18. Схема LDAP

18.1. OpenLDAP

attributetype ( 1.2.643.2.63.1.1.1
        NAME 'rdbPassword'
        DESC 'Native RDB password'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
        SINGLE-VALUE )

attributetype ( 1.2.643.2.63.1.1.2
        NAME 'rdbSecurePassword'
        DESC 'Secure RDB password'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
        SINGLE-VALUE )

attributetype ( 1.2.643.2.63.1.1.3
        NAME 'rdbPasswordAlgorithm'
        DESC 'RDB password hashing algorithm'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )

attributetype ( 1.2.643.2.63.1.1.4
        NAME 'rdbPasswordHistory'
        DESC 'RDB password change history'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
        SINGLE-VALUE )

attributetype ( 1.2.643.2.63.1.1.5
        NAME 'rdbPolicy'
        DESC 'User policy in security database'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )

attributetype ( 1.2.643.2.63.1.1.6
        NAME 'rdbPasswordTime'
        DESC 'Date/time of last password change'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
        SINGLE-VALUE )

attributetype ( 1.2.643.2.63.1.1.7
        NAME 'rdbFailedCount'
        DESC 'Count of failed authentication events'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
        SINGLE-VALUE )

attributetype ( 1.2.643.2.63.1.1.8
        NAME 'rdbAccessTime'
        DESC 'Date/time when ends user ban'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
        SINGLE-VALUE )

attributetype ( 1.2.643.2.63.1.1.9
        NAME 'rdbMlsLevel'
        DESC 'Security level'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )

attributetype ( 1.2.643.2.63.1.1.10
        NAME 'rdbMlsCompartment'
        DESC 'User compartment'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )

attributetype ( 1.2.643.2.63.1.1.11
        NAME 'rdbSrpVerifier'
        DESC 'RDB password for SRP protocol'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
        SINGLE-VALUE )

attributetype ( 1.2.643.2.63.1.1.12
        NAME 'rdbSrpSalt'
        DESC 'Salt for SRP'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
        SINGLE-VALUE )

attributetype ( 1.2.643.2.63.1.1.13
        NAME 'rdbActive'
        DESC 'Blocking flag'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
        SINGLE-VALUE )

attributetype ( 1.2.643.2.63.1.1.14
        NAME 'rdbLegacyHistory'
        DESC 'Legacy password change history'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
        SINGLE-VALUE )

attributetype ( 1.2.643.2.63.1.1.15
        NAME 'rdbSrpHistory'
        DESC 'SRP password change history'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
        SINGLE-VALUE )

attributetype ( 1.2.643.2.63.1.1.16
        NAME 'rdbLegacyPasswordTime'
        DESC 'Date/time of last legacy password change'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
        SINGLE-VALUE )

attributetype ( 1.2.643.2.63.1.1.17
        NAME 'rdbSrpPasswordTime'
        DESC 'Date/time of last SRP password change'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
        SINGLE-VALUE )

objectclass ( 1.2.643.2.63.2.1
        NAME 'rdbAuth'
        SUP top
        AUXILIARY
        DESC 'RDB authentication data'
        MAY ( rdbPassword $ rdbSecurePassword $
              rdbPasswordAlgorithm $ rdbPasswordHistory $
              rdbPolicy $ rdbPasswordTime $ rdbFailedCount $ rdbAccessTime $
              rdbMlsLevel $ rdbMlsCompartment $
              rdbSrpVerifier $ rdbSrpSalt $ rdbActive $
              rdbLegacyHistory $ rdbSrpHistory $
              rdbLegacyPasswordTime $ rdbSrpPasswordTime
        )
)