1 CHUN GIN TH MC LDAP DIRECTORY SCHEMA

1.1 Cc lp chun ca LDAP

1.1.1 Lp Top Lp i tng tiu chun ca LDAP Kiu schema RFC2256

Thuc tnh bt buc objectClass

1.1.2 Lp Locality Lp ny s dng nh ngha cc phn t i din cho cc a phng hoc cc khu vc a l Kiu schema Tha k Top RFC2256

Thuc tnh bt buc objectClass

Thuc tnh la chn street seeAlso searchGuide st

l description

1.1.3 Lp organization Lp ny s dng nh ngha cc phn t i din cho cc t chc. T chc y c hiu l mt t chc ln, tng ng vi mt on th, mt cng ty hoc x nghip. Kiu schema: Tha k Top RFC2256

Thuc tnh bt buc objectClass o

Thuc tnh la chn userPassword searchGuide seeAlso businessCategory x121Address registeredAddress destinationIndicator preferredDeliveryMethod telexNumber

teletexTerminalIdentifier telephoneNumber internationaliSDNNumber facsimileTelephoneNumber street postOfficeBox postalCode postalAddress physicalDeliveryOfficeName st l description

1.1.4 Lp organizationalUnit Lp ny s dng nh ngha cc phn t i din cho cc n v thuc t chc. Kiu schema: RFC2256

Tha k Top

Thuc tnh bt buc objectClass ou

Thuc tnh la chn

userPassword searchGuide seeAlso businessCategory x121Address registeredAddress destinationIndicator preferredDeliveryMethod telexNumber teletexTerminalIdentifier telephoneNumber internationaliSDNNumber facsimileTelephoneNumber street postOfficeBox postalCode postalAddress physicalDeliveryOfficeName st description

1.1.5 Lp person Lp ny s dng nh ngha cc phn t i din cho cc c nhn.

Kiu schema: Tha k Top RFC2256

Thuc tnh bt buc objectClass sn cn

Thuc tnh la chn userPassword telephoneNumber seeAlso description

1.1.6 Lp organizationalPerson Lp ny s dng nh ngha cc phn t i din cho cc c nhn lm vic cho mt t chc hoc c quan h vi t chc. Kiu schema: Tha k person RFC2256

Thuc tnh bt buc objectClass sn

cn

Thuc tnh la chn userPassword telephoneNumber seeAlso description title x121Address registeredAddress destinationIndicator preferredDeliveryMethod telexNumber teletexTerminalIdentifier internationaliSDNNumber facsimileTelephoneNumber street postOfficeBox postalCode postalAddress physicalDeliveryOfficeName ou st l

1.1.7 Lp organizationalRole Lp ny s dng nh ngha cc phn t i din cho cc vai tr m con ngi c th m nhn trong t chc. Kiu schema: Tha k Top RFC2256

Thuc tnh bt buc objectClass cn

Thuc tnh la chn x121Address registeredAddress destinationIndicator preferredDeliveryMethod telexNumber teletexTerminalIdentifier telephoneNumber internationaliSDNNumber facsimileTelephoneNumber seeAlso roleOccupant street

postOfficeBox postalCode postalAddress physicalDeliveryOfficeName ou st l description

1.1.8 Lp groupOfNames Lp ny nh ngha cc phn t i din cho mt nhm cc tn. Cc tn trong nhm ny khng c sp xp. Kiu schema: Tha k Top RFC2256

Thuc tnh bt buc objectClass member cn

Thuc tnh la chn businessCategory seeAlso owner

ou o description

1.1.9 Lp certificationAuthority Lp ny s dng lu tr cc thng tin v Certificate Authorities (CAs) trong th mc. Kiu schema: RFC2256 Tha k Top

Thuc tnh bt buc objectClass authorityRevocationList certificateRevocationList cACertificate

Thuc tnh la chn 1.1.10 crossCertificatePair

Lp inetOrgPerson

Lp ny s dng nh ngha cc phn t i din cho c nhn lm vic trn h thng mng ca cc t chc chuyn nghip. Kiu schema: Tha k organizationalPerson RFC2798

Thuc tnh bt buc objectClass sn cn

Thuc tnh la chn userPassword telephoneNumber seeAlso description title x121Address registeredAddress destinationIndicator preferredDeliveryMethod telexNumber teletexTerminalIdentifier internationaliSDNNumber facsimileTelephoneNumber street postOfficeBox postalCode postalAddress

physicalDeliveryOfficeName ou st audio businessCategory carLicense departmentNumber displayName employeeNumber employeeType givenName homePhone homePostalAddress initials jpegPhoto labeledURI mail manager mobile o pager photo

roomNumber secretary uid UserCertificate x500UniqueIdentifier preferredLanguage userSMIMECertificate userPKCS12

