Re: lowercase/case sensitive DNs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 02/20/2013 01:07 PM, Colin Tulloch wrote:

Hi all – thanks for reading!

 

We are using 389/RHDS as a PKI repository.


What version of 389/RHDS?  What platform?

 

We are having an issue with the case of DNs in the directory – switching between upper and lower cases. This may be a string issue. Hopefully someone who’s experienced this can help educate me.

 

My main question is simple – how is the letter case of a DN (or root suffix) controlled? And how can this be changed?

 

For example, with a “c=us” root suffix, we have a lab directory with a sub-suffix of “o=Lab,c=US”.

Another directory has the same “c=us” root suffix, but the sub-suffix we’ve created is “o=Entrust,c=us”

 

It may be by scripting the creation of the sub-suffixes that we’ve done this. We’re trying to determine the difference, because we want all directories and therefore certificates issued, to have a c=US country code – capitalized.


That's going to be difficult - here is the definition of the attribute:

attributeTypes: ( 2.5.4.41 NAME 'name'
  EQUALITY caseIgnoreMatch
  SUBSTR caseIgnoreSubstringsMatch
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
  X-ORIGIN 'RFC 4519' )
attributeTypes: ( 2.5.4.6 NAME ( 'c' 'countryName' )
  SUP name
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.11
  SINGLE-VALUE
  X-ORIGIN 'RFC 4519'
  X-DEPRECATED 'countryName' )

The directory server will not enforce allcaps.

 

In the console, the case of a DN or name is displayed all in lowercase when you view the properties. However in the directory tree view, you can see case differences, and the full DN display on the bottom seems to show the actual case.


389/RHDS attempts to preserve the case.  It may be that the console is doing some sort of normalization and shows you the normalized form.  ldapsearch should give you the real DN.


 

 

 

Colin Tulloch

Colin.tulloch@xxxxxxxxxxx

 



--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users

--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux