Changes - stoney cloud

stoney core: OpenLDAP directory data organisation

24,930 bytes removed, 2 February

/* Services */

= Abstract =

This document describes ~~the OpenLDAP directory data organisation for~~ the [[~~Main_Page~~ :Category:stoney core| stoney ~~cloud~~core]]~~. This~~ relevant OpenLDAP directory ~~is the only database for all the services, which are manageable through the web interface of the stoney cloud~~data organisation.

~~Some titles have numbers in brackets. These numbers reflect~~ = Data Organisation =The following chapters explain the data organisation of the stoney cloud ~~version, in which these entries have been added or modified~~OpenLDAP directory. This document describes the [[:Category:stoney core|stoney core]] relevant OpenLDAP directory data organisation.

= ~~Introduction~~ = Administration ==~~All Service-~~The subtree '''ou=administration, ~~User~~dc=stoney- ~~and Billing-Data ist stored in the [http://www.openldap.~~cloud,dc=org~~/ OpenLDAP] directory. The directory runs in Multi-Master Mirror-Mode for high availability~~''' contains all the administrative data.

= ~~Data Organisation~~ == nextfreeuid ===The ~~following chapters explain the data organisation of the~~ entry <code>cn=nextfreeuid,ou=administration,dc=stoney -cloud ~~OpenLDAP~~ ,dc=org</code> stores the next free UID (Unique Identifier). The <code><uid></code> is unique over the whole directoryand is enforced through the directory and is incremented by one.<source lang='ldif'>dn: cn=nextfreeuid,ou=administration,dc=stoney-cloud,dc=orgobjectclass: sstNextFreeUIDcn: nextfreeuiduid: 3724591uidNumber: 3724591</source>

~~== root ==~~The following ~~LDIF shows~~ table describes the ~~'''root''' entry of the whole OpenLDAP directory tree for the stoney cloud~~different attributes: ~~dn: dc~~{| border=~~stoney~~"1" style="border-~~cloud,dc~~collapse: collapse; font-size:80%;" width=~~org~~"100%" class="wikitable sortable" ~~objectclass~~! style="text-align: ~~top~~ ~~objectclass~~left; width: ~~dcObject~~180px" | Attribute ~~objectclass~~! style="text-align: ~~organization~~left; width: 220px" | Objectclass dc! style="width: ~~stoney-cloud~~80px" | Existance o! style="width: ~~stoney~~80px" | Mandatory! style="text-~~cloud~~align:left;" | Description

~~The following LDIF shows the root of the whole OpenLDAP directory tree for the stoney cloud modified for the company stepping stone GmbH in Switzerland:~~ ~~dn: o=stepping~~|-~~stone,c=ch~~ ~~objectclass: top~~| cn ~~objectclass: organization~~| ... ~~o: stepping-stone~~| <center>MUST</center>| <center>x</center>| The name of the leaf.

~~The entry '''c=ch''' stands for~~ For the ~~country code of Switzerland while '''o=stepping-stone''' stands for the the organisation stepping-stone. The entry stepping-stone~~ next free uid, this is ~~in the process of being reserved at the [http~~:<code>nextfreeuid</~~/www.bakom.admin.ch/index.html?lang=en Federal Office of Communications]. With the reservation of the name, all the directory entries will be unique over the whole world~~code>.

~~The '''root''' entry can be chosen during the installation process of the stoney cloud. If you decide to use the default entry, you'll end up with '''dc=stoney~~|-~~cloud,dc=org'''~~| uid| ...| <center>...</center>| <center>x</center>| ...

~~== Administration ==~~|}

~~== Configuration ==~~Legend:* '''x''': Mandatory in all cases.

~~== Customers ==The sub tree '''ou=customers~~Before using this attribute <code>uidNumber</code>,~~dc=stoney-cloud~~you need to be sure,~~dc=~~that your directory server actually supports atomic increments (LDAP Modify-Increment). See [https://www.iana.org~~''' contains all the customers~~/assignments/ldap-parameters/ldap-parameters. ~~Each customer has a unique uid, which is used for later reference~~xhtml Lightweight Directory Access Protocol (LDAP) Parameters] and [https://tools.ietf.org/html/rfc4525 Lightweight Directory Access Protocol (LDAP) Modify-Increment Extension (RFC4525)].

~~=== Customers uid~~ The following search should tell you, if you LDAP server supports the LDAP Modify-Increment Object Identifier Descriptor (~~per customer~~OID 1.3.6.1.1.14) ~~CURRENT ===We have two kinds of customers~~:* '''Company customer'<source lang='bash'>ldapsearch -H ldaps: ~~This is the normal case~~//ldapm.stepping-stone.ch -b "" -s base -D "cn=Manager, ~~as we target companies~~dc=stoney-cloud,dc=org" -W \* + | grep 1.3.6.1.1.14* '''Private customer''': A private customer does not have a company</~~organisation name.~~source>

The ~~following LDIF examples will show both cases where necessary~~result should look as follows:<source lang='text'>supportedFeatures: 1. 3.6.1.1.14</source> Options:<source lang='text'>-H ldapuri-b searchbase-D binddn-W Prompt for simple authentication.\* All user attributes are returned. + All operational attributes are returned.</source> === Billing ===The ~~first~~ sub tree <code>ou=billing,ou=administration,dc=stoney-cloud,dc=org</code> stores all the billing relevant data. Each billable item (bundle, service or service item) is stored in this sub tree.<source lang='ldif'>dn: ou=billing,ou=administration,dc=stoney-cloud,dc=orgobjectclass: topobjectclass: organizationalUnitou: billing</source> The following LDIF extract shows ~~you~~ the ~~default~~ billing schema for the product "Mail Account".<source lang='ldif'~~'company~~ >dn: uid=100001,ou=billing,ou=administration,dc=stoney-cloud,dc=orgdescription: Default pricing schema for the product Mail Account.objectclass: topobjectclass: sstBillingPriceSchemasstbaseprice: 0sstbelongstouid: 1sstbillingunit: Gigabytesstfreeunit: 0sstpriceformula: sstPricePerUnit * sstQuotasstpriceperunit: 4.00sstproductname: Mail Accountuid: 100001sstBelongsToUID: 1</source> The finale price is calculated with the help of the stored formula (sstPriceFormula). The customerprice for a "Mail Account" with a 2 Gigabyte large mailbox (quota) is calculated as follows:''' Price''' = sstPricePerUnit * sstQuota = 4.00 CHF/(Gigabyte * Month) * 2 Gigabyte = '''8 CHF/Month''' All prices are stored in Swiss Francs (because the company stepping stone GmbH resides in Switzerland). You can decide about the default currency yourself. Once a month a billing run is executed, which scans the whole directory. The billing run is a currently "work in progress". For more information, please contact our [mailto:accounting@stepping-stone.ch Accounting] departement. === Group Mapping ===Used for the group mapping from the given readable format to the local group UID format.<source lang='ldif'>dn: ou=group mapping,ou=administration,dc=stoney-cloud,dc=orgobjectclass: topobjectclass: organizationalUnitobjectclass: labeledURIObjectobjectclass: sstLDAPSearchObjectClassou: group mappingdescription: This entry ~~after~~ describes, how to map a ~~fresh~~ given group name to an UID in the local LDAP directory.sstDisplayName: Group MappingsstLDAPBaseDn: ou=groups,dc=stoney -cloud ~~installation~~,dc=orgsstLDAPFilter: (&(objectClass=sstGroupObjectClass)(sstGroupName=%s)(sstBelongsToResellerUID=%sstBelongsToResellerUID)(sstBelongsToCustomerUID=%sstBelongsToCustomerUID))sstLDAPStaticAttribute: uid</source> ==== Example Mapping for the Technology Group ====The following search maps the group Technology belonging to the reseller with the sstBelongsToResellerUID 4000000 and the customer with the sstBelongsToCustomerUID 4000001 to the uid 4000014:<source lang='bash'>ldapsearch -D "cn=Manager,dc=stoney-cloud,dc=org" -w admin -H "ldap://10. ~~All relevant data~~ 1.130.14:389" -b "ou=groups,dc=stoney-cloud,dc=org" "(&(objectClass=sstGroupObjectClass)(sstGroupName=Technology)(sstBelongsToResellerUID=4000000)(sstBelongsToCustomerUID=4000001))" uid</source> <source lang='text'># extended LDIF## LDAPv3# base <ou=groups,dc=stoney-cloud,dc=org> with scope subtree# filter: (&(objectClass=sstGroupObjectClass)(sstGroupName=Technology)(sstBelongsToResellerUID=4000000)(sstBelongsToCustomerUID=4000001))# requesting: uid ## 4000014, groups, stoney-cloud.orgdn: uid=4000014,ou=groups,dc=stoney-cloud,dc=orguid: 4000014 # search resultsearch: 2result: 0 Success # numResponses: 2# numEntries: 1</source> ==== Example Mapping for all Groups ====The following search lists all the existing Groups to belonging to ~~this~~ the reseller ~~is stored below this~~ with the sstBelongsToResellerUID 4000000 and the customer with the sstBelongsToCustomerUID 4000001 with the corresponding uids:<source lang='bash'>ldapsearch -D "cn=Manager,dc=stoney-cloud,dc=org" -w admin -H "ldap://10.1.130.14:389" -b "ou=groups,dc=stoney-cloud,dc=org" "(&(objectClass=sstGroupObjectClass)(sstGroupName=*)(sstBelongsToResellerUID=4000000)(sstBelongsToCustomerUID=4000001))" uid</source> <source lang='text'># extended LDIF## LDAPv3# base <ou=groups,dc=stoney-cloud,dc=org> with scope subtree# filter: (&(objectClass=sstGroupObjectClass)(sstGroupName=*)(sstBelongsToResellerUID=4000000)(sstBelongsToCustomerUID=4000001))# requesting: uid # # 4000014, groups, stoney-cloud.orgdn: uid=4000014,ou=groups,dc=stoney-cloud,dc=orguid: 4000014 # 4000015, groups, stoney-cloud.org dn: uid=~~4000001~~4000015,ou=~~customers~~groups,dc=stoney-cloud,dc=orguid: 4000015 # search resultsearch: 2result: 0 Success # numResponses: 3# numEntries: 2</source> === People (Superuser) ===The sub tree <code>ou=people,ou=administration,dc=stoney-cloud,dc=org</code> list all users, which have super user richts (users with the attribute <code>sstBelongsToUID=1</code>). This entry uses the functionality of the the dynlist overlay. The attribut '''labeleduri''' contains a pre-defined search, which leads to a automatically created list.<source lang='ldif'>dn: ou=people,ou=administration,dc=stoney-cloud,dc=orgobjectclass: topobjectclass: organizationalUnitobjectclass: labeledURIObjectou: peoplelabeleduri: ldap:///ou=people,dc=stoney-cloud,dc=org??one?(sstBelongsToUID=1)member: uid=1000000,ou=people,dc=stoney-cloud,dc=orgmember: uid=1000003,ou=people,dc=stoney-cloud,dc=orgmember: uid=1000004,ou=people,dc=stoney-cloud,dc=org</source> As you can see, the OpenLDAP has three people withe Superuser rights. === Services ===The sub tree '''ou=services,ou=administration,dc=stoney-cloud,dc=org''' contains all the service users. Each service and/or application has its own authentication user. The authentication user is used in the [[HTTP Basic authentication against OpenLDAP directory|OpenLDAP Directory Access Control Lists]] (ACLs) to allow or restrict access to the data. Naming Convention '''Notification user''':* <SERVICE>-notification** backup-notification** cloud-notification** lbaas-notification** mail-notification** storage-notification Naming Convention '''Service user''':* <SERVICE>-<DAEMON>** backup-pam-ldap** cloud-openstack** crm-suitecrm** billing-cyclops** cm-puppetboard ('''c'''onfiguration '''m'''anagement - Puppetboard Service)** dms-alfresco ('''d'''ocument '''m'''anagement '''s'''ystem - Alfresco)** iac-terraform ('''i'''nfrastructure '''a'''s '''c'''ode - Terraform)** <s>lbaas-haproxy</s>** <s>lbaas-pam-ldap</s>** monitoring-zabbix** phabricator** pm-kanboard** qos-rally** storage-nextcloud** storage-pam_ldap** timetracking-kimai** vault-cryptopus (A vault is a place where secrets are stored - in other words a password management system)** vcs-gitlab ('''v'''ersion '''c'''ontrol '''s'''ystem - GitLab Service)** virtualization-sc-brokerd** wiki-int Naming Convention '''API user''':* <SERVICE>-api** lbaas-api Naming Convention '''Provisioning user''':* prov-<SERVICE>-<TYPE>** prov-backup-kvm** prov-backup-zsnapshot** prov-cloud-openstack** prov-configuration-management-puppet** <s>prov-lbaas-haproxy</s>** prov-mail-ox ('''O'''pen-'''X'''change)** prov-monitoring-zabbix** prov-storage-nextcloud ==== backup Service User (stoney backup) ====The following LDIF shows the backup service user entry: dn: cn=backup,ou=services,ou=administration,dc=stoney-cloud,dc=org cn: dhcp

objectclass: top

objectclass: ~~sstCustomerCompany~~organizationalPerson ~~uid~~objectclass: ~~4000001~~inetOrgPerson ~~organizationName~~sn: ~~Customer Ltd.~~backup ~~sstBelongsToResellerUID~~userPassword: ~~4000000~~ ~~sstBelongsToCustomerUID: 4000001~~ ~~sstIsActive: TRUE~~{SSHA}pJpqL95nlFi78rnAstmn6VvZCXWTjVHZ

