From af754e596a8dbb05ed8580c342e7fe02e08b28e0 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sat, 13 Apr 2024 16:11:00 +0200 Subject: Adding upstream version 3.2.3+dfsg. Signed-off-by: Daniel Baumann --- doc/schemas/ldap/edir/freeradius-clients.ldif | 69 ++ doc/schemas/ldap/iplanet/freeradius.ldif | 73 ++ doc/schemas/ldap/iplanet/freeradius.schema | 78 ++ doc/schemas/ldap/openldap/freeradius-clients.ldif | 17 + .../ldap/openldap/freeradius-clients.schema | 70 ++ doc/schemas/ldap/openldap/freeradius.ldif | 76 ++ doc/schemas/ldap/openldap/freeradius.schema | 477 ++++++++++++ doc/schemas/ldap/samba/README.txt | 11 + doc/schemas/ldap/samba/freeradius-attrs.ldif | 806 +++++++++++++++++++++ doc/schemas/ldap/samba/freeradius-classes.ldif | 91 +++ .../ldap/samba/freeradius-clients-attrs.ldif | 91 +++ .../ldap/samba/freeradius-clients-classes.ldif | 19 + doc/schemas/ldap/samba/freeradius-user.ldif | 10 + 13 files changed, 1888 insertions(+) create mode 100644 doc/schemas/ldap/edir/freeradius-clients.ldif create mode 100644 doc/schemas/ldap/iplanet/freeradius.ldif create mode 100644 doc/schemas/ldap/iplanet/freeradius.schema create mode 100644 doc/schemas/ldap/openldap/freeradius-clients.ldif create mode 100644 doc/schemas/ldap/openldap/freeradius-clients.schema create mode 100644 doc/schemas/ldap/openldap/freeradius.ldif create mode 100644 doc/schemas/ldap/openldap/freeradius.schema create mode 100644 doc/schemas/ldap/samba/README.txt create mode 100644 doc/schemas/ldap/samba/freeradius-attrs.ldif create mode 100644 doc/schemas/ldap/samba/freeradius-classes.ldif create mode 100644 doc/schemas/ldap/samba/freeradius-clients-attrs.ldif create mode 100644 doc/schemas/ldap/samba/freeradius-clients-classes.ldif create mode 100644 doc/schemas/ldap/samba/freeradius-user.ldif (limited to 'doc/schemas/ldap') diff --git a/doc/schemas/ldap/edir/freeradius-clients.ldif b/doc/schemas/ldap/edir/freeradius-clients.ldif new file mode 100644 index 0000000..96a0f44 --- /dev/null +++ b/doc/schemas/ldap/edir/freeradius-clients.ldif @@ -0,0 +1,69 @@ +# +# LDIF Novell eDirectory schema to load dynamic clients from LDAP +# +# copyright 2013 Olivier Beytrison +# +# 1.3.6.1.4.1.11344.1.100 is the toplevel OID for this work +# .1 = objectclasses +# .2 = attributs +dn: cn=schema +changetype: modify +add: attributetypes +attributetypes: ( 1.3.6.1.4.1.11344.1.100.2.1 + NAME 'radiusClientIdentifier' + DESC 'Client Identifier' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' + SINGLE-VALUE ) +attributetypes: ( 1.3.6.1.4.1.11344.1.100.2.2 + NAME 'radiusClientSecret' + DESC 'Client Secret' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' + SINGLE-VALUE ) +attributetypes: ( 1.3.6.1.4.1.11344.1.100.2.3 + NAME 'radiusClientShortname' + DESC 'Client Shortname' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' + SINGLE-VALUE ) +attributetypes: ( 1.3.6.1.4.1.11344.1.100.2.4 + NAME 'radiusClientVirtualServer' + DESC 'VirtualServer' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' + SINGLE-VALUE ) +attributetypes: ( 1.3.6.1.4.1.11344.1.100.2.5 + NAME 'radiusClientType' + DESC 'Client Type' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' + SINGLE-VALUE ) +attributetypes: ( 1.3.6.1.4.1.11344.1.100.2.6 + NAME 'radiusClientRequireMa' + DESC 'Require Message Authenticator' + EQUALITY booleanMatch + SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' + SINGLE-VALUE ) +attributetypes: ( 1.3.6.1.4.1.11344.1.100.2.7 + NAME 'radiusClientComment' + DESC 'Client comment' + EQUALITY caseIgnoreMatch + SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' + SINGLE-VALUE ) + + +dn: cn=schema +changetype: modify +add: objectclasses +objectclasses: ( 1.3.6.1.4.1.11344.1.100.1.1 + NAME 'radiusClient' + DESC 'radiusClient object class' + SUP top STRUCTURAL + MUST ( radiusClientIdentifier $ radiusClientSecret ) + MAY ( radiusClientShortname $ radiusClientVirtualServer $ radiusClientType $ radiusClientRequireMa $radiusClientcomment )) diff --git a/doc/schemas/ldap/iplanet/freeradius.ldif b/doc/schemas/ldap/iplanet/freeradius.ldif new file mode 100644 index 0000000..3834cb3 --- /dev/null +++ b/doc/schemas/ldap/iplanet/freeradius.ldif @@ -0,0 +1,73 @@ +# This is a LDAPv3 schema for RADIUS attributes. +# Converted for use with iPlanet/Sun Directory Servers 5.x by Arne Brutschy +# +# Originally Tested on OpenLDAP 2.0.7 +# Posted by Javier Fernandez-Sanguino Pena +# LDAP v3 version by Jochen Friedrich +# Updates by Adrian Pavlykevych +############## +dn: cn=schema +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.1 NAME 'radiusArapFeatures' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.2 NAME 'radiusArapSecurity' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.3 NAME 'radiusArapZoneAccess' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.44 NAME 'radiusAuthType' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.4 NAME 'radiusCallbackId' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.5 NAME 'radiusCallbackNumber' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.6 NAME 'radiusCalledStationId' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.7 NAME 'radiusCallingStationId' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.8 NAME 'radiusClass' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.45 NAME 'radiusClientIPAddress' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.9 NAME 'radiusFilterId' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.10 NAME 'radiusFramedAppleTalkLink' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.11 NAME 'radiusFramedAppleTalkNetwork' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.12 NAME 'radiusFramedAppleTalkZone' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.13 NAME 'radiusFramedCompression' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.14 NAME 'radiusFramedIPAddress' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.15 NAME 'radiusFramedIPNetmask' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.16 NAME 'radiusFramedIPXNetwork' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.17 NAME 'radiusFramedMTU' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.18 NAME 'radiusFramedProtocol' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.19 NAME 'radiusFramedRoute' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.20 NAME 'radiusFramedRouting' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.46 NAME 'radiusGroupName' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.47 NAME 'radiusHint' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.48 NAME 'radiusHuntgroupName' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.21 NAME 'radiusIdleTimeout' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.22 NAME 'radiusLoginIPHost' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.23 NAME 'radiusLoginLATGroup' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.24 NAME 'radiusLoginLATNode' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.25 NAME 'radiusLoginLATPort' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.26 NAME 'radiusLoginLATService' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.27 NAME 'radiusLoginService' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.28 NAME 'radiusLoginTCPPort' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.29 NAME 'radiusPasswordRetry' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.30 NAME 'radiusPortLimit' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.49 NAME 'radiusProfileDN' DESC '' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.31 NAME 'radiusPrompt' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.50 NAME 'radiusProxyToRealm' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.51 NAME 'radiusReplicateToRealm' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.52 NAME 'radiusRealm' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.32 NAME 'radiusServiceType' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.33 NAME 'radiusSessionTimeout' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.34 NAME 'radiusTerminationAction' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.35 NAME 'radiusTunnelAssignmentId' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.36 NAME 'radiusTunnelMediumType' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.37 NAME 