[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: entrust certificate schema
Openldap - Sadesi wrote:
im try to recreate the entrust schema, this provide objectclass and
attributes to use certifcates
anyboy have this schema parsed to OpenLDAP?
Try the one attached. It loads just fine in my OpenLDAP 2.1.x.
Actually I never really used it together with Entrust Authority though. They
ship with an LDAP testing tool you might wanna check out first.
Ciao, Michael.
#
# Schema for Entrust PKI components to be included in OpenLDAP config
#
# attributetype ( 1.2.840.113549.1.9.1 NAME 'email' EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.2.840.113533.7.68.10
NAME 'attributeCertificate'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )
attributetype ( 1.2.840.113533.7.68.0
NAME 'entrustCAInfo'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )
attributetype ( 1.2.840.113533.7.68.30
NAME 'entrustPolicyCertificate'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
attributetype ( 1.2.840.113533.7.68.22
NAME 'entrustRoamFileEncInfo' EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
attributetype ( 1.2.840.113533.7.79.0
NAME 'entrustRoamingCAPAB' EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
attributetype ( 1.2.840.113533.7.68.28
NAME 'entrustRoamingEOP' EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
attributetype ( 1.2.840.113533.7.68.24
NAME 'entrustRoamingPAB' EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
attributetype ( 1.2.840.113533.7.68.27
NAME 'entrustRoamingPRV' EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
attributetype ( 1.2.840.113533.7.68.23
NAME 'entrustRoamingProfile' EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
attributetype ( 1.2.840.113533.7.68.25
NAME 'entrustRoamingRecipList' EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
attributetype ( 1.2.840.113533.7.68.26
NAME 'entrustRoamingSLA' EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
attributetype ( 2.16.840.1.114027.22.4
NAME 'entrustAttributeCertificate' EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
attributetype ( 1.2.840.113533.7.79.1
NAME 'entrustRoamingId'
SUP uid )
objectclass ( 1.2.840.113533.7.67.9
NAME 'emailAddressUser' SUP top AUXILIARY MAY email )
objectclass ( 1.2.840.113533.7.67.1
NAME 'entrustCA' SUP top AUXILIARY MAY ( cACertificate $ certificateRevocationList $ authorityRevocationList $ deltaRevocationList $ crossCertificatePair $ userPassword $ attributeCertificate ) )
objectclass ( 1.2.840.113533.7.67.14
NAME 'entrustDNQualifierUser' SUP top AUXILIARY MAY dnQualifier )
objectclass ( 1.2.840.113533.7.67.15
NAME 'entrustNamedObject' SUP top AUXILIARY MAY ( name $ cn $ sn $ givenName $ initials $ generationQualifier $ c $ l $ st $ o $ ou $ title ) )
objectclass ( 1.2.840.113533.7.67.17
NAME 'entrustPolicyObject' SUP top AUXILIARY MAY entrustPolicyCertificate )
objectclass ( 1.2.840.113533.7.67.13
NAME 'entrustRoamingUser' SUP top AUXILIARY MAY ( entrustRoamFileEncInfo $ entrustRoamingProfile $ entrustRoamingPAB $ entrustRoamingRecipList $ entrustRoamingSLA $ entrustRoamingPRV $ entrustRoamingEOP $ entrustRoamingCAPAB $ uid ) )
objectclass ( 1.2.840.113533.7.67.0
NAME 'entrustUser' SUP top AUXILIARY MAY userCertificate )
objectclass ( 1.2.840.113533.7.67.18
NAME 'entrustRoamingDataUser'
SUP top
AUXILIARY
MAY ( entrustRoamFileEncInfo $ entrustRoamingProfile $
entrustRoamingPAB $ entrustRoamingRecipList $ entrustRoamingSLA $
entrustRoamingPRV $ entrustRoamingEOP $ entrustRoamingCAPAB $
entrustRoamingID ) )