Changes

stoney core: OpenLDAP directory data organisation

42,874 bytes added, 12:54, 24 July 2013
= Abstract =
This document describes the OpenLDAP directory data organisation for the [[Main_Page | stoney cloud]]. This directory is the only database for all the services, which are manageable through the web interface of the stoney cloud.
 
Some titles have numbers in brackets. These numbers reflect the stoney cloud version, in which these entries have been added or modified.
 
= Introduction =
All Service-, User- and Billing-Data ist stored in the [http://www.openldap.org/ OpenLDAP] directory. The directory runs in Multi-Master Mirror-Mode for high availability.
 
= Data Organisation =
The following chapters explain the data organisation of the stoney cloud OpenLDAP directory.
 
== root ==
The following LDIF shows the '''root''' entry of the whole OpenLDAP directory tree for the stoney cloud:
dn: dc=stoney-cloud,dc=org
objectclass: top
objectclass: dcObject
objectclass: organization
dc: stoney-cloud
o: stoney-cloud
 
The following LDIF shows the root of the whole OpenLDAP directory tree for the stoney cloud modified for the company stepping stone GmbH in Switzerland:
dn: o=stepping-stone,c=ch
objectclass: top
objectclass: organization
o: stepping-stone
 
The entry '''c=ch''' stands for the country code of Switzerland while '''o=stepping-stone''' stands for the the organisation stepping-stone. The entry stepping-stone is in the process of being reserved at the [http://www.bakom.admin.ch/index.html?lang=en Federal Office of Communications]. With the reservation of the name, all the directory entries will be unique over the whole world.
 
The '''root''' entry can be chosen during the installation process of the stoney cloud. If you decide to use the default entry, you'll end up with '''dc=stoney-cloud,dc=org'''.
 
== Administration ==
 
== Configuration ==
 
== Customers ==
The sub tree '''ou=customers,dc=stoney-cloud,dc=org''' contains all the customers. Each customer has a unique uid, which is used for later reference.
 
=== Customers uid (per customer) ===
We have two kinds of customers:
* '''Company customer''': This is the normal case, as we target companies.
* '''Private customer''': A private customer does not have a company/organisation name.
 
The following LDIF examples will show both cases where necessary. The first LDIF shows you the default '''company customer''' entry after a fresh stoney cloud installation. All relevant data belonging to this reseller is stored below this dn.
dn: uid=4000001,ou=customers,dc=stoney-cloud,dc=org
objectclass: top
objectclass: sstCustomerCompany
uid: 4000001
organizationName: Customer Ltd.
sstBelongsToResellerUID: 4000000
sstBelongsToCustomerUID: 4000001
sstIsActive: TRUE
 
The following table describes the different attributes:
{| style="border-spacing:0;"
| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| '''Attribute'''
| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>'''Existence'''</center>
| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>'''Mandatory'''</center>
| style="border:0.002cm solid #000000;padding:0.097cm;"| '''Description'''
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| uid
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| A unique integer value with 7 digits or more. For example: 4000000.
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| organizationName
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| The organisation name of the reseller. For example: Customer Ltd..
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstBelongsToResellerUID
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Stores the reseller UID the leaf belongs to. A unique value with 7 digits or more. For example: 4000000.
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstBelongsToCustomerUID
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAY</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Stores the customer UID the leaf belongs to. A unique value with 7 digits or more, must correspond with the uid entry. For example: 4000001.
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstIsActive
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAY</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Is the entry active? Either yes (TRUE) or no (FALSE).
 
|}
 
Legend:
* '''x''': Mandatory in all cases.
 
The following LDIF shows you the '''private customer''' entry. All relevant data belonging to this reseller are stored below this dn.
dn: uid=4000001,ou=customers,dc=stoney-cloud,dc=org
objectclass: top
objectclass: sstCustomerPerson
uid: 4000001
givenName: Name
surname: Surname
sstBelongsToResellerUID: 4000000
sstBelongsToCustomerUID: 4000001
sstIsActive: TRUE
 
The following table describes the different attributes:
{| style="border-spacing:0;"
| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| '''Attribute'''
| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>'''Existence'''</center>
| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>'''Mandatory'''</center>
| style="border:0.002cm solid #000000;padding:0.097cm;"| '''Description'''
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| uid
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| A unique integer value with 7 digits or more. For example: 4000000.
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| givenName
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Givenname, example: Hans.
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| surname
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Surname, example: Muster.
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstBelongsToResellerUID
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Stores the reseller UID the leaf belongs to. A unique value with 7 digits or more, must correspond with the uid entry. For example: 4000000.
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstBelongsToCustomerUID
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAY</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Stores the customer UID the leaf belongs to. A unique value with 7 digits or more, must correspond with the uid entry. For example: 4000001.
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstIsActive
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAY</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Is the entry active? Either yes (TRUE) or no (FALSE).
 
|}
 
Legend:
* '''x''': Mandatory in all cases.
 
==== Customers Billing Address ====
The sub tree '''ou=address,uid=4000001,ou=customers,dc=stoney-cloud,dc=org''' contains the billing address for a '''company customer''':
dn: ou=address,uid=4000001,ou=customers,dc=stoney-cloud,dc=org
objectclass: top
objectclass: organizationalUnit
objectclass: sstAddressCompany
ou: address
organizationName: Reseller Ltd.
sstGender: m
givenName: Name
surname: Surname
postalAddress: Street Number
countryName: CH
postalCode: Postal Code
localityName: Locality
preferredLanguage: en-GB
mail: name.surname@example.com
telephoneNumber: +41 00 000 00 00
mobileTelephoneNumber: +41 00 000 00 00
sstWebsiteURL: https://www.example.com/
 
The following table describes the different attributes:
{| style="border-spacing:0;"
| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| '''Attribute'''
| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>'''Existence'''</center>
| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>'''Mandatory'''</center>
| style="border:0.002cm solid #000000;padding:0.097cm;"| '''Description'''
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| organizationName
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Company name, example: stepping stone GmbH
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstGender
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Either 'm' for male or 'f' for female.
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| givenName
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Givenname, example: Hans.
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| surname
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Surname, example: Muster.
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| postalAddress
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAY</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x2</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Street Number, example: Neufeldstrasse 9. Multi-lined field.
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| postOfficeBox
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAY</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x2</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Postbox, example: 3456.
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| stateOrProvinceName
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAY</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x3</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| This pulldown menu is only active (appears to the user), if the country is set to Canada or the USA.
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| countryName
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Country code according to ISO 3166-1 (for the web interface) and the corresponding ISO 3166-1-alpha-2 code (as the LDAP entry). Example: For Switzerland the value is CH.
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| postalCode
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Zipcode, example: 3012
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| localityName
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| City, example: Bern.
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| preferredLanguage
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Display language of the user according to RFC 1766, example: de-CH. Currently supported:
* de-CH
* en-GB
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| mail
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| E-mail address of the user, example: hans.muster@example.com.
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| telephoneNumber
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAY</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x1</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Fixnet phone number, example: +41 31 222 33 44.
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| mobileTelephoneNumber
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAY</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x1</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Mobile phone number, example: +41 76 222 33 44.
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstWebsiteURL
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAY</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"|
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| URL gemäss RFC-3986 http://tools.ietf.org/html/rfc3986. For example http://www.stepping-stone.ch/.
 
|}
Legend:
 
* '''x1''': Either telephoneNumber or mobileTelephoneNumber need to be present. Both attributes can exist together.
* '''x2''': Either postalAddress or postOfficeBox need to be present. Both attributes can exist together.
* '''x3''': If the countryName is either Canada or the USA, the stateOrProvinceName needs to be present.
 
The sub tree '''ou=address,uid=4000001,ou=customers,dc=stoney-cloud,dc=org''' contains the billing address for a '''private customer''':
dn: ou=address,uid=4000001,ou=customers,dc=stoney-cloud,dc=org
objectclass: top
objectclass: organizationalUnit
objectclass: sstAddressPerson
ou: address
sstGender: m
givenName: Name
surname: Surname
postalAddress: Street Number
countryName: CH
postalCode: Postal Code
localityName: Locality
preferredLanguage: en-GB
mail: name.surname@example.com
telephoneNumber: +41 00 000 00 00
mobileTelephoneNumber: +41 00 000 00 00
sstWebsiteURL: https://www.example.com/
 
The following table describes the different attributes:
{| style="border-spacing:0;"
| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| '''Attribute'''
| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>'''Existence'''</center>
| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>'''Mandatory'''</center>
| style="border:0.002cm solid #000000;padding:0.097cm;"| '''Description'''
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstGender
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Either 'm' for male or 'f' for female.
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| givenName
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Givenname, example: Hans.
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| surname
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Surname, example: Muster.
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| postalAddress
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAY</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x2</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Street Number, example: Neufeldstrasse 9. Multi-lined field.
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| postOfficeBox
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAY</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x2</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Postbox, example: 3456.
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| stateOrProvinceName
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAY</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x3</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| This pulldown menu is only active (appears to the user), if the country is set to Canada or the USA.
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| countryName
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Country code according to ISO 3166-1 (for the web interface) and the corresponding ISO 3166-1-alpha-2 code (as the LDAP entry). Example: For Switzerland the value is CH.
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| postalCode
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Zipcode, example: 3012
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| localityName
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| City, example: Bern.
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| preferredLanguage
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Display language of the user according to RFC 1766, example: de-CH. Currently supported:
* de-CH
* en-GB
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| mail
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| E-mail address of the user, example: hans.muster@example.com.
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| telephoneNumber
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAY</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x1</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Fixnet phone number, example: +41 31 222 33 44.
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| mobileTelephoneNumber
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAY</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x1</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Mobile phone number, example: +41 76 222 33 44.
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstWebsiteURL
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAY</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"|
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| URL gemäss RFC-3986 http://tools.ietf.org/html/rfc3986. For example http://www.stepping-stone.ch/.
 
|}
Legend:
 
* '''x1''': Either telephoneNumber or mobileTelephoneNumber need to be present. Both attributes can exist together.
* '''x2''': Either postalAddress or postOfficeBox need to be present. Both attributes can exist together.
* '''x3''': If the countryName is either Canada or the USA, the stateOrProvinceName needs to be present.
 
==== Customers Shipping Address (optional) ====
The sub tree '''ou=shipping,uid=4000001,ou=customers,dc=stoney-cloud,dc=org''' contains the shipping address and is optional (it is only needed, if the shipping address differs from the billing Address).
dn: ou=shipping,uid=4000001,ou=customers,dc=stoney-cloud,dc=org
objectclass: top
objectclass: organizationalUnit
objectclass: sstAddressCompany
ou: shipping
organizationName: Reseller Ltd.
sstGender: m
givenName: Name
surname: Surname
postalAddress: Street Number
countryName: CH
postalCode: Postal Code
localityName: Locality
preferredLanguage: en-GB
mail: name.surname@example.com
telephoneNumber: +41 00 000 00 00
mobileTelephoneNumber: +41 00 000 00 00
sstWebsiteURL: https://www.example.com/
 
==== Customers Billing ====
The sub tree '''ou=billing,uid=4000001,ou=customers,dc=stoney-cloud,dc=org''' contains billing relevant data:
dn: ou=billing,uid=4000001,ou=customers,dc=stoney-cloud,dc=org
objectclass: top
objectclass: organizationalUnit
objectclass: sstBillingReseller
ou: billing
sstResellerBill: FALSE
 
This entry need to be described in detail. TBD.
 
The following table describes the different attributes:
{| style="border-spacing:0;"
| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| '''Attribute'''
| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>'''Existence'''</center>
| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>'''Mandatory'''</center>
| style="border:0.002cm solid #000000;padding:0.097cm;"| '''Description'''
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| attribure
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| TBD.
|}
 
Legend:
* '''x''': Mandatory in all cases.
 
