########################################################################
-# Attribute Type Definitions #
+# Attribute Type Definitions #
########################################################################
##### This is the principal name in the RFC 1964 specified format
attributetype ( 2.16.840.1.113719.1.301.4.1.1
NAME 'krbPrincipalName'
EQUALITY caseExactIA5Match
- SUBSTR caseExactSubstringsMatch
+ SUBSTR caseExactSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
##### If there are multiple krbPrincipalName values for an entry, this
##### The values (0x00000001 - 0x00800000) are reserved for standards and
##### values (0x01000000 - 0x80000000) can be used for proprietary extensions.
##### The flags and values as per RFC 4120 and MIT implementation are,
-##### DISALLOW_POSTDATED 0x00000001
-##### DISALLOW_FORWARDABLE 0x00000002
+##### DISALLOW_POSTDATED 0x00000001
+##### DISALLOW_FORWARDABLE 0x00000002
##### DISALLOW_TGT_BASED 0x00000004
##### DISALLOW_RENEWABLE 0x00000008
##### DISALLOW_PROXIABLE 0x00000010
########################################################################
########################################################################
-# Object Class Definitions #
+# Object Class Definitions #
########################################################################
#### This is a kerberos container for all the realms in a tree.
objectclass ( 2.16.840.1.113719.1.301.6.1.1
NAME 'krbContainer'
SUP top
- STRUCTURAL
+ STRUCTURAL
MUST ( cn ) )
objectclass ( 2.16.840.1.113719.1.301.6.2.1
NAME 'krbRealmContainer'
SUP top
- STRUCTURAL
+ STRUCTURAL
MUST ( cn )
MAY ( krbMKey $ krbUPEnabled $ krbSubTrees $ krbSearchScope $ krbLdapServers $ krbSupportedEncSaltTypes $ krbDefaultEncSaltTypes $ krbTicketPolicyReference $ krbKdcServers $ krbPwdServers $ krbAdmServers $ krbPrincNamingAttr $ krbPwdPolicyReference $ krbPrincContainerRef ) )
objectclass ( 2.16.840.1.113719.1.301.6.4.1
NAME 'krbKdcService'
SUP krbService
- STRUCTURAL )
+ STRUCTURAL )
##### Representative object for the Kerberos Password server to bind into a LDAP directory
objectclass ( 2.16.840.1.113719.1.301.6.5.1
NAME 'krbPwdService'
SUP krbService
- STRUCTURAL )
+ STRUCTURAL )
###### The principal data auxiliary class. Holds principal information
objectclass ( 2.16.840.1.113719.1.301.6.8.1
NAME 'krbPrincipalAux'
- SUP top
+ SUP top
AUXILIARY
MAY ( krbPrincipalName $ krbCanonicalName $ krbUPEnabled $ krbPrincipalKey $ krbTicketPolicyReference $ krbPrincipalExpiration $ krbPasswordExpiration $ krbPwdPolicyReference $ krbPrincipalType $ krbPwdHistory $ krbLastPwdChange $ krbLastAdminUnlock $ krbPrincipalAliases $ krbLastSuccessfulAuth $ krbLastFailedAuth $ krbLoginFailedCount $ krbExtraData $ krbAllowedToDelegateTo ) )
NAME 'krbPrincipal'
SUP top
MUST ( krbPrincipalName )
- MAY ( krbObjectReferences ) )
+ MAY ( krbObjectReferences ) )
###### The principal references auxiliary class. Holds all principals referred
objectclass ( 2.16.840.1.113719.1.301.6.13.1
NAME 'krbAdmService'
SUP krbService
- STRUCTURAL )
+ STRUCTURAL )
##### The krbPwdPolicy object is a template password policy that
projects / config / uhu1 / etc.git / commitdiff