'radiusTunnelPassword' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.38 NAME 'radiusTunnelPreference' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.39 NAME 'radiusTunnelPrivateGroupId' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.40 NAME 'radiusTunnelServerEndpoint' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.41 NAME 'radiusTunnelType' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.42 NAME 'radiusVSA' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.43 NAME 'radiusTunnelClientEndpoint' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +#need to change asn1.id +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.53 NAME 'radiusSimultaneousUse' DESC '' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.54 NAME 'radiusLoginTime' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.55 NAME 'radiusUserCategory' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.56 NAME 'radiusStripUserName' DESC '' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.57 NAME 'dialupAccess' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.58 NAME 'radiusExpiration' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.59 NAME 'radiusAttribute' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.60 NAME 'radiusControlAttribute' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.61 NAME 'radiusReplyAttribute' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.62 NAME 'radiusRequestAttribute' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +objectClasses: ( 1.3.6.1.4.1.11344.4.3.2.1 NAME 'radiusprofile' DESC '' SUP top AUXILIARY MUST ( cn ) MAY ( radiusArapFeatures $ radiusArapSecurity $ radiusArapZoneAccess $ radiusAuthType $ radiusCallbackId $ radiusCallbackNumber $ radiusCalledStationId $ radiusCallingStationId $ radiusClass $ radiusClientIPAddress $ radiusFilterId $ radiusFramedAppleTalkLink $ radiusFramedAppleTalkNetwork $ radiusFramedAppleTalkZone $ radiusFramedCompression $ radiusFramedIPAddress $ radiusFramedIPNetmask $ radiusFramedIPXNetwork $ radiusFramedMTU $ radiusFramedProtocol $ radiusAttribute $ radiusFramedRoute $ radiusFramedRouting $ radiusIdleTimeout $ radiusGroupName $ radiusHint $ radiusHuntgroupName $ radiusLoginIPHost $ radiusLoginLATGroup $ radiusLoginLATNode $ radiusLoginLATPort $ radiusLoginLATService $ radiusLoginService $ radiusLoginTCPPort $ radiusLoginTime $ radiusPasswordRetry $ radiusPortLimit $ radiusPrompt $ radiusProxyToRealm $ radiusRealm $ radiusReplicateToRealm $ radiusServiceType $ radiusSessionTimeout $ radiusStripUserName $ radiusTerminationAction $ radiusTunnelClientEndpoint $ radiusProfileDn $ radiusSimultaneousUse $ radiusTunnelAssignmentId $ radiusTunnelMediumType $ radiusTunnelPassword $ radiusTunnelPreference $ radiusTunnelPrivateGroupId $ radiusTunnelServerEndpoint $ radiusTunnelType $ radiusUserCategory $ radiusVSA $ radiusExpiration $ dialupAccess $ radiusControlAttribute $ radiusReplyAttribute $ radiusRequestAttribute ) ) diff --git a/doc/schemas/ldap/iplanet/freeradius.schema b/doc/schemas/ldap/iplanet/freeradius.schema new file mode 100644 index 0000000..6392b02 --- /dev/null +++ b/doc/schemas/ldap/iplanet/freeradius.schema @@ -0,0 +1,78 @@ +# This is a LDAPv3 schema for RADIUS attributes. +# Tested on Sun One Directory server 5.2 +# Created by Daniel Wilson (danielwilson_2k@yahoo.com) +############## +dn: cn=schema +objectClass: top +objectClass: ldapSubentry +objectClass: subschema +cn: schema +####################### +# aci to ensure that the standard schema attributes are visible to +# all LDAP clients (anonymous access). +# +aci: (target="ldap:///cn=schema")(targetattr !="aci")(version 3.0;acl "anonymous, no acis"; allow (read, search, compare) userdn = "ldap:///anyone"; +####################### +objectClasses: ( 1.3.6.1.4.1.11344.4.3.2.1 NAME 'radiusprofile' SUP top AUXILIARY DESC 'Free Radius schema for Directory Server 5.2' MUST (cn) MAY ( radiusArapFeatures $ radiusArapSecurity $ radiusArapZoneAccess $ radiusAuthType $ radiusCallbackId $ radiusCallbackNumber $ radiusCalledStationId $ radiusCallingStationId $ radiusClass $ radiusClientIPAddress $ radiusFilterId $ radiusFramedAppleTalkLink $ radiusFramedAppleTalkNetwork $ radiusFramedAppleTalkZone $ radiusFramedCompression $ radiusFramedIPAddress $ radiusFramedIPNetmask $ radiusFramedIPXNetwork $ radiusFramedMTU $ radiusFramedProtocol $ radiusAttribute $ radiusFramedRoute $ radiusFramedRouting $ radiusIdleTimeout $ radiusGroupName $ radiusHint $ radiusHuntgroupName $ radiusLoginIPHost $ radiusLoginLATGroup $ radiusLoginLATNode $ radiusLoginLATPort $ radiusLoginLATService $ radiusLoginService $ radiusLoginTCPPort $ radiusLoginTime $ radiusPasswordRetry $ radiusPortLimit $ radiusPrompt $ radiusProxyToRealm $ radiusRealm $ radiusReplicateToRealm $ radiusServiceType $ radiusSessionTimeout $ radiusStripUserName $ radiusTerminationAction $ radiusTunnelClientEndpoint $ radiusProfileDN $ radiusSimultaneousUse $ radiusTunnelAssignmentId $ radiusTunnelMediumType $ radiusTunnelPassword $ radiusTunnelPreference $ radiusTunnelPrivateGroupId $ radiusTunnelServerEndpoint $ radiusTunnelType $ radiusUserCategory $ radiusVSA $ radiusExpiration $ dialupAccess $ radiusControlAttribute $ radiusReplyAttribute $radiusRequestAttribute ) X-ORIGIN 'user defined') +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.1 NAME 'radiusArapFeatures' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined') +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.2 NAME 'radiusArapSecurity' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined') +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.3 NAME 'radiusArapZoneAccess' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined') +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.44 NAME 'radiusAuthType' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.4 NAME 'radiusCallbackId' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.5 NAME 'radiusCallbackNumber' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.6 NAME 'radiusCalledStationId' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.7 NAME 'radiusCallingStationId' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.8 NAME 'radiusClass' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.45 NAME 'radiusClientIPAddress' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.9 NAME 'radiusFilterId' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.10 NAME 'radiusFramedAppleTalkLink' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.11 NAME 'radiusFramedAppleTalkNetwork' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.12 NAME 'radiusFramedAppleTalkZone' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.13 NAME 'radiusFramedCompression' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.14 NAME 'radiusFramedIPAddress' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.15 NAME 'radiusFramedIPNetmask' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.16 NAME 'radiusFramedIPXNetwork' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.17 NAME 'radiusFramedMTU' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.18 NAME 'radiusFramedProtocol' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.19 NAME 'radiusFramedRoute' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.20 NAME 'radiusFramedRouting' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.46 NAME 'radiusGroupName' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.47 NAME 'radiusHint' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.48 NAME 'radiusHuntgroupName' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.21 NAME 'radiusIdleTimeout' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.22 NAME 'radiusLoginIPHost' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.23 NAME 'radiusLoginLATGroup' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.24 NAME 'radiusLoginLATNode' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.25 NAME 'radiusLoginLATPort' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.26 NAME 'radiusLoginLATService' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.27 NAME 'radiusLoginService' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.28 NAME 'radiusLoginTCPPort' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.29 NAME 'radiusPasswordRetry' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.30 NAME 'radiusPortLimit' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.49 NAME 'radiusProfileDN' DESC '' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.31 NAME 'radiusPrompt' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.50 NAME 'radiusProxyToRealm' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.51 NAME 'radiusReplicateToRealm' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.52 NAME 'radiusRealm' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.32 NAME 'radiusServiceType' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.33 NAME 'radiusSessionTimeout' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.34 NAME 'radiusTerminationAction' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.35 NAME 'radiusTunnelAssignmentId' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.36 NAME 'radiusTunnelMediumType' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.37 NAME 'radiusTunnelPassword' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.38 NAME 'radiusTunnelPreference' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.39 NAME 'radiusTunnelPrivateGroupId' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.40 NAME 'radiusTunnelServerEndpoint' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.41 NAME 'radiusTunnelType' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.42 NAME 'radiusVSA' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.43 NAME 'radiusTunnelClientEndpoint' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.53 NAME 'radiusSimultaneousUse' DESC '' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.54 NAME 'radiusLoginTime' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.55 NAME 'radiusUserCategory' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.56 NAME 'radiusStripUserName' DESC '' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.57 NAME 'dialupAccess' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.58 NAME 'radiusExpiration' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.11344.4.3.1.59 NAME 'radiusAttribute' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributetypes: ( 1.3.6.1.4.1.11344.4.3.1.60 NAME 'radiusControlAttribute' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributetypes: ( 1.3.6.1.4.1.11344.4.3.1.61 NAME 'radiusReplyAttribute' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributetypes: ( 1.3.6.1.4.1.11344.4.3.1.62 NAME 'radiusRequestAttribute' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) diff --git a/doc/schemas/ldap/openldap/freeradius-clients.ldif b/doc/schemas/ldap/openldap/freeradius-clients.ldif new file mode 100644 index 0000000..d591799 --- /dev/null +++ b/doc/schemas/ldap/openldap/freeradius-clients.ldif @@ -0,0 +1,17 @@ +# +# LDIF Openldap schema to load dynamic clients from LDAP +# +# copyright 2013 Olivier Beytrison +# + +dn: cn=radiusClient,cn=schema,cn=config +objectClass: olcSchemaConfig +cn: radiusClient +olcAttributeTypes: ( 1.3.6.1.4.1.11344.1.100.2.1 NAME 'radiusClientIdentifier' SINGLE-VALUE DESC 'Client identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) +olcAttributeTypes: ( 1.3.6.1.4.1.11344.1.100.2.2 NAME 'radiusClientSecret' SINGLE-VALUE DESC 'Client secret' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) +olcAttributeTypes: ( 1.3.6.1.4.1.11344.1.100.2.3 NAME 'radiusClientShortname' SINGLE-VALUE DESC 'Client shortname' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) +olcAttributeTypes: ( 1.3.6.1.4.1.11344.1.100.2.4 NAME 'radiusClientVirtualServer' SINGLE-VALUE DESC 'VirtualServer' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) +olcAttributeTypes: ( 1.3.6.1.4.1.11344.1.100.2.5 NAME 'radiusClientType' SINGLE-VALUE DESC 'Client Type' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) +olcAttributeTypes: ( 1.3.6.1.4.1.11344.1.100.2.6 NAME 'radiusClientRequireMa' SINGLE-VALUE DESC 'Require Message Authenticator' EQUALITY booleanMatch SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' ) +olcAttributeTypes: ( 1.3.6.1.4.1.11344.1.100.2.7 NAME 'radiusClientComment' SINGLE-VALUE DESC 'Client comment' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) +olcObjectClasses: ( 1.3.6.1.4.1.11344.1.100.1.1 NAME 'radiusClient' DESC 'radiusClient object class' SUP top STRUCTURAL MUST ( radiusClientIdentifier $ radiusClientSecret ) MAY ( radiusClientShortname $ radiusClientVirtualServer $ radiusClientType $ radiusClientRequireMa $ radiusClientComment )) diff --git a/doc/schemas/ldap/openldap/freeradius-clients.schema b/doc/schemas/ldap/openldap/freeradius-clients.schema new file mode 100644 index 0000000..b1fdd66 --- /dev/null +++ b/doc/schemas/ldap/openldap/freeradius-clients.schema @@ -0,0 +1,70 @@ +attributetype ( 1.3.6.1.4.1.11344.1.100.2.1 + NAME 'radiusClientIdentifier' + DESC 'Client Identifier' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.1.100.2.2 + NAME 'radiusClientSecret' + DESC 'Client Secret' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.1.100.2.3 + NAME 'radiusClientShortname' + DESC 'Client Shortname' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.1.100.2.4 + NAME 'radiusClientVirtualServer' + DESC 'VirtualServer' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.1.100.2.5 + NAME 'radiusClientType' + DESC 'Client Type' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.1.100.2.6 + NAME 'radiusClientRequireMa' + DESC 'Require Message Authenticator' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.1.100.2.7 + NAME 'radiusClientComment' + DESC 'Client comment' + EQUALITY caseIgnoreMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + SINGLE-VALUE + ) + +objectclass ( 1.3.6.1.4.1.11344.1.100.1.1 + NAME 'radiusClient' + DESC 'radiusClient object class' + SUP top + STRUCTURAL + MUST ( radiusClientIdentifier $ radiusClientSecret ) + MAY ( radiusClientShortname $ radiusClientVirtualServer $ radiusClientType $ radiusClientRequireMa $ radiusClientComment ) + ) + diff --git a/doc/schemas/ldap/openldap/freeradius.ldif b/doc/schemas/ldap/openldap/freeradius.ldif new file mode 100644 index 0000000..44d2cb9 --- /dev/null +++ b/doc/schemas/ldap/openldap/freeradius.ldif @@ -0,0 +1,76 @@ +dn: cn=radius,cn=schema,cn=config +objectClass: olcSchemaConfig +cn: radius +olcAttributeTypes: {0}( 1.3.6.1.4.1.11344.4.3.1.1 NAME 'radiusArapFeatures' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {1}( 1.3.6.1.4.1.11344.4.3.1.2 NAME 'radiusArapSecurity' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {2}( 1.3.6.1.4.1.11344.4.3.1.3 NAME 'radiusArapZoneAccess' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {3}( 1.3.6.1.4.1.11344.4.3.1.44 NAME 'radiusAuthType' DESC 'controlItem: Auth-Type' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {4}( 1.3.6.1.4.1.11344.4.3.1.4 NAME 'radiusCallbackId' DESC 'replyItem: Callback-Id' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {5}( 1.3.6.1.4.1.11344.4.3.1.5 NAME 'radiusCallbackNumber' DESC 'replyItem: Callback-Number' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {6}( 1.3.6.1.4.1.11344.4.3.1.6 NAME 'radiusCalledStationId' DESC 'controlItem: Called-Station-Id' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {7}( 1.3.6.1.4.1.11344.4.3.1.7 NAME 'radiusCallingStationId' DESC 'controlItem: Calling-Station-Id' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {8}( 1.3.6.1.4.1.11344.4.3.1.8 NAME 'radiusClass' DESC 'replyItem: Class' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {9}( 1.3.6.1.4.1.11344.4.3.1.45 NAME 'radiusClientIPAddress' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {10}( 1.3.6.1.4.1.11344.4.3.1.9 NAME 'radiusFilterId' DESC 'replyItem: Filter-Id' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {11}( 1.3.6.1.4.1.11344.4.3.1.10 NAME 'radiusFramedAppleTalkLink' DESC 'replyItem: Framed-AppleTalk-Link' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {12}( 1.3.6.1.4.1.11344.4.3.1.11 NAME 'radiusFramedAppleTalkNetwork' DESC 'replyItem: Framed-AppleTalk-Network' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {13}( 1.3.6.1.4.1.11344.4.3.1.12 NAME 'radiusFramedAppleTalkZone' DESC 'replyItem: Framed-AppleTalk-Zone' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {14}( 1.3.6.1.4.1.11344.4.3.1.13 NAME 'radiusFramedCompression' DESC 'replyItem: Framed-Compression' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {15}( 1.3.6.1.4.1.11344.4.3.1.14 NAME 'radiusFramedIPAddress' DESC 'replyItem: Framed-IP-Address' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {16}( 1.3.6.1.4.1.11344.4.3.1.15 NAME 'radiusFramedIPNetmask' DESC 'replyItem: Framed-IP-Netmask' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {17}( 1.3.6.1.4.1.11344.4.3.1.16 NAME 'radiusFramedIPXNetwork' DESC 'replyItem: Framed-IPX-Network' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {18}( 1.3.6.1.4.1.11344.4.3.1.17 NAME 'radiusFramedMTU' DESC' replyItem: Framed-MTU' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {19}( 1.3.6.1.4.1.11344.4.3.1.18 NAME 'radiusFramedProtocol'DESC 'replyItem: Framed-Protocol' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {20}( 1.3.6.1.4.1.11344.4.3.1.19 NAME 'radiusFramedRoute' DESC 'replyItem: Framed-Route' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {21}( 1.3.6.1.4.1.11344.4.3.1.20 NAME 'radiusFramedRouting' DESC 'replyItem: Framed-Routing' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {22}( 1.3.6.1.4.1.11344.4.3.1.46 NAME 'radiusGroupName' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {23}( 1.3.6.1.4.1.11344.4.3.1.47 NAME 'radiusHint' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {24}( 1.3.6.1.4.1.11344.4.3.1.48 NAME 'radiusHuntgroupName' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {25}( 1.3.6.1.4.1.11344.4.3.1.21 NAME 'radiusIdleTimeout' DESC 'replyItem: Idle-Timeout' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {26}( 1.3.6.1.4.1.11344.4.3.1.22 NAME 'radiusLoginIPHost' DESC 'replyItem: Login-IP-Host' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {27}( 1.3.6.1.4.1.11344.4.3.1.23 NAME 'radiusLoginLATGroup' DESC 'replyItem: Login-LAT-Group' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {28}( 1.3.6.1.4.1.11344.4.3.1.24 NAME 'radiusLoginLATNode' DESC 'replyItem: Login-LAT-Node' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {29}( 1.3.6.1.4.1.11344.4.3.1.25 NAME 'radiusLoginLATPort' DESC 'replyItem: Login-LAT-Port' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {30}( 1.3.6.1.4.1.11344.4.3.1.26 NAME 'radiusLoginLATService' DESC 'replyItem: Login-LAT-Service' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {31}( 1.3.6.1.4.1.11344.4.3.1.27 NAME 'radiusLoginService' DESC 'replyItem: Login-Service' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {32}( 1.3.6.1.4.1.11344.4.3.1.28 NAME 'radiusLoginTCPPort' DESC 'replyItem: Login-TCP-Port' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {33}( 1.3.6.1.4.1.11344.4.3.1.29 NAME 'radiusPasswordRetry' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {34}( 1.3.6.1.4.1.11344.4.3.1.30 NAME 'radiusPortLimit' DESC 'replyItem: Port-Limit' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {35}( 1.3.6.1.4.1.11344.4.3.1.49 NAME 'radiusProfileDN' DESC '' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) +olcAttributeTypes: {36}( 1.3.6.1.4.1.11344.4.3.1.31 NAME 'radiusPrompt' DESC ''EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {37}( 1.3.6.1.4.1.11344.4.3.1.50 NAME 'radiusProxyToRealm' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {38}( 1.3.6.1.4.1.11344.4.3.1.51 NAME 'radiusReplicateToRealm' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {39}( 1.3.6.1.4.1.11344.4.3.1.52 NAME 'radiusRealm' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE) +olcAttributeTypes: {40}( 1.3.6.1.4.1.11344.4.3.1.32 NAME 'radiusServiceType' DESC 'replyItem: Service-Type' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {41}( 1.3.6.1.4.1.11344.4.3.1.33 NAME 'radiusSessionTimeout'DESC 'replyItem: Session-Timeout' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {42}( 1.3.6.1.4.1.11344.4.3.1.34 NAME 'radiusTerminationAction' DESC 'replyItem: Termination-Action' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {43}( 1.3.6.1.4.1.11344.4.3.1.35 NAME 'radiusTunnelAssignmentId' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26) +olcAttributeTypes: {44}( 1.3.6.1.4.1.11344.4.3.1.36 NAME 'radiusTunnelMediumType' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {45}( 1.3.6.1.4.1.11344.4.3.1.37 NAME 'radiusTunnelPassword' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {46}( 1.3.6.1.4.1.11344.4.3.1.38 NAME 'radiusTunnelPreference' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {47}( 1.3.6.1.4.1.11344.4.3.1.39 NAME 'radiusTunnelPrivateGroupId' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {48}( 1.3.6.1.4.1.11344.4.3.1.40 NAME 'radiusTunnelServerEndpoint' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {49}( 1.3.6.1.4.1.11344.4.3.1.41 NAME 'radiusTunnelType' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {50}( 1.3.6.1.4.1.11344.4.3.1.42 NAME 'radiusVSA' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {51}( 1.3.6.1.4.1.11344.4.3.1.43 NAME 'radiusTunnelClientEndpoint' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {52}( 1.3.6.1.4.1.11344.4.3.1.53 NAME 'radiusSimultaneousUse' DESC 'controlItem: Simultaneous-Use' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) +olcAttributeTypes: {53}( 1.3.6.1.4.1.11344.4.3.1.54 NAME 'radiusLoginTime' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {54}( 1.3.6.1.4.1.11344.4.3.1.55 NAME 'radiusUserCategory' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {55}( 1.3.6.1.4.1.11344.4.3.1.56 NAME 'radiusStripUserName' DESC '' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE ) +olcAttributeTypes: {56}( 1.3.6.1.4.1.11344.4.3.1.57 NAME 'dialupAccess' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {57}( 1.3.6.1.4.1.11344.4.3.1.58 NAME 'radiusExpiration' DESC 'controlItem: Expiration' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {58}( 1.3.6.1.4.1.11344.4.3.1.59 NAME 'radiusAttribute' DESC 'controlItem: $GENERIC$' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {59}( 1.3.6.1.4.1.11344.4.3.1.61 NAME 'radiusNASIpAddress' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) +olcAttributeTypes: {60}( 1.3.6.1.4.1.11344.4.3.1.62 NAME 'radiusReplyMessage' DESC 'replyItem: Reply-Message' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {61}( 1.3.6.1.4.1.11344.4.3.1.63 NAME 'radiusControlAttribute' DESC 'controlItem: $GENERIC$' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {62}( 1.3.6.1.4.1.11344.4.3.1.64 NAME 'radiusReplyAttribute' DESC 'replyItem: $GENERIC$' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcAttributeTypes: {63}( 1.3.6.1.4.1.11344.4.3.1.65 NAME 'radiusRequestAttribute' DESC 'requestItem: $GENERIC$' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +olcObjectClasses: {0}( 1.3.6.1.4.1.11344.4.3.2.1 NAME 'radiusprofile' DESC '' SUP top AUXILIARY MAY ( radiusArapFeatures $ radiusArapSecurity $ radiusArapZoneAccess $ radiusAuthType $ + radiusCallbackId $ radiusCallbackNumber $radiusCalledStationId $ radiusCallingStationId $ radiusClass $ radiusClientIPAddress $ radiusFilterId $ radiusFramedAppleTalkLink $ radiusFramedAppleTalkNetwork $ + radiusFramedAppleTalkZone $ radiusFramedCompression $ radiusFramedIPAddress $ radiusFramedIPNetmask $ radiusFramedIPXNetwork $ radiusFramedMTU $radiusFramedProtocol $ radiusAttribute $ + radiusFramedRoute $ radiusFramedRouting $ radiusIdleTimeout $ radiusGroupName $ radiusHint $ radiusHuntgroupName $ radiusLoginIPHost $ radiusLoginLATGroup $ radiusLoginLATNode $ radiusLoginLATPort $ + radiusLoginLATService $ radiusLoginService $ radiusLoginTCPPort $ radiusLoginTime $ radiusPasswordRetry $ radiusPortLimit $ radiusPrompt $ radiusProxyToRealm $ radiusRealm $ radiusReplicateToRealm $ + radiusServiceType $ radiusSessionTimeout $ radiusStripUserName $ radiusTerminationAction $ radiusTunnelClientEndpoint $ radiusProfileDN $ radiusSimultaneousUse $ radiusTunnelAssignmentId $ + radiusTunnelMediumType $ radiusTunnelPassword $ radiusTunnelPreference $ radiusTunnelPrivateGroupId $ radiusTunnelServerEndpoint $ radiusTunnelType $ radiusUserCategory $ radiusVSA $ radiusExpiration $ + dialupAccess $ radiusNASIpAddress $ radiusReplyMessage $ radiusControlAttribute $ radiusReplyAttribute $ radiusRequestAttribute ) ) +olcObjectClasses: {1}( 1.3.6.1.4.1.11344.4.3.2.2 NAME 'radiusObjectProfile' DESC 'A Container Objectclass to be used for creating radius profile object' SUP top STRUCTURAL MUST cn MAY ( uid $ userPassword $ description ) ) diff --git a/doc/schemas/ldap/openldap/freeradius.schema b/doc/schemas/ldap/openldap/freeradius.schema