NISAuth Plug-in Module
40
Netscape Certificate Management System Plug-Ins Guide • March 2002
ldapStringAttributes
Specifies the list of LDAP string attributes that should be considered authentic
for the end entity. If specified, the values corresponding to these attributes
will be copied from the authentication directory into the authentication
token—that is, values retrieved from this parameter can be used by policy
modules to formulate subject names for certificates or to make other policy
decisions. For details, see “SubjectAltNameExt Plug-in Module” on page 232.
Entering values for this parameter is optional.
Permissible values: Any valid LDAP string attributes, separated by commas.
Example:
(This sample configuration specifies that the value of the
attribute
should be stored in the authentication token.)
ldapByteAttributes
Specifies the list of LDAP byte (binary) attributes that should be considered
authentic for the end user. If specified, the values corresponding to these
attributes will be copied from the LDAP directory into the authentication
token for use by other modules—that is, values retrieved from this parameter
can be used by policy modules to make certain policy decisions or to add
additional information to users’ certificates.
For example, assume you have defined an LDAP binary attribute for storing
users’ pictures or fingerprints in your directory. You could develop a policy
plug-in that adds users’ pictures to their certificates as extensions.
Entering values for this parameter is optional.
Permissible values: Any valid LDAP byte attributes, separated by commas.
Example:
jpegPhoto
This sample configuration specifies that the value of the LDAP attribute
named
jpegPhoto
(which is included in the standard
inetOrgPerson
object class) should be stored in the authentication token and be used to put
the user’s picture in his or her certificate.
ldap.ldapconn.host
Specifies the host name of the LDAP directory.
Permissible values: The name must be in the
<machine_name>.<your_domain>.<domain>
form.
Example:
corpDirectory.example.com
ldap.ldapconn.port
Specifies the TCP/IP port at which the LDAP directory listens to requests
from Certificate Management System.
Permissible values: Any valid port number.
Example:
389
Table 1-4
Description of parameters defined in the NISAuth module (Continued)
Parameter
Description
Summary of Contents for Certificate Management System 6.0
Page 1: ...Plug Ins Guide Netscape Certificate Management System Version6 0 March 2002...
Page 10: ...10 Netscape Certificate Management System Plug Ins Guide March 2002...
Page 62: ...Enrollment Forms 62 Netscape Certificate Management System Plug Ins Guide March 2002...
Page 308: ...NTEventLog Plug in Module 308 Netscape Certificate Management System Plug Ins Guide March 2002...