1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
|
dn: ou=people,{rootSuffix}
objectClass: top
objectClass: organizationalUnit
ou: people
aci: (targetattr!="userPassword")(version 3.0; acl "Enable anonymous access"; allow (read, search, compare)userdn="ldap:///anyone";)
dn: ou=groups,{rootSuffix}
objectClass: top
objectClass: organizationalUnit
ou: groups
dn: cn=Certificate Manager Agents,ou=groups,{rootSuffix}
objectClass: top
objectClass: groupOfUniqueNames
cn: Certificate Manager Agents
description: Agents for Certificate Manager
dn: cn=Registration Manager Agents,ou=groups,{rootSuffix}
objectClass: top
objectClass: groupOfUniqueNames
cn: Registration Manager Agents
description: Agents for Registration Manager
dn: cn=Subsystem Group, ou=groups, {rootSuffix}
objectClass: top
objectClass: groupOfUniqueNames
cn: Subsystem Group
description: Subsystem Group
dn: cn=Trusted Managers,ou=groups,{rootSuffix}
objectClass: top
objectClass: groupOfUniqueNames
cn: Trusted Managers
description: Managers trusted by this PKI instance
dn: cn=Administrators,ou=groups,{rootSuffix}
objectClass: top
objectClass: groupOfUniqueNames
cn: Administrators
description: People who manage the Certificate System
dn: cn=Auditors,ou=groups,{rootSuffix}
objectClass: top
objectClass: groupOfUniqueNames
cn: Auditors
description: People who can read the signed audits
dn: cn=ClonedSubsystems,ou=groups,{rootSuffix}
objectClass: top
objectClass: groupOfUniqueNames
cn: ClonedSubsystems
description: People who can clone the master subsystem
dn: cn=Security Domain Administrators,ou=groups,{rootSuffix}
objectClass: top
objectClass: groupOfUniqueNames
cn: Security Domain Administrators
description: People who are the Security Domain administrators
dn: cn=Enterprise CA Administrators,ou=groups,{rootSuffix}
objectClass: top
objectClass: groupOfUniqueNames
cn: Enterprise CA Administrators
description: People who are the administrators for the security domain for CA
dn: cn=Enterprise KRA Administrators,ou=groups,{rootSuffix}
objectClass: top
objectClass: groupOfUniqueNames
cn: Enterprise KRA Administrators
description: People who are the administrators for the security domain for KRA
dn: cn=Enterprise OCSP Administrators,ou=groups,{rootSuffix}
objectClass: top
objectClass: groupOfUniqueNames
cn: Enterprise OCSP Administrators
description: People who are the administrators for the security domain for OCSP
dn: cn=Enterprise TKS Administrators,ou=groups,{rootSuffix}
objectClass: top
objectClass: groupOfUniqueNames
cn: Enterprise TKS Administrators
description: People who are the administrators for the security domain for TKS
dn: cn=Enterprise RA Administrators,ou=groups,{rootSuffix}
objectClass: top
objectClass: groupOfUniqueNames
cn: Enterprise RA Administrators
description: People who are the administrators for the security domain for RA
dn: cn=Enterprise TPS Administrators,ou=groups,{rootSuffix}
objectClass: top
objectClass: groupOfUniqueNames
cn: Enterprise TPS Administrators
description: People who are the administrators for the security domain for TPS
dn: ou=requests,{rootSuffix}
objectClass: top
objectClass: organizationalUnit
ou: requests
dn: cn=crossCerts,{rootSuffix}
cn: crossCerts
sn: crossCerts
objectClass: top
objectClass: person
objectClass: pkiCA
cACertificate;binary:
authorityRevocationList;binary:
certificateRevocationList;binary:
crossCertificatePair;binary:
dn: ou=ca,{rootSuffix}
objectClass: top
objectClass: organizationalUnit
ou: ca
dn: ou=certificateRepository,ou=ca,{rootSuffix}
objectClass: top
objectClass: repository
ou: certificateRepository
serialno: 011
dn: ou=crlIssuingPoints,ou=ca,{rootSuffix}
objectClass: top
objectClass: repository
ou: crlIssuingPoints
serialno: 010
dn: ou=ca, ou=requests,{rootSuffix}
objectClass: top
objectClass: repository
ou: ca
serialno: 010
publishingStatus: -2
dn: ou=replica,{rootSuffix}
objectClass: top
objectClass: repository
ou: replica
serialno: 010
nextRange: 1000
dn: ou=ranges,{rootSuffix}
objectClass: top
objectClass: organizationalUnit
ou: ranges
dn: ou=replica, ou=ranges,{rootSuffix}
objectClass: top
objectClass: organizationalUnit
ou: replica
dn: ou=requests, ou=ranges,{rootSuffix}
objectClass: top
objectClass: organizationalUnit
ou: requests
dn: ou=certificateRepository, ou=ranges,{rootSuffix}
objectClass: top
objectClass: organizationalUnit
ou: certificateRepository
|