Netscape MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR Administrator's Manual page 641

In the above examples,
means take the attribute from the certificate subject name, and
$subj
take the attribute from the certificate extension.
LdapSubjAttrMap
The
LdapSubjAttrMap
Manager to map a certificate to an LDAP directory entry by using the LDAP
attribute named
certSubjectDN
your directory entries must include the
This mapper requires you to specify the exact pattern of the subject DN because the
Certificate Manager searches the directory for the
value exactly matches the entire subject DN specified in the mapper configuration.
For example, assume the certificate subject name is this:
UID=jdoe, O=Example Corporation, C=US
When searching the directory for the entry, the Certificate Manager first searches
for entries that have these attributes in common
certSubjectDN=UID=jdoe, O=Example Corporation, C=US
and then narrows down the search to an entry that has only this:
certSubjectDN=UID=jdoe, O=Example Corporation, C=US
If no matching entries are found, the server returns an error and writes it to the log.
Configuration Parameters of LdapSubjAttrMap
Table 15-9 describes these parameters.
Table 15-9 LdapSubjAttrMap Parameters
Parameter
certSubjNameAttr
searchBase
means take the attribute from the certificate request,
$req
plug-in module enables you to configure a Certificate
. Note that for you to be able to use this mapper,
certSubjectDN
Description
Specifies the name of the LDAP attribute that contains a
certificate subject name as its value. Must be
certSubjectName.
Specifies the base DN for starting the attribute search.
Permissible values: A valid DN of an LDAP entry.
Example: O=example.com, C=US
$ext
attribute.
attribute whose
certSubjectDN
Chapter 15
Mappers
means
Publishing 641