==== dhcp (DHCP) Service User (stoney conductor) ====The following ~~table describes~~ LDIF shows the ~~different attributes~~dhcp service user entry:~~{| style~~ dn: cn=dhcp,ou=services,ou=~~"border~~administration,dc=stoney-~~spacing~~cloud,dc=org cn:~~0;"~~dhcp~~| style="border-~~ objectclass: top objectclass:~~0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| '''Attribute'''~~organizationalPerson~~| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding~~ objectclass:~~0.097cm;"| <center>'''Existence'''</center>~~inetOrgPerson~~| style="border-top~~ sn:~~0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>'''Mandatory'''</center>~~dhcp~~| style="border~~ userPassword:~~0.002cm solid #000000;padding:0.097cm;"| '''Description'''~~{SSHA}pJpqL95nlFi78rnAstmn6VvZCXWTjVHZ

|-==== libvirtd Service User (stoney conductor) ====~~| style="border-top~~The following LDIF shows the libvirtd service user entry:~~none;border-bottom~~ dn:~~0.002cm solid #000000;border~~cn=libvirtd,ou=services,ou=administration,dc=stoney-~~left~~cloud,dc=org cn:~~0.002cm solid #000000;border-right~~libvirtd objectclass:~~none;padding~~top objectclass:~~0.097cm;"| uid~~organizationalPerson~~| style="border-top~~ objectclass:~~none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>~~inetOrgPerson~~| style="border-top~~ sn:~~none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>~~dhcp| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| A unique integer value with 7 digits or more. For example userPassword: ~~4000000.~~{SSHA}pJpqL95nlFi78rnAstmn6VvZCXWTjVHZ

|-~~| style~~=~~"border~~=== prov-~~top:none;border~~backup-~~bottom:0.002cm solid #000000;border~~kvm (Provisioning-~~left:0.002cm solid #000000;border~~Backup-~~right~~KVM Daemon) Service User (stoney conductor) ====The following LDIF shows the prov-backup-kvm service user entry:~~none;padding~~ dn:~~0.097cm;"| organizationName| style~~cn=~~"border~~prov-~~top:none;border~~backup-~~bottom:0.002cm solid #000000;border~~kvm,ou=services,ou=administration,dc=stoney-~~left~~cloud,dc=org objectclass:~~0.002cm solid #000000;border-right~~top objectclass:~~none;padding~~organizationalPerson objectclass:~~0.097cm;"| <center>MUST</center>~~inetOrgPerson~~| style="border-top~~ cn:~~none;border~~prov-~~bottom:0.002cm solid #000000;border~~backup-~~left~~kvm sn:~~0.002cm solid #000000;border~~prov-~~right:none;padding~~backup-kvm userPassword:~~0.097cm;"|~~ <~~center>x</center>| style="border~~STONEY-~~top:none;border~~CLOUD-~~bottom:0.002cm solid #000000;border~~PROV-~~left:0.002cm solid #000000;border~~BACKUP-~~right:0.002cm solid #000000;padding:0.097cm;"| The organisation name of the reseller. For example: Customer Ltd..~~KVM-PASSWORD>

|==== slapd-mirrormode Service User (stoney core) ====~~| style="border~~The following LDIF shows the slapd-~~top~~mirrormode service user entry:~~none;border-bottom~~ dn:~~0.002cm solid #000000;border~~cn=slapd-~~left:0.002cm solid #000000;border~~mirrormode,ou=services,ou=administration,dc=stoney-~~right:none;padding:0.097cm;"| sstBelongsToResellerUID~~cloud,dc=org~~| style="border-top~~ cn:~~none;border~~slapd-~~bottom~~mirrormode objectclass:~~0.002cm solid #000000;border-left~~top objectclass:~~0.002cm solid #000000;border-right~~organizationalPerson objectclass:~~none;padding:0.097cm;"| <center>MUST</center>~~inetOrgPerson~~| style="border-top~~ sn:~~none;border~~slapd-~~bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>~~mirrormode| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Stores the reseller UID the leaf belongs to. A unique value with 7 digits or more. For example userPassword: ~~4000000.~~{SSHA}pJpqL95nlFi78rnAstmn6VvZCXWTjVHZ

|==== billing-cyclops Service User (stoney core) ====~~| style~~The following LDIF shows the billing service user entry: dn: cn=~~"border~~billing-~~top~~cyclops,ou=services,ou=administration,dc=stoney-cloud,dc=org cn:~~none;border~~slapd-~~bottom~~mirrormode objectclass:~~0.002cm solid #000000;border~~top objectclass: organizationalPerson objectclass: inetOrgPerson sn: billing-~~left~~cyclops userPassword:0{SSHA}pJpqL95nlFi78rnAstmn6VvZCXWTjVHZ == Configuration ===== Configuration management ===The sub tree '''ou=configuration management,ou=configuration,dc=stoney-cloud,dc=org''' contains the configuration management system relevant entries of the whole stoney cloud installation.~~002cm solid~~ They can be extended by the administrator.<source lang='ldif'>#~~000000;border-right:none;padding:0~~This sub tree contains the configuration management system relevant entries of the whole stoney cloud installation.~~097cm;"| sstBelongsToCustomerUID| style~~dn: ou=~~"border~~configuration management,ou=configuration,dc=stoney-cloud,dc=orgobjectclass: topobjectclass:~~none;border-bottom~~organizationalUnitou:0configuration managementdescription: This sub tree contains the configuration management system relevant entries of the whole stoney cloud installation.~~002cm solid #000000;border~~</source> ==== Configuration management -~~left:0~~Regions ====The sub tree '''ou=regions,ou=configuration management,ou=configuration,dc=stoney-cloud,dc=org''' contains the configuration management system region entries of the whole stoney cloud installation.~~002cm solid~~ They can be extended by the administrator.<source lang='ldif'>#~~000000;border~~This sub tree contains the configuration management system region entries of the whole stoney cloud installation.dn: ou=regions,ou=configuration management,ou=configuration,dc=stoney-~~right~~cloud,dc=orgobjectclass:~~none;padding~~topobjectclass:0organizationalUnitou: regionsdescription: This sub tree contains the configuration management system region entries of the whole stoney cloud installation.~~097cm;"| <center>MAY~~</~~center~~source>~~| style~~=~~"border~~==== Configuration management -~~top:none;border~~Regions -~~bottom:0~~Region example =====The following LDIF example shows a typical region.~~002cm solid #000000;border-left~~<source lang='ldif'>dn:~~0.002cm solid #000000;border~~cn=duedingen_production,ou=regions,ou=configuration management,ou=configuration,dc=stoney-~~right~~cloud,dc=orgobjectclass:~~none;padding~~topobjectclass:0organizationalRolecn: duedingen_productiondescription: This region contains the two data centres located in Düdingen and is used for production systems.~~097cm;"| <center>x~~</~~center~~source> The following table describes the different attributes:{| border="1" style="border-~~top~~collapse:~~none~~collapse;~~border~~font-~~bottom~~size:~~0.002cm solid #000000~~80%;~~border~~" width="100%" class="wikitable sortable"! style="text-~~left~~align:~~0.002cm solid #000000~~left;~~border~~width: 180px" | Attribute! style="text-~~right~~align:~~0.002cm solid #000000~~left;~~padding~~width:~~0.097cm;~~220px"| ~~Stores the customer UID the leaf belongs to. A unique value with 7 digits or more, must correspond with the uid entry. For example~~Objectclass! style="width: ~~4000001.~~80px" | Existance! style="width: 80px" | Mandatory! style="text-align:left;" | Description

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~cn| ~~sstExternalID~~organizationalRole~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~MAY~~MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0~~The region used by the configuration management system Puppet via enc.~~002cm solid #000000;border-left~~ For example:~~0.002cm solid #000000;border-right~~<code>cn:~~0.002cm solid #000000;padding:0.097cm;"| The ID (or number) of a customer, person or product in an external database (for example: 234567)~~duedingen_production</code>.

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~description| ~~sstIsActive~~organizationalRole~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0~~The human readable description of region.~~002cm solid #000000;border-left~~ For example:~~0.002cm solid #000000;border-right~~<code>description:0This region contains the two data centres located in Düdingen and is used for production systems.~~002cm solid #000000;padding:0.097cm;"| Is the entry active? Either true (yes) or false (no)~~</code>.

* '''x''': Mandatory in all cases.

==== Configuration management - Roles ====The ~~following LDIF shows you the~~ sub tree '''~~private customer~~ou=roles,ou=configuration management,ou=configuration,dc=stoney-cloud,dc=org''' ~~entry~~contains the configuration management system role entries of the whole stoney cloud installation. ~~All relevant data belonging to this reseller are stored below this dn~~They can be extended by the administrator.<source lang='ldif'># This sub tree contains the configuration management system role entries of the whole stoney cloud installation. dn: ~~uid~~ou=~~4000001~~roles,ou=~~customers~~configuration management,ou=configuration,dc=stoney-cloud,dc=org objectclass: top objectclass: ~~sstCustomerPerson~~organizationalUnit ~~uid~~ou: ~~4000001~~roles ~~givenName~~description: ~~Name~~This sub tree contains the configuration management system role entries of the whole stoney cloud installation. ~~surname~~</source> ===== Configuration management - Roles - Roles example =====The following LDIF example shows a typical role.<source lang='ldif'>dn: ~~Surname~~cn=base,ou=roles,ou=configuration management,ou=configuration,dc=stoney-cloud,dc=org ~~sstBelongsToResellerUID~~objectclass: ~~4000000~~top ~~sstBelongsToCustomerUID~~objectclass: ~~4000001~~sstConfigurationManagementRole ~~sstIsActive~~cn: ~~TRUE~~basedisplayName: BasesstProfiles: - basedescription: This is the base role used by all new servers managed by Puppet, but without a final role decided.</source>

The following table describes the different attributes:

{| border="1" style="border-~~spacing~~collapse:0collapse;font-size:80%;" width="100%" class="wikitable sortable"| ! style="~~border~~text-~~top~~align:~~0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-~~left~~:0.002cm solid #000000~~;~~border-right~~width:~~none;padding:0.097cm;~~180px"| ~~'''~~Attribute~~'''~~| ! style="~~border~~text-~~top~~align:~~0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-~~left~~:0.002cm solid #000000~~;~~border-right~~width:~~none;padding~~220px" | Objectclass! style="width:~~0.097cm;~~80px" | ~~<center>'''Existence'''</center>~~Existance| ! style="~~border-top~~width:~~0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;~~80px" | ~~<center>'''~~Mandatory~~'''</center>~~| ! style="~~border~~text-align:~~0.002cm solid #000000;padding:0.097cm~~left;" | ~~'''~~Description~~'''~~

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~cn| ~~uid~~sstConfigurationManagementRole~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| A unique integer value with 7 digits or more. For example: 4000000The role name used by the configuration management system Puppet via enc.

|-~~| style="border-top~~For example:~~none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| givenName| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"|~~ <~~center~~code>~~MUST</center>| style="border-top~~cn:~~none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x~~base</~~center~~code>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Givenname, example: Hans~~.

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~displayName| ~~surname~~sstConfigurationManagementRole~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Surname, example: Muster~~The role display name (human readable).

|-~~| style="border-top~~For example:~~none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstBelongsToResellerUID| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"|~~ <~~center~~code>~~MUST</center>| style="border-top~~displayName:~~none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x~~Base</~~center~~code>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Stores the reseller UID the leaf belongs to. A unique value with 7 digits or more, must correspond with the uid entry. For example: 4000000.

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~sstProfiles| ~~sstBelongsToCustomerUID~~sstConfigurationManagementRole~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~MAY~~MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Stores the customer UID~~ The role definition (profile list) used by the ~~leaf belongs to~~configuration management system Puppet via enc. ~~A unique value with 7 digits or more~~The profiles are listed, one per line. Multiple lines must ~~correspond with the uid entry. For example~~be base64 endoded: ~~4000001.~~

|-~~| style="border-top~~For example:~~none;border-bottom~~<code>sstProfiles:~~0.002cm solid #000000;border~~-~~left~~base</code> or <code>sstProfiles:0: LSBiYXNlCi0gY2VydGJvdAo=</code>.~~002cm solid #000000;border-right~~ Encode:~~none;padding:0.097cm;~~<source lang="bash">cat << EOF | ~~sstExternalID~~base64~~| style="border~~-~~top:none;border~~base-~~bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAY~~certbotEOF</~~center~~source>~~| style~~Decode:<source lang="~~border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;~~bash"~~| <center></center~~>echo LSBiYXNlCi0gY2VydGJvdAo= | ~~style="border~~base64 -~~top:none;border~~-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| The ID (or number) of a customer, person or product in an external database (for example: 234567).decode</source>

~~Legend:~~=== Operating System ===* The sub tree '''xou=operating system,ou=configuration,dc=stoney-cloud,dc=org'''contains the operating system choices for the whole stoney cloud installation. They can be extended by the administrator. # This sub tree contains the operating system choices for the whole stoney cloud installation. dn: ou=operating system,ou=configuration,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit ou: operating system description: ~~Mandatory in all cases~~This sub tree contains the operating system choices for the whole stoney cloud installation.

=== ~~Customers uid (per customer) NEW~~ = Linux ====~~We have two kinds of customers:~~* The sub tree '''~~Company customer~~uid=4000019,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org''': contains the Linux based operating system choices for the whole stoney cloud installation. # This is sub tree contains the ~~normal case, as we target companies~~Linux based operating system choices for the whole stoney cloud installation.* '''Private customer''' dn: ~~A private customer does not have a company/organisation name~~uid=4000019,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org objectclass: top objectclass: sstGroupObjectClass objectclass: sstRelationship uid: 4000019 sstDisplayName: Linux description: This sub tree contains the Linux based operating system choices for the whole stoney cloud installation. sstBelongsToResellerUID: 4000000 sstBelongsToCustomerUID: 4000001 sstAllowResellerUID: 0 sstAllowCustomerUID: 0 sstAllowPersonUID: 0

~~The following LDIF examples will show both cases where necessary. The first LDIF shows you~~ # This sub tree contains the ~~default '''company customer''' entry after a fresh~~ Debian Linux based operating system choices for the whole stoney cloud installation~~. All relevant data belonging to this reseller is stored below this dn~~. dn: uid=~~4000001~~4000020,uid=4000019,ou=operating system,ou=~~customers~~configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: ~~sstCustomer~~sstGroupObjectClass

objectclass: sstRelationship

uid: ~~4000001~~4000020 ~~organizationName~~sstDisplayName: ~~Customer Ltd.~~Debian ~~sstIsCompany~~description: ~~TRUE~~ ~~sstIsActive: TRUE~~This sub tree contains the Debian Linux based operating system choices for the whole stoney cloud installation.

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

dn: uid=4000021,uid=4000020,uid=4000019,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000021

sstDisplayName: 5

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

dn: uid=4000022,uid=4000020,uid=4000019,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000022

sstDisplayName: 6

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

dn: uid=4000023,uid=4000020,uid=4000019,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000023

sstDisplayName: 7

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

~~The following LDIF shows you~~ # This sub tree contains the Fedora Linux based operating system choices for the ~~'''private customer''' entry. All relevant data belonging to this reseller are stored below this dn~~whole stoney cloud installation. dn: uid=~~4000001~~4000024,uid=4000019,ou=operating system,ou=~~customers~~configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: ~~sstCustomer~~sstGroupObjectClass

objectclass: sstRelationship

uid: ~~4000001~~4000024 ~~givenName~~sstDisplayName: ~~Name~~Fedora ~~surname~~description: ~~Surname~~ ~~sstIsCompany: FALSE~~ ~~sstIsActive: TRUE~~This sub tree contains the Fedora Linux based operating system choices for the whole stoney cloud installation.

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

dn: uid=4000025,uid=4000024,uid=4000019,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000025

sstDisplayName: 12

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

dn: uid=4000026,uid=4000024,uid=4000019,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000026

sstDisplayName: 13

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

dn: uid=4000027,uid=4000024,uid=4000019,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000027

sstDisplayName: 14

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

dn: uid=4000028,uid=4000024,uid=4000019,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000028

sstDisplayName: 15

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

dn: uid=4000029,uid=4000024,uid=4000019,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000029

sstDisplayName: 16

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

dn: uid=4000030,uid=4000024,uid=4000019,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000030

sstDisplayName: 17

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

dn: uid=4000031,uid=4000024,uid=4000019,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000031

sstDisplayName: 18

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

dn: uid=4000032,uid=4000024,uid=4000019,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000032

sstDisplayName: 19

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

# This sub tree contains the Gentoo Linux based operating system choices for the whole stoney cloud installation.

dn: uid=4000033,uid=4000019,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000033

sstDisplayName: Gentoo

description: This sub tree contains the Gentoo Linux based operating system choices for the whole stoney cloud installation.

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

dn: uid=4000034,uid=4000033,uid=4000019,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000034

sstDisplayName: 2012.0

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

dn: uid=4000035,uid=4000033,uid=4000019,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000035

sstDisplayName: 2013.0

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

==== Windows ====

The sub tree '''uid=4000036,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org''' contains the Windows based operating system choices for the whole stoney cloud installation.

# This sub tree contains the Windows based operating system choices for the whole stoney cloud installation.

dn: uid=4000036,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000036

sstDisplayName: Windows

description: This sub tree contains the Windows based operating system choices for the whole stoney cloud installation.

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

# This sub tree contains the Windows Server 2008 based operating system choices for the whole stoney cloud installation.

dn: uid=4000037,uid=4000036,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000037

sstDisplayName: Server 2008

description: This sub tree contains the Windows Server 2008 based operating system choices for the whole stoney cloud installation.

