Iterator */
protected $it;
protected function loadNext(): bool {
$it = $this->it;
if (!$it->valid()) {
$this->close();
return false;
}
$this->load($it->key(), $it->current());
return true;
}
function next(?bool &$found=null): bool {
if ($this->it === null) {
$this->it = $this->search->getIterator();
$this->it->rewind();
$updateFound = true;
} else {
$this->it->next();
$updateFound = false;
}
$haveNext = $this->loadNext();
if ($updateFound) $found = $haveNext;
return $haveNext;
}
function close(): void {
iter::close($this->it);
$this->it = null;
}
}

23
nur_src/ldap/app/LdapApplication.php Normal file
View File

@ -0,0 +1,23 @@
<?php
namespace nur\ldap\app;
use nur\cli\Application;
abstract class LdapApplication extends Application {
use TLdapApplication;
const LOAD_PARAMS = true;
const ARGS = [
"sections" => [
self::VERBOSITY_SECTION,
[
"title" => "CONNEXION LDAP",
["-C", "--config", "args" => "file"],
["-H", "--uri", "args" => 1],
["-D", "--binddn", "args" => 1],
["-w", "--password", "args" => 1],
],
],
];
}

35
nur_src/ldap/app/LdapDeleteApp.php Normal file
View File

@ -0,0 +1,35 @@
<?php
namespace nur\ldap\app;
use nur\ldap\LdapSearch;
use nur\ldap\LdapWalker;
use nur\log;
class LdapDeleteApp extends LdapApplication {
const ARGS = [
"merge" => parent::ARGS,
["-s", "--scope", "args" => 1],
["-b", "--searchbase", "args" => 1],
["-B", "--searchbase-exact", "args" => 1],
];
protected $scope;
protected $searchbase, $searchbaseExact;
protected $args;
function main() {
$conn = $this->getConn();
$params = [];
LdapSearch::parse_args($params, $this->args
, $this->searchbase, $this->searchbaseExact
, $this->scope);
/** @var LdapWalker $lo */
$lo = $conn->search(null, $params);
while ($lo->next($first)) {
log::action("Suppression $lo[dn]");
$lo->delete();
log::asuccess();
}
}
}

27
nur_src/ldap/app/LdapGetInfosApp.php Normal file
View File

@ -0,0 +1,27 @@
<?php
namespace nur\ldap\app;
class LdapGetInfosApp extends LdapApplication {
const ARGS = [
"merge" => parent::ARGS,
["-o", "--output", "args" => 1],
["-f", "--overwrite-shared", "value" => true],
["-u", "--update", "value" => true, "help" => "Mettre à jour le fichier de connexion (nécessite --config et implique --output et --overwrite-shared)"]
];
protected $output, $overwriteShared = false;
protected $update = false;
function main() {
$conn = $this->getConn();
if ($this->update) {
$config = $this->config;
if ($config === null) {
self::die("Vous devez spécifier la configuration à mettre à jour");
}
$this->output = $config;
$this->overwriteShared = true;
}
$conn->saveConfig($this->output, $this->overwriteShared);
}
}

62
nur_src/ldap/app/LdapSearchApp.php Normal file
View File

@ -0,0 +1,62 @@
<?php
namespace nur\ldap\app;
use nur\b\IllegalAccessException;
use nur\ldap\io\LdapWriter;
use nur\ldap\io\LdifWriter;
use nur\ldap\io\YamlWriter;
use nur\ldap\LdapSearch;
use nur\ldap\LdapWalker;
class LdapSearchApp extends LdapApplication {
const ARGS = [
"merge" => parent::ARGS,
["-s", "--scope", "args" => 1],
["-b", "--searchbase", "args" => 1],
["-B", "--searchbase-exact", "args" => 1],
["-o", "--output", "args" => "file"],
["group",
["-F", "--format", "args" => 1],
["--ldif", "dest" => "format", "value" => "ldif"],
["--yaml", "dest" => "format", "value" => "yaml"],
],
];
protected $scope;
protected $searchbase, $searchbaseExact;
protected $output;
protected $format = "ldif";
protected $args;
function getWriter(): LdapWriter {
switch ($this->format) {
case "ldif":
case "l":
return new LdifWriter($this->output);
case "yaml":
case "y":
return new YamlWriter($this->output);
}
throw IllegalAccessException::unexpected_state();
}
function main() {
$conn = $this->getConn();
$params = [];
LdapSearch::parse_args($params, $this->args
, $this->searchbase, $this->searchbaseExact
, $this->scope);
/** @var LdapWalker $lo */
$lo = $conn->search(null, $params);
$writer = null;
while ($lo->next($first)) {
if ($first) {
$first = false;
$writer = $this->getWriter();
}
$writer->write($lo);
}
if ($writer !== null) $writer->close();
}
}

34
nur_src/ldap/app/TLdapApplication.php Normal file
View File

@ -0,0 +1,34 @@
<?php
namespace nur\ldap\app;
use nur\A;
use nur\ldap\LdapConn;
trait TLdapApplication {
protected $config;
protected $uri, $binddn, $password;
protected function fixConfig(?string &$config): void {
}
function getConn(?array $supplParams=null): LdapConn {
$config = $this->config;
$this->fixConfig($config);
$loadParams = static::LOAD_PARAMS;
$autoconnect = $autofillParams = null;
if ($config === null) {
$params = [];
} else {
$params = require $config;
if (!$loadParams) $autoconnect = $autofillParams = false;
}
A::merge($params, A::filter_n([
"uri" => $this->uri,
"binddn" => $this->binddn,
"password" => $this->password,
"autoconnect" => $autoconnect,
"autofill_params" => $autofillParams,
]), $supplParams);
return new LdapConn($params);
}
}

324
nur_src/ldap/consts.php Normal file
View File

@ -0,0 +1,324 @@
<?php
namespace nur\ldap;
use nur\ldap\syntaxes\BinarySyntax;
use nur\ldap\syntaxes\BooleanSyntax;
use nur\ldap\syntaxes\DateSyntax;
use nur\ldap\syntaxes\IntegerSyntax;
use nur\ldap\syntaxes\MailSyntax;
use nur\ldap\syntaxes\PostalAddressSyntax;
use nur\ldap\syntaxes\PrintableSyntax;
use nur\ldap\syntaxes\StringSyntax;
use nur\ldap\syntaxes\TelephoneSyntax;
class consts {
/**
* @var array[] définitions connues des syntaxes, au cas le serveur ne les
* retourne pas
*/
const KNOWN_SLAPD_SYNTAXES = [
'1.3.6.1.4.1.1466.115.121.1.4' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.4',
'desc' => 'Audio',
'x_not_human_readable' => true,
'x_binary_transfer_required' => false,
],
'1.3.6.1.4.1.1466.115.121.1.5' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.5',
'desc' => 'Binary',
'x_not_human_readable' => true,
'x_binary_transfer_required' => false,
],
'1.3.6.1.4.1.1466.115.121.1.6' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.6',
'desc' => 'Bit String',
'x_not_human_readable' => false,
'x_binary_transfer_required' => false,
],
'1.3.6.1.4.1.1466.115.121.1.7' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.7',
'desc' => 'Boolean',
'x_not_human_readable' => false,
'x_binary_transfer_required' => false,
],
'1.3.6.1.4.1.1466.115.121.1.8' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.8',
'desc' => 'Certificate',
'x_not_human_readable' => true,
'x_binary_transfer_required' => true,
],
'1.3.6.1.4.1.1466.115.121.1.9' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.9',
'desc' => 'Certificate List',
'x_not_human_readable' => true,
'x_binary_transfer_required' => true,
],
'1.3.6.1.4.1.1466.115.121.1.10' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.10',
'desc' => 'Certificate Pair',
'x_not_human_readable' => true,
'x_binary_transfer_required' => true,
],
'1.3.6.1.4.1.4203.666.11.10.2.1' => [
'oid' => '1.3.6.1.4.1.4203.666.11.10.2.1',
'desc' => 'X.509 AttributeCertificate',
'x_not_human_readable' => true,
'x_binary_transfer_required' => true,
],
'1.3.6.1.4.1.1466.115.121.1.12' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.12',
'desc' => 'Distinguished Name',
'x_not_human_readable' => false,
'x_binary_transfer_required' => false,
],
'1.2.36.79672281.1.5.0' => [
'oid' => '1.2.36.79672281.1.5.0',
'desc' => 'RDN',
'x_not_human_readable' => false,
'x_binary_transfer_required' => false,
],
'1.3.6.1.4.1.1466.115.121.1.14' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.14',
'desc' => 'Delivery Method',
'x_not_human_readable' => false,
'x_binary_transfer_required' => false,
],
'1.3.6.1.4.1.1466.115.121.1.15' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.15',
'desc' => 'Directory String',
'x_not_human_readable' => false,
'x_binary_transfer_required' => false,
],
'1.3.6.1.4.1.1466.115.121.1.22' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.22',
'desc' => 'Facsimile Telephone Number',
'x_not_human_readable' => false,
'x_binary_transfer_required' => false,
],
'1.3.6.1.4.1.1466.115.121.1.23' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.23',
'desc' => 'Fax image',
'x_not_human_readable' => false,
'x_binary_transfer_required' => false,
],
'1.3.6.1.4.1.1466.115.121.1.24' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.24',
'desc' => 'Generalized Time',
'x_not_human_readable' => false,
'x_binary_transfer_required' => false,
],
'1.3.6.1.4.1.1466.115.121.1.25' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.25',
'desc' => 'Guide',
'x_not_human_readable' => false,
'x_binary_transfer_required' => false,
],
'1.3.6.1.4.1.1466.115.121.1.26' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.26',
'desc' => 'IA5 String',
'x_not_human_readable' => false,
'x_binary_transfer_required' => false,
],
'1.3.6.1.4.1.1466.115.121.1.27' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.27',
'desc' => 'Integer',
'x_not_human_readable' => false,
'x_binary_transfer_required' => false,
],
'1.3.6.1.4.1.1466.115.121.1.28' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.28',
'desc' => 'JPEG',
'x_not_human_readable' => true,
'x_binary_transfer_required' => false,
],
'1.3.6.1.4.1.1466.115.121.1.34' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.34',
'desc' => 'Name And Optional UID',
'x_not_human_readable' => false,
'x_binary_transfer_required' => false,
],
'1.3.6.1.4.1.1466.115.121.1.36' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.36',
'desc' => 'Numeric String',
'x_not_human_readable' => false,
'x_binary_transfer_required' => false,
],
'1.3.6.1.4.1.1466.115.121.1.38' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.38',
'desc' => 'OID',
'x_not_human_readable' => false,
'x_binary_transfer_required' => false,
],
'1.3.6.1.4.1.1466.115.121.1.39' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.39',
'desc' => 'Other Mailbox',
'x_not_human_readable' => false,
'x_binary_transfer_required' => false,
],
'1.3.6.1.4.1.1466.115.121.1.40' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.40',
'desc' => 'Octet String',
'x_not_human_readable' => false,
'x_binary_transfer_required' => false,
],
'1.3.6.1.4.1.1466.115.121.1.41' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.41',
'desc' => 'Postal Address',
'x_not_human_readable' => false,
'x_binary_transfer_required' => false,
],
'1.3.6.1.4.1.1466.115.121.1.44' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.44',
'desc' => 'Printable String',
'x_not_human_readable' => false,
'x_binary_transfer_required' => false,
],
'1.3.6.1.4.1.1466.115.121.1.11' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.11',
'desc' => 'Country String',
'x_not_human_readable' => false,
'x_binary_transfer_required' => false,
],
'1.3.6.1.4.1.1466.115.121.1.45' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.45',
'desc' => 'SubtreeSpecification',
'x_not_human_readable' => false,
'x_binary_transfer_required' => false,
],
'1.3.6.1.4.1.1466.115.121.1.49' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.49',
'desc' => 'Supported Algorithm',
'x_not_human_readable' => true,
'x_binary_transfer_required' => true,
],
'1.3.6.1.4.1.1466.115.121.1.50' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.50',
'desc' => 'Telephone Number',
'x_not_human_readable' => false,
'x_binary_transfer_required' => false,
],
'1.3.6.1.4.1.1466.115.121.1.51' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.51',
'desc' => 'Teletex Terminal Identifier',
'x_not_human_readable' => false,
'x_binary_transfer_required' => false,
],
'1.3.6.1.4.1.1466.115.121.1.52' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.52',
'desc' => 'Telex Number',
'x_not_human_readable' => false,
'x_binary_transfer_required' => false,
],
'1.3.6.1.4.1.1466.115.121.1.53' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.53',
'desc' => 'UTC Time',
'x_not_human_readable' => false,
'x_binary_transfer_required' => false,
],
'1.3.6.1.4.1.1466.115.121.1.54' => [
'oid' => '1.3.6.1.4.1.1466.115.121.1.54',
'desc' => 'LDAP Syntax Description',
'x_not_human_readable' => false,
'x_binary_transfer_required' => false,
],
'1.3.6.1.1.1.0.0' => [
'oid' => '1.3.6.1.1.1.0.0',
'desc' => 'RFC2307 NIS Netgroup Triple',
'x_not_human_readable' => false,
'x_binary_transfer_required' => false,
],
'1.3.6.1.1.1.0.1' => [
'oid' => '1.3.6.1.1.1.0.1',
'desc' => 'RFC2307 Boot Parameter',
'x_not_human_readable' => false,
'x_binary_transfer_required' => false,
],
'1.3.6.1.1.16.1' => [
'oid' => '1.3.6.1.1.16.1',
'desc' => 'UUID',
'x_not_human_readable' => false,
'x_binary_transfer_required' => false,
],
];
const KNOWN_SYNTAX_CLASSES = [
'1.3.6.1.4.1.1466.115.121.1.4' => BinarySyntax::class, // audio
'1.3.6.1.4.1.1466.115.121.1.5' => BinarySyntax::class, // binary
'1.3.6.1.4.1.1466.115.121.1.6' => BinarySyntax::class, // bit string
'1.3.6.1.4.1.1466.115.121.1.7' => BooleanSyntax::class, // boolean
'1.3.6.1.4.1.1466.115.121.1.8' => BinarySyntax::class, // certificate
'1.3.6.1.4.1.1466.115.121.1.9' => BinarySyntax::class, // certificate list
'1.3.6.1.4.1.1466.115.121.1.10' => BinarySyntax::class, // certificate pair
'1.3.6.1.4.1.4203.666.11.10.2.1' => BinarySyntax::class, // X.509 AttributeCertificate
'1.3.6.1.4.1.1466.115.121.1.12' => StringSyntax::class, // DN
'1.2.36.79672281.1.5.0' => StringSyntax::class, // RDN
'1.3.6.1.4.1.1466.115.121.1.14' => StringSyntax::class, // delivery method
'1.3.6.1.4.1.1466.115.121.1.15' => StringSyntax::class, // directory string
'1.3.6.1.4.1.1466.115.121.1.22' => TelephoneSyntax::class, // fax number
'1.3.6.1.4.1.1466.115.121.1.24' => DateSyntax::class, // generalized time
'1.3.6.1.4.1.1466.115.121.1.26' => StringSyntax::class, // IA5 string
'1.3.6.1.4.1.1466.115.121.1.27' => IntegerSyntax::class, // integer
'1.3.6.1.4.1.1466.115.121.1.28' => BinarySyntax::class, // jpeg
'1.3.6.1.4.1.1466.115.121.1.34' => StringSyntax::class, // name and (opt.) oid
'1.3.6.1.4.1.1466.115.121.1.36' => IntegerSyntax::class, // numeric string
'1.3.6.1.4.1.1466.115.121.1.38' => StringSyntax::class, // oid
'1.3.6.1.4.1.1466.115.121.1.39' => MailSyntax::class, // other mailbox
'1.3.6.1.4.1.1466.115.121.1.40' => StringSyntax::class, // octet string
'1.3.6.1.4.1.1466.115.121.1.41' => PostalAddressSyntax::class, // postal address
'1.3.6.1.4.1.1466.115.121.1.44' => PrintableSyntax::class, // printable string
'1.3.6.1.4.1.1466.115.121.1.11' => StringSyntax::class, // country string
'1.3.6.1.4.1.1466.115.121.1.45' => StringSyntax::class, // subtree spec
'1.3.6.1.4.1.1466.115.121.1.49' => BinarySyntax::class, // supported algorithm
'1.3.6.1.4.1.1466.115.121.1.50' => TelephoneSyntax::class, // telephone number
'1.3.6.1.4.1.1466.115.121.1.52' => TelephoneSyntax::class, // telex number
'1.3.6.1.1.1.0.0' => StringSyntax::class, // RFC2307 NIS Netgroup Triple
'1.3.6.1.1.1.0.1' => StringSyntax::class, // RFC2307 Boot Parameter
'1.3.6.1.1.16.1' => StringSyntax::class, // uuid
];
const LDAP_CONTROL_CONSTANTS = [
# pas toutes ne sont définies en fonction de la version de PHP
"LDAP_CONTROL_MANAGEDSAIT",
"LDAP_CONTROL_PROXY_AUTHZ",
"LDAP_CONTROL_SUBENTRIES",
"LDAP_CONTROL_VALUESRETURNFILTER",
"LDAP_CONTROL_ASSERT",
"LDAP_CONTROL_PRE_READ",
"LDAP_CONTROL_POST_READ",
"LDAP_CONTROL_SORTREQUEST",
"LDAP_CONTROL_SORTRESPONSE",
"LDAP_CONTROL_PAGEDRESULTS",
"LDAP_CONTROL_SYNC",
"LDAP_CONTROL_SYNC_STATE",
"LDAP_CONTROL_SYNC_DONE",
"LDAP_CONTROL_DONTUSECOPY",
"LDAP_CONTROL_PASSWORDPOLICYREQUEST",
"LDAP_CONTROL_PASSWORDPOLICYRESPONSE",
"LDAP_CONTROL_X_INCREMENTAL_VALUES",
"LDAP_CONTROL_X_DOMAIN_SCOPE",
"LDAP_CONTROL_X_PERMISSIVE_MODIFY",
"LDAP_CONTROL_X_SEARCH_OPTIONS",
"LDAP_CONTROL_X_TREE_DELETE",
"LDAP_CONTROL_X_EXTENDED_DN",
"LDAP_CONTROL_VLVREQUEST",
"LDAP_CONTROL_VLVRESPONSE",
"LDAP_EXOP_MODIFY_PASSWD",
"LDAP_EXOP_REFRESH",
"LDAP_EXOP_START_TLS",
"LDAP_EXOP_TURN",
"LDAP_EXOP_WHO_AM_I",
"LDAP_CONTROL_AUTHZID_REQUEST",
"LDAP_CONTROL_AUTHZID_RESPONSE",
];
const ROOT_DSE_LITERALS = [
# Constantes non définies de façon normalisée
["1.3.6.1.1.8", "/*Cancel Extended Request*/ \"1.3.6.1.1.8\""],
["1.3.6.1.1.14", "/*Modify-Increment*/ \"1.3.6.1.1.14\""],
["1.3.6.1.4.1.4203.1.5.1", "/*All Op Attrs*/ \"1.3.6.1.4.1.4203.1.5.1\""],
["1.3.6.1.4.1.4203.1.5.2", "/*OC AD Lists*/ \"1.3.6.1.4.1.4203.1.5.2\""],
["1.3.6.1.4.1.4203.1.5.3", "/*LDAP Protocol Mechanism*/ \"1.3.6.1.4.1.4203.1.5.3\""],
["1.3.6.1.4.1.4203.1.5.4", "/*draft-zeilenga-ldap-rfc2596*/ \"1.3.6.1.4.1.4203.1.5.4\""],
["1.3.6.1.4.1.4203.1.5.5", "/*draft-zeilenga-ldap-rfc2596*/ \"1.3.6.1.4.1.4203.1.5.5\""],
];
}

98
nur_src/ldap/filters.php Normal file
View File

@ -0,0 +1,98 @@
<?php
namespace nur\ldap;
use nur\A;
use nur\str;
class filters {
private static function _escape(array $parts): string {
$op = false;
$first = true;
$fparts = [];
$index = 0;
foreach ($parts as $name => $part) {
if ($first) {
$first = false;
switch ($part) {
case "&": case "and": $op = "&"; break;
case "|": case "or": $op = "|"; break;
case "!": case "not": $op = "!"; break;
}
if ($op) {
if ($index === $name) $index++;
continue;
}
}
if ($index === $name) {
# séquentiel
$index++;
if (is_array($part)) {
$fparts[] = self::_escape($part);
} else {
str::add_prefix($part, "(");
str::add_suffix($part, ")");
$fparts[] = $part;
}
} else {
# associatif
$name = ldap_escape($name, "", LDAP_ESCAPE_FILTER);
foreach (A::with($part) as $value) {
$value = ldap_escape($value, "", LDAP_ESCAPE_FILTER);
$fparts[] = "($name=$value)";
}
}
}
$filter = implode("", $fparts);
if (count($fparts) > 1 || $op === "!") {
if (!$op) $op = "&";
$filter = "($op$filter)";
}
return $filter;
}
static function parse($filter): string {
if (!$filter) $filter = "objectClass=*";
return self::_escape(A::with($filter));
}
static function not(string $filter): string {
str::add_prefix($filter, "(");
str::add_suffix($filter, ")");
return "(!$filter)";
}
/** mettre en échappement ($attr$op$value) en ignorant les wildcards */
private static function _filter(string $name, string $op, string $value): string {
$name = ldap_escape($name, "*", LDAP_ESCAPE_FILTER);
$value = ldap_escape($value, "*", LDAP_ESCAPE_FILTER);
return "($name$op$value)";
}
static function exists(string $name): string {
return self::_filter($name, "=", "*");
}
static function eq(string $name, string $value): string {
return self::_filter($name, "=", $value);
}
static function ge(string $name, string $value): string {
return self::_filter($name, ">=", $value);
}
static function le(string $name, string $value): string {
return self::_filter($name, "<=", $value);
}
static function gt(string $name, string $value): string {
return self::not(self::le($name, $value));
}
static function lt(string $name, string $value): string {
return self::not(self::ge($name, $value));
}
static function approx(string $name, string $value): string {
return self::_filter($name, "~=", $value);
}
}

25
nur_src/ldap/io/LdapWriter.php Normal file
View File

@ -0,0 +1,25 @@
<?php
namespace nur\ldap\io;
use nur\b\io\IWriter;
use nur\ldap\LdapObject;
use nur\writer;
abstract class LdapWriter {
static function write_object($output, LdapObject $object, ?array $names=null): void {
$writer = new static($output);
$writer->write($object, $names);
$writer->close();
}
function __construct($output=null) {
$this->writer = writer::with($output);
}
/** @var IWriter */
protected $writer;
function close(): void {
$this->writer->close();
}
}

30
nur_src/ldap/io/LdifWriter.php Normal file
View File

@ -0,0 +1,30 @@
<?php
namespace nur\ldap\io;
use nur\A;
use nur\ldap\LdapObject;
/**
* Class LdifWriter
*/
class LdifWriter extends LdapWriter {
function write(?LdapObject $object, ?array $names=null): self {
if ($object !== null) {
$writer = $this->writer;
if ($names === null) $names = $object->keys();
if (!in_array("dn", $names)) {
A::insert($names, 0, "dn");
}
foreach ($names as $name) {
$values = $object->_get($name)->array();
if ($values !== null) {
foreach ($values as $value) {
$writer->wnl("$name: $value");
}
}
}
$writer->wnl();
}
return $this;
}
}

29
nur_src/ldap/io/YamlWriter.php Normal file
View File

@ -0,0 +1,29 @@
<?php
namespace nur\ldap\io;
use nur\A;
use nur\ldap\LdapObject;
use nur\yaml;
/**
* Class YamlWriter
*/
class YamlWriter extends LdapWriter {
function write(?LdapObject $object, ?array $names=null): self {
if ($object !== null) {
if ($names === null) $names = $object->keys();
if (!in_array("dn", $names)) {
A::insert($names, 0, "dn");
}
$values = [];
foreach ($names as $name) {
$value = $object->all($name);
if (count($value) == 1) $value = $value[0];
$values[$name] = $value;
}
$writer = $this->writer;
$writer->wnl(yaml::with($values));
}
return $this;
}
}

160
nur_src/ldap/ldap.php Normal file
View File

@ -0,0 +1,160 @@
<?php
namespace nur\ldap;
use nur\A;
use nur\data\types\md_utils;
use nur\data\types\Metadata;
class ldap {
#############################################################################
const ADD_SCHEMA = [
"controls" => ["array", []],
];
/** @var Metadata */
private static $add_md;
static function add_md(): Metadata {
return md_utils::ensure_md(self::$add_md, self::ADD_SCHEMA);
}
static function add($conn, string $dn, array $attrs, $params=null): void {
self::add_md()->ensureSchema($params);
$r = LdapException::check("add", $conn
, @ldap_add_ext($conn, $dn, $attrs, $params["controls"]));
LdapException::check_result("add", $conn, $r);
}
#############################################################################
const MODIFY_SCHEMA = [
"controls" => ["array", []],
];
/** @var Metadata */
private static $modify_md;
static function modify_md(): Metadata {
return md_utils::ensure_md(self::$modify_md, self::MODIFY_SCHEMA);
}
static function prepare_modify(array $modattrs): array {
$modifs = [];
foreach ($modattrs as $modattr) {
$modtype = false;
$first = true;
$index = 0;
foreach ($modattr as $name => $value) {
if ($first && $name === $index) {
$first = false;
$index++;
switch ($value) {
case "add":
$modtype = LDAP_MODIFY_BATCH_ADD;
break;
case "delete":
$modtype = LDAP_MODIFY_BATCH_REMOVE;
break;
case "replace":
$modtype = LDAP_MODIFY_BATCH_REPLACE;
break;
}
continue;
}
if ($name === $index) {
$index++;
$modifs[] = [
"modtype" => LDAP_MODIFY_BATCH_REMOVE_ALL,
"attrib" => $value,
];
} else {
$modifs[] = [
"modtype" => $modtype,
"attrib" => $name,
"values" => $value
];
}
}
}
return $modifs;
}
static function modify($conn, string $dn, array $modattrs, $params=null): void {
self::modify_md()->ensureSchema($params);
$modifs = self::prepare_modify($modattrs);
LdapException::check("modify", $conn
, @ldap_modify_batch($conn, $dn, $modifs, $params["controls"]));
}
#############################################################################
const RENAME_SCHEMA = [
"new_parent" => ["?string", null],
"delete_old_rdn" => ["bool", true],
"controls" => ["array", []],
];
/** @var Metadata */
private static $rename_md;
static function rename_md(): Metadata {
return md_utils::ensure_md(self::$rename_md, self::RENAME_SCHEMA);
}
/**
* préparer les paramètres pour le renommage
*
* si $newRdn n'est pas vide:
* - si $params["new_parent"] n'est pas spécifié ou null, alors on ne fait
* qu'un renommage: prendre le suffixe de $dn
* - sinon, le nouveau DN est "$newRdn,$params[new_parent]"
*
* si $newRdn est vide:
* - il s'agit d'un déplacement de branche. $params["new_parent"] ne doit pas
* être vide et c'est la nouvelle destination. le RDN n'est pas modifié
*/
static function prepare_rename(string $dn, string &$newRdn, &$params = null): bool {
self::rename_md()->ensureSchema($params);
names::split_dn($dn, $origRdn, $origParent);
$newParent = $params["new_parent"];
if ($newRdn != "") {
# renommage et éventuellement déplacement
if (strpos($newRdn, "=") === false) {
# si le rdn ne comporte que la valeur, alors prendre le nom de
# l'attribut depuis origRdn
$name = A::first_key(names::split_rdn($origRdn));
$newRdn = names::build_rdn($name, $newRdn);
}
if ($newParent === null) $newParent = $origParent;
} else {
# déplacement avec le même RDN
$newRdn = $origRdn;
}
$newDn = names::join($newRdn, $newParent);
names::split_dn($newDn, $newRdn, $newParent);
$params["new_parent"] = $newParent;
return $newDn !== $dn;
}
static function rename($conn, string $dn, string $newRdn, array $params): string {
$newParent = $params["new_parent"];
$r = LdapException::check("rename", $conn
, @ldap_rename_ext($conn, $dn, $newRdn, $newParent
, $params["delete_old_rdn"], $params["controls"]));
LdapException::check_result("rename", $conn, $r);
return names::join($newRdn, $newParent);
}
#############################################################################
const DELETE_SCHEMA = [
"controls" => ["array", []],
];
/** @var Metadata */
private static $delete_md;
static function delete_md(): Metadata {
return md_utils::ensure_md(self::$delete_md, self::DELETE_SCHEMA);
}
static function delete($conn, string $dn, $params=null): void {
self::delete_md()->ensureSchema($params);
$r = LdapException::check("delete", $conn
, @ldap_delete_ext($conn, $dn, $params["controls"]));
LdapException::check_result("delete", $conn, $r);
}
}

34
nur_src/ldap/ldap_config.php Normal file
View File

@ -0,0 +1,34 @@
<?php
namespace nur\ldap;
use nur\A;
use nur\b\ValueException;
use nur\path;
class ldap_config {
static function get_shared_file(string $uri): string {
if ($uri == "ldapi://") {
$file = "ldapi__.ldaphost";
} else {
$parts = parse_url($uri);
if ($parts === false) throw ValueException::invalid_value($uri, "uri");
$scheme = A::get($parts, "scheme", "ldap");
$host = A::get($parts, "host");
$port = A::get($parts, "port");
if ($port === null) {
if ($scheme === "ldap") $port = 389;
elseif ($scheme === "ldaps") $port = 636;
}
$file = "${scheme}_${host}_${port}.ldaphost";
}
return $file;
}
static function get_file(string $file, ?string $profile=null): string {
if (!path::is_qualified($file) && !path::have_ext($file)) {
if ($profile !== null) $file .= ".$profile";
$file .= ".ldapconf";
}
return $file;
}
}

66
nur_src/ldap/ldap_server.php Normal file
View File

@ -0,0 +1,66 @@
<?php
namespace nur\ldap;
use nur\A;
use nur\b\ValueException;
use nur\config;
use nur\log;
use nur\path;
use nur\SL;
abstract class ldap_server {
const NAME = null;
protected static function name(?string $suffix=null): string {
$name = static::NAME;
if ($suffix !== null) {
$name .= "_";
$name .= $suffix;
}
return $name;
}
private static function map_profile(string $profile): string {
$profile_map = config::k(self::name("profile_map"));
return A::get($profile_map, $profile, $profile);
}
static $profile;
/** obtenir le profil LDAP courant */
static function get_profile(): string {
$profile = self::$profile;
if ($profile === null) {
if ($profile === null) $profile = config::k(self::name("profile"));
if ($profile === null) $profile = self::map_profile(config::get_profile());
self::$profile = $profile;
}
return $profile;
}
/** spécifier le profil LDAP courant */
static function set_profile(?string $profile): void {
if ($profile === null) $profile = config::get_profile();
self::$profile = self::map_profile($profile);
}
/** adapter le chemin vers le fichier de configuration */
protected static function fix_path(string $config): string {
return $config;
}
static function conn(?array $config=null, ?string $profile=null): LdapConn {
if ($profile === null) $profile = self::get_profile();
$name = self::name();
log::debug("Profil $name: $profile");
$configFile = static::fix_path(ldap_config::get_file($name, $profile));
if (!file_exists($configFile)) {
$configname = path::filename($configFile);
throw new ValueException("$name: profil LDAP invalide (fichier '$configname' non trouvé)");
}
return new LdapConn(array_merge(...SL::filter_n([
require $configFile,
$config,
])));
}
}

