Directory
The Stanford Directory project now has URN assignments for Shibboleth. The URNs for the account tree are of the form:
urn:mace:stanford.edu:directory:accounts:AttributeName
For example, the URN for cn in the account tree would be:
urn:mace:stanford.edu:directory:accounts:cn
| Attribute | Description | Single/Multi-Valued | Required? | Indexing | OID |
|---|---|---|---|---|---|
| cn | User's display name | Single(*) | No | eq,sub | 2.5.4.3 |
| description | Individuals self-selected description | Multi-Valued | No | 2.5.4.13 | |
| gecos | User's display name, used for posixAccount cluster access (Ex: John Doe) | Single | No | 1.3.6.1.1.1.1.2 | |
| gidNumber | User's UNIX group identification number (Ex: 37) | Single | Yes | 1.3.6.1.1.1.1.1 | |
| homeDirectory | See suAfsHomeDirectory | Single | No | 1.3.6.1.1.1.1.3 | |
| krb5PrincipalName | User's Kerberos V Principal Name (Ex: jdoe@stanford.edu) | No | eq | 1.3.6.1.4.1.5322.10.1.1 | |
| loginShell | User's UNIX login shell (hardcoded, /bin/tcsh) | Single | No | 1.3.6.1.1.1.1.4 | |
| owner | Cross reference to owning Registry Identifier (Ex: dn: suRegID=12a34567891234b1bc111111000baa77, cn=People, dc=Stanford, dc=edu) | Single(*) | No | 2.5.4.32 | |
| seeAlso | Same data as owner | Single(*) | No | 2.5.4.34 | |
| suAccountStatus | Can be any of: active;inactive | Single | Yes | 1.3.6.1.4.1.299.11.1.100 | |
| suAfsHomeDirectory | User's UNIX home directory in AFS (Ex: /afs/ir/users/j/d/jdoe) | Single | No | 1.3.6.1.4.1.299.11.1.9000 | |
| suAfsStatus | Can be any of: active;frozen | Single | Yes, if one has AFS service | 1.3.6.1.4.1.299.11.1.104 | |
| suAutoreplyAlias | Alternative sunetid's to note as alias' for autoreply | Multi-Valued | No | 1.3.6.1.4.1.299.11.1.705 | |
| suAutoreplyForward | User's address @vacation.stanford.edu to create autoreply message | Single | Yes, if one has Autoreply service | 1.3.6.1.4.1.299.11.1.702 | |
| suAutoreplyMsg | The actual message to send back to people | Single | Yes, if one has autoreply service | 1.3.6.1.4.1.299.11.1.704 | |
| suAutoreplyStart | The start date for the autoreply emails to be sent | Multi-Valued | No | 1.3.6.1.4.1.299.11.1.706 | |
| suAutoreplyStatus | Can be any of: active;inactive | Single | Yes, if one has Autoreply service | 1.3.6.1.4.1.299.11.1.108 | |
| suAutoreplyStop | The stop date for the autoreply emails to be sent | Multi-Valued | No | 1.3.6.1.4.1.299.11.1.707 | |
| suAutoreplySubj | Subject for the autoreply message | Single | Yes, if one has Autoreply service | 1.3.6.1.4.1.299.11.1.703 | |
| suCreateAgent | Agent used to create the account entry (Ex: AccountSlog) | Single | Yes | 1.3.6.1.4.1.299.11.1.42 | |
| suCreateAPI | API used to create the account entry (Ex: JNDI) | Single | Yes | 1.3.6.1.4.1.299.11.1.41 | |
| suDescription | Individuals self-selected description | Multi-Valued | No | 1.3.6.1.4.1.299.11.1.300 | |
| suDialinStatus | Can be any of: active;frozen | Single | Yes, if one has DialIn service | eq | 1.3.6.1.4.1.299.11.1.107 |
| suEmailAccountType | Can be any of: personal;group | Single | No | 1.3.6.1.4.1.299.11.1.1002 | |
| suEmailAdmin | Administrator of a particular email account. Generally the uid of the person. In the case of group accounts, it is the uid of the owner of that group account. | Multi-Valued | No | 1.3.6.1.4.1.299.11.1.1003 | |
| suEmailQuota | Amount of Email Quota a user has (Ex: 100) | Single | No | 1.3.6.1.4.1.299.11.1.1001 | |
| suEmailStatus | Can be any of: active;frozen | Single | No | 1.3.6.1.4.1.299.11.1.106 | |
