# ======================================================================================================================================
#
# File: eduPerson.ldf
# Version: 201310
#
# This file should be imported with the following command while logged in to the Domain Controller as an Admin User:
# ldifde -i -f eduPerson.adschema.ldif -v -j <PATH TO LOGFILES>
#
# REMEMBER TO SEARCH AND REPLACE DC=X WITH YOUR DC SUFFIX
#
# =======================================================================================================================================
# ==================================================================
# Attributes
# ==================================================================
dn: CN=eduPersonAffiliation,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: eduPersonAffiliation
lDAPDisplayName: eduPersonAffiliation
adminDisplayName: eduPersonAffiliation
adminDescription: Specifies the person's relationship(s) to the institution, permissible values: faculty, student, staff, alum, member, affiliate, employee
attributeID: 1.3.6.1.4.1.5923.1.1.1.1
attributeSyntax: 2.5.5.12
oMSyntax: 64
isSingleValued: FALSE
searchFlags: 1
showInAdvancedViewOnly: TRUE
systemOnly: FALSE
dn: CN=eduPersonNickname,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: eduPersonNickname
lDAPDisplayName: eduPersonNickname
adminDisplayName: eduPersonNickname
adminDescription: Person's nickname, or the informal name by which they are accustomed to be hailed
attributeID: 1.3.6.1.4.1.5923.1.1.1.2
attributeSyntax: 2.5.5.12
oMSyntax: 64
isSingleValued: FALSE
searchFlags: 1
showInAdvancedViewOnly: TRUE
systemOnly: FALSE
dn: CN=eduPersonOrgDN,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: eduPersonOrgDN
lDAPDisplayName: eduPersonOrgDN
adminDisplayName: eduPersonOrgDN
adminDescription: Specifies the person's relationship(s) to the institution, permissible values: faculty, student, staff, alum, member, affiliate, employee
attributeID: 1.3.6.1.4.1.5923.1.1.1.3
attributeSyntax: 2.5.5.1
oMSyntax: 127
isSingleValued: TRUE
searchFlags: 0
showInAdvancedViewOnly: TRUE
systemOnly: FALSE
dn: CN=eduPersonOrgUnitDN,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: eduPersonOrgUnitDN
lDAPDisplayName: eduPersonOrgUnitDN
adminDisplayName: eduPersonOrgUnitDN
adminDescription: The distinguished name(s) (DN) of the directory entries representing the person's Organizational Unit(s)
attributeID: 1.3.6.1.4.1.5923.1.1.1.4
attributeSyntax: 2.5.5.1
oMSyntax: 127
isSingleValued: FALSE
searchFlags: 0
showInAdvancedViewOnly: TRUE
systemOnly: FALSE
dn: CN=eduPersonPrimaryAffiliation,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: eduPersonPrimaryAffiliation
lDAPDisplayName: eduPersonPrimaryAffiliation
adminDisplayName: eduPersonPrimaryAffiliation
adminDescription: Specifies the person's PRIMARY relationship to the institution in broad categories such as student, faculty, staff, alum, etc
attributeID: 1.3.6.1.4.1.5923.1.1.1.5
attributeSyntax: 2.5.5.12
oMSyntax: 64
isSingleValued: TRUE
searchFlags: 1
showInAdvancedViewOnly: TRUE
systemOnly: FALSE
dn: CN=eduPersonPrincipalName,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: eduPersonPrincipalName
lDAPDisplayName: eduPersonPrincipalName
adminDisplayName: eduPersonPrincipalName
adminDescription: The "NetID" of the person for the purposes of inter-institutional authentication. It should be represented in the form "user@scope" where scope defines a local security domain
attributeID: 1.3.6.1.4.1.5923.1.1.1.6
attributeSyntax: 2.5.5.12
oMSyntax: 64
isSingleValued: TRUE
searchFlags: 1
showInAdvancedViewOnly: TRUE
systemOnly: FALSE
dn: CN=eduPersonEntitlement,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: eduPersonEntitlement
lDAPDisplayName: eduPersonEntitlement
adminDisplayName: eduPersonEntitlement
adminDescription: URI (either URN or URL) that indicates a set of rights to specific resources
attributeID: 1.3.6.1.4.1.5923.1.1.1.7
attributeSyntax: 2.5.5.12
oMSyntax: 64
isSingleValued: FALSE
searchFlags: 1
showInAdvancedViewOnly: TRUE
systemOnly: FALSE
dn: CN=eduPersonPrimaryOrgUnitDN,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: eduPersonPrimaryOrgUnitDN
lDAPDisplayName: eduPersonPrimaryOrgUnitDN
adminDisplayName: eduPersonPrimaryOrgUnitDN