91
nur_src/ldap/names.php Normal file
View File

@ -0,0 +1,91 @@
<?php
namespace nur\ldap;
use nur\A;
use nur\b\ValueException;
class names {
static function split_dn(string $dn, ?string &$rdn, ?string &$parent_dn): bool {
$dparts = ldap_explode_dn($dn, 0);
$count = $dparts["count"];
if ($count > 0) {
$rdn = $dparts[0];
$sparts = [];
for ($i = 1; $i < $count; $i++) {
$sparts[] = $dparts[$i];
}
$parent_dn = implode(",", $sparts);
return true;
}
return false;
}
static function ldap_unescape($string) {
$hex2bin = function ($ms) {
$m = array_shift($ms);
return hex2bin(substr($m, 1));
};
return preg_replace_callback('/\\\\[0-9a-fA-F]{2}/', $hex2bin, $string);
}
static function split_rdn(string $rdn): array {
$attrs = [];
$rparts = explode("+", $rdn);
foreach ($rparts as $rpart) {
if (strpos($rpart, "=") === false) {
throw ValueException::invalid_value($rdn, "rdn");
}
[$name, $value] = explode("=", $rpart, 2);
$name = self::ldap_unescape($name);
$value = self::ldap_unescape($value);
$attrs[$name][] = $value;
}
return $attrs;
}
static function build_rdn(string $name, string $value): string {
$name = ldap_escape($name, 0, LDAP_ESCAPE_DN);
$value = ldap_escape($value, 0, LDAP_ESCAPE_DN);
return "$name=$value";
}
static function get_dn_names(?string $dn, ?array $lkeys2names=null): ?array {
$dn_names = null;
if ($dn !== null) {
$dn_names = [];
if (self::split_dn($dn, $rdn, $parent_dn)) {
foreach (array_keys(self::split_rdn($rdn)) as $name) {
$dn_names[] = A::get($lkeys2names, strtolower($name), $name);
}
}
}
return $dn_names;
}
static function join($rdn, string $parent_dn): string {
if (is_array($rdn)) {
$rparts = [];
foreach ($rdn as $name => $values) {
$name = ldap_escape($name, 0, LDAP_ESCAPE_DN);
foreach (A::with($values) as $value) {
$value = ldap_escape($value, 0, LDAP_ESCAPE_DN);
$rparts[] = "$name=$value";
}
}
$rdn = implode("+", $rparts);
}
$dparts = [];
if ($rdn) $dparts[] = $rdn;
if ($parent_dn) $dparts[] = $parent_dn;
return implode(",", $dparts);
}
/** tester si $dn a le suffixe $suffix */
static function have_suffix(string $dn, string $suffix): bool {
$dparts = ldap_explode_dn($dn, 0);
$sparts = ldap_explode_dn($suffix, 0);
$count = $sparts["count"];
return array_slice($dparts, -$count) === array_slice($sparts, -$count);
}
}

31
nur_src/ldap/scheman.php Normal file
View File

@ -0,0 +1,31 @@
<?php
namespace nur\ldap;
use nur\ldap\schemas\SchemaManager;
/**
* Class scheman: gestionnaire de schéma global partagé
*
* Cette classe ne peut être utilisée correctement que pour une seule instance
* de {@link LdapConn}
*/
class scheman {
/** @var SchemaManager */
protected static $scheman;
static function init(LdapConn $conn, ?array $overrides=null): void {
self::$scheman = new SchemaManager($conn, $overrides);
}
static function autogen_schema(array $objectClasses): array {
return self::$scheman->autogenSchema($objectClasses);
}
static function autogen_properties(array $schema): array {
return self::$scheman->autogenProperties($schema);
}
static function autogen_methods(array $schema): array {
return self::$scheman->autogenMethods($schema);
}
}

247
nur_src/ldap/schemas/LdapSchemaExtractor.php Normal file
View File

@ -0,0 +1,247 @@
<?php
namespace nur\ldap\schemas;
use nur\A;
use nur\b\IllegalAccessException;
use nur\b\ValueException;
use nur\data\types\md_utils;
use nur\data\types\Metadata;
use nur\ldap\consts;
use nur\ldap\LdapAttr;
use nur\ldap\LdapConn;
use nur\ldap\syntaxes\BinarySyntax;
use nur\ldap\syntaxes\StringSyntax;
/**
* Class LdapSchemaExtractor: extracteur de schéma LDAP, pour utilisation avec
* PHP
*/
class LdapSchemaExtractor {
function __construct(?array $schemaInfos=null) {
if ($schemaInfos !== null) {
[
"ldap_syntaxes" => $this->ldapSyntaxes,
"attribute_types" => $this->attributeTypes,
"object_classes" => $this->objectClasses,
] = $schemaInfos;
}
}
protected $ldapSyntaxes;
protected $attributeTypes;
protected $objectClasses;
function loadSchema(LdapConn $conn): array {
$schema = null;
$schemaDn = $conn->getRootDse()->first("subschemaSubentry");
if ($schemaDn !== null) {
$schema = $conn->empty()->load($schemaDn, $conn->_search($schemaDn, [
"suffix" => "",
"attrs" => [
"ldapSyntaxes",
"attributeTypes",
"objectClasses",
],
"scope" => "base",
])->first());
}
if ($schema === null) {
throw new IllegalAccessException("unable to find subschemaSubentry attribute");
}
$parser = new LseSyntax();
$ldapSyntaxes = [];
foreach ($schema->get("ldapSyntaxes", []) as $ldapSyntax) {
$ldapSyntax = $parser->parse($ldapSyntax);
$ldapSyntaxes[$ldapSyntax["oid"]] = $ldapSyntax;
}
$parser = new LseAttribute();
$attributeTypes = [];
foreach ($schema->get("attributeTypes", []) as $attributeType) {
$attributeType = $parser->parse($attributeType);
$attributeTypes[$attributeType["oid"]] = $attributeType;
}
$parser = new LseObjectClass();
$objectClasses = [];
foreach ($schema->get("objectClasses", []) as $objectClass) {
$objectClass = $parser->parse($objectClass);
$objectClasses[$objectClass["oid"]] = $objectClass;
}
return [
"ldap_syntaxes" => $this->ldapSyntaxes = $ldapSyntaxes,
"attribute_types" => $this->attributeTypes = $attributeTypes,
"object_classes" => $this->objectClasses = $objectClasses,
];
}
protected $syntaxes;
protected $attributes;
protected $canonAttrs;
protected $classes;
protected $canonClasses;
function init(): array {
## calculer la liste des syntaxes, et les classer par OID
$ldapSyntaxes = $this->ldapSyntaxes;
# rajouter une liste connue de syntaxes
A::merge($ldapSyntaxes, consts::KNOWN_SLAPD_SYNTAXES);
$syntaxes = [];
foreach ($ldapSyntaxes as $syntax) {
$oid = $syntax["oid"];
# si la syntaxe a déjà été définie, ignorer
if (array_key_exists($oid, $syntaxes)) continue;
$class = A::get(consts::KNOWN_SYNTAX_CLASSES, $oid);
if ($class === null) {
$binary = $syntax["x_not_human_readable"] || $syntax["x_binary_transfer_required"];
$class = $binary? BinarySyntax::class: StringSyntax::class;
}
$syntax["class"] = $class;
$syntaxes[$oid] = $syntax;
}
## calculer la liste des attributs, et les classer par nom canonique
$attributes = [];
$canonAttrs = [];
foreach ($this->attributeTypes as $attribute) {
$names = $attribute["names"];
$canonName = $names[0];
$attribute["name"] = $canonName;
foreach ($names as $name) {
$canonAttrs[strtolower($name)] = $canonName;
}
$attribute["class"] = A::_pget($syntaxes, [$attribute["syntax"], "class"]);
$attributes[strtolower($canonName)] = $attribute;
}
# résoudre l'héritage des attributs
foreach ($attributes as &$attribute) {
foreach ($attribute["sups"] as $sup) {
$sup = strtolower(A::get($canonAttrs, strtolower($sup), $sup));
A::update_n($attribute, $attributes[$sup]);
}
}; unset($attribute);
# puis mettre à false les valeurs booléennes nulles
foreach ($attributes as &$attribute) {
foreach (LseAttribute::BOOL_ATTRS as $name) {
$attribute[$name] = boolval($attribute[$name]);
}
}; unset($attribute);
## calculer la liste des classes, et les classer par nom canonique.
## les noms des attributs sont aussi canonisés
$classes = [];
$canonClasses = [];
foreach ($this->objectClasses as $class) {
$names = $class["names"];
$canonName = $names[0];
$class["name"] = $canonName;
foreach ($names as $name) {
$canonClasses[strtolower($name)] = $canonName;
}
$musts = A::with($class["musts"]);
foreach ($musts as &$name) {
$name = A::get($canonAttrs, strtolower($name), $name);
}; unset($name);
$class["musts"] = $musts;
$mays = A::with($class["mays"]);
foreach ($mays as &$name) {
$name = A::get($canonAttrs, strtolower($name), $name);
}; unset($name);
$class["mays"] = $mays;
$class["attrs"] = array_merge($musts, $mays);
$classes[strtolower($canonName)] = $class;
}
# résoudre l'héritage des classes
foreach ($classes as &$class) {
foreach ($class["sups"] as $sup) {
$sup = strtolower(A::get($canonAttrs, strtolower($sup), $sup));
$sup = $classes[$sup];
A::update_n($class, $sup);
A::merge($class["musts"], $sup["musts"]);
A::merge($class["mays"], $sup["mays"]);
}
}; unset($class);
## fin de l'initialisation
return [
"syntaxes" => $this->syntaxes = $syntaxes,
"attributes" => $this->attributes = $attributes,
"canon_attrs" => $this->canonAttrs = $canonAttrs,
"classes" => $this->classes = $classes,
"canon_classes" => $this->canonClasses = $canonClasses,
];
}
const getAttributes_overrides_SCHEMA = [
"name" => "string",
"class" => "?string",
"set" => "?int",
"reset" => "?int",
];
/** @var Metadata */
private static $getAttributes_overrides_md;
function getAttributes(array $objectClasses, ?array $overrides=null): array {
if ($overrides !== null) {
$tmp = [];
foreach ($overrides as $name => $override) {
$attribute = ValueException::check_nn(
A::get($this->attributes, strtolower($name))
, "$name: attribut non défini");
$tmp[$attribute["name"]] = $override;
}
$overrides = $tmp;
$md = md_utils::ensure_md(self::$getAttributes_overrides_md, self::getAttributes_overrides_SCHEMA);
$md->eachEnsureSchema($overrides);
}
$nameRequired = [];
foreach ($objectClasses as $name) {
$name = A::get($this->canonClasses, strtolower($name), $name);
$class = ValueException::check_nn(
A::get($this->classes, strtolower($name))
, "$name: classe non définie");
foreach ($class["musts"] as $must) {
$nameRequired[$must] = true;
}
foreach ($class["mays"] as $may) {
A::replace_nx($nameRequired, $may, false);
}
}
$attributes = [
"dn" => [
"name" => "dn",
"class" => StringSyntax::class,
"flags" => LdapAttr::MONOVALUED,
],
];
foreach ($nameRequired as $name => $required) {
$lname = strtolower($name);
$attribute = ValueException::check_nn(
A::get($this->attributes, $lname)
, "$name: attribut non défini");
$syntax = ValueException::check_nn(
A::get($this->syntaxes, $attribute["syntax"])
, "$attribute[syntax]: syntaxe non définie");
$class = $attribute["class"];
$monovalued = $attribute["single_value"]? LdapAttr::MONOVALUED: 0;
$binary = $syntax["x_binary_transfer_required"]? LdapAttr::BINARY: 0;
$ordered = $attribute["x_ordered"]? LdapAttr::ORDERED: 0;
$notHumanReadable = $syntax["x_not_human_readable"]? LdapAttr::NOT_HUMAN_READABLE: 0;
$flags = $monovalued + $binary + $ordered + $notHumanReadable;
$override = A::get($overrides, $name);
if ($override !== null) {
if ($override["class"] !== null) $class = $override["class"];
if ($override["set"] !== null) $flags = $flags | $override["set"];
if ($override["reset"] !== null) $flags = $flags & ~$override["reset"];
}
$attributes[$lname] = [
"name" => $name,
"class" => $class,
"flags" => $flags,
];
}
return $attributes;
}
}

84
nur_src/ldap/schemas/LseAttribute.php Normal file
View File

@ -0,0 +1,84 @@
<?php
namespace nur\ldap\schemas;
use nur\log;
class LseAttribute extends LseParser {
protected $data;
const BOOL_ATTRS = [
"single_value",
"no_user_modification",
"x_ordered",
"obsolete",
];
protected function reset(): array {
return $this->data = [
"oid" => null,
"names" => [],
"desc" => null,
"sups" => [],
"equality" => null,
"substr" => null,
"ordering" => null,
"syntax" => null,
"single_value" => null,
"no_user_modification" => null,
"usage" => null,
"x_ordered" => null,
"x_origin" => null,
"obsolete" => null,
];
}
function parse(?string $s=null): array {
if ($s !== null) $this->s = $s;
$data = $this->reset();
$this->skipLiteral('(');
$data["oid"] = self::fix_oid($this->parseName());
while ($this->isName()) {
$okey = $this->parseName();
$key = str_replace("-", "_", strtolower($okey));
switch ($key) {
case "name":
$data["${key}s"] = $this->parseStrings();
break;
case "sup":
$data["${key}s"] = $this->parseNames();
break;
case "desc":
case "x_ordered":
case "x_origin":
$data[$key] = $this->parseString();
break;
case "equality":
case "substr":
case "ordering":
case "usage":
$data[$key] = $this->parseName();
break;
case "syntax":
$data[$key] = self::fix_oid($this->parseName());
break;
case "single_value":
case "no_user_modification":
case "obsolete":
$data[$key] = true;
break;
default:
log::warning("unknown key $okey in |$s|");
$data["unknown_keys"][] = $okey;
break;
}
}
$this->skipLiteral(')');
# ne pas mettre de suite les valeurs false: elle sont mises à jour dans
# LdapSchemaExtractor
## puis mettre à jour les valeurs booléennes
#foreach (self::BOOL_ATTRS as $name) {
# $data[$name] = boolval($data[$name]);
#}
return $data;
}
}

61
nur_src/ldap/schemas/LseObjectClass.php Normal file
View File

@ -0,0 +1,61 @@
<?php
namespace nur\ldap\schemas;
use nur\log;
class LseObjectClass extends LseParser {
const BOOL_ATTRS = [];
protected $data;
protected function reset(): array {
return $this->data = [
"oid" => null,
"names" => [],
"desc" => null,
"sups" => [],
"type" => null,
"musts" => null,
"mays" => null,
];
}
function parse(?string $s=null): array {
if ($s !== null) $this->s = $s;
$data = $this->reset();
$this->skipLiteral('(');
$data["oid"] = self::fix_oid($this->parseName());
while ($this->isName()) {
$okey = $this->parseName();
$key = str_replace("-", "_", strtolower($okey));
switch ($key) {
case "name":
$data["${key}s"] = $this->parseStrings();
break;
case "sup":
case "must":
case "may":
$data["${key}s"] = $this->parseNames();
break;
case "desc":
$data[$key] = $this->parseString();
break;
case "abstract":
case "structural":
case "auxiliary":
$data["type"] = $key;
break;
default:
log::warning("unknown key $okey in |$s|");
$data["unknown_keys"][] = $okey;
break;
}
}
$this->skipLiteral(')');
# puis mettre à jour les valeurs booléennes
foreach (self::BOOL_ATTRS as $name) {
$data[$name] = boolval($data[$name]);
}
return $data;
}
}

119
nur_src/ldap/schemas/LseParser.php Normal file
View File

@ -0,0 +1,119 @@
<?php
namespace nur\ldap\schemas;
use nur\b\ValueException;
class LseParser {
/** supprimer le {size} à la fin d'un OID */
protected static function fix_oid(string $oid): string {
return preg_replace('/\{\d+}$/', "", $oid);
}
function __construct(?string $s=null) {
$this->s = $s;
}
protected function expected(string $expected): ValueException {
return new ValueException("expected $expected, got $this->s");
}
protected function unexpected(string $value): ValueException {
return new ValueException("unexpected $value");
}
protected $s;
#~~~~
const SPACES_PATTERN = '/^\s+/';
protected function skipSpaces(): void {
if (preg_match(self::SPACES_PATTERN, $this->s, $ms)) {
$this->s = substr($this->s, strlen($ms[0]));
}
}
#~~~~
protected function isLiteral(string $literal): bool {
return substr($this->s, 0, strlen($literal)) === $literal;
}
protected function skipLiteral(string $literal): void {
$pos = strlen($literal);
if (substr($this->s, 0, $pos) === $literal) {
$this->s = substr($this->s, $pos);
} else {
throw $this->expected($literal);
}
$this->skipSpaces();
}
#~~~~
const NAME_PATTERN = '/^\S+/';
protected function isName(): bool {
if (!preg_match(self::NAME_PATTERN, $this->s, $ms)) return false;
$name = $ms[0];
return !in_array($name, ['(', ')', '$']);
}
protected function parseName(): string {
if (!preg_match(self::NAME_PATTERN, $this->s, $ms)) {
throw $this->expected("<NAME>");
}
$name = $ms[0];
$this->s = substr($this->s, strlen($name));
$this->skipSpaces();
return $name;
}
#~~~~
const STRING_PATTERN = "/^'([^']*)'/";
protected function isString(): bool {
return preg_match(self::STRING_PATTERN, $this->s, $ms);
}
protected function parseString(): string {
if (!preg_match(self::STRING_PATTERN, $this->s, $ms)) {
throw $this->expected("<STRING>");
}
$this->s = substr($this->s, strlen($ms[0]));
$this->skipSpaces();
return $ms[1];
}
#~~~~
protected function parseNames(): array {
if ($this->isName()) return [$this->parseName()];
$names = [];
if ($this->isLiteral('(')) {
$this->skipLiteral('(');
while ($this->isName()) {
$names[] = $this->parseName();
if ($this->isLiteral('$')) $this->skipLiteral('$');
}
$this->skipLiteral(')');
} else {
$names[] = $this->parseName();
}
return $names;
}
protected function parseStrings(): array {
if ($this->isString()) return [$this->parseString()];
$strings = [];
if ($this->isLiteral('(')) {
$this->skipLiteral('(');
while ($this->isString()) {
$strings[] = $this->parseString();
}
$this->skipLiteral(')');
} else {
$strings[] = $this->parseString();
}
return $strings;
}
}

52
nur_src/ldap/schemas/LseSyntax.php Normal file
View File

@ -0,0 +1,52 @@
<?php
namespace nur\ldap\schemas;
use nur\log;
class LseSyntax extends LseParser {
const BOOL_ATTRS = [
"x_not_human_readable",
"x_binary_transfer_required",
];
protected $data;
protected function reset(): array {
return $this->data = [
"oid" => null,
"desc" => null,
"x_not_human_readable" => null,
"x_binary_transfer_required" => null,
];
}
function parse(?string $s=null): array {
if ($s !== null) $this->s = $s;
$data =$this->reset();
$this->skipLiteral('(');
$data["oid"] = self::fix_oid($this->parseName());
while ($this->isName()) {
$okey = $this->parseName();
$key = str_replace("-", "_", strtolower($okey));
switch ($key) {
case "desc":
$data[$key] = $this->parseString();
break;
case "x_not_human_readable":
case "x_binary_transfer_required":
$data[$key] = boolval($this->parseString());
break;
default:
log::warning("unknown key $okey in $s");
$data["unknown_keys"][] = $okey;
break;
}
}
$this->skipLiteral(')');
# puis mettre à jour les valeurs booléennes
foreach (self::BOOL_ATTRS as $name) {
$data[$name] = boolval($data[$name]);
}
return $this->data = $data;
}
}

82
nur_src/ldap/schemas/SchemaManager.php Normal file
View File

@ -0,0 +1,82 @@
<?php
namespace nur\ldap\schemas;
use nur\A;
use nur\func;
use nur\ldap\CompositeAttr;
use nur\ldap\LdapAttr;
use nur\ldap\LdapConn;
use nur\ldap\syntaxes\AbstractSyntax;
use nur\ldap\syntaxes\CompositeSyntax;
use nur\php\Autogen;
class SchemaManager {
function __construct(LdapConn $conn, ?array $overrides=null) {
$lse = new LdapSchemaExtractor($conn->getSchemaInfos());
$lse->init();
$this->lse = $lse;
$this->overrides = $overrides;
}
/** @var LdapSchemaExtractor */
protected $lse;
/** @var array|null */
protected $overrides;
function getAttributes(array $objectClasses): array {
return $this->lse->getAttributes($objectClasses, $this->overrides);
}
/** @var AbstractSyntax[] */
protected $syntaxes;
function getSyntax($class): AbstractSyntax {
if (is_array($class)) return func::cons(...$class);
$syntax = A::get($this->syntaxes, $class);
if ($syntax === null) {
$syntax = $this->syntaxes[$class] = func::cons($class);
}
return $syntax;
}
function autogenSchema(array $objectClasses): array {
return $this->getAttributes($objectClasses);
}
static function fix_type(AbstractSyntax $syntax, bool $monovalued): array {
if ($syntax instanceof CompositeSyntax) {
if ($monovalued) $phpType = $syntax->getPhpType();
else $phpType = $syntax->getAttrClass();
} else {
$phpType = $syntax->getPhpType();
if (!$monovalued) $phpType .= "[]";
}
return Autogen::fix_type($phpType);
}
function autogenProperties(array $schema): array {
$properties = [];
foreach ($schema as $attribute) {
$name = $attribute["name"];
/** @var AbstractSyntax $syntax */
$syntax = $this->getSyntax($attribute["class"]);
$monovalued = ($attribute["flags"] & LdapAttr::MONOVALUED) != 0;
[$phpType, $returnType] = self::fix_type($syntax, $monovalued);
$properties[] = "$returnType \$$name";
}
return $properties;
}
function autogenMethods(array $schema): array {
$methods = [];
foreach ($schema as $attribute) {
$name = $attribute["name"];
/** @var AbstractSyntax $syntax */
$syntax = $this->getSyntax($attribute["class"]);
$returnType = $syntax instanceof CompositeSyntax? $syntax->getAttrClass(): LdapAttr::class;
$methods[] = "\\$returnType $name()";
}
return $methods;
}
}

57
nur_src/ldap/syntaxes/AbstractSyntax.php Normal file
View File

@ -0,0 +1,57 @@
<?php
namespace nur\ldap\syntaxes;
use nur\A;
use nur\ldap\LdapAttr;
use nur\ldap\LdapConn;
abstract class AbstractSyntax {
/** @var LdapConn */
protected $conn;
function initConn(LdapConn $conn) {
$this->conn = $conn;
}
function newAttr(string $name, ?array &$values, ?int $flags): LdapAttr {
return new LdapAttr($name, $values, $this, $flags);
}
function getPhpType(): ?string {
return "string";
}
/** @throws SyntaxException si $value est invalide */
abstract function php2ldap($value): ?string;
abstract function ldap2php(string $value);
/** transformer les valeurs d'un attribut LDAP en PHP */
function fromMultivaluedLdap($values): ?array {
A::ensure_narray($values);
if ($values !== null) {
foreach ($values as &$value) {
$value = $this->ldap2php($value);
}; unset($value);
}
return A::filter_n($values)?: null;
}
/** transformer la valeur d'un attribut LDAP en PHP */
function fromMonovaluedLdap($value) {
if (is_array($value)) $value = A::first($value);
if ($value === null) return null;
else return $this->ldap2php($value);
}
/** transformer une(des) valeur(s) PHP en attribut LDAP */
function fromPhp($values): ?array {
A::ensure_narray($values);
if ($values !== null) {
foreach ($values as &$value) {
$value = $this->php2ldap($value);
}; unset($value);
}
return A::filter_n($values)?: null;
}
}

14
nur_src/ldap/syntaxes/BinarySyntax.php Normal file
View File

@ -0,0 +1,14 @@
<?php
namespace nur\ldap\syntaxes;
use nur\b\IllegalAccessException;
class BinarySyntax extends AbstractSyntax {
function php2ldap($value): ?string {
throw IllegalAccessException::not_implemented();
}
function ldap2php(string $value) {
throw IllegalAccessException::not_implemented();
}
}

22
nur_src/ldap/syntaxes/BooleanSyntax.php Normal file
View File

@ -0,0 +1,22 @@
<?php
namespace nur\ldap\syntaxes;
class BooleanSyntax extends AbstractSyntax {
function getPhpType(): ?string {
return "bool";
}
function php2ldap($value): ?string {
if ($value === null) return null;
else return $value? "TRUE": "FALSE";
}
function fromPhp($values): ?array {
if (is_bool($values)) $values = [$values];
return parent::fromPhp($values);
}
function ldap2php(string $value): bool {
return $value === "TRUE";
}
}

95
nur_src/ldap/syntaxes/CompositeSyntax.php Normal file
View File

@ -0,0 +1,95 @@
<?php
namespace nur\ldap\syntaxes;
use nur\A;
use nur\b\ValueException;
use nur\ldap\CompositeAttr;
use nur\ldap\CompositeValue;
class CompositeSyntax extends AbstractSyntax {
/**
* @var string la classe dérivée de {@link CompositeAttr} qui porte l'attribut
*/
const CACLASS = CompositeAttr::class;
function getAttrClass(): string {
return static::CACLASS;
}
function newAttr(string $name, ?array &$values, ?int $flags): CompositeAttr {
$attrClass = $this->getAttrClass();
return new $attrClass($name, $values, $this, $flags);
}
/**
* @var string la classe dérivée de {@link CompositeValue} qui porte les
* valeurs de cette syntaxe
*/
const CVCLASS = CompositeValue::class;
/** retourner la classe d'une valeur composite */
function getPhpType(): ?string {
return static::CVCLASS;
}
protected function newCompositeValue(): CompositeValue {
$class = $this->getPhpType();
/** @var CompositeValue $cvalue */
$cvalue = new $class;
return $cvalue->setup($this->conn);
}
function ensureArray($values): ?array {
A::ensure_narray($values);
if ($values === null) return null;
# déterminer si $values est *une* valeur ou une liste de valeurs
$list = false;
foreach ($values as $value) {
if (is_array($value) || $value instanceof CompositeValue) {
$list = true;
break;
}
}
if (!$list) $values = [$values];
return $values;
}
function ensureComposite($value): ?CompositeValue {
if ($value === null) return null;
if (is_array($value)) {
$value = $this->newCompositeValue()->reset($value);
}
ValueException::check_class($value, $this->getPhpType());
return $value;
}
/** @param ?CompositeValue $value */
function php2ldap($value): ?string {
$cvalue = $this->ensureComposite($value);
if ($cvalue === null) return null;
else return $cvalue->formatLdap();
}
function ldap2php(string $value): CompositeValue {
return $this->newCompositeValue()->parseLdap($value);
}
function fromMultivaluedLdap($values): ?array {
A::ensure_narray($values);
if ($values !== null) {
$tmp = [];
foreach ($values as $value) {
$value = $this->ldap2php($value);
$key = $value->getKey();
$tmp[$key] = $value;
}
$values = $tmp;
}
return A::filter_n($values)?: null;
}
function fromPhp($values): ?array {
$values = $this->ensureArray($values);
return parent::fromPhp($values);
}
}

36
nur_src/ldap/syntaxes/DateSyntax.php Normal file
View File

@ -0,0 +1,36 @@
<?php
namespace nur\ldap\syntaxes;
use nur\b\date\Datetime;
use nur\data\types\SDatetimeType;
class DateSyntax extends AbstractSyntax {
function __construct() {
$this->type = new SDatetimeType();
}
/** @var SDatetimeType */
protected $type;
function php2ldap($value): ?string {
$value = $this->type->with($value);
if ($value === null) return null;
$datetime = new Datetime($value);
return $datetime->formatRfc4517();
}
function ldap2php(string $value) {
[$y, $m, $d, $H, $M, $S] = [
substr($value, 0, 4),
substr($value, 4, 2),
substr($value, 6, 2),
substr($value, 8, 2),
substr($value, 10, 2),
substr($value, 12, 2),
];
$datetime = new Datetime(gmmktime($H, $M, $S, $m, $d, $y));
$value = preg_replace('/ 00:00:00$/', "", $datetime->format());
return $value;
}
}

17
nur_src/ldap/syntaxes/IntegerSyntax.php Normal file
View File

@ -0,0 +1,17 @@
<?php
namespace nur\ldap\syntaxes;
class IntegerSyntax extends AbstractSyntax {
function getPhpType(): ?string {
return "int";
}
function php2ldap($value): ?string {
if ($value === null) return null;
else return strval($value);
}
function ldap2php(string $value): int {
return intval($value);
}
}

5
nur_src/ldap/syntaxes/MailSyntax.php Normal file
View File

@ -0,0 +1,5 @@
<?php
namespace nur\ldap\syntaxes;
class MailSyntax extends StringSyntax {
}

20
nur_src/ldap/syntaxes/PostalAddressSyntax.php Normal file
View File

@ -0,0 +1,20 @@
<?php
namespace nur\ldap\syntaxes;
class PostalAddressSyntax extends StringSyntax {
function php2ldap($value): ?string {
$value = parent::php2ldap($value);
if ($value === null) return null;
// mettre en échappement tout caractère $
$value = str_replace('$', '\$', $value);
$value = preg_replace('/\r?\n/', '$', $value);
$value = preg_replace('/\s*(?<!\\\\)\$\s*/', ' $ ', $value);
return $value;
}
function ldap2php(string $value): string {
$value = preg_replace('/\s*(?<!\\\\)\$\s*/', "\n", $value);
$value = preg_replace('/\\\\\$/', '$', $value);
return $value;
}
}

20
nur_src/ldap/syntaxes/PrintableSyntax.php Normal file
View File

@ -0,0 +1,20 @@
<?php
namespace nur\ldap\syntaxes;
class PrintableSyntax extends StringSyntax {
const DISALLOWED = '/[^a-zA-Z0-9"()+,-.\/:? -]+/';
/** enlever les caractères interdit de la chaine */
function filter(?string $value): ?string {
if ($value === null) return null;
return preg_replace(self::DISALLOWED, "", $value);
}
function php2ldap($value): ?string {
$value = parent::php2ldap($value);
if (preg_match(self::DISALLOWED, $value)) {
throw new SyntaxException("invalid string: $value");
}
return $value;
}
}

13
nur_src/ldap/syntaxes/StringSyntax.php Normal file
View File

@ -0,0 +1,13 @@
<?php
namespace nur\ldap\syntaxes;
class StringSyntax extends AbstractSyntax {
function php2ldap($value): ?string {
if ($value === null) return null;
else return trim(strval($value));
}
function ldap2php(string $value): string {
return $value;
}
}

11
nur_src/ldap/syntaxes/SyntaxException.php Normal file
View File

@ -0,0 +1,11 @@
<?php
namespace nur\ldap\syntaxes;
use nur\b\ValueException;
/**
* Class SyntaxException: indique qu'une valeur PHP ne peut être convertie en
* valeur LDAP
*/
class SyntaxException extends ValueException {
}

24
nur_src/ldap/syntaxes/TelephoneSyntax.php Normal file
View File

@ -0,0 +1,24 @@
<?php
namespace nur\ldap\syntaxes;
use nur\data\types\TelephoneType;
class TelephoneSyntax extends StringSyntax {
function __construct() {
$this->type = new TelephoneType();
}
/** @var TelephoneType */
protected $type;
function php2ldap($value): ?string {
$value = parent::php2ldap($value);
if ($value === null) return null;
$type = $this->type;
return $type->ensureInternational($type->with($value));
}
function ldap2php(string $value): string {
return $this->type->ensureLocal($value);
}
}

18
nur_src/ldap/syntaxes/cvalues.php Normal file
View File

@ -0,0 +1,18 @@
<?php
namespace nur\ldap\syntaxes;
use nur\data\types\Metadata;
use nur\php\Autogen;
class cvalues {
static function autogen_properties(array $schema): array {
$md = Metadata::with($schema);
$properties = [];
foreach ($md->getKeys() as $key) {
$type = $md->getType($key);
[$phpType, $returnType] = Autogen::fix_type($type->getPhpType());
$properties[] = "$returnType \$$key";
}
return $properties;
}
}

2
nur_tbin/test-args1.php → nur_tbin/base/test-args1.php
View File

@ -1,5 +1,5 @@
<?php # -*- coding: utf-8 mode: php -*- vim:sw=2:sts=2:et:ai:si:sta:fenc=utf-8
require(__DIR__.'/../vendor/autoload.php');
require(__DIR__.'/../../vendor/autoload.php');
use nur\cli\Application;
use nur\out;

2
nur_tbin/test-args2.php → nur_tbin/base/test-args2.php
View File

@ -1,5 +1,5 @@
<?php # -*- coding: utf-8 mode: php -*- vim:sw=2:sts=2:et:ai:si:sta:fenc=utf-8
require(__DIR__.'/../vendor/autoload.php');
require(__DIR__.'/../../vendor/autoload.php');
use nur\cli\Application;
use nur\msg;

