Apq
/
389-ds-base
mirror of https://github.com/389ds/389-ds-base.git


			
				
					
						
						
							1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980
							#
# BEGIN COPYRIGHT BLOCK
# This Program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation; version 2 of the License.
# 
# This Program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
# 
# You should have received a copy of the GNU General Public License along with
# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
# Place, Suite 330, Boston, MA 02111-1307 USA.
# 
# In addition, as a special exception, Red Hat, Inc. gives You the additional
# right to link the code of this Program with code not covered under the GNU
# General Public License ("Non-GPL Code") and to distribute linked combinations
# including the two, subject to the limitations in this paragraph. Non-GPL Code
# permitted under this exception must only link to the code of this Program
# through those well defined interfaces identified in the file named EXCEPTION
# found in the source code files (the "Approved Interfaces"). The files of
# Non-GPL Code may instantiate templates or use macros or inline functions from
# the Approved Interfaces without causing the resulting work to be covered by
# the GNU General Public License. Only Red Hat, Inc. may make changes or
# additions to the list of Approved Interfaces. You must obey the GNU General
# Public License in all respects for all of the Program code and other code used
# in conjunction with the Program except the Non-GPL Code covered by this
# exception. If you modify this file, you may extend this exception to your
# version of the file, but you are not obligated to do so. If you do not wish to
# provide this exception without modification, you must delete this exception
# statement from your version and license this file solely under the GPL without
# exception. 
# 
# 
# Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
# Copyright (C) 2005 Red Hat, Inc.
# All rights reserved.
# END COPYRIGHT BLOCK
#
#
# This file configures how a certificate is mapped to an LDAP entry.  See the
# documentation for more information on this file.
#
# The format of this file is as follows:
#	certmap <name> <issuerDN>
#	<name>:<prop1> [<val1>]
#	<name>:<prop2> [<val2>]
#
# Notes:
#
# 1.  Mapping can be defined per issuer of a certificate.  If mapping doesn't
#     exists for a particular 'issuerDN' then the server uses the default
#     mapping. 
#
# 2.  There must be an entry for <name>=default and issuerDN "default".
#     This mapping is the default mapping.
#
# 3.  '#' can be used to comment out a line.
#
# 4.  DNComps & FilterComps are used to form the base DN and filter resp. for 
#     performing an LDAP search while mapping the cert to a user entry.
#
# 5.  DNComps can be one of the following:
#	commented out - take the user's DN from the cert as is
#	empty         - search the entire LDAP tree (DN == suffix)
#	attr names    - a comma separated list of attributes to form DN
#
# 6.  FilterComps can be one of the following:
#	commented out - set the filter to "objectclass=*"
#	empty         - set the filter to "objectclass=*"
#	attr names    - a comma separated list of attributes to form the filter
#

certmap default		default
#default:DNComps
#default:FilterComps	e, uid
#default:verifycert	on
#default:CmapLdapAttr	certSubjectDN
#default:library	<path_to_shared_lib_or_dll>
#default:InitFn		<Init function's name>