diff options
| author | Werner Koch <wk@gnupg.org> | 2020-12-17 10:17:22 +0100 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2020-12-17 10:17:22 +0100 |
| commit | 2b06afbf260f620e4a1191aea6176535a3d71aed (patch) | |
| tree | 39161260d7154b44cded757ba950ab68f56cadbc | |
| parent | a2434ccabdd1956876b44e05e07c3c3630c50f8f (diff) | |
| download | gnupg-2b06afbf260f620e4a1191aea6176535a3d71aed.tar.gz | |
dirmngr: Finalize Active Directory LDAP Schema
--
With these modifications it is now possible to store and retrieve keys
from an AD without manually tweaking the schema. Permissions need to
be set manuallay, though.
| -rw-r--r-- | doc/ldap/README.ldap | 2 | ||||
| -rw-r--r-- | doc/ldap/gnupg-ldap-ad-init.ldif | 8 | ||||
| -rw-r--r-- | doc/ldap/gnupg-ldap-ad-schema.ldif | 2 |
3 files changed, 7 insertions, 5 deletions
diff --git a/doc/ldap/README.ldap b/doc/ldap/README.ldap index 2d0b4c3d9..7401cd802 100644 --- a/doc/ldap/README.ldap +++ b/doc/ldap/README.ldap @@ -379,7 +379,7 @@ To list the entire DIT for the domain "example.com" use this command: : ldapsearch -Q -Y EXTERNAL -LLL -H ldapi:/// -b dc=example,dc=com dn This lists just the DNs. If you need the entire content of the DIT -leave our the "dn" argument. The option "-LLL" selects a useful +leave out the "dn" argument. The option "-LLL" selects useful formatting options for the output. ** Insert X.509 Certficate diff --git a/doc/ldap/gnupg-ldap-ad-init.ldif b/doc/ldap/gnupg-ldap-ad-init.ldif index f9de238d4..67567f1d5 100644 --- a/doc/ldap/gnupg-ldap-ad-init.ldif +++ b/doc/ldap/gnupg-ldap-ad-init.ldif @@ -1,17 +1,17 @@ # gnupg-ldap-ad-init.ldif -*- conf -*- # # Entries connecting the schema specified in gnupg-ldap-ad-schema.ldif. -# Revision: 2020-12-08 +# Revision: 2020-12-16 -dn: cn=GnuPG Keys,dc=w32demo,dc=g10code,dc=de +dn: cn=GnuPG Keys,DC=EXAMPLEDC changetype: add objectClass: container cn: GnuPG Keys -dn: cn=PGPServerInfo,dc=w32demo,dc=g10code,dc=de +dn: cn=PGPServerInfo,DC=EXAMPLEDC changetype: add objectClass: pgpServerInfo cn: PGPServerInfo -pgpBaseKeySpaceDN: cn=GnuPG Keys,dc=w32demo,dc=g10code,dc=de +pgpBaseKeySpaceDN: cn=GnuPG Keys,DC=EXAMPLEDC pgpSoftware: GnuPG pgpVersion: 2 ntds diff --git a/doc/ldap/gnupg-ldap-ad-schema.ldif b/doc/ldap/gnupg-ldap-ad-schema.ldif index a8810809e..6e3a2a90d 100644 --- a/doc/ldap/gnupg-ldap-ad-schema.ldif +++ b/doc/ldap/gnupg-ldap-ad-schema.ldif @@ -294,6 +294,7 @@ mustContain: cn mustContain: pgpBaseKeySpaceDN mayContain: pgpSoftware mayContain: pgpVersion +systemPossSuperiors: domainDNS schemaIDGUID:: 9AbnpaXqQR6d3S5OZomYIA== # The original PGP key object extended with a few extra attributes. @@ -324,6 +325,7 @@ mayContain: pgpKeyExpireTime mayContain: gpgFingerprint mayContain: gpgSubFingerprint mayContain: gpgMailbox +systemPossSuperiors: container schemaIDGUID:: 9AbnpaXqQR6d3S5OZomYIQ== |