> 2. LDAP:
> OpenCA(RAServer CGI) adds an entry to LDAP Server like this:
> dn: [EMAIL PROTECTED], OU=OpenCA Users, O=OpenCA
> Organization, C=IT
>
> Got an error ( Error Code 32 ).
> I looked "perl-ldap" library, and it's dn is without Email field,
> so I modified as following.
> dn: OU=OpenCA Users, O=OpenCA Organization, C=IT
>
> Add successful.....
>
> But guys..... U know, Netscape uses email to search one's
> certificate,
> although we can add information ( without Email in dn ) into LDAP
> server, but it
> can't be retrieved by Netscape.....
> What a disappointment!!!! >___<
It's the same problem described in message 105/106. Yesterday night I
localized the problem on an openldap-server.
There exists no inetPerson in slapd.oc.conf (this is a mistake by the
slapd.oc.conf). So I copy inetOrgPerson objectclass to inetPerson and enter
in the required section only the word Email and all works fine.
But this is not standard conform because mail is the correct term. I think if
netscape knows inetPerson (and this I think is a fact because OpenCA enforce
this by using the objectclass inetPerson) it is only necessary to remove "E"
from "Email=..." because "mail" is in inetPerson and organizationalPerson too.
I hope this helps
Regards Michael
--------------------------------------------------------------------
Michael Bell E-Mail: [EMAIL PROTECTED]
Rechenzentrum - Datacenter Tel.: +49+(0)30-2093-2482
Humboldt-University of Berlin Fax.: +49+(0)30-2093-2959
Unter den Linden 6
10099 Berlin
Germany
--------------------------------------------------------------
Per problemi: [EMAIL PROTECTED] oppure (anche meglio)
[EMAIL PROTECTED] (messaggio con la sola parola HELP)
--------------------------------------------------------------
