#---------------------------------------------------------------------- # # schac v: 20051122-1.0.0 # # SCHema for ACademia # Attribute definitions for individual data # # The latest version of this document is avaliable at # http://www.rediris.es/ldap/schema/schac.schema # #---------------------------------------------------------------------- # # Changelog # # 20051122 - Initial release # # objectIdentifier RedIRIS 1.3.6.1.4.1.7547 objectIdentifier schac RedIRIS:4.6 objectIdentifier schacObjectClass schac:1 objectIdentifier schacAttributeType schac:2 #---------------------------------------------------------------------- # Attributes #---------------------------------------------------------------------- # # schacMotherTongue # # Descrip: Is the language a person learns first. Correspondingly, # the person is called a native speaker of the language. # Usually a child learns the basics of their first language # from their family. # # Format: - ISO 639: 2-letter codes if the code is defined for our language # - ISO 639: 3-letter codes if the 2-letter code is not defined # - If ISO 639: 3-letter codes is not defined for our language # we need to use a code defined in another classification. # # All values must be lower case. # # Example: schacMotherTongue: fr # attributetype ( schacAttributeType:1 NAME 'schacMotherTongue' DESC 'ISO 639 code for prefered language of communication' EQUALITY caseIgnoreIA5Match SINGLE-VALUE SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{3} ) # # schacGender # # Descrip: The state of being male or female. The gender attribute # specifies the legal gender of the subject it is associated with. # "Either of the two groups that people, animals and plants are # divided into according to their function of producing young" # (Oxford Advanced Learner's Dictionary) # # Format: 0 Not known # 1 Male # 2 Female # 9 Not specified # # Example: schacGender: 2 # attributetype ( schacAttributeType:2 NAME 'schacGender' DESC 'Representation of human sex (see ISO 5218)' EQUALITY integerMatch SINGLE-VALUE SYNTAX 1.3.6.1.4.1.1466.115.121.1.27{1} ) # # schacDateOfBirth # # Descrip: The date of birth for the subject it is associated with # # Format: Numeric value YYYYMMDD, using 4 digits for year, 2 digits # for month and 2 digits for day as described in RFC 3339 # 'Date and Time on the Internet: Timestamps' as reference # using the 'full-date' format from paragraph 5.6 but without # the dashes. # # Example: schacDateOfBirth: 19660412 # attributetype ( schacAttributeType:3 NAME 'schacDateOfBirth' DESC 'Date of birth (format YYYYMMDD, only numeric chars)' EQUALITY numericStringMatch SINGLE-VALUE SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{8} ) # # schacPlaceOfBirth # # Descrip: Specifies the place of birth for the subject it is associated with. # # Format: Free string # # Example: schacPlaceOfBirth: Algeciras, Spain # attributetype ( schacAttributeType:4 NAME 'schacPlaceOfBirth' DESC 'Birth place of a person' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SINGLE-VALUE SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) # # schacCountryOfCitizenship # # Descrip: Specifies the (claimed) countries of citizenship for the # subject it is associated with. # # Format: Two-letter country acronym in accordance with ISO 3166. # All values must be lower case. # # Example: schacCountryOfCitizenship: es # attributetype ( schacAttributeType:5 NAME 'schacCountryOfCitizenship' DESC 'Country of citizenship of a person. Format two-letter acronym according to ISO 3166' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{2} ) # # schacSn1 # # Descrip: First surname of a person ("the surname" in international terms) # # schacSn1 would contain whatever values the described person # thinks they should contain. Splitting shall be done by humans. # That means that, when filling a SCHAC-based description that # allows the use of schacSn1 and schacSn2, the administrators # must ask for 1st surname and 2nd surname (if applicable) as # well as they do for givenName, surname, etc. # # Format: Free string # # Example: In Spain, if sn = Lopez de la Moraleda y de Las Altas Alcurnias # and that person uses Lopez de la Moraleda as the first component # of the surname we can write: # # schacSn1: Lopez de la Moraleda # # In Poland, if sn = Gorecka-Wolniewicz and we decide to use the # national convention for the sn attribute, we can write: # # schacSn1: Wolniewicz # attributetype ( schacAttributeType:6 NAME 'schacSn1' DESC 'First surname of a person' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} ) # # schacSn2 # # Descrip: Second surname of a person (how this is assigned is a local matter). # # schacSn2 would contain whatever values the described person # thinks they should contain. Splitting shall be done by humans. # That means that, when filling a SCHAC-based description that # allows the use of schacSn1 and schacSn2, the administrators # must ask for 1st surname and 2nd surname (if applicable) as well # as they do for givenName, surname, etc. # # Format: Free string # # Example: In Spain, if sn = Lopez de la Moraleda y de Las Altas Alcurnias # and that person uses Lopez de la Moraleda as the second component # of the surname we can write: # # schacSn2: de Las Altas Alcurnias # # In Poland, if sn = Gorecka-Wolniewicz and we decide to use the # national convention for the sn attribute, we can write: # # schacSn2: Gorecka # attributetype ( schacAttributeType:7 NAME 'schacSn2' DESC 'Second surname of a person' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} ) # # schacPersonalTitle # # Descrip: The Personal Title attribute type specifies a personal title # or salutation for a person. Examples of personal titles are # "Ms", "Dr", "Prof", "Rev", "Sr". # # Format: Free string # # Example: schacPersonalTitle: Prof # attributetype ( schacAttributeType:8 NAME 'schacPersonalTitle' DESC 'RFC1274: personal title' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SINGLE-VALUE SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) # # schacHomeOrganization # # Descrip: Specifies a person´s home organization using the domain name # of the organization # # Format: Domain name acording to RFC 1035. # All values must be lower case. # # Example: schacHomeOrganization: terena.nl # attributetype ( schacAttributeType:9 NAME 'schacHomeOrganization' DESC 'Domain name of the home organization' EQUALITY caseIgnoreMatch SINGLE-VALUE SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) # # schacHomeOrganizationType # # Descrip: Type of a Home Organization # # Format: urn:SCHACPREFIX:homeOrgType:: # # - The must be a valid two-letter ISO 3166 # country code identifier. # - from a nationally controlled vocabulary # # Example: schacHomeOrganizationType: urn:SCHACPREFIX:homeOrgType:ch:vho # schacHomeOrganizationType: urn:SCHACPREFIX:homeOrgType:es:opi # attributetype ( schacAttributeType:10 NAME 'schacHomeOrganizationType' DESC 'Type of the home organization' EQUALITY caseIgnoreMatch SINGLE-VALUE SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) # # schacCountryOfResidence # # Descrip: Specifies the (claimed) country of residence for the subject # is associated with. # # Format: Two-letter country acronym in accordance with ISO 3166 country # code identifier. # All values must be lower case. # # Example: schacCountryOfResidence: es # attributetype ( schacAttributeType:11 NAME 'schacCountryOfResidence' DESC 'Country of citizenship of a person. Format two-letter acronym according to ISO 3166' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{2} ) # # schacUserPresenceID # # Descrip: To store a set of values related to network presence protocols # # Format: urn:SCHACPREFIX:presence: # # - is a Namespace Specific String as defined in RFC 2141 # # Example: schacUserPresenceID: urn:SCHACPREFIX:presence:xmpp:pepe@im.univx.es # schacUserPresenceID: urn:SCHACPREFIX:presence:sip:pepe@myweb.com # schacUserPresenceID: urn:SCHACPREFIX:presence:sip:jose.perez@univx.es # schacUserPresenceID: urn:SCHACPREFIX:presence:h323:pepe@myweb.fi:808;pars # schacUserPresenceID: urn:SCHACPREFIX:presence:skype:pepe.perez # attributetype ( schacAttributeType:12 NAME 'schacUserPresenceID' DESC 'Used to store a set of values related to the network presence' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) # # schacPersonalPosition # # Descrip: Specifies a personal position inside an institution # # Format: urn:SCHACPREFIX:position: # # - is a Namespace Specific String as defined in RFC 2141 # # Example: schacPersonalPosition: urn:SCHACPREFIX:position:umk.pl:programmer # attributetype ( schacAttributeType:13 NAME 'schacPersonalPosition' DESC 'Position inside an institution' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) # # schacPersonalPublicUniqueID # # Descrip: Specifies a "public unique identifier" for the subject it is # associated with. # This might be Student number, Employee number,... # # Format: urn:SCHACPREFIX:publicUniqueID:: # # - is a Namespace Specific String as defined in RFC 2141 # - The must be a valid two-letter ISO 3166 # country code identifier. # # Example: schacPersonalPublicUniqueID: urn:SCHACPREFIX:publicUniqueID:fi:tut.fi:student:165934 # schacPersonalPublicUniqueID: urn:SCHACPREFIX:publicUniqueID:es:uma:estudiante:a3b123c12 # schacPersonalPublicUniqueID: urn:SCHACPREFIX:publicUniqueID:se:LIN:87654321 # attributetype ( schacAttributeType:14 NAME 'schacPersonalPublicUniqueID' DESC 'public unique identifier for the subject' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) # # schacPersonalUniqueID # # Descrip: Specifies a "legally unique identifier" for the subject it # is associated with. # This might be DNI in Spain, FIC in Finland, NIN in Sweden,. # # Format: urn:SCHACPREFIX:uniqueID::: # # - The must be a valid two-letter ISO 3166 # country code identifier. # - . Acceptable values must be declared per each # country code. # - # # Example: schacPersonalUniqueID: urn:SCHACPREFIX:uniqueID:es:NIF:31241312L # schacPersonalUniqueID: urn:SCHACPREFIX:uniquelID:fi:FIC:260667-123F # schacPersonalUniqueID: urn:SCHACPREFIX:uniquelID:se:NIN:12345678 # attributetype ( schacAttributeType:15 NAME 'schacPersonalUniqueID' DESC 'Unique identifier for the subject' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) # # schacUUID # # Descrip: Specifies a "universally unique identifier" for an entity # representing a person. # # Format: urn:uuid: # # - . A UUID is essentially a 16-byte number and in its # canonical form a UUID may look like this: # f81d4fae-7dec-11d0-a765-00a0c91e6bf6. # UUID generation requires no central registration process # # Example: schacUUID: urn:uuid:f81d4fae-7dec-11d0-a765-00a0c91e6bf6 # #---------------------------------------------------------------------- # http://www.ietf.org/internet-drafts/draft-zeilenga-ldap-uuid-06.txt #---------------------------------------------------------------------- # attributetype ( schacAttributeType:16 NAME 'schacUUID' DESC 'UUID for the entity' EQUALITY octetStringMatch SINGLE-VALUE SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) # # schacExpiryDate # # Descrip: The date from which the set of data is to be considered # invalid (specifically, in what refers to rights and # entitlements) # # Format: Numeric value YYYYMMDD, using 4 digits for year, 2 digits # for month and 2 digits for day as described in RFC 3339 # 'Date and Time on the Internet: Timestamps' as reference # using the 'full-date' format from paragraph 5.6 but without # the dashes. # # Example: schacExpiryDate: 20051231 # attributetype ( schacAttributeType:17 NAME 'schacExpiryDate' DESC 'Date from which the set of data is to be considered invalid (format YYYYMMDD, only numeric chars)' EQUALITY numericStringMatch SINGLE-VALUE SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{8} ) # # schacUserPrivateAttribute # # Descrip: Used to model privacy requirements, as expressed by the user # and/or the organizational policies. The values are intended # to be attribute type names and applies to the attribute and i # any subtypes of it for a given entity. # # In what respects to data exchange, it applies to the # expression of privacy requirements. # # This attribute can also have specific operational semantics # that will be defined in a separate document. # # Format: An attribute type identifier. # Operational semantics may imply specific values as wildcards. # # Example: Attributes mail and telephoneNumber are considered private # # schacUserPrivateAttribute: mail # schacUserPrivateAttribute: telephoneNumber # attributetype ( schacAttributeType:18 NAME 'schacUserPrivateAttribute' DESC 'Set of denied access attributes' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) # # schacUserStatus # # Descrip: Used to store a set of status of a person as user of services # # Format: urn:SCHACPREFIX:status: # # - is a Namespace Specific String as defined in RFC 2141 # # Example: To store different user activity states at University of # Málaga (uma.es): # # schacUserStaus: urn:SCHACPREFIX:status:uma.es:affiliation:expired # schacUserStaus: urn:SCHACPREFIX:status:uma.es:sendMail:expired # schacUserStaus: urn:SCHACPREFIX:status:uma.es:getMail:active # # A parameter in the URN can be used to represent the temporal # validity of the satus: # # schacUserStatus: urn:SCHACPREFIX:status:ujl.si:webmail:active?ttl=20060531 # attributetype ( schacAttributeType:19 NAME 'schacUserStatus' DESC 'Used to store a set of status of a person as user of services' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) #---------------------------------------------------------------------- # ObjectClasses #---------------------------------------------------------------------- objectClass ( schacObjectClass:1 NAME 'schacPersonalCharacteristics' DESC 'Personal characteristics describe the individual person represented by the entry' SUP top AUXILIARY MAY ( schacMotherTongue $ schacGender $ schacDateOfBirth $ schacPlaceOfBirth $ schacCountryOfCitizenship $ schacSn1 $ schacSn2 $ schacPersonalTitle ) ) objectClass ( schacObjectClass:2 NAME 'schacContactLocation' DESC 'Primary means of locating and contacting potential collaborators and other persons-of-interest at peer institutions' SUP top AUXILIARY MAY ( schacHomeOrganization $ schacHomeOrganizationType $ schacCountryOfResidence $ schacUserPresenceID ) ) objectClass ( schacObjectClass:3 NAME 'schacEmployeeInfo' DESC 'Employee information includes attributes that have relevance to the employee role, such as position, office hours, and job title' SUP top AUXILIARY MAY ( schacPersonalPosition ) ) objectClass ( schacObjectClass:4 NAME 'schacLinkageIdentifiers' DESC 'Used to link a directory entry with records in external data stores or other directory entries' SUP top AUXILIARY MAY ( schacPersonalPublicUniqueID $ schacPersonalUniqueID $ schacUUID ) ) objectClass ( schacObjectClass:5 NAME 'schacEntryMetadata' DESC 'Used to contain information about the entry itself, often its status, birth, and death' SUP top AUXILIARY MAY ( schacExpiryDate ) ) objectClass ( schacObjectClass:6 NAME 'schacEntryConfidentiality' DESC 'Used to indicate whether an entry is visible publicly, visible only to affiliates of the institution, or not visible at all.' SUP top AUXILIARY MAY ( schacUserPrivateAttribute ) ) objectClass ( schacObjectClass:7 NAME 'schacUserEntitlements' DESC 'Authorization for services' SUP top AUXILIARY MAY ( schacUserStatus ) ) #---------------------------------------------------------------------- # End of SCHAC schema #----------------------------------------------------------------------