s4:auth/gensec_gssapi: let gensec_gssapi_update() return NT_STATUS_LOGON_FAILURE...
[Samba.git] / examples / LDAP / samba.ldif
blob5106e5f8c652390a4eae13afa8fb28c84f8ae40c
1 dn: cn=samba,cn=schema,cn=config
2 objectClass: olcSchemaConfig
3 cn: samba
4 olcAttributeTypes: {0}( 1.3.6.1.4.1.7165.2.1.24 NAME 'sambaLMPassword' DESC 'L
5 anManager Password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.1
6 21.1.26{32} SINGLE-VALUE )
7 olcAttributeTypes: {1}( 1.3.6.1.4.1.7165.2.1.25 NAME 'sambaNTPassword' DESC 'M
8 D4 hash of the unicode password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4
9 .1.1466.115.121.1.26{32} SINGLE-VALUE )
10 olcAttributeTypes: {2}( 1.3.6.1.4.1.7165.2.1.26 NAME 'sambaAcctFlags' DESC 'Ac
11 count Flags' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
12 {16} SINGLE-VALUE )
13 olcAttributeTypes: {3}( 1.3.6.1.4.1.7165.2.1.27 NAME 'sambaPwdLastSet' DESC 'T
14 imestamp of the last password update' EQUALITY integerMatch SYNTAX 1.3.6.1.4.
15 1.1466.115.121.1.27 SINGLE-VALUE )
16 olcAttributeTypes: {4}( 1.3.6.1.4.1.7165.2.1.28 NAME 'sambaPwdCanChange' DESC
17 'Timestamp of when the user is allowed to update the password' EQUALITY integ
18 erMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
19 olcAttributeTypes: {5}( 1.3.6.1.4.1.7165.2.1.29 NAME 'sambaPwdMustChange' DESC
20 'Timestamp of when the password will expire' EQUALITY integerMatch SYNTAX 1.
21 3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
22 olcAttributeTypes: {6}( 1.3.6.1.4.1.7165.2.1.30 NAME 'sambaLogonTime' DESC 'Ti
23 mestamp of last logon' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.
24 1.27 SINGLE-VALUE )
25 olcAttributeTypes: {7}( 1.3.6.1.4.1.7165.2.1.31 NAME 'sambaLogoffTime' DESC 'T
26 imestamp of last logoff' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.12
27 1.1.27 SINGLE-VALUE )
28 olcAttributeTypes: {8}( 1.3.6.1.4.1.7165.2.1.32 NAME 'sambaKickoffTime' DESC '
29 Timestamp of when the user will be logged off automatically' EQUALITY integer
30 Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
31 olcAttributeTypes: {9}( 1.3.6.1.4.1.7165.2.1.48 NAME 'sambaBadPasswordCount' D
32 ESC 'Bad password attempt count' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.146
33 6.115.121.1.27 SINGLE-VALUE )
34 olcAttributeTypes: {10}( 1.3.6.1.4.1.7165.2.1.49 NAME 'sambaBadPasswordTime' D
35 ESC 'Time of the last bad password attempt' EQUALITY integerMatch SYNTAX 1.3.
36 6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
37 olcAttributeTypes: {11}( 1.3.6.1.4.1.7165.2.1.55 NAME 'sambaLogonHours' DESC '
38 Logon Hours' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
39 {42} SINGLE-VALUE )
40 olcAttributeTypes: {12}( 1.3.6.1.4.1.7165.2.1.33 NAME 'sambaHomeDrive' DESC 'D
41 river letter of home directory mapping' EQUALITY caseIgnoreIA5Match SYNTAX 1.
42 3.6.1.4.1.1466.115.121.1.26{4} SINGLE-VALUE )
43 olcAttributeTypes: {13}( 1.3.6.1.4.1.7165.2.1.34 NAME 'sambaLogonScript' DESC
44 'Logon script path' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.