2
nur_tbin/test-args3.php → nur_tbin/base/test-args3.php
View File

@ -1,5 +1,5 @@
<?php # -*- coding: utf-8 mode: php -*- vim:sw=2:sts=2:et:ai:si:sta:fenc=utf-8
require(__DIR__.'/../vendor/autoload.php');
require(__DIR__.'/../../vendor/autoload.php');
use nur\cli\Application;
use nur\cli\DynamicCommand;

2
nur_tbin/test-conn.php → nur_tbin/base/test-conn.php
View File

@ -1,7 +1,7 @@
<?php # -*- coding: utf-8 mode: php -*- vim:sw=2:sts=2:et:ai:si:sta:fenc=utf-8
# fichier utilisé pour les tests. on peut y écrire du code pour vérifier le
# fonctionnement de certaines classes et méthodes
require(__DIR__.'/../vendor/autoload.php');
require(__DIR__.'/../../vendor/autoload.php');
use nur\cli\Application;
use nur\m\oracle\OracleConn;

2
nur_tbin/test-log.php → nur_tbin/base/test-log.php
View File

@ -1,5 +1,5 @@
<?php # -*- coding: utf-8 mode: php -*- vim:sw=2:sts=2:et:ai:si:sta:fenc=utf-8
require(__DIR__.'/../vendor/autoload.php');
require(__DIR__.'/../../vendor/autoload.php');
use nur\cli\Application;
use nur\log;

2
nur_tbin/test-misc.php → nur_tbin/base/test-misc.php
View File

@ -1,7 +1,7 @@
<?php # -*- coding: utf-8 mode: php -*- vim:sw=2:sts=2:et:ai:si:sta:fenc=utf-8
# fichier utilisé pour les tests. on peut y écrire du code pour vérifier le
# fonctionnement de certaines classes et méthodes
require(__DIR__.'/../vendor/autoload.php');
require(__DIR__.'/../../vendor/autoload.php');
use nur\b\proc\AbstractCmd;
use nur\b\proc\Cmd;

2
nur_tbin/test-msg.php → nur_tbin/base/test-msg.php
View File

@ -1,5 +1,5 @@
<?php # -*- coding: utf-8 mode: php -*- vim:sw=2:sts=2:et:ai:si:sta:fenc=utf-8
require(__DIR__.'/../vendor/autoload.php');
require(__DIR__.'/../../vendor/autoload.php');
use nur\A;
use nur\b\UserException;

2
nur_tbin/test-vanilla-app.php → nur_tbin/base/test-vanilla-app.php
View File

@ -1,5 +1,5 @@
<?php # -*- coding: utf-8 mode: php -*- vim:sw=2:sts=2:et:ai:si:sta:fenc=utf-8
require(__DIR__.'/../vendor/autoload.php');
require(__DIR__.'/../../vendor/autoload.php');
use nur\cli\Application;
use nur\msg;

7
nur_tbin/ldap/admin.ldapconf Normal file
View File

@ -0,0 +1,7 @@
<?php # -*- coding: utf-8 mode: php -*- vim:sw=2:sts=2:et:ai:si:sta:fenc=utf-8
return array_merge(require __DIR__.'/ldap_localhost_389.ldaphost',
[
'binddn' => 'cn=admin,dc=univ-reunion,dc=fr',
'password' => 'admin',
]
);

7
nur_tbin/ldap/anon.ldapconf Normal file
View File

@ -0,0 +1,7 @@
<?php # -*- coding: utf-8 mode: php -*- vim:sw=2:sts=2:et:ai:si:sta:fenc=utf-8
return array_merge(require __DIR__.'/ldap_localhost_389.ldaphost',
[
'binddn' => null,
'password' => null,
]
);

1
nur_tbin/ldap/default.ldapconf Symbolic link
View File

@ -0,0 +1 @@
admin.ldapconf

1
nur_tbin/ldap/ldap-get-infos.php Symbolic link
View File

@ -0,0 +1 @@
../../nur_bin/ldap-get-infos.php

1
nur_tbin/ldap/ldap-search.php Symbolic link
View File

@ -0,0 +1 @@
../../nur_bin/ldap-search.php

9711
nur_tbin/ldap/ldap_localhost_389.ldaphost Normal file
View File

File diff suppressed because it is too large Load Diff

32
nur_tbin/ldap/root-dse.ldif Normal file
View File

@ -0,0 +1,32 @@
dn:
structuralObjectClass: OpenLDAProotDSE
configContext: cn=config
namingContexts: cn=modiflog
namingContexts: dc=univ-reunion,dc=fr
monitorContext: cn=Monitor
supportedControl: 1.3.6.1.4.1.4203.1.9.1.1
supportedControl: 2.16.840.1.113730.3.4.18
supportedControl: 2.16.840.1.113730.3.4.2
supportedControl: 1.3.6.1.4.1.4203.1.10.1
supportedControl: 1.3.6.1.1.22
supportedControl: 1.2.840.113556.1.4.319
supportedControl: 1.2.826.0.1.3344810.2.3
supportedControl: 1.3.6.1.1.13.2
supportedControl: 1.3.6.1.1.13.1
supportedControl: 1.3.6.1.1.12
supportedExtension: 1.3.6.1.4.1.4203.1.11.1
supportedExtension: 1.3.6.1.4.1.4203.1.11.3
supportedExtension: 1.3.6.1.1.8
supportedFeatures: 1.3.6.1.1.14
supportedFeatures: 1.3.6.1.4.1.4203.1.5.1
supportedFeatures: 1.3.6.1.4.1.4203.1.5.2
supportedFeatures: 1.3.6.1.4.1.4203.1.5.3
supportedFeatures: 1.3.6.1.4.1.4203.1.5.4
supportedFeatures: 1.3.6.1.4.1.4203.1.5.5
supportedLDAPVersion: 3
supportedSASLMechanisms: DIGEST-MD5
supportedSASLMechanisms: NTLM
supportedSASLMechanisms: CRAM-MD5
entryDN:
subschemaSubentry: cn=Subschema

21
nur_tbin/ldap/schema.php Executable file
View File

@ -0,0 +1,21 @@
#!/usr/bin/php
<?php
require __DIR__.'/../../vendor/autoload.php';
use nur\ldap\app\LdapApplication;
use nur\ldap\schemas\LdapSchemaExtractor;
LdapApplication::run(new class extends LdapApplication {
const ARGS = [
"merge" => parent::ARGS,
["-o", "--output", "args" => 1],
];
protected $output;
function main() {
$conn = $this->getConn();
$extractor = new LdapSchemaExtractor($conn->getSchemaInfos());
Txx($extractor->init());
}
});