1.2 Cc lp chun ca VOSA

1.2.1 Lp customDNSdomain Kiu schema: Tha k dNSDomain vosa

Thuc tnh bt buc objectClass sn: H m cn: Tn trong h thng

Thuc tnh la chn Arecord MDRecord MXRecord NSRecord SOARecord CNAMERecord

mailHost mailDrop mail

1.2.2 Lp subscriber Lp ny s dng nh ngha, miu t thng tin cc i tng thu bao cc dch v ca gii php Kiu schema: Tha k inetOrgPerson vosa

Thuc tnh bt buc objectClass sn: H m cn: Tn trong h thng uid: nh danh ca h thng

Thuc tnh la chn userPassword: Mt khu telephoneNumber: S in thoi seeAlso: description: M t title: Tiu x121Address registeredAddress: a ch thng ch destinationIndicator

preferredDeliveryMethod: Phng thc nhn th telexNumber teletexTerminalIdentifier internationaliSDNNumber: S in thoi ISDN facsimileTelephoneNumber: S Fax street: a ch ng ph postOfficeBox: Hm th postalCode: M bu in postalAddress: a ch nhn th qua bu in physicalDeliveryOfficeName: ou: Thuc n v t chc no st: audio: Cha ni dung tp m thanh c nhn businessCategory: Phn lo theo lnh vc kinh doanh carLicense: S giy php li xe departmentNumber: M s phng ban displayName: Tn hin th trn h thng employeeNumber: M s nhn vin employeeType: Loi nhn vin givenName: Tn homePhone: in thoi nh ring homePostalAddress: a ch gi th c nhn qua ng bu in

initials jpegPhoto: nh lu tr theo thut ton nn JPEG labeledURI mail: a ch th in t manager: Lnh o trc tip mobile: S in thoi di ng o: T chc pager: S my nhn tin photo: nh roomNumber: S phng lm vic secretary: Tn th k UserCertificate: Chng nhn ngi s dng x500UniqueIdentifier: Chng nhn theo chun X500 preferredLanguage: Ngn ng thng dng userSMIMECertificate userPKCS12

1.2.3 Lp ftpuser Lp ny s dng nh ngha cc phn t i din cho cc c nhn ng k thu bao s dng dch v ftp (ftp acount) Kiu schema: Tha k top vosa

Thuc tnh bt buc objectClass ftpUser homeDirectory userPassword quota

Thuc tnh la chn description: M t

1.2.4 Lp radiusUser Lp ny s dng nh ngha cc phn t i din cho cc c nhn ng k thu bao s dng dch v truy cp t xa (radius acount) Kiu schema: Tha k top vosa

Thuc tnh bt buc objectClass radiusUser userPassword

Thuc tnh la chn description: M t

1.2.5 Lp newsuser Lp ny s dng nh ngha cc phn t i din cho cc c nhn ng k thu bao mi (new account)

Kiu schema: Tha k top vosa

Thuc tnh bt buc objectClass newsuser userPassword

Thuc tnh la chn description: M t

1.2.6 Lp virtualHost Lp ny s dng nh ngha domain o Kiu schema: Tha k top vosa

Thuc tnh bt buc objectClass virtualHost ftpUser homeDirectory userPassword quota

Thuc tnh la chn description mail mailDrop alias

1.2.7 Lp MXRecords Lp ny s dng nh ngha MX Records s dng DNS Kiu schema: Tha k domainRelatedObject vosa

Thuc tnh bt buc objectClass MXRecord

Thuc tnh la chn description

1.2.8 Lp MXRecords Lp ny s dng nh ngha MX Records s dng DNS Kiu schema: Tha k domainRelatedObject vosa

Thuc tnh bt buc objectClass MXRecord

Thuc tnh la chn Description

1.2.9 Lp ARecords Lp ny s dng nh ngha A Records s dng DNS Kiu schema: Tha k domainRelatedObject vosa

Thuc tnh bt buc objectClass ARecord

Thuc tnh la chn description

1.2.10 Lp Cnames Lp ny s dng nh ngha CName Records s dng DNS Kiu schema: Tha k domainRelatedObject vosa

Thuc tnh bt buc objectClass

CNAMERecord

Thuc tnh la chn description: M t 1.2.11 Lp mailUser Lp ny s dng nh ngha cc phn t i din cho cc c nhn ng k thu bao s dng dch v th in t (mail acount) Kiu schema: Tha k top vosa

