[openca-users:114] Re: RAO and LDAP

Thu, 30 Nov 2000 02:45:44 -0800 



Michael Bell wrote:

> >    2. LDAP:
> >       OpenCA(RAServer CGI) adds an entry to LDAP Server like this:
> >       dn: [EMAIL PROTECTED], OU=OpenCA Users, O=OpenCA
> > Organization, C=IT
> >
> >       Got an error ( Error Code 32 ).
> >       I looked "perl-ldap" library, and it's dn is without Email field,
> >       so I modified as following.
> >       dn: OU=OpenCA Users, O=OpenCA Organization, C=IT
> >
> >       Add successful.....
> >
> >       But guys..... U know, Netscape uses email to search one's
> > certificate,
> >       although we can add information ( without Email in dn ) into LDAP
> > server, but it
> >       can't be retrieved by Netscape.....
> >       What a disappointment!!!!  >___<
>
> It's the same problem described in message 105/106. Yesterday night I
> localized the problem on an openldap-server.
>
> There exists no inetPerson in slapd.oc.conf (this is a mistake by the
> slapd.oc.conf). So I copy inetOrgPerson objectclass to inetPerson and enter
> in the required section only the word Email and all works fine.
>
> But this is not standard conform because mail is the correct term. I think if
> netscape knows inetPerson (and this I think is a fact because OpenCA enforce
> this by using the objectclass inetPerson) it is only necessary to remove "E"
> from "Email=..." because "mail" is in inetPerson and organizationalPerson too.
>

   First, you are right...  "Email" should be replaced with "mail".
   But I can add objectclass inetPerson into LDAP, I guess you don't import
   "openca.ldif" file which comes with OpenCA source in "misc" directory.
   Check it.

   My example:  ( slapd.oc.conf is not changed )
   $ ldapsearch -b "o=OpenCA Oranization, c=TW" "ou=*"
                                               :
                                               :
CN=SINICA iis, OU=OpenCA User, O=OpenCA Organization, C=TW
cn=SINICA iis
objectclass=top
objectclass=person
objectclass=organizationalPerson
objectclass=inetPerson
ou=OpenCA User
o=OpenCA Organization
mail=sinica@localhost
creatorsname=cn=root, o=OpenCA Organization, c=TW
modifiersname=cn=root, o=OpenCA Organization, c=TW
createtimestamp=20001127140817Z
modifytimestamp=20001127140817Z
                                                 :


begin:vcard 
n:Chang;Liang-Hao
tel;home:(03)4376926
tel;work:(03)4563171-4707
x-mozilla-html:FALSE
org:ICQ: 48578759;Graduated Student of CYCU ICE
adr:;;;;;;
version:2.1
email;internet:[EMAIL PROTECTED]
title:Macleod (���J��)
fn:Liang-Hao Chang
end:vcard

Reply via email to