CA Top Secret Distinguished Names

The CA LDAP Server uses distinguished names (DNs) to specify each object. A DN is an object name that contains the name of all other entries in its path.
cszscss
The CA LDAP Server uses distinguished names (DNs) to specify each object. A DN is an object name that contains the name of all other entries in its path.
When using the CA Top Secret interface, the format of the DNs must contain certain attributes to match the CA Top Secret structure. See the following Objectclass Hierarchy for the DN syntax of each object.
When configuring the CA LDAP Server, each security database that is accessed with the CA LDAP Server must have a unique suffix parameter. The suffix parameter is how the CA LDAP Server decides what database services each CA LDAP Server request that it receives.
You can also use dynamic suffix values. With a dynamic suffix value, the CA LDAP Server substitutes. the correct suffix parameter for each system as it is accessed. For more information about dynamic suffix values, see
Dynamic Suffix Values
in
Customize the Slapd Configuration File
.
Examples
If the suffix value for your production CA Top Secret is configured as:
Suffix host=production, o=companyx, c=us
To retrieve the details of a user ID (ACID) from the production database, the DN would be as follows:
tssacid=ACID_HERE, tssadmingrp=acids, host=production, o=companyx, c=us