45 1.15{255} SINGLE-VALUE )
46 olcAttributeTypes: {14}( 1.3.6.1.4.1.7165.2.1.35 NAME 'sambaProfilePath' DESC
47 'Roaming profile path' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.1
48 21.1.15{255} SINGLE-VALUE )
49 olcAttributeTypes: {15}( 1.3.6.1.4.1.7165.2.1.36 NAME 'sambaUserWorkstations'
50 DESC 'List of user workstations the user is allowed to logon to' EQUALITY cas
51 eIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE )
52 olcAttributeTypes: {16}( 1.3.6.1.4.1.7165.2.1.37 NAME 'sambaHomePath' DESC 'Ho
53 me directory UNC path' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.1
54 21.1.15{128} )
55 olcAttributeTypes: {17}( 1.3.6.1.4.1.7165.2.1.38 NAME 'sambaDomainName' DESC '
56 Windows NT domain to which the user belongs' EQUALITY caseIgnoreMatch SYNTAX
57 1.3.6.1.4.1.1466.115.121.1.15{128} )
58 olcAttributeTypes: {18}( 1.3.6.1.4.1.7165.2.1.47 NAME 'sambaMungedDial' DESC '
59 Base64 encoded user parameter string' EQUALITY caseExactMatch SYNTAX 1.3.6.1.
60 4.1.1466.115.121.1.15{1050} )
61 olcAttributeTypes: {19}( 1.3.6.1.4.1.7165.2.1.54 NAME 'sambaPasswordHistory' D
62 ESC 'Concatenated MD5 hashes of the salted NT passwords used on this account'
63 EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} )
64 olcAttributeTypes: {20}( 1.3.6.1.4.1.7165.2.1.20 NAME 'sambaSID' DESC 'Securit
65 y ID' EQUALITY caseIgnoreIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1
66 .3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE )
67 olcAttributeTypes: {21}( 1.3.6.1.4.1.7165.2.1.23 NAME 'sambaPrimaryGroupSID' D
68 ESC 'Primary Group Security ID' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.
69 1.1466.115.121.1.26{64} SINGLE-VALUE )
70 olcAttributeTypes: {22}( 1.3.6.1.4.1.7165.2.1.51 NAME 'sambaSIDList' DESC 'Sec
71 urity ID List' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.
72 26{64} )
73 olcAttributeTypes: {23}( 1.3.6.1.4.1.7165.2.1.19 NAME 'sambaGroupType' DESC 'N
74 T Group Type' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SING
75 LE-VALUE )
76 olcAttributeTypes: {24}( 1.3.6.1.4.1.7165.2.1.21 NAME 'sambaNextUserRid' DESC
77 'Next NT rid to give our for users' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.
78 1466.115.121.1.27 SINGLE-VALUE )
79 olcAttributeTypes: {25}( 1.3.6.1.4.1.7165.2.1.22 NAME 'sambaNextGroupRid' DESC
80 'Next NT rid to give out for groups' EQUALITY integerMatch SYNTAX 1.3.6.1.4.
81 1.1466.115.121.1.27 SINGLE-VALUE )
82 olcAttributeTypes: {26}( 1.3.6.1.4.1.7165.2.1.39 NAME 'sambaNextRid' DESC 'Nex
83 t NT rid to give out for anything' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1
84 466.115.121.1.27 SINGLE-VALUE )
85 olcAttributeTypes: {27}( 1.3.6.1.4.1.7165.2.1.40 NAME 'sambaAlgorithmicRidBase
86 ' DESC 'Base at which the samba RID generation algorithm should operate' EQUA
87 LITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
88 olcAttributeTypes: {28}( 1.3.6.1.4.1.7165.2.1.41 NAME 'sambaShareName' DESC 'S
89 hare Name' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SING
90 LE-VALUE )
91 olcAttributeTypes: {29}( 1.3.6.1.4.1.7165.2.1.42 NAME 'sambaOptionName' DESC '
92 Option Name' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
93 1.3.6.1.4.1.1466.115.121.1.15{256} )
94 olcAttributeTypes: {30}( 1.3.6.1.4.1.7165.2.1.43 NAME 'sambaBoolOption' DESC '
95 A boolean option' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 S
96 INGLE-VALUE )
97 olcAttributeTypes: {31}( 1.3.6.1.4.1.7165.2.1.44 NAME 'sambaIntegerOption' DES
98 C 'An integer option' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1
99 .27 SINGLE-VALUE )
100 olcAttributeTypes: {32}( 1.3.6.1.4.1.7165.2.1.45 NAME 'sambaStringOption' DESC
101 'A string option' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121
102 .1.26 SINGLE-VALUE )
103 olcAttributeTypes: {33}( 1.3.6.1.4.1.7165.2.1.46 NAME 'sambaStringListOption'
