MINI MINI MANI MO
#
# File: oidSchemaCreateODIP.sbs
#
# Description:
# Contains DIP specific LDAP schema extensions required by
# all Oracle Products for release iAS Rel 2
# Modified:
#
# 09/12/01 akolli Creation
#
#
# Notes:
#
# This LDIF file will only work with Oracle Internet Directory
# version 3.0.1 and above
#
# This file should be loaded by 'ldapmodify' with the following
# options "-c -a -v"
#
#
###########################################################################
# Changes in ODI.LDIF from 9.0.1 Release
###########################################################################
# Cleanup UnRequiredGroup
dn: cn=odipgroup,cn=odi,cn=oracle internet directory
changetype: delete
# Modify ACLS for the SGROUP
dn: cn=subscriber profile,cn=changelog subscriber,cn=oracle internet directory
changetype: modify
replace: orclaci
orclaci: access to entry by group="cn=odisgroup,cn=odi,cn=oracle internet directory" (browse,add,delete) by self (browse, noadd, nodelete) by * (none)
orclaci: access to attr=(orclodipagentpassword) by group="cn=odisgroup,cn=odi,cn=oracle internet directory" (read,search,write,compare) by self (read,search,write,compare) by * (none)
orclaci: access to attr!=(orclodipagentpassword) by group="cn=odisgroup,cn=odi,cn=oracle internet directory" (read,search,write,compare) by self (read,search,write,compare) by * (none)
# Modify ACLS for the Registration Entry
dn: cn=odisrv,cn=subregistrysubentry
changetype: modify
replace: orclaci
orclaci: access to entry by group="cn=odisgroup,cn=odi,cn=oracle internet directory" (browse,add,delete) by * (browse,noadd,nodelete)
orclaci: access to attr=(*) by group="cn=odisgroup,cn=odi,cn=oracle internet directory" (read,search,write,compare) by * (search,read,nowrite,nocompare)
# Modify ACLS for the ConfigSet Container
dn: cn=metadird,cn=configsets,cn=oracle internet directory
changetype: modify
replace: orclaci
orclaci: access to entry by group="cn=odisgroup,cn=odi,cn=oracle internet directory" (browse,noadd,nodelete) by * (browse)
orclaci: access to attr=(*) by group="cn=odisgroup,cn=odi,cn=oracle internet directory" (read,search,write,compare) by * (search,read,nowrite,nocompare)
dn: cn=changelog
changetype: modify
replace: orclaci
orclaci: access to entry by group="cn=odisgroup,cn=odi,cn=oracle internet directory" (browse,noadd,nodelete) by * (none)
orclaci: access to attr=(*) by group="cn=odisgroup,cn=odi,cn=oracle internet directory" (read,search,nowrite,compare) by * (none)
dn: cn=configset0,cn=metadird,cn=configsets,cn=oracle internet Directory
changetype: add
cn: configset0
orclodipconfigrefreshflag: 1
objectclass: top
objectclass: orclODISConfig
###########################################################################
# Common Attributes
###########################################################################
######################
# Generic Attributes
######################
dn: cn=subschemasubentry
changetype: modify
add: attributeTypes
attributeTypes: (
2.16.840.1.113894.8.1.201 NAME
'orclODIPProfileName' EQUALITY caseIgnoreMatch
SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE)
###############################
# Scheduling Attributes
###############################
dn: cn=subschemasubentry
changetype: modify
add: attributeTypes
attributeTypes: (
2.16.840.1.113894.8.1.210 NAME
'orclODIPProfileSchedule' EQUALITY caseIgnoreMatch
SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE)
dn: cn=subschemasubentry
changetype: modify
add: attributeTypes
attributeTypes: (
2.16.840.1.113894.8.1.211 NAME
'orclODIPProfileMaxRetries' EQUALITY caseIgnoreMatch
SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE)
######################
# Interface Attributes
######################
dn: cn=subschemasubentry
changetype: modify
add: attributeTypes
attributeTypes: (
2.16.840.1.113894.8.1.220 NAME
'orclODIPProfileInterfaceName' EQUALITY caseIgnoreMatch
SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE)
dn: cn=subschemasubentry
changetype: modify
add: attributeTypes
attributeTypes: (
2.16.840.1.113894.8.1.221 NAME
'orclODIPProfileInterfaceType' EQUALITY caseIgnoreMatch
SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE)
dn: cn=subschemasubentry
changetype: modify
add: attributeTypes
attributeTypes: (
2.16.840.1.113894.8.1.222 NAME
'orclODIPProfileInterfaceConnectInformation' EQUALITY caseIgnoreMatch
SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE)
dn: cn=subschemasubentry
changetype: modify
add: attributeTypes
attributeTypes: (
2.16.840.1.113894.8.1.223 NAME
'orclODIPProfileInterfaceAdditionalInformation' EQUALITY caseIgnoreMatch
SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE)
dn: cn=subschemasubentry
changetype: modify
add: attributeTypes
attributeTypes: (
2.16.840.1.113894.8.1.224 NAME
'orclODIPProfileInterfaceVersion' EQUALITY caseIgnoreMatch
SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE)
######################
# Status Attributes
######################
dn: cn=subschemasubentry
changetype: modify
add: attributeTypes
attributeTypes: (
2.16.840.1.113894.8.1.230 NAME
'orclODIPProfileProcessingStatus' EQUALITY caseIgnoreMatch
SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE)
dn: cn=subschemasubentry
changetype: modify
add: attributeTypes
attributeTypes: (
2.16.840.1.113894.8.1.231 NAME
'orclODIPProfileProcessingErrors' EQUALITY caseIgnoreMatch
SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
dn: cn=subschemasubentry
changetype: modify
add: attributeTypes
attributeTypes: (
2.16.840.1.113894.8.1.232 NAME
'orclODIPProfileLastProcessingTime' EQUALITY caseIgnoreMatch
SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE)
dn: cn=subschemasubentry
changetype: modify
add: attributeTypes
attributeTypes: (
2.16.840.1.113894.8.1.233 NAME
'orclODIPProfileLastSuccessfulProcessingTime' EQUALITY caseIgnoreMatch
SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE)
######################################################
# MISC attributes
######################################################
dn: cn=subschemasubentry
changetype: modify
add: attributeTypes
attributeTypes: (
2.16.840.1.113894.8.1.250 NAME
'orclODIPProfileExecGroupID' EQUALITY caseIgnoreMatch
SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE)
dn: cn=subschemasubentry
changetype: modify
add: attributeTypes
attributeTypes: (
2.16.840.1.113894.8.1.251 NAME
'orclODIPProfileDebugLevel' EQUALITY caseIgnoreMatch
SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE)
###########################################################################
# Provisioning Attributes
###########################################################################
dn: cn=subschemasubentry
changetype: modify
add: attributeTypes
attributeTypes: (
2.16.840.1.113894.8.1.401 NAME
'orclODIPProvisioningAppName' EQUALITY caseIgnoreMatch
SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE)
dn: cn=subschemasubentry
changetype: modify
add: attributeTypes
attributeTypes: (
2.16.840.1.113894.8.1.402 NAME
'orclODIPProvisioningAppGUID' EQUALITY caseIgnoreMatch
SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE)
dn: cn=subschemasubentry
changetype: modify
add: attributeTypes
attributeTypes: (
2.16.840.1.113894.8.1.403 NAME
'orclODIPProvisioningOrgName' EQUALITY caseIgnoreMatch
SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE)
dn: cn=subschemasubentry
changetype: modify
add: attributeTypes
attributeTypes: (
2.16.840.1.113894.8.1.404 NAME
'orclODIPProvisioningOrgGUID' EQUALITY caseIgnoreMatch
SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE)
dn: cn=subschemasubentry
changetype: modify
add: attributeTypes
attributeTypes: (
2.16.840.1.113894.8.1.405 NAME
'orclODIPProvisioningEventSubscription' EQUALITY caseIgnoreMatch
SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
################################
# ObjectClases
################################
