Updates from Alain Roy to provide better examples for importing the

schema and to fix problems caused by Windows validating attributes which have not yet been added before committing the changes.
2010-06-14 10:20:41 -04:00
parent ec77318e32
commit 93d48cfc60
1 changed files with 195 additions and 172 deletions
--- a/doc/schema.ActiveDirectory
+++ b/doc/schema.ActiveDirectory
@@ -1,172 +1,195 @@
-#
-# Active Directory Schema for sudo configuration (sudoers)
-#
-# To extend your Active Directory schema, run the following command
-# on your Windows DC:
-#
-#  ldifde -i -f schema.ActiveDirectory -c dc=X dc=YOURDOMAIN,DC=COM
-#
-
-dn: CN=sudoUser,CN=Schema,CN=Configuration,DC=X
-changetype: add
-objectClass: top
-objectClass: attributeSchema
-cn: sudoUser
-distinguishedName: CN=sudoUser,CN=Schema,CN=Configuration,DC=X
-instanceType: 4
-attributeID: 1.3.6.1.4.1.15953.9.1.1
-attributeSyntax: 2.5.5.5
-isSingleValued: FALSE
-showInAdvancedViewOnly: TRUE
-adminDisplayName: sudoUser
-adminDescription: User(s) who may run sudo
-oMSyntax: 22
-searchFlags: 1
-lDAPDisplayName: sudoUser
-name: sudoUser
-schemaIDGUID:: JrGcaKpnoU+0s+HgeFjAbg==
-objectCategory: CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=X
-
-dn: CN=sudoHost,CN=Schema,CN=Configuration,DC=X
-changetype: add
-objectClass: top
-objectClass: attributeSchema
-cn: sudoHost
-distinguishedName: CN=sudoHost,CN=Schema,CN=Configuration,DC=X
-instanceType: 4
-attributeID: 1.3.6.1.4.1.15953.9.1.2
-attributeSyntax: 2.5.5.5
-isSingleValued: FALSE
-showInAdvancedViewOnly: TRUE
-adminDisplayName: sudoHost
-adminDescription: Host(s) who may run sudo
-oMSyntax: 22
-lDAPDisplayName: sudoHost
-name: sudoHost
-schemaIDGUID:: d0TTjg+Y6U28g/Y+ns2k4w==
-objectCategory: CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=X
-
-dn: CN=sudoCommand,CN=Schema,CN=Configuration,DC=X
-changetype: add
-objectClass: top
-objectClass: attributeSchema
-cn: sudoCommand
-distinguishedName: CN=sudoCommand,CN=Schema,CN=Configuration,DC=X
-instanceType: 4
-attributeID: 1.3.6.1.4.1.15953.9.1.3
-attributeSyntax: 2.5.5.5
-isSingleValued: FALSE
-showInAdvancedViewOnly: TRUE
-adminDisplayName: sudoCommand
-adminDescription: Command(s) to be executed by sudo
-oMSyntax: 22
-lDAPDisplayName: sudoCommand
-name: sudoCommand
-schemaIDGUID:: D6QR4P5UyUen3RGYJCHCPg==
-objectCategory: CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=X
-
-dn: CN=sudoRunAs,CN=Schema,CN=Configuration,DC=X
-changetype: add
-objectClass: top
-objectClass: attributeSchema
-cn: sudoRunAs
-distinguishedName: CN=sudoRunAs,CN=Schema,CN=Configuration,DC=X
-instanceType: 4
-attributeID: 1.3.6.1.4.1.15953.9.1.4
-attributeSyntax: 2.5.5.5
-isSingleValued: FALSE
-showInAdvancedViewOnly: TRUE
-adminDisplayName: sudoRunAs
-adminDescription: User(s) impersonated by sudo (deprecated)
-oMSyntax: 22
-lDAPDisplayName: sudoRunAs
-name: sudoRunAs
-schemaIDGUID:: CP98mCQTyUKKxGrQeM80hQ==
-objectCategory: CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=X
-
-dn: CN=sudoOption,CN=Schema,CN=Configuration,DC=X
-changetype: add
-objectClass: top
-objectClass: attributeSchema
-cn: sudoOption
-distinguishedName: CN=sudoOption,CN=Schema,CN=Configuration,DC=X
-instanceType: 4
-attributeID: 1.3.6.1.4.1.15953.9.1.5
-attributeSyntax: 2.5.5.5