| suEntitlementName | Name of the workgroups the Guest Accounts are members of | Multi-valued | No | eq | 1.3.6.1.4.1.299.11.1.550 |
| suEntitlementStatus | shows the status of the entitlement service | Single | Yes | 1.3.6.1.4.1.299.11.1.111 | |
| suEntryStatus | Can be any of: active | Single | Yes | 1.3.6.1.4.1.299.11.1.40 | |
| suIdentifies | See owner | Single | No | 1.3.6.1.4.1.299.11.1.500 | |
| suGuestAltLogin | Guest Alternate Login ID | Single | Yes | eq | 1.3.6.1.4.1.299.11.1.315 |
| suGuestName | Shows the name of the Guest | Single | Yes | eq | 1.3.6.1.4.1.299.11.1.205 |
| suGuestStatus | Shows the status of the guest service | Single | Yes | 1.3.6.1.4.1.299.11.1.112 | |
| suGuestUuid | Shows the name of the Guest | Single | Yes | eq | 1.3.6.1.4.1.299.11.1.205 |
| suKerberosStatus | Can be any of: active;frozen | Single | Yes, if one has Kerberos services | eq | 1.3.6.1.4.1.299.11.1.101 |
| suKrb4Name | User's krb4 principle (Ex: jdoe@IR.STANFORD.EDU) | Multi-Valued | No | 1.3.6.1.4.1.299.11.1.201 | |
| suLelandStatus | Can be any of: active;frozen | Single | Yes, if one has Leland service | eq | 1.3.6.1.4.1.299.11.1.103 |
| suMailDrop | Location to deliver mail for the account (Ex: jdoe@jdoe.pobox.stanford.edu) | Multi-Valued | Yes, if one has Seas service | eq | 1.3.6.1.4.1.299.11.1.800 |
| suName | User's display name (Ex: John Doe) | Single | Yes | 1.3.6.1.4.1.299.11.1.200 | |
| suNameLF | User's display name in Last, First format (Ex: Doe, John) | Single | Yes | 1.3.6.1.4.1.299.11.1.203 | |
| suPtsStatus | Can be any of: active;frozen | Single | Yes, if one has PTS service | 1.3.6.1.4.1.299.11.1.105 | |
| suPtsUid | User's UNIX PTS UID (Ex: 37) | Single | Yes, if one has PTS service | 1.3.6.1.4.1.299.11.1.601 | |
| suSeasForward | User's forwarding email address (Ex: jdoe@msn.com) | Multi-Valued | No | 1.3.6.1.4.1.299.11.1.701 | |
| suSeasLocal | User's local delivery address (Ex: jdoe@jdoe.pobox.stanford.edu) | Single | No | 1.3.6.1.4.1.299.11.1.700 | |
| suSeasStatus | Can be any of: active;frozen | Single | Yes, if one has Seas service | eq | 1.3.6.1.4.1.299.11.1.102 |
| suSeasSunetID | List of all selected identifiers for the person (Ex: jdoe,John.Doe,J.Doe) | Multi-Valued | Yes, if one has Seas service | eq | 1.3.6.1.4.1.299.11.1.7 |
| suSeasUriRouteTo | Web page to route incoming ~username requests to (Ex: /~jdoe or http://www.somewhere.com/~jdoe) | Single | No | 1.3.6.1.4.1.299.11.1.1000 | |
| suService | Attribute containing a list of all services the user has. Example values: afs dialin email kerberos leland pts seas | Multi-Valued | No | 1.3.6.1.4.1.299.11.1.400 | |
| uid | User's primary identifer they chose for their suNetID (Ex: jdoe) | Single(*) | Yes | pres,eq | 0.9.2342.19200300.100.1.1 |
| uidNumber | User's UNIX ID number (Ex: 15120) | Single | No | eq | 1.3.6.1.1.1.1.0 |
(*) - Single/Multi-valued as implemented in the tree, not as defined by RFC standards.
| Object Classes in the Account Tree | OID |
|---|---|
| suAccount | 1.3.6.1.4.1.299.11.3.300 |
| suKerberosService | 1.3.6.1.4.1.299.11.3.301 |
| suSeasService | 1.3.6.1.4.1.299.11.3.302 |
| suLelandService | 1.3.6.1.4.1.299.11.3.303 |
| suAfsService | 1.3.6.1.4.1.299.11.3.304 |
| suPtsService | 1.3.6.1.4.1.299.11.3.305 |
| suEmailService | 1.3.6.1.4.1.299.11.3.306 |
| suDialinService | 1.3.6.1.4.1.299.11.3.307 |
| suAutoreplyService | 1.3.6.1.4.1.299.11.3.308 |
| suOperational | 1.3.6.1.4.1.299.11.3.3 |
| suEntitlementService | 1.3.6.1.4.1.299.11.3.313 |
| suGuestService | 1.3.6.1.4.1.299.11.3.314 |
Last modified Tuesday, 27-Nov-2007 01:37:51 PM
