Table of Contents
Advertisement
Mappers
In general, for the
the Certificate Manager can use to form the LDAP DN exactly. In certain situations,
however, the subject name in a certificate may match more than one entry in the
directory. Then, the Certificate Manager might not get a single, distinct matching
entry from the DN. For example, the subject name
CN=Jane Doe, OU=Sales, O=Example Corporation, C=US
might match two users with the name Jane Doe in the directory. If that occurred,
the Certificate Manager would need additional criteria to determine which entry
corresponds to the subject of the certificate.
To specify the components the Certificate Manager must use to distinguish
between different entries in the directory, use the
details, see Table 15-10 on page 643. For example, if you entered
values for the
the
L
and
C
Consider another example that shows how two directory entries with similar DNs
can be differentiated by the value of the
Assume that the two Jane Doe entries are distinguished by the value of the
attribute. One entry's
janedoe2
you can set up the subject names of certificates to include the
NOTE
Configuration Parameters of LdapDNCompsMap
With this configuration, a Certificate Manager maps its certificates with the ones in
the LDAP directory by using the
filterComps
•
If the formed DN is null, the server uses the
both the formed DN and base DN are null, the server logs an error.
•
If the filter is null, the server uses the
filter and base DN are null, the server logs an error.
Table 15-10 describes these parameters.
642
Netscape Certificate Management System Administrator's Guide • June 2003
dnComps
parameter, enter
dnComps
attribute can be used to distinguish between entries with identical
values.
value is
UID
. Because the
UID
Generally, the
standard set of certificate request forms provided for end entities.
You can add these components to the forms, or you can have the
issuing agents insert these components when editing the subject
name in the certificate issuance forms.
values to form a search filter for the subtree.
parameter, you should enter those DN components that
for the
L
attribute:
UID
and the other entry's
janedoe1
attribute corresponds to the
,
, and
components are not included in the
E
L
ST
values to form a DN and the
dnComps
baseDN
parameter; for
filterComps
,
CN
OU
parameter only if
filterComps
UID
component in a DN,
UID
component.
UID
value for the subtree. If
baseDN
value for the search. If both the
,
, and
as
O
C
,
,
,
CN
OU
O
UID
value is
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN