Table of Contents
Advertisement
For example, assume you entered components
parameter. For locating Jane Doe's entry in the directory, the Certificate
dnComps
Manager constructs the following DN by reading the DN attribute values from the
certificate, and uses the DN as the base for searching the directory:
CN=Jane Doe, OU=Sales, O=Siroe Corporation, C=US
Note the following:
•
A subject name does not need to have all of the components that you specify
for the
parameter. The server ignores any components that are not
dnComps
part of the subject name (such as
•
Unspecified components are not used to build the DN. In the example, if you
did not include the
searching the directory:
In general, for the
dnComps
the Certificate Manager can use to form the LDAP DN exactly. In certain situations,
however, the subject name in a certificate may match more than one entry in the
directory. Then, the Certificate Manager might not get a single, distinct matching
entry from the DN. For example, the subject name
CN=Jane Doe, OU=Sales, O=Siroe Corporation, C=US
might match two users with the name Jane Doe in the directory. If that occurred,
the Certificate Manager would need additional criteria to determine which entry
corresponds to the subject of the certificate.
To specify the components the Certificate Manager must use to distinguish
between different entries in the directory, use the
details, see Table 5-3 on page 261. For example, if you entered
values for the
dnComps
the
attribute can be used to distinguish between entries with identical
L
and
values.
C
Consider another example that shows how two directory entries with similar DNs
can be differentiated by the value of the
Assume that the two Jane Doe entries are distinguished by the value of the
attribute. One entry's
. Because the
janedoe2
you can set up the subject names of certificates to include the
,
, and
L
ST
component, the server would use this DN as the base for
OU
CN=Jane Doe, O=Siroe Corporation, C=US
parameter, you should enter those DN components that
parameter, enter
for the
L
UID
value is
UID
janedoe1
attribute corresponds to the
UID
LdapDNCompsMap Plug-in Module
,
,
,
, and
CN
E
OU
O
C
in this example).
E
parameter; for
filterComps
,
CN
parameter only if
filterComps
attribute:
and the other entry's
component in a DN,
UID
UID
Chapter 5
Mapper Plug-in Modules
as values for the
,
, and
as
OU
O
C
,
,
,
CN
OU
O
UID
value is
UID
component.
259
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE