# Mod for Feide schema version 1.5, 2010.04.21, Håvard Høyaas, Steria (hh@steria.no)

#
# This LDIF file makes modifications to the cn=schema tree
# which should modify the user portion of the schema of your
# directory (if that concept exists).  The LDIF is constructed
# to perform this modification in one update.  Should any portion
# fail, then the entire update will fail and no change should be
# made.  The first part of the LDIF is to delete any attributes
# that may have already been defined so that they can be readded
# in the next section. Same methodology applies to the objectclasses
# which follows.
#
# This file contains lines with trailing spaces so that continuation
# of lines work properly.  Please make sure this is respected or you
# may have difficulty in applying the LDIF.
#
dn: cn=subschemasubentry
changetype: modify
#
# if you need to change the definition of an attribute,
#            then first delete and re-add in one step
#
# if this is the first time you are adding the eduperson
# objectclass using this LDIF file, then you should comment
# out the delete attributetypes modification since this will
# fail. Alternatively, if your ldapmodify has a switch to continue
# on errors, then just use that switch -- if you're careful
#
#
# "eduPerson" attributes
#
#delete: attributetypes
#attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.1 NAME 'eduPersonAffiliation' )
#attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.2 NAME 'eduPersonNickname' )
#attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.3 NAME 'eduPersonOrgDN' )
#attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.4 NAME 'eduPersonOrgUnitDN' )
#attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.5 NAME 'eduPersonPrimaryAffiliation' )
#attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.6 NAME 'eduPersonPrincipalName' )
#attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.7 NAME 'eduPersonEntitlement' )
#attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.8 NAME 'eduPersonPrimaryOrgUnitDN' )
#attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.9 NAME 'eduPersonScopedAffiliation' )
#-
#
# re-add the attributes -- in case there is a change of definition
#
#
# "eduPerson" attributes
#
add: attributetypes
attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.1 
 		NAME 'eduPersonAffiliation' 
 		DESC 'eduPerson per Internet2 and EDUCAUSE' 
 		EQUALITY caseIgnoreMatch 
 		SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) 
attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.2 
 		NAME 'eduPersonNickname' 
 		DESC 'eduPerson per Internet2 and EDUCAUSE' 
 		EQUALITY caseIgnoreMatch 
 		SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) 
attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.3 
 		NAME 'eduPersonOrgDN' 
 		DESC 'eduPerson per Internet2 and EDUCAUSE' 
 		EQUALITY distinguishedNameMatch 
 		SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE ) 
attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.4 
 		NAME 'eduPersonOrgUnitDN' 
 		DESC 'eduPerson per Internet2 and EDUCAUSE' 
 		EQUALITY distinguishedNameMatch 
 		SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' ) 
attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.5 
 		NAME 'eduPersonPrimaryAffiliation' 
 		DESC 'eduPerson per Internet2 and EDUCAUSE' 
 		EQUALITY caseIgnoreMatch 
 		SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) 
attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.6 
 		NAME 'eduPersonPrincipalName' 
 		DESC 'eduPerson per Internet2 and EDUCAUSE' 
 		EQUALITY caseIgnoreMatch 
 		SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) 
attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.7 
 		NAME 'eduPersonEntitlement' 
 		DESC 'eduPerson per Internet2 and EDUCAUSE' 
 		EQUALITY caseIgnoreMatch 
 		SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) 
attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.8 
 		NAME 'eduPersonPrimaryOrgUnitDN' 
 		DESC 'eduPerson per Internet2 and EDUCAUSE' 
 		EQUALITY distinguishedNameMatch 
 		SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE) 
attributetypes: ( 1.3.6.1.4.1.5923.1.1.1.9 
 		NAME 'eduPersonScopedAffiliation' 
 		DESC 'eduPerson per Internet2 and EDUCAUSE'
 		EQUALITY caseIgnoreMatch
 		SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) 
attributetypes:	( 1.3.6.1.4.1.5923.1.1.1.10 
		NAME 'eduPersonTargetedID' 
		DESC 'eduPerson per Internet2 and EDUCAUSE' 
		EQUALITY caseIgnoreMatch 
		SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) 
attributetypes:	( 1.3.6.1.4.1.5923.1.1.1.11 
		NAME 'eduPersonAssurance' 
		DESC 'eduPerson per Internet2 and EDUCAUSE' 
		EQUALITY caseIgnoreMatch 
		SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) 
-
#
# eduPerson objectclass definition
# can only be done after attributes established
#
## now the objectclass properly defined.
#  If object class already exists, comment out the following section:
add: objectclasses
objectclasses: ( 1.3.6.1.4.1.5923.1.1.2 
 	NAME 'eduPerson' 
 	AUXILIARY 
 	MAY ( 	eduPersonAffiliation $ eduPersonNickname $
  		eduPersonOrgDN $ eduPersonOrgUnitDN $
  		eduPersonPrimaryAffiliation $ eduPersonPrincipalName $
  		eduPersonEntitlement $ eduPersonPrimaryOrgUnitDN $
  		eduPersonScopedAffiliation $ eduPersonTargetedID $ eduPersonAssurance
  	    ) 
-
#
# end of LDIF
#