Imported Upstream version 4.6.2

install/share/certmap.conf.template

@@ -0,0 +1,50 @@
+# VERSION 3 - DO NOT REMOVE THIS LINE
+#
+# This file is managed by IPA and will be overwritten on upgrades.
+#
+#
+# This file configures how a certificate is mapped to an LDAP entry.  See the
+# documentation for more information on this file.
+#
+# The format of this file is as follows:
+#	certmap <name> <issuerDN>
+#	<name>:<prop1> [<val1>]
+#	<name>:<prop2> [<val2>]
+#
+# Notes:
+#
+# 1.  Mapping can be defined per issuer of a certificate.  If mapping doesn't
+#     exists for a particular 'issuerDN' then the server uses the default
+#     mapping. 
+#
+# 2.  There must be an entry for <name>=default and issuerDN "default".
+#     This mapping is the default mapping.
+#
+# 3.  '#' can be used to comment out a line.
+#
+# 4.  DNComps & FilterComps are used to form the base DN and filter resp. for 
+#     performing an LDAP search while mapping the cert to a user entry.
+#
+# 5.  DNComps can be one of the following:
+#	commented out - take the user's DN from the cert as is
+#	empty         - search the entire LDAP tree (DN == suffix)
+#	attr names    - a comma separated list of attributes to form DN
+#
+# 6.  FilterComps can be one of the following:
+#	commented out - set the filter to "objectclass=*"
+#	empty         - set the filter to "objectclass=*"
+#	attr names    - a comma separated list of attributes to form the filter
+#
+
+certmap default         default
+#default:DNComps
+#default:FilterComps    e, uid
+#default:verifycert     on
+#default:CmapLdapAttr   certSubjectDN
+#default:library        <path_to_shared_lib_or_dll>
+#default:InitFn         <Init function's name>
+default:DNComps
+default:FilterComps     uid
+certmap ipaca           $ISSUER_DN
+ipaca:CmapLdapAttr      seeAlso
+ipaca:verifycert        on