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

dn: uid=4000038,uid=4000037,uid=4000036,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000038

sstDisplayName: Datacenter

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

dn: uid=4000039,uid=4000037,uid=4000036,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000039

sstDisplayName: Enterprise

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

dn: uid=4000040,uid=4000037,uid=4000036,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000040

sstDisplayName: Foundation

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

dn: uid=4000041,uid=4000037,uid=4000036,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000041

sstDisplayName: Standard

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

# This sub tree contains the Windows Server 2008 R2 based operating system choices for the whole stoney cloud installation.

dn: uid=4000042,uid=4000036,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000042

sstDisplayName: Server 2008 R2

description: This sub tree contains the Windows Server 2008 R2 based operating system choices for the whole stoney cloud installation.

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

dn: uid=4000043,uid=4000042,uid=4000036,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000043

sstDisplayName: Datacenter

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

dn: uid=4000044,uid=4000042,uid=4000036,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000044

sstDisplayName: Enterprise

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

dn: uid=4000045,uid=4000042,uid=4000036,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000045

sstDisplayName: Foundation

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

dn: uid=4000046,uid=4000042,uid=4000036,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000046

sstDisplayName: Standard

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

dn: uid=4000047,uid=4000042,uid=4000036,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000047

sstDisplayName: Web

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

# This sub tree contains the Windows Server 2012 based operating system choices for the whole stoney cloud installation.

dn: uid=4000048,uid=4000036,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000048

sstDisplayName: Server 2012

description: This sub tree contains the Windows Server 2012 based operating system choices for the whole stoney cloud installation.

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

dn: uid=4000049,uid=4000048,uid=4000036,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000049

sstDisplayName: Datacenter

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

dn: uid=4000050,uid=4000048,uid=4000036,ou=operating system,ou=configuration,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000050

sstDisplayName: Standard

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

=== Software Stack ===

The sub tree '''ou=software stack,ou=configuration,dc=foss-cloud,dc=org''' contains the software stack choices for the whole stoney cloud installation. They can be extended by the administrator.

# This sub tree contains the software stack choices for the whole stoney cloud installation.

dn: ou=software stack,ou=configuration,dc=foss-cloud,dc=org

objectclass: top

objectclass: organizationalUnit

ou: software stack

description: This sub tree contains the software stack choices for the whole stoney cloud installation.

dn: ou=environments,ou=software stack,ou=configuration,dc=foss-cloud,dc=org

objectclass: top

objectclass: organizationalUnit

ou: environments

description: This sub tree contains the software stack environment choices for the whole stoney cloud installation.

dn: uid=4000054,ou=environments,ou=software stack,ou=configuration,dc=foss-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000054

sstDisplayName: Test Environment

description: This is the environment used for testing (pre-production).

sstEnvironmentName: Test

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

dn: uid=4000055,ou=environments,ou=software stack,ou=configuration,dc=foss-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000055

sstDisplayName: Development Environment

description: This is the environment used for development (sandbox).

sstEnvironmentName: Development

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

dn: uid=4000056,ou=environments,ou=software stack,ou=configuration,dc=foss-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

uid: 4000056

sstDisplayName: Production Environment

description: This is the environment used for production.

sstEnvironmentName: Production

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

The multi-valued '''labeledURI''' attribute contains the '''operating system(s)''' for which a software stack works and therefore can be shown to the customer. The following three attributes tell us, who is allowed to access this leaf:

* '''sstAllowResellerUID''': Stores the reseller UID(s) that are allowed access to this leaf. If set to 0 (zero), all resellers have access.

* '''sstAllowCustomerUID''': Stores the customer UID(s) that are allowed access to this leaf. If set to 0 (zero), all customers belonging to the allowed resellers have access.

* '''sstAllowPersonUID''': Stores the person UID(s) that are allowed access to this leaf. If set to 0 (zero), all people belonging to the allowed resellers and the allowed customers have access.

dn: uid=4000051,ou=software stack,ou=configuration,dc=foss-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

objectclass: labeledURIObject

uid: 4000051

sstDisplayName: Django (Version 1)

description: Django Python Web Framework Version 1.

labeledURI: ldap://uid=4000034,uid=4000033,uid=4000019,ou=operating system,ou=configuration,dc=foss-cloud,dc=org

labeledURI: ldap://uid=4000035,uid=4000033,uid=4000019,ou=operating system,ou=configuration,dc=foss-cloud,dc=org

sstEnvironmentName: Test

sstEnvironmentName: Development

sstEnvironmentName: Production

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

dn: uid=4000052,ou=software stack,ou=configuration,dc=foss-cloud,dc=org

objectclass: top

objectclass: sstGroupObjectClass

objectclass: sstRelationship

objectclass: labeledURIObject

uid: 4000052

sstDisplayName: Django (Version 2)

description: Django Python Web Framework Version 2.

labeledURI: ldap://uid=4000034,uid=4000033,uid=4000019,ou=operating system,ou=configuration,dc=foss-cloud,dc=org

labeledURI: ldap://uid=4000035,uid=4000033,uid=4000019,ou=operating system,ou=configuration,dc=foss-cloud,dc=org

sstEnvironmentName: Test

sstEnvironmentName: Development

sstEnvironmentName: Production

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

sstAllowResellerUID: 0

sstAllowCustomerUID: 0

sstAllowPersonUID: 0

== Customers ==

The sub tree '''ou=customers,dc=stoney-cloud,dc=org''' contains all the customers. Each customer has a unique uid, which is used for later reference.

=== Customers - Customer ===

We have two kinds of customers:

* '''Company customer''': This is the normal case, as we target companies.

* '''Private customer''': A private customer does not have a company/organisation name.

The following LDIF examples will show both cases where necessary. The first LDIF shows you the default '''company customer''' entry after a fresh stoney cloud installation. All relevant data belonging to this customer is stored below this dn.

dn: uid=4000001,ou=customers,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstCustomer

objectclass: sstRelationship

uid: 4000001

organizationName: Customer Ltd.

sstIsCompany: TRUE

sstIsActive: TRUE

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

</source>

The following LDIF shows you the '''private customer''' entry. All relevant data belonging to this customer are stored below this dn.

dn: uid=4000001,ou=customers,dc=stoney-cloud,dc=org

objectclass: top

objectclass: sstCustomer

objectclass: sstRelationship

uid: 4000001

givenName: Name

surname: Surname

sstIsCompany: FALSE

sstIsActive: TRUE

sstBelongsToResellerUID: 4000000

sstBelongsToCustomerUID: 4000001

</source>

The following table describes the different attributes:

{| ~~style~~border="~~border-spacing:0;~~1"| style="border-~~top~~collapse:~~0.002cm solid #000000~~collapse;~~border~~font-~~bottom~~size:~~0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm~~80%;"width="100%" class="wikitable sortable"| '''Attribute'''~~| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>'''Existence'''</center>~~| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>'''Mandatory'''</center>

| style="border:0.002cm solid #000000;padding:0.097cm;"| '''Description'''

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| uid~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~| A unique integer value with 7 digits or more. For example: 4000000.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| organizationName~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x1</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~| The organisation name of the ~~reseller~~customer. For example: Customer Ltd..

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| givenName~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x1</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~| Givenname, example: Hans.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| surname~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x1</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~| Surname, example: Muster.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| sstIsCompany~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~| Is the entry active? Either true (yes) or false (no).

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| sstIsActive~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~| Is the entry active? Either true (yes) or false (no).

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| sstExternalID~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center></center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~| The ID (or number) of a customer, person or product in an external database (for example: 234567).

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| sstBelongsToResellerUID~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~| Stores the reseller UID the leaf belongs to. A unique value with 7 digits or more. For example: 4000000.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| sstBelongsToCustomerUID~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~| Stores the customer UID the leaf belongs to. A unique value with 7 digits or more, must correspond with the uid entry. For example: 4000001.

* '''x1''': If <code>sstIsCompany</code> is set to <code>TRUE</code>, the <code>organizationName</code> must be set. Otherwise <code>givenName</code> and <code>surname</code> must be set.

==== Customers - Customer - Billing ~~Address CURRENT~~address ====

The sub tree '''ou=address,uid=4000001,ou=customers,dc=stoney-cloud,dc=org''' contains the billing address for a '''company customer''':

<source lang='ldif'>dn: ou=address,uid=4000001,ou=customers,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit objectclass: ~~sstAddressCompany~~sstAddress ou: address organizationName: ~~Reseller~~ Customer Ltd. sstGender: m givenName: Name surname: Surname postalAddress: Street Number countryName: CH postalCode: Postal Code localityName: Locality preferredLanguage: en-GB mail: Name Surname <name.surname@example.com>sstMailCc: Info Customer Ltd. <info@example.com>sstMailBcc: Accounting Service Provider Ltd. <accounting@example.org> telephoneNumber: +41 00 000 00 00 mobileTelephoneNumber: +41 00 000 00 00 sstWebsiteURL: https://www.example.com/</source> The sub tree '''ou=address,uid=4000001,ou=customers,dc=stoney-cloud,dc=org''' contains the billing address for a '''private customer''':<source lang='ldif'>dn: ou=address,uid=4000001,ou=customers,dc=stoney-cloud,dc=orgobjectclass: topobjectclass: organizationalUnitobjectclass: sstAddressou: addresssstGender: mgivenName: Namesurname: SurnamepostalAddress: Street NumbercountryName: CHpostalCode: Postal CodelocalityName: LocalitypreferredLanguage: en-GBmail: Name Surname <name.surname@example.com>sstMailCc: Info <info@example.com>sstMailBcc: Accounting Service Provider Ltd. <accounting@example.org>telephoneNumber: +41 00 000 00 00mobileTelephoneNumber: +41 00 000 00 00sstWebsiteURL: https://www.example.com/</source>

The following table describes the different attributes:

{| ~~style~~border="~~border-spacing:0;~~1"| style="border-~~top~~collapse:~~0.002cm solid #000000~~collapse;~~border~~font-~~bottom~~size:~~0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm~~80%;"width="100%" class="wikitable sortable"| '''AttributeName'''~~| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>'''Existence'''</center>~~| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>'''Mandatory'''</center>| '''Interface Equivalent'''

| style="border:0.002cm solid #000000;padding:0.097cm;"| '''Description'''

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| organizationName~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~MUST~~MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x1</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~Customer Name| ~~Company~~ Customer name, for example: '''stepping stone GmbH'''.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| sstGender~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~Gender| Either 'm' for male or 'f' for female. For example: '''m'''.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| givenName~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~Name| ~~Givenname~~Name, for example: '''Hans'''.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| surname~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~Surname| Surname, for example: '''Muster'''.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| postalAddress~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x2x3</center>| ~~style="border~~Address| Multi-~~top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Street Number~~lined address, for example: '''Neufeldstrasse 9~~. Multi-lined field~~'''.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| postOfficeBox~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x2x3</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~Post Office Box| ~~Postbox~~Post Office Box, for example: 3456.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| stateOrProvinceName~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x3x4</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~State or Province Name| This ~~pulldown~~ pull down menu is only active (appears to the user), if the country is set to Canada or the USA.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| countryName~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~Country| Country code according to [http://www.iso.org/iso/home/standards/country_codes.htm ISO 3166-1 ]. The English short name (upper/lower case) is used for the ~~web~~ interface) and the corresponding ISO 3166-1-alpha-2 code (a two-letter code that represents a country name, recommended as the general purpose code) is used for the LDAP entry). ~~Example:~~ For example: '''Switzerland ''' in the ~~value is~~ interface and '''CH''' in the LDAP directory.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| postalCode~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~Postal Code| ~~Zipcode~~Postal Code without the country code, for example: '''3012'''.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| localityName~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~Location| ~~City~~Location, for example: ~~Bern~~'''Berne'''.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| preferredLanguage~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~Language| Display language of the user according to [http://www.ietf.org/rfc/rfc1766.txt RFC 1766, ]. For example: '''de-CH'''. ~~Currently~~ The following languages are currently supported:

* de-CH

* de-DE

* en-GB

* en-US

* fr-CH

* fr-FR

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| mail~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style=~~Mail Address| The customers "~~border-top~~To:~~none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;~~"~~| E-~~billing mail address ~~of the user~~, for example: '''Hans Muster <hans.muster@example.com>'''. This is a multi-valued attribute and it MUST contain at least one "To:" billing mail address.

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| telephoneNumber~~sstMailCc~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x1</center>| ~~style=~~Mail Address| The customers "~~border-top~~CC:~~none;border-bottom~~" billing mail address, for example:0'''Info Customer Ltd.~~002cm solid #000000;border-left:0~~<info@example.com>'''.~~002cm solid #000000;border~~This is a multi-~~right~~valued attribute and can contain zero or more "CC:~~0.002cm solid #000000;padding:0.097cm;~~"~~| Fixnet phone number, example: +41 31 222 33 44~~billing mail addresses.

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| mobileTelephoneNumber~~sstMailBcc~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x1</center>| ~~style=~~Mail Address| The customers "~~border-top~~BCC:~~none;border-bottom~~" billing mail address, for example:0'''Accounting Service Provider Ltd.~~002cm solid #000000;border-left:0~~<accounting@example.org>'''.~~002cm solid #000000;border~~This is a multi-~~right~~valued attribute and can contain zero or more "BCC:0" billing mail addresses.~~002cm solid #000000;padding:0.097cm;"| Mobile phone number, example: +41 76 222 33 44~~Here we'd expect the Accounting mail address of the service provider (for accountability reasons).

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~telephoneNumber| ~~sstWebsiteURL~~<center>MAY</center>| ~~style="border-top~~<center>x2</center>| Telephone| Telephone number of the user according to [http:~~none;border-bottom:0~~//en.~~002cm solid #000000;border-left:0~~wikipedia.~~002cm solid #000000;border-right~~org/wiki/E.164 E.164] (international dialling code, <s>trunk code</s>, area code, subscriber line). For example:~~none;padding:0~~'''+41 31 222 33 44'''.~~097cm;"~~ |-| mobileTelephoneNumber| <center>MAY</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~<center>x2</center>| Mobile| ~~style="border-top~~Mobile phone number of the user according to [http:~~none;border-bottom:0~~//en.~~002cm solid #000000;border-left:0~~wikipedia.~~002cm solid #000000;border-right:0~~org/wiki/E.~~002cm solid #000000;padding~~164 E.164] (international dialling code, <s>trunk code</s>, area code, subscriber line). For example:0'''+41 76 222 33 44'''.~~097cm;"~~ | ~~URL gemäss RFC~~-~~3986~~ | sstWebsiteURL| <center>MAY</center>| | Website| Website URL according to [http://tools.ietf.org/html/rfc3986RFC-3986]. For example : '''http://www.stepping-stone.ch'''/.

Legend:

* '''x1x1''': If the attribute <code>sstIsCompany</code> of the parent entry is set to <code>TRUE</code>, the <code>organizationName</code> must be set.* '''x2''': Either telephoneNumber or mobileTelephoneNumber need to be present. Both attributes can exist together.* '''x2x3''': Either postalAddress or postOfficeBox need to be present. Both attributes can exist together.* '''x3x4''': If the countryName is either Canada or the USA, the stateOrProvinceName needs to be present.

