Table of Contents
Advertisement
LdapUserCertMap Mapper
The rule named
The Certificate Manager automatically creates this mapper during installation.
You can use this mapper for mapping end-user certificates to users' directory
entries. The default DN pattern for locating end-user entries is as follows:
UID=$subj.UID, OU=people, O=$subj.o
The default pattern indicates that the Certificate Manager should use the
values from the certificate subject name and a constant
DN pattern in order to search for an entry.
For example, if the certificate subject name is
CN=Jane Doe, UID=jdoe, OU=people, O=Example Corporation, C=US
the Certificate Manager will construct the following DN to search the directory for
the entry:
UID=jdoe, OU=people, O=Example Corporation
LdapSubjAttrMap Plug-in Module
The
LdapSubjAttrMap
This mapper enables you to configure a Certificate Manager to map a certificate to
an LDAP directory entry by using the LDAP attribute named
Note that for you to be able to use this mapper, your directory entries must include
the
certSubjectDN
This mapper requires you to specify the exact pattern of the subject DN because the
Certificate Manager searches the directory for the
value exactly matches the entire subject DN specified in the mapper configuration.
For example, assume the certificate subject name is this:
UID=jdoe, O=Example Corporation, C=US
When searching the directory for the entry, the Certificate Manager first searches
for entries that have these attributes in common
certSubjectDN=UID=jdoe, O=Example Corporation, C=US
and then narrows down the search to an entry that has only this:
certSubjectDN=UID=jdoe, O=Example Corporation, C=US
is an instance of the
LdapUserCertMap
plug-in module implements the subject attribute mapper.
attribute.
LdapSubjAttrMap Plug-in Module
LdapSimpleMap
to construct the
OU=people
certSubjectDN
attribute whose
certSubjectDN
Chapter 5
Mapper Plug-in Modules
module.
and
UID
O
.
263
Advertisement
Table of Contents