==== Customers Employees ====
The sub tree '''ou=employees,uid=4000001,ou=customers,dc=stoney-cloud,dc=org''' contains the employees belonging to the reseller '''Customer Ltd.''' (all the employees with the the attribute sstBelongsToEmployeeUID=4000001). With the attribute labeledURI we use the functionality of the [http://www.openldap.org/doc/admin24/overlays.html#Dynamic%20Lists dynamic lists overlay] to automatically give us a list of employees belonging to this customer. The number of employees is always the same or smaller than the number of people belonging to a customer (they are a subset).
 
dn: ou=employees,uid=4000001,ou=customers,dc=stoney-cloud,dc=org
objectclass: top
objectclass: organizationalUnit
objectclass: labeledURIObject
ou: employees
labeledURI: ldap:///ou=people,dc=stoney-cloud,dc=org??one?(sstEmployeeOfUID=4000001)
member: uid=4000002,ou=people,dc=stoney-cloud,dc=org
 
In this example, the customer '''Customer Ltd.''' has one employee (with the uid=4000002).
 
The following table describes the different attributes:
{| style="border-spacing:0;"
| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| '''Attribute'''
| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>'''Existence'''</center>
| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>'''Mandatory'''</center>
| style="border:0.002cm solid #000000;padding:0.097cm;"| '''Description'''
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| attribure
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| TBD.
|}
 
Legend:
* '''x''': Mandatory in all cases.
 
==== Customers People ====
The sub tree '''ou=people,uid=4000001,ou=customers,dc=stoney-cloud,dc=org''' contains the all the people belonging to the customer '''Customer Ltd.''' (all the people, including the employees, with the the attribute sstBelongsToCustomerUID=4000001). With the attribute labeledURI we use the functionality of the [http://www.openldap.org/doc/admin24/overlays.html#Dynamic%20Lists dynamic lists overlay] to automatically give us a list of employees belonging to this reseller. The number of people is always the same or larger than the number of employees belonging to a reseller.
 
dn: ou=people,uid=4000001,ou=customers,dc=stoney-cloud,dc=org
objectclass: top
objectclass: organizationalUnit
objectclass: labeledURIObject
ou: employees
labeledURI: ldap:///ou=people,dc=stoney-cloud,dc=org??one?(sstBelongsToCustomerUID=4000001)
member: uid=4000002,ou=people,dc=stoney-cloud,dc=org
member: uid=4000064,ou=people,dc=stoney-cloud,dc=org
member: uid=4000066,ou=people,dc=stoney-cloud,dc=org
member: uid=4000069,ou=people,dc=stoney-cloud,dc=org
 
In this example, four people the customer '''Customer Ltd.''' (including the employee with the uid=4000002).
 
The following table describes the different attributes:
{| style="border-spacing:0;"
| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| '''Attribute'''
| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>'''Existence'''</center>
| style="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>'''Mandatory'''</center>
| style="border:0.002cm solid #000000;padding:0.097cm;"| '''Description'''
 
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| attribure
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| TBD.
|}
 
Legend:
* '''x''': Mandatory in all cases.
 
== Groups ==
 
== People ==
The sub tree '''ou=people,dc=stoney-cloud,dc=org''' contains all the people. Each person has a unique uid, which is used for later reference.
 
=== People uid (per person) ===
The following LDIF shows you the default '''person''' entry after a fresh stoney cloud installation. All relevant data belonging to this person is stored below this dn.
 
dn: uid=4000002,ou=people,dc=stoney-cloud,dc=org
objectclass: top
objectclass: sstPerson
uid: 4000002
sstGender: m
givenName: Name
surname: Surname
preferredLanguage: en-GB
userPassword: {SSHA}UgrBHVhKxFQInWWpzf1ddgEVmSg5vKUm
mail: name.surname@example.com
cn: admin
telephoneNumber: +41 00 000 00 00
mobileTelephoneNumber: +41 00 000 00 00
sstTimeZoneOffset: UTC+01
sstBelongsToResellerUID: 4000000
sstBelongsToCustomerUID: 4000001
sstEmployeeOfUID: 4000000
sstEmployeeOfUID: 4000001
 
The person '''Name Surname''' (with the uid=4000002) belongs to the reseller '''Reseller Ltd.''' (with sstBelongsToResellerUID=4000000) and is an employee of the same company (sstEmployeeOfUID=4000000). The person also belongs the customer '''Customer Ltd.''' (with sstBelongsToCustomerUID=4000001) and is an employee of the same company (sstEmployeeOfUID=4000001).
Michael
SLB, editor, reviewer
3,368
edits