-isSingleValued: FALSE
-showInAdvancedViewOnly: TRUE
-adminDisplayName: sudoOption
-adminDescription: Option(s) followed by sudo
-oMSyntax: 22
-lDAPDisplayName: sudoOption
-name: sudoOption
-schemaIDGUID:: ojaPzBBlAEmsvrHxQctLnA==
-objectCategory: CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=X
-
-dn: CN=sudoRunAsUser,CN=Schema,CN=Configuration,DC=X
-changetype: add
-objectClass: top
-objectClass: attributeSchema
-cn: sudoRunAsUser
-distinguishedName: CN=sudoRunAsUser,CN=Schema,CN=Configuration,DC=X
-instanceType: 4
-attributeID: 1.3.6.1.4.1.15953.9.1.6
-attributeSyntax: 2.5.5.5
-isSingleValued: FALSE
-showInAdvancedViewOnly: TRUE
-adminDisplayName: sudoRunAsUser
-adminDescription: User(s) impersonated by sudo
-oMSyntax: 22
-lDAPDisplayName: sudoRunAsUser
-name: sudoRunAsUser
-schemaIDGUID:: 9C52yPYd3RG3jMR2VtiVkw==
-objectCategory: CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=X
-
-dn: CN=sudoRunAsGroup,CN=Schema,CN=Configuration,DC=X
-changetype: add
-objectClass: top
-objectClass: attributeSchema
-cn: sudoRunAsGroup
-distinguishedName: CN=sudoRunAsGroup,CN=Schema,CN=Configuration,DC=X
-instanceType: 4
-attributeID: 1.3.6.1.4.1.15953.9.1.7
-attributeSyntax: 2.5.5.5
-isSingleValued: FALSE
-showInAdvancedViewOnly: TRUE
-adminDisplayName: sudoRunAsGroup
-adminDescription: Groups(s) impersonated by sudo
-oMSyntax: 22
-lDAPDisplayName: sudoRunAsGroup
-name: sudoRunAsGroup
-schemaIDGUID:: xJhSt/Yd3RGJPTB1VtiVkw==
-objectCategory: CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=X
-
-dn: CN=sudoRole,CN=Schema,CN=Configuration,DC=X
-changetype: add
-objectClass: top
-objectClass: classSchema
-cn: sudoRole
-distinguishedName: CN=sudoRole,CN=Schema,CN=Configuration,DC=X
-instanceType: 4
-possSuperiors: container
-possSuperiors: top
-subClassOf: top
-governsID: 1.3.6.1.4.1.15953.9.2.1
-mayContain: sudoCommand
-mayContain: sudoHost
-mayContain: sudoOption
-mayContain: sudoRunAs
-mayContain: sudoRunAsUser
-mayContain: sudoRunAsGroup
-mayContain: sudoUser
-rDNAttID: cn
-showInAdvancedViewOnly: FALSE
-adminDisplayName: sudoRole
-adminDescription: Sudoer Entries
-objectClassCategory: 1
-lDAPDisplayName: sudoRole
-name: sudoRole
-schemaIDGUID:: SQn432lnZ0+ukbdh3+gN3w==
-systemOnly: FALSE
-objectCategory: CN=Class-Schema,CN=Schema,CN=Configuration,DC=X
-defaultObjectCategory: CN=sudoRole,CN=Schema,CN=Configuration,DC=X
+#
+# Active Directory Schema for sudo configuration (sudoers)
+#
+# To extend your Active Directory schema, run one of the following command
+# on your Windows DC (default port - Active Directory):
+# 
+#  ldifde -i -f schema.ActiveDirectory -c "CN=Schema,CN=Configuration,DC=X" #schemaNamingContext
+#
+# or on your Windows DC if using another port (with Active Directory LightWeight Directory Services / ADAM-Active Directory Application Mode)
+# Port 50000 by example (or any other port specified when defining the ADLDS/ADAM instance
+#
+#  ldifde -i -f schema.ActiveDirectory -t 50000 -c "CN=Schema,CN=Configuration,DC=X" #schemaNamingContext
+#
+# or 
+#
+#  ldifde -i -f schema.ActiveDirectory -s server:port -c "CN=Schema,CN=Configuration,DC=X" #schemaNamingContext
+#
+# Can add username domain and password
+#
+# -b username domain password
+#
+# Can create Log file in current or any directory
+#
+# -j .
+#
+
+dn: CN=sudoUser,CN=Schema,CN=Configuration,DC=X
+changetype: add
+objectClass: top
+objectClass: attributeSchema
+cn: sudoUser
+distinguishedName: CN=sudoUser,CN=Schema,CN=Configuration,DC=X
+instanceType: 4
+attributeID: 1.3.6.1.4.1.15953.9.1.1
+attributeSyntax: 2.5.5.5
+isSingleValued: FALSE
+showInAdvancedViewOnly: TRUE
+adminDisplayName: sudoUser
+adminDescription: User(s) who may run sudo
+oMSyntax: 22
+searchFlags: 1
+lDAPDisplayName: sudoUser
+name: sudoUser
+schemaIDGUID:: JrGcaKpnoU+0s+HgeFjAbg==
+objectCategory: CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=X
+
+dn: CN=sudoHost,CN=Schema,CN=Configuration,DC=X
+changetype: add
+objectClass: top
+objectClass: attributeSchema
+cn: sudoHost
+distinguishedName: CN=sudoHost,CN=Schema,CN=Configuration,DC=X
+instanceType: 4
+attributeID: 1.3.6.1.4.1.15953.9.1.2
+attributeSyntax: 2.5.5.5
+isSingleValued: FALSE
+showInAdvancedViewOnly: TRUE
+adminDisplayName: sudoHost
+adminDescription: Host(s) who may run sudo
+oMSyntax: 22
+lDAPDisplayName: sudoHost
+name: sudoHost
+schemaIDGUID:: d0TTjg+Y6U28g/Y+ns2k4w==
+objectCategory: CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=X
+
+dn: CN=sudoCommand,CN=Schema,CN=Configuration,DC=X
+changetype: add
+objectClass: top
+objectClass: attributeSchema
+cn: sudoCommand
+distinguishedName: CN=sudoCommand,CN=Schema,CN=Configuration,DC=X
+instanceType: 4
+attributeID: 1.3.6.1.4.1.15953.9.1.3
+attributeSyntax: 2.5.5.5
+isSingleValued: FALSE
+showInAdvancedViewOnly: TRUE
+adminDisplayName: sudoCommand
+adminDescription: Command(s) to be executed by sudo
+oMSyntax: 22
+lDAPDisplayName: sudoCommand
+name: sudoCommand
+schemaIDGUID:: D6QR4P5UyUen3RGYJCHCPg==
+objectCategory: CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=X
+
+dn: CN=sudoRunAs,CN=Schema,CN=Configuration,DC=X
+changetype: add
+objectClass: top
+objectClass: attributeSchema
+cn: sudoRunAs
+distinguishedName: CN=sudoRunAs,CN=Schema,CN=Configuration,DC=X
+instanceType: 4
+attributeID: 1.3.6.1.4.1.15953.9.1.4
+attributeSyntax: 2.5.5.5
+isSingleValued: FALSE
+showInAdvancedViewOnly: TRUE
+adminDisplayName: sudoRunAs
+adminDescription: User(s) impersonated by sudo (deprecated)
+oMSyntax: 22
+lDAPDisplayName: sudoRunAs
+name: sudoRunAs
+schemaIDGUID:: CP98mCQTyUKKxGrQeM80hQ==
+objectCategory: CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=X
+
+dn: CN=sudoOption,CN=Schema,CN=Configuration,DC=X
+changetype: add
+objectClass: top
+objectClass: attributeSchema
+cn: sudoOption
+distinguishedName: CN=sudoOption,CN=Schema,CN=Configuration,DC=X
