# 202208 SWITCH / HSLU
#
# This schema implements the swissEdu attributes from the
# SWITCHaai Attribute Specification Version 1.7 that can be found at
#   https://www.switch.ch/aai/attributes/
#
# The schema implements the object class 'swissEduPerson', which
# supports all of the eduPerson and swissEdu attributes specified
# in the SWITCHaai Attribute Specification.
#
# SwissEduPerson directory schema (202208)
#
# The latest version of this document is available at
#   https://www.switch.ch/aai/docs/LDAP-schemas/

# ======================================================================================================================================
#
#  File:    swissedu-202208.adschema.ldif
#  Version: 202208
#
#  History:
#    2014-01: HSLU: Initial version.
#    2016-02: SWITCH: Correct a couple of attribute IDs to match predefined OIDs
#    2017-06: Updated to match the attribute specification 1.6. New attribute: eduPersonOrcid
#    2022-08: Updated to match the attribute specification 1.7.
#             New attributes: swissEduPersonPrivateMail, swissEduPersonMinimumAgeCategory,
#             swissEduPersonOrganizationalMail, swissLibraryPersonResidenceCanton
#
#  This file should be imported with the following command while logged in to the Domain Controller as an Admin User:
#    ldifde -i -f swissedu-202208.adschema.ldif -v -j <PATH TO LOGFILES>
#
#  REMEMBER TO SEARCH AND REPLACE DC=X WITH YOUR DC SUFFIX
#
# =======================================================================================================================================

# =============================================================================
#
# NOTE:
# This schema is a template that needs to be adapted to match your environment.
# Especially, you need to adapt the DN suffix "DC=X".
#
# =============================================================================

# ==================================================================
#  Attributes
# ==================================================================
dn: CN=swissEduPersonUniqueID,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: swissEduPersonUniqueID
lDAPDisplayName: swissEduPersonUniqueID
adminDisplayName: swissEduPersonUniqueID
adminDescription: Unique identifier for inter-institutional user identification
attributeID: 2.16.756.1.2.5.1.1.1
attributeSyntax: 2.5.5.12
oMSyntax: 64
isSingleValued: TRUE
searchFlags: 1
showInAdvancedViewOnly: TRUE
systemOnly: FALSE

dn: CN=swissEduPersonDateOfBirth,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: swissEduPersonDateOfBirth
lDAPDisplayName: swissEduPersonDateOfBirth
adminDisplayName: swissEduPersonDateOfBirth
adminDescription: Date of birth (format YYYYMMDD, only numeric chars)
attributeID: 2.16.756.1.2.5.1.1.2
attributeSyntax: 2.5.5.6
oMSyntax: 18
isSingleValued: TRUE
searchFlags: 1
showInAdvancedViewOnly: TRUE
systemOnly: FALSE

dn: CN=swissEduPersonGender,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: swissEduPersonGender
lDAPDisplayName: swissEduPersonGender
adminDisplayName: swissEduPersonGender
adminDescription: Representation of human sex (see ISO 5218)
attributeID: 2.16.756.1.2.5.1.1.3
attributeSyntax: 2.5.5.9
oMSyntax: 2
isSingleValued: TRUE
searchFlags: 1
showInAdvancedViewOnly: TRUE
systemOnly: FALSE

dn: CN=swissEduPersonHomeOrganization,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: swissEduPersonHomeOrganization
lDAPDisplayName: swissEduPersonHomeOrganization
adminDisplayName: swissEduPersonHomeOrganization
adminDescription: Domain name of the home organization
attributeID: 2.16.756.1.2.5.1.1.4
attributeSyntax: 2.5.5.12
oMSyntax: 64
isSingleValued: TRUE
searchFlags: 1
showInAdvancedViewOnly: TRUE
systemOnly: FALSE

dn: CN=swissEduPersonHomeOrganizationType,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: swissEduPersonHomeOrganizationType
lDAPDisplayName: swissEduPersonHomeOrganizationType
adminDisplayName: swissEduPersonHomeOrganizationType
adminDescription: Type of the home organization
attributeID: 2.16.756.1.2.5.1.1.5
attributeSyntax: 2.5.5.12
oMSyntax: 64
isSingleValued: TRUE
searchFlags: 1
showInAdvancedViewOnly: TRUE
systemOnly: FALSE

dn: CN=swissEduPersonStudyBranch1,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: swissEduPersonStudyBranch1
lDAPDisplayName: swissEduPersonStudyBranch1
adminDisplayName: swissEduPersonStudyBranch1
adminDescription: Study branch of a student, first level of classification
attributeID: 2.16.756.1.2.5.1.1.6
attributeSyntax: 2.5.5.9
oMSyntax: 2
isSingleValued: FALSE
searchFlags: 1
showInAdvancedViewOnly: TRUE
systemOnly: FALSE