104 DESC 'A string list option' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.
105 115.121.1.15 )
106 olcAttributeTypes: {34}( 1.3.6.1.4.1.7165.2.1.53 NAME 'sambaTrustFlags' DESC '
107 Trust Password Flags' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115
108 .121.1.26 )
109 olcAttributeTypes: {35}( 1.3.6.1.4.1.7165.2.1.58 NAME 'sambaMinPwdLength' DESC
110 'Minimal password length (default: 5)' EQUALITY integerMatch SYNTAX 1.3.6.1.
111 4.1.1466.115.121.1.27 SINGLE-VALUE )
112 olcAttributeTypes: {36}( 1.3.6.1.4.1.7165.2.1.59 NAME 'sambaPwdHistoryLength'
113 DESC 'Length of Password History Entries (default: 0 => off)' EQUALITY intege
114 rMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
115 olcAttributeTypes: {37}( 1.3.6.1.4.1.7165.2.1.60 NAME 'sambaLogonToChgPwd' DES
116 C 'Force Users to logon for password change (default: 0 => off, 2 => on)' EQU
117 ALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
118 olcAttributeTypes: {38}( 1.3.6.1.4.1.7165.2.1.61 NAME 'sambaMaxPwdAge' DESC 'M
119 aximum password age, in seconds (default: -1 => never expire passwords)' EQUA
120 LITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
121 olcAttributeTypes: {39}( 1.3.6.1.4.1.7165.2.1.62 NAME 'sambaMinPwdAge' DESC 'M
122 inimum password age, in seconds (default: 0 => allow immediate password chang
123 e)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
124 olcAttributeTypes: {40}( 1.3.6.1.4.1.7165.2.1.63 NAME 'sambaLockoutDuration' D
125 ESC 'Lockout duration in minutes (default: 30, -1 => forever)' EQUALITY integ
126 erMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
127 olcAttributeTypes: {41}( 1.3.6.1.4.1.7165.2.1.64 NAME 'sambaLockoutObservation
128 Window' DESC 'Reset time after lockout in minutes (default: 30)' EQUALITY int
129 egerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
130 olcAttributeTypes: {42}( 1.3.6.1.4.1.7165.2.1.65 NAME 'sambaLockoutThreshold'
131 DESC 'Lockout users after bad logon attempts (default: 0 => off)' EQUALITY in
132 tegerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
133 olcAttributeTypes: {43}( 1.3.6.1.4.1.7165.2.1.66 NAME 'sambaForceLogoff' DESC
134 'Disconnect Users outside logon hours (default: -1 => off, 0 => on)' EQUALITY
135 integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
136 olcAttributeTypes: {44}( 1.3.6.1.4.1.7165.2.1.67 NAME 'sambaRefuseMachinePwdCh
137 ange' DESC 'Allow Machine Password changes (default: 0 => off)' EQUALITY inte
138 gerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
139 olcAttributeTypes: {45}( 1.3.6.1.4.1.7165.2.1.68 NAME 'sambaClearTextPassword'
140 DESC 'Clear text password (used for trusted domain passwords)' EQUALITY octe
141 tStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
142 olcAttributeTypes: {46}( 1.3.6.1.4.1.7165.2.1.69 NAME 'sambaPreviousClearTextP
143 assword' DESC 'Previous clear text password (used for trusted domain password
144 s)' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
145 olcAttributeTypes: {47}( 1.3.6.1.4.1.7165.2.1.70 NAME 'sambaTrustType' DESC 'T
146 ype of trust' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SING
147 LE-VALUE )
148 olcAttributeTypes: {48}( 1.3.6.1.4.1.7165.2.1.71 NAME 'sambaTrustAttributes' D