Thuc tnh bt buc objectClass mailUser alias userPassword mailDrop mail

Thuc tnh la chn description: M t quota

1.2.13 Lp adminUser Lp ny s dng nh ngha an administrative account

Kiu schema: Tha k top vosa

Thuc tnh bt buc objectClass adminUser userPassword description

Thuc tnh la chn mailUser

1.2.14 Lp customSchema Lp ny s dng nh ngha an quan h tra con Kiu schema: Tha k top vosa

Thuc tnh bt buc objectClass customSchema parent Thuc tnh la chn childs

1.2.15 Lp customAttribute Lp ny s dng nh ngha an support for internationalization Kiu schema: Tha k top vosa

Thuc tnh bt buc objectClass customAttribute

Thuc tnh la chn discardedFor description caption

1.2.16 Lp customValueFor Lp ny s dng nh ngha support for internationalization Kiu schema: Tha k top vosa

Thuc tnh bt buc objectClass customValueFor

Thuc tnh la chn

defaultValue isMulti unicityString unicityScope linkedValue caption help

nbDisplayed nbAdditional donotchange 1.2.16 Lp webUser Lp ny s dng nh ngha cc phn t i din cho cc c nhn ng k thu bao s dng dch v web server v th mc ch s hu ca h(mail acount) Kiu schema: Tha k top vosa

Thuc tnh bt buc objectClass webUser ftpUser homeDirectory userPassword

quota

Thuc tnh la chn description

CHUN GIN CHO DCH V DIRECTORY.

C mt s gin (schema) ca mt s cng ty cung cp v pht trin phn mm th hin chun dch v directory. Cc gin th hin bng cc on lnh oc cng b trn mng. on lnh di y biu din gin ca OpenLDAP c nh ngha cho h thng schema ca Chnh ph attributetype ( 2.16.840.1.113730.3.1.18 NAME 'mailHost' DESC 'fully-qualified hostname of the MTA that is the final SMTP destination of messages to this recipient' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.999.1.1 NAME 'radiusUser' DESC ' a radius User' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.999.1.2 NAME 'ftpUser' DESC ' a ftp User' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.999.1.3 NAME 'newsUser' DESC ' a news User' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.999.1.4 NAME 'proxyUser' DESC ' a proxy User' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.999.1.5 NAME 'webUser' DESC ' a User with an own homepage' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.999.1.6 NAME 'virtualHost' DESC ' a virtual host ' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) # quota has to be reworked/ it is a numeric attributetype ( 1.3.6.1.4.1.999.1.7 NAME 'quota' DESC ' quota' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.999.1.8 NAME 'documentRoot' DESC ' ' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) # Has to be rworked: it has to be a numeric attributetype ( 1.3.6.1.4.1.999.1.9 NAME 'refresh' DESC ' ' EQUALITY caseIgnoreIA5Match

SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) # Has to be rworked: it has to be a numeric attributetype ( 1.3.6.1.4.1.999.1.10 NAME 'minimum' DESC ' ' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.999.1.11 NAME 'primary' DESC ' ' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) # Has to be rworked: it has to be a date attributetype ( 1.3.6.1.4.1.999.1.12 NAME 'expire' DESC ' ' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) # Has to be rworked: it has to be a numeric attributetype ( 1.3.6.1.4.1.999.1.13 NAME 'retry' DESC ' ' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) # Has to be rworked: it has to be a numeric attributetype ( 1.3.6.1.4.1.999.1.14 NAME 'rootmail' DESC ' ' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32}

SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.999.1.15 NAME 'mailUser' DESC ' mail user ' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.999.1.16 NAME 'alias' DESC ' mail alias ' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.999.1.17 NAME 'mailDrop' DESC ' mai drop ' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} ) attributetype ( 1.3.6.1.4.1.999.1.18 NAME 'parent' DESC 'parent ' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.999.1.19 NAME 'childs' DESC 'childs ' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} )

attributetype ( 1.3.6.1.4.1.999.1.20 NAME 'customSchema' DESC 's ' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.999.1.21 NAME 'adminUser' DESC ' admin user ' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.999.1.22 NAME 'caption' SUP name ) attributetype ( 1.3.6.1.4.1.999.1.23 NAME 'customAttribute' SUP name ) attributetype ( 1.3.6.1.4.1.999.1.24 NAME 'discardedFor' SUP name ) attributetype ( 1.3.6.1.4.1.999.1.25 NAME 'customValueFor' SUP name ) attributetype ( 1.3.6.1.4.1.999.1.26 NAME 'defaultValue' SUP name ) attributetype ( 1.3.6.1.4.1.999.1.27 NAME 'isMulti' SUP name ) attributetype ( 1.3.6.1.4.1.999.1.28 NAME 'unicityScope'

SUP name ) attributetype ( 1.3.6.1.4.1.999.1.29 NAME 'linkedValue' SUP name ) attributetype ( 1.3.6.1.4.1.999.1.30 NAME 'help' SUP name ) attributetype ( 1.3.6.1.4.1.999.1.31 NAME 'unicityString' SUP name ) attributetype ( 1.3.6.1.4.1.999.1.32 NAME 'nbDisplayed' SUP name ) attributetype ( 1.3.6.1.4.1.999.1.33 NAME 'nbAdditional' SUP name ) attributetype ( 1.3.6.1.4.1.999.1.34 NAME 'donotchange' SUP name ) #ObjectClasses definitions objectclass ( 1.3.6.1.4.1.999.2.1 NAME 'customDNSdomain' DESC 'DNS Domain ' SUP dNSDomain STRUCTURAL MAY ( mailHost $ mailDrop $ mail) ) objectclass ( 1.3.6.1.4.1.999.2.2 NAME 'subscriber' DESC 'Object that represents a subscriber (pysical person)' SUP inetOrgPerson STRUCTURAL MUST ( uid ) ) objectclass ( 1.3.6.1.4.1.999.2.3 NAME 'ftpuser'

DESC 'description of an ftp account' SUP top STRUCTURAL MUST ( ftpUser $ homeDirectory $ userPassword $ quota ) MAY ( description ) ) objectclass ( 1.3.6.1.4.1.999.2.4 NAME 'radiusUser' DESC 'description of radius account' SUP top STRUCTURAL MUST ( radiusUser $ userPassword ) MAY description ) objectclass ( 1.3.6.1.4.1.999.2.5 NAME 'newsuser' DESC 'description of news account' SUP top STRUCTURAL MUST ( newsUser $ userPassword ) MAY description ) objectclass ( 1.3.6.1.4.1.999.2.6 NAME 'proxyuser' DESC 'description of a proxy user' SUP top STRUCTURAL MUST ( proxyUser $ userPassword ) MAY description ) objectclass ( 1.3.6.1.4.1.999.2.7 NAME 'virtualHost' DESC 'description of an Apache Virtual domain ' SUP top STRUCTURAL MUST ( virtualHost $ ftpUser $ homeDirectory $ userPassword $ quota ) MAY ( description $ mail $ mailDrop $ alias) ) objectclass ( 1.3.6.1.4.1.999.2.8 NAME 'SOARecords' DESC 'SOA Records used by DNS ' SUP domainRelatedObject AUXILIARY MUST ( refresh $ minimum $ primary $ expire $ retry $ rootmail $

SOARecord ) MAY description ) objectclass ( 1.3.6.1.4.1.999.2.9 NAME 'MXRecords' DESC 'MX Records used by DNS ' SUP domainRelatedObject AUXILIARY MUST ( MXRecord ) MAY description ) objectclass ( 1.3.6.1.4.1.999.2.10 NAME 'ARecords' DESC 'A Records used by DNS ' SUP domainRelatedObject AUXILIARY MUST ( ARecord ) MAY description ) objectclass ( 1.3.6.1.4.1.999.2.11 NAME 'Cnames' DESC 'CNAme Records used by DNS ' SUP domainRelatedObject AUXILIARY MUST ( CNAMERecord ) MAY description ) objectclass ( 1.3.6.1.4.1.999.2.12 NAME 'mailUser' DESC ' a mail user account' SUP top STRUCTURAL MUST ( mailUser $ alias $ userPassword $ mailDrop $ mail) MAY ( description $ quota ) ) objectclass ( 1.3.6.1.4.1.999.2.13 NAME 'adminUser' DESC ' an administrative account' SUP top STRUCTURAL MUST ( adminUser $ userPassword $ description ) MAY ( mailUser ) ) objectclass ( 1.3.6.1.4.1.999.2.14 NAME 'customSchema'

DESC 'define a parent-child relationship because of the missing dITStructureRule feature of openldap 2.0.6 ' SUP top STRUCTURAL MUST (customSchema $ parent) MAY ( childs ) ) objectclass ( 1.3.6.1.4.1.999.2.15 NAME 'customAttribute' DESC 'support for internationalization ' SUP top STRUCTURAL MUST ( customAttribute ) MAY ( discardedFor $ description $ caption) ) objectclass ( 1.3.6.1.4.1.999.2.16 NAME 'customValueFor' DESC 'support for internationalization ' SUP top STRUCTURAL MUST ( customValueFor ) MAY ( defaultValue $ isMulti $ unicityString $ unicityScope $ linkedValue $ caption $ help $ nbDisplayed $ nbAdditional $ donotchange ) ) objectclass ( 1.3.6.1.4.1.999.2.17 NAME 'webUser' DESC 'description of an account with an own homepage' SUP top STRUCTURAL MUST ( webUser $ ftpUser $ homeDirectory $ userPassword $ quota ) MAY ( description ) ) 3 GII THIU CC CHUN RFCs Ton b thng tin v RFCs c gii thiu trong website: http://www.ietf.org