==== Customers - Customer - Shipping address (optional) ====The sub tree '''ou=~~address~~shipping,uid=4000001,ou=customers,dc=stoney-cloud,dc=org''' contains the ~~billing~~ shipping address ~~for a~~ and is optional (it is only needed, if the shipping address differs from the billing Address).<source lang='ldif'~~'private customer''':~~> dn: ou=~~address~~shipping,uid=4000001,ou=customers,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit objectclass: ~~sstAddressPerson~~sstAddress ou: ~~address~~shippingorganizationName: Customer Ltd. sstGender: m givenName: Name surname: Surname postalAddress: Street Number countryName: CH postalCode: Postal Code localityName: Locality preferredLanguage: en-GB mail: name.surname@example.com telephoneNumber: +41 00 000 00 00 mobileTelephoneNumber: +41 00 000 00 00 sstWebsiteURL: https://www.example.com/</source> ==== Customers - Customer - Billing ====The sub tree '''ou=billing,uid=4000001,ou=customers,dc=stoney-cloud,dc=org''' contains billing relevant data. The following example shows a customer, receiving a monthly bill.<source lang='ldif'>dn: ou=billing,uid=4000001,ou=customers,dc=stoney-cloud,dc=orgobjectclass: topobjectclass: organizationalUnitobjectclass: sstBillingCustomerou: billingsstBillable: TRUEsstBillingCycle: 1sstCurrency: CHFsstPaymentMethod: invoicesstDeliveryMethod: postsstDiscount: 20sstCancellationDate: 20181231sstMailToUID: 4000002sstMailCcUID: 4000064sstMailBccUID: 4000066sstMailBccUID: 4000069</source> The following example shows a customer, which receives their bill via their reseller (no billing done by us):<source lang='ldif'>dn: ou=billing,uid=4000001,ou=customers,o=stepping-stone,c=chobjectclass: topobjectclass: organizationalUnitobjectclass: sstBillingCustomerou: billingsstBillable: TRUE</source>

The following table describes the different attributes:

| style="border:0.002cm solid #000000;padding:0.097cm;"| '''Description'''

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~sstBillable| ~~sstGender~~<center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~MUST~~x2</center>| ~~style="border-top:none;border-bottom~~All hierarchical levels must have <code>sstBillable:0TRUE</code> to actually have an invoice generated and sent.~~002cm solid #000000;border-left:0~~If the attribute <code>sstBillable</code> doesn't exist, the default is <code>TRUE</code>.~~002cm solid #000000;border-right~~This way, we are forced to set a reseller, customer or product manually to <code>sstBillable:~~none;padding:0~~FALSE</code> if we want to avoid sending them an invoice.~~097cm;"~~|-| sstBillingCycle| <center>xMAY</center>| ~~style="border-top~~<center></center>| Billing cycle in months. This attribute <code>sstBillingCycle</code> is only checked (evaluated), if the reseller the customer belongs to, has <code>sstResellerBill</code> set to <code>FALSE</code> (as is the case for the reseller stepping stone GmbH). Possible values:~~none;border-bottom~~* 1:0Monthly invoice.~~002cm solid #000000;border-left~~* 3:0Quarterly invoice.~~002cm solid #000000;border-right~~* 6:0Semi-annually invoice.~~002cm solid #000000;padding:0.097cm;"| Either~~ * 'm' ~~for male or~~ 'f12' ~~for female~~'': Yearly invoice (this is the default billing period if no <code>sstBillingCycle</code> is set).

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| givenName~~sstCurrency~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~MUST~~MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border~~Three-~~top~~letter currency code according to [https:~~none;border-bottom:0~~//en.~~002cm solid #000000;border-left:0~~wikipedia.~~002cm solid #000000;border-right:0~~org/wiki/ISO_4217 ISO 4217].~~002cm solid #000000;padding~~Possible values are:0* '''CHF''': Swiss franc (this is the default currency if no <code>sstCurrency</code> is set).~~097cm;"| Givenname, example~~* EUR: ~~Hans.~~Euro* GBP: Pound sterling* USD: United States dollar

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| surname~~sstPaymentMethod~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~MUST~~MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0~~Payment method of the invoice.~~002cm solid #000000;border-left~~Possible values are:~~0.002cm solid #000000;border-right~~* '''invoice''':0Classic invoice, sent according to the delivery method defined in <code>sstDeliveryMethod</code> (this is the default payment method if no <code>sstPaymentMethod</code> is set).~~002cm solid #000000;padding~~* postcard:0Electronic invoice via PostFinance.~~097cm;"| Surname, example~~* creditcard: ~~Muster~~Credit card payment.

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| postalAddress~~sstDeliveryMethod~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x2</center>| ~~style="border-top:none;border-bottom:0~~Delivery method of invoices or access data.~~002cm solid #000000;border-left~~Possible values are:~~0.002cm solid #000000;border-right~~* email:0The invoice or access data is sent via email to the recipient.~~002cm solid #000000;padding~~* '''post''':~~0.097cm;"| Street Number, example: Neufeldstrasse 9. Multi-lined field~~The invoice or access data is sent via snail mail to the recipient (this is the default delivery method if no <code>sstDeliveryMethod</code> is set).

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| postOfficeBox~~sstDiscount~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x2</center>| ~~style="border-top:none;border-bottom:~~An optional customer discount (an integer value between 0and 100).~~002cm solid #000000;border-left:~~Default is '''0~~.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Postbox, example: 3456~~'''.

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| stateOrProvinceName~~sstCancellationDate~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x3</center>| ~~style="border-top:none;border-bottom:0~~The cancellation date of a reseller, customer or service in the form of [YYYY][MM][DD] (ISO 8601).~~002cm solid #000000;border-left~~For example:0'''20181231'''.~~002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| This pulldown menu~~ The attribute <code>sstCancellationDate</code> is ~~only active (appears to the user), if the country is set to Canada or the USA~~used in a logical AND combination with <code>sstIsActive</code>.

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| countryName~~sstMailToUID~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~MUST~~MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x1</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Country~~ This attribute <code ~~according to ISO 3166-1~~ >sstMailToUID</code> is only checked (~~for the web interface~~evaluated) ~~and~~ , if the ~~corresponding ISO 3166~~delivery method <code>sstDeliveryMethod</code> is set to <code>email</code>. Even though this attribute is multi-~~1-alpha-2 code~~ valued, we expect on recipient only. Stores the UID (as Unique Identifier in the ~~LDAP entry~~form integer value with 7 digits)of the person an email is sent to via To. ~~Example: For Switzerland~~ This UID is used to look up the ~~value is CH~~persons mail address, preferred language, name, surname or other information in the sub tree ou=people,dc=stoney-cloud,dc=org. For example: '''4000002'''.

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| postalCode~~sstMailCcUID~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~MUST~~MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border~~This attribute <code>sstMailCcUID</code> is only checked (evaluated), if the delivery method <code>sstDeliveryMethod</code> is set to <code>email</code>. Please be aware, that this attribure ist multi-~~top:none;border-bottom:0~~valued and multiple recipients are to be expected.~~002cm solid #000000;border-left:0~~Stores the UID (Unique Identifier in the form integer value with 7 digits) of the person an email is sent to via CC.~~002cm solid #000000;border~~This UID is used to look up the persons mail address, preferred language, name, surname or other information in the sub tree ou=people,dc=stoney-~~right:0~~cloud,dc=org.~~002cm solid #000000;padding~~For example:0'''4000064'''.~~097cm;"| Zipcode, example: 3012~~

| ~~style="border-top:none;border-bottom:0~~sstMailBccUID| <center>MAY</center>| <center></center>| This attribute <code>sstMailBccUID</code> is only checked (evaluated), if the delivery method <code>sstDeliveryMethod</code> is set to <code>email</code>.~~002cm solid #000000;border~~Please be aware, that this attribure ist multi-~~left:0~~valued and multiple recipients are to be expected.~~002cm solid #000000;border~~Stores the UID (Unique Identifier in the form integer value with 7 digits) of the person an email is sent to via BCC. This UID is used to look up the persons mail address, preferred language, name, surname or other information in the sub tree ou=people,dc=stoney-~~right~~cloud,dc=org. For example:~~none;padding:0~~'''4000066''' or '''4000069'''.~~097cm;"| localityName~~ | ~~style="border-top~~} Legend:~~none;border-bottom~~* '''x''':0Mandatory in all cases.~~002cm solid #000000;border-left~~* '''x1''':0The attribute <code>sstMailToUID</code> is mandatory, if the delivery method <code>sstDeliveryMethod</code> is set to <code>email</code>.~~002cm solid #000000;border-right~~* '''x2''':~~none;padding:0~~As the default of the attribute <code>sstBillable</code> is <code>TRUE</code>, it's not really mandatory.~~097cm;"|~~ For better readability, please always add the attribute <~~center~~code>~~MUST~~sstBillable</~~center~~code>. ~~| style~~=~~"border~~=== Customers -~~top:none;border~~Customer -~~bottom~~Employees ====The sub tree '''ou=employees,uid=4000001,ou=customers,dc=stoney-cloud,dc=org''' contains the employees belonging to the reseller '''Customer Ltd.''' (all the employees with the the attribute sstBelongsToEmployeeUID=4000001). With the attribute labeledURI we use the functionality of the [http:0//www.~~002cm solid~~ openldap.org/doc/admin24/overlays.html#~~000000;border~~Dynamic%20Lists dynamic lists overlay] to automatically give us a list of employees belonging to this customer. The number of employees is always the same or smaller than the number of people belonging to a customer (they are a subset).<source lang='ldif'>dn: ou=employees,uid=4000001,ou=customers,dc=stoney-~~left~~cloud,dc=orgobjectclass:0topobjectclass: organizationalUnitobjectclass: labeledURIObjectou: employeeslabeledURI: ldap:///ou=people,dc=stoney-cloud,dc=org??one?(sstEmployeeOfUID=4000001)member: uid=4000002,ou=people,dc=stoney-cloud,dc=org</source> In this example, the customer '''Customer Ltd.~~002cm solid #000000;~~''' has one employee (with the uid=4000002). The following table describes the different attributes:{| border="1" style="border-~~right~~collapse:~~none~~collapse;~~padding~~font-size:~~0.097cm~~80%;"width="100%" class="wikitable sortable"| '''Attribute'''| <center>x'''Existence'''</center>| <center>'''Mandatory'''</center>| style="border~~-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right~~:0.002cm solid #000000;padding:0.097cm;"| ~~City, example: Bern.~~'''Description'''

| ~~style="border-top~~attribure| <center>MUST</center>| <center>x</center>| TBD.|} Legend:~~none;border-bottom~~* '''x''':0Mandatory in all cases.~~002cm solid #000000;border~~ ==== Customers -~~left~~Customer - People ====The sub tree '''ou=people,uid=4000001,ou=customers,dc=stoney-cloud,dc=org''' contains the all the people belonging to the customer '''Customer Ltd.''' (all the people, including the employees, with the the attribute sstBelongsToCustomerUID=4000001). With the attribute labeledURI we use the functionality of the [http:0//www.~~002cm solid~~ openldap.org/doc/admin24/overlays.html#~~000000;border~~Dynamic%20Lists dynamic lists overlay] to automatically give us a list of employees belonging to this reseller. The number of people is always the same or larger than the number of employees belonging to a reseller.<source lang='ldif'>dn: ou=people,uid=4000001,ou=customers,dc=stoney-~~right~~cloud,dc=orgobjectclass:~~none;padding~~topobjectclass:~~0.097cm;"| preferredLanguage~~organizationalUnit~~| style~~objectclass: labeledURIObjectou: peoplelabeledURI: ldap:///ou=~~"border~~people,dc=stoney-~~top~~cloud,dc=org??one?(sstBelongsToCustomerUID=4000001)member:~~none;border~~uid=4000002,ou=people,dc=stoney-~~bottom~~cloud,dc=orgmember:~~0.002cm solid #000000;border~~uid=4000064,ou=people,dc=stoney-~~left~~cloud,dc=orgmember:~~0.002cm solid #000000;border~~uid=4000066,ou=people,dc=stoney-~~right~~cloud,dc=orgmember:~~none;padding:0.097cm;"| <center>MUST~~uid=4000069,ou=people,dc=stoney-cloud,dc=org</~~center~~source> In this example, four people the customer '''Customer Ltd.''' (including the employee with the uid=4000002). The following table describes the different attributes:{| border="1" style="border-~~top~~collapse:~~none~~collapse;~~border~~font-~~bottom~~size:~~0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm~~80%;"width="100%" class="wikitable sortable"| '''Attribute'''| <center>x'''Existence'''</center>| <center>'''Mandatory'''</center>| style="border~~-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right~~:0.002cm solid #000000;padding:0.097cm;"| ~~Display language of the user according to RFC 1766, example: de-CH. Currently supported:~~* de-CH* en-GB'''Description'''

| ~~style="border-top~~attribure| <center>MUST</center>| <center>x</center>| TBD.|} Legend:~~none;border-bottom~~* '''x''':0Mandatory in all cases.~~002cm solid #000000;border~~ === Customers -~~left~~Customer (LEGACY) ===We have two kinds of customers:0* '''Company customer''': This is the normal case, as we target companies.~~002cm solid #000000;border-right~~* '''Private customer''':~~none;padding:0~~A private customer does not have a company/organisation name.~~097cm;"| mail| style~~The following LDIF examples will show both cases where necessary. The first LDIF shows you the default '''company customer''' entry after a fresh stoney cloud installation. All relevant data belonging to this reseller is stored below this leaf.<source lang=~~"border~~'ldif'>dn: uid=4000001,ou=customers,dc=stoney-cloud,dc=orgobjectclass: topobjectclass:~~none;border-bottom~~sstCustomerCompanyuid:~~0.002cm solid #000000;border-left~~4000001organizationName:0Customer Ltd.~~002cm solid #000000;border-right~~sstBelongsToResellerUID:~~none;padding~~4000000sstBelongsToCustomerUID:~~0.097cm;"| <center>MUST~~4000001sstIsActive: TRUE</~~center~~source> The following table describes the different attributes:{| border="1" style="border-~~top~~collapse:~~none~~collapse;~~border~~font-~~bottom~~size:~~0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm~~80%;"width="100%" class="wikitable sortable"| '''Attribute'''| <center>x'''Existence'''</center>| <center>'''Mandatory'''</center>| style="border~~-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right~~:0.002cm solid #000000;padding:0.097cm;"| ~~E-mail address of the user, example: hans.muster@example.com.~~'''Description'''

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| telephoneNumber~~uid~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~MAY~~MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x1x</center>| ~~style="border-top:none;border-bottom:0~~A unique integer value with 7 digits or more.~~002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Fixnet phone number,~~ For example: ~~+41 31 222 33 44~~4000000.

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| mobileTelephoneNumber~~organizationName~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~MAY~~MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x1x</center>| ~~style="border-top:none;border-bottom:0~~The organisation name of the reseller.~~002cm solid #000000;border-left~~For example:0Customer Ltd.~~002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Mobile phone number, example: +41 76 222 33 44~~.

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~sstBelongsToResellerUID| ~~sstWebsiteURL~~<center>MUST</center>| ~~style="border-top:none;border-bottom:0~~<center>x</center>| Stores the reseller UID the leaf belongs to.~~002cm solid #000000;border-left:0~~A unique value with 7 digits or more.~~002cm solid #000000;border-right~~For example:~~none;padding:0~~4000000.~~097cm;"~~ |-| sstBelongsToCustomerUID| <center>MAY</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"|~~ <center>x</center>| ~~style="border-top:none;border-bottom:0~~Stores the customer UID the leaf belongs to.~~002cm solid #000000;border-left:0~~A unique value with 7 digits or more, must correspond with the uid entry.~~002cm solid #000000;border-right~~For example:04000001.~~002cm solid #000000;padding:0.097cm;"~~ | ~~URL gemäss RFC~~-~~3986 http:/~~| sstExternalID| <center>MAY</~~tools.ietf.org/html~~center>| <center></~~rfc3986. For~~ center>| The ID (or number) of a customer, person or product in an external database (for example ~~http~~:~~//www~~234567).~~stepping~~ |-~~stone.ch~~| sstIsActive| <center>MAY</center>| <center>x</center>| Is the entry active? Either true (yes) or false (no).

