Table of Contents
Advertisement
LdapDNCompsMap Plug-in Module
The Certificate Manager uses the components in subject names to construct a DN
that it can use as the base for searching specific directory entries in order to publish
the corresponding certificate information.
For example, suppose the subject name in the certificate is in this form:
CN=Jane Doe, OU=Sales, O=Example Corporation, L=Mountain View,
ST=California, C=US
The Certificate Manager can use some or all of these components (
and
C
can specify the components the server should use to build a DN (that is,
components to match attributes in the directory). You do this by configuring the
dnComps
For example, assume you entered components
dnComps
Manager constructs the following DN by reading the DN attribute values from the
certificate, and uses the DN as the base for searching the directory:
CN=Jane Doe, OU=Sales, O=Example Corporation, C=US
Note the following:
•
A subject name does not need to have all of the components that you specify
for the
part of the subject name (such as
•
Unspecified components are not used to build the DN. In the example, if you
did not include the
searching the directory:
In general, for the
the Certificate Manager can use to form the LDAP DN exactly. In certain situations,
however, the subject name in a certificate may match more than one entry in the
directory. Then, the Certificate Manager might not get a single, distinct matching
entry from the DN. For example, the subject name
CN=Jane Doe, OU=Sales, O=Example Corporation, C=US
might match two users with the name Jane Doe in the directory. If that occurred,
the Certificate Manager would need additional criteria to determine which entry
corresponds to the subject of the certificate.
256
Netscape Certificate Management System Plug-Ins Guide • March 2002
) to build a DN for searching the directory. When creating a mapper rule, you
parameter; for details, see Table 5-3 on page 258.
parameter. For locating Jane Doe's entry in the directory, the Certificate
parameter. The server ignores any components that are not
dnComps
OU
dnComps
CN
,
, and
L
ST
component, the server would use this DN as the base for
CN=Jane Doe, O=Example Corporation, C=US
parameter, you should enter those DN components that
CN
,
,
,
, and
as values for the
E
OU
O
C
in this example).
E
,
,
,
,
,
OU
O
L
ST
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN