Step 1. Enable Directory-Based Authentication - Netscape MANAGEMENT SYSTEM 6.0 Installation And Setup Manual

Using the Default Demo
You will first try to enroll using 512-bit keys; the enrollment will fail because of the
policy requiring 1024-bit keys. After you submit a new request with a 1024-bit key,
Certificate Management System should authenticate the user information in the
directory and issue the certificate automatically.
To use directory-based authentication to enroll entities:
•

Step 1. Enable Directory-Based Authentication

• Step 2. Add a User to the Directory
• Step 3. Enroll with Directory-Based Authentication
You can find out more about authentication in Chapter 15, "Setting Up End-User
Authentication."
Step 1. Enable Directory-Based Authentication
To enable directory-based authentication for the Certificate Manager:
If the CMS console window is not still open, start Netscape Console again (or
1.
go back to the main window) and open the window for Certificate
Management System.
In the CMS console window, select the Configuration tab, then select
2.
Authentication in the navigation tree.
On the Authentication Instance tab, click Add.
3.
In the Select Authentication Plugin Implementation dialog box, select
4.
UidPwdDirAuth
In the Authentication Instance Editor dialog box, provide the following
5.
information:
Authentication Instance ID:
dnpattern:
ldapStringAttributes: Leave blank
ldapByteAttributes: Leave blank
ldap.ldapconn.host:
ldap.ldapconn.port:
ldap.ldapconn.secureConn:
144 Netscape Certificate Management System Installation and Setup Guide • March 2002
and click Next.
UserDirEnrollment
cn=$attr.cn,c=US
<hostname>
389
false