adminDescription: The distinguished name (DN) of the directory entry representing the person's primary Organizational Unit(s)
attributeID: 1.3.6.1.4.1.5923.1.1.1.8
attributeSyntax: 2.5.5.1
oMSyntax: 127
isSingleValued: TRUE
searchFlags: 0
showInAdvancedViewOnly: TRUE
systemOnly: FALSE
dn: CN=eduPersonScopedAffiliation,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: eduPersonScopedAffiliation
lDAPDisplayName: eduPersonScopedAffiliation
adminDisplayName: eduPersonScopedAffiliation
adminDescription: Specifies the person's affiliation (see eduPersonAffiliation) within a particular security domain, the values consist of a left (affiliation) and right component (security domain) separated by an "@" sign
attributeID: 1.3.6.1.4.1.5923.1.1.1.9
attributeSyntax: 2.5.5.12
oMSyntax: 64
isSingleValued: FALSE
searchFlags: 1
showInAdvancedViewOnly: TRUE
systemOnly: FALSE
dn: CN=eduPersonTargetedID,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: eduPersonTargetedID
lDAPDisplayName: eduPersonTargetedID
adminDisplayName: eduPersonTargetedID
adminDescription: a tuple consisting of an opaque identifier for the principal, a name for the source of the identifier, and a name for the intended audience of the identifiere
attributeID: 1.3.6.1.4.1.5923.1.1.1.10
attributeSyntax: 2.5.5.12
oMSyntax: 64
isSingleValued: FALSE
searchFlags: 0
showInAdvancedViewOnly: TRUE
systemOnly: FALSE
dn: CN=eduPersonAssurance,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: eduPersonAssurance
lDAPDisplayName: eduPersonAssurance
adminDisplayName: eduPersonAssurance
adminDescription: Set of URIs that assert compliance with specific standards for identity assurance.
attributeID: 1.3.6.1.4.1.5923.1.1.1.11
attributeSyntax: 2.5.5.12
oMSyntax: 64
isSingleValued: FALSE
searchFlags: 0
showInAdvancedViewOnly: TRUE
systemOnly: FALSE
dn: CN=eduPersonPrincipalNamePrior,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: eduPersonPrincipalName
lDAPDisplayName: eduPersonPrincipalName
adminDisplayName: eduPersonPrincipalName
adminDescription: The Previous "NetID" of the person for the purposes of inter-institutional authentication. It should be represented in the form "user@scope" where scope defines a local security domain
attributeID: 1.3.6.1.4.1.5923.1.1.1.12
attributeSyntax: 2.5.5.12
oMSyntax: 64
isSingleValued: TRUE
searchFlags: 1
showInAdvancedViewOnly: TRUE
systemOnly: FALSE
dn: CN=eduPersonUniqueID,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: top
objectClass: attributeSchema
cn: eduPersonTargetedID
lDAPDisplayName: eduPersonTargetedID
adminDisplayName: eduPersonTargetedID
adminDescription: A long-lived, non re-assignable, omnidirectional identifier unique to each individual.
attributeID: 1.3.6.1.4.1.5923.1.1.1.13
attributeSyntax: 2.5.5.12
oMSyntax: 64
isSingleValued: FALSE
searchFlags: 0
showInAdvancedViewOnly: TRUE
systemOnly: FALSE
dn:
changetype: modify
add: schemaUpdateNow
schemaUpdateNow: 1
-

# ==================================================================
# Object classes
# ==================================================================
dn: CN=eduPerson,CN=Schema,CN=Configuration,DC=X
changetype: ntdsschemaadd
objectClass: classSchema
cn: eduPerson
lDAPDisplayName: eduPerson
adminDisplayName: eduPerson
adminDescription: Consists of a set of data elements or attributes about individuals within higher education
governsID: 1.3.6.1.4.1.5923.1.1.2
objectClassCategory: 3
subclassOf: top
rdnAttId: cn
mayContain: 1.3.6.1.4.1.5923.1.1.1.1
mayContain: 1.3.6.1.4.1.5923.1.1.1.2
mayContain: 1.3.6.1.4.1.5923.1.1.1.3
mayContain: 1.3.6.1.4.1.5923.1.1.1.4
mayContain: 1.3.6.1.4.1.5923.1.1.1.5
mayContain: 1.3.6.1.4.1.5923.1.1.1.6
mayContain: 1.3.6.1.4.1.5923.1.1.1.7
mayContain: 1.3.6.1.4.1.5923.1.1.1.8
mayContain: 1.3.6.1.4.1.5923.1.1.1.9
mayContain: 1.3.6.1.4.1.5923.1.1.1.10
mayContain: 1.3.6.1.4.1.5923.1.1.1.11
mayContain: 1.3.6.1.4.1.5923.1.1.1.12
mayContain: 1.3.6.1.4.1.5923.1.1.1.13
defaultObjectCategory: CN=eduPerson,cn=Schema,cn=Configuration,dc=X
systemOnly: FALSE
dn:
changetype: modify
add: schemaUpdateNow
schemaUpdateNow: 1
-
dn: CN=User,CN=Schema,CN=Configuration,DC=X
changetype: modify
add: auxiliaryClass
auxiliaryClass: eduPerson
-
dn:
changetype: modify
add: schemaUpdateNow
schemaUpdateNow: 1
-