From 5ceb2e9601d2501d021d0c61188ec913076555a0 Mon Sep 17 00:00:00 2001
From: matthew_swift <matthew_swift@localhost>
Date: Wed, 26 Sep 2007 12:21:02 +0000
Subject: [PATCH] Merge branches/temp-admin@3208 onto trunk@3208.
---
opends/src/admin/defn/org/opends/server/admin/std/PasswordPolicyConfiguration.xml | 143 ++++++++++++++++-------------------------------
1 files changed, 50 insertions(+), 93 deletions(-)
diff --git a/opends/src/admin/defn/org/opends/server/admin/std/PasswordPolicyConfiguration.xml b/opends/src/admin/defn/org/opends/server/admin/std/PasswordPolicyConfiguration.xml
index d19b8e0..adbd640 100644
--- a/opends/src/admin/defn/org/opends/server/admin/std/PasswordPolicyConfiguration.xml
+++ b/opends/src/admin/defn/org/opends/server/admin/std/PasswordPolicyConfiguration.xml
@@ -37,7 +37,6 @@
<adm:tag name="user-management"/>
<adm:profile name="ldap">
<ldap:object-class>
- <ldap:oid>1.3.6.1.4.1.26027.1.2.62</ldap:oid>
<ldap:name>ds-cfg-password-policy</ldap:name>
<ldap:superior>top</ldap:superior>
</ldap:object-class>
@@ -59,110 +58,98 @@
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.192</ldap:oid>
<ldap:name>ds-cfg-password-attribute</ldap:name>
</ldap:attribute>
</adm:profile>
</adm:property>
- <adm:property name="default-password-storage-scheme-dn" mandatory="true"
+ <adm:property name="default-password-storage-scheme" mandatory="true"
multi-valued="true">
<adm:synopsis>
- Specifies the DNs of the configuration entries for the password storage
- schemes that will be used to encode clear-text passwords for this
- password policy.
+ Specifies the names of the the password storage schemes that will
+ be used to encode clear-text passwords for this password policy.
</adm:synopsis>
<adm:syntax>
- <adm:dn>
- <adm:base>cn=password storage schemes,cn=config</adm:base>
- </adm:dn>
+ <adm:aggregation relation-name="password-storage-scheme"
+ parent-path="/">
+ <adm:target-enabled-property-name name="enabled" />
+ </adm:aggregation>
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.178</ldap:oid>
- <ldap:name>ds-cfg-default-password-storage-scheme-dn</ldap:name>
+ <ldap:name>ds-cfg-default-password-storage-scheme</ldap:name>
</ldap:attribute>
</adm:profile>
</adm:property>
- <adm:property name="deprecated-password-storage-scheme-dn"
+ <adm:property name="deprecated-password-storage-scheme"
mandatory="false" multi-valued="true">
<adm:synopsis>
- Specifies the DNs of the configuration entries for password storage
- schemes that will be considered deprecated for this password policy. If a
- user with this password policy authenticates to the server and his/her
- password is encoded with any deprecated schemes, then those values will
- be removed and replaced with values encoded using the default password
- storage scheme(s).
+ Specifies the names of the password storage schemes that will be
+ considered deprecated for this password policy. If a user with
+ this password policy authenticates to the server and his/her
+ password is encoded with any deprecated schemes, then those values
+ will be removed and replaced with values encoded using the default
+ password storage scheme(s).
</adm:synopsis>
<adm:default-behavior>
<adm:undefined />
</adm:default-behavior>
<adm:syntax>
- <adm:dn>
- <adm:base>cn=password storage schemes,cn=config</adm:base>
- </adm:dn>
+ <adm:aggregation relation-name="password-storage-scheme"
+ parent-path="/">
+ <adm:target-enabled-property-name name="enabled" />
+ </adm:aggregation>
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.179</ldap:oid>
- <ldap:name>ds-cfg-deprecated-password-storage-scheme-dn</ldap:name>
+ <ldap:name>ds-cfg-deprecated-password-storage-scheme</ldap:name>
</ldap:attribute>
</adm:profile>
</adm:property>
- <adm:property name="password-validator-dn" mandatory="false"
+ <adm:property name="password-validator" mandatory="false"
multi-valued="true">
<adm:synopsis>
- Specifies the DN(s) of the password validator(s) that should be
+ Specifies the names of the password validators that should be
used with the associated password storage scheme.
</adm:synopsis>
- <adm:description>
- Specifies the DN(s) of the password validator(s) that should be
- used with the associated password storage scheme. Changes to this
- configuration attribute will take effect immediately.
