##
## Schema for account management extra attributes in LDAP
## by Wproject 2022
## OIDs are owned by Cogent Innovators, LLC
##
## 1.3.6.1.4.1.19937.1.1.x - attributetypes
## 1.3.6.1.4.1.19937.1.2.x - objectclasses
##

attributetype     ( 2.25.330098197460787237907941808102951680393.1.0 NAME 'active'
		DESC 'True if account is active'
        EQUALITY booleanMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
		SINGLE-VALUE )

attributetype     ( 2.25.330098197460787237907941808102951680393.1.1 NAME 'fakeCn'
		DESC 'True if the CN or fullname was created ramdomly and is still ficticious'
        EQUALITY booleanMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
		SINGLE-VALUE )

attributetype     ( 2.25.330098197460787237907941808102951680393.1.2 NAME 'devices'
		DESC 'Trusted devices info from user-agent'
        EQUALITY caseIgnoreMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

attributetype     ( 2.25.330098197460787237907941808102951680393.1.3 NAME 'lastLogin'
	 	DESC 'Last login timestamp'
        EQUALITY generalizedTimeMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
 		SINGLE-VALUE )

attributetype     ( 2.25.330098197460787237907941808102951680393.1.4 NAME 'ip'
	 	DESC 'ip address'
        EQUALITY caseIgnoreIA5Match
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
 		SINGLE-VALUE )

attributetype     ( 2.25.330098197460787237907941808102951680393.1.5 NAME 'secureAuth'
		DESC 'True if 2FA active'
        EQUALITY booleanMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
		SINGLE-VALUE )

attributetype     ( 2.25.330098197460787237907941808102951680393.1.6 NAME 'authCode'
	 	DESC 'Two factor authentication token'
        EQUALITY caseIgnoreIA5Match
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
 		SINGLE-VALUE )

objectclass 	( 2.25.330098197460787237907941808102951680393.1.2.0 NAME 'accountsManagement' SUP top AUXILIARY
		DESC 'Accounts management'
		MUST ( cn $ uid $ active $ fakeCn )
		MAY ( userPassword $ description $ lastLogin $ ip $ devices $ secureAuth $ authCode ) )