dn: CN=swissEduPersonStudyBranch2,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: swissEduPersonStudyBranch2
lDAPDisplayName: swissEduPersonStudyBranch2
adminDisplayName: swissEduPersonStudyBranch2
adminDescription: Study branch of a student, intermediate level of classification
attributeID: 2.16.756.1.2.5.1.1.7
attributeSyntax: 2.5.5.9
oMSyntax: 2
isSingleValued: FALSE
searchFlags: 1
showInAdvancedViewOnly: TRUE
systemOnly: FALSE

dn: CN=swissEduPersonStudyBranch3,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: swissEduPersonStudyBranch3
lDAPDisplayName: swissEduPersonStudyBranch3
adminDisplayName: swissEduPersonStudyBranch3
adminDescription: Study branch of a student
attributeID: 2.16.756.1.2.5.1.1.8
attributeSyntax: 2.5.5.9
oMSyntax: 2
isSingleValued: FALSE
searchFlags: 1
showInAdvancedViewOnly: TRUE
systemOnly: FALSE

dn: CN=swissEduPersonStudyLevel,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: swissEduPersonStudyLevel
lDAPDisplayName: swissEduPersonStudyLevel
adminDisplayName: swissEduPersonStudyLevel
adminDescription: Study level of a student in a particular studyBranch3
attributeID: 2.16.756.1.2.5.1.1.9
attributeSyntax: 2.5.5.12
oMSyntax: 64
isSingleValued: FALSE
searchFlags: 1
showInAdvancedViewOnly: TRUE
systemOnly: FALSE

dn: CN=swissEduPersonStaffCategory,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: swissEduPersonStaffCategory
lDAPDisplayName: swissEduPersonStaffCategory
adminDisplayName: swissEduPersonStaffCategory
adminDescription: Workbranch of a staff member
attributeID: 2.16.756.1.2.5.1.1.10
attributeSyntax: 2.5.5.9
oMSyntax: 2
isSingleValued: FALSE
searchFlags: 1
showInAdvancedViewOnly: TRUE
systemOnly: FALSE

dn: CN=swissEduPersonMatriculationNumber,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: swissEduPersonMatriculationNumber
lDAPDisplayName: swissEduPersonMatriculationNumber
adminDisplayName: swissEduPersonMatriculationNumber
adminDescription: Matriculation number of a student
attributeID: 2.16.756.1.2.5.1.1.11
attributeSyntax: 2.5.5.6
oMSyntax: 18
isSingleValued: TRUE
searchFlags: 1
showInAdvancedViewOnly: TRUE
systemOnly: FALSE

dn: CN=swissEduPersonCardUID,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: swissEduPersonCardUID
lDAPDisplayName: swissEduPersonCardUID
adminDisplayName: swissEduPersonCardUID
adminDescription: Card unique identifier
attributeID: 2.16.756.1.2.5.1.1.12
attributeSyntax: 2.5.5.12
oMSyntax: 64
isSingleValued: FALSE
searchFlags: 1
showInAdvancedViewOnly: TRUE
systemOnly: FALSE

dn: CN=swissEduPersonPrivateMail,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: swissEduPersonPrivateMail
lDAPDisplayName: swissEduPersonPrivateMail
adminDisplayName: swissEduPersonPrivateMail
adminDescription: Private e-mail addresses of a person
attributeID: 2.16.756.1.2.5.1.1.18
attributeSyntax: 2.5.5.5
oMSyntax: 22
isSingleValued: FALSE
searchFlags: 1
showInAdvancedViewOnly: TRUE
systemOnly: FALSE

dn: CN=swissEduPersonMinimumAgeCategory,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: swissEduPersonMinimumAgeCategory
lDAPDisplayName: swissEduPersonMinimumAgeCategory
adminDisplayName: swissEduPersonMinimumAgeCategory
adminDescription: The minimum age category of the person
attributeID: 2.16.756.1.2.5.1.1.19
attributeSyntax: 2.5.5.6
oMSyntax: 18
isSingleValued: TRUE
searchFlags: 1
showInAdvancedViewOnly: TRUE
systemOnly: FALSE

dn: CN=swissEduPersonOrganizationalMail,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: swissEduPersonOrganizationalMail
lDAPDisplayName: swissEduPersonOrganizationalMail
adminDisplayName: swissEduPersonOrganizationalMail
adminDescription: Organizational e-mail addresses of a person
attributeID: 2.16.756.1.2.5.1.1.20
attributeSyntax: 2.5.5.5
oMSyntax: 22
isSingleValued: FALSE
searchFlags: 1
showInAdvancedViewOnly: TRUE
systemOnly: FALSE

dn: CN=swissEduID,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: swissEduID
lDAPDisplayName: swissEduID
adminDisplayName: swissEduID
adminDescription: The Swiss edu-ID persistent identifier for Swiss Higher Education users
attributeID: 2.16.756.1.2.5.1.1.13
attributeSyntax: 2.5.5.12
oMSyntax: 64
isSingleValued: TRUE
searchFlags: 1
showInAdvancedViewOnly: TRUE
systemOnly: FALSE

dn: CN=swissLibraryPersonAffiliation,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: swissLibraryPersonAffiliation
lDAPDisplayName: swissLibraryPersonAffiliation
adminDisplayName: swissLibraryPersonAffiliation
adminDescription: Type of library affiliation
attributeID: 2.16.756.1.2.5.1.1.1023
attributeSyntax: 2.5.5.12
oMSyntax: 64
isSingleValued: FALSE
searchFlags: 1
showInAdvancedViewOnly: TRUE
systemOnly: FALSE

dn: CN=swissLibraryPersonResidence,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: swissLibraryPersonResidence
lDAPDisplayName: swissLibraryPersonResidence
adminDisplayName: swissLibraryPersonResidence
adminDescription: Defines the current residence of the patron
attributeID: 2.16.756.1.2.5.1.1.1025
attributeSyntax: 2.5.5.12
oMSyntax: 64
isSingleValued: FALSE
searchFlags: 1
showInAdvancedViewOnly: TRUE
systemOnly: FALSE

dn: CN=swissLibraryPersonResidenceCanton,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: swissLibraryPersonResidenceCanton
lDAPDisplayName: swissLibraryPersonResidenceCanton
adminDisplayName: swissLibraryPersonResidenceCanton
adminDescription: The current canton of residence of the patron
attributeID: 2.16.756.1.2.5.1.1.1033
attributeSyntax: 2.5.5.12
oMSyntax: 64
isSingleValued: TRUE
searchFlags: 1
showInAdvancedViewOnly: TRUE
systemOnly: FALSE

# ==================================================================
#  Object classes
# ==================================================================

dn: CN=swissEduPerson,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: classSchema
cn: swissEduPerson
lDAPDisplayName: swissEduPerson
adminDisplayName: swissEduPerson
adminDescription: Swiss eduPerson Object for use in e-Academia
governsID: 2.16.756.1.2.5.1.2.1
objectClassCategory: 3
subclassOf: top
rdnAttId: cn
mayContain: 1.3.6.1.4.1.5923.1.1.1.1
mayContain: 1.3.6.1.4.1.5923.1.1.1.2
mayContain: 1.3.6.1.4.1.5923.1.1.1.3
mayContain: 1.3.6.1.4.1.5923.1.1.1.4
mayContain: 1.3.6.1.4.1.5923.1.1.1.5
mayContain: 1.3.6.1.4.1.5923.1.1.1.6
mayContain: 1.3.6.1.4.1.5923.1.1.1.7
mayContain: 1.3.6.1.4.1.5923.1.1.1.8
mayContain: 1.3.6.1.4.1.5923.1.1.1.9
mayContain: 1.3.6.1.4.1.5923.1.1.1.10
mayContain: 1.3.6.1.4.1.5923.1.1.1.11
mayContain: 1.3.6.1.4.1.5923.1.1.1.13
mayContain: 1.3.6.1.4.1.5923.1.1.1.16
mayContain: 2.16.756.1.2.5.1.1.1
mayContain: 2.16.756.1.2.5.1.1.2
mayContain: 2.16.756.1.2.5.1.1.3
mayContain: 2.16.756.1.2.5.1.1.4
mayContain: 2.16.756.1.2.5.1.1.5
mayContain: 2.16.756.1.2.5.1.1.6
mayContain: 2.16.756.1.2.5.1.1.7
mayContain: 2.16.756.1.2.5.1.1.8
mayContain: 2.16.756.1.2.5.1.1.9
mayContain: 2.16.756.1.2.5.1.1.10
mayContain: 2.16.756.1.2.5.1.1.11
mayContain: 2.16.756.1.2.5.1.1.12
mayContain: 2.16.756.1.2.5.1.1.13
mayContain: 2.16.756.1.2.5.1.1.18
mayContain: 2.16.756.1.2.5.1.1.19
mayContain: 2.16.756.1.2.5.1.1.20
mayContain: 2.16.756.1.2.5.1.1.1023
mayContain: 2.16.756.1.2.5.1.1.1025
mayContain: 2.16.756.1.2.5.1.1.1033
defaultObjectCategory: CN=swissEduPerson,cn=Schema,cn=Configuration,DC=X
systemOnly: FALSE

dn:
changetype: modify
add: schemaUpdateNow
schemaUpdateNow: 1
-

dn: CN=User,CN=Schema,CN=Configuration,DC=X
changetype: modify
add: auxiliaryClass
auxiliaryClass: swissEduPerson
-

dn:
changetype: modify
add: schemaUpdateNow
schemaUpdateNow: 1
-