Legend:

* '''x''': Mandatory in all cases.

* The following LDIF shows you the '''x1private customer'''~~: Either telephoneNumber or mobileTelephoneNumber need to be present~~entry. ~~Both attributes can exist together.~~* '''x2''': Either postalAddress or postOfficeBox need All relevant data belonging to ~~be present. Both attributes can exist together~~this reseller are stored below this leaf.* '''x3'<source lang='ldif'>dn: ~~If the countryName is either Canada or the USA~~uid=4000001, ~~the stateOrProvinceName needs to be present.~~ou=customers,dc=stoney-cloud,dc=orgobjectclass: topobjectclass: sstCustomerPersonuid: 4000001givenName: Namesurname: SurnamesstBelongsToResellerUID: 4000000sstBelongsToCustomerUID: 4000001sstIsActive: TRUE</source>

The following table describes the different attributes:{| border="1" style="border-collapse: collapse; font-size:80%;" width="100%" class= ~~Customers Billing Address NEW ====~~"wikitable sortable"~~The sub tree~~ | '''~~ou=address,uid=4000001,ou=customers,dc=stoney-cloud,dc=org~~Attribute''' ~~contains the billing address for a~~ | <center>'''~~company customer~~Existence''':</center> ~~dn: ou~~| <center>'''Mandatory'''</center>| style=~~address,uid=4000001,ou=customers,dc=stoney-cloud,dc=org~~ ~~objectclass~~"border: ~~top~~ ~~objectclass: organizationalUnit~~ ~~objectclass: sstAddress~~ ~~ou: address~~ ~~organizationName: Reseller Ltd~~0. ~~sstGender~~002cm solid #000000;padding: m ~~givenName: Name~~ ~~surname: Surname~~ ~~postalAddress: Street Number~~ ~~countryName: CH~~ ~~postalCode: Postal Code~~ ~~localityName: Locality~~ ~~preferredLanguage: en-GB~~ ~~mail: name~~0.~~surname@example.com~~ ~~telephoneNumber: +41 00 000 00 00~~ ~~mobileTelephoneNumber: +41 00 000 00 00~~ ~~sstWebsiteURL: https://www.example.com/~~097cm;"| '''Description'''

|-| uid| <center>MUST</center>| <center>x</center>| A unique integer value with 7 digits or more. For example: 4000000. |-| givenName| <center>MUST</center>| <center>x</center>| Givenname, example: Hans. |-| surname| <center>MUST</center>| <center>x</center>| Surname, example: Muster. |-| sstBelongsToResellerUID| <center>MUST</center>| <center>x</center>| Stores the reseller UID the leaf belongs to. A unique value with 7 digits or more, must correspond with the uid entry. For example: 4000000. |-| sstBelongsToCustomerUID| <center>MAY</center>| <center>x</center>| Stores the customer UID the leaf belongs to. A unique value with 7 digits or more, must correspond with the uid entry. For example: 4000001. |-| sstExternalID| <center>MAY</center>| <center></center>| The ID (or number) of a customer, person or product in an external database (for example: 234567). |-| sstIsActive| <center>MAY</center>| <center>x</center>| Is the entry active? Either true (yes) or false (no). |} Legend:* '''x''': Mandatory in all cases. ==== Customers - Customer (LEGACY) - Billing address ====The sub tree '''ou=address,uid=4000001,ou=customers,dc=stoney-cloud,dc=org''' contains the billing address for a '''~~private~~ company customer''': <source lang='ldif'>dn: ou=address,uid=4000001,ou=customers,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit objectclass: ~~sstAddress~~sstAddressCompany ou: address organizationName: Customer Ltd.sstGender: m givenName: Name surname: Surname postalAddress: Street Number countryName: CH postalCode: Postal Code localityName: Locality preferredLanguage: en-GB mail: name.surname@example.com telephoneNumber: +41 00 000 00 00 mobileTelephoneNumber: +41 00 000 00 00 sstWebsiteURL: https://www.example.com/</source>

The following table describes the different attributes:

| style="border:0.002cm solid #000000;padding:0.097cm;"| '''Description'''

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| organizationName~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~MAY~~MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x~~1~~</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~| Company name, example: stepping stone GmbH

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| sstGender~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~| Either 'm' for male or 'f' for female.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| givenName~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~| Givenname, example: Hans.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| surname~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~| Surname, example: Muster.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| postalAddress~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~x3~~x2</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~| Street Number, example: Neufeldstrasse 9. Multi-lined field.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| postOfficeBox~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~x3~~x2</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~| Postbox, example: 3456.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| stateOrProvinceName~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~x4~~x3</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~| This pulldown menu is only active (appears to the user), if the country is set to Canada or the USA.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| countryName~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~| Country code according to ISO 3166-1 (for the web interface) and the corresponding [https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2 ISO 3166-1-alpha-2 ] code (as the LDAP entry). Example: For Switzerland the value is CH.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| postalCode~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~| Zipcode, example: 3012

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| localityName~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~| City, example: Bern.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| preferredLanguage~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~| Display language of the user according to RFC 1766, example: de-CH. Currently supported:

* de-CH

* en-GB

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| mail~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~| E-mail address of the user, example: hans.muster@example.com.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| telephoneNumber~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~x2~~x1</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~| Fixnet phone number, example: +41 31 222 33 44.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| mobileTelephoneNumber~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~x2~~x1</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~| Mobile phone number, example: +41 76 222 33 44.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| sstWebsiteURL~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| ~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~| URL ~~according~~ gemäss RFC-3986 http://tools.ietf.org/html/rfc3986. For example http://www.stepping-stone.ch/.

Legend:

* '''~~x1''': If the attribute <code>sstIsCompany</code> of the parent entry is set to <code>TRUE</code>, the <code>organizationName</code> must be set.~~* '''x2x1''': Either telephoneNumber or mobileTelephoneNumber need to be present. Both attributes can exist together.* '''~~x3~~x2''': Either postalAddress or postOfficeBox need to be present. Both attributes can exist together.* '''~~x4~~x3''': If the countryName is either Canada or the USA, the stateOrProvinceName needs to be present.

~~==== Customers Shipping Address (optional) ====~~The sub tree '''ou=~~shipping~~address,uid=4000001,ou=customers,dc=stoney-cloud,dc=org''' contains the ~~shipping~~ billing address ~~and is optional (it is only needed, if the shipping address differs from the billing Address).~~for a '''private customer''':<source lang='ldif'> dn: ou=~~shipping~~address,uid=4000001,ou=customers,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit objectclass: ~~sstAddress~~sstAddressPerson ou: address ~~organizationName: Reseller Ltd.~~ sstGender: m givenName: Name surname: Surname postalAddress: Street Number countryName: CH postalCode: Postal Code localityName: Locality preferredLanguage: en-GB mail: name.surname@example.com telephoneNumber: +41 00 000 00 00 mobileTelephoneNumber: +41 00 000 00 00 sstWebsiteURL: https://www.example.com/ ~~==== Customers Billing ====The sub tree '''ou=billing,uid=4000001,ou=customers,dc=stoney-cloud,dc=org''' contains billing relevant data:~~ ~~dn: ou=billing,uid=4000001,ou=customers,dc=stoney-cloud,dc=org~~ ~~objectclass: top~~ ~~objectclass: organizationalUnit~~ ~~objectclass: sstBillingReseller~~ ~~ou: billing~~ ~~sstResellerBill: TRUE~~ ~~This entry need to be described in detail. TBD.~~</source>

The following table describes the different attributes:

| style="border:0.002cm solid #000000;padding:0.097cm;"| '''Description'''

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| attribure~~sstGender~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0~~Either 'm' for male or 'f' for female.~~002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| TBD.~~|}

~~==== Customers Employees ====~~|-~~The sub tree '''ou=employees~~| surname| <center>MUST</center>| <center>x</center>| Surname,uid=4000001,ou=customers,dc=stoney-cloud,dc=org''' contains the employees belonging to the reseller '''Customer Ltd.''' (all the employees with the the attribute sstBelongsToEmployeeUID=4000001). With the attribute labeledURI we use the functionality of the [httpexample://www.openldap.org/doc/admin24/overlays.html#Dynamic%20Lists dynamic lists overlay] to automatically give us a list of employees belonging to this customer. The number of employees is always the same or smaller than the number of people belonging to a customer (they are a subset)Muster.

~~dn: ou=employees,uid=4000001,ou=customers,dc=stoney~~|-~~cloud,dc=org~~ ~~objectclass: top~~| postalAddress ~~objectclass: organizationalUnit~~| <center>MAY</center> ~~objectclass: labeledURIObject~~| <center>x2</center> ~~ou: employees~~ ~~labeledURI: ldap:///ou=people~~| Street Number,~~dc=stoney-cloud,dc=org??one?(sstEmployeeOfUID=4000001)~~ ~~member~~example: ~~uid=4000002,ou=people,dc=stoney~~Neufeldstrasse 9. Multi-~~cloud,dc=org~~lined field.

~~The following table describes the different attributes:~~{| ~~style="border~~-~~spacing:0;"~~| ~~style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| '''Attribute'''~~stateOrProvinceName~~| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~'''Existence'''~~MAY</center>~~| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~'''Mandatory'''~~x3</center>| ~~style="border:0~~This pulldown menu is only active (appears to the user), if the country is set to Canada or the USA.~~002cm solid #000000;padding:0.097cm;"| '''Description'''~~

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| attribure~~countryName~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border~~Country code according to ISO 3166-~~top:none;border~~1 (for the web interface) and the corresponding ISO 3166-~~bottom:0.002cm solid #000000;border~~1-~~left:0.002cm solid #000000;border~~alpha-~~right:0~~2 code (as the LDAP entry).~~002cm solid #000000;padding~~Example:0For Switzerland the value is CH.~~097cm;"| TBD.~~|}

~~==== Customers People ====~~|-~~The sub tree '''ou=people~~| localityName| <center>MUST</center>| <center>x</center>| City,uid=4000001,ou=customers,dc=stoney-cloud,dc=org''' contains the all the people belonging to the customer '''Customer Ltd.''' (all the people, including the employees, with the the attribute sstBelongsToCustomerUID=4000001). With the attribute labeledURI we use the functionality of the [httpexample://www.openldap.org/doc/admin24/overlays.html#Dynamic%20Lists dynamic lists overlay] to automatically give us a list of employees belonging to this reseller. The number of people is always the same or larger than the number of employees belonging to a resellerBern.

~~dn: ou=people,uid=4000001,ou=customers,dc=stoney~~|-~~cloud,dc=org~~ ~~objectclass: top~~| preferredLanguage ~~objectclass: organizationalUnit~~| <center>MUST</center> ~~objectclass: labeledURIObject~~| <center>x</center> ~~ou: employees~~ ~~labeledURI: ldap:///ou=people~~| Display language of the user according to RFC 1766,~~dc=stoney-cloud,dc=org??one?(sstBelongsToCustomerUID=4000001)~~ ~~member~~example: ~~uid=4000002,ou=people,dc=stoney~~de-~~cloud,dc=org~~ ~~member~~CH. Currently supported: ~~uid=4000064,ou=people,dc=stoney-cloud,dc=org~~ ~~member: uid=4000066,ou=people,dc=stoney~~* de-~~cloud,dc=org~~CH ~~member: uid=4000069,ou=people,dc=stoney~~* en-~~cloud,dc=org~~GB

~~The following table describes the different attributes:~~{| ~~style="border~~-~~spacing:0;"~~| ~~style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| '''Attribute'''~~telephoneNumber~~| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~'''Existence'''~~MAY</center>~~| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~'''Mandatory'''~~x1</center>| ~~style="border~~Fixnet phone number, example:0+41 31 222 33 44.~~002cm solid #000000;padding:0.097cm;"| '''Description'''~~

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| attribure~~mobileTelephoneNumber~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~MUST~~MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>xx1</center>| ~~style="border-top~~Mobile phone number, example:~~none;border-bottom:0~~+41 76 222 33 44.~~002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| TBD.~~|}

| sstWebsiteURL

| <center>MAY</center>

| URL gemäss RFC-3986 http://tools.ietf.org/html/rfc3986. For example http://www.stepping-stone.ch/.

Legend:

* '''xx1''': ~~Mandatory in all cases~~Either telephoneNumber or mobileTelephoneNumber need to be present. Both attributes can exist together.* '''x2''': Either postalAddress or postOfficeBox need to be present. Both attributes can exist together.* '''x3''': If the countryName is either Canada or the USA, the stateOrProvinceName needs to be present.

== Groups ==

== People ==

The sub tree which contains all the people. Each person has a unique identifier (uid):<source lang='ldif''>dn: ou=people,dc=stoney-cloud,dc=org~~'''~~ objectclass: topobjectclass: organizationalUnitou: peopledescription: The sub tree which contains all the people. ~~Each person has a unique uid, which is used for later reference.~~</source>

=== People ~~uid (per person)~~ - Person ===Each person hat its own leaf with a unique identifier (uid). The following LDIF shows you ~~the default~~ a typical '''person''' entry ~~after a fresh stoney cloud installation~~. All relevant data belonging to this person is stored below this dnleaf.

<source lang='ldif'>dn: uid=4000002,ou=people,dc=stoney-cloud,dc=org objectclass: top objectclass: sstPerson uid: 4000002 sstGender: m sstTitle: CEO givenName: Name surname: Surname displayName: Name SurnamepreferredLanguage: en-GB userPassword: {SSHA}UgrBHVhKxFQInWWpzf1ddgEVmSg5vKUm mail: name.surname@example.com cn: admin telephoneNumber: +41 00 000 00 00 mobileTelephoneNumber: +41 00 000 00 00 sstTimeZoneOffset: UTC+01 sstIsActive: TRUE sstBelongsToResellerUID: 4000000 sstBelongsToCustomerUID: 4000001 sstEmployeeOfUID: 4000000 sstEmployeeOfUID: 4000001</source>

The person '''Name Surname''' (with the uid=4000002) belongs to the reseller '''Reseller Ltd.''' (with sstBelongsToResellerUID=4000000) and is an employee of the same company (sstEmployeeOfUID=4000000). The person also belongs the customer '''Customer Ltd.''' (with sstBelongsToCustomerUID=4000001) and is an employee of the same company (sstEmployeeOfUID=4000001).

The following table describes the different attributes:

{| border="1" style="border-~~spacing~~collapse:0collapse;font-size:80%;" width="100%" class="wikitable sortable"

| style="width:200px; border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| '''AttributeType'''

~~| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>'''Existence'''</center>~~| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>'''Mandatory'''</center>| ~~style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~'''Interface Equivalent'''| <center>'''User alterable'''</center>

| style="width:600px; border:0.002cm solid #000000;padding:0.097cm;"| '''Description'''

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| uid~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~UID| <center></center>| ~~style="border-top:none;border-bottom:0~~Unique Identifier.~~002cm solid #000000;border-left~~For example:~~0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Unique Identifier~~'''4000002'''.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| sstGender~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~Gender| <center></center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~| Either 'm' for male or 'f' for female. For example: '''m'''.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| sstTitle~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~Title| <center>x</center>| ~~style="border-top~~The title of a person as a [http:~~none;border-bottom:0~~//en.~~002cm solid #000000;border-left:0~~wikipedia.~~002cm solid #000000;border~~org/wiki/UTF-~~right:0~~8 UTF-8]] formatted string.~~002cm solid #000000;padding~~For example:~~0.097cm;"| The title of a person in the form of~~ '''CEO ''' or '''Technician'''.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| givenName~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~Name| <center>(x)</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Givenname~~Name, for example: '''Hans'''.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| surname~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~Surname| <center>(x)</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~| Surname, for example: ~~Meier~~'''Muster'''.