788
nur_tbin/ldap/subschema.ldif Normal file
View File

@ -0,0 +1,788 @@
dn: cn=Subschema
structuralObjectClass: subentry
createTimestamp: 20230324045227Z
modifyTimestamp: 20230324045227Z
ldapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.4 DESC 'Audio' X-NOT-HUMAN-READABLE 'TRUE' )
ldapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.5 DESC 'Binary' X-NOT-HUMAN-READABLE 'TRUE' )
ldapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.6 DESC 'Bit String' )
ldapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.7 DESC 'Boolean' )
ldapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.8 DESC 'Certificate' X-BINARY-TRANSFER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' )
ldapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.9 DESC 'Certificate List' X-BINARY-TRANSFER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' )
ldapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.10 DESC 'Certificate Pair' X-BINARY-TRANSFER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' )
ldapSyntaxes: ( 1.3.6.1.4.1.4203.666.11.10.2.1 DESC 'X.509 AttributeCertificate' X-BINARY-TRANSFER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' )
ldapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.12 DESC 'Distinguished Name' )
ldapSyntaxes: ( 1.2.36.79672281.1.5.0 DESC 'RDN' )
ldapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.14 DESC 'Delivery Method' )
ldapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.15 DESC 'Directory String' )
ldapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.22 DESC 'Facsimile Telephone Number' )
ldapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.24 DESC 'Generalized Time' )
ldapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.26 DESC 'IA5 String' )
ldapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.27 DESC 'Integer' )
ldapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.28 DESC 'JPEG' X-NOT-HUMAN-READABLE 'TRUE' )
ldapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.34 DESC 'Name And Optional UID' )
ldapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.36 DESC 'Numeric String' )
ldapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.38 DESC 'OID' )
ldapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.39 DESC 'Other Mailbox' )
ldapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.40 DESC 'Octet String' )
ldapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.41 DESC 'Postal Address' )
ldapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.44 DESC 'Printable String' )
ldapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.11 DESC 'Country String' )
ldapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.45 DESC 'SubtreeSpecification' )
ldapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.49 DESC 'Supported Algorithm' X-BINARY-TRANSFER-REQUIRED 'TRUE' X-NOT-HUMAN-READABLE 'TRUE' )
ldapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.50 DESC 'Telephone Number' )
ldapSyntaxes: ( 1.3.6.1.4.1.1466.115.121.1.52 DESC 'Telex Number' )
ldapSyntaxes: ( 1.3.6.1.1.1.0.0 DESC 'RFC2307 NIS Netgroup Triple' )
ldapSyntaxes: ( 1.3.6.1.1.1.0.1 DESC 'RFC2307 Boot Parameter' )
ldapSyntaxes: ( 1.3.6.1.1.16.1 DESC 'UUID' )
matchingRules: ( 1.3.6.1.1.16.3 NAME 'UUIDOrderingMatch' SYNTAX 1.3.6.1.1.16.1 )
matchingRules: ( 1.3.6.1.1.16.2 NAME 'UUIDMatch' SYNTAX 1.3.6.1.1.16.1 )
matchingRules: ( 1.2.840.113556.1.4.804 NAME 'integerBitOrMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
matchingRules: ( 1.2.840.113556.1.4.803 NAME 'integerBitAndMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
matchingRules: ( 1.3.6.1.4.1.4203.1.2.1 NAME 'caseExactIA5SubstringsMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
matchingRules: ( 1.3.6.1.4.1.1466.109.114.3 NAME 'caseIgnoreIA5SubstringsMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
matchingRules: ( 1.3.6.1.4.1.1466.109.114.2 NAME 'caseIgnoreIA5Match' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
matchingRules: ( 1.3.6.1.4.1.1466.109.114.1 NAME 'caseExactIA5Match' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
matchingRules: ( 2.5.13.38 NAME 'certificateListExactMatch' SYNTAX 1.3.6.1.1.15.5 )
matchingRules: ( 2.5.13.34 NAME 'certificateExactMatch' SYNTAX 1.3.6.1.1.15.1 )
matchingRules: ( 2.5.13.30 NAME 'objectIdentifierFirstComponentMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
matchingRules: ( 2.5.13.29 NAME 'integerFirstComponentMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
matchingRules: ( 2.5.13.28 NAME 'generalizedTimeOrderingMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 )
matchingRules: ( 2.5.13.27 NAME 'generalizedTimeMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 )
matchingRules: ( 2.5.13.23 NAME 'uniqueMemberMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 )
matchingRules: ( 2.5.13.21 NAME 'telephoneNumberSubstringsMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )
matchingRules: ( 2.5.13.20 NAME 'telephoneNumberMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
matchingRules: ( 2.5.13.19 NAME 'octetStringSubstringsMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
matchingRules: ( 2.5.13.18 NAME 'octetStringOrderingMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
matchingRules: ( 2.5.13.17 NAME 'octetStringMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
matchingRules: ( 2.5.13.16 NAME 'bitStringMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 )
matchingRules: ( 2.5.13.15 NAME 'integerOrderingMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
matchingRules: ( 2.5.13.14 NAME 'integerMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
matchingRules: ( 2.5.13.13 NAME 'booleanMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
matchingRules: ( 2.5.13.11 NAME 'caseIgnoreListMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
matchingRules: ( 2.5.13.10 NAME 'numericStringSubstringsMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )
matchingRules: ( 2.5.13.9 NAME 'numericStringOrderingMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.36 )
matchingRules: ( 2.5.13.8 NAME 'numericStringMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.36 )
matchingRules: ( 2.5.13.7 NAME 'caseExactSubstringsMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )
matchingRules: ( 2.5.13.6 NAME 'caseExactOrderingMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
matchingRules: ( 2.5.13.5 NAME 'caseExactMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
matchingRules: ( 2.5.13.4 NAME 'caseIgnoreSubstringsMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )
matchingRules: ( 2.5.13.3 NAME 'caseIgnoreOrderingMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
matchingRules: ( 2.5.13.2 NAME 'caseIgnoreMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
matchingRules: ( 1.2.36.79672281.1.13.3 NAME 'rdnMatch' SYNTAX 1.2.36.79672281.1.5.0 )
matchingRules: ( 2.5.13.1 NAME 'distinguishedNameMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
matchingRules: ( 2.5.13.0 NAME 'objectIdentifierMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
matchingRuleUse: ( 1.2.840.113556.1.4.804 NAME 'integerBitOrMatch' APPLIES ( supportedLDAPVersion $ entryTtl $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcIndexIntLen $ olcListenerThreads $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcWriteTimeout $ olcDbMaxReaders $ olcDbMaxSize $ olcDbRtxnSize $ olcDbSearchStack $ olcSpSessionlog $ mailPreferenceOption $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ ipServicePort $ ipProtocolNumber $ oncRpcNumber $ sambaPwdLastSet $ sambaPwdCanChange $ sambaPwdMustChange $ sambaLogonTime $ sambaLogoffTime $ sambaKickoffTime $ sambaBadPasswordCount $ sambaBadPasswordTime $ sambaGroupType $ sambaNextUserRid $ sambaNextGroupRid $ sambaNextRid $ sambaAlgorithmicRidBase $ sambaIntegerOption $ sambaMinPwdLength $ sambaPwdHistoryLength $ sambaLogonToChgPwd $ sambaMaxPwdAge $ sambaMinPwdAge $ sambaLockoutDuration $ sambaLockoutObservationWindow $ sambaLockoutThreshold $ sambaForceLogoff $ sambaRefuseMachinePwdChange $ radiusSimultaneousUse ) )
matchingRuleUse: ( 1.2.840.113556.1.4.803 NAME 'integerBitAndMatch' APPLIES ( supportedLDAPVersion $ entryTtl $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcIndexIntLen $ olcListenerThreads $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcWriteTimeout $ olcDbMaxReaders $ olcDbMaxSize $ olcDbRtxnSize $ olcDbSearchStack $ olcSpSessionlog $ mailPreferenceOption $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ ipServicePort $ ipProtocolNumber $ oncRpcNumber $ sambaPwdLastSet $ sambaPwdCanChange $ sambaPwdMustChange $ sambaLogonTime $ sambaLogoffTime $ sambaKickoffTime $ sambaBadPasswordCount $ sambaBadPasswordTime $ sambaGroupType $ sambaNextUserRid $ sambaNextGroupRid $ sambaNextRid $ sambaAlgorithmicRidBase $ sambaIntegerOption $ sambaMinPwdLength $ sambaPwdHistoryLength $ sambaLogonToChgPwd $ sambaMaxPwdAge $ sambaMinPwdAge $ sambaLockoutDuration $ sambaLockoutObservationWindow $ sambaLockoutThreshold $ sambaForceLogoff $ sambaRefuseMachinePwdChange $ radiusSimultaneousUse ) )
matchingRuleUse: ( 1.3.6.1.4.1.1466.109.114.2 NAME 'caseIgnoreIA5Match' APPLIES ( altServer $ c $ mail $ dc $ associatedDomain $ email $ aRecord $ mDRecord $ mXRecord $ nSRecord $ sOARecord $ cNAMERecord $ janetMailbox $ gecos $ homeDirectory $ loginShell $ memberUid $ memberNisNetgroup $ ipHostNumber $ ipNetworkNumber $ ipNetmaskNumber $ macAddress $ bootFile $ nisMapEntry $ sambaLMPassword $ sambaNTPassword $ sambaAcctFlags $ sambaLogonHours $ sambaHomeDrive $ sambaPasswordHistory $ sambaSID $ sambaPrimaryGroupSID $ sambaSIDList $ sambaStringOption $ sambaTrustFlags $ supannCodeEntite $ supannCodeEntiteParent $ supannEntiteAffectation $ supannEntiteAffectationPrincipale $ supannMailPerso $ supannAutreMail $ runUnivMailAlias $ runUnivMailGroup $ runUnivMailRoute $ runUnivMailHost $ runUnivMailMember $ runUnivLocalisation $ runUnivLsc $ runUnivAccountUid $ runUnivHeliosAccountUid $ runUnivGaiaAccountUid $ runUnivExtAccountUid $ runUnivBvMailExterne $ runUnivGoogleGroupOwner $ urBvMailExterne $ radiusArapFeatures $ radiusArapSecurity $ radiusArapZoneAccess $ radiusAuthType $ radiusCallbackId $ radiusCallbackNumber $ radiusCalledStationId $ radiusCallingStationId $ radiusClass $ radiusClientIPAddress $ radiusFilterId $ radiusFramedAppleTalkLink $ radiusFramedAppleTalkNetwork $ radiusFramedAppleTalkZone $ radiusFramedCompression $ radiusFramedIPAddress $ radiusFramedIPNetmask $ radiusFramedIPXNetwork $ radiusFramedMTU $ radiusFramedProtocol $ radiusFramedRoute $ radiusFramedRouting $ radiusGroupName $ radiusHint $ radiusHuntgroupName $ radiusIdleTimeout $ radiusLoginIPHost $ radiusLoginLATGroup $ radiusLoginLATNode $ radiusLoginLATPort $ radiusLoginLATService $ radiusLoginService $ radiusLoginTCPPort $ radiusPasswordRetry $ radiusPortLimit $ radiusPrompt $ radiusProxyToRealm $ radiusReplicateToRealm $ radiusRealm $ radiusServiceType $ radiusSessionTimeout $ radiusTerminationAction $ radiusTunnelAssignmentId $ radiusTunnelMediumType $ radiusTunnelPassword $ radiusTunnelPreference $ radiusTunnelPrivateGroupId $ radiusTunnelServerEndpoint $ radiusTunnelType $ radiusVSA $ radiusTunnelClientEndpoint $ radiusLoginTime $ radiusUserCategory $ dialupAccess $ radiusExpiration $ radiusCheckItem $ radiusReplyItem $ radiusNASIpAddress $ radiusReplyMessage ) )
matchingRuleUse: ( 1.3.6.1.4.1.1466.109.114.1 NAME 'caseExactIA5Match' APPLIES ( altServer $ c $ mail $ dc $ associatedDomain $ email $ aRecord $ mDRecord $ mXRecord $ nSRecord $ sOARecord $ cNAMERecord $ janetMailbox $ gecos $ homeDirectory $ loginShell $ memberUid $ memberNisNetgroup $ ipHostNumber $ ipNetworkNumber $ ipNetmaskNumber $ macAddress $ bootFile $ nisMapEntry $ sambaLMPassword $ sambaNTPassword $ sambaAcctFlags $ sambaLogonHours $ sambaHomeDrive $ sambaPasswordHistory $ sambaSID $ sambaPrimaryGroupSID $ sambaSIDList $ sambaStringOption $ sambaTrustFlags $ supannCodeEntite $ supannCodeEntiteParent $ supannEntiteAffectation $ supannEntiteAffectationPrincipale $ supannMailPerso $ supannAutreMail $ runUnivMailAlias $ runUnivMailGroup $ runUnivMailRoute $ runUnivMailHost $ runUnivMailMember $ runUnivLocalisation $ runUnivLsc $ runUnivAccountUid $ runUnivHeliosAccountUid $ runUnivGaiaAccountUid $ runUnivExtAccountUid $ runUnivBvMailExterne $ runUnivGoogleGroupOwner $ urBvMailExterne $ radiusArapFeatures $ radiusArapSecurity $ radiusArapZoneAccess $ radiusAuthType $ radiusCallbackId $ radiusCallbackNumber $ radiusCalledStationId $ radiusCallingStationId $ radiusClass $ radiusClientIPAddress $ radiusFilterId $ radiusFramedAppleTalkLink $ radiusFramedAppleTalkNetwork $ radiusFramedAppleTalkZone $ radiusFramedCompression $ radiusFramedIPAddress $ radiusFramedIPNetmask $ radiusFramedIPXNetwork $ radiusFramedMTU $ radiusFramedProtocol $ radiusFramedRoute $ radiusFramedRouting $ radiusGroupName $ radiusHint $ radiusHuntgroupName $ radiusIdleTimeout $ radiusLoginIPHost $ radiusLoginLATGroup $ radiusLoginLATNode $ radiusLoginLATPort $ radiusLoginLATService $ radiusLoginService $ radiusLoginTCPPort $ radiusPasswordRetry $ radiusPortLimit $ radiusPrompt $ radiusProxyToRealm $ radiusReplicateToRealm $ radiusRealm $ radiusServiceType $ radiusSessionTimeout $ radiusTerminationAction $ radiusTunnelAssignmentId $ radiusTunnelMediumType $ radiusTunnelPassword $ radiusTunnelPreference $ radiusTunnelPrivateGroupId $ radiusTunnelServerEndpoint $ radiusTunnelType $ radiusVSA $ radiusTunnelClientEndpoint $ radiusLoginTime $ radiusUserCategory $ dialupAccess $ radiusExpiration $ radiusCheckItem $ radiusReplyItem $ radiusNASIpAddress $ radiusReplyMessage ) )
matchingRuleUse: ( 2.5.13.38 NAME 'certificateListExactMatch' APPLIES ( authorityRevocationList $ certificateRevocationList $ deltaRevocationList ) )
matchingRuleUse: ( 2.5.13.34 NAME 'certificateExactMatch' APPLIES ( userCertificate $ cACertificate ) )
matchingRuleUse: ( 2.5.13.30 NAME 'objectIdentifierFirstComponentMatch' APPLIES ( supportedControl $ supportedExtension $ supportedFeatures $ ldapSyntaxes $ supportedApplicationContext ) )
matchingRuleUse: ( 2.5.13.29 NAME 'integerFirstComponentMatch' APPLIES ( supportedLDAPVersion $ entryTtl $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcIndexIntLen $ olcListenerThreads $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcWriteTimeout $ olcDbMaxReaders $ olcDbMaxSize $ olcDbRtxnSize $ olcDbSearchStack $ olcSpSessionlog $ mailPreferenceOption $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ ipServicePort $ ipProtocolNumber $ oncRpcNumber $ sambaPwdLastSet $ sambaPwdCanChange $ sambaPwdMustChange $ sambaLogonTime $ sambaLogoffTime $ sambaKickoffTime $ sambaBadPasswordCount $ sambaBadPasswordTime $ sambaGroupType $ sambaNextUserRid $ sambaNextGroupRid $ sambaNextRid $ sambaAlgorithmicRidBase $ sambaIntegerOption $ sambaMinPwdLength $ sambaPwdHistoryLength $ sambaLogonToChgPwd $ sambaMaxPwdAge $ sambaMinPwdAge $ sambaLockoutDuration $ sambaLockoutObservationWindow $ sambaLockoutThreshold $ sambaForceLogoff $ sambaRefuseMachinePwdChange $ radiusSimultaneousUse ) )
matchingRuleUse: ( 2.5.13.28 NAME 'generalizedTimeOrderingMatch' APPLIES ( createTimestamp $ modifyTimestamp $ attuhbdatenais $ attuhbdatefin $ attuhbdateouvcompte $ attuhbdatemaj $ supannGroupeDateFin $ runUnivJpegPhotoDate $ runUnivLastModified $ runUnivDateFin $ runUnivDateNaissance ) )
matchingRuleUse: ( 2.5.13.27 NAME 'generalizedTimeMatch' APPLIES ( createTimestamp $ modifyTimestamp $ attuhbdatenais $ attuhbdatefin $ attuhbdateouvcompte $ attuhbdatemaj $ supannGroupeDateFin $ runUnivJpegPhotoDate $ runUnivLastModified $ runUnivDateFin $ runUnivDateNaissance ) )
matchingRuleUse: ( 2.5.13.24 NAME 'protocolInformationMatch' APPLIES protocolInformation )
matchingRuleUse: ( 2.5.13.23 NAME 'uniqueMemberMatch' APPLIES uniqueMember )
matchingRuleUse: ( 2.5.13.22 NAME 'presentationAddressMatch' APPLIES presentationAddress )
matchingRuleUse: ( 2.5.13.20 NAME 'telephoneNumberMatch' APPLIES ( telephoneNumber $ homePhone $ mobile $ pager $ supannAutreTelephone $ runUnivTelephonePerso ) )
matchingRuleUse: ( 2.5.13.18 NAME 'octetStringOrderingMatch' APPLIES ( userPassword $ sambaClearTextPassword $ sambaPreviousClearTextPassword $ sshPublicKey $ runUnivPassword $ runUnivSshPublicKey ) )
matchingRuleUse: ( 2.5.13.17 NAME 'octetStringMatch' APPLIES ( userPassword $ sambaClearTextPassword $ sambaPreviousClearTextPassword $ sshPublicKey $ runUnivPassword $ runUnivSshPublicKey ) )
matchingRuleUse: ( 2.5.13.16 NAME 'bitStringMatch' APPLIES x500UniqueIdentifier )
matchingRuleUse: ( 2.5.13.15 NAME 'integerOrderingMatch' APPLIES ( supportedLDAPVersion $ entryTtl $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcIndexIntLen $ olcListenerThreads $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcWriteTimeout $ olcDbMaxReaders $ olcDbMaxSize $ olcDbRtxnSize $ olcDbSearchStack $ olcSpSessionlog $ mailPreferenceOption $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ ipServicePort $ ipProtocolNumber $ oncRpcNumber $ sambaPwdLastSet $ sambaPwdCanChange $ sambaPwdMustChange $ sambaLogonTime $ sambaLogoffTime $ sambaKickoffTime $ sambaBadPasswordCount $ sambaBadPasswordTime $ sambaGroupType $ sambaNextUserRid $ sambaNextGroupRid $ sambaNextRid $ sambaAlgorithmicRidBase $ sambaIntegerOption $ sambaMinPwdLength $ sambaPwdHistoryLength $ sambaLogonToChgPwd $ sambaMaxPwdAge $ sambaMinPwdAge $ sambaLockoutDuration $ sambaLockoutObservationWindow $ sambaLockoutThreshold $ sambaForceLogoff $ sambaRefuseMachinePwdChange $ radiusSimultaneousUse ) )
matchingRuleUse: ( 2.5.13.14 NAME 'integerMatch' APPLIES ( supportedLDAPVersion $ entryTtl $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcIndexIntLen $ olcListenerThreads $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcWriteTimeout $ olcDbMaxReaders $ olcDbMaxSize $ olcDbRtxnSize $ olcDbSearchStack $ olcSpSessionlog $ mailPreferenceOption $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ ipServicePort $ ipProtocolNumber $ oncRpcNumber $ sambaPwdLastSet $ sambaPwdCanChange $ sambaPwdMustChange $ sambaLogonTime $ sambaLogoffTime $ sambaKickoffTime $ sambaBadPasswordCount $ sambaBadPasswordTime $ sambaGroupType $ sambaNextUserRid $ sambaNextGroupRid $ sambaNextRid $ sambaAlgorithmicRidBase $ sambaIntegerOption $ sambaMinPwdLength $ sambaPwdHistoryLength $ sambaLogonToChgPwd $ sambaMaxPwdAge $ sambaMinPwdAge $ sambaLockoutDuration $ sambaLockoutObservationWindow $ sambaLockoutThreshold $ sambaForceLogoff $ sambaRefuseMachinePwdChange $ radiusSimultaneousUse ) )
matchingRuleUse: ( 2.5.13.13 NAME 'booleanMatch' APPLIES ( hasSubordinates $ olcAddContentAcl $ olcGentleHUP $ olcHidden $ olcLastMod $ olcMirrorMode $ olcMonitoring $ olcReadOnly $ olcReverseLookup $ olcSyncUseSubentry $ olcDbNoSync $ olcSpNoPresent $ olcSpReloadHint $ olcAccessLogSuccess $ sambaBoolOption $ attuhbintranet $ attuhbextranet $ supannListeRouge $ runUnivToipEnabled $ runUnivAccessDenied $ runUnivAccessAllowed $ runUnivLegacyWebProhibited $ urAccessAllowed $ radiusStripUserName ) )
matchingRuleUse: ( 2.5.13.11 NAME 'caseIgnoreListMatch' APPLIES ( postalAddress $ registeredAddress $ homePostalAddress $ runUnivAdressePerso ) )
matchingRuleUse: ( 2.5.13.9 NAME 'numericStringOrderingMatch' APPLIES ( x121Address $ internationaliSDNNumber $ supannEtuAnneeInscription $ runUnivToipInternal $ runUnivToipExternal ) )
matchingRuleUse: ( 2.5.13.8 NAME 'numericStringMatch' APPLIES ( x121Address $ internationaliSDNNumber $ supannEtuAnneeInscription $ runUnivToipInternal $ runUnivToipExternal ) )
matchingRuleUse: ( 2.5.13.7 NAME 'caseExactSubstringsMatch' APPLIES ( serialNumber $ c $ telephoneNumber $ destinationIndicator $ dnQualifier $ homePhone $ mobile $ pager $ supannCivilite $ supannCodeINE $ supannAutreTelephone $ runUnivTelephonePerso ) )
matchingRuleUse: ( 2.5.13.6 NAME 'caseExactOrderingMatch' APPLIES ( supportedSASLMechanisms $ vendorName $ vendorVersion $ ref $ name $ cn $ uid $ labeledURI $ description $ olcConfigFile $ olcConfigDir $ olcAccess $ olcAllows $ olcArgsFile $ olcAttributeOptions $ olcAttributeTypes $ olcAuthIDRewrite $ olcAuthzPolicy $ olcAuthzRegexp $ olcBackend $ olcDatabase $ olcDisallows $ olcDitContentRules $ olcExtraAttrs $ olcInclude $ olcLdapSyntaxes $ olcLimits $ olcLogFile $ olcLogLevel $ olcModuleLoad $ olcModulePath $ olcObjectClasses $ olcObjectIdentifier $ olcOverlay $ olcPasswordCryptSaltFormat $ olcPasswordHash $ olcPidFile $ olcPlugin $ olcPluginLogFile $ olcReferral $ olcReplica $ olcReplicaArgsFile $ olcReplicaPidFile $ olcReplogFile $ olcRequires $ olcRestrict $ olcRootDSE $ olcRootPW $ olcSaslAuxprops $ olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ olcSecurity $ olcServerID $ olcSizeLimit $ olcSortVals $ olcSubordinate $ olcSyncrepl $ olcTCPBuffer $ olcTimeLimit $ olcTLSCACertificateFile $ olcTLSCACertificatePath $ olcTLSCertificateFile $ olcTLSCertificateKeyFile $ olcTLSCipherSuite $ olcTLSCRLCheck $ olcTLSCRLFile $ olcTLSRandFile $ olcTLSVerifyClient $ olcTLSDHParamFile $ olcTLSECName $ olcTLSProtocolMin $ olcUpdateRef $ olcDbDirectory $ olcDbCheckpoint $ olcDbEnvFlags $ olcDbIndex $ olcDbMode $ olcSpCheckpoint $ olcAccessLogOps $ olcAccessLogPurge $ olcAccessLogOld $ olcAccessLogOldAttr $ olcAccessLogBase $ olcDlAttrSet $ knowledgeInformation $ sn $ serialNumber $ c $ l $ st $ street $ o $ ou $ title $ businessCategory $ postalCode $ postOfficeBox $ physicalDeliveryOfficeName $ telephoneNumber $ destinationIndicator $ givenName $ initials $ generationQualifier $ dnQualifier $ houseIdentifier $ dmdName $ pseudonym $ textEncodedORAddress $ info $ drink $ roomNumber $ userClass $ host $ documentIdentifier $ documentTitle $ documentVersion $ documentLocation $ homePhone $ personalTitle $ mobile $ pager $ co $ uniqueIdentifier $ organizationalStatus $ buildingName $ documentPublisher $ ipServiceProtocol $ nisMapName $ carLicense $ departmentNumber $ displayName $ employeeNumber $ employeeType $ preferredLanguage $ eduOrgHomePageURI $ eduOrgIdentityAuthNPolicyURI $ eduOrgLegalName $ eduOrgSuperiorURI $ eduOrgWhitePagesURI $ eduPersonAffiliation $ eduPersonNickname $ eduPersonPrimaryAffiliation $ eduPersonPrincipalName $ eduPersonEntitlement $ eduPersonScopedAffiliation $ eduPersonTargetedID $ eduPersonAssurance $ isMemberOf $ hasMember $ sambaLogonScript $ sambaProfilePath $ sambaUserWorkstations $ sambaHomePath $ sambaDomainName $ sambaMungedDial $ sambaShareName $ sambaOptionName $ sambaStringListOption $ attuhbcategorie $ attuhbcodecorps $ attuhbcorps $ attuhbcodetype $ attuhbtype $ attuhbcodecnu $ attuhbcnu $ attuhbetab $ attuhbcomp $ attuhbResponsabilite $ attuhbmanager $ attuhbalias $ attuhbcodelr $ attuhbcampus $ attuhbaffectation $ attuhbcodevalid $ attuhbhashid $ attuhbLastSetPasswordID $ attuhbPays $ attuhbetp $ attuhbins $ attuhbdroitacces $ attuhbWebmasterHome $ attuhbstatut $ attuhbregins $ attuhbprofil $ attuhbetaPmt $ attuhbelp $ attuhbcleactivation $ attuhblibade $ attuhbgfocod $ attuhbcompType $ attuhbcompRespEns $ attuhbcompRespTech $ attuhbcompRespAdm $ attuhbcompLibelleCourt $ attuhbcompLibelle $ supannActivite $ supannOrganisme $ supannCivilite $ supannAffectation $ supannCodeINE $ supannEtuId $ supannEmpId $ supannAutreTelephone $ supannEtablissement $ supannTypeEntite $ supannAliasLogin $ supannRole $ supannRoleGenerique $ supannRoleEntite $ supannEtuCursusAnnee $ supannEtuDiplome $ supannEtuElementPedagogique $ supannEtuEtape $ supannEtuInscription $ supannEtuRegimeInscription $ supannEtuSecteurDisciplinaire $ supannEtuTypeDiplome $ supannEmpCorps $ supannTypeEntiteAffectation $ supannRefId $ mailForwardingAddress $ runUnivMemberURL $ runUnivToipAffectation $ runUnivSihamId $ runUnivAuthorization $ runUnivNoInsee $ runUnivAttribute $ runUnivIndAffectation $ runUnivPersInfos $ runUnivTelephonePerso $ runUnivStrInfos $ runUnivStrResp $ runUnivIndInfos $ runUnivNom $ runUnivPrenom $ runUnivDiplome $ runUnivWgClient $ runUnivCasAccepted $ runUnivCategorie $ runUnivScheduledOperation $ runUnivHarpTypePopulation $ runUnivHarpStructure $ harpegeStructureCode $ harpegeStructureCodePere $ harpegeStructureLibelleCourt $ harpegeStructureLibelle $ harpegeStructureType $ harpegeStructureCodeRNE $ runUnivApoComposante $ runUnivApoEtape $ runUnivBvProfil $ urBvProfil $ urMail $ memberURL ) )
matchingRuleUse: ( 2.5.13.5 NAME 'caseExactMatch' APPLIES ( supportedSASLMechanisms $ vendorName $ vendorVersion $ ref $ name $ cn $ uid $ labeledURI $ description $ olcConfigFile $ olcConfigDir $ olcAccess $ olcAllows $ olcArgsFile $ olcAttributeOptions $ olcAttributeTypes $ olcAuthIDRewrite $ olcAuthzPolicy $ olcAuthzRegexp $ olcBackend $ olcDatabase $ olcDisallows $ olcDitContentRules $ olcExtraAttrs $ olcInclude $ olcLdapSyntaxes $ olcLimits $ olcLogFile $ olcLogLevel $ olcModuleLoad $ olcModulePath $ olcObjectClasses $ olcObjectIdentifier $ olcOverlay $ olcPasswordCryptSaltFormat $ olcPasswordHash $ olcPidFile $ olcPlugin $ olcPluginLogFile $ olcReferral $ olcReplica $ olcReplicaArgsFile $ olcReplicaPidFile $ olcReplogFile $ olcRequires $ olcRestrict $ olcRootDSE $ olcRootPW $ olcSaslAuxprops $ olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ olcSecurity $ olcServerID $ olcSizeLimit $ olcSortVals $ olcSubordinate $ olcSyncrepl $ olcTCPBuffer $ olcTimeLimit $ olcTLSCACertificateFile $ olcTLSCACertificatePath $ olcTLSCertificateFile $ olcTLSCertificateKeyFile $ olcTLSCipherSuite $ olcTLSCRLCheck $ olcTLSCRLFile $ olcTLSRandFile $ olcTLSVerifyClient $ olcTLSDHParamFile $ olcTLSECName $ olcTLSProtocolMin $ olcUpdateRef $ olcDbDirectory $ olcDbCheckpoint $ olcDbEnvFlags $ olcDbIndex $ olcDbMode $ olcSpCheckpoint $ olcAccessLogOps $ olcAccessLogPurge $ olcAccessLogOld $ olcAccessLogOldAttr $ olcAccessLogBase $ olcDlAttrSet $ knowledgeInformation $ sn $ serialNumber $ c $ l $ st $ street $ o $ ou $ title $ businessCategory $ postalCode $ postOfficeBox $ physicalDeliveryOfficeName $ telephoneNumber $ destinationIndicator $ givenName $ initials $ generationQualifier $ dnQualifier $ houseIdentifier $ dmdName $ pseudonym $ textEncodedORAddress $ info $ drink $ roomNumber $ userClass $ host $ documentIdentifier $ documentTitle $ documentVersion $ documentLocation $ homePhone $ personalTitle $ mobile $ pager $ co $ uniqueIdentifier $ organizationalStatus $ buildingName $ documentPublisher $ ipServiceProtocol $ nisMapName $ carLicense $ departmentNumber $ displayName $ employeeNumber $ employeeType $ preferredLanguage $ eduOrgHomePageURI $ eduOrgIdentityAuthNPolicyURI $ eduOrgLegalName $ eduOrgSuperiorURI $ eduOrgWhitePagesURI $ eduPersonAffiliation $ eduPersonNickname $ eduPersonPrimaryAffiliation $ eduPersonPrincipalName $ eduPersonEntitlement $ eduPersonScopedAffiliation $ eduPersonTargetedID $ eduPersonAssurance $ isMemberOf $ hasMember $ sambaLogonScript $ sambaProfilePath $ sambaUserWorkstations $ sambaHomePath $ sambaDomainName $ sambaMungedDial $ sambaShareName $ sambaOptionName $ sambaStringListOption $ attuhbcategorie $ attuhbcodecorps $ attuhbcorps $ attuhbcodetype $ attuhbtype $ attuhbcodecnu $ attuhbcnu $ attuhbetab $ attuhbcomp $ attuhbResponsabilite $ attuhbmanager $ attuhbalias $ attuhbcodelr $ attuhbcampus $ attuhbaffectation $ attuhbcodevalid $ attuhbhashid $ attuhbLastSetPasswordID $ attuhbPays $ attuhbetp $ attuhbins $ attuhbdroitacces $ attuhbWebmasterHome $ attuhbstatut $ attuhbregins $ attuhbprofil $ attuhbetaPmt $ attuhbelp $ attuhbcleactivation $ attuhblibade $ attuhbgfocod $ attuhbcompType $ attuhbcompRespEns $ attuhbcompRespTech $ attuhbcompRespAdm $ attuhbcompLibelleCourt $ attuhbcompLibelle $ supannActivite $ supannOrganisme $ supannCivilite $ supannAffectation $ supannCodeINE $ supannEtuId $ supannEmpId $ supannAutreTelephone $ supannEtablissement $ supannTypeEntite $ supannAliasLogin $ supannRole $ supannRoleGenerique $ supannRoleEntite $ supannEtuCursusAnnee $ supannEtuDiplome $ supannEtuElementPedagogique $ supannEtuEtape $ supannEtuInscription $ supannEtuRegimeInscription $ supannEtuSecteurDisciplinaire $ supannEtuTypeDiplome $ supannEmpCorps $ supannTypeEntiteAffectation $ supannRefId $ mailForwardingAddress $ runUnivMemberURL $ runUnivToipAffectation $ runUnivSihamId $ runUnivAuthorization $ runUnivNoInsee $ runUnivAttribute $ runUnivIndAffectation $ runUnivPersInfos $ runUnivTelephonePerso $ runUnivStrInfos $ runUnivStrResp $ runUnivIndInfos $ runUnivNom $ runUnivPrenom $ runUnivDiplome $ runUnivWgClient $ runUnivCasAccepted $ runUnivCategorie $ runUnivScheduledOperation $ runUnivHarpTypePopulation $ runUnivHarpStructure $ harpegeStructureCode $ harpegeStructureCodePere $ harpegeStructureLibelleCourt $ harpegeStructureLibelle $ harpegeStructureType $ harpegeStructureCodeRNE $ runUnivApoComposante $ runUnivApoEtape $ runUnivBvProfil $ urBvProfil $ urMail $ memberURL ) )
matchingRuleUse: ( 2.5.13.4 NAME 'caseIgnoreSubstringsMatch' APPLIES ( serialNumber $ c $ telephoneNumber $ destinationIndicator $ dnQualifier $ homePhone $ mobile $ pager $ supannCivilite $ supannCodeINE $ supannAutreTelephone $ runUnivTelephonePerso ) )
matchingRuleUse: ( 2.5.13.3 NAME 'caseIgnoreOrderingMatch' APPLIES ( supportedSASLMechanisms $ vendorName $ vendorVersion $ ref $ name $ cn $ uid $ labeledURI $ description $ olcConfigFile $ olcConfigDir $ olcAccess $ olcAllows $ olcArgsFile $ olcAttributeOptions $ olcAttributeTypes $ olcAuthIDRewrite $ olcAuthzPolicy $ olcAuthzRegexp $ olcBackend $ olcDatabase $ olcDisallows $ olcDitContentRules $ olcExtraAttrs $ olcInclude $ olcLdapSyntaxes $ olcLimits $ olcLogFile $ olcLogLevel $ olcModuleLoad $ olcModulePath $ olcObjectClasses $ olcObjectIdentifier $ olcOverlay $ olcPasswordCryptSaltFormat $ olcPasswordHash $ olcPidFile $ olcPlugin $ olcPluginLogFile $ olcReferral $ olcReplica $ olcReplicaArgsFile $ olcReplicaPidFile $ olcReplogFile $ olcRequires $ olcRestrict $ olcRootDSE $ olcRootPW $ olcSaslAuxprops $ olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ olcSecurity $ olcServerID $ olcSizeLimit $ olcSortVals $ olcSubordinate $ olcSyncrepl $ olcTCPBuffer $ olcTimeLimit $ olcTLSCACertificateFile $ olcTLSCACertificatePath $ olcTLSCertificateFile $ olcTLSCertificateKeyFile $ olcTLSCipherSuite $ olcTLSCRLCheck $ olcTLSCRLFile $ olcTLSRandFile $ olcTLSVerifyClient $ olcTLSDHParamFile $ olcTLSECName $ olcTLSProtocolMin $ olcUpdateRef $ olcDbDirectory $ olcDbCheckpoint $ olcDbEnvFlags $ olcDbIndex $ olcDbMode $ olcSpCheckpoint $ olcAccessLogOps $ olcAccessLogPurge $ olcAccessLogOld $ olcAccessLogOldAttr $ olcAccessLogBase $ olcDlAttrSet $ knowledgeInformation $ sn $ serialNumber $ c $ l $ st $ street $ o $ ou $ title $ businessCategory $ postalCode $ postOfficeBox $ physicalDeliveryOfficeName $ telephoneNumber $ destinationIndicator $ givenName $ initials $ generationQualifier $ dnQualifier $ houseIdentifier $ dmdName $ pseudonym $ textEncodedORAddress $ info $ drink $ roomNumber $ userClass $ host $ documentIdentifier $ documentTitle $ documentVersion $ documentLocation $ homePhone $ personalTitle $ mobile $ pager $ co $ uniqueIdentifier $ organizationalStatus $ buildingName $ documentPublisher $ ipServiceProtocol $ nisMapName $ carLicense $ departmentNumber $ displayName $ employeeNumber $ employeeType $ preferredLanguage $ eduOrgHomePageURI $ eduOrgIdentityAuthNPolicyURI $ eduOrgLegalName $ eduOrgSuperiorURI $ eduOrgWhitePagesURI $ eduPersonAffiliation $ eduPersonNickname $ eduPersonPrimaryAffiliation $ eduPersonPrincipalName $ eduPersonEntitlement $ eduPersonScopedAffiliation $ eduPersonTargetedID $ eduPersonAssurance $ isMemberOf $ hasMember $ sambaLogonScript $ sambaProfilePath $ sambaUserWorkstations $ sambaHomePath $ sambaDomainName $ sambaMungedDial $ sambaShareName $ sambaOptionName $ sambaStringListOption $ attuhbcategorie $ attuhbcodecorps $ attuhbcorps $ attuhbcodetype $ attuhbtype $ attuhbcodecnu $ attuhbcnu $ attuhbetab $ attuhbcomp $ attuhbResponsabilite $ attuhbmanager $ attuhbalias $ attuhbcodelr $ attuhbcampus $ attuhbaffectation $ attuhbcodevalid $ attuhbhashid $ attuhbLastSetPasswordID $ attuhbPays $ attuhbetp $ attuhbins $ attuhbdroitacces $ attuhbWebmasterHome $ attuhbstatut $ attuhbregins $ attuhbprofil $ attuhbetaPmt $ attuhbelp $ attuhbcleactivation $ attuhblibade $ attuhbgfocod $ attuhbcompType $ attuhbcompRespEns $ attuhbcompRespTech $ attuhbcompRespAdm $ attuhbcompLibelleCourt $ attuhbcompLibelle $ supannActivite $ supannOrganisme $ supannCivilite $ supannAffectation $ supannCodeINE $ supannEtuId $ supannEmpId $ supannAutreTelephone $ supannEtablissement $ supannTypeEntite $ supannAliasLogin $ supannRole $ supannRoleGenerique $ supannRoleEntite $ supannEtuCursusAnnee $ supannEtuDiplome $ supannEtuElementPedagogique $ supannEtuEtape $ supannEtuInscription $ supannEtuRegimeInscription $ supannEtuSecteurDisciplinaire $ supannEtuTypeDiplome $ supannEmpCorps $ supannTypeEntiteAffectation $ supannRefId $ mailForwardingAddress $ runUnivMemberURL $ runUnivToipAffectation $ runUnivSihamId $ runUnivAuthorization $ runUnivNoInsee $ runUnivAttribute $ runUnivIndAffectation $ runUnivPersInfos $ runUnivTelephonePerso $ runUnivStrInfos $ runUnivStrResp $ runUnivIndInfos $ runUnivNom $ runUnivPrenom $ runUnivDiplome $ runUnivWgClient $ runUnivCasAccepted $ runUnivCategorie $ runUnivScheduledOperation $ runUnivHarpTypePopulation $ runUnivHarpStructure $ harpegeStructureCode $ harpegeStructureCodePere $ harpegeStructureLibelleCourt $ harpegeStructureLibelle $ harpegeStructureType $ harpegeStructureCodeRNE $ runUnivApoComposante $ runUnivApoEtape $ runUnivBvProfil $ urBvProfil $ urMail $ memberURL ) )
matchingRuleUse: ( 2.5.13.2 NAME 'caseIgnoreMatch' APPLIES ( supportedSASLMechanisms $ vendorName $ vendorVersion $ ref $ name $ cn $ uid $ labeledURI $ description $ olcConfigFile $ olcConfigDir $ olcAccess $ olcAllows $ olcArgsFile $ olcAttributeOptions $ olcAttributeTypes $ olcAuthIDRewrite $ olcAuthzPolicy $ olcAuthzRegexp $ olcBackend $ olcDatabase $ olcDisallows $ olcDitContentRules $ olcExtraAttrs $ olcInclude $ olcLdapSyntaxes $ olcLimits $ olcLogFile $ olcLogLevel $ olcModuleLoad $ olcModulePath $ olcObjectClasses $ olcObjectIdentifier $ olcOverlay $ olcPasswordCryptSaltFormat $ olcPasswordHash $ olcPidFile $ olcPlugin $ olcPluginLogFile $ olcReferral $ olcReplica $ olcReplicaArgsFile $ olcReplicaPidFile $ olcReplogFile $ olcRequires $ olcRestrict $ olcRootDSE $ olcRootPW $ olcSaslAuxprops $ olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ olcSecurity $ olcServerID $ olcSizeLimit $ olcSortVals $ olcSubordinate $ olcSyncrepl $ olcTCPBuffer $ olcTimeLimit $ olcTLSCACertificateFile $ olcTLSCACertificatePath $ olcTLSCertificateFile $ olcTLSCertificateKeyFile $ olcTLSCipherSuite $ olcTLSCRLCheck $ olcTLSCRLFile $ olcTLSRandFile $ olcTLSVerifyClient $ olcTLSDHParamFile $ olcTLSECName $ olcTLSProtocolMin $ olcUpdateRef $ olcDbDirectory $ olcDbCheckpoint $ olcDbEnvFlags $ olcDbIndex $ olcDbMode $ olcSpCheckpoint $ olcAccessLogOps $ olcAccessLogPurge $ olcAccessLogOld $ olcAccessLogOldAttr $ olcAccessLogBase $ olcDlAttrSet $ knowledgeInformation $ sn $ serialNumber $ c $ l $ st $ street $ o $ ou $ title $ businessCategory $ postalCode $ postOfficeBox $ physicalDeliveryOfficeName $ telephoneNumber $ destinationIndicator $ givenName $ initials $ generationQualifier $ dnQualifier $ houseIdentifier $ dmdName $ pseudonym $ textEncodedORAddress $ info $ drink $ roomNumber $ userClass $ host $ documentIdentifier $ documentTitle $ documentVersion $ documentLocation $ homePhone $ personalTitle $ mobile $ pager $ co $ uniqueIdentifier $ organizationalStatus $ buildingName $ documentPublisher $ ipServiceProtocol $ nisMapName $ carLicense $ departmentNumber $ displayName $ employeeNumber $ employeeType $ preferredLanguage $ eduOrgHomePageURI $ eduOrgIdentityAuthNPolicyURI $ eduOrgLegalName $ eduOrgSuperiorURI $ eduOrgWhitePagesURI $ eduPersonAffiliation $ eduPersonNickname $ eduPersonPrimaryAffiliation $ eduPersonPrincipalName $ eduPersonEntitlement $ eduPersonScopedAffiliation $ eduPersonTargetedID $ eduPersonAssurance $ isMemberOf $ hasMember $ sambaLogonScript $ sambaProfilePath $ sambaUserWorkstations $ sambaHomePath $ sambaDomainName $ sambaMungedDial $ sambaShareName $ sambaOptionName $ sambaStringListOption $ attuhbcategorie $ attuhbcodecorps $ attuhbcorps $ attuhbcodetype $ attuhbtype $ attuhbcodecnu $ attuhbcnu $ attuhbetab $ attuhbcomp $ attuhbResponsabilite $ attuhbmanager $ attuhbalias $ attuhbcodelr $ attuhbcampus $ attuhbaffectation $ attuhbcodevalid $ attuhbhashid $ attuhbLastSetPasswordID $ attuhbPays $ attuhbetp $ attuhbins $ attuhbdroitacces $ attuhbWebmasterHome $ attuhbstatut $ attuhbregins $ attuhbprofil $ attuhbetaPmt $ attuhbelp $ attuhbcleactivation $ attuhblibade $ attuhbgfocod $ attuhbcompType $ attuhbcompRespEns $ attuhbcompRespTech $ attuhbcompRespAdm $ attuhbcompLibelleCourt $ attuhbcompLibelle $ supannActivite $ supannOrganisme $ supannCivilite $ supannAffectation $ supannCodeINE $ supannEtuId $ supannEmpId $ supannAutreTelephone $ supannEtablissement $ supannTypeEntite $ supannAliasLogin $ supannRole $ supannRoleGenerique $ supannRoleEntite $ supannEtuCursusAnnee $ supannEtuDiplome $ supannEtuElementPedagogique $ supannEtuEtape $ supannEtuInscription $ supannEtuRegimeInscription $ supannEtuSecteurDisciplinaire $ supannEtuTypeDiplome $ supannEmpCorps $ supannTypeEntiteAffectation $ supannRefId $ mailForwardingAddress $ runUnivMemberURL $ runUnivToipAffectation $ runUnivSihamId $ runUnivAuthorization $ runUnivNoInsee $ runUnivAttribute $ runUnivIndAffectation $ runUnivPersInfos $ runUnivTelephonePerso $ runUnivStrInfos $ runUnivStrResp $ runUnivIndInfos $ runUnivNom $ runUnivPrenom $ runUnivDiplome $ runUnivWgClient $ runUnivCasAccepted $ runUnivCategorie $ runUnivScheduledOperation $ runUnivHarpTypePopulation $ runUnivHarpStructure $ harpegeStructureCode $ harpegeStructureCodePere $ harpegeStructureLibelleCourt $ harpegeStructureLibelle $ harpegeStructureType $ harpegeStructureCodeRNE $ runUnivApoComposante $ runUnivApoEtape $ runUnivBvProfil $ urBvProfil $ urMail $ memberURL ) )
matchingRuleUse: ( 2.5.13.1 NAME 'distinguishedNameMatch' APPLIES ( creatorsName $ modifiersName $ subschemaSubentry $ entryDN $ namingContexts $ aliasedObjectName $ dynamicSubtrees $ distinguishedName $ seeAlso $ olcDefaultSearchBase $ olcRootDN $ olcSchemaDN $ olcSuffix $ olcUpdateDN $ olcAccessLogDB $ member $ owner $ roleOccupant $ manager $ documentAuthor $ secretary $ associatedName $ dITRedirect $ eduPersonOrgDN $ eduPersonOrgUnitDN $ eduPersonPrimaryOrgUnitDN $ supannParrainDN $ supannGroupeAdminDN $ supannGroupeLecteurDN $ urHeliosAccount $ urGaiaAccount $ dgIdentity $ radiusProfileDn ) )
matchingRuleUse: ( 2.5.13.0 NAME 'objectIdentifierMatch' APPLIES ( supportedControl $ supportedExtension $ supportedFeatures $ supportedApplicationContext ) )
attributeTypes: ( 2.5.4.0 NAME 'objectClass' DESC 'RFC4512: object classes of the entity' EQUALITY objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
attributeTypes: ( 2.5.21.9 NAME 'structuralObjectClass' DESC 'RFC4512: structural object class of entry' EQUALITY objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )
attributeTypes: ( 2.5.18.1 NAME 'createTimestamp' DESC 'RFC4512: time which object was created' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )
attributeTypes: ( 2.5.18.2 NAME 'modifyTimestamp' DESC 'RFC4512: time which object was last modified' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )
attributeTypes: ( 2.5.18.3 NAME 'creatorsName' DESC 'RFC4512: name of creator' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )
attributeTypes: ( 2.5.18.4 NAME 'modifiersName' DESC 'RFC4512: name of last modifier' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )
attributeTypes: ( 2.5.18.9 NAME 'hasSubordinates' DESC 'X.501: entry has children' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )
attributeTypes: ( 2.5.18.10 NAME 'subschemaSubentry' DESC 'RFC4512: name of controlling subschema entry' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )
attributeTypes: ( 1.3.6.1.1.20 NAME 'entryDN' DESC 'DN of the entry' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )
attributeTypes: ( 1.3.6.1.1.16.4 NAME 'entryUUID' DESC 'UUID of the entry' EQUALITY UUIDMatch ORDERING UUIDOrderingMatch SYNTAX 1.3.6.1.1.16.1 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )
attributeTypes: ( 1.3.6.1.4.1.1466.101.120.6 NAME 'altServer' DESC 'RFC4512: alternative servers' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 USAGE dSAOperation )
attributeTypes: ( 1.3.6.1.4.1.1466.101.120.5 NAME 'namingContexts' DESC 'RFC4512: naming contexts' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 USAGE dSAOperation )
attributeTypes: ( 1.3.6.1.4.1.1466.101.120.13 NAME 'supportedControl' DESC 'RFC4512: supported controls' SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation )
attributeTypes: ( 1.3.6.1.4.1.1466.101.120.7 NAME 'supportedExtension' DESC 'RFC4512: supported extended operations' SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation )
attributeTypes: ( 1.3.6.1.4.1.1466.101.120.15 NAME 'supportedLDAPVersion' DESC 'RFC4512: supported LDAP versions' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 USAGE dSAOperation )
attributeTypes: ( 1.3.6.1.4.1.1466.101.120.14 NAME 'supportedSASLMechanisms' DESC 'RFC4512: supported SASL mechanisms' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 USAGE dSAOperation )
attributeTypes: ( 1.3.6.1.4.1.4203.1.3.5 NAME 'supportedFeatures' DESC 'RFC4512: features supported by the server' EQUALITY objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 USAGE dSAOperation )
attributeTypes: ( 1.3.6.1.1.4 NAME 'vendorName' DESC 'RFC3045: name of implementation vendor' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )
attributeTypes: ( 1.3.6.1.1.5 NAME 'vendorVersion' DESC 'RFC3045: version of implementation' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )
attributeTypes: ( 2.5.21.4 NAME 'matchingRules' DESC 'RFC4512: matching rules' EQUALITY objectIdentifierFirstComponentMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.30 USAGE directoryOperation )
attributeTypes: ( 2.5.21.5 NAME 'attributeTypes' DESC 'RFC4512: attribute types' EQUALITY objectIdentifierFirstComponentMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.3 USAGE directoryOperation )
attributeTypes: ( 2.5.21.6 NAME 'objectClasses' DESC 'RFC4512: object classes' EQUALITY objectIdentifierFirstComponentMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.37 USAGE directoryOperation )
attributeTypes: ( 2.5.21.8 NAME 'matchingRuleUse' DESC 'RFC4512: matching rule uses' EQUALITY objectIdentifierFirstComponentMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.31 USAGE directoryOperation )
attributeTypes: ( 1.3.6.1.4.1.1466.101.120.16 NAME 'ldapSyntaxes' DESC 'RFC4512: LDAP syntaxes' EQUALITY objectIdentifierFirstComponentMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.54 USAGE directoryOperation )
attributeTypes: ( 2.5.4.1 NAME ( 'aliasedObjectName' 'aliasedEntryName' ) DESC 'RFC4512: name of aliased object' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
attributeTypes: ( 2.16.840.1.113730.3.1.34 NAME 'ref' DESC 'RFC3296: subordinate referral URL' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 USAGE distributedOperation )
attributeTypes: ( 1.3.6.1.4.1.1466.101.119.3 NAME 'entryTtl' DESC 'RFC2589: entry time-to-live' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )
attributeTypes: ( 1.3.6.1.4.1.1466.101.119.4 NAME 'dynamicSubtrees' DESC 'RFC2589: dynamic subtrees' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 NO-USER-MODIFICATION USAGE dSAOperation )
attributeTypes: ( 2.5.4.49 NAME 'distinguishedName' DESC 'RFC4519: common supertype of DN attributes' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
attributeTypes: ( 2.5.4.41 NAME 'name' DESC 'RFC4519: common supertype of name attributes' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
attributeTypes: ( 2.5.4.3 NAME ( 'cn' 'commonName' ) DESC 'RFC4519: common name(s) for which the entity is known by' SUP name )
attributeTypes: ( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' ) DESC 'RFC4519: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributeTypes: ( 1.3.6.1.1.1.1.0 NAME 'uidNumber' DESC 'RFC2307: An integer uniquely identifying a user in an administrative domain' EQUALITY integerMatch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.1.1.1.1 NAME 'gidNumber' DESC 'RFC2307: An integer uniquely identifying a group in an administrative domain' EQUALITY integerMatch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 2.5.4.35 NAME 'userPassword' DESC 'RFC4519/2307: password of user' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
attributeTypes: ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI' DESC 'RFC2079: Uniform Resource Identifier with optional label' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 2.5.4.13 NAME 'description' DESC 'RFC4519: descriptive information' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} )
