diff --git a/contrib/openldap/ldapns.schema b/contrib/openldap/ldapns.schema
new file mode 100644
index 0000000000000000000000000000000000000000..21ae00c33581a92665f96b4dc2069b7cab6cc68d
--- /dev/null
+++ b/contrib/openldap/ldapns.schema
@@ -0,0 +1,23 @@
+# $Id: ldapns.schema,v 1.3 2003/05/29 12:57:29 lukeh Exp $
+
+# LDAP Name Service Additional Schema
+
+# http://www.iana.org/assignments/gssapi-service-names
+
+attributetype ( 1.3.6.1.4.1.5322.17.2.1 NAME 'authorizedService'
+	DESC 'IANA GSS-API authorized service name'
+	EQUALITY caseIgnoreMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
+
+objectclass ( 1.3.6.1.4.1.5322.17.1.1 NAME 'authorizedServiceObject'
+	DESC 'Auxiliary object class for adding authorizedService attribute'
+	SUP top
+	AUXILIARY
+	MAY authorizedService )
+
+objectclass ( 1.3.6.1.4.1.5322.17.1.2 NAME 'hostObject'
+	DESC 'Auxiliary object class for adding host attribute'
+	SUP top
+	AUXILIARY
+	MAY host )
+
diff --git a/contrib/openldap/trust.ldif b/contrib/openldap/trust.ldif
deleted file mode 100644
index 722eb2b5d35e30c07ba5fd8383277ba9195a78f3..0000000000000000000000000000000000000000
--- a/contrib/openldap/trust.ldif
+++ /dev/null
@@ -1,11 +0,0 @@
-dn: cn=trust,cn=schema,cn=config
-objectClass: olcSchemaConfig
-cn: trust
-olcAttributeTypes: {0}( 5.3.6.1.1.1.1.0 NAME 'trustModel' DESC 'Access scheme'
-  EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6
- .1.4.1.1466.115.121.1.26 SINGLE-VALUE )
-olcAttributeTypes: {1}( 5.3.6.1.1.1.1.1 NAME 'accessTo' DESC 'Access to which 
- servers user is allowed' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5Subs
- tringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-olcObjectClasses: {0}( 5.3.6.1.1.1.2.0 NAME 'trustAccount' DESC 'Sets trust ac
- counts information' SUP top AUXILIARY MUST trustModel MAY accessTo )
diff --git a/contrib/openldap/trust.schema b/contrib/openldap/trust.schema
deleted file mode 100644
index 6b6fab0cedba39713d43b1bd372d580cee90da7a..0000000000000000000000000000000000000000
--- a/contrib/openldap/trust.schema
+++ /dev/null
@@ -1,21 +0,0 @@
-# this file goes into /etc/openldap/schema or into your schema directory for your LDAP v3 server
-# make sure you have it, otherwise, Directory administrator will complain when changing user accounts
-# unless you don't do schema checking
-
-attributetype ( 5.3.6.1.1.1.1.0 NAME 'trustModel'
-	DESC 'Access scheme'
-	EQUALITY caseIgnoreIA5Match
-	SUBSTR caseIgnoreIA5SubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
-
-attributetype ( 5.3.6.1.1.1.1.1 NAME 'accessTo'
-	DESC 'Access to which servers user is allowed'
-	EQUALITY caseIgnoreIA5Match
-	SUBSTR caseIgnoreIA5SubstringsMatch
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
-
-objectclass ( 5.3.6.1.1.1.2.0 NAME 'trustAccount' SUP top AUXILIARY
-	DESC 'Sets trust accounts information'
-	MUST ( trustModel )
-	MAY ( accessTo ) )
-