- </adm:description>
<adm:default-behavior>
<adm:undefined />
</adm:default-behavior>
<adm:syntax>
- <adm:dn>
- <adm:base>cn=password validators,cn=config</adm:base>
- </adm:dn>
+ <adm:aggregation relation-name="password-validator"
+ parent-path="/">
+ <adm:target-enabled-property-name name="enabled" />
+ </adm:aggregation>
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.195</ldap:oid>
- <ldap:name>ds-cfg-password-validator-dn</ldap:name>
+ <ldap:name>ds-cfg-password-validator</ldap:name>
</ldap:attribute>
</adm:profile>
</adm:property>
- <adm:property name="account-status-notification-handler-dn"
+ <adm:property name="account-status-notification-handler"
mandatory="false" multi-valued="true">
<adm:synopsis>
- Specifies the DN(s) of the account status notification handler(s)
+ Specifies the names of the account status notification handlers
that should be used with the associated password storage scheme.
</adm:synopsis>
- <adm:description>
- Specifies the DN(s) of the account status notification handler(s)
- that should be used with the associated password storage scheme.
- Changes to this configuration attribute will take effect
- immediately.
- </adm:description>
<adm:default-behavior>
<adm:undefined />
</adm:default-behavior>
<adm:syntax>
- <adm:dn>
- <adm:base>cn=account status notification handlers,cn=config</adm:base>
- </adm:dn>
+ <adm:aggregation
+ relation-name="account-status-notification-handler"
+ parent-path="/">
+ <adm:target-enabled-property-name name="enabled" />
+ </adm:aggregation>
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.174</ldap:oid>
<ldap:name>
- ds-cfg-account-status-notification-handler-dn
+ ds-cfg-account-status-notification-handler
</ldap:name>
</ldap:attribute>
</adm:profile>
@@ -191,7 +178,6 @@
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.177</ldap:oid>
<ldap:name>ds-cfg-allow-user-password-changes</ldap:name>
</ldap:attribute>
</adm:profile>
@@ -220,7 +206,6 @@
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.198</ldap:oid>
<ldap:name>
ds-cfg-password-change-requires-current-password
</ldap:name>
@@ -251,7 +236,6 @@
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.208</ldap:oid>
<ldap:name>ds-cfg-force-change-on-add</ldap:name>
</ldap:attribute>
</adm:profile>
@@ -282,7 +266,6 @@
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.181</ldap:oid>
<ldap:name>ds-cfg-force-change-on-reset</ldap:name>
</ldap:attribute>
</adm:profile>
@@ -313,39 +296,35 @@
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.201</ldap:oid>
<ldap:name>ds-cfg-skip-validation-for-administrators</ldap:name>
</ldap:attribute>
</adm:profile>
</adm:property>
- <adm:property name="password-generator-dn" mandatory="false"
+ <adm:property name="password-generator" mandatory="false"
multi-valued="false">
<adm:synopsis>
- Specifies the DN of the configuration entry that references the
- password generator for use with the associated password policy.
+ Specifies the name of the password generator that should be used
+ with the associated password policy.
</adm:synopsis>
<adm:description>
- Specifies the DN of the configuration entry that references the
- password generator for use with the associated password policy.
This will be used in conjunction with the password modify extended
operation to generate a new password for a user when none was
- provided in the request. Changes to this configuration attribute
- will take effect immediately.
+ provided in the request.
</adm:description>
<adm:default-behavior>
<adm:undefined />
</adm:default-behavior>
<adm:syntax>
- <adm:dn>
- <adm:base>cn=password generators,cn=config</adm:base>
- </adm:dn>
+ <adm:aggregation relation-name="password-generator"
+ parent-path="/">
+ <adm:target-enabled-property-name name="enabled" />
+ </adm:aggregation>
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.194</ldap:oid>
- <ldap:name>ds-cfg-password-generator-dn</ldap:name>
+ <ldap:name>ds-cfg-password-generator</ldap:name>
</ldap:attribute>
</adm:profile>
</adm:property>
@@ -375,7 +354,6 @@
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.199</ldap:oid>
<ldap:name>ds-cfg-require-secure-authentication</ldap:name>
</ldap:attribute>
</adm:profile>
@@ -405,7 +383,6 @@
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.200</ldap:oid>
<ldap:name>ds-cfg-require-secure-password-changes</ldap:name>
</ldap:attribute>
</adm:profile>
@@ -438,7 +415,6 @@
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.209</ldap:oid>
<ldap:name>ds-cfg-allow-multiple-password-values</ldap:name>
</ldap:attribute>
</adm:profile>
@@ -467,13 +443,12 @@
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.176</ldap:oid>
<ldap:name>ds-cfg-allow-pre-encoded-passwords</ldap:name>
</ldap:attribute>
</adm:profile>
</adm:property>
- <adm:property name="minimum-password-age" mandatory="false"
+ <adm:property name="min-password-age" mandatory="false"
multi-valued="false">
<adm:synopsis>
Specifies the minimum length of time that must pass after a
@@ -500,13 +475,12 @@
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.191</ldap:oid>
- <ldap:name>ds-cfg-minimum-password-age</ldap:name>
+ <ldap:name>ds-cfg-min-password-age</ldap:name>
</ldap:attribute>
</adm:profile>
</adm:property>
- <adm:property name="maximum-password-age" mandatory="false"
+ <adm:property name="max-password-age" mandatory="false"
multi-valued="false">
<adm:synopsis>
Specifies the maximum length of time that a user may continue
@@ -531,14 +505,13 @@
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.189</ldap:oid>
- <ldap:name>ds-cfg-maximum-password-age</ldap:name>
+ <ldap:name>ds-cfg-max-password-age</ldap:name>
</ldap:attribute>
</adm:profile>
</adm:property>
- <adm:property name="maximum-password-reset-age" mandatory="false"
+ <adm:property name="max-password-reset-age" mandatory="false"
multi-valued="false">
<adm:synopsis>
Specifies the maximum length of time that users have to change
@@ -563,8 +536,7 @@
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.190</ldap:oid>
- <ldap:name>ds-cfg-maximum-password-reset-age</ldap:name>
+ <ldap:name>ds-cfg-max-password-reset-age</ldap:name>
</ldap:attribute>
</adm:profile>
</adm:property>
@@ -595,7 +567,6 @@
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.193</ldap:oid>
<ldap:name>
ds-cfg-password-expiration-warning-interval
</ldap:name>
@@ -630,7 +601,6 @@
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.180</ldap:oid>
<ldap:name>ds-cfg-expire-passwords-without-warning</ldap:name>
</ldap:attribute>
</adm:profile>
@@ -659,7 +629,6 @@
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.175</ldap:oid>
<ldap:name>ds-cfg-allow-expired-password-changes</ldap:name>
</ldap:attribute>
</adm:profile>
@@ -689,7 +658,6 @@
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.182</ldap:oid>
<ldap:name>ds-cfg-grace-login-count</ldap:name>
</ldap:attribute>
</adm:profile>
@@ -718,7 +686,6 @@
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.187</ldap:oid>
<ldap:name>ds-cfg-lockout-failure-count</ldap:name>
</ldap:attribute>
</adm:profile>
@@ -749,7 +716,6 @@
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.186</ldap:oid>
<ldap:name>ds-cfg-lockout-duration</ldap:name>
</ldap:attribute>
</adm:profile>
@@ -782,7 +748,6 @@
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.188</ldap:oid>
<ldap:name>
ds-cfg-lockout-failure-expiration-interval
</ldap:name>
@@ -815,7 +780,6 @@
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.197</ldap:oid>
<ldap:name>ds-cfg-require-change-by-time</ldap:name>
</ldap:attribute>
</adm:profile>
@@ -846,7 +810,6 @@
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.184</ldap:oid>
<ldap:name>ds-cfg-last-login-time-attribute</ldap:name>
</ldap:attribute>
</adm:profile>
@@ -875,7 +838,6 @@
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.185</ldap:oid>
<ldap:name>ds-cfg-last-login-time-format</ldap:name>
</ldap:attribute>
</adm:profile>
@@ -906,7 +868,6 @@
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.196</ldap:oid>
<ldap:name>ds-cfg-previous-last-login-time-format</ldap:name>
</ldap:attribute>
</adm:profile>
@@ -940,7 +901,6 @@
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.183</ldap:oid>
<ldap:name>ds-cfg-idle-lockout-interval</ldap:name>
</ldap:attribute>
</adm:profile>
@@ -991,7 +951,6 @@
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.443</ldap:oid>
<ldap:name>ds-cfg-state-update-failure-policy</ldap:name>
</ldap:attribute>
</adm:profile>
@@ -1019,7 +978,6 @@
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.444</ldap:oid>
<ldap:name>ds-cfg-password-history-count</ldap:name>
</ldap:attribute>
</adm:profile>
@@ -1048,7 +1006,6 @@
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
- <ldap:oid>1.3.6.1.4.1.26027.1.1.445</ldap:oid>
<ldap:name>ds-cfg-password-history-duration</ldap:name>
</ldap:attribute>
</adm:profile>
--
Gitblit v1.10.0