attributeTypes: ( 2.5.4.34 NAME 'seeAlso' DESC 'RFC4519: DN of related object' SUP distinguishedName )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.78 NAME 'olcConfigFile' DESC 'File for slapd configuration directives' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.79 NAME 'olcConfigDir' DESC 'Directory for slapd configuration backend' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.1 NAME 'olcAccess' DESC 'Access Control List' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORDERED 'VALUES' )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.86 NAME 'olcAddContentAcl' DESC 'Check ACLs against content of Add ops' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.2 NAME 'olcAllows' DESC 'Allowed set of deprecated features' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.3 NAME 'olcArgsFile' DESC 'File for slapd command line options' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.5 NAME 'olcAttributeOptions' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.4 NAME 'olcAttributeTypes' DESC 'OpenLDAP attributeTypes' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORDERED 'VALUES' )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.6 NAME 'olcAuthIDRewrite' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORDERED 'VALUES' )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.7 NAME 'olcAuthzPolicy' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.8 NAME 'olcAuthzRegexp' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORDERED 'VALUES' )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.9 NAME 'olcBackend' DESC 'A type of backend' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORDERED 'SIBLINGS' )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.10 NAME 'olcConcurrency' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.11 NAME 'olcConnMaxPending' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.12 NAME 'olcConnMaxPendingAuth' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.13 NAME 'olcDatabase' DESC 'The backend type for a database instance' SUP olcBackend SINGLE-VALUE X-ORDERED 'SIBLINGS' )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.14 NAME 'olcDefaultSearchBase' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.15 NAME 'olcDisallows' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.16 NAME 'olcDitContentRules' DESC 'OpenLDAP DIT content rules' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORDERED 'VALUES' )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.2.0.20 NAME 'olcExtraAttrs' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.17 NAME 'olcGentleHUP' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.2.0.17 NAME 'olcHidden' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.18 NAME 'olcIdleTimeout' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.19 NAME 'olcInclude' SUP labeledURI )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.20 NAME 'olcIndexSubstrIfMinLen' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.21 NAME 'olcIndexSubstrIfMaxLen' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.22 NAME 'olcIndexSubstrAnyLen' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.23 NAME 'olcIndexSubstrAnyStep' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.84 NAME 'olcIndexIntLen' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.2.0.4 NAME 'olcLastMod' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.85 NAME 'olcLdapSyntaxes' DESC 'OpenLDAP ldapSyntax' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORDERED 'VALUES' )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.2.0.5 NAME 'olcLimits' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORDERED 'VALUES' )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.93 NAME 'olcListenerThreads' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.26 NAME 'olcLocalSSF' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.27 NAME 'olcLogFile' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.28 NAME 'olcLogLevel' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.2.0.6 NAME 'olcMaxDerefDepth' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.2.0.16 NAME 'olcMirrorMode' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.30 NAME 'olcModuleLoad' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORDERED 'VALUES' )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.31 NAME 'olcModulePath' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.2.0.18 NAME 'olcMonitoring' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.32 NAME 'olcObjectClasses' DESC 'OpenLDAP object classes' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORDERED 'VALUES' )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.33 NAME 'olcObjectIdentifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORDERED 'VALUES' )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.34 NAME 'olcOverlay' SUP olcDatabase SINGLE-VALUE X-ORDERED 'SIBLINGS' )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.35 NAME 'olcPasswordCryptSaltFormat' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.36 NAME 'olcPasswordHash' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.37 NAME 'olcPidFile' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.38 NAME 'olcPlugin' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.39 NAME 'olcPluginLogFile' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.40 NAME 'olcReadOnly' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.41 NAME 'olcReferral' SUP labeledURI SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.2.0.7 NAME 'olcReplica' SUP labeledURI EQUALITY caseIgnoreMatch X-ORDERED 'VALUES' )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.43 NAME 'olcReplicaArgsFile' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.44 NAME 'olcReplicaPidFile' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.45 NAME 'olcReplicationInterval' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.46 NAME 'olcReplogFile' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.47 NAME 'olcRequires' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.48 NAME 'olcRestrict' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.49 NAME 'olcReverseLookup' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.2.0.8 NAME 'olcRootDN' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.51 NAME 'olcRootDSE' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.2.0.9 NAME 'olcRootPW' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.89 NAME 'olcSaslAuxprops' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.53 NAME 'olcSaslHost' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.54 NAME 'olcSaslRealm' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.56 NAME 'olcSaslSecProps' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.58 NAME 'olcSchemaDN' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.59 NAME 'olcSecurity' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.81 NAME 'olcServerID' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.60 NAME 'olcSizeLimit' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.61 NAME 'olcSockbufMaxIncoming' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.62 NAME 'olcSockbufMaxIncomingAuth' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.83 NAME 'olcSortVals' DESC 'Attributes whose values will always be sorted' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.2.0.15 NAME 'olcSubordinate' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.2.0.10 NAME 'olcSuffix' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.2.0.19 NAME 'olcSyncUseSubentry' DESC 'Store sync context in a subentry' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.2.0.11 NAME 'olcSyncrepl' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORDERED 'VALUES' )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.90 NAME 'olcTCPBuffer' DESC 'Custom TCP buffer size' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.66 NAME 'olcThreads' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.67 NAME 'olcTimeLimit' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.68 NAME 'olcTLSCACertificateFile' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.69 NAME 'olcTLSCACertificatePath' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.70 NAME 'olcTLSCertificateFile' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.71 NAME 'olcTLSCertificateKeyFile' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.72 NAME 'olcTLSCipherSuite' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.73 NAME 'olcTLSCRLCheck' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.82 NAME 'olcTLSCRLFile' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.74 NAME 'olcTLSRandFile' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.75 NAME 'olcTLSVerifyClient' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.77 NAME 'olcTLSDHParamFile' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.96 NAME 'olcTLSECName' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.87 NAME 'olcTLSProtocolMin' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.80 NAME 'olcToolThreads' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.2.0.12 NAME 'olcUpdateDN' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.2.0.13 NAME 'olcUpdateRef' SUP labeledURI EQUALITY caseIgnoreMatch )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.0.88 NAME 'olcWriteTimeout' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.2.0.1 NAME 'olcDbDirectory' DESC 'Directory for database content' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.2.1.2 NAME 'olcDbCheckpoint' DESC 'Database checkpoint interval in kbytes and minutes' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.2.1.4 NAME 'olcDbNoSync' DESC 'Disable synchronous database writes' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.2.12.3 NAME 'olcDbEnvFlags' DESC 'Database environment flags' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.2.0.2 NAME 'olcDbIndex' DESC 'Attribute index parameters' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.2.12.1 NAME 'olcDbMaxReaders' DESC 'Maximum number of threads that may access the DB concurrently' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.2.12.2 NAME 'olcDbMaxSize' DESC 'Maximum size of DB in bytes' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.2.0.3 NAME 'olcDbMode' DESC 'Unix permissions of database files' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.2.12.5 NAME 'olcDbRtxnSize' DESC 'Number of entries to process in one read transaction' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.2.1.9 NAME 'olcDbSearchStack' DESC 'Depth of search stack in IDLs' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.3.1.1 NAME 'olcSpCheckpoint' DESC 'ContextCSN checkpoint interval in ops and minutes' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.3.1.2 NAME 'olcSpSessionlog' DESC 'Session log size in ops' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.3.1.3 NAME 'olcSpNoPresent' DESC 'Omit Present phase processing' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.3.1.4 NAME 'olcSpReloadHint' DESC 'Observe Reload Hint in Request control' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.3.4.1 NAME 'olcAccessLogDB' DESC 'Suffix of database for log content' SUP distinguishedName SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.3.4.2 NAME 'olcAccessLogOps' DESC 'Operation types to log' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.3.4.3 NAME 'olcAccessLogPurge' DESC 'Log cleanup parameters' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.3.4.4 NAME 'olcAccessLogSuccess' DESC 'Log successful ops only' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.3.4.5 NAME 'olcAccessLogOld' DESC 'Log old values when modifying entries matching the filter' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.3.4.6 NAME 'olcAccessLogOldAttr' DESC 'Log old values of these attributes even if unmodified' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.3.4.7 NAME 'olcAccessLogBase' DESC 'Operation types to log under a specific branch' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.4203.1.12.2.3.3.8.1 NAME 'olcDlAttrSet' DESC 'Dynamic list: <group objectClass>, <URL attributeDescription>, <member attributeDescription>' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORDERED 'VALUES' )
attributeTypes: ( 2.5.4.2 NAME 'knowledgeInformation' DESC 'RFC2256: knowledge information' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
attributeTypes: ( 2.5.4.4 NAME ( 'sn' 'surname' ) DESC 'RFC2256: last (family) name(s) for which the entity is known by' SUP name )
attributeTypes: ( 2.5.4.5 NAME 'serialNumber' DESC 'RFC2256: serial number of the entity' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} )
attributeTypes: ( 2.5.4.6 NAME ( 'c' 'countryName' ) DESC 'RFC4519: two-letter ISO-3166 country code' SUP name SYNTAX 1.3.6.1.4.1.1466.115.121.1.11 SINGLE-VALUE )
attributeTypes: ( 2.5.4.7 NAME ( 'l' 'localityName' ) DESC 'RFC2256: locality which this object resides in' SUP name )
attributeTypes: ( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' ) DESC 'RFC2256: state or province which this object resides in' SUP name )
attributeTypes: ( 2.5.4.9 NAME ( 'street' 'streetAddress' ) DESC 'RFC2256: street address of this object' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
attributeTypes: ( 2.5.4.10 NAME ( 'o' 'organizationName' ) DESC 'RFC2256: organization this object belongs to' SUP name )
attributeTypes: ( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' ) DESC 'RFC2256: organizational unit this object belongs to' SUP name )
attributeTypes: ( 2.5.4.12 NAME 'title' DESC 'RFC2256: title associated with the entity' SUP name )
attributeTypes: ( 2.5.4.14 NAME 'searchGuide' DESC 'RFC2256: search guide, deprecated by enhancedSearchGuide' SYNTAX 1.3.6.1.4.1.1466.115.121.1.25 )
attributeTypes: ( 2.5.4.15 NAME 'businessCategory' DESC 'RFC2256: business category' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
attributeTypes: ( 2.5.4.16 NAME 'postalAddress' DESC 'RFC2256: postal address' EQUALITY caseIgnoreListMatch SUBSTR caseIgnoreListSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
attributeTypes: ( 2.5.4.17 NAME 'postalCode' DESC 'RFC2256: postal code' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )
attributeTypes: ( 2.5.4.18 NAME 'postOfficeBox' DESC 'RFC2256: Post Office Box' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )
attributeTypes: ( 2.5.4.19 NAME 'physicalDeliveryOfficeName' DESC 'RFC2256: Physical Delivery Office Name' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
attributeTypes: ( 2.5.4.20 NAME 'telephoneNumber' DESC 'RFC2256: Telephone Number' EQUALITY telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} )
attributeTypes: ( 2.5.4.21 NAME 'telexNumber' DESC 'RFC2256: Telex Number' SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 )
attributeTypes: ( 2.5.4.22 NAME 'teletexTerminalIdentifier' DESC 'RFC2256: Teletex Terminal Identifier' SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 )
attributeTypes: ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' ) DESC 'RFC2256: Facsimile (Fax) Telephone Number' SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 )
attributeTypes: ( 2.5.4.24 NAME 'x121Address' DESC 'RFC2256: X.121 Address' EQUALITY numericStringMatch SUBSTR numericStringSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} )
attributeTypes: ( 2.5.4.25 NAME 'internationaliSDNNumber' DESC 'RFC2256: international ISDN number' EQUALITY numericStringMatch SUBSTR numericStringSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} )
attributeTypes: ( 2.5.4.26 NAME 'registeredAddress' DESC 'RFC2256: registered postal address' SUP postalAddress SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
attributeTypes: ( 2.5.4.27 NAME 'destinationIndicator' DESC 'RFC2256: destination indicator' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} )
attributeTypes: ( 2.5.4.28 NAME 'preferredDeliveryMethod' DESC 'RFC2256: preferred delivery method' SYNTAX 1.3.6.1.4.1.1466.115.121.1.14 SINGLE-VALUE )
attributeTypes: ( 2.5.4.29 NAME 'presentationAddress' DESC 'RFC2256: presentation address' EQUALITY presentationAddressMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.43 SINGLE-VALUE )
attributeTypes: ( 2.5.4.30 NAME 'supportedApplicationContext' DESC 'RFC2256: supported application context' EQUALITY objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
attributeTypes: ( 2.5.4.31 NAME 'member' DESC 'RFC2256: member of a group' SUP distinguishedName )
attributeTypes: ( 2.5.4.32 NAME 'owner' DESC 'RFC2256: owner (of the object)' SUP distinguishedName )
attributeTypes: ( 2.5.4.33 NAME 'roleOccupant' DESC 'RFC2256: occupant of role' SUP distinguishedName )
attributeTypes: ( 2.5.4.36 NAME 'userCertificate' DESC 'RFC2256: X.509 user certificate, use ;binary' EQUALITY certificateExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
attributeTypes: ( 2.5.4.37 NAME 'cACertificate' DESC 'RFC2256: X.509 CA certificate, use ;binary' EQUALITY certificateExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
attributeTypes: ( 2.5.4.38 NAME 'authorityRevocationList' DESC 'RFC2256: X.509 authority revocation list, use ;binary' SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
attributeTypes: ( 2.5.4.39 NAME 'certificateRevocationList' DESC 'RFC2256: X.509 certificate revocation list, use ;binary' SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
attributeTypes: ( 2.5.4.40 NAME 'crossCertificatePair' DESC 'RFC2256: X.509 cross certificate pair, use ;binary' SYNTAX 1.3.6.1.4.1.1466.115.121.1.10 )
attributeTypes: ( 2.5.4.42 NAME ( 'givenName' 'gn' ) DESC 'RFC2256: first name(s) for which the entity is known by' SUP name )
attributeTypes: ( 2.5.4.43 NAME 'initials' DESC 'RFC2256: initials of some or all of names, but not the surname(s).' SUP name )
attributeTypes: ( 2.5.4.44 NAME 'generationQualifier' DESC 'RFC2256: name qualifier indicating a generation' SUP name )
attributeTypes: ( 2.5.4.45 NAME 'x500UniqueIdentifier' DESC 'RFC2256: X.500 unique identifier' EQUALITY bitStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 )
attributeTypes: ( 2.5.4.46 NAME 'dnQualifier' DESC 'RFC2256: DN qualifier' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 )
attributeTypes: ( 2.5.4.47 NAME 'enhancedSearchGuide' DESC 'RFC2256: enhanced search guide' SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 )
attributeTypes: ( 2.5.4.48 NAME 'protocolInformation' DESC 'RFC2256: protocol information' EQUALITY protocolInformationMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.42 )
attributeTypes: ( 2.5.4.50 NAME 'uniqueMember' DESC 'RFC2256: unique member of a group' EQUALITY uniqueMemberMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 )
attributeTypes: ( 2.5.4.51 NAME 'houseIdentifier' DESC 'RFC2256: house identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
attributeTypes: ( 2.5.4.52 NAME 'supportedAlgorithms' DESC 'RFC2256: supported algorithms' SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 )
attributeTypes: ( 2.5.4.53 NAME 'deltaRevocationList' DESC 'RFC2256: delta revocation list; use ;binary' SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
attributeTypes: ( 2.5.4.54 NAME 'dmdName' DESC 'RFC2256: name of DMD' SUP name )
attributeTypes: ( 2.5.4.65 NAME 'pseudonym' DESC 'X.520(4th): pseudonym for the object' SUP name )
attributeTypes: ( 0.9.2342.19200300.100.1.3 NAME ( 'mail' 'rfc822Mailbox' ) DESC 'RFC1274: RFC822 Mailbox' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
attributeTypes: ( 0.9.2342.19200300.100.1.25 NAME ( 'dc' 'domainComponent' ) DESC 'RFC1274/2247: domain component' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 0.9.2342.19200300.100.1.37 NAME 'associatedDomain' DESC 'RFC1274: domain associated with object' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 1.2.840.113549.1.9.1 NAME ( 'email' 'emailAddress' 'pkcs9email' ) DESC 'RFC3280: legacy attribute for email addresses in DNs' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
attributeTypes: ( 0.9.2342.19200300.100.1.2 NAME 'textEncodedORAddress' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributeTypes: ( 0.9.2342.19200300.100.1.4 NAME 'info' DESC 'RFC1274: general information' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{2048} )
attributeTypes: ( 0.9.2342.19200300.100.1.5 NAME ( 'drink' 'favouriteDrink' ) DESC 'RFC1274: favorite drink' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributeTypes: ( 0.9.2342.19200300.100.1.6 NAME 'roomNumber' DESC 'RFC1274: room number' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributeTypes: ( 0.9.2342.19200300.100.1.7 NAME 'photo' DESC 'RFC1274: photo (G3 fax)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.23{25000} )
attributeTypes: ( 0.9.2342.19200300.100.1.8 NAME 'userClass' DESC 'RFC1274: category of user' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributeTypes: ( 0.9.2342.19200300.100.1.9 NAME 'host' DESC 'RFC1274: host computer' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributeTypes: ( 0.9.2342.19200300.100.1.10 NAME 'manager' DESC 'RFC1274: DN of manager' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
attributeTypes: ( 0.9.2342.19200300.100.1.11 NAME 'documentIdentifier' DESC 'RFC1274: unique identifier of document' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributeTypes: ( 0.9.2342.19200300.100.1.12 NAME 'documentTitle' DESC 'RFC1274: title of document' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributeTypes: ( 0.9.2342.19200300.100.1.13 NAME 'documentVersion' DESC 'RFC1274: version of document' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributeTypes: ( 0.9.2342.19200300.100.1.14 NAME 'documentAuthor' DESC 'RFC1274: DN of author of document' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
attributeTypes: ( 0.9.2342.19200300.100.1.15 NAME 'documentLocation' DESC 'RFC1274: location of document original' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributeTypes: ( 0.9.2342.19200300.100.1.20 NAME ( 'homePhone' 'homeTelephoneNumber' ) DESC 'RFC1274: home telephone number' EQUALITY telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
attributeTypes: ( 0.9.2342.19200300.100.1.21 NAME 'secretary' DESC 'RFC1274: DN of secretary' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
attributeTypes: ( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox' SYNTAX 1.3.6.1.4.1.1466.115.121.1.39 )
attributeTypes: ( 0.9.2342.19200300.100.1.26 NAME 'aRecord' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 0.9.2342.19200300.100.1.27 NAME 'mDRecord' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 0.9.2342.19200300.100.1.28 NAME 'mXRecord' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 0.9.2342.19200300.100.1.29 NAME 'nSRecord' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 0.9.2342.19200300.100.1.30 NAME 'sOARecord' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 0.9.2342.19200300.100.1.31 NAME 'cNAMERecord' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 0.9.2342.19200300.100.1.38 NAME 'associatedName' DESC 'RFC1274: DN of entry associated with domain' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
attributeTypes: ( 0.9.2342.19200300.100.1.39 NAME 'homePostalAddress' DESC 'RFC1274: home postal address' EQUALITY caseIgnoreListMatch SUBSTR caseIgnoreListSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
attributeTypes: ( 0.9.2342.19200300.100.1.40 NAME 'personalTitle' DESC 'RFC1274: personal title' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributeTypes: ( 0.9.2342.19200300.100.1.41 NAME ( 'mobile' 'mobileTelephoneNumber' ) DESC 'RFC1274: mobile telephone number' EQUALITY telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
attributeTypes: ( 0.9.2342.19200300.100.1.42 NAME ( 'pager' 'pagerTelephoneNumber' ) DESC 'RFC1274: pager telephone number' EQUALITY telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
attributeTypes: ( 0.9.2342.19200300.100.1.43 NAME ( 'co' 'friendlyCountryName' ) DESC 'RFC1274: friendly country name' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 0.9.2342.19200300.100.1.44 NAME 'uniqueIdentifier' DESC 'RFC1274: unique identifer' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributeTypes: ( 0.9.2342.19200300.100.1.45 NAME 'organizationalStatus' DESC 'RFC1274: organizational status' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributeTypes: ( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox' DESC 'RFC1274: Janet mailbox' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
attributeTypes: ( 0.9.2342.19200300.100.1.47 NAME 'mailPreferenceOption' DESC 'RFC1274: mail preference option' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
attributeTypes: ( 0.9.2342.19200300.100.1.48 NAME 'buildingName' DESC 'RFC1274: name of building' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributeTypes: ( 0.9.2342.19200300.100.1.49 NAME 'dSAQuality' DESC 'RFC1274: DSA Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1.19 SINGLE-VALUE )
attributeTypes: ( 0.9.2342.19200300.100.1.50 NAME 'singleLevelQuality' DESC 'RFC1274: Single Level Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE )
attributeTypes: ( 0.9.2342.19200300.100.1.51 NAME 'subtreeMinimumQuality' DESC 'RFC1274: Subtree Mininum Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE )
attributeTypes: ( 0.9.2342.19200300.100.1.52 NAME 'subtreeMaximumQuality' DESC 'RFC1274: Subtree Maximun Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE )
attributeTypes: ( 0.9.2342.19200300.100.1.53 NAME 'personalSignature' DESC 'RFC1274: Personal Signature (G3 fax)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.23 )
attributeTypes: ( 0.9.2342.19200300.100.1.54 NAME 'dITRedirect' DESC 'RFC1274: DIT Redirect' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
attributeTypes: ( 0.9.2342.19200300.100.1.55 NAME 'audio' DESC 'RFC1274: audio (u-law)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.4{25000} )
attributeTypes: ( 0.9.2342.19200300.100.1.56 NAME 'documentPublisher' DESC 'RFC1274: publisher of document' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.1.1.1.2 NAME 'gecos' DESC 'The GECOS field; the common name' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.1.1.1.3 NAME 'homeDirectory' DESC 'The absolute path to the home directory' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.1.1.1.4 NAME 'loginShell' DESC 'The path to the login shell' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.1.1.1.5 NAME 'shadowLastChange' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.1.1.1.6 NAME 'shadowMin' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.1.1.1.7 NAME 'shadowMax' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.1.1.1.8 NAME 'shadowWarning' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.1.1.1.9 NAME 'shadowInactive' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.1.1.1.10 NAME 'shadowExpire' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.1.1.1.11 NAME 'shadowFlag' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.1.1.1.12 NAME 'memberUid' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple' DESC 'Netgroup triple' SYNTAX 1.3.6.1.1.1.0.0 )
attributeTypes: ( 1.3.6.1.1.1.1.15 NAME 'ipServicePort' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.1.1.1.16 NAME 'ipServiceProtocol' SUP name )
attributeTypes: ( 1.3.6.1.1.1.1.17 NAME 'ipProtocolNumber' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.1.1.1.18 NAME 'oncRpcNumber' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.1.1.1.19 NAME 'ipHostNumber' DESC 'IP address' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
attributeTypes: ( 1.3.6.1.1.1.1.20 NAME 'ipNetworkNumber' DESC 'IP network' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber' DESC 'IP netmask' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.1.1.1.22 NAME 'macAddress' DESC 'MAC address' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
attributeTypes: ( 1.3.6.1.1.1.1.23 NAME 'bootParameter' DESC 'rpc.bootparamd parameter' SYNTAX 1.3.6.1.1.1.0.1 )
attributeTypes: ( 1.3.6.1.1.1.1.24 NAME 'bootFile' DESC 'Boot image name' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 1.3.6.1.1.1.1.26 NAME 'nisMapName' SUP name )
attributeTypes: ( 1.3.6.1.1.1.1.27 NAME 'nisMapEntry' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{1024} SINGLE-VALUE )
attributeTypes: ( 2.16.840.1.113730.3.1.1 NAME 'carLicense' DESC 'RFC2798: vehicle license or registration plate' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 2.16.840.1.113730.3.1.2 NAME 'departmentNumber' DESC 'RFC2798: identifies a department within an organization' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 2.16.840.1.113730.3.1.241 NAME 'displayName' DESC 'RFC2798: preferred name to be used when displaying entries' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 2.16.840.1.113730.3.1.3 NAME 'employeeNumber' DESC 'RFC2798: numerically identifies an employee within an organization' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 2.16.840.1.113730.3.1.4 NAME 'employeeType' DESC 'RFC2798: type of employment for a person' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 0.9.2342.19200300.100.1.60 NAME 'jpegPhoto' DESC 'RFC2798: a JPEG image' SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 )
attributeTypes: ( 2.16.840.1.113730.3.1.39 NAME 'preferredLanguage' DESC 'RFC2798: preferred written or spoken language for a person' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 2.16.840.1.113730.3.1.40 NAME 'userSMIMECertificate' DESC 'RFC2798: PKCS#7 SignedData used to support S/MIME' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )
attributeTypes: ( 2.16.840.1.113730.3.1.216 NAME 'userPKCS12' DESC 'RFC2798: personal identity information, a PKCS #12 PFX' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )
attributeTypes: ( 1.3.6.1.4.1.5923.1.2.1.2 NAME 'eduOrgHomePageURI' DESC 'eduOrg per Internet2 and EDUCAUSE' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.5923.1.2.1.3 NAME 'eduOrgIdentityAuthNPolicyURI' DESC 'eduOrg per Internet2 and EDUCAUSE' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.5923.1.2.1.4 NAME 'eduOrgLegalName' DESC 'eduOrg per Internet2 and EDUCAUSE' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.5923.1.2.1.5 NAME 'eduOrgSuperiorURI' DESC 'eduOrg per Internet2 and EDUCAUSE' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.5923.1.2.1.6 NAME 'eduOrgWhitePagesURI' DESC 'eduOrg per Internet2 and EDUCAUSE' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.5923.1.1.1.1 NAME 'eduPersonAffiliation' DESC 'eduPerson per Internet2 and EDUCAUSE' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.5923.1.1.1.2 NAME 'eduPersonNickname' DESC 'eduPerson per Internet2 and EDUCAUSE' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.5923.1.1.1.3 NAME 'eduPersonOrgDN' DESC 'eduPerson per Internet2 and EDUCAUSE' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.5923.1.1.1.4 NAME 'eduPersonOrgUnitDN' DESC 'eduPerson per Internet2 and EDUCAUSE' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
attributeTypes: ( 1.3.6.1.4.1.5923.1.1.1.5 NAME 'eduPersonPrimaryAffiliation' DESC 'eduPerson per Internet2 and EDUCAUSE' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.5923.1.1.1.6 NAME 'eduPersonPrincipalName' DESC 'eduPerson per Internet2 and EDUCAUSE' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.5923.1.1.1.7 NAME 'eduPersonEntitlement' DESC 'eduPerson per Internet2 and EDUCAUSE' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.5923.1.1.1.8 NAME 'eduPersonPrimaryOrgUnitDN' DESC 'eduPerson per Internet2 and EDUCAUSE' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.5923.1.1.1.9 NAME 'eduPersonScopedAffiliation' DESC 'eduPerson per Internet2 and EDUCAUSE' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.5923.1.1.1.10 NAME 'eduPersonTargetedID' DESC 'eduPerson per Internet2 and EDUCAUSE' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.5923.1.1.1.11 NAME 'eduPersonAssurance' DESC 'eduPerson per Internet2 and EDUCAUSE' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.5923.1.5.1.1 NAME 'isMemberOf' DESC 'identifiers for groups to which containing entity belongs' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.5923.1.5.1.2 NAME 'hasMember' DESC 'identifiers for entities that are members of the group' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.24 NAME 'sambaLMPassword' DESC 'LanManager Password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.25 NAME 'sambaNTPassword' DESC 'MD4 hash of the unicode password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.26 NAME 'sambaAcctFlags' DESC 'Account Flags' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{16} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.27 NAME 'sambaPwdLastSet' DESC 'Timestamp of the last password update' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.28 NAME 'sambaPwdCanChange' DESC 'Timestamp of when the user is allowed to update the password' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.29 NAME 'sambaPwdMustChange' DESC 'Timestamp of when the password will expire' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.30 NAME 'sambaLogonTime' DESC 'Timestamp of last logon' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.31 NAME 'sambaLogoffTime' DESC 'Timestamp of last logoff' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.32 NAME 'sambaKickoffTime' DESC 'Timestamp of when the user will be logged off automatically' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.48 NAME 'sambaBadPasswordCount' DESC 'Bad password attempt count' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.49 NAME 'sambaBadPasswordTime' DESC 'Time of the last bad password attempt' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.55 NAME 'sambaLogonHours' DESC 'Logon Hours' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{42} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.33 NAME 'sambaHomeDrive' DESC 'Driver letter of home directory mapping' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{4} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.34 NAME 'sambaLogonScript' DESC 'Logon script path' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.35 NAME 'sambaProfilePath' DESC 'Roaming profile path' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.36 NAME 'sambaUserWorkstations' DESC 'List of user workstations the user is allowed to logon to' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.37 NAME 'sambaHomePath' DESC 'Home directory UNC path' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.38 NAME 'sambaDomainName' DESC 'Windows NT domain to which the user belongs' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.47 NAME 'sambaMungedDial' DESC 'Base64 encoded user parameter string' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.54 NAME 'sambaPasswordHistory' DESC 'Concatenated MD5 hashes of the salted NT passwords used on this account' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.20 NAME 'sambaSID' DESC 'Security ID' EQUALITY caseIgnoreIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.23 NAME 'sambaPrimaryGroupSID' DESC 'Primary Group Security ID' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.51 NAME 'sambaSIDList' DESC 'Security ID List' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.19 NAME 'sambaGroupType' DESC 'NT Group Type' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.21 NAME 'sambaNextUserRid' DESC 'Next NT rid to give our for users' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.22 NAME 'sambaNextGroupRid' DESC 'Next NT rid to give out for groups' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.39 NAME 'sambaNextRid' DESC 'Next NT rid to give out for anything' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.40 NAME 'sambaAlgorithmicRidBase' DESC 'Base at which the samba RID generation algorithm should operate' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.41 NAME 'sambaShareName' DESC 'Share Name' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.42 NAME 'sambaOptionName' DESC 'Option Name' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.43 NAME 'sambaBoolOption' DESC 'A boolean option' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.44 NAME 'sambaIntegerOption' DESC 'An integer option' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.45 NAME 'sambaStringOption' DESC 'A string option' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.46 NAME 'sambaStringListOption' DESC 'A string list option' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.53 NAME 'sambaTrustFlags' DESC 'Trust Password Flags' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.58 NAME 'sambaMinPwdLength' DESC 'Minimal password length (default: 5)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.59 NAME 'sambaPwdHistoryLength' DESC 'Length of Password History Entries (default: 0 => off)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.60 NAME 'sambaLogonToChgPwd' DESC 'Force Users to logon for password change (default: 0 => off, 2 => on)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.61 NAME 'sambaMaxPwdAge' DESC 'Maximum password age, in seconds (default: -1 => never expire passwords)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.62 NAME 'sambaMinPwdAge' DESC 'Minimum password age, in seconds (default: 0 => allow immediate password change)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.63 NAME 'sambaLockoutDuration' DESC 'Lockout duration in minutes (default: 30, -1 => forever)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.64 NAME 'sambaLockoutObservationWindow' DESC 'Reset time after lockout in minutes (default: 30)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.65 NAME 'sambaLockoutThreshold' DESC 'Lockout users after bad logon attempts (default: 0 => off)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.66 NAME 'sambaForceLogoff' DESC 'Disconnect Users outside logon hours (default: -1 => off, 0 => on)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.67 NAME 'sambaRefuseMachinePwdChange' DESC 'Allow Machine Password changes (default: 0 => off)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.68 NAME 'sambaClearTextPassword' DESC 'Clear text password (used for trusted domain passwords)' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.69 NAME 'sambaPreviousClearTextPassword' DESC 'Previous clear text password (used for trusted domain passwords)' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
attributeTypes: ( 1.3.6.1.4.1.24552.500.1.1.1.13 NAME 'sshPublicKey' DESC 'MANDATORY: OpenSSH Public key' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.1 NAME 'attuhbcategorie' DESC 'categorie de personnel : doctorant,retraite,...' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.2 NAME 'attuhbcodecorps' DESC 'corps (IGE,Attache...)' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.3 NAME 'attuhbcorps' DESC 'corps (IGE,Attache...)' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.4 NAME 'attuhbcodetype' DESC 'type (enseignant, ATER, ...)' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.5 NAME 'attuhbtype' DESC 'type (enseignant, ATER, ...)' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.6 NAME 'attuhbcodecnu' DESC 'Code discipline' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.7 NAME 'attuhbcnu' DESC 'Code discipline' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.8 NAME 'attuhbetab' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.9 NAME 'attuhbcomp' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.10 NAME 'attuhbResponsabilite' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.11 NAME 'attuhbmanager' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.12 NAME 'attuhbalias' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.13 NAME 'attuhbdatenais' DESC 'indique la date de naissance de l"entree correspondante' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.14 NAME 'attuhbcodelr' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.15 NAME 'attuhbintranet' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.16 NAME 'attuhbextranet' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.17 NAME 'attuhbcampus' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.18 NAME 'attuhbaffectation' DESC 'Code Affectation' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.19 NAME 'attuhbdatefin' DESC 'indique la date de fin de validite de l"entree correspondante' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.20 NAME 'attuhbcodevalid' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.21 NAME 'attuhbhashid' DESC 'hash id' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.22 NAME 'attuhbdateouvcompte' DESC 'indique la date de creation de l"entree correspondante' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.23 NAME 'attuhbdatemaj' DESC 'indique la date de la derniere mise a jour de l"entree correspondante' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.24 NAME 'attuhbLastSetPasswordID' DESC 'Indique qui a mis a jour le mot de passe en dernier' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.25 NAME 'attuhbPays' DESC 'Nom du pays pour l"adresse' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.26 NAME 'attuhbetp' DESC 'Code etape DGRUS1' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.27 NAME 'attuhbins' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.28 NAME 'attuhbdroitacces' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.29 NAME 'attuhbWebmasterHome' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.30 NAME 'attuhbstatut' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.31 NAME 'attuhbregins' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.32 NAME 'attuhbprofil' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.33 NAME 'attuhbetaPmt' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.34 NAME 'attuhbelp' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.35 NAME 'attuhbcleactivation' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.36 NAME 'attuhblibade' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.1.37 NAME 'attuhbgfocod' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.3.2 NAME 'attuhbcompType' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.3.3 NAME 'attuhbcompRespEns' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.3.4 NAME 'attuhbcompRespTech' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.3.5 NAME 'attuhbcompRespAdm' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.3.6 NAME 'attuhbcompLibelleCourt' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.149.2.1.1.1.3.7 NAME 'attuhbcompLibelle' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.1 NAME 'supannListeRouge' DESC 'indique que l entree correspondante n est pas publique' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.2 NAME 'supannActivite' DESC 'activite ou metier de la personne' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.3 NAME 'supannOrganisme' DESC 'code organisme d appartenance' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.4 NAME 'supannCivilite' DESC 'civilite : M., Mme, Mlle' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{32} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.5 NAME 'supannAffectation' DESC 'affectation' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.6 NAME 'supannCodeEntite' DESC 'identifiant d entite' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.7 NAME 'supannCodeEntiteParent' DESC 'identifiant d entite parente' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.8 NAME 'supannEntiteAffectation' DESC 'identifiant d entite d affectation' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.9 NAME 'supannCodeINE' DESC 'code INE' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.10 NAME 'supannEtuId' DESC 'identifiant scolarite' EQUALITY caseExactMatch SUBSTR caseExactSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.11 NAME 'supannEmpId' DESC 'identifiant personnel' EQUALITY caseExactMatch SUBSTR caseExactSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.12 NAME 'supannAutreTelephone' DESC 'numeros de telephone secondaires' SUP telephoneNumber )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.13 NAME 'supannEntiteAffectationPrincipale' DESC 'identifiant d entite principale d affectation' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.14 NAME 'supannEtablissement' DESC 'code d etablissement' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.15 NAME 'supannMailPerso' DESC 'Mailbox RFC822 privee' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.16 NAME 'supannTypeEntite' DESC 'type de structure ou entite' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.17 NAME 'supannParrainDN' DESC 'dn du responsable de cette entree' SUP distinguishedName )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.18 NAME 'supannGroupeDateFin' DESC 'indique la date de fin de validite de l entree correspondante' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.19 NAME 'supannGroupeAdminDN' DESC 'dn des administrateurs du groupe concerne' SUP distinguishedName )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.20 NAME 'supannAliasLogin' DESC 'login personalise' EQUALITY caseExactMatch SUBSTR caseExactSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.21 NAME 'supannRole' DESC 'role' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.22 NAME 'supannGroupeLecteurDN' DESC 'dn des entites habilite a lire le contenu d un groupe' SUP distinguishedName )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.23 NAME 'supannRoleGenerique' DESC 'role generique d une personne' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.24 NAME 'supannRoleEntite' DESC 'role contextuel' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{512} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.25 NAME 'supannEtuAnneeInscription' DESC 'annee inscription' EQUALITY numericStringMatch ORDERING numericStringOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{4} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.26 NAME 'supannEtuCursusAnnee' DESC 'cursus et annee dans le diplome' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.27 NAME 'supannEtuDiplome' DESC 'diplome' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.28 NAME 'supannEtuElementPedagogique' DESC 'element pedagogique' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.29 NAME 'supannEtuEtape' DESC 'etape' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.30 NAME 'supannEtuInscription' DESC 'description d inscriptions' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{4096} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.31 NAME 'supannEtuRegimeInscription' DESC 'regime d inscription' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.32 NAME 'supannEtuSecteurDisciplinaire' DESC 'secteur disciplinaire' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.33 NAME 'supannEtuTypeDiplome' DESC 'type de diplome' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.34 NAME 'supannAutreMail' DESC 'adresses mail non institutionnelles' SUP mail )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.35 NAME 'supannEmpCorps' DESC 'corps d appartenance d un agent' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.36 NAME 'supannTypeEntiteAffectation' DESC 'type de structure ou entite d affectation' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.2.1.37 NAME 'supannRefId' DESC 'identifiant partage avec autre brique du SI' EQUALITY caseExactMatch SUBSTR caseExactSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
attributeTypes: ( 2.16.840.1.113730.3.1.17 NAME 'mailForwardingAddress' DESC 'Netscape Messaging Server 4.x defined attribute' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Messaging Server 4.x' )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.1.1.1 NAME 'runUnivMemberURL' DESC 'URL associated with each member of an auto group' SUP labeledURI )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.1.1.2 NAME 'runUnivPassword' DESC 'Mot de passe RFC2256/2307 d"un utilisateur, pour besoins speciaux' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.1.1.4 NAME 'runUnivToipInternal' DESC 'Numero TOIP interne' EQUALITY numericStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.1.1.5 NAME 'runUnivToipExternal' DESC 'Numero TOIP externe (SDA)' EQUALITY numericStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.1.1.6 NAME 'runUnivToipEnabled' DESC 'L"acces a la TOIP est-il actif?' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.1.1.7 NAME 'runUnivToipAffectation' DESC 'Chemin de l"affectation a une structure' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.1.1.8 NAME 'runUnivJpegPhotoDate' DESC 'Date de reference' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.1.1.9 NAME 'runUnivSihamId' DESC 'Identifiant SIHAM' EQUALITY caseExactMatch SUBSTR caseExactSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.10.1 NAME 'runUnivLastModified' DESC 'Date de derniere modification' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.10.2 NAME 'runUnivAuthorization' DESC 'Autorisations pour un service' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.10.3 NAME 'runUnivNoInsee' DESC 'Numero de securite sociale et cle' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{15} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.10.4 NAME 'runUnivDateFin' DESC 'Date de fin de validite de cet objet' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.10.5 NAME 'runUnivAttribute' DESC 'Attributs d"un objet' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.10.6 NAME 'runUnivIndAffectation' DESC 'Informations sur l"affectation d"un individu a une structure' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.10.7 NAME 'runUnivPersInfos' DESC 'Informations sur un personnel' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.10.8 NAME 'runUnivDateNaissance' DESC 'Date de naissance d"un individu' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.70.5 NAME 'runUnivMailAlias' DESC 'Alias mail locaux' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.70.6 NAME 'runUnivMailGroup' DESC 'Groupe dont le mail de l"objet fait partie' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.70.7 NAME 'runUnivMailRoute' DESC 'Adresse de routage' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.70.8 NAME 'runUnivMailHost' DESC 'Serveur SMTP / MTA à qui router le mail' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.70.9 NAME 'runUnivMailMember' DESC 'Mail faisant partie du groupe de l"objet' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.70.12 NAME 'runUnivTelephonePerso' DESC 'Numero de telephone personnel' SUP telephoneNumber )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.70.13 NAME 'runUnivStrInfos' DESC 'Informations sur la structure' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.70.14 NAME 'runUnivStrResp' DESC 'Responsables de la structure' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.70.16 NAME 'runUnivLocalisation' DESC 'Localisation d"un individu ou d"une structure' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.70.17 NAME 'runUnivIndInfos' DESC 'Informations sur l"individu' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.70.18 NAME 'runUnivNom' DESC 'Nom sans les accents' SUP name )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.70.19 NAME 'runUnivPrenom' DESC 'Prenom sans les accents' SUP name )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.70.20 NAME 'runUnivDiplome' DESC 'Diplomes d"un individu' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.70.21 NAME 'runUnivAdressePerso' DESC 'Adresse personnelle d"un individu' SUP postalAddress )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.1.3.1 NAME 'runUnivWgClient' DESC 'Informations client WireGuard' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.70.4 NAME 'runUnivSshPublicKey' DESC 'Cle publique pour un acces par ssh' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.70.10 NAME 'runUnivLsc' DESC 'Mot de passe crypté pour lsc' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.70.11 NAME 'runUnivCasAccepted' DESC 'Contrats acceptés par un utilisateur' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.30.1 NAME 'runUnivCategorie' DESC 'Categories et services autorises' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.50.1 NAME 'runUnivAccountUid' DESC 'uid d"un compte' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.70.1 NAME 'runUnivScheduledOperation' DESC 'Operations devant etre replanifiees' EQUALITY caseExactMatch SUBSTR caseExactSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.70.2 NAME 'runUnivAccessDenied' DESC 'L"acces au service est-il interdit?' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.70.3 NAME 'runUnivAccessAllowed' DESC 'L"acces au service est-il autorise?' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.110.2 NAME 'runUnivHeliosAccountUid' DESC 'uid d"un compte sur helios.univ-reunion.fr' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.110.3 NAME 'runUnivGaiaAccountUid' DESC 'uid d"un compte sur gaia.univ-reunion.fr' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.110.4 NAME 'runUnivExtAccountUid' DESC 'uid d"un compte sur sirius.univ-reunion.fr' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.120.1 NAME 'runUnivHarpTypePopulation' DESC 'Type de population dans HARPEGE' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{43} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.120.2 NAME 'runUnivHarpStructure' DESC 'Structure d"affectation' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{66} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.120.3 NAME 'harpegeStructureCode' DESC 'Code structure dans HARPEGE' EQUALITY caseExactMatch SUBSTR caseExactSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{5} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.120.4 NAME 'harpegeStructureCodePere' DESC 'Code structure pere dans HARPEGE' EQUALITY caseExactMatch SUBSTR caseExactSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{5} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.120.5 NAME 'harpegeStructureLibelleCourt' DESC 'Libelle court de la structure' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{20} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.120.6 NAME 'harpegeStructureLibelle' DESC 'Libelle long de la structure' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{60} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.120.7 NAME 'harpegeStructureType' DESC 'Type de structure parmi E, C, A' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{2} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.120.8 NAME 'harpegeStructureCodeRNE' DESC 'Code RNE pour la structure' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{8} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.130.1 NAME 'runUnivApoComposante' DESC 'Composante d"inscription' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{44} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.130.2 NAME 'runUnivApoEtape' DESC 'Etape d"inscription' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{67} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.205.1 NAME 'runUnivBvProfil' DESC 'Profil dans le BV (XL, M, ...)' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.205.2 NAME 'runUnivBvMailExterne' DESC 'Mail externe pour le BV' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.207.1 NAME 'runUnivGoogleGroupOwner' DESC 'Propriétaire du groupe' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.100.3 NAME 'urHeliosAccount' DESC 'un compte sur helios.univ-reunion.fr' SUP distinguishedName )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.100.4 NAME 'urGaiaAccount' DESC 'un compte sur gaia.univ-reunion.fr' SUP distinguishedName )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.110.1 NAME 'runUnivLegacyWebProhibited' DESC 'autorisation d"aller sur le web' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.200.2 NAME 'urAccessAllowed' DESC 'L"acces au service est-il autorise?' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.204.1 NAME 'urBvProfil' DESC 'Profil dans le BV (XL, M, ...)' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.204.2 NAME 'urMail' DESC 'Mail universite' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7135.1.3.164.204.3 NAME 'urBvMailExterne' DESC 'Mail externe pour le BV' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} SINGLE-VALUE )
attributeTypes: ( 2.16.840.1.113730.3.1.198 NAME 'memberURL' DESC 'Identifies an URL associated with each member of a group. Any type of labeled URL can be used.' SUP labeledURI )
attributeTypes: ( 1.3.6.1.4.1.4203.666.11.8.1.1 NAME 'dgIdentity' DESC 'Identity to use when processing the memberURL' SUP distinguishedName SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.4203.666.11.8.1.2 NAME 'dgAuthz' DESC 'Optional authorization rules that determine who is allowed to assume the dgIdentity' EQUALITY authzMatch SYNTAX 1.3.6.1.4.1.4203.666.2.7 X-ORDERED 'VALUES' )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.1 NAME 'radiusArapFeatures' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.2 NAME 'radiusArapSecurity' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.3 NAME 'radiusArapZoneAccess' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.44 NAME 'radiusAuthType' DESC 'checkItem: Auth-Type' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.4 NAME 'radiusCallbackId' DESC 'replyItem: Callback-Id' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.5 NAME 'radiusCallbackNumber' DESC 'replyItem: Callback-Number' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.6 NAME 'radiusCalledStationId' DESC 'checkItem: Called-Station-Id' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.7 NAME 'radiusCallingStationId' DESC 'checkItem: Calling-Station-Id' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.8 NAME 'radiusClass' DESC 'replyItem: Class' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.45 NAME 'radiusClientIPAddress' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.9 NAME 'radiusFilterId' DESC 'replyItem: Filter-Id' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.10 NAME 'radiusFramedAppleTalkLink' DESC 'replyItem: Framed-AppleTalk-Link' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.11 NAME 'radiusFramedAppleTalkNetwork' DESC 'replyItem: Framed-AppleTalk-Network' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.12 NAME 'radiusFramedAppleTalkZone' DESC 'replyItem: Framed-AppleTalk-Zone' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.13 NAME 'radiusFramedCompression' DESC 'replyItem: Framed-Compression' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.14 NAME 'radiusFramedIPAddress' DESC 'replyItem: Framed-IP-Address' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.15 NAME 'radiusFramedIPNetmask' DESC 'replyItem: Framed-IP-Netmask' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.16 NAME 'radiusFramedIPXNetwork' DESC 'replyItem: Framed-IPX-Network' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.17 NAME 'radiusFramedMTU' DESC 'replyItem: Framed-MTU' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.18 NAME 'radiusFramedProtocol' DESC 'replyItem: Framed-Protocol' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.19 NAME 'radiusFramedRoute' DESC 'replyItem: Framed-Route' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.20 NAME 'radiusFramedRouting' DESC 'replyItem: Framed-Routing' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.46 NAME 'radiusGroupName' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.47 NAME 'radiusHint' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.48 NAME 'radiusHuntgroupName' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.21 NAME 'radiusIdleTimeout' DESC 'replyItem: Idle-Timeout' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.22 NAME 'radiusLoginIPHost' DESC 'replyItem: Login-IP-Host' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.23 NAME 'radiusLoginLATGroup' DESC 'replyItem: Login-LAT-Group' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.24 NAME 'radiusLoginLATNode' DESC 'replyItem: Login-LAT-Node' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.25 NAME 'radiusLoginLATPort' DESC 'replyItem: Login-LAT-Port' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.26 NAME 'radiusLoginLATService' DESC 'replyItem: Login-LAT-Service' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.27 NAME 'radiusLoginService' DESC 'replyItem: Login-Service' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.28 NAME 'radiusLoginTCPPort' DESC 'replyItem: Login-TCP-Port' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.29 NAME 'radiusPasswordRetry' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.30 NAME 'radiusPortLimit' DESC 'replyItem: Port-Limit' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.49 NAME 'radiusProfileDn' DESC '' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.31 NAME 'radiusPrompt' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.50 NAME 'radiusProxyToRealm' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.51 NAME 'radiusReplicateToRealm' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.52 NAME 'radiusRealm' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.32 NAME 'radiusServiceType' DESC 'replyItem: Service-Type' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.33 NAME 'radiusSessionTimeout' DESC 'replyItem: Session-Timeout' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.34 NAME 'radiusTerminationAction' DESC 'replyItem: Termination-Action' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.35 NAME 'radiusTunnelAssignmentId' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.36 NAME 'radiusTunnelMediumType' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.37 NAME 'radiusTunnelPassword' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.38 NAME 'radiusTunnelPreference' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.39 NAME 'radiusTunnelPrivateGroupId' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.40 NAME 'radiusTunnelServerEndpoint' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.41 NAME 'radiusTunnelType' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.42 NAME 'radiusVSA' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.43 NAME 'radiusTunnelClientEndpoint' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.53 NAME 'radiusSimultaneousUse' DESC 'checkItem: Simultaneous-Use' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.54 NAME 'radiusLoginTime' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.55 NAME 'radiusUserCategory' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.56 NAME 'radiusStripUserName' DESC '' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.57 NAME 'dialupAccess' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.58 NAME 'radiusExpiration' DESC 'checkItem: Expiration' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.59 NAME 'radiusCheckItem' DESC 'checkItem: $GENERIC$' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.60 NAME 'radiusReplyItem' DESC 'replyItem: $GENERIC$' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.61 NAME 'radiusNASIpAddress' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.3317.4.3.1.62 NAME 'radiusReplyMessage' DESC 'replyItem: Reply-Message' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
objectClasses: ( 2.5.6.0 NAME 'top' DESC 'top of the superclass chain' ABSTRACT MUST objectClass )
objectClasses: ( 1.3.6.1.4.1.1466.101.120.111 NAME 'extensibleObject' DESC 'RFC4512: extensible object' SUP top AUXILIARY )
objectClasses: ( 2.5.6.1 NAME 'alias' DESC 'RFC4512: an alias' SUP top STRUCTURAL MUST aliasedObjectName )
objectClasses: ( 2.16.840.1.113730.3.2.6 NAME 'referral' DESC 'namedref: named subordinate referral' SUP top STRUCTURAL MUST ref )
objectClasses: ( 1.3.6.1.4.1.4203.1.4.1 NAME ( 'OpenLDAProotDSE' 'LDAProotDSE' ) DESC 'OpenLDAP Root DSE object' SUP top STRUCTURAL MAY cn )
objectClasses: ( 2.5.17.0 NAME 'subentry' DESC 'RFC3672: subentry' SUP top STRUCTURAL MUST ( cn $ subtreeSpecification ) )
objectClasses: ( 2.5.20.1 NAME 'subschema' DESC 'RFC4512: controlling subschema (sub)entry' AUXILIARY MAY ( dITStructureRules $ nameForms $ dITContentRules $ objectClasses $ attributeTypes $ matchingRules $ matchingRuleUse ) )
objectClasses: ( 1.3.6.1.4.1.1466.101.119.2 NAME 'dynamicObject' DESC 'RFC2589: Dynamic Object' SUP top AUXILIARY )
objectClasses: ( 1.3.6.1.4.1.4203.1.12.2.4.0.0 NAME 'olcConfig' DESC 'OpenLDAP configuration object' SUP top ABSTRACT )
objectClasses: ( 1.3.6.1.4.1.4203.1.12.2.4.0.1 NAME 'olcGlobal' DESC 'OpenLDAP Global configuration options' SUP olcConfig STRUCTURAL MAY ( cn $ olcConfigFile $ olcConfigDir $ olcAllows $ olcArgsFile $ olcAttributeOptions $ olcAuthIDRewrite $ olcAuthzPolicy $ olcAuthzRegexp $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcDisallows $ olcGentleHUP $ olcIdleTimeout $ olcIndexSubstrIfMaxLen $ olcIndexSubstrIfMinLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcIndexIntLen $ olcListenerThreads $ olcLocalSSF $ olcLogFile $ olcLogLevel $ olcPasswordCryptSaltFormat $ olcPasswordHash $ olcPidFile $ olcPluginLogFile $ olcReadOnly $ olcReferral $ olcReplogFile $ olcRequires $ olcRestrict $ olcReverseLookup $ olcRootDSE $ olcSaslAuxprops $ olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ olcSecurity $ olcServerID $ olcSizeLimit $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcTCPBuffer $ olcThreads $ olcTimeLimit $ olcTLSCACertificateFile $ olcTLSCACertificatePath $ olcTLSCertificateFile $ olcTLSCertificateKeyFile $ olcTLSCipherSuite $ olcTLSCRLCheck $ olcTLSRandFile $ olcTLSVerifyClient $ olcTLSDHParamFile $ olcTLSECName $ olcTLSCRLFile $ olcTLSProtocolMin $ olcToolThreads $ olcWriteTimeout $ olcObjectIdentifier $ olcAttributeTypes $ olcObjectClasses $ olcDitContentRules $ olcLdapSyntaxes ) )
objectClasses: ( 1.3.6.1.4.1.4203.1.12.2.4.0.2 NAME 'olcSchemaConfig' DESC 'OpenLDAP schema object' SUP olcConfig STRUCTURAL MAY ( cn $ olcObjectIdentifier $ olcLdapSyntaxes $ olcAttributeTypes $ olcObjectClasses $ olcDitContentRules ) )
objectClasses: ( 1.3.6.1.4.1.4203.1.12.2.4.0.3 NAME 'olcBackendConfig' DESC 'OpenLDAP Backend-specific options' SUP olcConfig STRUCTURAL MUST olcBackend )
objectClasses: ( 1.3.6.1.4.1.4203.1.12.2.4.0.4 NAME 'olcDatabaseConfig' DESC 'OpenLDAP Database-specific options' SUP olcConfig STRUCTURAL MUST olcDatabase MAY ( olcHidden $ olcSuffix $ olcSubordinate $ olcAccess $ olcAddContentAcl $ olcLastMod $ olcLimits $ olcMaxDerefDepth $ olcPlugin $ olcReadOnly $ olcReplica $ olcReplicaArgsFile $ olcReplicaPidFile $ olcReplicationInterval $ olcReplogFile $ olcRequires $ olcRestrict $ olcRootDN $ olcRootPW $ olcSchemaDN $ olcSecurity $ olcSizeLimit $ olcSyncUseSubentry $ olcSyncrepl $ olcTimeLimit $ olcUpdateDN $ olcUpdateRef $ olcMirrorMode $ olcMonitoring $ olcExtraAttrs ) )
objectClasses: ( 1.3.6.1.4.1.4203.1.12.2.4.0.5 NAME 'olcOverlayConfig' DESC 'OpenLDAP Overlay-specific options' SUP olcConfig STRUCTURAL MUST olcOverlay )
objectClasses: ( 1.3.6.1.4.1.4203.1.12.2.4.0.6 NAME 'olcIncludeFile' DESC 'OpenLDAP configuration include file' SUP olcConfig STRUCTURAL MUST olcInclude MAY ( cn $ olcRootDSE ) )
objectClasses: ( 1.3.6.1.4.1.4203.1.12.2.4.0.7 NAME 'olcFrontendConfig' DESC 'OpenLDAP frontend configuration' AUXILIARY MAY ( olcDefaultSearchBase $ olcPasswordHash $ olcSortVals ) )
objectClasses: ( 1.3.6.1.4.1.4203.1.12.2.4.0.8 NAME 'olcModuleList' DESC 'OpenLDAP dynamic module info' SUP olcConfig STRUCTURAL MAY ( cn $ olcModulePath $ olcModuleLoad ) )
objectClasses: ( 1.3.6.1.4.1.4203.1.12.2.4.2.2.1 NAME 'olcLdifConfig' DESC 'LDIF backend configuration' SUP olcDatabaseConfig STRUCTURAL MUST olcDbDirectory )
objectClasses: ( 1.3.6.1.4.1.4203.1.12.2.4.2.12.1 NAME 'olcMdbConfig' DESC 'MDB backend configuration' SUP olcDatabaseConfig STRUCTURAL MUST olcDbDirectory MAY ( olcDbCheckpoint $ olcDbEnvFlags $ olcDbNoSync $ olcDbIndex $ olcDbMaxReaders $ olcDbMaxSize $ olcDbMode $ olcDbSearchStack $ olcDbRtxnSize ) )
objectClasses: ( 1.3.6.1.4.1.4203.1.12.2.4.2.4.1 NAME 'olcMonitorConfig' DESC 'Monitor backend configuration' SUP olcDatabaseConfig STRUCTURAL )
objectClasses: ( 1.3.6.1.4.1.4203.1.12.2.4.3.1.1 NAME 'olcSyncProvConfig' DESC 'SyncRepl Provider configuration' SUP olcOverlayConfig STRUCTURAL MAY ( olcSpCheckpoint $ olcSpSessionlog $ olcSpNoPresent $ olcSpReloadHint ) )
objectClasses: ( 1.3.6.1.4.1.4203.1.12.2.4.3.4.1 NAME 'olcAccessLogConfig' DESC 'Access log configuration' SUP olcOverlayConfig STRUCTURAL MUST olcAccessLogDB MAY ( olcAccessLogOps $ olcAccessLogPurge $ olcAccessLogSuccess $ olcAccessLogOld $ olcAccessLogOldAttr $ olcAccessLogBase ) )
objectClasses: ( 1.3.6.1.4.1.4203.1.12.2.4.3.8.1 NAME 'olcDynamicList' DESC 'Dynamic list configuration' SUP olcOverlayConfig STRUCTURAL MAY olcDLattrSet )
objectClasses: ( 2.5.6.2 NAME 'country' DESC 'RFC2256: a country' SUP top STRUCTURAL MUST c MAY ( searchGuide $ description ) )
objectClasses: ( 2.5.6.3 NAME 'locality' DESC 'RFC2256: a locality' SUP top STRUCTURAL MAY ( street $ seeAlso $ searchGuide $ st $ l $ description ) )
objectClasses: ( 2.5.6.4 NAME 'organization' DESC 'RFC2256: an organization' SUP top STRUCTURAL MUST o MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ x121Address $ registeredAddress $ destinationIndicator $ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) )
objectClasses: ( 2.5.6.5 NAME 'organizationalUnit' DESC 'RFC2256: an organizational unit' SUP top STRUCTURAL MUST ou MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ x121Address $ registeredAddress $ destinationIndicator $ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) )
objectClasses: ( 2.5.6.6 NAME 'person' DESC 'RFC2256: a person' SUP top STRUCTURAL MUST ( sn $ cn ) MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) )
objectClasses: ( 2.5.6.7 NAME 'organizationalPerson' DESC 'RFC2256: an organizational person' SUP person STRUCTURAL MAY ( title $ x121Address $ registeredAddress $ destinationIndicator $ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l ) )
objectClasses: ( 2.5.6.8 NAME 'organizationalRole' DESC 'RFC2256: an organizational role' SUP top STRUCTURAL MUST cn MAY ( x121Address $ registeredAddress $ destinationIndicator $ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ seeAlso $ roleOccupant $ preferredDeliveryMethod $ street $ postOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l $ description ) )
objectClasses: ( 2.5.6.9 NAME 'groupOfNames' DESC 'RFC2256: a group of names (DNs)' SUP top STRUCTURAL MUST ( member $ cn ) MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) )
objectClasses: ( 2.5.6.10 NAME 'residentialPerson' DESC 'RFC2256: an residential person' SUP person STRUCTURAL MUST l MAY ( businessCategory $ x121Address $ registeredAddress $ destinationIndicator $ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ preferredDeliveryMethod $ street $ postOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName $ st $ l ) )
objectClasses: ( 2.5.6.11 NAME 'applicationProcess' DESC 'RFC2256: an application process' SUP top STRUCTURAL MUST cn MAY ( seeAlso $ ou $ l $ description ) )
objectClasses: ( 2.5.6.12 NAME 'applicationEntity' DESC 'RFC2256: an application entity' SUP top STRUCTURAL MUST ( presentationAddress $ cn ) MAY ( supportedApplicationContext $ seeAlso $ ou $ o $ l $ description ) )
objectClasses: ( 2.5.6.13 NAME 'dSA' DESC 'RFC2256: a directory system agent (a server)' SUP applicationEntity STRUCTURAL MAY knowledgeInformation )
objectClasses: ( 2.5.6.14 NAME 'device' DESC 'RFC2256: a device' SUP top STRUCTURAL MUST cn MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l $ description ) )
objectClasses: ( 2.5.6.15 NAME 'strongAuthenticationUser' DESC 'RFC2256: a strong authentication user' SUP top AUXILIARY MUST userCertificate )
objectClasses: ( 2.5.6.16 NAME 'certificationAuthority' DESC 'RFC2256: a certificate authority' SUP top AUXILIARY MUST ( authorityRevocationList $ certificateRevocationList $ cACertificate ) MAY crossCertificatePair )
objectClasses: ( 2.5.6.17 NAME 'groupOfUniqueNames' DESC 'RFC2256: a group of unique names (DN and Unique Identifier)' SUP top STRUCTURAL MUST ( uniqueMember $ cn ) MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) )
objectClasses: ( 2.5.6.18 NAME 'userSecurityInformation' DESC 'RFC2256: a user security information' SUP top AUXILIARY MAY supportedAlgorithms )
objectClasses: ( 2.5.6.16.2 NAME 'certificationAuthority-V2' SUP certificationAuthority AUXILIARY MAY deltaRevocationList )
objectClasses: ( 2.5.6.19 NAME 'cRLDistributionPoint' SUP top STRUCTURAL MUST cn MAY ( certificateRevocationList $ authorityRevocationList $ deltaRevocationList ) )
objectClasses: ( 2.5.6.20 NAME 'dmd' SUP top STRUCTURAL MUST dmdName MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ x121Address $ registeredAddress $ destinationIndicator $ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) )
objectClasses: ( 2.5.6.21 NAME 'pkiUser' DESC 'RFC2587: a PKI user' SUP top AUXILIARY MAY userCertificate )
objectClasses: ( 2.5.6.22 NAME 'pkiCA' DESC 'RFC2587: PKI certificate authority' SUP top AUXILIARY MAY ( authorityRevocationList $ certificateRevocationList $ cACertificate $ crossCertificatePair ) )
objectClasses: ( 2.5.6.23 NAME 'deltaCRL' DESC 'RFC2587: PKI user' SUP top AUXILIARY MAY deltaRevocationList )
objectClasses: ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject' DESC 'RFC2079: object that contains the URI attribute type' SUP top AUXILIARY MAY labeledURI )
objectClasses: ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject' DESC 'RFC1274: simple security object' SUP top AUXILIARY MUST userPassword )
objectClasses: ( 1.3.6.1.4.1.1466.344 NAME 'dcObject' DESC 'RFC2247: domain component object' SUP top AUXILIARY MUST dc )
objectClasses: ( 1.3.6.1.1.3.1 NAME 'uidObject' DESC 'RFC2377: uid object' SUP top AUXILIARY MUST uid )
objectClasses: ( 0.9.2342.19200300.100.4.4 NAME ( 'pilotPerson' 'newPilotPerson' ) SUP person STRUCTURAL MAY ( userid $ textEncodedORAddress $ rfc822Mailbox $ favouriteDrink $ roomNumber $ userClass $ homeTelephoneNumber $ homePostalAddress $ secretary $ personalTitle $ preferredDeliveryMethod $ businessCategory $ janetMailbox $ otherMailbox $ mobileTelephoneNumber $ pagerTelephoneNumber $ organizationalStatus $ mailPreferenceOption $ personalSignature ) )
objectClasses: ( 0.9.2342.19200300.100.4.5 NAME 'account' SUP top STRUCTURAL MUST userid MAY ( description $ seeAlso $ localityName $ organizationName $ organizationalUnitName $ host ) )
objectClasses: ( 0.9.2342.19200300.100.4.6 NAME 'document' SUP top STRUCTURAL MUST documentIdentifier MAY ( commonName $ description $ seeAlso $ localityName $ organizationName $ organizationalUnitName $ documentTitle $ documentVersion $ documentAuthor $ documentLocation $ documentPublisher ) )
objectClasses: ( 0.9.2342.19200300.100.4.7 NAME 'room' SUP top STRUCTURAL MUST commonName MAY ( roomNumber $ description $ seeAlso $ telephoneNumber ) )
objectClasses: ( 0.9.2342.19200300.100.4.9 NAME 'documentSeries' SUP top STRUCTURAL MUST commonName MAY ( description $ seeAlso $ telephonenumber $ localityName $ organizationName $ organizationalUnitName ) )
objectClasses: ( 0.9.2342.19200300.100.4.13 NAME 'domain' SUP top STRUCTURAL MUST domainComponent MAY ( associatedName $ organizationName $ description $ businessCategory $ seeAlso $ searchGuide $ userPassword $ localityName $ stateOrProvinceName $ streetAddress $ physicalDeliveryOfficeName $ postalAddress $ postalCode $ postOfficeBox $ streetAddress $ facsimileTelephoneNumber $ internationalISDNNumber $ telephoneNumber $ teletexTerminalIdentifier $ telexNumber $ preferredDeliveryMethod $ destinationIndicator $ registeredAddress $ x121Address ) )
objectClasses: ( 0.9.2342.19200300.100.4.14 NAME 'RFC822localPart' SUP domain STRUCTURAL MAY ( commonName $ surname $ description $ seeAlso $ telephoneNumber $ physicalDeliveryOfficeName $ postalAddress $ postalCode $ postOfficeBox $ streetAddress $ facsimileTelephoneNumber $ internationalISDNNumber $ telephoneNumber $ teletexTerminalIdentifier $ telexNumber $ preferredDeliveryMethod $ destinationIndicator $ registeredAddress $ x121Address ) )
objectClasses: ( 0.9.2342.19200300.100.4.15 NAME 'dNSDomain' SUP domain STRUCTURAL MAY ( ARecord $ MDRecord $ MXRecord $ NSRecord $ SOARecord $ CNAMERecord ) )
objectClasses: ( 0.9.2342.19200300.100.4.17 NAME 'domainRelatedObject' DESC 'RFC1274: an object related to an domain' SUP top AUXILIARY MUST associatedDomain )
objectClasses: ( 0.9.2342.19200300.100.4.18 NAME 'friendlyCountry' SUP country STRUCTURAL MUST friendlyCountryName )
objectClasses: ( 0.9.2342.19200300.100.4.20 NAME 'pilotOrganization' SUP ( organization $ organizationalUnit ) STRUCTURAL MAY buildingName )
objectClasses: ( 0.9.2342.19200300.100.4.21 NAME 'pilotDSA' SUP dsa STRUCTURAL MAY dSAQuality )
objectClasses: ( 0.9.2342.19200300.100.4.22 NAME 'qualityLabelledData' SUP top AUXILIARY MUST dsaQuality MAY ( subtreeMinimumQuality $ subtreeMaximumQuality ) )
objectClasses: ( 1.3.6.1.1.1.2.0 NAME 'posixAccount' DESC 'Abstraction of an account with POSIX attributes' SUP top AUXILIARY MUST ( cn $ uid $ uidNumber $ gidNumber $ homeDirectory ) MAY ( userPassword $ loginShell $ gecos $ description ) )
objectClasses: ( 1.3.6.1.1.1.2.1 NAME 'shadowAccount' DESC 'Additional attributes for shadow passwords' SUP top AUXILIARY MUST uid MAY ( userPassword $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ description ) )
objectClasses: ( 1.3.6.1.1.1.2.2 NAME 'posixGroup' DESC 'Abstraction of a group of accounts' SUP top STRUCTURAL MUST ( cn $ gidNumber ) MAY ( userPassword $ memberUid $ description ) )
objectClasses: ( 1.3.6.1.1.1.2.3 NAME 'ipService' DESC 'Abstraction an Internet Protocol service' SUP top STRUCTURAL MUST ( cn $ ipServicePort $ ipServiceProtocol ) MAY description )
objectClasses: ( 1.3.6.1.1.1.2.4 NAME 'ipProtocol' DESC 'Abstraction of an IP protocol' SUP top STRUCTURAL MUST ( cn $ ipProtocolNumber $ description ) MAY description )
objectClasses: ( 1.3.6.1.1.1.2.5 NAME 'oncRpc' DESC 'Abstraction of an ONC/RPC binding' SUP top STRUCTURAL MUST ( cn $ oncRpcNumber $ description ) MAY description )
objectClasses: ( 1.3.6.1.1.1.2.6 NAME 'ipHost' DESC 'Abstraction of a host, an IP device' SUP top AUXILIARY MUST ( cn $ ipHostNumber ) MAY ( l $ description $ manager ) )
objectClasses: ( 1.3.6.1.1.1.2.7 NAME 'ipNetwork' DESC 'Abstraction of an IP network' SUP top STRUCTURAL MUST ( cn $ ipNetworkNumber ) MAY ( ipNetmaskNumber $ l $ description $ manager ) )
objectClasses: ( 1.3.6.1.1.1.2.8 NAME 'nisNetgroup' DESC 'Abstraction of a netgroup' SUP top STRUCTURAL MUST cn MAY ( nisNetgroupTriple $ memberNisNetgroup $ description ) )
objectClasses: ( 1.3.6.1.1.1.2.9 NAME 'nisMap' DESC 'A generic abstraction of a NIS map' SUP top STRUCTURAL MUST nisMapName MAY description )
objectClasses: ( 1.3.6.1.1.1.2.10 NAME 'nisObject' DESC 'An entry in a NIS map' SUP top STRUCTURAL MUST ( cn $ nisMapEntry $ nisMapName ) MAY description )
objectClasses: ( 1.3.6.1.1.1.2.11 NAME 'ieee802Device' DESC 'A device with a MAC address' SUP top AUXILIARY MAY macAddress )
objectClasses: ( 1.3.6.1.1.1.2.12 NAME 'bootableDevice' DESC 'A device with boot parameters' SUP top AUXILIARY MAY ( bootFile $ bootParameter ) )
objectClasses: ( 2.16.840.1.113730.3.2.2 NAME 'inetOrgPerson' DESC 'RFC2798: Internet Organizational Person' SUP organizationalPerson STRUCTURAL MAY ( audio $ businessCategory $ carLicense $ departmentNumber $ displayName $ employeeNumber $ employeeType $ givenName $ homePhone $ homePostalAddress $ initials $ jpegPhoto $ labeledURI $ mail $ manager $ mobile $ o $ pager $ photo $ roomNumber $ secretary $ uid $ userCertificate $ x500uniqueIdentifier $ preferredLanguage $ userSMIMECertificate $ userPKCS12 ) )
objectClasses: ( 1.3.6.1.4.1.5923.1.2.2 NAME 'eduOrg' AUXILIARY MAY ( cn $ eduOrgHomePageURI $ eduOrgIdentityAuthNPolicyURI $ eduOrgLegalName $ eduOrgSuperiorURI $ eduOrgWhitePagesURI ) )
objectClasses: ( 1.3.6.1.4.1.5923.1.1.2 NAME 'eduPerson' DESC 'eduPerson per Internet2 and EDUCAUSE' AUXILIARY MAY ( eduPersonAffiliation $ eduPersonNickname $ eduPersonOrgDN $ eduPersonOrgUnitDN $ eduPersonPrimaryAffiliation $ eduPersonPrincipalName $ eduPersonEntitlement $ eduPersonPrimaryOrgUnitDN $ eduPersonScopedAffiliation $ eduPersonTargetedID $ eduPersonAssurance ) )
objectClasses: ( 1.3.6.1.4.1.5923.1.5.2 NAME 'eduMember' AUXILIARY MAY ( isMemberOf $ hasMember ) )
objectClasses: ( 1.3.6.1.4.1.7165.2.2.6 NAME 'sambaSamAccount' DESC 'Samba 3.0 Auxilary SAM Account' SUP top AUXILIARY MUST ( uid $ sambaSID ) MAY ( cn $ sambaLMPassword $ sambaNTPassword $ sambaPwdLastSet $ sambaLogonTime $ sambaLogoffTime $ sambaKickoffTime $ sambaPwdCanChange $ sambaPwdMustChange $ sambaAcctFlags $ displayName $ sambaHomePath $ sambaHomeDrive $ sambaLogonScript $ sambaProfilePath $ description $ sambaUserWorkstations $ sambaPrimaryGroupSID $ sambaDomainName $ sambaMungedDial $ sambaBadPasswordCount $ sambaBadPasswordTime $ sambaPasswordHistory $ sambaLogonHours ) )
objectClasses: ( 1.3.6.1.4.1.7165.2.2.4 NAME 'sambaGroupMapping' DESC 'Samba Group Mapping' SUP top AUXILIARY MUST ( gidNumber $ sambaSID $ sambaGroupType ) MAY ( displayName $ description $ sambaSIDList ) )
objectClasses: ( 1.3.6.1.4.1.7165.2.2.14 NAME 'sambaTrustPassword' DESC 'Samba Trust Password' SUP top STRUCTURAL MUST ( sambaDomainName $ sambaNTPassword $ sambaTrustFlags ) MAY ( sambaSID $ sambaPwdLastSet ) )
objectClasses: ( 1.3.6.1.4.1.7165.2.2.15 NAME 'sambaTrustedDomainPassword' DESC 'Samba Trusted Domain Password' SUP top STRUCTURAL MUST ( sambaDomainName $ sambaSID $ sambaClearTextPassword $ sambaPwdLastSet ) MAY sambaPreviousClearTextPassword )
objectClasses: ( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' DESC 'Samba Domain Information' SUP top STRUCTURAL MUST ( sambaDomainName $ sambaSID ) MAY ( sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $ sambaAlgorithmicRidBase $ sambaMinPwdLength $ sambaPwdHistoryLength $ sambaLogonToChgPwd $ sambaMaxPwdAge $ sambaMinPwdAge $ sambaLockoutDuration $ sambaLockoutObservationWindow $ sambaLockoutThreshold $ sambaForceLogoff $ sambaRefuseMachinePwdChange ) )
objectClasses: ( 1.3.6.1.4.1.7165.2.2.7 NAME 'sambaUnixIdPool' DESC 'Pool for allocating UNIX uids/gids' SUP top AUXILIARY MUST ( uidNumber $ gidNumber ) )
objectClasses: ( 1.3.6.1.4.1.7165.2.2.8 NAME 'sambaIdmapEntry' DESC 'Mapping from a SID to an ID' SUP top AUXILIARY MUST sambaSID MAY ( uidNumber $ gidNumber ) )
objectClasses: ( 1.3.6.1.4.1.7165.2.2.9 NAME 'sambaSidEntry' DESC 'Structural Class for a SID' SUP top STRUCTURAL MUST sambaSID )
objectClasses: ( 1.3.6.1.4.1.7165.2.2.10 NAME 'sambaConfig' DESC 'Samba Configuration Section' SUP top AUXILIARY MAY description )
objectClasses: ( 1.3.6.1.4.1.7165.2.2.11 NAME 'sambaShare' DESC 'Samba Share Section' SUP top STRUCTURAL MUST sambaShareName MAY description )
objectClasses: ( 1.3.6.1.4.1.7165.2.2.12 NAME 'sambaConfigOption' DESC 'Samba Configuration Option' SUP top STRUCTURAL MUST sambaOptionName MAY ( sambaBoolOption $ sambaIntegerOption $ sambaStringOption $ sambaStringListoption $ description ) )
objectClasses: ( 1.3.6.1.4.1.24552.500.1.1.2.0 NAME 'ldapPublicKey' DESC 'MANDATORY: OpenSSH LPK objectclass' SUP top AUXILIARY MAY ( sshPublicKey $ uid ) )
objectClasses: ( 1.3.6.1.4.1.7135.1.3.149.2.2.1.1.1 NAME 'uhbperson' DESC 'personnel de l"universite de rennes 2' SUP top AUXILIARY MAY ( attuhbcategorie $ attuhbcodecorps $ attuhbcorps $ attuhbcodetype $ attuhbtype $ attuhbcodecnu $ attuhbcnu $ attuhbetab $ attuhbmanager $ attuhbalias $ attuhbdatenais $ attuhbcodelr $ attuhbintranet $ attuhbextranet $ attuhbCampus $ attuhbaffectation $ attuhbdatefin $ attuhbcodevalid $ attuhbhashid $ attuhbdateouvcompte $ attuhbdatemaj $ attuhbLastSetPasswordID $ buildingName $ attuhbWebmasterHome $ attuhbResponsabilite $ attuhbgfocod ) )
objectClasses: ( 1.3.6.1.4.1.7135.1.3.149.2.2.1.1.2 NAME 'uhbetudiant' DESC 'etudiants de l"universite de rennes 2' SUP top AUXILIARY MAY ( attuhbetp $ attuhbins $ attuhbdroitacces $ attuhbdateouvcompte $ attuhbdatefin $ attuhbdatemaj $ attuhbalias $ attuhbdatenais $ attuhbcodelr $ attuhbintranet $ attuhbextranet $ attuhbCampus $ attuhbcodevalid $ attuhbstatut $ attuhbregins $ attuhbprofil $ attuhbetaPmt $ attuhbLastSetPasswordID $ attuhbaffectation $ attuhbhashid $ attuhbPays $ attuhbelp $ attuhbcleactivation $ attuhblibade ) )
objectClasses: ( 1.3.6.1.4.1.7135.1.3.149.2.2.1.1.3 NAME 'uhbcomposante' DESC 'composantes de l"universite de rennes 2' SUP top STRUCTURAL MUST cn MAY ( attuhbcompType $ attuhbcompRespEns $ attuhbcompRespTech $ attuhbcompRespAdm $ attuhbcompLibelleCourt $ attuhbcompLibelle ) )
objectClasses: ( 1.3.6.1.4.1.7135.1.2.2.1 NAME 'supannPerson' DESC 'classe d infos complementaires sur personnes supann' SUP top AUXILIARY MAY ( supannOrganisme $ supannCivilite $ supannAutreTelephone $ supannAffectation $ supannEmpId $ supannCodeINE $ supannEtuId $ supannAliasLogin $ supannParrainDN $ supannActivite $ supannEntiteAffectation $ supannEntiteAffectationPrincipale $ supannMailPerso $ supannRole $ supannRoleEntite $ supannRoleGenerique $ supannEtuAnneeInscription $ supannEtuCursusAnnee $ supannEtuDiplome $ supannEtuElementPedagogique $ supannEtuEtape $ supannEtuInscription $ supannEtuRegimeInscription $ supannEtuSecteurDisciplinaire $ supannEtuTypeDiplome $ supannEtablissement $ supannListeRouge $ supannAutreMail $ mailForwardingAddress $ supannEmpCorps $ supannTypeEntiteAffectation $ supannRefId ) )
objectClasses: ( 1.3.6.1.4.1.7135.1.2.2.2 NAME 'supannOrg' DESC 'classe d infos complementaires pour etablissement' SUP top AUXILIARY MAY supannEtablissement )
objectClasses: ( 1.3.6.1.4.1.7135.1.2.2.3 NAME 'supannEntite' DESC 'classe d infos complementaires pour entite' SUP top AUXILIARY MUST supannCodeEntite MAY ( supannTypeEntite $ supannCodeEntiteParent $ supannRefId ) )
objectClasses: ( 1.3.6.1.4.1.7135.1.2.2.6 NAME 'supannGroupe' DESC 'attributs specifiques des groupes' SUP top AUXILIARY MAY ( supannGroupeDateFin $ supannGroupeAdminDN $ supannGroupeLecteurDN $ supannRefId ) )
objectClasses: ( 1.3.6.1.4.1.7135.1.3.164.11.1 NAME 'sambaSecurityObject' DESC 'Mot de passe Samba' AUXILIARY MAY ( sambaLMPassword $ sambaNTPassword ) )
objectClasses: ( 1.3.6.1.4.1.7135.1.3.164.11.2 NAME 'runUnivNamedObject' DESC 'Objet nomme' AUXILIARY MAY ( cn $ sn $ givenName ) )
objectClasses: ( 1.3.6.1.4.1.7135.1.3.164.11.3 NAME 'runUnivAuthorizedObject' DESC 'Objet autorise' AUXILIARY MAY runUnivAuthorization )
objectClasses: ( 1.3.6.1.4.1.7135.1.3.164.11.4 NAME 'runUnivLabeledObject' DESC 'Objet ayant certains attributs permettant de l"identifier' AUXILIARY MAY runUnivAttribute )
objectClasses: ( 1.3.6.1.4.1.7135.1.3.164.31.2 NAME 'runUnivCategorizedObject' DESC 'Objet categorise' AUXILIARY MAY runUnivCategorie )
objectClasses: ( 1.3.6.1.4.1.7135.1.3.164.71.7 NAME 'runUnivMail' DESC 'Objet qui peut contenir un mail' AUXILIARY MAY ( mail $ runUnivMailAlias $ runUnivMailGroup $ runUnivMailHost $ runUnivMailRoute ) )
objectClasses: ( 1.3.6.1.4.1.7135.1.3.164.2.2.1 NAME 'runUnivAutoGroup' DESC 'Un groupe automatique' SUP top STRUCTURAL MUST cn MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description $ runUnivMemberURL $ member ) )
objectClasses: ( 1.3.6.1.4.1.7135.1.3.164.71.8 NAME 'runUnivUidObject' DESC 'Objet identifie par uid' SUP top STRUCTURAL MUST uid )
objectClasses: ( 1.3.6.1.4.1.7135.1.3.164.71.9 NAME 'runUnivCnObject' DESC 'Objet identifie par cn' SUP top STRUCTURAL MUST cn )
objectClasses: ( 1.3.6.1.4.1.7135.1.3.164.71.10 NAME 'runUnivMailObject' DESC 'Objet identifie par mail' SUP top STRUCTURAL MUST mail )
objectClasses: ( 1.3.6.1.4.1.7135.1.3.164.71.2 NAME 'runUnivAccount' DESC 'Compte pour un service generique' SUP top STRUCTURAL MUST ( uid $ userPassword ) MAY ( owner $ runUnivLsc $ runUnivAuthorization $ runUnivDateFin ) )
objectClasses: ( 1.3.6.1.4.1.7135.1.3.164.71.3 NAME 'runUnivMailAccount' DESC 'Compte pour un service de mail' SUP runUnivAccount STRUCTURAL MUST mail MAY ( runUnivMailAlias $ runUnivMailGroup $ runUnivMailHost $ runUnivMailRoute ) )
objectClasses: ( 1.3.6.1.4.1.7135.1.3.164.71.4 NAME 'runUnivSambaAccount' DESC 'Compte pour un service Samba' SUP top STRUCTURAL MUST ( uid $ sambaSID $ sambaLMPassword $ sambaNTPassword ) MAY ( owner $ cn $ eduPersonAffiliation $ eduPersonPrimaryAffiliation ) )
objectClasses: ( 1.3.6.1.4.1.7135.1.3.164.71.5 NAME 'runUnivPersonAccount' DESC 'Compte de personne' SUP runUnivAccount STRUCTURAL MUST ( sn $ cn ) MAY ( userPassword $ telephoneNumber $ seeAlso $ description $ title $ facsimileTelephoneNumber $ postalAddress $ displayName $ givenName $ labeledURI $ mail $ mobile $ userCertificate $ preferredLanguage $ x500uniqueIdentifier $ userSMIMECertificate $ userPKCS12 ) )
objectClasses: ( 1.3.6.1.4.1.7135.1.3.164.71.6 NAME 'runUnivUnixAccount' DESC 'Compte pour un service unix accessible par ssh' SUP top STRUCTURAL MUST uid MAY ( owner $ runUnivSshPublicKey ) )
objectClasses: ( 1.3.6.1.4.1.7135.1.3.164.71.12 NAME 'runUnivCasObject' DESC 'Configuration du serveur CAS' AUXILIARY MAY runUnivCasAccepted )
objectClasses: ( 1.3.6.1.4.1.7135.1.3.164.71.13 NAME 'runUnivPeopleObject' DESC 'Informations locales sur un individu' AUXILIARY MAY ( runUnivNom $ runUnivPrenom $ runUnivIndInfos $ runUnivDiplome $ runUnivSihamId $ runUnivIndAffectation $ runUnivCategorie $ runUnivPersInfos $ runUnivDateFin $ runUnivDateNaissance $ runUnivAdressePerso $ runUnivTelephonePerso $ runUnivToipInternal $ runUnivToipExternal $ runUnivToipEnabled $ runUnivToipAffectation $ runUnivAuthorization $ runUnivLastModified $ runUnivLsc $ runUnivCasAccepted $ runUnivAttribute $ runUnivWgClient $ runUnivJpegPhotoDate ) )
objectClasses: ( 1.3.6.1.4.1.7135.1.3.164.71.14 NAME 'runUnivStructureObject' DESC 'Informations locales sur une structure' AUXILIARY MAY ( cn $ runUnivLocalisation $ supannEtablissement $ runUnivStrInfos $ mail $ labeledURI $ jpegPhoto $ runUnivStrResp $ runUnivCategorie $ runUnivLastModified $ runUnivAttribute ) )
objectClasses: ( 1.3.6.1.4.1.7135.1.3.164.71.15 NAME 'runUnivGroupObject' DESC 'Informations locales sur un groupe' AUXILIARY MAY ( runUnivCategorie $ runUnivLastModified $ runUnivAttribute ) )
objectClasses: ( 1.3.6.1.4.1.7135.1.3.164.71.16 NAME 'runUnivPeopleRestricted' DESC 'Informations sur un individu qui ne doivent pas etre accessibles par anonymous' AUXILIARY MAY ( runUnivIndInfos $ runUnivDiplome $ runUnivAdressePerso $ runUnivTelephonePerso $ supannMailPerso $ runUnivIndAffectation $ runUnivPersInfos $ runUnivDateNaissance $ runUnivCasAccepted $ runUnivAttribute $ jpegPhoto $ runUnivJpegPhotoDate ) )
objectClasses: ( 1.3.6.1.4.1.7135.1.3.164.71.17 NAME 'runUnivNomenclatureObject' DESC 'Un element de nomenclature' SUP top STRUCTURAL MUST cn MAY ( title $ description $ runUnivDateFin ) )
objectClasses: ( 2.16.840.1.113730.3.2.33 NAME 'groupOfURLs' SUP top STRUCTURAL MUST cn MAY ( memberURL $ businessCategory $ description $ o $ ou $ owner $ seeAlso ) )
objectClasses: ( 1.3.6.1.4.1.4203.666.11.8.2.1 NAME 'dgIdentityAux' SUP top AUXILIARY MAY ( dgIdentity $ dgAuthz ) )
objectClasses: ( 1.3.6.1.4.1.3317.4.3.2.1 NAME 'radiusprofile' DESC '' AUXILIARY MUST cn MAY ( radiusArapFeatures $ radiusArapSecurity $ radiusArapZoneAccess $ radiusAuthType $ radiusCallbackId $ radiusCallbackNumber $ radiusCalledStationId $ radiusCallingStationId $ radiusClass $ radiusClientIPAddress $ radiusFilterId $ radiusFramedAppleTalkLink $ radiusFramedAppleTalkNetwork $ radiusFramedAppleTalkZone $ radiusFramedCompression $ radiusFramedIPAddress $ radiusFramedIPNetmask $ radiusFramedIPXNetwork $ radiusFramedMTU $ radiusFramedProtocol $ radiusCheckItem $ radiusReplyItem $ radiusFramedRoute $ radiusFramedRouting $ radiusIdleTimeout $ radiusGroupName $ radiusHint $ radiusHuntgroupName $ radiusLoginIPHost $ radiusLoginLATGroup $ radiusLoginLATNode $ radiusLoginLATPort $ radiusLoginLATService $ radiusLoginService $ radiusLoginTCPPort $ radiusLoginTime $ radiusPasswordRetry $ radiusPortLimit $ radiusPrompt $ radiusProxyToRealm $ radiusRealm $ radiusReplicateToRealm $ radiusServiceType $ radiusSessionTimeout $ radiusStripUserName $ radiusTerminationAction $ radiusTunnelClientEndpoint $ radiusProfileDn $ radiusSimultaneousUse $ radiusTunnelAssignmentId $ radiusTunnelMediumType $ radiusTunnelPassword $ radiusTunnelPreference $ radiusTunnelPrivateGroupId $ radiusTunnelServerEndpoint $ radiusTunnelType $ radiusUserCategory $ radiusVSA $ radiusExpiration $ dialupAccess $ radiusNASIpAddress $ radiusReplyMessage ) )
objectClasses: ( 1.3.6.1.4.1.3317.4.3.2.2 NAME 'radiusObjectProfile' DESC 'A Container Objectclass to be used for creating radius profile object' SUP top STRUCTURAL MUST cn MAY ( uid $ userPassword $ description ) )
entryDN: cn=Subschema
subschemaSubentry: cn=Subschema

72
nur_tbin/ldap/test.php Executable file
View File

@ -0,0 +1,72 @@
#!/usr/bin/php
<?php
require __DIR__.'/../../vendor/autoload.php';
use nur\ldap\app\LdapApplication;
use nur\ldap\LdapObject;
LdapApplication::run(new class extends LdapApplication {
const ARGS = [
"merge" => parent::ARGS,
["-a", "--action", "args" => 1],
];
protected $action;
protected $args;
function main() {
if ($this->config === null) $this->config = __DIR__.'/admin.ldapconf';
$conn = $this->getConn();
switch ($this->action) {
case "search": # sélection
case "s": # sélection
$pouet = $conn->first("", ["filter" => ["uid" => "pouet"]]);
if ($pouet !== null) {
Txx("trouvé", $pouet->array());
} else {
Txx("pas trouvé");
}
break;
case "create": # création
case "c": # création
$pouet = new LdapObject();
$pouet->merge([
"objectClass" => [
"top",
"account",
"simpleSecurityObject",
],
"uid" => "pouet",
"userPassword" => "plouf",
]);
$pouet->initDn("dc=univ-reunion,dc=fr", "uid", $conn);
$pouet->update(null, $conn);
Txx("créé");
break;
case "modify": # modification
case "m": # modification
$pouet = $conn->first("uid=pouet");
if ($pouet !== null) {
$pouet["userPassword"] = "pass".random_int(1, 1000);
Txx("userPassword: $pouet[userPassword]");
$pouet->update(null, $conn);
Txx("mis à jour");
} else {
Txx("pas trouvé");
}
break;
case "delete": # suppression
case "d": # suppression
$pouet = $conn->first("uid=pouet");
if ($pouet !== null) {
Txx("trouvé", $pouet->array());
$pouet->delete(null, $conn);
Txx("supprimé");
} else {
Txx("pas trouvé");
}
break;
}
}
});

46
nur_tbin/ldap/update_classes.php Executable file
View File

@ -0,0 +1,46 @@
#!/usr/bin/php
<?php
require(__DIR__.'/../../vendor/autoload.php');
use nur\ldap\AccountObject;
use nur\ldap\app\LdapApplication;
use nur\ldap\app\TLdapApplication;
use nur\ldap\OrganizationalRoleObject;
use nur\ldap\OrganizationalUnitObject;
use nur\ldap\OrganizationObject;
use nur\ldap\PersonObject;
use nur\ldap\scheman;
use nur\ldap\syntaxes\pri\MyValue;
use nur\php\UpdateClassesApp;
UpdateClassesApp::run(new class extends UpdateClassesApp {
use TLdapApplication;
const MAPPINGS = [
"src" => [
"package" => "nur\\ldap\\",
"path" => __DIR__."/../tests",
"classes" => [
AccountObject::class,
OrganizationObject::class,
OrganizationalUnitObject::class,
OrganizationalRoleObject::class,
PersonObject::class,
MyValue::class,
],
],
];
const ARGS = [
"merge" => LdapApplication::ARGS,
];
const LOAD_PARAMS = false;
function main() {
if ($this->config === null) $this->config = __DIR__.'/default.ldapconf';
scheman::init($this->getConn());
parent::main();
}
});

2
nur_tbin/datareader.php → nur_tbin/mapper/datareader.php
View File

@ -1,6 +1,6 @@
#!/usr/bin/php
<?php
require(__DIR__.'/../vendor/autoload.php');
require(__DIR__.'/../../vendor/autoload.php');
use nur\mapper\app\DatareaderApp;

0
nur_tbin/samples/csv_data.csv → nur_tbin/mapper/samples/csv_data.csv
View File

0
nur_tbin/samples/fsv_data.fsv → nur_tbin/mapper/samples/fsv_data.fsv
View File

0
nur_tbin/samples/fsv_schema.php → nur_tbin/mapper/samples/fsv_schema.php
View File

0
nur_tbin/samples/json_data.json → nur_tbin/mapper/samples/json_data.json
View File

0
nur_tbin/samples/line_data.txt → nur_tbin/mapper/samples/line_data.txt
View File

0
nur_tbin/samples/yaml_data.yml → nur_tbin/mapper/samples/yaml_data.yml
View File

2
nur_tbin/dump-passwords.php → nur_tbin/passwd/dump-passwords.php
View File

@ -1,6 +1,6 @@
#!/usr/bin/php
<?php
require __DIR__.'/../vendor/autoload.php';
require __DIR__.'/../../vendor/autoload.php';
use nur\A;
use nur\cli\Application;

83
nur_tests/ldap/AccountObject.php Normal file
View File

@ -0,0 +1,83 @@
<?php
namespace nur\ldap;
/**
* Class PersonObject: une personne au sens inetOrg
*
* --autogen-properties-and-methods--
* @property string $dn
* @property string[] $uid
* @property string[] $objectClass
* @property string[] $description
* @property string[] $seeAlso
* @property string[] $l
* @property string[] $o
* @property string[] $ou
* @property string[] $host
* @property string[] $userPassword
* @method \nur\ldap\LdapAttr dn()
* @method \nur\ldap\LdapAttr uid()
* @method \nur\ldap\LdapAttr objectClass()
* @method \nur\ldap\LdapAttr description()
* @method \nur\ldap\LdapAttr seeAlso()
* @method \nur\ldap\LdapAttr l()
* @method \nur\ldap\LdapAttr o()
* @method \nur\ldap\LdapAttr ou()
* @method \nur\ldap\LdapAttr host()
* @method \nur\ldap\LdapAttr userPassword()
*/
class AccountObject extends LdapObject {
const OBJECT_CLASSES = [
"account",
"simpleSecurityObject",
];
const PARENT_RDN = "ou=People";
const DN_NAMES = "uid";
#############################################################################
const _AUTOGEN_CONSTS = ["SCHEMA"];
const _AUTOGEN_PROPERTIES = [[self::class, "_AUTOGEN_PROPERTIES"]];
const _AUTOGEN_METHODS = [[self::class, "_AUTOGEN_METHODS"]];
const SCHEMA = /*autogen*/[
'dn' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 1,
],
'uid' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'objectClass' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'description' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'seeAlso' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'l' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'o' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'ou' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'host' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'userPassword' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
];
}

166
nur_tests/ldap/OrganizationObject.php Normal file
View File

@ -0,0 +1,166 @@
<?php
namespace nur\ldap;
/**
* Class PersonObject: une personne au sens inetOrg
*
* --autogen-properties-and-methods--
* @property string $dn
* @property string[] $o
* @property string[] $objectClass
* @property string[] $userPassword
* @property string[] $searchGuide
* @property string[] $seeAlso
* @property string[] $businessCategory
* @property int[] $x121Address
* @property string[] $registeredAddress
* @property string[] $destinationIndicator
* @property string $preferredDeliveryMethod
* @property string[] $telexNumber
* @property string[] $teletexTerminalIdentifier
* @property string[] $telephoneNumber
* @property int[] $internationaliSDNNumber
* @property string[] $facsimileTelephoneNumber
* @property string[] $street
* @property string[] $postOfficeBox
* @property string[] $postalCode
* @property string[] $postalAddress
* @property string[] $physicalDeliveryOfficeName
* @property string[] $st
* @property string[] $l
* @property string[] $description
* @method \nur\ldap\LdapAttr dn()
* @method \nur\ldap\LdapAttr o()
* @method \nur\ldap\LdapAttr objectClass()
* @method \nur\ldap\LdapAttr userPassword()
* @method \nur\ldap\LdapAttr searchGuide()
* @method \nur\ldap\LdapAttr seeAlso()
* @method \nur\ldap\LdapAttr businessCategory()
* @method \nur\ldap\LdapAttr x121Address()
* @method \nur\ldap\LdapAttr registeredAddress()
* @method \nur\ldap\LdapAttr destinationIndicator()
* @method \nur\ldap\LdapAttr preferredDeliveryMethod()
* @method \nur\ldap\LdapAttr telexNumber()
* @method \nur\ldap\LdapAttr teletexTerminalIdentifier()
* @method \nur\ldap\LdapAttr telephoneNumber()
* @method \nur\ldap\LdapAttr internationaliSDNNumber()
* @method \nur\ldap\LdapAttr facsimileTelephoneNumber()
* @method \nur\ldap\LdapAttr street()
* @method \nur\ldap\LdapAttr postOfficeBox()
* @method \nur\ldap\LdapAttr postalCode()
* @method \nur\ldap\LdapAttr postalAddress()
* @method \nur\ldap\LdapAttr physicalDeliveryOfficeName()
* @method \nur\ldap\LdapAttr st()
* @method \nur\ldap\LdapAttr l()
* @method \nur\ldap\LdapAttr description()
*/
class OrganizationObject extends LdapObject {
const OBJECT_CLASSES = [
"organization",
];
const PARENT_RDN = "ou=People";
const DN_NAMES = "o";
#############################################################################
const _AUTOGEN_CONSTS = ["SCHEMA"];
const _AUTOGEN_PROPERTIES = [[self::class, "_AUTOGEN_PROPERTIES"]];
const _AUTOGEN_METHODS = [[self::class, "_AUTOGEN_METHODS"]];
const SCHEMA = /*autogen*/[
'dn' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 1,
],
'o' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'objectClass' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'userPassword' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'searchGuide' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'seeAlso' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'businessCategory' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'x121Address' => [
'class' => 'nur\\ldap\\syntaxes\\IntegerSyntax',
'flags' => 0,
],
'registeredAddress' => [
'class' => 'nur\\ldap\\syntaxes\\PostalAddressSyntax',
'flags' => 0,
],
'destinationIndicator' => [
'class' => 'nur\\ldap\\syntaxes\\PrintableSyntax',
'flags' => 0,
],
'preferredDeliveryMethod' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 1,
],
'telexNumber' => [
'class' => 'nur\\ldap\\syntaxes\\TelephoneSyntax',
'flags' => 0,
],
'teletexTerminalIdentifier' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'telephoneNumber' => [
'class' => 'nur\\ldap\\syntaxes\\TelephoneSyntax',
'flags' => 0,
],
'internationaliSDNNumber' => [
'class' => 'nur\\ldap\\syntaxes\\IntegerSyntax',
'flags' => 0,
],
'facsimileTelephoneNumber' => [
'class' => 'nur\\ldap\\syntaxes\\TelephoneSyntax',
'flags' => 0,
],
'street' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'postOfficeBox' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'postalCode' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'postalAddress' => [
'class' => 'nur\\ldap\\syntaxes\\PostalAddressSyntax',
'flags' => 0,
],
'physicalDeliveryOfficeName' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'st' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'l' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'description' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
];
}

