Here is a list of needed LDAP schema files for the different LAM modules. For OpenLDAP we also provide a source where you can get the files.
Table A.1. LDAP schema files
Account type | Object class(es) | Schema name | Source | Notes | |
---|---|---|---|---|---|
Unix accounts | posixAccount, shadowAccount, hostObject, posixGroup | nis.schema, rfc2307bis.schema, ldapns.schema (hostObject) | Part of OpenLDAP installation, part of libpam-ldap (ldapns.schema) | The rfc2307bis.schema is only supported by LAM Pro. Use the nis.schema if you do not want to upgrade to LAM Pro. | |
Address book entries | inetOrgPerson | inetorgperson.schema | Part of OpenLDAP installation | ||
Samba 3 accounts | sambaSamAccount, sambaGroupMapping, sambaDomain | samba.schema | Part of Samba tarball (examples/LDAP/samba.schema) | ||
Windows AD (Samba 4) | user, group, computer | Samba 4 built-in | |||
AD LDS | user, group | AD LDS built-in | |||
Kolab 2/3 users | kolabUser | kolab2/3.schema, rfc2739.schema | Part of Kolab 2/3 installation | ||
Asterisk (extension) | AsteriskSIPUser, AsteriskExtension | asterisk.schema | Part of Asterisk installation | ||
PyKota users, groups, printers and billing codes | pykotaObject, pykotaAccount, pykotaAccountBalance, pykotaGroup, pykotaPrinter, pykotaBilling | pykota.schema | Part of PyKota installation | ||
Mail routing | inetLocalMailRecipient | misc.schema | Part of OpenLDAP installation | ||
Hosts | hostObject, device | ldapns.schema | Part of libpam-ldap installation | The device object class is only available in LAM Pro. | |
Authorized services | authorizedServiceObject | ldapns.schema | Part of libpam-ldap installation | ||
Mail aliases | nisMailAlias | misc.schema | Part of OpenLDAP installation | ||
Qmail user | qmailUser | qmail.schema | Part of qmail_ldap | LAM Pro only | |
MAC addresses | ieee802device | nis.schema | Part of OpenLDAP installation | ||
IP addresses | ipHost | nis.schema | Part of OpenLDAP installation | LAM Pro only | |
Puppet | puppetClient | puppet.schema | Puppet on GitHub | ||
EDU person | eduPerson | eduperson.schema | http://middleware.internet2.edu | ||
Simple Accounts | account | cosine.schema | Part of OpenLDAP installation | ||
SSH public keys | ldapPublicKey | openssh-lpk.schema | Included in patch from http://code.google.com/p/openssh-lpk/ | ||
Filesystem quotas | systemQuotas | quota.schema | Linux DiskQuota | ||
Group of (unique) names | groupOfNames, groupOfUniqueNames, groupOfMembers | core.schema | Part of OpenLDAP installation | LAM Pro only | |
Groups | organizationalRole | core.schema | Part of OpenLDAP installation | LAM Pro only | |
DHCP | dhcpOptions, dhcpSubnet, dhcpServer | dhcp.schema | docs/schema/dhcp.schema | The LDAP suffix should be set to your dhcpServer entry. | |
Bind DLZ DNS | dlzZone, dlzHost, dlzSOARecord, dlzNSRecord, dlzARecord, dlzMXRecord, dlzCNameRecord, dlzPTRRecord | dlz.schema | part of Bind DLZ patch | LAM Pro only | |
Aliases | alias, uidObject | core.schema | Part of OpenLDAP installation | LAM Pro only | |
NIS netgroups | nisNetgroup | nis.schema | Part of OpenLDAP installation | ||
NIS objects | nisObject | nis.schema | Part of OpenLDAP installation | LAM Pro only | |
Automount objects | automount | autofs.schema, rfc2307bis.schema | Autofs LDAP | LAM Pro only | |
Oracle databases | orclNetService | oidbase.schema, oidnet.schema, oidrdbms.schema, alias.schema | Preinstalled on Oracle directory server, OpenLDAP schemas can be downloaded e.g. here | LAM Pro only | |
Password policies | pwdPolicy, device | ppolicy.schema, core.schema | Part of OpenLDAP installation | LAM Pro only | |
PowerDNS | dNSDomain2, domainRelatedObject | dnsdomain2.schema | Part of OpenLDAP installation | LAM Pro only | |
FreeRadius users | radiusprofile | openldap.schema | Part of FreeRadius installation | ||
Heimdal Kerberos | krb5KDCEntry | hdb.schema | Part of Heimdal Kerberos installation | LAM Pro only | |
MIT Kerberos | krbPrincipal, krbPrincipalAux, krbTicketPolicyAux | kerberos.schema | Part of MIT Kerberos installation | LAM Pro only | |
Simple Security Object | simpleSecurityObject | core.schema | Part of OpenLDAP installation | LAM Pro only | |
Sudo roles | sudoRole | sudo.schema | Part of sudo-ldap installation | LAM Pro only | |
Kopano | kopano-user, kopano-contact, kopano-group, kopano-dynamicgroup, kopano-addresslist, kopano-server | kopano.ldif | Part of Kopano installation | LAM Pro only | |
IMAP mailboxes | - | - | - | Does not require any schema. | |
LDAP views | nsview, organizationalunit | built-in | Part of LDAP server installation (e.g. 389 server) | LAM Pro only | |
Apache Guacamole | guacConfigGroup | guacConfigGroup.ldif | Part of Guacamole Auth LDAP installation | LAM Pro only | |
All | dynamicObject | built-in with DDS module | Part of LDAP server installation | LAM Pro only, requires DDS extension on LDAP server side |