149 ESC 'Trust attributes for a trusted domain' EQUALITY integerMatch SYNTAX 1.3.
150 6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
151 olcAttributeTypes: {49}( 1.3.6.1.4.1.7165.2.1.72 NAME 'sambaTrustDirection' DE
152 SC 'Direction of a trust' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.1
153 21.1.27 SINGLE-VALUE )
154 olcAttributeTypes: {50}( 1.3.6.1.4.1.7165.2.1.73 NAME 'sambaTrustPartner' DESC
155 'Fully qualified name of the domain with which a trust exists' EQUALITY case
156 IgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
157 olcAttributeTypes: {51}( 1.3.6.1.4.1.7165.2.1.74 NAME 'sambaFlatName' DESC 'Ne
158 tBIOS name of a domain' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.
159 121.1.15{128} )
160 olcAttributeTypes: {52}( 1.3.6.1.4.1.7165.2.1.75 NAME 'sambaTrustAuthOutgoing'
161 DESC 'Authentication information for the outgoing portion of a trust' EQUALIT
162 Y caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
163 olcAttributeTypes: {53}( 1.3.6.1.4.1.7165.2.1.76 NAME 'sambaTrustAuthIncoming'
164 DESC 'Authentication information for the incoming portion of a trust' EQUALIT
165 Y caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
166 olcAttributeTypes: {54}( 1.3.6.1.4.1.7165.2.1.77 NAME 'sambaSecurityIdentifier
167 ' DESC 'SID of a trusted domain' EQUALITY caseIgnoreIA5Match SUBSTR caseExact
168 IA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE )
169 olcAttributeTypes: {55}( 1.3.6.1.4.1.7165.2.1.78 NAME 'sambaTrustForestTrustIn
170 fo' DESC 'Forest trust information for a trusted domain object' EQUALITY case
171 ExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
172 olcAttributeTypes: {56}( 1.3.6.1.4.1.7165.2.1.79 NAME 'sambaTrustPosixOffset'
173 DESC 'POSIX offset of a trust' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.
174 115.121.1.27 SINGLE-VALUE )
175 olcAttributeTypes: {57}( 1.3.6.1.4.1.7165.2.1.80 NAME 'sambaSupportedEncryptio
176 nTypes' DESC 'Supported encryption types of a trust' EQUALITY integerMatch SY
177 NTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
178 olcObjectClasses: {0}( 1.3.6.1.4.1.7165.2.2.6 NAME 'sambaSamAccount' DESC 'Sam
179 ba 3.0 Auxilary SAM Account' SUP top AUXILIARY MUST ( uid $ sambaSID ) MAY (
180 cn $ sambaLMPassword $ sambaNTPassword $ sambaPwdLastSet $ sambaLogonTime $ s
181 ambaLogoffTime $ sambaKickoffTime $ sambaPwdCanChange $ sambaPwdMustChange $
182 sambaAcctFlags $ displayName $ sambaHomePath $ sambaHomeDrive $ sambaLogonScr
183 ipt $ sambaProfilePath $ description $ sambaUserWorkstations $ sambaPrimaryGr
184 oupSID $ sambaDomainName $ sambaMungedDial $ sambaBadPasswordCount $ sambaBad
185 PasswordTime $ sambaPasswordHistory $ sambaLogonHours ) )
186 olcObjectClasses: {1}( 1.3.6.1.4.1.7165.2.2.4 NAME 'sambaGroupMapping' DESC 'S
187 amba Group Mapping' SUP top AUXILIARY MUST ( gidNumber $ sambaSID $ sambaGrou
188 pType ) MAY ( displayName $ description $ sambaSIDList ) )
189 olcObjectClasses: {2}( 1.3.6.1.4.1.7165.2.2.14 NAME 'sambaTrustPassword' DESC
190 'Samba Trust Password' SUP top STRUCTURAL MUST ( sambaDomainName $ sambaNTPas
191 sword $ sambaTrustFlags ) MAY ( sambaSID $ sambaPwdLastSet ) )
192 olcObjectClasses: {3}( 1.3.6.1.4.1.7165.2.2.15 NAME 'sambaTrustedDomainPasswor
193 d' DESC 'Samba Trusted Domain Password' SUP top STRUCTURAL MUST ( sambaDomain
194 Name $ sambaSID $ sambaClearTextPassword $ sambaPwdLastSet ) MAY sambaPreviou
195 sClearTextPassword )
196 olcObjectClasses: {4}( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' DESC 'Samba D
197 omain Information' SUP top STRUCTURAL MUST ( sambaDomainName $ sambaSID ) MAY
198 ( sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $ sambaAlgorithmicRidB
199 ase $ sambaMinPwdLength $ sambaPwdHistoryLength $ sambaLogonToChgPwd $ sambaM
200 axPwdAge $ sambaMinPwdAge $ sambaLockoutDuration $ sambaLockoutObservationWin
201 dow $ sambaLockoutThreshold $ sambaForceLogoff $ sambaRefuseMachinePwdChange
203 olcObjectClasses: {5}( 1.3.6.1.4.1.7165.2.2.7 NAME 'sambaUnixIdPool' DESC 'Poo
204 l for allocating UNIX uids/gids' SUP top AUXILIARY MUST ( uidNumber $ gidNumb
205 er ) )
206 olcObjectClasses: {6}( 1.3.6.1.4.1.7165.2.2.8 NAME 'sambaIdmapEntry' DESC 'Map
207 ping from a SID to an ID' SUP top AUXILIARY MUST sambaSID MAY ( uidNumber $ g
208 idNumber ) )
209 olcObjectClasses: {7}( 1.3.6.1.4.1.7165.2.2.9 NAME 'sambaSidEntry' DESC 'Struc
210 tural Class for a SID' SUP top STRUCTURAL MUST sambaSID )
211 olcObjectClasses: {8}( 1.3.6.1.4.1.7165.2.2.10 NAME 'sambaConfig' DESC 'Samba
212 Configuration Section' SUP top AUXILIARY MAY description )
213 olcObjectClasses: {9}( 1.3.6.1.4.1.7165.2.2.11 NAME 'sambaShare' DESC 'Samba S
214 hare Section' SUP top STRUCTURAL MUST sambaShareName MAY description )
215 olcObjectClasses: {10}( 1.3.6.1.4.1.7165.2.2.12 NAME 'sambaConfigOption' DESC
216 'Samba Configuration Option' SUP top STRUCTURAL MUST sambaOptionName MAY ( sa
217 mbaBoolOption $ sambaIntegerOption $ sambaStringOption $ sambaStringListoptio
218 n $ description ) )
219 olcObjectClasses: {11}( 1.3.6.1.4.1.7165.2.2.16 NAME 'sambaTrustedDomain' DESC
220 'Samba Trusted Domain Object' SUP top STRUCTURAL MUST cn MAY ( sambaTrustTyp
221 e $ sambaTrustAttributes $ sambaTrustDirection $ sambaTrustPartner $ sambaFla
222 tName $ sambaTrustAuthOutgoing $ sambaTrustAuthIncoming $ sambaSecurityIdenti
223 fier $ sambaTrustForestTrustInfo $ sambaTrustPosixOffset $ sambaSupportedEncr
224 yptionTypes) )