160
nur_tests/ldap/OrganizationalRoleObject.php Normal file
View File

@ -0,0 +1,160 @@
<?php
namespace nur\ldap;
/**
* Class PersonObject: une personne au sens inetOrg
*
* --autogen-properties-and-methods--
* @property string $dn
* @property string[] $cn
* @property string[] $objectClass
* @property int[] $x121Address
* @property string[] $registeredAddress
* @property string[] $destinationIndicator
* @property string $preferredDeliveryMethod
* @property string[] $telexNumber
* @property string[] $teletexTerminalIdentifier
* @property string[] $telephoneNumber
* @property int[] $internationaliSDNNumber
* @property string[] $facsimileTelephoneNumber
* @property string[] $seeAlso
* @property string[] $roleOccupant
* @property string[] $street
* @property string[] $postOfficeBox
* @property string[] $postalCode
* @property string[] $postalAddress
* @property string[] $physicalDeliveryOfficeName
* @property string[] $ou
* @property string[] $st
* @property string[] $l
* @property string[] $description
* @method \nur\ldap\LdapAttr dn()
* @method \nur\ldap\LdapAttr cn()
* @method \nur\ldap\LdapAttr objectClass()
* @method \nur\ldap\LdapAttr x121Address()
* @method \nur\ldap\LdapAttr registeredAddress()
* @method \nur\ldap\LdapAttr destinationIndicator()
* @method \nur\ldap\LdapAttr preferredDeliveryMethod()
* @method \nur\ldap\LdapAttr telexNumber()
* @method \nur\ldap\LdapAttr teletexTerminalIdentifier()
* @method \nur\ldap\LdapAttr telephoneNumber()
* @method \nur\ldap\LdapAttr internationaliSDNNumber()
* @method \nur\ldap\LdapAttr facsimileTelephoneNumber()
* @method \nur\ldap\LdapAttr seeAlso()
* @method \nur\ldap\LdapAttr roleOccupant()
* @method \nur\ldap\LdapAttr street()
* @method \nur\ldap\LdapAttr postOfficeBox()
* @method \nur\ldap\LdapAttr postalCode()
* @method \nur\ldap\LdapAttr postalAddress()
* @method \nur\ldap\LdapAttr physicalDeliveryOfficeName()
* @method \nur\ldap\LdapAttr ou()
* @method \nur\ldap\LdapAttr st()
* @method \nur\ldap\LdapAttr l()
* @method \nur\ldap\LdapAttr description()
*/
class OrganizationalRoleObject extends LdapObject {
const OBJECT_CLASSES = [
"organizationalRole",
];
const PARENT_RDN = "ou=People";
const DN_NAMES = "cn";
#############################################################################
const _AUTOGEN_CONSTS = ["SCHEMA"];
const _AUTOGEN_PROPERTIES = [[self::class, "_AUTOGEN_PROPERTIES"]];
const _AUTOGEN_METHODS = [[self::class, "_AUTOGEN_METHODS"]];
const SCHEMA = /*autogen*/[
'dn' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 1,
],
'cn' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'objectClass' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'x121Address' => [
'class' => 'nur\\ldap\\syntaxes\\IntegerSyntax',
'flags' => 0,
],
'registeredAddress' => [
'class' => 'nur\\ldap\\syntaxes\\PostalAddressSyntax',
'flags' => 0,
],
'destinationIndicator' => [
'class' => 'nur\\ldap\\syntaxes\\PrintableSyntax',
'flags' => 0,
],
'preferredDeliveryMethod' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 1,
],
'telexNumber' => [
'class' => 'nur\\ldap\\syntaxes\\TelephoneSyntax',
'flags' => 0,
],
'teletexTerminalIdentifier' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'telephoneNumber' => [
'class' => 'nur\\ldap\\syntaxes\\TelephoneSyntax',
'flags' => 0,
],
'internationaliSDNNumber' => [
'class' => 'nur\\ldap\\syntaxes\\IntegerSyntax',
'flags' => 0,
],
'facsimileTelephoneNumber' => [
'class' => 'nur\\ldap\\syntaxes\\TelephoneSyntax',
'flags' => 0,
],
'seeAlso' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'roleOccupant' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'street' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'postOfficeBox' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'postalCode' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'postalAddress' => [
'class' => 'nur\\ldap\\syntaxes\\PostalAddressSyntax',
'flags' => 0,
],
'physicalDeliveryOfficeName' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'ou' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'st' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'l' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'description' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
];
}

166
nur_tests/ldap/OrganizationalUnitObject.php Normal file
View File

@ -0,0 +1,166 @@
<?php
namespace nur\ldap;
/**
* Class PersonObject: une personne au sens inetOrg
*
* --autogen-properties-and-methods--
* @property string $dn
* @property string[] $ou
* @property string[] $objectClass
* @property string[] $userPassword
* @property string[] $searchGuide
* @property string[] $seeAlso
* @property string[] $businessCategory
* @property int[] $x121Address
* @property string[] $registeredAddress
* @property string[] $destinationIndicator
* @property string $preferredDeliveryMethod
* @property string[] $telexNumber
* @property string[] $teletexTerminalIdentifier
* @property string[] $telephoneNumber
* @property int[] $internationaliSDNNumber
* @property string[] $facsimileTelephoneNumber
* @property string[] $street
* @property string[] $postOfficeBox
* @property string[] $postalCode
* @property string[] $postalAddress
* @property string[] $physicalDeliveryOfficeName
* @property string[] $st
* @property string[] $l
* @property string[] $description
* @method \nur\ldap\LdapAttr dn()
* @method \nur\ldap\LdapAttr ou()
* @method \nur\ldap\LdapAttr objectClass()
* @method \nur\ldap\LdapAttr userPassword()
* @method \nur\ldap\LdapAttr searchGuide()
* @method \nur\ldap\LdapAttr seeAlso()
* @method \nur\ldap\LdapAttr businessCategory()
* @method \nur\ldap\LdapAttr x121Address()
* @method \nur\ldap\LdapAttr registeredAddress()
* @method \nur\ldap\LdapAttr destinationIndicator()
* @method \nur\ldap\LdapAttr preferredDeliveryMethod()
* @method \nur\ldap\LdapAttr telexNumber()
* @method \nur\ldap\LdapAttr teletexTerminalIdentifier()
* @method \nur\ldap\LdapAttr telephoneNumber()
* @method \nur\ldap\LdapAttr internationaliSDNNumber()
* @method \nur\ldap\LdapAttr facsimileTelephoneNumber()
* @method \nur\ldap\LdapAttr street()
* @method \nur\ldap\LdapAttr postOfficeBox()
* @method \nur\ldap\LdapAttr postalCode()
* @method \nur\ldap\LdapAttr postalAddress()
* @method \nur\ldap\LdapAttr physicalDeliveryOfficeName()
* @method \nur\ldap\LdapAttr st()
* @method \nur\ldap\LdapAttr l()
* @method \nur\ldap\LdapAttr description()
*/
class OrganizationalUnitObject extends LdapObject {
const OBJECT_CLASSES = [
"organizationalUnit",
];
const PARENT_RDN = "ou=People";
const DN_NAMES = "ou";
#############################################################################
const _AUTOGEN_CONSTS = ["SCHEMA"];
const _AUTOGEN_PROPERTIES = [[self::class, "_AUTOGEN_PROPERTIES"]];
const _AUTOGEN_METHODS = [[self::class, "_AUTOGEN_METHODS"]];
const SCHEMA = /*autogen*/[
'dn' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 1,
],
'ou' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'objectClass' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'userPassword' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'searchGuide' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'seeAlso' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'businessCategory' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'x121Address' => [
'class' => 'nur\\ldap\\syntaxes\\IntegerSyntax',
'flags' => 0,
],
'registeredAddress' => [
'class' => 'nur\\ldap\\syntaxes\\PostalAddressSyntax',
'flags' => 0,
],
'destinationIndicator' => [
'class' => 'nur\\ldap\\syntaxes\\PrintableSyntax',
'flags' => 0,
],
'preferredDeliveryMethod' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 1,
],
'telexNumber' => [
'class' => 'nur\\ldap\\syntaxes\\TelephoneSyntax',
'flags' => 0,
],
'teletexTerminalIdentifier' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'telephoneNumber' => [
'class' => 'nur\\ldap\\syntaxes\\TelephoneSyntax',
'flags' => 0,
],
'internationaliSDNNumber' => [
'class' => 'nur\\ldap\\syntaxes\\IntegerSyntax',
'flags' => 0,
],
'facsimileTelephoneNumber' => [
'class' => 'nur\\ldap\\syntaxes\\TelephoneSyntax',
'flags' => 0,
],
'street' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'postOfficeBox' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'postalCode' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'postalAddress' => [
'class' => 'nur\\ldap\\syntaxes\\PostalAddressSyntax',
'flags' => 0,
],
'physicalDeliveryOfficeName' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'st' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'l' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'description' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
];
}

431
nur_tests/ldap/PersonObject.php Normal file
View File

@ -0,0 +1,431 @@
<?php
namespace nur\ldap;
/**
* Class PersonObject: une personne au sens inetOrg
*
* --autogen-properties-and-methods--
* @property string $dn
* @property string[] $sn
* @property string[] $cn
* @property string[] $objectClass
* @property string[] $audio
* @property string[] $businessCategory
* @property string[] $carLicense
* @property string[] $departmentNumber
* @property string $displayName
* @property string $employeeNumber
* @property string[] $employeeType
* @property string[] $givenName
* @property string[] $homePhone
* @property string[] $homePostalAddress
* @property string[] $initials
* @property string[] $jpegPhoto
* @property string[] $labeledURI
* @property string[] $mail
* @property string[] $manager
* @property string[] $mobile
* @property string[] $o
* @property string[] $pager
* @property string[] $photo
* @property string[] $roomNumber
* @property string[] $secretary
* @property string[] $uid
* @property string[] $userCertificate
* @property string[] $x500UniqueIdentifier
* @property string $preferredLanguage
* @property string[] $userSMIMECertificate
* @property string[] $userPKCS12
* @property string[] $title
* @property int[] $x121Address
* @property string[] $registeredAddress
* @property string[] $destinationIndicator
* @property string $preferredDeliveryMethod
* @property string[] $telexNumber
* @property string[] $teletexTerminalIdentifier
* @property string[] $telephoneNumber
* @property int[] $internationaliSDNNumber
* @property string[] $facsimileTelephoneNumber
* @property string[] $street
* @property string[] $postOfficeBox
* @property string[] $postalCode
* @property string[] $postalAddress
* @property string[] $physicalDeliveryOfficeName
* @property string[] $ou
* @property string[] $st
* @property string[] $l
* @property string[] $userPassword
* @property string[] $seeAlso
* @property string[] $description
* @property string[] $eduPersonAffiliation
* @property string[] $eduPersonNickname
* @property string $eduPersonOrgDN
* @property string[] $eduPersonOrgUnitDN
* @property string $eduPersonPrimaryAffiliation
* @property string $eduPersonPrincipalName
* @property string[] $eduPersonPrincipalNamePrior
* @property string[] $eduPersonEntitlement
* @property string $eduPersonPrimaryOrgUnitDN
* @property string[] $eduPersonScopedAffiliation
* @property string[] $eduPersonTargetedID
* @property string[] $eduPersonAssurance
* @property string[] $eduPersonUniqueId
* @property string[] $eduPersonOrcid
* @property string[] $eduPersonAnalyticsTag
* @property string $eduPersonDisplayPronouns
* @method \nur\ldap\LdapAttr dn()
* @method \nur\ldap\LdapAttr sn()
* @method \nur\ldap\LdapAttr cn()
* @method \nur\ldap\LdapAttr objectClass()
* @method \nur\ldap\LdapAttr audio()
* @method \nur\ldap\LdapAttr businessCategory()
* @method \nur\ldap\LdapAttr carLicense()
* @method \nur\ldap\LdapAttr departmentNumber()
* @method \nur\ldap\LdapAttr displayName()
* @method \nur\ldap\LdapAttr employeeNumber()
* @method \nur\ldap\LdapAttr employeeType()
* @method \nur\ldap\LdapAttr givenName()
* @method \nur\ldap\LdapAttr homePhone()
* @method \nur\ldap\LdapAttr homePostalAddress()
* @method \nur\ldap\LdapAttr initials()
* @method \nur\ldap\LdapAttr jpegPhoto()
* @method \nur\ldap\LdapAttr labeledURI()
* @method \nur\ldap\LdapAttr mail()
* @method \nur\ldap\LdapAttr manager()
* @method \nur\ldap\LdapAttr mobile()
* @method \nur\ldap\LdapAttr o()
* @method \nur\ldap\LdapAttr pager()
* @method \nur\ldap\LdapAttr photo()
* @method \nur\ldap\LdapAttr roomNumber()
* @method \nur\ldap\LdapAttr secretary()
* @method \nur\ldap\LdapAttr uid()
* @method \nur\ldap\LdapAttr userCertificate()
* @method \nur\ldap\LdapAttr x500UniqueIdentifier()
* @method \nur\ldap\LdapAttr preferredLanguage()
* @method \nur\ldap\LdapAttr userSMIMECertificate()
* @method \nur\ldap\LdapAttr userPKCS12()
* @method \nur\ldap\LdapAttr title()
* @method \nur\ldap\LdapAttr x121Address()
* @method \nur\ldap\LdapAttr registeredAddress()
* @method \nur\ldap\LdapAttr destinationIndicator()
* @method \nur\ldap\LdapAttr preferredDeliveryMethod()
* @method \nur\ldap\LdapAttr telexNumber()
* @method \nur\ldap\LdapAttr teletexTerminalIdentifier()
* @method \nur\ldap\LdapAttr telephoneNumber()
* @method \nur\ldap\LdapAttr internationaliSDNNumber()
* @method \nur\ldap\LdapAttr facsimileTelephoneNumber()
* @method \nur\ldap\LdapAttr street()
* @method \nur\ldap\LdapAttr postOfficeBox()
* @method \nur\ldap\LdapAttr postalCode()
* @method \nur\ldap\LdapAttr postalAddress()
* @method \nur\ldap\LdapAttr physicalDeliveryOfficeName()
* @method \nur\ldap\LdapAttr ou()
* @method \nur\ldap\LdapAttr st()
* @method \nur\ldap\LdapAttr l()
* @method \nur\ldap\LdapAttr userPassword()
* @method \nur\ldap\LdapAttr seeAlso()
* @method \nur\ldap\LdapAttr description()
* @method \nur\ldap\LdapAttr eduPersonAffiliation()
* @method \nur\ldap\LdapAttr eduPersonNickname()
* @method \nur\ldap\LdapAttr eduPersonOrgDN()
* @method \nur\ldap\LdapAttr eduPersonOrgUnitDN()
* @method \nur\ldap\LdapAttr eduPersonPrimaryAffiliation()
* @method \nur\ldap\LdapAttr eduPersonPrincipalName()
* @method \nur\ldap\LdapAttr eduPersonPrincipalNamePrior()
* @method \nur\ldap\LdapAttr eduPersonEntitlement()
* @method \nur\ldap\LdapAttr eduPersonPrimaryOrgUnitDN()
* @method \nur\ldap\LdapAttr eduPersonScopedAffiliation()
* @method \nur\ldap\LdapAttr eduPersonTargetedID()
* @method \nur\ldap\LdapAttr eduPersonAssurance()
* @method \nur\ldap\LdapAttr eduPersonUniqueId()
* @method \nur\ldap\LdapAttr eduPersonOrcid()
* @method \nur\ldap\LdapAttr eduPersonAnalyticsTag()
* @method \nur\ldap\LdapAttr eduPersonDisplayPronouns()
*/
class PersonObject extends LdapObject {
const OBJECT_CLASSES = [
"inetOrgPerson",
"eduPerson",
];
const PARENT_RDN = "ou=People";
const DN_NAMES = "uid";
#############################################################################
const _AUTOGEN_CONSTS = ["SCHEMA"];
const _AUTOGEN_PROPERTIES = [[self::class, "_AUTOGEN_PROPERTIES"]];
const _AUTOGEN_METHODS = [[self::class, "_AUTOGEN_METHODS"]];
const SCHEMA = /*autogen*/[
'dn' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 1,
],
'sn' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'cn' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'objectClass' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'audio' => [
'class' => 'nur\\ldap\\syntaxes\\BinarySyntax',
'flags' => 8,
],
'businessCategory' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'carLicense' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'departmentNumber' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'displayName' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 1,
],
'employeeNumber' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 1,
],
'employeeType' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'givenName' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'homePhone' => [
'class' => 'nur\\ldap\\syntaxes\\TelephoneSyntax',
'flags' => 0,
],
'homePostalAddress' => [
'class' => 'nur\\ldap\\syntaxes\\PostalAddressSyntax',
'flags' => 0,
],
'initials' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'jpegPhoto' => [
'class' => 'nur\\ldap\\syntaxes\\BinarySyntax',
'flags' => 8,
],
'labeledURI' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'mail' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'manager' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'mobile' => [
'class' => 'nur\\ldap\\syntaxes\\TelephoneSyntax',
'flags' => 0,
],
'o' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'pager' => [
'class' => 'nur\\ldap\\syntaxes\\TelephoneSyntax',
'flags' => 0,
],
'photo' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'roomNumber' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'secretary' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'uid' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'userCertificate' => [
'class' => 'nur\\ldap\\syntaxes\\BinarySyntax',
'flags' => 10,
],
'x500UniqueIdentifier' => [
'class' => 'nur\\ldap\\syntaxes\\BinarySyntax',
'flags' => 0,
],
'preferredLanguage' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 1,
],
'userSMIMECertificate' => [
'class' => 'nur\\ldap\\syntaxes\\BinarySyntax',
'flags' => 8,
],
'userPKCS12' => [
'class' => 'nur\\ldap\\syntaxes\\BinarySyntax',
'flags' => 8,
],
'title' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'x121Address' => [
'class' => 'nur\\ldap\\syntaxes\\IntegerSyntax',
'flags' => 0,
],
'registeredAddress' => [
'class' => 'nur\\ldap\\syntaxes\\PostalAddressSyntax',
'flags' => 0,
],
'destinationIndicator' => [
'class' => 'nur\\ldap\\syntaxes\\PrintableSyntax',
'flags' => 0,
],
'preferredDeliveryMethod' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 1,
],
'telexNumber' => [
'class' => 'nur\\ldap\\syntaxes\\TelephoneSyntax',
'flags' => 0,
],
'teletexTerminalIdentifier' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'telephoneNumber' => [
'class' => 'nur\\ldap\\syntaxes\\TelephoneSyntax',
'flags' => 0,
],
'internationaliSDNNumber' => [
'class' => 'nur\\ldap\\syntaxes\\IntegerSyntax',
'flags' => 0,
],
'facsimileTelephoneNumber' => [
'class' => 'nur\\ldap\\syntaxes\\TelephoneSyntax',
'flags' => 0,
],
'street' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'postOfficeBox' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'postalCode' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'postalAddress' => [
'class' => 'nur\\ldap\\syntaxes\\PostalAddressSyntax',
'flags' => 0,
],
'physicalDeliveryOfficeName' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'ou' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'st' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'l' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'userPassword' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'seeAlso' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'description' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'eduPersonAffiliation' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'eduPersonNickname' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'eduPersonOrgDN' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 1,
],
'eduPersonOrgUnitDN' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'eduPersonPrimaryAffiliation' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 1,
],
'eduPersonPrincipalName' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 1,
],
'eduPersonPrincipalNamePrior' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'eduPersonEntitlement' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'eduPersonPrimaryOrgUnitDN' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 1,
],
'eduPersonScopedAffiliation' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'eduPersonTargetedID' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'eduPersonAssurance' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'eduPersonUniqueId' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'eduPersonOrcid' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'eduPersonAnalyticsTag' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 0,
],
'eduPersonDisplayPronouns' => [
'class' => 'nur\\ldap\\syntaxes\\StringSyntax',
'flags' => 1,
],
];
}

79
nur_tests/ldap/filtersTest.php Normal file
View File

@ -0,0 +1,79 @@
<?php
namespace nur\ldap;
use PHPUnit\Framework\TestCase;
class filtersTest extends TestCase {
function testParse(): void {
self::assertSame("(objectClass=*)", filters::parse(null));
self::assertSame("(objectClass=*)", filters::parse(""));
self::assertSame("(abc)", filters::parse("abc"));
self::assertSame("(a=b)", filters::parse("a=b"));
self::assertSame("(a=b)", filters::parse("(a=b)"));
self::assertSame("(a=*)", filters::parse("a=*"));
self::assertSame("(a=*)", filters::parse("(a=*)"));
self::assertSame("(a=b)", filters::parse([
"a=b",
]));
self::assertSame("(a=b)", filters::parse([
"(a=b)",
]));
self::assertSame("(a=b)", filters::parse([
"a" => "b",
]));
self::assertSame("(a=\\2a)", filters::parse([
"a" => "*",
]));
self::assertSame("(&(a=b)(c=d))", filters::parse([
"a=b",
"c=d",
]));
self::assertSame("(&(a=b)(c=d))", filters::parse([
"a" => "b",
"c" => "d",
]));
self::assertSame("(|(a=b)(c=d)(&(x=y)(z=t)))",
filters::parse([
"|",
"a" => "b",
"c" => "d",
["&",
"x" => "y",
"z" => "t",
],
]));
self::assertSame("(a=b)", filters::parse([
"&",
"a" => "b",
]));
self::assertSame("(a=b)", filters::parse([
"|",
"a" => "b",
]));
self::assertSame("(!(a=b))", filters::parse([
"!",
"a" => "b",
]));
}
function testParseArrayValues(): void {
self::assertSame("(&(a=x)(a=y))", filters::parse([
"a" => ["x", "y"],
]));
self::assertSame("(&(a=x)(a=y))", filters::parse([
"&",
"a" => ["x", "y"],
]));
self::assertSame("(|(a=x)(a=y))", filters::parse([
"|",
"a" => ["x", "y"],
]));
}
function testOps(): void {
self::assertSame("(a=b)", filters::eq("a", "b"));
self::assertSame("(a=b*)", filters::eq("a", "b*"));
self::assertSame("(a=*b*)", filters::eq("a", "*b*"));
self::assertSame("(a=*)", filters::eq("a", "*"));
}
}

56
nur_tests/ldap/ldapTest.php Normal file
View File

@ -0,0 +1,56 @@
<?php
namespace nur\ldap;
use PHPUnit\Framework\TestCase;
class ldapTest extends TestCase {
function testPrepare_rename() {
$rdn = "uid=ouid";
$params = null;
self::assertFalse(ldap::prepare_rename("uid=ouid,dc=osuffix", $rdn, $params));
# renommage
$rdn = "uid=nuid";
$params = null;
self::assertTrue(ldap::prepare_rename("uid=ouid,dc=osuffix", $rdn, $params));
self::assertSame("uid=nuid", $rdn);
self::assertSame([
"new_parent" => "dc=osuffix",
"delete_old_rdn" => true,
"controls" => [],
], $params);
# renommage + déplacement
$rdn = "uid=nuid";
$params = "dc=nsuffix";
self::assertTrue(ldap::prepare_rename("uid=ouid,dc=osuffix", $rdn, $params));
self::assertSame("uid=nuid", $rdn);
self::assertSame([
"new_parent" => "dc=nsuffix",
"delete_old_rdn" => true,
"controls" => [],
], $params);
# déplacement uniquement
$rdn = "";
$params = "dc=nsuffix";
self::assertTrue(ldap::prepare_rename("uid=ouid,dc=osuffix", $rdn, $params));
self::assertSame("uid=ouid", $rdn);
self::assertSame([
"new_parent" => "dc=nsuffix",
"delete_old_rdn" => true,
"controls" => [],
], $params);
# rdn complexe
$rdn = "uid=nuid,ou=groups";
$params = "dc=nsuffix,dc=tld";
self::assertTrue(ldap::prepare_rename("uid=ouid,dc=osuffix", $rdn, $params));
self::assertSame("uid=nuid", $rdn);
self::assertSame([
"new_parent" => "ou=groups,dc=nsuffix,dc=tld",
"delete_old_rdn" => true,
"controls" => [],
], $params);
}
}

70
nur_tests/ldap/namesTest.php Normal file
View File

@ -0,0 +1,70 @@
<?php
namespace nur\ldap;
use nur\b\ValueException;
use nur\t\TestCase;
class namesTest extends TestCase {
function testSplit(): void {
$valid = names::split_dn("", $rdn, $suffix);
self::assertFalse($valid);
$valid = names::split_dn("a=b", $rdn, $suffix);
self::assertTrue($valid);
self::assertSame("a=b", $rdn);
self::assertSame("", $suffix);
$valid = names::split_dn("a=b\\2ac", $rdn, $suffix);
self::assertTrue($valid);
self::assertSame("a=b*c", $rdn);
self::assertSame("", $suffix);
$valid = names::split_dn("a=b\\2bc", $rdn, $suffix);
self::assertTrue($valid);
self::assertSame("a=b\\2Bc", $rdn);
self::assertSame("", $suffix);
$valid = names::split_dn("a=b,x=y,z=t", $rdn, $suffix);
self::assertTrue($valid);
self::assertSame("a=b", $rdn);
self::assertSame("x=y,z=t", $suffix);
$valid = names::split_dn("a=b+c=d,x=y,z=t", $rdn, $suffix);
self::assertTrue($valid);
self::assertSame("a=b+c=d", $rdn);
self::assertSame("x=y,z=t", $suffix);
}
function testSplit_rdn() {
self::assertException(ValueException::class, function () {
names::split_rdn("");
});
self::assertException(ValueException::class, function () {
names::split_rdn("xxx");
});
self::assertSame([
"a" => ["b"],
], names::split_rdn("a=b"));
self::assertSame([
"a" => ["b"],
"c" => ["d"],
], names::split_rdn("a=b+c=d"));
}
function testJoin() {
self::assertSame("", names::join("", ""));
self::assertSame("a=b", names::join("a=b", ""));
self::assertSame("a=b,x=y,z=t", names::join("a=b", "x=y,z=t"));
self::assertSame("a=b,x=y,z=t", names::join([
"a" => "b",
], "x=y,z=t"));
self::assertSame("a=b+c=d,x=y,z=t", names::join([
"a" => "b",
"c" => "d",
], "x=y,z=t"));
}
function testUnescape() {
self::assertSame("(", names::ldap_unescape("\\28"));
}
}

11
nur_tests/ldap/sub/Sub.php Normal file
View File

@ -0,0 +1,11 @@
<?php
namespace nur\ldap\sub;
use nur\ldap\PersonObject;
class Sub {
function testSub() {
$p = new PersonObject();
$p->sn();
}
}

47
nur_tests/ldap/syntaxes/CompositeSyntaxTest.php Normal file
View File

@ -0,0 +1,47 @@
<?php
namespace nur\ldap\syntaxes;
use nur\ldap\app\TLdapApplication;
use nur\ldap\LdapConn;
use nur\ldap\syntaxes\pri\MyValue;
use nur\t\TestCase;
class CompositeSyntaxTest extends TestCase {
use TLdapApplication;
const LOAD_PARAMS = false;
protected function setUp(): void {
parent::setUp();
if ($this->config === null) $this->config = __DIR__.'/../../tbin/default.ldapconf';
$this->conn = $this->getConn();
}
/** @var LdapConn */
protected $conn;
const LDAP_VALUE1 = "[mvalue=first \\28value\\29][mdate=20230718200000Z]";
function testQuote() {
$mv = new MyValue();
$mv->setup($this->conn);
$mv->reset(null);
self::assertSame("", $mv->mvalue);
self::assertSame(null, $mv->mdate);
$mv->reset([
"mvalue" => "first (value)",
"mdate" => "19/07/2023",
]);
self::assertSame("first (value)", $mv->mvalue);
self::assertSame("19/07/2023", $mv->mdate);
self::assertSame(self::LDAP_VALUE1, $mv->formatLdap());
$mv->reset(null);
$mv->parseLdap(self::LDAP_VALUE1);
self::assertSame("first (value)", $mv->mvalue);
self::assertSame("19/07/2023", $mv->mdate);
self::assertSame(self::LDAP_VALUE1, $mv->formatLdap());
}
}

20
nur_tests/ldap/syntaxes/DateSyntaxTest.php Normal file
View File

@ -0,0 +1,20 @@
<?php
namespace nur\ldap\syntaxes;
use nur\t\TestCase;
class DateSyntaxTest extends TestCase {
function testPhp2ldap(): void {
$syn = new DateSyntax();
self::assertSame(null, $syn->php2ldap(null));
self::assertSame(null, $syn->php2ldap(""));
self::assertSame("20230324200000Z", $syn->php2ldap("25/3/23"));
self::assertSame("20230325110000Z", $syn->php2ldap("25/3/23 15:0"));
}
function testLdap2php(): void {
$syn = new DateSyntax();
self::assertSame("25/03/2023", $syn->ldap2php("20230324200000Z"));
self::assertSame("25/03/2023 15:00:00", $syn->ldap2php("20230325110000Z"));
}
}

25
nur_tests/ldap/syntaxes/PostalAddressSyntaxTest.php Normal file
View File

@ -0,0 +1,25 @@
<?php
namespace nur\ldap\syntaxes;
use nur\t\TestCase;
class PostalAddressSyntaxTest extends TestCase {
function testPhp2ldap(): void {
$syn = new PostalAddressSyntax();
self::assertNull($syn->php2ldap(null));
self::assertSame('', $syn->php2ldap(''));
self::assertSame('mon adresse', $syn->php2ldap(' mon adresse '));
self::assertSame('mon adre\$\$e', $syn->php2ldap(' mon adre$$e '));
self::assertSame('mon $ adresse', $syn->php2ldap(" mon \n adresse "));
self::assertSame('mon $ adre\$\$e', $syn->php2ldap(" mon \n adre\$\$e "));
}
function testLdap2php(): void {
$syn = new PostalAddressSyntax();
self::assertSame('', $syn->ldap2php(''));
self::assertSame('mon adresse', $syn->ldap2php('mon adresse'));
self::assertSame('mon adre$$e', $syn->ldap2php('mon adre\$\$e'));
self::assertSame("mon\nadresse", $syn->ldap2php('mon $ adresse'));
self::assertSame("mon\nadre\$\$e", $syn->ldap2php('mon $ adre\$\$e'));
}
}

16
nur_tests/ldap/syntaxes/TelephoneSyntaxTest.php Normal file
View File

@ -0,0 +1,16 @@
<?php
namespace nur\ldap\syntaxes;
use nur\t\TestCase;
class TelephoneSyntaxTest extends TestCase {
function testPhp2ldap(): void {
$syn = new TelephoneSyntax();
self::assertNull($syn->php2ldap(null));
self::assertNull($syn->php2ldap(''));
self::assertSame('+262 262 30 65 00', $syn->php2ldap('306500'));
self::assertSame('+262 262 30 65 00', $syn->php2ldap('0262306500'));
self::assertSame('+262 692 29 58 24', $syn->php2ldap('0692295824'));
self::assertSame('+33 156 12 34 56', $syn->php2ldap('0156123456'));
}
}

48
nur_tests/ldap/syntaxes/pri/MyValue.php Normal file
View File

@ -0,0 +1,48 @@
<?php
namespace nur\ldap\syntaxes\pri;
use nur\ldap\CompositeValue;
use nur\ldap\syntaxes\BooleanSyntax;
use nur\ldap\syntaxes\DateSyntax;
use nur\ldap\TCompositeValue;
/**
* Class MyCValue
*
* --autogen-properties-and-methods--
* @property string $mvalue
* @property string $mdate
* @property string|null $ovalue
* @property string|null $odate
* @property bool|null $obool
*/
class MyValue extends CompositeValue {
use TCompositeValue;
const SCHEMA = [
"mvalue" => "string",
"mdate" => "date",
"ovalue" => "?string",
"odate" => "?date",
"obool" => "?bool",
];
const SYNTAXES = [
"mdate" => DateSyntax::class,
"odate" => DateSyntax::class,
"obool" => BooleanSyntax::class,
];
const MANDATORY_KEYS = [
"mvalue", "mdate",
];
const OPTIONAL_KEYS = [
"ovalue", "odate", "obool",
];
const KEY_KEYS = ["mvalue"];
#############################################################################
const _AUTOGEN_PROPERTIES = [[self::class, "_AUTOGEN_PROPERTIES"]];
}

8
nur_tests/ldap/syntaxes/pri/MyValueSyntax.php Normal file
View File

@ -0,0 +1,8 @@
<?php
namespace nur\ldap\syntaxes\pri;
use nur\ldap\syntaxes\CompositeSyntax;
class MyValueSyntax extends CompositeSyntax {
const CVCLASS = MyValue::class;
}

13
sync-nur.sh
View File

@ -25,9 +25,9 @@ for i in b cli config data io m php ref tools v; do
sy src_$i/ nur_src/$i/
done
sy public/ nur_public/
#sy sbin/ nur_sbin/ --exclude /composer.phar
##sy sbin/ nur_sbin/ --exclude /composer.phar
sy tests/ nur_tests/
sy tbin/ nur_tbin/
#sy tbin/ nur_tbin/
FROM=../nur-v-bs3
sy src/ nur_src/v/bs3/
@ -45,11 +45,16 @@ sy src/ nur_src/m/pgsql/
FROM=../nur-mapper
sy src/ nur_src/mapper/
sy tests/ nur_tests/mapper/
sy tbin/ nur_tbin/
#sy tbin/ nur_tbin/
FROM=../nur-passwd
sy src/ nur_src/passwd/
sy tests/ nur_tests/passwd/
sy tbin/ nur_tbin/
#sy tbin/ nur_tbin/
FROM=../nur-ldap
sy src/ nur_src/ldap/
sy tests/ nur_tests/ldap/
#sy tbin/ nur_tbin/
./nur_sbin/update_classes.php