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| preferredLanguage~~displayName~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~MUST~~MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x2</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~Display name| <center>x</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~| Display ~~language of the user according to RFC 1766~~name, for example: ~~de-CH~~ ''' Hans Muster'''.

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| userPassword~~preferredLanguage~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~Language| <center>x</center>| ~~style="border-top~~Display language of the user according to RFC 1766:~~none;border-bottom~~<nowiki>[</nowiki>[http:0//www.~~002cm solid #000000;border~~loc.gov/standards/iso639-~~left:0~~2/php/code_list.~~002cm solid #000000;border~~php ISO 639-~~right~~1 Code]<nowiki>]</nowiki>-<nowiki>[</nowiki>[http:0//www.~~002cm solid #000000;padding:0~~iso.~~097cm;"| SSHA user password. {SSHA} is a RFC 2307 password scheme which uses the SHA1 secure hash algorithm. The {SSHA} is the seeded varient. {SSHA} is recommended over other RFC 2307 schemes~~org/iso/english_country_names_and_code_elements ISO 3166-1-alpha-2 code]<nowiki>]</nowiki> .For example: <code>de-CH</code>

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| mail~~userPassword~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~Password| <center>x</center>| ~~style="border-top:none;border-bottom:0~~SSHA user password.~~002cm solid #000000;border-left~~{SSHA} is a [http:0//www.~~002cm solid #000000;border-right:0~~ietf.~~002cm solid #000000;padding:0~~org/rfc/rfc2307.~~097cm;"| E-mail address of~~ txt RFC 2307] password scheme which uses the ~~user,~~ SHA1 secure hash algorithm. For example: ~~hans@example~~'''{SSHA}h+qbh3pFWrZxmz02H5tXhOr+0/wrmHFF'''.~~com~~

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| cn~~mail~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~MAY~~MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~Mail Address| <center>x</center>| ~~style="border-top~~The users mail address, for example:~~none;border-bottom:0~~'''hans.~~002cm solid #000000;border-left:0~~muster@example.~~002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Common name of the user, for instance admin or user1~~com'''.

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| telephoneNumber~~cn~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x1</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| ~~<center>x1</center>~~| ~~style="border-top~~Common name of the user, for example:~~none;border~~'''sst-~~bottom:0~~mei'''.~~002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Fixnet phone number, example: +41 31 222 33 44~~

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| mobileTelephoneNumber~~telephoneNumber~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x1x1</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~Telephone| <center>x1x1</center>| ~~style="border-top~~Telephone number of the user according to [http:~~none;border-bottom:0~~//en.~~002cm solid #000000;border-left:0~~wikipedia.~~002cm solid #000000;border-right:0~~org/wiki/E.~~002cm solid #000000;padding:0~~164 E.~~097cm;"| Mobile phone number~~164] (international dialling code, <s>trunk code</s>, area code, subscriber line). For example: '''+41 76 31 222 33 44'''.

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstTimeZoneOffset~~mobileTelephoneNumber~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~MUST~~MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x1</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~Mobile| <center>x1</center>| ~~style="border-top~~Mobile phone number of the user according to [http:~~none;border-bottom:0~~//en.~~002cm solid #000000;border-left:0~~wikipedia.~~002cm solid #000000;border-right:0~~org/wiki/E.~~002cm solid #000000;padding:0~~164 E.~~097cm;"| Time zone as an offset from UTC~~164] (international dialling code, <s>trunk code</s>, area code, subscriber line). For example: ~~UTC~~'''+0141 76 222 33 44'''.

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstIsActive~~sstTimeZoneOffset~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~MAY~~MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| ~~<center>x</center>~~| ~~style="border-top:none;border-bottom:0~~Time zone as an offset from UTC.~~002cm solid #000000;border-left~~For example:~~0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Is the entry active? Either true (yes) or false (no).~~'''UTC+01'''

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstBelongsUID~~sstIsActive~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| ~~<center></center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Wenn dieser Wert vorhanden ist und der Wert "1" aufweist, ist diese Person Superuser und hat Zugriff über das gesamte System. In der Regel wird der Superuser nur benötigt, um neue Wiederverkäufer Is the entry active? Either '''true''' (yes) or '''false''' (~~Reseller~~no) ~~aufzuschalten~~.

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstBelongsToResellerUID~~sstBelongsToUID~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center></center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center></center>| ~~style="border-top:none;border-bottom:0~~If this value is set to '''1''', the user is the super user of the whole stoney cloud installation.~~002cm solid #000000;border-left:0~~Therefore this user can add and remove resellers.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Die UID des Wiederverkäufers (Reseller) zu der die Person gehört. Das heisst, die Person ist Mitarbeiter des WiederverkäufersUse with caution.

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstBelongsToCustomerUID~~sstBelongsToResellerUID~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~MUST~~MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center></center>| ~~style="border-top:none;border-bottom:0~~Stores the reseller UID the person belongs to.~~002cm solid #000000;border-left:0~~A unique value with 7 digits or more.~~002cm solid #000000;border-right~~For example:~~0.002cm solid #000000;padding:0.097cm;"| Die UID des Kunden (Customer) zu der die Person gehört. Das heisst, die Person ist Mitarbeiter des Kunden~~'''4000000'''.

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~sstBelongsToCustomerUID| ~~sstExternalID~~<center>MUST</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~<center>x</center>| | <center>~~MAY~~</center>| ~~style="border-top:none;border-bottom:0~~Stores the customer UID the person belongs to.~~002cm solid #000000;border-left:0~~A unique value with 7 digits or more.~~002cm solid #000000;border-right~~For example:~~none;padding:0~~'''4000001'''.~~097cm;"~~ |-| sstEmployeeOfUID| <center>MAY</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~<center></center>| Employee of| <center></center>| ~~style="border-top:none;border-bottom:0~~Stores the UID(s) the person is an employee of.~~002cm solid #000000;border-left:0~~The UID(s) can belong to one or more resellers or also to one or more customers.~~002cm solid #000000;border-right:0~~A unique value with 7 digits or more.~~002cm solid #000000;padding~~For example:0'''4000001'''.~~097cm;"~~ |-| sstExternalID| <center>MAY</center>| <center></center>| External ID| <center></center>| The ID (or number) of a customer, person or product in an external database ~~(for~~ . For example: '''234567)'''.

~~Legende zur Mandatory Spalte~~Legend:* x1'''x1''': ~~Entweder~~ Either telephoneNumber ~~oder~~ or mobileTelephoneNumber ~~müssen ausgefüllt sein~~need to be present. Both attributes can exist together.* ('''x)2''': ~~Noch nicht definiert~~Mandatory, ~~ob der Benutzer (User) diese Werte ändern darf~~if the person belongs to customer that has subscribed a [https://wwww.stoney-storage.com/ stoney storage] service.

==== People ~~Roles~~ - Person - Session tokens ====~~This must be documented~~Using session tokens, when the user logs out, the client sends a logout request to the server. ~~TBD~~The session token is then removed from LDAP by the server and the client discards the session token. ~~dn: ...,uid=4000002,ou=people,dc=stoney-cloud,dc=org~~

~~== Reseller ==~~Special cases:~~The sub tree '~~* If the user's password is changed, all session tokens must be removed from LDAP in order to force the user to re-login.* If any attributes are changed which control the user'~~ou=~~s affiliation (reseller,~~dc=stoney-cloud~~company, etc),~~dc=org''' contains~~ all session tokens must be removed from LDAP in order to force the ~~resellers. Each reseller has a unique uid, which is used for later reference~~user to re-login. Specific attributes:** sstBelongsToResellerUID** sstBelongsToCustomerUID** sstEmployeeOfUID** sstEmployeeOfUID

In our case, we store the session tokens in a leaf beneath the person (as these tokens are personal). === ~~Reseller uid (per Reseller) CURRENT~~ == People - Person - Session tokens example =====~~The following LDIF shows you the default reseller~~ Below each person entry ~~after~~ , we have a ~~fresh stoney cloud installation. All relevant data belonging to this reseller is stored below this dn.~~tokens sub tree, which stores the session tokens:<source lang='ldif'> dn: ou=tokens,uid=~~4000000~~4000002,ou=~~reseller~~people,dc=stoney-cloud,dc=org objectclass: top objectclass: ~~sstReseller~~organizationalUnit ~~uid~~ou: ~~4000000~~tokens ~~organizationName~~description: ~~Reseller Ltd~~The sub tree for the session tokens of the person with the uid '4000002'. ~~sstBelongsToResellerUID: 4000000~~ ~~sstIsActive: TRUE~~</source>

The following table describes the different attributes:

{| ~~style~~border="~~border-spacing:0;~~1"| style="border-~~top~~collapse:~~0.002cm solid #000000~~collapse;~~border~~font-~~bottom~~size:~~0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm~~80%;"width="100%" class="wikitable sortable"| '''Attribute'''| ~~style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~'''Objectclass'''| <center>'''Existence'''</center>~~| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>'''Mandatory'''</center>

| style="border:0.002cm solid #000000;padding:0.097cm;"| '''Description'''

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~ou| ~~uid~~organizationalUnit~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| A unique integer value with 7 digits or more. For example: 4000000The sub tree containing all the session tokens.

|-~~| style="border-top~~For example:~~none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| organizationName| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"|~~ <~~center~~code>~~MUST</center>| style="border-top~~ou:~~none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x~~tokens</~~center~~code>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| The organisation name of the reseller. For example: Reseller Ltd..

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~description| ~~sstBelongsToResellerUID~~organizationalUnit~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Stores the reseller UID~~ The description of the leaf ~~belongs to~~. ~~A unique value with 7 digits or more~~As this sub tree is created by the stoney API, ~~must correspond with the uid entry. For example: 4000000~~we don't really need a human readable description.

|-~~| style="border-top~~For example:~~none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstExternalID| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"|~~ <~~center~~code>~~MAY</center>| style="border-top~~description:~~none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"|~~ The ~~ID (or number)~~ sub tree for the session tokens of ~~a customer,~~ the person ~~or product in an external database (for example: 234567).~~ |-~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstIsActive| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0~~with the uid '4000002'.~~097cm;"| <center>MAY~~</~~center~~code>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Is the entry active? Either true (yes) or false (no).

* '''x''': Mandatory in all cases.

~~=== Reseller uid (per Reseller) NEW ===The following LDIF shows you the default reseller~~ Each session token receives its own child-entry ~~after a fresh stoney cloud installation. All relevant data belonging~~ to ~~this reseller is stored~~ store additional meta data, such as the token's create date, last utilisation date, ... In the example below , the session token <code>sstToken: 2e211493-41e6-4c74-9431-b5d990b177a4</code> was created on the 13th of April 2021 at 08:10:27 UTC (<code>sstCreationDate: 20210413T081027Z</code>) and two clients have used this ~~dn.~~token (the first with an IPv4 address, the second with an IPv6 address):<source lang='ldif'> dn: sstToken=2e211493-41e6-4c74-9431-b5d990b177a4,ou=tokens,uid=~~4000000~~4000002,ou=~~reseller~~people,dc=stoney-cloud,dc=org objectclass: top objectclass: ~~sstCustomer~~sstTokenObjectClass ~~objectclass~~sstToken: ~~sstRelationship~~2e211493-41e6-4c74-9431-b5d990b177a4 ~~uid~~description: ~~4000000~~The sub tree for the JSON Web Token with the id '2e211493-41e6-4c74-9431-b5d990b177a4'. ~~organizationName~~sstCreationDate: ~~Reseller Ltd.~~20210413T081027Z ~~sstIsCompany~~sstClient: ~~TRUE~~20210413T081027Z: 194.176.109.13 Mozilla/5.0 (X11; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/85.0 ~~sstIsActive~~sstClient: ~~TRUE~~20210413T132805Z: 2001:0db8:85a3:0000:0000:8a2e:0370:7334 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4456.0 Safari/537.36 Edg/91.0.845.2 ~~sstBelongsToResellerUID~~</source> The API will make sure, that the amount of registered remote IP addresses and requesting User-Agents doesn't exceed a certain configurable limit (for example: ~~4000000~~2). If the limit is exceeded, the session will be invalidated.

The following table describes the different attributes:

{| ~~style~~border="~~border-spacing:0;~~1"| style="border-~~top~~collapse:~~0.002cm solid #000000~~collapse;~~border~~font-~~bottom~~size:~~0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm~~80%;"width="100%" class="wikitable sortable"| '''Attribute'''| ~~style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~'''Objectclass'''| <center>'''Existence'''</center>~~| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>'''Mandatory'''</center>

| style="border:0.002cm solid #000000;padding:0.097cm;"| '''Description'''

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~sstToken| ~~uid~~sstTokenObjectClass~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0~~The sub tree containing all the information of a session (creation date, access date, IPv4 or IPv6 address and the clients user agent).~~002cm solid #000000;border-left:0~~The session token has the form of a UUID (Universally Unique Identifier).~~002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| A unique integer value with 7 digits or more~~. For example: ~~4000000~~<code>sstToken: 2e211493-41e6-4c74-9431-b5d990b177a4</code>.

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~description| ~~organizationName~~sstTokenObjectClass~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center~~>x1</sup~~></center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~| The ~~organisation name~~ description of the ~~reseller~~leaf. As this sub tree is created by the stoney API, we don't really need a human readable description. For example: ~~Customer Ltd.~~<code>description: The sub tree for the JSON Web Token with the id '2e211493-41e6-4c74-9431-b5d990b177a4'.</code>

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~sstCreationDate| ~~givenName~~sstTokenObjectClass~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~MAY~~MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x<~~sup~~/center>1| The session token creation time (UTC) in the form of <~~/sup~~code>[YYYY][MM][DD]T[hh][mm][ss]Z</~~center~~code>~~| style="border-top~~according to the [http:~~none;border-bottom:0~~//en.~~002cm solid #000000;border-left:0~~wikipedia.~~002cm solid #000000;border-right:0~~org/wiki/ISO_8601 ISO 8601] definition.~~002cm solid #000000;padding:0.097cm;"| Givenname,~~ For example: ~~Hans~~<code>sstCreationDate: 20210413T081027Z</code>.

| ~~style="border~~sstClient| sstTokenObjectClass| <center>MUST</center>| <center>x</center>| The multi-~~top~~valued attribute containing client information. This attribute contains the following information:~~none;border-bottom~~* The access time (UTC) in the form of <code>[YYYY][MM][DD]T[hh][mm][ss]Z</code> according to the [http:0//en.~~002cm solid #000000;border-left:0~~wikipedia.~~002cm solid #000000;border-right~~org/wiki/ISO_8601 ISO 8601] definition.* The IPv4 or IPv6 address, from which the client has accessed the stoney API.* The user agent of the client. This information is separated by spaces:~~none;padding~~<code>sstClient:~~0.097cm;~~[YYYY][MM][DD]T[hh][mm][ss]Z"~~| surname| style=~~"~~border~~IPv4 or IPv6" "User-~~top~~Agent"</code>. For example:~~none;border-bottom~~<code>sstClient:020210413T081027Z 194.176.109.13 Mozilla/5.~~002cm solid #000000;border-left:0.002cm solid #~~000000(X11;~~border-right:none~~Linux x86_64;~~padding~~rv:85.0) Gecko/20100101 Firefox/85.~~097cm;"| <center>MAY~~0</~~center~~code>. Please be aware, that the maximal length of a sstClient string is restricted to 256 characters. | ~~style="border-top~~} Legend:~~none;border-bottom~~* '''x''':0Mandatory in all cases.~~002cm solid #000000;border~~ ==== People -~~left~~Person - Roles (LEGACY) ====<source lang='ldif'>dn:~~0.002cm solid #000000;border~~sstRole=Monitoring Administrator,uid=4000002,ou=people,dc=stoney-~~right~~cloud,dc=orgobjectclass:~~none;padding~~topobjectclass: sstRolessstProduct:0~~.097cm;"|~~ sstRole: Monitoring Administrator<~~center~~/source>x <~~sup~~source lang='ldif'>1dn: sstRole=User,uid=4000002,ou=people,dc=stoney-cloud,dc=orgobjectclass: topobjectclass: sstRolessstProduct: 0sstRole: User</~~sup~~source> <~~/center~~source lang='ldif'>~~| style~~dn: sstRole=~~"border~~Virtualization Administrator,uid=4000002,ou=people,dc=stoney-cloud,dc=orgobjectclass: topobjectclass:~~none;border-bottom~~sstRolessstProduct:0sstRole: Virtualization Administrator</source> == Reseller ==The sub tree '''ou=reseller,dc=stoney-cloud,dc=org''' contains all the resellers.~~002cm solid #000000;border~~Each reseller has a unique uid, which is used for later reference. === Reseller -~~left~~Reseller ===The following LDIF shows a typical reseller entry. All relevant data belonging to this reseller is stored below this leaf.<source lang='ldif'>dn:0uid=4000000,ou=reseller,dc=stoney-cloud,dc=orgobjectclass: topobjectclass: sstReselleruid: 4000000organizationName: Reseller Ltd.~~002cm solid #000000;~~sstIsCompany: TRUEsstIsActive: TRUEsstBelongsToResellerUID: 4000000</source> The following table describes the different attributes:{| border="1" style="border-~~right~~collapse:~~0.002cm solid #000000~~collapse;~~padding~~font-size:~~0.097cm~~80%;"width="100%" class="wikitable sortable"| ~~Surname, example: Muster.~~'''Attribute'''| <center>'''Existence'''</center>| <center>'''Mandatory'''</center>| '''Description'''

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| description~~uid~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~MAY~~MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0~~A unique integer value with 7 digits or more.~~002cm solid #000000;border-left~~For example:~~0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| The description of the leaf~~4000000.

