Menu
▾
▴
Re: [Ejbca-develop] serialNumber in LDAP
|
From: Ejbca s. <ejb...@pr...> - 2007-01-09 12:11:42
|
If you have a tree in LDAP that look is "dc=company,dc=com" you can add several entities under that tree with DNs: serialNumber=1,dc=company,dc=com serialNumber=2,dc=company,dc=com /Tomas Nuno Ponte skrev: > Tomas, > > Thank you for your tips. :-) > Nonetheless, I still don't understand how does the serialNumber can > be configured in EJBCA as a "LDAP location field", since it won't be > able to create any intermediate node on the LDAP tree. > > Regards, > > Nuno Ponte > > On 1/9/07, Tomas Gustavsson <to...@pr...> wrote: >> Hi, >> serialNumber is an attribute just as you say. You can use it in the LDAP >> location fields if you add it as an allowed attribute to the >> inetOrgPerson object class. You are correct that it is not availble by >> default in OpenLDAP, you must modify the objectclass to allow this >> attribute. >> This is desired for some installations, since it is in many cases the >> serialNumber attribute that makes the DN unique in the organization. >> Modifying the schema is as simple as to add serialNumber as MAY to the >> inetOrgPerson object class in inetorgperson.schema. >> >> Cheers, >> Tomas >> >> >> Nuno Ponte skrev: >>> Hi all, >>> >>> How can a serialNumber be part of the "LDAP location fields from >>> cert DN"? I inspected the schema files of my OpenLDAP installation and >>> serialNumber is just an atributtetype, not an objectclass... >>> >>> Regards, >>> >>> Nuno Ponte >>> > > ------------------------------------------------------------------------- > Take Surveys. Earn Cash. Influence the Future of IT > Join SourceForge.net's Techsay panel and you'll get the chance to share your > opinions on IT & business topics through brief surveys - and earn cash > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop |