1# $OpenLDAP$
2## This work is part of OpenLDAP Software <http://www.openldap.org/>.
3##
4## Copyright 1998-2021 The OpenLDAP Foundation.
5## All rights reserved.
6##
7## Redistribution and use in source and binary forms, with or without
8## modification, are permitted only as authorized by the OpenLDAP
9## Public License.
10##
11## A copy of this license is available in the file LICENSE in the
12## top-level directory of the distribution or, alternatively, at
13## <http://www.OpenLDAP.org/license.html>.
14#
15#
16# OpenLDAP Project's directory schema items
17#
18# depends upon:
19#	core.schema
20#	cosine.schema
21#	inetorgperson.schema
22#
23# These are provided for informational purposes only.
24#
25# This openldap.ldif file is provided as a demonstration of how to
26# convert a *.schema file into *.ldif format. The key points:
27#   In LDIF, a blank line terminates an entry. Blank lines in a *.schema
28#     file should be replaced with a single '#' to turn them into
29#     comments, or they should just be removed.
30#   In addition to the actual schema directives, the file needs a small
31#     header to make it a valid LDAP entry. This header must provide the
32#     dn of the entry, the objectClass, and the cn, as shown here:
33#
34dn: cn=openldap,cn=schema,cn=config
35objectClass: olcSchemaConfig
36cn: openldap
37#
38# The schema directives need to be changed to LDAP Attributes.
39#   First a basic string substitution can be done on each of the keywords:
40#     objectIdentifier -> olcObjectIdentifier:
41#     objectClass -> olcObjectClasses:
42#     attributeType -> olcAttributeTypes:
43#   Then leading whitespace must be fixed. The slapd.conf format allows
44#     tabs or spaces to denote line continuation, while LDIF only allows
45#     the space character.
46#   Also slapd.conf preserves the continuation character, while LDIF strips
47#     it out. So a single TAB/SPACE in slapd.conf must be replaced with
48#     two SPACEs in LDIF, otherwise the continued text may get joined as
49#     a single word.
50#   The directives must be listed in a proper sequence:
51#     All olcObjectIdentifiers must be first, so they may be referenced by
52#        any following definitions.
53#     All olcAttributeTypes must be next, so they may be referenced by any
54#        following objectClass definitions.
55#     All olcObjectClasses must be after the olcAttributeTypes.
56#   And of course, any superior must occur before anything that inherits
57#     from it.
58#
59olcObjectIdentifier: OpenLDAProot 1.3.6.1.4.1.4203
60#
61olcObjectIdentifier: OpenLDAP OpenLDAProot:1
62olcObjectIdentifier: OpenLDAPattributeType OpenLDAP:3
63olcObjectIdentifier: OpenLDAPobjectClass OpenLDAP:4
64#
65olcObjectClasses: ( OpenLDAPobjectClass:3
66  NAME 'OpenLDAPorg'
67  DESC 'OpenLDAP Organizational Object'
68  SUP organization
69  MAY ( buildingName $ displayName $ labeledURI ) )
70#
71olcObjectClasses: ( OpenLDAPobjectClass:4
72  NAME 'OpenLDAPou'
73  DESC 'OpenLDAP Organizational Unit Object'
74  SUP organizationalUnit
75  MAY ( buildingName $ displayName $ labeledURI $ o ) )
76#
77olcObjectClasses: ( OpenLDAPobjectClass:5
78  NAME 'OpenLDAPperson'
79  DESC 'OpenLDAP Person'
80  SUP ( pilotPerson $ inetOrgPerson )
81  MUST ( uid $ cn )
82  MAY ( givenName $ labeledURI $ o ) )
83#
84olcObjectClasses: ( OpenLDAPobjectClass:6
85  NAME 'OpenLDAPdisplayableObject'
86  DESC 'OpenLDAP Displayable Object'
87  AUXILIARY
88  MAY displayName )
89