# The core integration profile class
dn: cn=subschemasubentry
changetype: modify
add: objectClasses
objectClasses: (
2.16.840.1.113894.8.2.200 NAME
'orclODIPIntegrationProfile' SUP ( top $ orclchangesubscriber) STRUCTURAL
MUST ( orclODIPProfileName $ orclVersion )
MAY (
orclStatus $ orclPasswordAttribute $ userPassword $
orclODIPProfileSchedule $ orclODIPProfileMaxRetries $
orclODIPProfileInterfaceName $ orclODIPProfileInterfaceType $
orclODIPProfileInterfaceConnectInformation $
orclODIPProfileInterfaceAdditionalInformation $
orclODIPProfileInterfaceVersion $
orclODIPProfileProcessingStatus $ orclODIPProfileProcessingErrors $
orclODIPProfileLastProcessingTime $
orclODIPProfileLastSuccessfulProcessingTime $
orclODIPProfileExecGroupID $
orclODIPProfileDebugLevel ) )
# the provisioning specific profile class
dn: cn=subschemasubentry
changetype: modify
add: objectClasses
objectClasses: (
2.16.840.1.113894.8.2.400 NAME
'orclODIPProvisioningIntegrationProfile'
SUP ( top $ orclODIPIntegrationProfile ) STRUCTURAL
MUST ( orclODIPProvisioningAppName $ orclODIPProvisioningAppGUID $
orclODIPProvisioningOrgName $ orclODIPProvisioningOrgGUID $
orclODIPProvisioningEventSubscription ) )
##############################
# Catalog orclODIPProfileName
##############################
dn: cn=catalogs
changetype: modify
add: orclindexedattribute
orclindexedattribute: orclODIPProfileName
#################################################################
# Create the container for Provisioning profiles and their ACLs
###################################################################
dn: cn=Provisioning Profiles,cn=changelog subscriber,cn=oracle internet directory
changetype: add
objectclass: top
objectclass: orclContainerOC
description: Container for all provisioning profiles
cn: Provisioning Profiles
#################################################
# Create the Provisioning Admin Group
#################################################
dn: cn=Provisioning Admins,cn=changelog subscriber,
cn=oracle internet directory
changetype: add
objectclass: groupofuniquenames
objectclass: orclACPGroup
objectclass: orclprivilegegroup
uniquemember: cn=orcladmin
owner: cn=orcladmin
orclentrylevelaci: access to attr=(uniqueMember,owner) by dnattr=(owner) (read,search,write,compare) by * (read,search,nowrite,compare)
#########################################################
# Set the ACLs on the Provisioning Profile Container
#########################################################
dn: cn=Provisioning Profiles,cn=changelog subscriber,
cn=oracle internet directory
changetype: modify
add: orclaci
orclaci: access to entry by group="cn=odisgroup,cn=odi,cn=oracle
internet directory" (browse,noadd,delete)
by group="cn=Provisioning Admins,cn=changelog subscriber,
cn=oracle internet directory" (browse,add,delete)
by guidattr=(orclODIPProvisioningAppGUID) (browse,noadd,delete)
by self (browse,noadd,nodelete) by * (none)
orclaci: access to attr=(userpassword,orclPasswordAttribute,
orclODIPProfileInterfaceConnectInformation,
orclODIPProfileInterfaceAdditionalInformation)
by group="cn=odisgroup,cn=odi,cn=oracle internet directory"
(read,search,nowrite,compare)
by group="cn=Provisioning Admins,cn=changelog subscriber,
cn=oracle internet directory" (read,search,write,compare)
by guidattr=(orclODIPProvisioningAppGUID) (read,search,write,compare)
by self (read,search,nowrite,nocompare) by * (none)
orclaci: access to attr!=(userpassword,orclPasswordAttribute,
orclODIPProfileInterfaceConnectInformation,
orclODIPProfileInterfaceAdditionalInformation)
by group="cn=odisgroup,cn=odi,cn=oracle internet directory"
(read,search,write,compare)
by group="cn=Provisioning Admins,cn=changelog subscriber,
cn=oracle internet directory" (read,search,write,compare)
by guidattr=(orclODIPProvisioningAppGUID) (read,search,write,compare)
by self (read,search,write,compare) by * (none)
OHA YOOOO