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstIsCompany~~organizationName~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~MUST~~MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0~~The organisation name of the reseller.~~002cm solid #000000;border-left~~For example:0'''Reseller Ltd.~~002cm solid #000000;border-right:0~~'''.~~002cm solid #000000;padding:0.097cm;"| Is the entry~~ A reseller must be a company~~? Either true~~ (~~yes) or false (no~~<code>sstIsCompany: TRUE</code>).

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstIsActive~~description~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Is~~ The description of the ~~entry active? Either true (yes) or false (no)~~leaf.

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstExternalID~~sstIsCompany~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~MAY~~MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| The ID~~ Is the entry a company? Either true (~~or number~~yes) ~~of a customer, person~~ or ~~product in an external database~~ false (~~for example: 234567~~no).

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~sstIsActive| ~~sstBelongsToResellerUID~~<center>MAY</center>| ~~style="border-top:none;border-bottom:0~~<center>x</center>| Is the entry active? Either true (yes) or false (no).~~002cm solid #000000;border~~ |-~~left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| sstExternalID| <center>~~MUST~~MAY</center>| ~~style="border-top~~<center></center>| The ID (or number) of a customer, person or product in an external database (for example:~~none;border-bottom:0~~234567).~~002cm solid #000000;border~~ |-~~left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| sstBelongsToResellerUID| <center>xMUST</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~<center>x</center>| Stores the reseller UID the leaf belongs to. A unique value with 7 digits or more. For example: 4000000.

Legend:

* '''x''': Mandatory in all cases.

* '''x1''': If <code>sstIsCompany</code> is set to <code>TRUE</code>, the <code>organizationName</code> must be set. Otherwise <code>givenName</code> and <code>surname</code> must be set.

==== Reseller - Reseller - Billing ~~Address CURRENT~~ address ====

The sub tree '''ou=address,uid=4000000,ou=reseller,dc=stoney-cloud,dc=org''' contains the billing address:

<source lang='ldif'>dn: ou=address,uid=4000000,ou=reseller,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit objectclass: ~~sstAddressCompany~~sstAddress ou: address organizationName: Reseller Ltd. sstGender: m givenName: Name surname: Surname postalAddress: Street Number countryName: CH postalCode: Postal Code localityName: Locality preferredLanguage: en-GB mail: Name Surname <name.surname@example.com>sstMailCc: Info Reseller Ltd. <info@example.com>sstMailBcc: Accounting Service Provider Ltd. <accounting@example.org> telephoneNumber: +41 00 000 00 00 mobileTelephoneNumber: +41 00 000 00 00 sstWebsiteURL: https://www.example.com/</source>

The following table describes the different attributes:

{| ~~style~~border="~~border-spacing:0;~~1"| style="border-~~top~~collapse:~~0.002cm solid #000000~~collapse;~~border~~font-~~bottom~~size:~~0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm~~80%;"width="100%" class="wikitable sortable"| '''AttributeName'''~~| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>'''Existence'''</center>~~| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>'''Mandatory'''</center>| ~~style="border:0.002cm solid #000000;padding:0.097cm;"~~'''Interface Equivalent'''| '''Description'''

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| organizationName~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~MUST~~MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x1</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~Reseller Name| ~~Company~~ Reseller name, for example: '''stepping stone GmbH'''.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| givenName~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~Name| ~~Givenname~~Name, for example: '''Hans'''.

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| surname~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~Surname| Surname, for example: '''Muster'''.

* de-CH

* de-DE

* en-GB

* en-US

* fr-CH

* fr-FR

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| mail~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style=~~Mail Address| The resellers "~~border-top~~To:~~none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;~~"~~| E-~~billing mail address ~~of the user~~, for example: '''Hans Muster <hans.muster@example.com>'''. This is a multi-valued attribute and it MUST contain at least one "To:" billing mail address.

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| telephoneNumber~~sstMailCc~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x1</center>| ~~style=~~Mail Address| The resellers "~~border-top~~CC:~~none;border-bottom~~" billing mail address, for example:0'''Info Reseller Ltd.~~002cm solid #000000;border-left:0~~<info@example.com>'''.~~002cm solid #000000;border~~This is a multi-~~right~~valued attribute and can contain zero or more "CC:~~0.002cm solid #000000;padding:0.097cm;~~"~~| Fixnet phone number, example: +41 31 222 33 44~~billing mail addresses.

Legend:

==== Reseller ~~Billing Address NEW~~ - Reseller - Shipping address (optional) ====The sub tree '''ou=~~address~~shipping,uid=4000000,ou=reseller,dc=stoney-cloud,dc=org''' contains the ~~billing~~ shipping address and is optional (it is only needed, if the shipping address:differs from the billing Address).<source lang='ldif'> dn: ou=~~address~~shipping,uid=4000000,ou=reseller,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit objectclass: sstAddress ou: ~~address~~shipping organizationName: Reseller Ltd. sstGender: m givenName: Name surname: Surname postalAddress: Street Number countryName: CH postalCode: Postal Code localityName: Locality preferredLanguage: en-GB mail: name.surname@example.com telephoneNumber: +41 00 000 00 00 mobileTelephoneNumber: +41 00 000 00 00 sstWebsiteURL: https://www.example.com/</source>

~~The following table describes the different attributes:{| style~~=~~"border-spacing:0;"| style~~=~~"border~~== Reseller -~~top:0.002cm solid #000000;border~~Reseller -~~bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"|~~ Billing ====The sub tree '''~~Attribute~~ou=billing,uid=4000000,ou=reseller,dc=stoney-cloud,dc=org'''~~| style="border-top:0~~contains billing relevant data.~~002cm solid #000000;border-bottom:0~~The following example shows a reseller, receiving a monthly bill.~~002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"|~~ <~~center>~~source lang='ldif'~~'Existence'''</center~~>~~| style~~dn: ou=billing,uid=4000000,ou=reseller,dc=~~"border~~stoney-cloud,dc=orgobjectclass: topobjectclass:~~0.002cm solid #000000;border-bottom~~organizationalUnitobjectclass:~~0.002cm solid #000000;border-left~~sstBillingResellerou:~~0.002cm solid #000000;border-right~~billingsstResellerBill:~~none;padding~~TRUEsstBillable:~~0.097cm;"| <center>'''Mandatory'''~~TRUEsstBillingCycle: 1sstCurrency: CHFsstPaymentMethod: invoicesstDeliveryMethod: postsstDiscount: 32sstCancellationDate: 20181231sstMailToUID: 4000002sstMailCcUID: 4000064sstMailBccUID: 4000066sstMailBccUID: 4000069</~~center~~source>~~| style="border:0.002cm solid #000000;padding:0.097cm;"| '''Description'''~~

|-~~| style="border-top~~The following example shows a reseller, where their customers receive a bill directly:~~none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| organizationName| style~~<source lang=~~"border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center~~'ldif'>~~| style~~dn: ou=~~"border~~billing,uid=4000000,ou=reseller,o=stepping-stone,c=chobjectclass: topobjectclass:~~none;border-bottom~~organizationalUnitobjectclass:~~0.002cm solid #000000;border-left~~sstBillingResellerou:~~0.002cm solid #000000;border-right~~billingsstResellerBill:~~none;padding~~FALSE sstBillable:~~0.097cm;"| <center>x~~TRUE</~~center~~source>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Company name, example: stepping stone GmbH~~

|-The following table describes the different attributes:{| ~~style~~border="~~border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;~~1"~~| sstGender~~| style="border-~~top~~collapse:~~none~~collapse;~~border~~font-~~bottom~~size:~~0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm~~80%;"width="100%" class="wikitable sortable"| '''Attribute'''| <center>~~MUST~~'''Existence'''</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x'''Mandatory'''</center>| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Either~~ 'm' ~~for male or~~ 'fDescription''' ~~for female.~~

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| givenName~~sstResellerBill~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0~~Should the the reseller receive a consolidated invoice for all their customers? This can be either <code>TRUE</code> or <code>FALSE</code>.~~002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Givenname~~The default value is <code>TRUE</code>, ~~example: Hans~~meaning that the resellers receives a consolidated invoice for all their customers.

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| surname~~sstBillable~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~MUST~~MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x2</center>| ~~style="border-top~~All hierarchical levels must have <code>sstBillable:~~none;border-bottom:0~~TRUE</code> to actually have an invoice generated and sent.~~002cm solid #000000;border-left:0~~If the attribute <code>sstBillable</code> doesn't exist, the default is <code>TRUE</code>.~~002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Surname~~This way, we are forced to set a reseller, ~~example~~customer or product manually to <code>sstBillable: ~~Muster~~FALSE</code> if we want to avoid sending them an invoice.

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| postalAddress~~sstBillingCycle~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x2</center>| ~~style="border-top~~Billing cycle in months. This attribute <code>sstBillingCycle</code> is only checked (evaluated), if the reseller has <code>sstResellerBill</code> set to <code>TRUE</code> (as is the case for the resellers except for stepping stone GmbH). Possible values:~~none;border-bottom~~* 1:0Monthly invoice (this is the default billing period if no <code>sstBillingCycle</code> is set).~~002cm solid #000000;border-left~~* 3:0Quarterly invoice.~~002cm solid #000000;border~~* 6: Semi-~~right:0~~annually invoice.~~002cm solid #000000;padding~~* 12:~~0.097cm;"| Street Number, example: Neufeldstrasse 9. Multi-lined field~~Yearly invoice.

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| postOfficeBox~~sstCurrency~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x2</center>| ~~style="border~~Three-~~top~~letter currency code according to [https:~~none;border-bottom:0~~//en.~~002cm solid #000000;border-left:0~~wikipedia.~~002cm solid #000000;border-right:0~~org/wiki/ISO_4217 ISO 4217].~~002cm solid #000000;padding~~Possible values are:0* '''CHF''': Swiss franc (this is the default currency if no <code>sstCurrency</code> is set).~~097cm;"| Postbox, example~~* EUR: ~~3456.~~Euro* GBP: Pound sterling* USD: United States dollar

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| stateOrProvinceName~~sstPaymentMethod~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x3</center>| ~~style="border-top:none;border-bottom:0~~Payment method of the invoice.~~002cm solid #000000;border-left~~Possible values are:~~0.002cm solid #000000;border-right~~* '''invoice''':~~0.002cm solid #000000;padding:0.097cm;"| This pulldown menu is only active (appears~~ Classic invoice, sent according to the ~~user),~~ delivery method defined in <code>sstDeliveryMethod</code> (this is the default payment method if ~~the country~~ no <code>sstPaymentMethod</code> is set ~~to Canada or the USA~~).* postcard: Electronic invoice via PostFinance.* creditcard: Credit card payment.

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| countryName~~sstDeliveryMethod~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~MUST~~MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0~~Delivery method of invoices or access data.~~002cm solid #000000;border-left~~Possible values are:~~0.002cm solid #000000;border-right~~* email:0The invoice or access data is sent via email to the recipient.~~002cm solid #000000;padding~~* '''post''':~~0.097cm;"| Country code according~~ The invoice or access data is sent via snail mail to ~~ISO 3166-1~~ the recipient (~~for~~ this is the ~~web interface) and the corresponding ISO 3166-1-alpha-2~~ default delivery method if no <code ~~(as the LDAP entry~~>sstDeliveryMethod</code> is set)~~. Example: For Switzerland the value is CH~~.

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| postalCode~~sstDiscount~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~MUST~~MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:~~An optional customer discount (an integer value between 0and 100).~~002cm solid #000000;border-left:~~Default is '''0'''.~~002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Zipcode, example: 3012~~

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| localityName~~sstCancellationDate~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~MUST~~MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0~~The cancellation date of a reseller, customer or service in the form of [YYYY][MM][DD] (ISO 8601).~~002cm solid #000000;border-left~~For example:0'''20181231'''.~~002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| City, example: Bern~~The attribute <code>sstCancellationDate</code> is used in a logical AND combination with <code>sstIsActive</code>.

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| preferredLanguage~~sstMailToUID~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~MUST~~MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x1</center>| ~~style="border-top:none;border-bottom:0~~This attribute <code>sstMailToUID</code> is only checked (evaluated), if the delivery method <code>sstDeliveryMethod</code> is set to <code>email</code>.~~002cm solid #000000;border~~Even though this attribute is multi-~~left:0~~valued, we expect on recipient only.~~002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Display language~~ Stores the UID (Unique Identifier in the form integer value with 7 digits) of the ~~user according~~ person an email is sent to ~~RFC 1766~~via To. This UID is used to look up the persons mail address, preferred language, name, surname or other information in the sub tree ou=people, dc=stoney-cloud,dc=org. For example: ~~de-CH~~'''4000002'''. ~~Currently supported:~~* de-CH* en-GB

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| mail~~sstMailCcUID~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>~~MUST~~MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>| ~~style="border-top:none;border-bottom:0~~This attribute <code>sstMailCcUID</code> is only checked (evaluated), if the delivery method <code>sstDeliveryMethod</code> is set to <code>email</code>.~~002cm solid #000000;border~~Please be aware, that this attribure ist multi-~~left:0~~valued and multiple recipients are to be expected.~~002cm solid #000000;border-right:0~~Stores the UID (Unique Identifier in the form integer value with 7 digits) of the person an email is sent to via CC.~~002cm solid #000000;padding:0.097cm;"| E-~~This UID is used to look up the persons mail address of , preferred language, name, surname or other information in the ~~user~~sub tree ou=people, ~~example: hans~~dc=stoney-cloud,dc=org.~~muster@~~For example~~.com~~: '''4000064'''.

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| telephoneNumber~~sstMailBccUID~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MAY</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x1</center>| ~~style="border-top:none;border-bottom:0~~This attribute <code>sstMailBccUID</code> is only checked (evaluated), if the delivery method <code>sstDeliveryMethod</code> is set to <code>email</code>.~~002cm solid #000000;border~~Please be aware, that this attribure ist multi-~~left:0~~valued and multiple recipients are to be expected.~~002cm solid #000000;border~~Stores the UID (Unique Identifier in the form integer value with 7 digits) of the person an email is sent to via BCC. This UID is used to look up the persons mail address, preferred language, name, surname or other information in the sub tree ou=people,dc=stoney-~~right:0~~cloud,dc=org.~~002cm solid #000000;padding:0.097cm;"| Fixnet phone number,~~ For example: ~~+41 31 222 33 44~~'''4000066''' or '''4000069'''.

|-~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| mobileTelephoneNumber| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAY</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x1</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Mobile phone number, example: +41 76 222 33 44.~~}

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstWebsiteURL~~

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAY</center>~~

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"|~~

| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| URL gemäss RFC-3986 http://tools.ietf.org/html/rfc3986. For example http://www.stepping-stone.ch/.

Legend:

* '''x''': Mandatory in all cases.

* '''x1''': The attribute <code>sstMailToUID</code> is mandatory, if the delivery method <code>sstDeliveryMethod</code> is set to <code>email</code>.

* '''x2''': As the default of the attribute <code>sstBillable</code> is <code>TRUE</code>, it's not really mandatory. For better readability, please always add the attribute <code>sstBillable</code>.

* ==== Reseller - Reseller - Customers ====The sub tree '''x1ou=customers,uid=4000000,ou=reseller,dc=stoney-cloud,dc=org'''~~: Either telephoneNumber or mobileTelephoneNumber need~~ contains the customers belonging to ~~be present. Both attributes can exist together.~~* the reseller '''x2Reseller Ltd.'''(all the customers with the the attribute sstBelongsToResellerUID=4000000). With the attribute labeledURI we use the functionality of the [http: ~~Either postalAddress or postOfficeBox need to be present~~//www. ~~Both attributes can exist together~~openldap.org/doc/admin24/overlays.html#Dynamic%20Lists dynamic lists overlay] to automatically give us a list of customers belonging to this reseller.* '''x3'<source lang='ldif'>dn: ~~If the countryName is either Canada or the USA~~ou=customers, ~~the stateOrProvinceName needs to be present.~~uid=4000000,ou=reseller,dc=stoney-cloud,dc=orgobjectclass: topobjectclass: organizationalUnitobjectclass: labeledURIObjectou: customerslabeledURI: ldap:///ou=customers,dc=stoney-cloud,dc=org??one?(sstBelongsToResellerUID=4000000)member: uid=4000001,ou=customers,dc=stoney-cloud,dc=org</source>

~~==== Reseller Shipping Address (optional) ====The sub tree '''ou=shipping~~In this example,~~uid=4000000,ou=~~the reseller~~,dc=stoney-cloud,dc=org~~''' ~~contains the shipping address and is optional (it is only needed, if the shipping address differs from the billing Address).~~ ~~dn: ou=shipping,uid=4000000,ou=reseller,dc=stoney-cloud,dc=org~~ ~~objectclass: top~~ ~~objectclass: organizationalUnit~~ ~~objectclass: sstAddress~~ ~~ou: shipping~~ ~~organizationName:~~ Reseller Ltd. ~~sstGender: m~~ ~~givenName: Name~~ ~~surname: Surname~~ ~~postalAddress: Street Number~~ ~~countryName: CH~~ ~~postalCode: Postal Code~~ ~~localityName: Locality~~ ~~preferredLanguage: en-GB~~ ~~mail: name.surname@example.com~~ ~~telephoneNumber: +41 00 000 00 00~~ ~~mobileTelephoneNumber: +41 00 000 00 00~~ ~~sstWebsiteURL: https://www.example.com/~~ ~~==== Reseller Billing ====The sub tree~~ '''~~ou=billing,~~has one customer (with the uid=~~4000000,ou=reseller,dc=stoney-cloud,dc=org''' contains billing relevant data:~~ ~~dn: ou=billing,uid=4000000,ou=reseller,dc=stoney-cloud,dc=org~~ ~~objectclass: top~~ ~~objectclass: organizationalUnit~~ ~~objectclass: sstBillingReseller~~ ~~ou: billing~~ ~~sstResellerBill: TRUE~~ ~~This entry need to be described in detail. TBD~~4000001).

The following table describes the different attributes:

| style="border:0.002cm solid #000000;padding:0.097cm;"| '''Description'''

~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| attribure~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>MUST</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~| <center>x</center>~~| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"~~| TBD.

* '''x''': Mandatory in all cases.

==== Reseller ~~Customers~~ - Reseller - Employees ====The sub tree '''ou=~~customers~~employees,uid=4000000,ou=reseller,dc=stoney-cloud,dc=org''' contains the ~~customers~~ employees belonging to the reseller '''Reseller Ltd.''' (all the ~~customers~~ employees with the the attribute ~~sstBelongsToResellerUID~~sstBelongsToEmployeeUID=4000000). With the attribute labeledURI we use the functionality of the [http://www.openldap.org/doc/admin24/overlays.html#Dynamic%20Lists dynamic lists overlay] to automatically give us a list of ~~customers~~ employees belonging to this reseller.The number of employees is always the same or smaller than the number of people belonging to a reseller (they are a subset).<source lang='ldif'>dn: ou=employees,uid=4000000,ou=reseller,dc=stoney-cloud,dc=orgobjectclass: topobjectclass: organizationalUnitobjectclass: labeledURIObjectou: employeeslabeledURI: ldap:///ou=people,dc=stoney-cloud,dc=org??one?(sstEmployeeOfUID=4000000)member: uid=4000002,ou=people,dc=stoney-cloud,dc=org</source>

~~dn: ou=customers,uid=4000000,ou=reseller,dc=stoney-cloud,dc=org~~ ~~objectclass: top~~ ~~objectclass: organizationalUnit~~ ~~objectclass: labeledURIObject~~ ~~ou: customers~~ ~~labeledURI: ldap:///ou=customers,dc=stoney-cloud,dc=org??one?(sstBelongsToResellerUID=4000000)~~ ~~member: uid=4000001,ou=customers,dc=stoney-cloud,dc=org~~ In this example, the reseller '''Reseller Ltd.''' has one ~~customer~~ employee (with the uid=~~4000001~~4000002).

The following table describes the different attributes:

| style="border:0.002cm solid #000000;padding:0.097cm;"| '''Description'''

* '''x''': Mandatory in all cases.

==== Reseller ~~Employees~~ - Reseller - People ====The sub tree '''ou=~~employees~~people,uid=4000000,ou=reseller,dc=stoney-cloud,dc=org''' contains the ~~employees~~ all the people belonging to the reseller '''Reseller Ltd.''' (all the people, including the employees , with the the attribute ~~sstBelongsToEmployeeUID~~sstBelongsToResellerUID=4000000). With the attribute labeledURI we use the functionality of the [http://www.openldap.org/doc/admin24/overlays.html#Dynamic%20Lists dynamic lists overlay] to automatically give us a list of employees belonging to this reseller. The number of ~~employees~~ people is always the same or ~~smaller~~ larger than the number of ~~people~~ employees belonging to a reseller ~~(they are a subset)~~.

<source lang='ldif'>dn: ou=~~employees~~people,uid=4000000,ou=reseller,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit objectclass: labeledURIObject ou: employees labeledURI: ldap:///ou=people,dc=stoney-cloud,dc=org??one?(~~sstEmployeeOfUID~~sstBelongsToResellerUID=4000000) member: uid=4000002,ou=people,dc=stoney-cloud,dc=orgmember: uid=4000064,ou=people,dc=stoney-cloud,dc=orgmember: uid=4000066,ou=people,dc=stoney-cloud,dc=orgmember: uid=4000069,ou=people,dc=stoney-cloud,dc=org</source>

In this example, four people the reseller '''Reseller Ltd.''' ~~has one employee~~ (including the employee with the uid=4000002).

The following table describes the different attributes:

| style="border:0.002cm solid #000000;padding:0.097cm;"| '''Description'''

* '''x''': Mandatory in all cases.

==== Reseller ~~People =~~- Reseller (LEGACY) ===The ~~sub tree '''ou=people,uid=4000000,ou=~~following LDIF shows you the default reseller~~,dc=~~entry after a fresh stoney-cloud~~,dc=org''' contains the all the people belonging to the reseller '''Reseller Ltd~~installation.''' (all the people, including the employees, with the the attribute sstBelongsToResellerUID=4000000). With the attribute labeledURI we use the functionality of the [http://www.openldap.org/doc/admin24/overlays.html#Dynamic%20Lists dynamic lists overlay] to automatically give us a list of employees All relevant data belonging to this reseller~~. The number of people~~ is ~~always the same or larger than the number of employees belonging to a reseller~~stored below this leaf.<source lang='ldif'> dn: ~~ou=people,~~uid=4000000,ou=reseller,dc=stoney-cloud,dc=org objectclass: top objectclass: ~~organizationalUnit~~sstReseller ~~objectclass~~uid: ~~labeledURIObject~~4000000 ouorganizationName: ~~employees~~Reseller Ltd. ~~labeledURI~~sstBelongsToResellerUID: ~~ldap:///ou=people,dc=stoney-cloud,dc=org??one?(sstBelongsToResellerUID=~~4000000) ~~member~~sstIsActive: ~~uid=4000002,ou=people,dc=stoney-cloud,dc=org~~TRUE ~~member: uid=4000064,ou=people,dc=stoney-cloud,dc=org~~ ~~member: uid=4000066,ou=people,dc=stoney-cloud,dc=org~~ ~~member: uid=4000069,ou=people,dc=stoney-cloud,dc=org~~ ~~In this example, four people the reseller '''Reseller Ltd.''' (including the employee with the uid=4000002).~~</source>

The following table describes the different attributes:

| style="border:0.002cm solid #000000;padding:0.097cm;"| '''Description'''

| ~~style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"~~uid| ~~attribure~~<center>MUST</center>| ~~style="border-top:none;border-bottom:0~~<center>x</center>| A unique integer value with 7 digits or more.~~002cm solid #000000;border-left~~For example:04000000.~~002cm solid #000000;border~~ |-~~right:none;padding:0.097cm;"~~| organizationName| <center>MUST</center>| ~~style="border-top:none;border-bottom:0~~<center>x</center>| The organisation name of the reseller.~~002cm solid #000000;border-left~~For example:0Reseller Ltd.~~002cm solid #000000;border-right:none;padding:0~~.~~097cm;"~~ |-| sstBelongsToResellerUID| <center>MAY</center>| <center>x</center>| ~~style="border-top:none;border-bottom:0~~Stores the reseller UID the leaf belongs to.~~002cm solid #000000;border-left~~A unique value with 7 digits or more, must correspond with the uid entry. For example:04000000.~~002cm solid #000000;border~~ |-~~right~~| sstExternalID| <center>MAY</center>| <center></center>| The ID (or number) of a customer, person or product in an external database (for example:0234567).~~002cm solid #000000;padding:0.097cm;"~~ | ~~TBD~~-| sstIsActive| <center>MAY</center>| <center>x</center>| Is the entry active? Either true (yes) or false (no).

* '''x''': Mandatory in all cases.

== ~~Services~~ == Reseller - Reseller - Billing address (LEGACY) ====The sub tree '''ou=~~services~~address,uid=4000000,ou=reseller,dc=stoney-cloud,dc=org''' contains ~~all~~ the ~~stoney cloud services like backup or mail.~~billing address:<source lang='ldif'> dn: ou=~~services~~address,uid=4000000,ou=reseller,dc=~~stone~~stoney-cloud,dc=org objectclass: topobjectclass: organizationalUnit objectclass: ~~top~~sstAddressCompany ou: ~~services~~addressorganizationName: Reseller Ltd.sstGender: mgivenName: Namesurname: SurnamepostalAddress: Street NumbercountryName: CHpostalCode: Postal CodelocalityName: LocalitypreferredLanguage: en-GBmail: name.surname@example.comtelephoneNumber: +41 00 000 00 00mobileTelephoneNumber: +41 00 000 00 00sstWebsiteURL: https://www.example.com/</source>

The ~~actual services are described in the~~ following ~~chapters~~table describes the different attributes:{| border="1" style="border-collapse: collapse; font-size:80%;" width="100%" class="wikitable sortable"| '''Attribute'''| <center>'''Existence'''</center>| <center>'''Mandatory'''</center>| style="border:0.002cm solid #000000;padding:0.097cm;"| '''Description'''

~~=== Backup ===~~|-~~The (Online) Backup service consists of two areas:~~| organizationName* '''Server''': The actual backup space with some extra functionality like informing the user when the backup space runs full or if a back was not executed at the planned time.| <center>MUST</center>* '''Client''': The backup client (for | <center>x</center>| Company name, example ~~[http~~:~~//www.sepiola.org/en/ Sepiola]), which is responsible to regularly copy the local data to the backup server.~~stepping stone GmbH

On the back server the data copied to the backup space ist compared each day to the previous day's backup. If there are any changes found, a copy of the data will be made (a snapshot taken). Thus the user has access to 7 daily, 4 weekly and 3 monthly backups. During each snapshot, only the modified data is copied |- ~~thereby making optimal use of the available disk space~~| sstGender| <center>MUST</center>| <center>x</center>| Either 'm' for male or 'f' for female.

|-| givenName| <center>MUST</center>| <center>x</center>| Givenname, example: Hans. |-| surname| <center>MUST</center>| <center>x</center>| Surname, example: Muster. |-| postalAddress| <center>MAY</center>| <center>x2</center>| Street Number, example: Neufeldstrasse 9. Multi-lined field. |-| postOfficeBox| <center>MAY</center>| <center>x2</center>| Postbox, example: 3456. |-| stateOrProvinceName| <center>MAY</center>| <center>x3</center>| This ~~OpenLDAP related section of~~ pulldown menu is only active (appears to the ~~Backup service~~ user), if the country is ~~described on~~ set to Canada or the ~~[[Backup~~ USA. |-| countryName| <center>MUST</center>| <center>x</center>| Country code according to ISO 3166-1 (~~OpenLDAP~~for the web interface)~~]] page~~and the corresponding ISO 3166-1-alpha-2 code (as the LDAP entry). Example: For Switzerland the value is CH. |-| postalCode| <center>MUST</center>| <center>x</center>| Zipcode, example: 3012 |-| localityName| <center>MUST</center>| <center>x</center>| City, example: Bern. |-| preferredLanguage| <center>MUST</center>| <center>x</center>| Display language of the user according to RFC 1766, example: de-CH. Currently supported:* de-CH* en-GB |-| mail| <center>MUST</center>| <center>x</center>| E-mail address of the user, example: hans.muster@example.com. |-| telephoneNumber| <center>MAY</center>| <center>x1</center>| Fixnet phone number, example: +41 31 222 33 44. |-| mobileTelephoneNumber| <center>MAY</center>| <center>x1</center>| Mobile phone number, example: +41 76 222 33 44. |-| sstWebsiteURL| <center>MAY</center>| | URL gemäss RFC-3986 http://tools.ietf.org/html/rfc3986. For example http://www.stepping-stone.ch/. |}Legend: * '''x1''': Either telephoneNumber or mobileTelephoneNumber need to be present. Both attributes can exist together.* '''x2''': Either postalAddress or postOfficeBox need to be present. Both attributes can exist together.* '''x3''': If the countryName is either Canada or the USA, the stateOrProvinceName needs to be present.

[[Category:stoney core]][[Category:OpenLDAP directory]]

Administrator

Bureaucrat, administrator

edits