Sure.
Steve
----
# radiator-ldap.schema
#
# Sample OpenLDAP schema for Radiator (www.open.com.au/radiator) for
# use with AuthLDAPRADIUS
#
# To use this schema, add a line like this to your
/etc/openldap/slapd.conf:
# include /path/to/your/radiator-ldap.schema
#
# A sample LDIF file to insert a sample record for testing can be
found
# in goodies/radiator-ldap.ldif
#
# Author: Mike McCauley ([EMAIL PROTECTED])
# Copyright (C) 2004 Open System Consultants
# $Id: radiator-ldap.schema,v 1.2 2004/10/04 10:35:03 mikem Exp $
# The following OID arcs are defined:
# 1.3.6.1.4.1.9048.1.1 OSC defined attribute types
# 1.3.6.1.4.1.9048.1.2 OSC defined attribute syntaxes
# 1.3.6.1.4.1.9048.1.3 OSC defined object classes
############################################################################
# oscRadiusRealm object defines which Radius servers to proxy users
# from a given realm.
attributetype ( 1.3.6.1.4.1.9048.1.1.1 NAME 'oscRadiusTarget'
DESC 'Users with this realm will be proxied to the specified
oscRadiusHost'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{50} )
attributetype ( 1.3.6.1.4.1.9048.1.1.2 NAME 'oscRadiusHost'
DESC 'Name or IP address of a radius host to proxy to'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{50} )
attributetype ( 1.3.6.1.4.1.9048.1.1.3 NAME 'oscRadiusSecret'
DESC 'Shared secret for Radius client or remote server'
EQUALITY caseExactMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{50} )
attributetype ( 1.3.6.1.4.1.9048.1.1.4 NAME 'oscRadiusAuthPort'
DESC 'Authentication port number or name'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{20} SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.9048.1.1.5 NAME 'oscRadiusAcctPort'
DESC 'Accounting port number or name'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{20} SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.9048.1.1.6 NAME 'oscRadiusRetries'
DESC 'Max number of retransmissions'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.9048.1.1.7 NAME 'oscRadiusRetryTimeout'
DESC 'Number of seconds to wait before retransmission'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.9048.1.1.8 NAME
'oscRadiusUseOldAscendPasswords'
DESC 'True if old Ascend compatible passwords are to be sent'
EQUALITY booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.9048.1.1.9 NAME
'oscRadiusServerHasBrokenPortNumbers'
DESC 'True if remote server replies from different port the
request was sent to'
EQUALITY booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.9048.1.1.10 NAME
'oscRadiusServerHasBrokenAddresses'
DESC 'True if remote server replies from different address the
request was sent to'
EQUALITY booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.9048.1.1.11 NAME
'oscRadiusIgnoreReplySignature'
DESC 'True if the signature in replies from the remote server
are known to be incorrect'
EQUALITY booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE)
# Value of failure policy can be:
# 0 ACCEPT
# 1 REJECT
# 2 IGNORE
# 3 CHALLENGE
# 4 REJECT_IMMEDIATE
attributetype ( 1.3.6.1.4.1.9048.1.1.12 NAME 'oscRadiusFailurePolicy'
DESC 'How to respond to original request if no reply is ever
received from remote server'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
objectclass ( 1.3.6.1.4.1.9048.1.3.1 NAME 'oscRadiusRealm' SUP top
STRUCTURAL
DESC 'OSC Radius proxy realm'
MUST ( oscRadiusTarget $ oscRadiusHost $ oscRadiusSecret)
MAY ( cn $ oscRadiusAuthPort $ oscRadiusAcctPort $
oscRadiusRetries $ oscRadiusRetryTimeout $
oscRadiusUseOldAscendPasswords $ oscRadiusServerHasBrokenPortNumbers
$ oscRadiusServerHasBrokenAddresses $
oscRadiusIgnoreReplySignature $ oscRadiusFailurePolicy))
############################################################################
# oscRadiusClient object defines which Radius clients we are willing
to accept
# requests from. Note that the attribute names are derived from the
standard Clinet clause paramter names,
# and are consistent with the default behaviour of the ClientListLDAP
clause
attributetype ( 1.3.6.1.4.1.9048.1.1.21 NAME 'oscRadiusClientName'
DESC 'Requests from Radius clients with this name or address
will be hounoured by Radiator'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{50} )
attributetype ( 1.3.6.1.4.1.9048.1.1.22 NAME
'oscRadiusIgnoreAcctSignature'
DESC 'True if the signature in accounting requests from this
client are known to be incorrect'
EQUALITY booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.9048.1.1.23 NAME 'oscRadiusDupInterval'
DESC 'Duplicate requests received withing this interval in
seconds are ignored'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.9048.1.1.24 NAME 'oscRadiusNasType'
DESC 'Type of NAS'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{50} SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.9048.1.1.25 NAME 'oscRadiusSNMPCommunity'
DESC 'The Community name for accessing SNMP on this client'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{50} SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.9048.1.1.26 NAME 'oscRadiusLivingstonOffs'
DESC 'Offset for calculating missing ports'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.9048.1.1.27 NAME 'oscRadiusLivingstonHole'
DESC 'Gap for calculating missing ports'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.9048.1.1.28 NAME
'oscRadiusFramedGroupBaseAddress'
DESC 'Base address for calculating IP addresses'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{50} )
attributetype ( 1.3.6.1.4.1.9048.1.1.29 NAME
'oscRadiusFramedGroupMaxPortsPerClassC'
DESC 'Max number of IP addresses to be allocated within a
class C address range'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.9048.1.1.30 NAME
'oscRadiusFramedGroupPortOffset'
DESC 'Offset for calulating IP addresses'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.9048.1.1.31 NAME
'oscRadiusRewriteUsername'
DESC 'Pattern for rewriting usernames'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{100} )
attributetype ( 1.3.6.1.4.1.9048.1.1.32 NAME
'oscRadiusStatusServerShowClientDetails'
DESC 'True if Status-Server requests from this client should
include Clinet details in the reply'
EQUALITY booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.9048.1.1.33 NAME 'oscRadiusPreHandlerHook'
DESC 'Perl code to be run before requests from this cleint are
passed to a handler'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} )
attributetype ( 1.3.6.1.4.1.9048.1.1.34 NAME 'oscRadiusPacketTrace'
DESC 'True if requests received from this client are top be
packet-traced'
EQUALITY booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.9048.1.1.35 NAME
'oscRadiusIdenticalClients'
DESC 'Names and addresses of other Clients with identical
configuration'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{50} )
attributetype ( 1.3.6.1.4.1.9048.1.1.36 NAME
'oscRadiusNoIgnoreDuplicates'
DESC 'Name of a request type for whioch duplicates will not be
ignored'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{100} )
attributetype ( 1.3.6.1.4.1.9048.1.1.37 NAME 'oscRadiusDefaultReply'
DESC 'Names and values of reply attributes which will be added
only if the reply would otherwise have no reply attributes'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{200} )
attributetype ( 1.3.6.1.4.1.9048.1.1.38 NAME 'oscRadiusFramedGroup'
DESC 'Base address for Framed-Group'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.9048.1.1.39 NAME 'oscRadiusStripFromReply'
DESC 'Names of attributes which will be stripped from all
replies to this client'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{200} )
attributetype ( 1.3.6.1.4.1.9048.1.1.40 NAME 'oscRadiusAllowInReply'
DESC 'Names of attributes which are allowed in replies to this
client'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{200} )
attributetype ( 1.3.6.1.4.1.9048.1.1.41 NAME 'oscRadiusAddToReply'
DESC 'Names and values of reply attributes which will be added
to the reply'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{200} )
attributetype ( 1.3.6.1.4.1.9048.1.1.42 NAME
'oscRadiusAddToReplyIfNotExist'
DESC 'Names and values of reply attributes which will be added
to the reply only if they are not already present'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{200} )
attributetype ( 1.3.6.1.4.1.9048.1.1.43 NAME 'oscRadiusDynamicReply'
DESC 'Names of attributes which are eligible for runtime
variable substitution'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{200} )
attributetype ( 1.3.6.1.4.1.9048.1.1.44 NAME
'oscRadiusStripfromRequest'
DESC 'Names of attributes which are to be stripped from the
request before being passed to a Handler'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{200} )
attributetype ( 1.3.6.1.4.1.9048.1.1.45 NAME 'oscRadiusAddToRequest'
DESC 'Names and values of reply attributes which will be added
to the request before being passed to a Handler'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{200} )
attributetype ( 1.3.6.1.4.1.9048.1.1.46 NAME
'oscRadiusAddToRequestIfNotExist'
DESC 'Names and values of reply attributes which will be added
to the request before being passed to a Handler if they are not
already present'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{200} )
objectclass ( 1.3.6.1.4.1.9048.1.3.21 NAME 'oscRadiusClient' SUP top
STRUCTURAL
DESC 'OSC Radius Client'
MUST ( oscRadiusClientName $ oscRadiusSecret)
MAY ( cn $ oscRadiusIgnoreAcctSignature $
oscRadiusDupInterval $ oscRadiusNasType $
oscRadiusSNMPCommunity $ oscRadiusLivingstonOffs $
oscRadiusLivingstonHole $
oscRadiusFramedGroupBaseAddress $
oscRadiusFramedGroupMaxPortsPerClassC $
oscRadiusFramedGroupPortOffset $ oscRadiusRewriteUsername $
oscRadiusUseOldAscendPasswords $
oscRadiusStatusServerShowClientDetails $
oscRadiusPreHandlerHook $ oscRadiusPacketTrace $
oscRadiusIdenticalClients $ oscRadiusNoIgnoreDuplicates $
oscRadiusDefaultReply $
oscRadiusFramedGroup $ oscRadiusStripFromReply $
oscRadiusAllowInReply $ oscRadiusAddToReply $
oscRadiusAddToReplyIfNotExist $ oscRadiusDynamicReply $
oscRadiusStripfromRequest $
oscRadiusAddToRequest $ oscRadiusAddToRequestIfNotExist))
----
Rich Megginson <[EMAIL PROTECTED]> wrote in message news:<[EMAIL PROTECTED]>...
> Could you post the OpenLDAP .schema file?
>
> awrightus wrote:
> > I have a OpenLDAP .schema file that I want to import into my Netscape
> > Directory Server 6.1 schema. The format of the OpenLDAP .schema file
> > doesn't use the exact same syntax as what's required by 99user.ldif.
> > Is there an easy way to update Netscape's schema with the contents of
> > a OpenLDAP .schema file? Thanks.
> >
> > Steve
_______________________________________________
mozilla-directory mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-directory
