resource/schema/01-pwpolicy.ldif

10139N/A# CDDL HEADER START
10139N/A#
10139N/A# The contents of this file are subject to the terms of the
12158N/A# Common Development and Distribution License, Version 1.0 only
10139N/A# (the "License").  You may not use this file except in compliance
10139N/A# with the License.
10139N/A#
17185N/A# You can obtain a copy of the license at
10139N/A# trunk/opends/resource/legal-notices/OpenDS.LICENSE
10139N/A# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
17178N/A# See the License for the specific language governing permissions
17178N/A# and limitations under the License.
10139N/A#
10139N/A# When distributing Covered Code, include this CDDL HEADER in each
10139N/A# file and include the License file at
17110N/A# trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
10139N/A# add the following below this CDDL HEADER, with the fields enclosed
10139N/A# by brackets "[]" replaced with your own identifying information:
10139N/A#      Portions Copyright [yyyy] [name of copyright owner]
10139N/A#
10139N/A# CDDL HEADER END
16920N/A#
10142N/A#
12132N/A#      Copyright 2006-2010 Sun Microsystems, Inc.
12132N/A#
10142N/A#
12773N/A# This file contains schema definitions from draft-behera-ldap-password-policy,
14434N/A# which defines a mechanism for storing password policy information in an LDAP
12773N/A# directory server.
14434N/Adn: cn=schema
15440N/AobjectClass: top
15440N/AobjectClass: ldapSubentry
15740N/AobjectClass: subschema
10139N/AattributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.1 NAME 'pwdAttribute'
12107N/A  EQUALITY objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.38
10139N/A  X-ORIGIN 'draft-behera-ldap-password-policy' )
10139N/AattributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.2 NAME 'pwdMinAge'
10139N/A  EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE
12796N/A  X-ORIGIN 'draft-behera-ldap-password-policy' )
10139N/AattributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.3 NAME 'pwdMaxAge'
10139N/A  EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE
10139N/A  X-ORIGIN 'draft-behera-ldap-password-policy' )
10139N/AattributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.4 NAME 'pwdInHistory'
10139N/A  EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE
10139N/A  X-ORIGIN 'draft-behera-ldap-password-policy' )
10139N/AattributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.5 NAME 'pwdCheckQuality'
12107N/A  EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE
13969N/A  X-ORIGIN 'draft-behera-ldap-password-policy' )
12107N/AattributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.6 NAME 'pwdMinLength'
14181N/A  EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE
14181N/A  X-ORIGIN 'draft-behera-ldap-password-policy' )
14181N/AattributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.7 NAME 'pwdExpireWarning'
14181N/A  EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE
14181N/A  X-ORIGIN 'draft-behera-ldap-password-policy' )
14181N/AattributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.8 NAME 'pwdGraceAuthNLimit'
15440N/A  EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE
14181N/A  X-ORIGIN 'draft-behera-ldap-password-policy' )
10139N/AattributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.9 NAME 'pwdLockout'
14181N/A  EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE
16852N/A  X-ORIGIN 'draft-behera-ldap-password-policy' )
16852N/AattributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.10 NAME 'pwdLockoutDuration'
17108N/A  EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE
17108N/A  X-ORIGIN 'draft-behera-ldap-password-policy' )
17165N/AattributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.11 NAME 'pwdMaxFailure'
17165N/A  EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE
15864N/A  X-ORIGIN 'draft-behera-ldap-password-policy' )
10139N/AattributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.12 NAME 'pwdFailureCountInterval'
10139N/A  EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE
10139N/A  X-ORIGIN 'draft-behera-ldap-password-policy' )
10139N/AattributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.13 NAME 'pwdMustChange'
10139N/A  EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE
10139N/A  X-ORIGIN 'draft-behera-ldap-password-policy' )
10139N/AattributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.14 NAME 'pwdAllowUserChange'
10139N/A  EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE
10139N/A  X-ORIGIN 'draft-behera-ldap-password-policy' )
10139N/AattributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.15 NAME 'pwdSafeModify'
10139N/A  EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE
10139N/A  X-ORIGIN 'draft-behera-ldap-password-policy' )
10139N/AattributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.16 NAME 'pwdChangedTime'
10139N/A  DESC 'The time the password was last changed' EQUALITY generalizedTimeMatch
10139N/A  ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
10139N/A  SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation
10139N/A  X-ORIGIN 'draft-behera-ldap-password-policy' )
10139N/AattributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.17 NAME 'pwdAccountLockedTime'
10139N/A  DESC 'The time an user account was locked' EQUALITY generalizedTimeMatch
10139N/A  ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
10139N/A  SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation
10139N/A  X-ORIGIN 'draft-behera-ldap-password-policy' )
10139N/AattributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.19 NAME 'pwdFailureTime'
10139N/A  DESC 'The timestamps of the last consecutive authentication failures'
10139N/A  EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch
10139N/A  SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 NO-USER-MODIFICATION
10139N/A  USAGE directoryOperation X-ORIGIN 'draft-behera-ldap-password-policy' )
10139N/AattributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.20 NAME 'pwdHistory'
10139N/A  DESC 'The history of user s passwords' EQUALITY octetStringMatch
10139N/A  SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 NO-USER-MODIFICATION
10139N/A  USAGE directoryOperation X-ORIGIN 'draft-behera-ldap-password-policy' )
10139N/AattributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.21 NAME 'pwdGraceUseTime'
10139N/A  DESC 'The timestamps of the grace authentication after the password has
10139N/A  expired' EQUALITY generalizedTimeMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
10139N/A  NO-USER-MODIFICATION USAGE directoryOperation
10139N/A  X-ORIGIN 'draft-behera-ldap-password-policy' )
10139N/AattributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.22 NAME 'pwdReset'
10139N/A  DESC 'The indication that the password has been reset' EQUALITY booleanMatch
10139N/A  SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE USAGE directoryOperation
10139N/A  X-ORIGIN 'draft-behera-ldap-password-policy' )
10139N/AattributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.23 NAME 'pwdPolicySubentry'
10139N/A  DESC 'The pwdPolicy subentry in effect for this object'
10139N/A  EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
10139N/A  SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation
10139N/A  X-ORIGIN 'draft-behera-ldap-password-policy' )
10139N/AobjectClasses: ( 1.3.6.1.4.1.42.2.27.8.2.1 NAME 'pwdPolicy' SUP top AUXILIARY
10139N/A  MUST ( pwdAttribute ) MAY ( pwdMinAge $ pwdMaxAge $ pwdInHistory $
10139N/A  pwdCheckQuality $ pwdMinLength $ pwdExpireWarning $ pwdGraceAuthNLimit $
10139N/A  pwdLockout $ pwdLockoutDuration $ pwdMaxFailure $ pwdFailureCountInterval $
10139N/A  pwdMustChange $ pwdAllowUserChange $ pwdSafeModify )
10139N/A  X-ORIGIN 'draft-behera-ldap-password-policy' )
10139N/A
10139N/A