# Modification to Oracle Enterprise Directory schema for OpenLDAP 2.3/2.4 by # Brian A. Seklecki # # Copyright 2004-2007 Entrust. All rights reserved. # # The directory schema definitions defined below are the minimum required to # support the Entrust IdentityGuard 9.0 server against the Oracle Internet # Directory Server. # Additional syntax may be required to enhance performance, security or # functionality. Please use the definitions below as a guide, making changes # to meet the policies of your company. # The following defines the necessary attibutes and matching rules required. #dn: cn=subschemasubentry #changeType: modify #add: attributeTypes attributeType ( 2.16.840.1.114027.200.2.2.1 NAME 'entrustIGSerialNumber' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) attributeType ( 2.16.840.1.114027.200.2.2.2 NAME 'entrustIGContents' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) attributeType ( 2.16.840.1.114027.200.2.2.3 NAME 'entrustIGState' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) attributeType ( 2.16.840.1.114027.200.2.2.4 NAME 'entrustIGCreateDate' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 ) attributeType ( 2.16.840.1.114027.200.2.2.5 NAME 'entrustIGExpiryDate' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 ) attributeType ( 2.16.840.1.114027.200.2.2.6 NAME 'entrustIGTemporaryPin' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.7 NAME 'entrustIGUserNumber' EQUALITY integerMatch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.8 NAME 'entrustIGUserInfoMac' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.9 NAME 'entrustIGChallenge' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.10 NAME 'entrustIGCardSpec' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.11 NAME 'entrustIGTempPinSpec' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.12 NAME 'entrustIGPasswordPolicy' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.14 NAME 'entrustIGLockoutCount' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.15 NAME 'entrustIGLockoutExpiryDate' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.16 NAME 'entrustIGGlobalPolicy' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.17 NAME 'entrustIGPolicyList' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.18 NAME 'entrustIGUserSpec' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.20 NAME 'entrustIGRoleData' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.21 NAME 'entrustIGGroup' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.22 NAME 'entrustIGGroupData' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.24 NAME 'entrustIGGroupListData' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.25 NAME 'entrustIGAliases' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) attributeType ( 2.16.840.1.114027.200.2.2.26 NAME 'entrustIGChallengeCount' EQUALITY integerMatch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) attributeType ( 2.16.840.1.114027.200.2.2.27 NAME 'entrustIGLeastUsedCellUsageCount' EQUALITY integerMatch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) attributeType ( 2.16.840.1.114027.200.2.2.28 NAME 'entrustIGCardUsageThresholdIndicator' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) attributeType ( 2.16.840.1.114027.200.2.2.29 NAME 'entrustIGAuthSecrets' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.30 NAME 'entrustIGTokenSerialNumber' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) attributeType ( 2.16.840.1.114027.200.2.2.31 NAME 'entrustIGTokens' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) attributeType ( 2.16.840.1.114027.200.2.2.32 NAME 'entrustIGTokenState' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) attributeType ( 2.16.840.1.114027.200.2.2.33 NAME 'entrustIGTokenLoadDate' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 ) attributeType ( 2.16.840.1.114027.200.2.2.34 NAME 'entrustIGTokenLastUsedDate' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 ) attributeType ( 2.16.840.1.114027.200.2.2.35 NAME 'entrustIGUserState' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.36 NAME 'entrustIGUserActivationExpiryDate' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.37 NAME 'entrustIGPVNState' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.38 NAME 'entrustIGUserPasswordExpiryDate' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.39 NAME 'entrustIGUserPasswordState' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.40 NAME 'entrustIGRoleId' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) attributeType ( 2.16.840.1.114027.200.2.2.41 NAME 'entrustIGNumQA' EQUALITY integerMatch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.42 NAME 'entrustIGNumRegisteredMachines' EQUALITY integerMatch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.44 NAME 'entrustIGNumTempPinUses' EQUALITY integerMatch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE) attributeType ( 2.16.840.1.114027.200.2.2.45 NAME 'entrustIGTempPinExpiryDate' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.46 NAME 'entrustIGOTPAllowed' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.47 NAME 'entrustIGOTPDelivery' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.48 NAME 'entrustIGNumContactInfo' EQUALITY integerMatch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.49 NAME 'entrustIGNumUsableContactInfo' EQUALITY integerMatch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.50 NAME 'entrustIGPVNLastChangeDate' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.51 NAME 'entrustIGNumLocations' EQUALITY integerMatch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.52 NAME 'entrustIGIPBlacklist' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.53 NAME 'entrustIGPasswordLastChangeDate' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE ) attributeType ( 2.16.840.1.114027.200.2.2.54 NAME 'entrustIGTokenVendorId' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) attributeType ( 2.16.840.1.114027.200.2.2.60 NAME 'entrustIGFullName' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) # The following defines the necessary objectclasses required. #dn: cn=subschemasubentry #changeType: modify #add:objectClasses objectClass ( 2.16.840.1.114027.200.2.1.1 NAME 'entrustIGUser' SUP top AUXILIARY MAY ( entrustIGChallenge $ entrustIGContents $ entrustIGCreateDate $ entrustIGExpiryDate $ entrustIGGroup $ entrustIGSerialNumber $ entrustIGState $ entrustIGTemporaryPin $ entrustIGUserInfoMac $ entrustIGUserNumber $ entrustIGLockoutCount $ entrustIGLockoutExpiryDate $ entrustIGAliases $ entrustIGChallengeCount $ entrustIGLeastUsedCellUsageCount $ entrustIGCardUsageThresholdIndicator $ entrustIGAuthSecrets $ entrustIGTokenSerialNumber $ entrustIGTokens $ entrustIGTokenState $ entrustIGTokenLoadDate $ entrustIGTokenLastUsedDate $ entrustIGUserState $ entrustIGUserActivationExpiryDate $ entrustIGPVNState $ entrustIGUserPasswordExpiryDate $ entrustIGUserPasswordState $ entrustIGRoleId $ entrustIGNumQA $ entrustIGNumRegisteredMachines $ entrustIGNumTempPinUses $ entrustIGTempPinExpiryDate $ entrustIGOTPAllowed $ entrustIGOTPDelivery $ entrustIGNumContactInfo $ entrustIGNumUsableContactInfo $ entrustIGPVNLastChangeDate $ entrustIGNumLocations $ entrustIGPasswordLastChangeDate $ entrustIGTokenVendorId $ entrustIGFullName )) objectClass ( 2.16.840.1.114027.200.2.1.2 NAME 'entrustIGPolicy' SUP top AUXILIARY MAY ( entrustIGCardSpec $ entrustIGGlobalPolicy $ entrustIGGroupData $ entrustIGGroupListData $ entrustIGPasswordPolicy $ entrustIGPolicyList $ entrustIGRoleData $ entrustIGTempPinSpec $ entrustIGUserSpec $ entrustIGIPBlacklist )) #dn: cn=catalogs #changetype: modify #add: orclindexedattribute #orclindexedattribute: entrustIGSerialNumber #orclindexedattribute: entrustIGState #orclindexedattribute: entrustIGCreateDate #orclindexedattribute: entrustIGExpiryDate #orclindexedattribute: entrustIGTemporaryPin #orclindexedattribute: entrustIGUserNumber #orclindexedattribute: entrustIGUserInfoMac #orclindexedattribute: entrustIGLockoutCount #orclindexedattribute: entrustIGLockoutExpiryDate #orclindexedattribute: entrustIGGroup #orclindexedattribute: entrustIGAliases #orclindexedattribute: entrustIGChallengeCount #orclindexedattribute: entrustIGLeastUsedCellUsageCount #orclindexedattribute: entrustIGCardUsageThresholdIndicator #orclindexedattribute: entrustIGTokenSerialNumber #orclindexedattribute: entrustIGTokenState #orclindexedattribute: entrustIGTokenLoadDate #orclindexedattribute: entrustIGTokenLastUsedDate #orclindexedattribute: entrustIGUserState #orclindexedattribute: entrustIGUserActivationExpiryDate #orclindexedattribute: entrustIGPVNState #orclindexedattribute: entrustIGUserPasswordExpiryDate #orclindexedattribute: entrustIGUserPasswordState #orclindexedattribute: entrustIGRoleId #orclindexedattribute: entrustIGNumQA #orclindexedattribute: entrustIGNumRegisteredMachines #orclindexedattribute: entrustIGNumTempPinUses #orclindexedattribute: entrustIGTempPinExpiryDate #orclindexedattribute: entrustIGOTPAllowed #orclindexedattribute: entrustIGOTPDelivery #orclindexedattribute: entrustIGNumContactInfo #orclindexedattribute: entrustIGNumUsableContactInfo #orclindexedattribute: entrustIGPVNLastChangeDate #orclindexedattribute: entrustIGNumLocations #orclindexedattribute: entrustIGPasswordLastChangeDate #orclindexedattribute: entrustIGTokenVendorId #orclindexedattribute: entrustIGAuthSecrets #orclindexedattribute: entrustIGFullName