+instanceType: 4
+attributeID: 1.3.6.1.4.1.15953.9.1.5
+attributeSyntax: 2.5.5.5
+isSingleValued: FALSE
+showInAdvancedViewOnly: TRUE
+adminDisplayName: sudoOption
+adminDescription: Option(s) followed by sudo
+oMSyntax: 22
+lDAPDisplayName: sudoOption
+name: sudoOption
+schemaIDGUID:: ojaPzBBlAEmsvrHxQctLnA==
+objectCategory: CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=X
+
+dn: CN=sudoRunAsUser,CN=Schema,CN=Configuration,DC=X
+changetype: add
+objectClass: top
+objectClass: attributeSchema
+cn: sudoRunAsUser
+distinguishedName: CN=sudoRunAsUser,CN=Schema,CN=Configuration,DC=X
+instanceType: 4
+attributeID: 1.3.6.1.4.1.15953.9.1.6
+attributeSyntax: 2.5.5.5
+isSingleValued: FALSE
+showInAdvancedViewOnly: TRUE
+adminDisplayName: sudoRunAsUser
+adminDescription: User(s) impersonated by sudo
+oMSyntax: 22
+lDAPDisplayName: sudoRunAsUser
+name: sudoRunAsUser
+schemaIDGUID:: 9C52yPYd3RG3jMR2VtiVkw==
+objectCategory: CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=X
+
+dn: CN=sudoRunAsGroup,CN=Schema,CN=Configuration,DC=X
+changetype: add
+objectClass: top
+objectClass: attributeSchema
+cn: sudoRunAsGroup
+distinguishedName: CN=sudoRunAsGroup,CN=Schema,CN=Configuration,DC=X
+instanceType: 4
+attributeID: 1.3.6.1.4.1.15953.9.1.7
+attributeSyntax: 2.5.5.5
+isSingleValued: FALSE
+showInAdvancedViewOnly: TRUE
+adminDisplayName: sudoRunAsGroup
+adminDescription: Groups(s) impersonated by sudo
+oMSyntax: 22
+lDAPDisplayName: sudoRunAsGroup
+name: sudoRunAsGroup
+schemaIDGUID:: xJhSt/Yd3RGJPTB1VtiVkw==
+objectCategory: CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=X
+
+dn:
+changetype: modify
+add: schemaUpdateNow
+schemaUpdateNow: 1
+-
+
+dn: CN=sudoRole,CN=Schema,CN=Configuration,DC=X
+changetype: add
+objectClass: top
+objectClass: classSchema
+cn: sudoRole
+distinguishedName: CN=sudoRole,CN=Schema,CN=Configuration,DC=X
+instanceType: 4
+possSuperiors: container
+possSuperiors: top
+subClassOf: top
+governsID: 1.3.6.1.4.1.15953.9.2.1
+mayContain: sudoCommand
+mayContain: sudoHost
+mayContain: sudoOption
+mayContain: sudoRunAs
+mayContain: sudoRunAsUser
+mayContain: sudoRunAsGroup
+mayContain: sudoUser
+rDNAttID: cn
+showInAdvancedViewOnly: FALSE
+adminDisplayName: sudoRole
+adminDescription: Sudoer Entries
+objectClassCategory: 1
+lDAPDisplayName: sudoRole
+name: sudoRole
+schemaIDGUID:: SQn432lnZ0+ukbdh3+gN3w==
+systemOnly: FALSE
+objectCategory: CN=Class-Schema,CN=Schema,CN=Configuration,DC=X
+defaultObjectCategory: CN=sudoRole,CN=Schema,CN=Configuration,DC=X