diff options
| author | Werner Koch <[email protected]> | 2020-12-17 09:17:22 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2020-12-17 09:17:22 +0000 |
| commit | 2b06afbf260f620e4a1191aea6176535a3d71aed (patch) | |
| tree | 39161260d7154b44cded757ba950ab68f56cadbc /doc/ldap | |
| parent | dirmngr: Store all version 2 schema attributes. (diff) | |
| download | gnupg-2b06afbf260f620e4a1191aea6176535a3d71aed.tar.gz gnupg-2b06afbf260f620e4a1191aea6176535a3d71aed.zip | |
dirmngr: Finalize Active Directory LDAP Schema
--
With these modifications it is now possible to store and retrieve keys
from an AD without manually tweaking the schema. Permissions need to
be set manuallay, though.
Diffstat (limited to 'doc/ldap')
| -rw-r--r-- | doc/ldap/README.ldap | 2 | ||||
| -rw-r--r-- | doc/ldap/gnupg-ldap-ad-init.ldif | 8 | ||||
| -rw-r--r-- | doc/ldap/gnupg-ldap-ad-schema.ldif | 2 |
3 files changed, 7 insertions, 5 deletions
diff --git a/doc/ldap/README.ldap b/doc/ldap/README.ldap index 2d0b4c3d9..7401cd802 100644 --- a/doc/ldap/README.ldap +++ b/doc/ldap/README.ldap @@ -379,7 +379,7 @@ To list the entire DIT for the domain "example.com" use this command: : ldapsearch -Q -Y EXTERNAL -LLL -H ldapi:/// -b dc=example,dc=com dn This lists just the DNs. If you need the entire content of the DIT -leave our the "dn" argument. The option "-LLL" selects a useful +leave out the "dn" argument. The option "-LLL" selects useful formatting options for the output. ** Insert X.509 Certficate diff --git a/doc/ldap/gnupg-ldap-ad-init.ldif b/doc/ldap/gnupg-ldap-ad-init.ldif index f9de238d4..67567f1d5 100644 --- a/doc/ldap/gnupg-ldap-ad-init.ldif +++ b/doc/ldap/gnupg-ldap-ad-init.ldif @@ -1,17 +1,17 @@ # gnupg-ldap-ad-init.ldif -*- conf -*- # # Entries connecting the schema specified in gnupg-ldap-ad-schema.ldif. -# Revision: 2020-12-08 +# Revision: 2020-12-16 -dn: cn=GnuPG Keys,dc=w32demo,dc=g10code,dc=de +dn: cn=GnuPG Keys,DC=EXAMPLEDC changetype: add objectClass: container cn: GnuPG Keys -dn: cn=PGPServerInfo,dc=w32demo,dc=g10code,dc=de +dn: cn=PGPServerInfo,DC=EXAMPLEDC changetype: add objectClass: pgpServerInfo cn: PGPServerInfo -pgpBaseKeySpaceDN: cn=GnuPG Keys,dc=w32demo,dc=g10code,dc=de +pgpBaseKeySpaceDN: cn=GnuPG Keys,DC=EXAMPLEDC pgpSoftware: GnuPG pgpVersion: 2 ntds diff --git a/doc/ldap/gnupg-ldap-ad-schema.ldif b/doc/ldap/gnupg-ldap-ad-schema.ldif index a8810809e..6e3a2a90d 100644 --- a/doc/ldap/gnupg-ldap-ad-schema.ldif +++ b/doc/ldap/gnupg-ldap-ad-schema.ldif @@ -294,6 +294,7 @@ mustContain: cn mustContain: pgpBaseKeySpaceDN mayContain: pgpSoftware mayContain: pgpVersion +systemPossSuperiors: domainDNS schemaIDGUID:: 9AbnpaXqQR6d3S5OZomYIA== # The original PGP key object extended with a few extra attributes. @@ -324,6 +325,7 @@ mayContain: pgpKeyExpireTime mayContain: gpgFingerprint mayContain: gpgSubFingerprint mayContain: gpgMailbox +systemPossSuperiors: container schemaIDGUID:: 9AbnpaXqQR6d3S5OZomYIQ== |