Proposed LDAP schema
UID mapping
See idmap configuration and the accompanying ldap server setup instructions for details.
nfsv4.schema
------------
attributetype ( 1.3.6.1.4.1.250.1.61
NAME ( 'NFSv4Name')
DESC 'NFS version 4 Name'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.250.1.62
NAME ( 'GSSAuthName')
DESC 'RPCSEC GSS authenticated user name'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
#
# minimal information for NFSv4 access. used when local filesystem
# access is not permitted (nsswitch ldap calls fail), or when
# inetorgPerson is too much info.
#
objectclass ( 1.3.6.1.4.1.250.1.60 NAME 'NFSv4RemotePerson'
DESC 'NFS version4 person from remote NFSv4 Domain'
SUP top STRUCTURAL
MUST ( uidNumber $ gidNumber $ NFSv4Name )
MAY ( cn $ GSSAuthName $ description) )
#
# minimal information for NFSv4 access. used when local filesystem
# access is not permitted (nsswitch ldap calls fail), or when
# inetorgPerson is too much info.
#
objectclass ( 1.3.6.1.4.1.250.1.63 NAME 'NFSv4RemoteGroup'
DESC 'NFS version4 group from remote NFSv4 Domain'
SUP top STRUCTURAL
MUST ( gidNumber $ NFSv4Name )
MAY ( cn $ memberUid $ description) )
fs_locations
These have been used for testing purposes. In particular note the OIDs are temporary.
Note that windows Active Directory has a
schema
which includes similar information, but the critical data is hidden in the attribute
pkt.
attributetype ( 1.1.1
NAME ( 'fslocations' )
DESC 'replication list'
EQUALITY caseExactMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{32768} )
attributetype ( 1.1.3
NAME ( 'referral' )
DESC 'boolean determining if is a referral or replica'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
objectclass ( 1.1.2
NAME 'rnfs'
DESC 'key - replication info'
SUP top STRUCTURAL
MUST ( cn $ fslocations $ referral ) )