new file mode 100644 index 0000000..ab11984 --- /dev/null +++ b/doc/schemas/ldap/openldap/freeradius.schema @@ -0,0 +1,477 @@ +attributetype ( 1.3.6.1.4.1.11344.4.3.1.1 + NAME 'radiusArapFeatures' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.2 + NAME 'radiusArapSecurity' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.3 + NAME 'radiusArapZoneAccess' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.44 + NAME 'radiusAuthType' + DESC 'controlItem: Auth-Type' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.4 + NAME 'radiusCallbackId' + DESC 'replyItem: Callback-Id' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.5 + NAME 'radiusCallbackNumber' + DESC 'replyItem: Callback-Number' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.6 + NAME 'radiusCalledStationId' + DESC 'controlItem: Called-Station-Id' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.7 + NAME 'radiusCallingStationId' + DESC 'controlItem: Calling-Station-Id' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.8 + NAME 'radiusClass' + DESC 'replyItem: Class' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.45 + NAME 'radiusClientIPAddress' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.9 + NAME 'radiusFilterId' + DESC 'replyItem: Filter-Id' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.10 + NAME 'radiusFramedAppleTalkLink' + DESC 'replyItem: Framed-AppleTalk-Link' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.11 + NAME 'radiusFramedAppleTalkNetwork' + DESC 'replyItem: Framed-AppleTalk-Network' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.12 + NAME 'radiusFramedAppleTalkZone' + DESC 'replyItem: Framed-AppleTalk-Zone' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.13 + NAME 'radiusFramedCompression' + DESC 'replyItem: Framed-Compression' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.14 + NAME 'radiusFramedIPAddress' + DESC 'replyItem: Framed-IP-Address' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.15 + NAME 'radiusFramedIPNetmask' + DESC 'replyItem: Framed-IP-Netmask' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.16 + NAME 'radiusFramedIPXNetwork' + DESC 'replyItem: Framed-IPX-Network' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.17 + NAME 'radiusFramedMTU' + DESC 'replyItem: Framed-MTU' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.18 + NAME 'radiusFramedProtocol' + DESC 'replyItem: Framed-Protocol' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.19 + NAME 'radiusFramedRoute' + DESC 'replyItem: Framed-Route' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.20 + NAME 'radiusFramedRouting' + DESC 'replyItem: Framed-Routing' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.46 + NAME 'radiusGroupName' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.47 + NAME 'radiusHint' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.48 + NAME 'radiusHuntgroupName' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.21 + NAME 'radiusIdleTimeout' + DESC 'replyItem: Idle-Timeout' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.22 + NAME 'radiusLoginIPHost' + DESC 'replyItem: Login-IP-Host' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.23 + NAME 'radiusLoginLATGroup' + DESC 'replyItem: Login-LAT-Group' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.24 + NAME 'radiusLoginLATNode' + DESC 'replyItem: Login-LAT-Node' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.25 + NAME 'radiusLoginLATPort' + DESC 'replyItem: Login-LAT-Port' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.26 + NAME 'radiusLoginLATService' + DESC 'replyItem: Login-LAT-Service' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.27 + NAME 'radiusLoginService' + DESC 'replyItem: Login-Service' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.28 + NAME 'radiusLoginTCPPort' + DESC 'replyItem: Login-TCP-Port' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.29 + NAME 'radiusPasswordRetry' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.30 + NAME 'radiusPortLimit' + DESC 'replyItem: Port-Limit' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.49 + NAME 'radiusProfileDN' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.31 + NAME 'radiusPrompt' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.50 + NAME 'radiusProxyToRealm' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.51 + NAME 'radiusReplicateToRealm' + DESC 'control:Replicate-To-Realm' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.52 + NAME 'radiusRealm' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.32 + NAME 'radiusServiceType' + DESC 'replyItem: Service-Type' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.33 + NAME 'radiusSessionTimeout' + DESC 'replyItem: Session-Timeout' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.34 + NAME 'radiusTerminationAction' + DESC 'replyItem: Termination-Action' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.35 + NAME 'radiusTunnelAssignmentId' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.36 + NAME 'radiusTunnelMediumType' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.37 + NAME 'radiusTunnelPassword' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.38 + NAME 'radiusTunnelPreference' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.39 + NAME 'radiusTunnelPrivateGroupId' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.40 + NAME 'radiusTunnelServerEndpoint' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.41 + NAME 'radiusTunnelType' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.42 + NAME 'radiusVSA' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.43 + NAME 'radiusTunnelClientEndpoint' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.53 + NAME 'radiusSimultaneousUse' + DESC 'controlItem: Simultaneous-Use' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.54 + NAME 'radiusLoginTime' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.55 + NAME 'radiusUserCategory' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.56 + NAME 'radiusStripUserName' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.57 + NAME 'dialupAccess' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.58 + NAME 'radiusExpiration' + DESC 'controlItem: Expiration' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.59 + NAME 'radiusAttribute' + DESC 'controlItem: $GENERIC$' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.61 + NAME 'radiusNASIpAddress' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + SINGLE-VALUE + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.62 + NAME 'radiusReplyMessage' + DESC 'replyItem: Reply-Message' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.63 + NAME 'radiusControlAttribute' + DESC 'controlItem: $GENERIC$' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.64 + NAME 'radiusReplyAttribute' + DESC 'replyItem: $GENERIC$' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + ) + +attributetype ( 1.3.6.1.4.1.11344.4.3.1.65 + NAME 'radiusRequestAttribute' + DESC 'requestItem: $GENERIC$' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 + ) + +objectclass ( 1.3.6.1.4.1.11344.4.3.2.1 + NAME 'radiusprofile' + SUP top + AUXILIARY + MAY ( radiusArapFeatures $ radiusArapSecurity $ radiusArapZoneAccess $ radiusAuthType $ radiusCallbackId $ radiusCallbackNumber $ radiusCalledStationId $ radiusCallingStationId $ radiusClass $ radiusClientIPAddress $ radiusFilterId $ radiusFramedAppleTalkLink $ radiusFramedAppleTalkNetwork $ radiusFramedAppleTalkZone $ radiusFramedCompression $ radiusFramedIPAddress $ radiusFramedIPNetmask $ radiusFramedIPXNetwork $ radiusFramedMTU $ radiusFramedProtocol $ radiusAttribute $ radiusFramedRoute $ radiusFramedRouting $ radiusIdleTimeout $ radiusGroupName $ radiusHint $ radiusHuntgroupName $ radiusLoginIPHost $ radiusLoginLATGroup $ radiusLoginLATNode $ radiusLoginLATPort $ radiusLoginLATService $ radiusLoginService $ radiusLoginTCPPort $ radiusLoginTime $ radiusPasswordRetry $ radiusPortLimit $ radiusPrompt $ radiusProxyToRealm $ radiusRealm $ radiusReplicateToRealm $ radiusServiceType $ radiusSessionTimeout $ radiusStripUserName $ radiusTerminationAction $ radiusTunnelClientEndpoint $ radiusProfileDN $ radiusSimultaneousUse $ radiusTunnelAssignmentId $ radiusTunnelMediumType $ radiusTunnelPassword $ radiusTunnelPreference $ radiusTunnelPrivateGroupId $ radiusTunnelServerEndpoint $ radiusTunnelType $ radiusUserCategory $ radiusVSA $ radiusExpiration $ dialupAccess $ radiusNASIpAddress $ radiusReplyMessage $ radiusControlAttribute $ radiusReplyAttribute $ radiusRequestAttribute ) + ) + +objectclass ( 1.3.6.1.4.1.11344.4.3.2.2 + NAME 'radiusObjectProfile' + DESC 'A Container Objectclass to be used for creating radius profile object' + SUP top + STRUCTURAL + MUST cn + MAY ( uid $ userPassword $ description ) + ) + diff --git a/doc/schemas/ldap/samba/README.txt b/doc/schemas/ldap/samba/README.txt new file mode 100644 index 0000000..6c87461 --- /dev/null +++ b/doc/schemas/ldap/samba/README.txt @@ -0,0 +1,11 @@ +Change "dc=samba4,dc=internal" to your LDAP base DN, +then install with: + +ldbmodify -H /usr/local/samba/private/sam.ldb freeradius-attrs.ldif \ + --option="dsdb:schema update allowed"=true +ldbmodify -H /usr/local/samba/private/sam.ldb freeradius-classes.ldif \ + --option="dsdb:schema update allowed"=true + +These files were created by scripts/ldap/schema_to_samba.py, then +split into two because the attributes must be loaded in a separate +operation to the classes which use them. diff --git a/doc/schemas/ldap/samba/freeradius-attrs.ldif b/doc/schemas/ldap/samba/freeradius-attrs.ldif new file mode 100644 index 0000000..6edc614 --- /dev/null +++ b/doc/schemas/ldap/samba/freeradius-attrs.ldif @@ -0,0 +1,806 @@ +dn: CN=radiusArapFeatures,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.1 +isSingleValued: TRUE +cn: radiusArapFeatures +name: radiusArapFeatures +lDAPDisplayName: radiusArapFeatures +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusArapSecurity,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.2 +isSingleValued: TRUE +cn: radiusArapSecurity +name: radiusArapSecurity +lDAPDisplayName: radiusArapSecurity +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusArapZoneAccess,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.3 +isSingleValued: TRUE +cn: radiusArapZoneAccess +name: radiusArapZoneAccess +lDAPDisplayName: radiusArapZoneAccess +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusAuthType,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.44 +isSingleValued: TRUE +cn: radiusAuthType +name: radiusAuthType +lDAPDisplayName: radiusAuthType +description: controlItem: Auth-Type +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusCallbackId,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.4 +isSingleValued: TRUE +cn: radiusCallbackId +name: radiusCallbackId +lDAPDisplayName: radiusCallbackId +description: replyItem: Callback-Id +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusCallbackNumber,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.5 +isSingleValued: TRUE +cn: radiusCallbackNumber +name: radiusCallbackNumber +lDAPDisplayName: radiusCallbackNumber +description: replyItem: Callback-Number +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusCalledStationId,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.6 +isSingleValued: TRUE +cn: radiusCalledStationId +name: radiusCalledStationId +lDAPDisplayName: radiusCalledStationId +description: controlItem: Called-Station-Id +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusCallingStationId,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.7 +isSingleValued: TRUE +cn: radiusCallingStationId +name: radiusCallingStationId +lDAPDisplayName: radiusCallingStationId +description: controlItem: Calling-Station-Id +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusClass,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.8 +isSingleValued: FALSE +cn: radiusClass +name: radiusClass +lDAPDisplayName: radiusClass +description: replyItem: Class +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusClientIPAddress,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.45 +isSingleValued: TRUE +cn: radiusClientIPAddress +name: radiusClientIPAddress +lDAPDisplayName: radiusClientIPAddress +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusFilterId,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.9 +isSingleValued: FALSE +cn: radiusFilterId +name: radiusFilterId +lDAPDisplayName: radiusFilterId +description: replyItem: Filter-Id +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusFramedAppleTalkLink,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.10 +isSingleValued: TRUE +cn: radiusFramedAppleTalkLink +name: radiusFramedAppleTalkLink +lDAPDisplayName: radiusFramedAppleTalkLink +description: replyItem: Framed-AppleTalk-Link +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusFramedAppleTalkNetwork,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.11 +isSingleValued: FALSE +cn: radiusFramedAppleTalkNetwork +name: radiusFramedAppleTalkNetwork +lDAPDisplayName: radiusFramedAppleTalkNetwork +description: replyItem: Framed-AppleTalk-Network +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusFramedAppleTalkZone,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.12 +isSingleValued: TRUE +cn: radiusFramedAppleTalkZone +name: radiusFramedAppleTalkZone +lDAPDisplayName: radiusFramedAppleTalkZone +description: replyItem: Framed-AppleTalk-Zone +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusFramedCompression,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.13 +isSingleValued: FALSE +cn: radiusFramedCompression +name: radiusFramedCompression +lDAPDisplayName: radiusFramedCompression +description: replyItem: Framed-Compression +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusFramedIPAddress,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.14 +isSingleValued: TRUE +cn: radiusFramedIPAddress +name: radiusFramedIPAddress +lDAPDisplayName: radiusFramedIPAddress +description: replyItem: Framed-IP-Address +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusFramedIPNetmask,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.15 +isSingleValued: TRUE +cn: radiusFramedIPNetmask +name: radiusFramedIPNetmask +lDAPDisplayName: radiusFramedIPNetmask +description: replyItem: Framed-IP-Netmask +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusFramedIPXNetwork,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.16 +isSingleValued: TRUE +cn: radiusFramedIPXNetwork +name: radiusFramedIPXNetwork +lDAPDisplayName: radiusFramedIPXNetwork +description: replyItem: Framed-IPX-Network +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusFramedMTU,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.17 +isSingleValued: TRUE +cn: radiusFramedMTU +name: radiusFramedMTU +lDAPDisplayName: radiusFramedMTU +description: replyItem: Framed-MTU +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusFramedProtocol,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.18 +isSingleValued: TRUE +cn: radiusFramedProtocol +name: radiusFramedProtocol +lDAPDisplayName: radiusFramedProtocol +description: replyItem: Framed-Protocol +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusFramedRoute,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.19 +isSingleValued: FALSE +cn: radiusFramedRoute +name: radiusFramedRoute +lDAPDisplayName: radiusFramedRoute +description: replyItem: Framed-Route +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusFramedRouting,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.20 +isSingleValued: TRUE +cn: radiusFramedRouting +name: radiusFramedRouting +lDAPDisplayName: radiusFramedRouting +description: replyItem: Framed-Routing +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusGroupName,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.46 +isSingleValued: FALSE +cn: radiusGroupName +name: radiusGroupName +lDAPDisplayName: radiusGroupName +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusHint,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.47 +isSingleValued: TRUE +cn: radiusHint +name: radiusHint +lDAPDisplayName: radiusHint +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusHuntgroupName,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.48 +isSingleValued: FALSE +cn: radiusHuntgroupName +name: radiusHuntgroupName +lDAPDisplayName: radiusHuntgroupName +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusIdleTimeout,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.21 +isSingleValued: TRUE +cn: radiusIdleTimeout +name: radiusIdleTimeout +lDAPDisplayName: radiusIdleTimeout +description: replyItem: Idle-Timeout +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusLoginIPHost,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.22 +isSingleValued: FALSE +cn: radiusLoginIPHost +name: radiusLoginIPHost +lDAPDisplayName: radiusLoginIPHost +description: replyItem: Login-IP-Host +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusLoginLATGroup,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.23 +isSingleValued: TRUE +cn: radiusLoginLATGroup +name: radiusLoginLATGroup +lDAPDisplayName: radiusLoginLATGroup +description: replyItem: Login-LAT-Group +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusLoginLATNode,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.24 +isSingleValued: TRUE +cn: radiusLoginLATNode +name: radiusLoginLATNode +lDAPDisplayName: radiusLoginLATNode +description: replyItem: Login-LAT-Node +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusLoginLATPort,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.25 +isSingleValued: TRUE +cn: radiusLoginLATPort +name: radiusLoginLATPort +lDAPDisplayName: radiusLoginLATPort +description: replyItem: Login-LAT-Port +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusLoginLATService,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.26 +isSingleValued: TRUE +cn: radiusLoginLATService +name: radiusLoginLATService +lDAPDisplayName: radiusLoginLATService +description: replyItem: Login-LAT-Service +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusLoginService,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.27 +isSingleValued: TRUE +cn: radiusLoginService +name: radiusLoginService +lDAPDisplayName: radiusLoginService +description: replyItem: Login-Service +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusLoginTCPPort,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.28 +isSingleValued: TRUE +cn: radiusLoginTCPPort +name: radiusLoginTCPPort +lDAPDisplayName: radiusLoginTCPPort +description: replyItem: Login-TCP-Port +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusPasswordRetry,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.29 +isSingleValued: TRUE +cn: radiusPasswordRetry +name: radiusPasswordRetry +lDAPDisplayName: radiusPasswordRetry +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusPortLimit,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.30 +isSingleValued: TRUE +cn: radiusPortLimit +name: radiusPortLimit +lDAPDisplayName: radiusPortLimit +description: replyItem: Port-Limit +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusProfileDN,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.49 +isSingleValued: FALSE +cn: radiusProfileDN +name: radiusProfileDN +lDAPDisplayName: radiusProfileDN +attributeSyntax: 2.5.5.1 +oMSyntax: 127 + +dn: CN=radiusPrompt,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.31 +isSingleValued: TRUE +cn: radiusPrompt +name: radiusPrompt +lDAPDisplayName: radiusPrompt +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusProxyToRealm,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.50 +isSingleValued: TRUE +cn: radiusProxyToRealm +name: radiusProxyToRealm +lDAPDisplayName: radiusProxyToRealm +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusReplicateToRealm,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.51 +isSingleValued: TRUE +cn: radiusReplicateToRealm +name: radiusReplicateToRealm +lDAPDisplayName: radiusReplicateToRealm +description: control:Replicate-To-Realm +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusRealm,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.52 +isSingleValued: TRUE +cn: radiusRealm +name: radiusRealm +lDAPDisplayName: radiusRealm +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusServiceType,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.32 +isSingleValued: TRUE +cn: radiusServiceType +name: radiusServiceType +lDAPDisplayName: radiusServiceType +description: replyItem: Service-Type +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusSessionTimeout,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.33 +isSingleValued: TRUE +cn: radiusSessionTimeout +name: radiusSessionTimeout +lDAPDisplayName: radiusSessionTimeout +description: replyItem: Session-Timeout +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusTerminationAction,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.34 +isSingleValued: TRUE +cn: radiusTerminationAction +name: radiusTerminationAction +lDAPDisplayName: radiusTerminationAction +description: replyItem: Termination-Action +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusTunnelAssignmentId,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.35 +isSingleValued: FALSE +cn: radiusTunnelAssignmentId +name: radiusTunnelAssignmentId +lDAPDisplayName: radiusTunnelAssignmentId +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusTunnelMediumType,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.36 +isSingleValued: FALSE +cn: radiusTunnelMediumType +name: radiusTunnelMediumType +lDAPDisplayName: radiusTunnelMediumType +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusTunnelPassword,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.37 +isSingleValued: TRUE +cn: radiusTunnelPassword +name: radiusTunnelPassword +lDAPDisplayName: radiusTunnelPassword +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusTunnelPreference,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.38 +isSingleValued: FALSE +cn: radiusTunnelPreference +name: radiusTunnelPreference +lDAPDisplayName: radiusTunnelPreference +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusTunnelPrivateGroupId,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.39 +isSingleValued: FALSE +cn: radiusTunnelPrivateGroupId +name: radiusTunnelPrivateGroupId +lDAPDisplayName: radiusTunnelPrivateGroupId +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusTunnelServerEndpoint,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.40 +isSingleValued: FALSE +cn: radiusTunnelServerEndpoint +name: radiusTunnelServerEndpoint +lDAPDisplayName: radiusTunnelServerEndpoint +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusTunnelType,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.41 +isSingleValued: FALSE +cn: radiusTunnelType +name: radiusTunnelType +lDAPDisplayName: radiusTunnelType +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusVSA,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.42 +isSingleValued: FALSE +cn: radiusVSA +name: radiusVSA +lDAPDisplayName: radiusVSA +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusTunnelClientEndpoint,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.43 +isSingleValued: FALSE +cn: radiusTunnelClientEndpoint +name: radiusTunnelClientEndpoint +lDAPDisplayName: radiusTunnelClientEndpoint +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusSimultaneousUse,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.53 +isSingleValued: TRUE +cn: radiusSimultaneousUse +name: radiusSimultaneousUse +lDAPDisplayName: radiusSimultaneousUse +description: controlItem: Simultaneous-Use +attributeSyntax: 2.5.5.9 +oMSyntax: 10 + +dn: CN=radiusLoginTime,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.54 +isSingleValued: TRUE +cn: radiusLoginTime +name: radiusLoginTime +lDAPDisplayName: radiusLoginTime +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusUserCategory,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.55 +isSingleValued: TRUE +cn: radiusUserCategory +name: radiusUserCategory +lDAPDisplayName: radiusUserCategory +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusStripUserName,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.56 +isSingleValued: TRUE +cn: radiusStripUserName +name: radiusStripUserName +lDAPDisplayName: radiusStripUserName +attributeSyntax: 2.5.5.8 +oMSyntax: 1 + +dn: CN=dialupAccess,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.57 +isSingleValued: TRUE +cn: dialupAccess +name: dialupAccess +lDAPDisplayName: dialupAccess +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusExpiration,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.58 +isSingleValued: TRUE +cn: radiusExpiration +name: radiusExpiration +lDAPDisplayName: radiusExpiration +description: controlItem: Expiration +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusAttribute,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.59 +isSingleValued: FALSE +cn: radiusAttribute +name: radiusAttribute +lDAPDisplayName: radiusAttribute +description: controlItem: $GENERIC$ +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusNASIpAddress,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.61 +isSingleValued: TRUE +cn: radiusNASIpAddress +name: radiusNASIpAddress +lDAPDisplayName: radiusNASIpAddress +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusReplyMessage,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.62 +isSingleValued: FALSE +cn: radiusReplyMessage +name: radiusReplyMessage +lDAPDisplayName: radiusReplyMessage +description: replyItem: Reply-Message +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusControlAttribute,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.63 +isSingleValued: FALSE +cn: radiusControlAttribute +name: radiusControlAttribute +lDAPDisplayName: radiusControlAttribute +description: controlItem: $GENERIC$ +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusReplyAttribute,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.64 +isSingleValued: FALSE +cn: radiusReplyAttribute +name: radiusReplyAttribute +lDAPDisplayName: radiusReplyAttribute +description: replyItem: $GENERIC$ +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + +dn: CN=radiusRequestAttribute,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.4.3.1.65 +isSingleValued: FALSE +cn: radiusRequestAttribute +name: radiusRequestAttribute +lDAPDisplayName: radiusRequestAttribute +description: requestItem: $GENERIC$ +attributeSyntax: 2.5.5.5 +oMSyntax: 22 + diff --git a/doc/schemas/ldap/samba/freeradius-classes.ldif b/doc/schemas/ldap/samba/freeradius-classes.ldif new file mode 100644 index 0000000..455069e --- /dev/null +++ b/doc/schemas/ldap/samba/freeradius-classes.ldif @@ -0,0 +1,91 @@ +dn: CN=radiusprofile,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: classSchema +governsID: 1.3.6.1.4.1.11344.4.3.2.1 +cn: radiusprofile +name: radiusprofile +lDAPDisplayName: radiusprofile +subClassOf: top +objectClassCategory: 3 +mayContain: radiusArapFeatures +mayContain: radiusArapSecurity +mayContain: radiusArapZoneAccess +mayContain: radiusAuthType +mayContain: radiusCallbackId +mayContain: radiusCallbackNumber +mayContain: radiusCalledStationId +mayContain: radiusCallingStationId +mayContain: radiusClass +mayContain: radiusClientIPAddress +mayContain: radiusFilterId +mayContain: radiusFramedAppleTalkLink +mayContain: radiusFramedAppleTalkNetwork +mayContain: radiusFramedAppleTalkZone +mayContain: radiusFramedCompression +mayContain: radiusFramedIPAddress +mayContain: radiusFramedIPNetmask +mayContain: radiusFramedIPXNetwork +mayContain: radiusFramedMTU +mayContain: radiusFramedProtocol +mayContain: radiusAttribute +mayContain: radiusFramedRoute +mayContain: radiusFramedRouting +mayContain: radiusIdleTimeout +mayContain: radiusGroupName +mayContain: radiusHint +mayContain: radiusHuntgroupName +mayContain: radiusLoginIPHost +mayContain: radiusLoginLATGroup +mayContain: radiusLoginLATNode +mayContain: radiusLoginLATPort +mayContain: radiusLoginLATService +mayContain: radiusLoginService +mayContain: radiusLoginTCPPort +mayContain: radiusLoginTime +mayContain: radiusPasswordRetry +mayContain: radiusPortLimit +mayContain: radiusPrompt +mayContain: radiusProxyToRealm +mayContain: radiusRealm +mayContain: radiusReplicateToRealm +mayContain: radiusServiceType +mayContain: radiusSessionTimeout +mayContain: radiusStripUserName +mayContain: radiusTerminationAction +mayContain: radiusTunnelClientEndpoint +mayContain: radiusProfileDN +mayContain: radiusSimultaneousUse +mayContain: radiusTunnelAssignmentId +mayContain: radiusTunnelMediumType +mayContain: radiusTunnelPassword +mayContain: radiusTunnelPreference +mayContain: radiusTunnelPrivateGroupId +mayContain: radiusTunnelServerEndpoint +mayContain: radiusTunnelType +mayContain: radiusUserCategory +mayContain: radiusVSA +mayContain: radiusExpiration +mayContain: dialupAccess +mayContain: radiusNASIpAddress +mayContain: radiusReplyMessage +mayContain: radiusControlAttribute +mayContain: radiusReplyAttribute +mayContain: radiusRequestAttribute + +dn: CN=radiusObjectProfile,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: classSchema +governsID: 1.3.6.1.4.1.11344.4.3.2.2 +cn: radiusObjectProfile +name: radiusObjectProfile +lDAPDisplayName: radiusObjectProfile +description: A Container Objectclass to be used for creating radius profile object +subClassOf: top +objectClassCategory: 1 +mustContain: cn +mayContain: uid +mayContain: userPassword +mayContain: description + diff --git a/doc/schemas/ldap/samba/freeradius-clients-attrs.ldif b/doc/schemas/ldap/samba/freeradius-clients-attrs.ldif new file mode 100644 index 0000000..c523da4 --- /dev/null +++ b/doc/schemas/ldap/samba/freeradius-clients-attrs.ldif @@ -0,0 +1,91 @@ +dn: CN=radiusClientIdentifier,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.1.100.2.1 +isSingleValued: TRUE +cn: radiusClientIdentifier +name: radiusClientIdentifier +lDAPDisplayName: radiusClientIdentifier +description: Client Identifier +attributeSyntax: 2.5.5.3 +oMSyntax: 27 + +dn: CN=radiusClientSecret,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.1.100.2.2 +isSingleValued: TRUE +cn: radiusClientSecret +name: radiusClientSecret +lDAPDisplayName: radiusClientSecret +description: Client Secret +attributeSyntax: 2.5.5.3 +oMSyntax: 27 + +dn: CN=radiusClientShortname,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.1.100.2.3 +isSingleValued: TRUE +cn: radiusClientShortname +name: radiusClientShortname +lDAPDisplayName: radiusClientShortname +description: Client Shortname +attributeSyntax: 2.5.5.3 +oMSyntax: 27 + +dn: CN=radiusClientVirtualServer,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.1.100.2.4 +isSingleValued: TRUE +cn: radiusClientVirtualServer +name: radiusClientVirtualServer +lDAPDisplayName: radiusClientVirtualServer +description: VirtualServer +attributeSyntax: 2.5.5.3 +oMSyntax: 27 + +dn: CN=radiusClientType,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.1.100.2.5 +isSingleValued: TRUE +cn: radiusClientType +name: radiusClientType +lDAPDisplayName: radiusClientType +description: Client Type +attributeSyntax: 2.5.5.3 +oMSyntax: 27 + +dn: CN=radiusClientRequireMa,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.1.100.2.6 +isSingleValued: TRUE +cn: radiusClientRequireMa +name: radiusClientRequireMa +lDAPDisplayName: radiusClientRequireMa +description: Require Message Authenticator +attributeSyntax: 2.5.5.8 +oMSyntax: 1 + +dn: CN=radiusClientComment,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.11344.1.100.2.7 +isSingleValued: TRUE +cn: radiusClientComment +name: radiusClientComment +lDAPDisplayName: radiusClientComment +description: Client comment +attributeSyntax: 2.5.5.3 +oMSyntax: 27 + diff --git a/doc/schemas/ldap/samba/freeradius-clients-classes.ldif b/doc/schemas/ldap/samba/freeradius-clients-classes.ldif new file mode 100644 index 0000000..24eade2 --- /dev/null +++ b/doc/schemas/ldap/samba/freeradius-clients-classes.ldif @@ -0,0 +1,19 @@ +dn: CN=radiusClient,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: add +objectClass: top +objectClass: classSchema +governsID: 1.3.6.1.4.1.11344.1.100.1.1 +cn: radiusClient +name: radiusClient +lDAPDisplayName: radiusClient +description: radiusClient object class +subClassOf: top +objectClassCategory: 1 +mustContain: radiusClientIdentifier +mustContain: radiusClientSecret +mayContain: radiusClientShortname +mayContain: radiusClientVirtualServer +mayContain: radiusClientType +mayContain: radiusClientRequireMa +mayContain: radiusClientComment + diff --git a/doc/schemas/ldap/samba/freeradius-user.ldif b/doc/schemas/ldap/samba/freeradius-user.ldif new file mode 100644 index 0000000..d252a7c --- /dev/null +++ b/doc/schemas/ldap/samba/freeradius-user.ldif @@ -0,0 +1,10 @@ +# Use this if you want to be able to apply radiusprofile +# Auxiliary class directly to Users in the directory. +# Install with: +# ldbmodify -H /usr/local/samba/private/sam.ldb \ +# user.ldif \ +# --option="dsdb:schema update allowed"=true +dn: CN=User,CN=Schema,CN=Configuration,dc=samba4,dc=internal +changetype: modify +add: auxiliaryClass +auxiliaryClass: radiusprofile -- cgit v1.2.3