Skip to content
Connect2id

LDAP schema

LDAP schema for SRP verifiers

A ready LDAP schema is available for storing SRP verifiers in a directory such as MS Active Directory, OpenLDAP or OpenDJ.

# LDAP schema for storing Secure Remote Password (SRP) salt and verifiers
#
# (c) Connect2id Ltd., 2011 - 2014
dn: cn=schema
objectClass: top
objectClass: ldapSubEntry
objectClass: subschema
cn: schema
attributeTypes: ( 1.3.6.1.4.1.31487.3.1
  NAME 'srp6Verifier'
  DESC 'Stores SRP6 salt and verifier, in hex and delimited by semicolon'
  EQUALITY caseIgnoreMatch
  ORDERING caseIgnoreOrderingMatch
  SUBSTR caseIgnoreSubstringsMatch
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
  SINGLE-VALUE
  USAGE userApplications
  X-ORIGIN 'Connect2id.com' )
objectClasses: ( 1.3.6.1.4.1.31487.3.2
  NAME 'srp6account'
  DESC 'Account with SRP-6a authentication support'
  SUP top
  AUXILIARY
  MAY srp6Verifier
  X-ORIGIN 'Connect2id.com' )

You can download it from its git repo at

https://bitbucket.org/connect2id/nimbus-srp-ldap-schema

The schema war originally created for our Json2Ldap product.