pki/base/kra/shared/conf/db.ldif


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107

dn: ou=people,{rootSuffix}
objectClass: top
objectClass: organizationalUnit
ou: people
aci: (targetattr!="userPassword")(version 3.0; acl "Enable anonymous access"; allow (read, search, compare)userdn="ldap:///anyone";)

dn: ou=groups,{rootSuffix}
objectClass: top
objectClass: organizationalUnit
ou: groups

dn: cn=Data Recovery Manager Agents,ou=groups,{rootSuffix}
objectClass: top
objectClass: groupOfUniqueNames
cn: Data Recovery Manager Agents
description: Agents for Data Recovery Manager

dn: cn=Subsystem Group, ou=groups, {rootSuffix}
objectClass: top
objectClass: groupOfUniqueNames
cn: Subsystem Group
description: Subsystem Group

dn: cn=Trusted Managers,ou=groups,{rootSuffix}
objectClass: top
objectClass: groupOfUniqueNames
cn: Trusted Managers
description: Managers trusted by this PKI instance

dn: cn=Administrators,ou=groups,{rootSuffix}
objectClass: top
objectClass: groupOfUniqueNames
cn: Administrators
description: People who manage the Certificate System

dn: cn=Auditors,ou=groups,{rootSuffix}
objectClass: top
objectClass: groupOfUniqueNames
cn: Auditors
description: People who can read the signed audits

dn: cn=ClonedSubsystems,ou=groups,{rootSuffix}
objectClass: top
objectClass: groupOfUniqueNames
cn: ClonedSubsystems
description: People who can clone the master subsystem

dn: ou=requests,{rootSuffix}
objectClass: top
objectClass: organizationalUnit
ou: requests

dn: cn=crossCerts,{rootSuffix}
cn: crossCerts
sn: crossCerts
objectClass: top
objectClass: person
objectClass: pkiCA
cACertificate;binary:
authorityRevocationList;binary:
certificateRevocationList;binary:
crossCertificatePair;binary:

dn: ou=kra, {rootSuffix}
objectclass: top
objectclass: organizationalUnit
ou: kra

dn: ou=keyRepository, ou=kra, {rootSuffix}
objectclass: top
objectclass: repository
ou: keyRepository
serialno: 010

dn: ou=kra, ou=requests, {rootSuffix}
objectclass: top
objectclass: repository
ou: kra
serialno: 010

dn: ou=replica,{rootSuffix}
objectClass: top
objectClass: repository
ou: replica
serialno: 010
nextRange: 1000

dn: ou=ranges,{rootSuffix}
objectClass: top
objectClass: organizationalUnit
ou: ranges

dn: ou=replica, ou=ranges,{rootSuffix}
objectClass: top
objectClass: organizationalUnit
ou: replica

dn: ou=requests, ou=ranges,{rootSuffix}
objectClass: top
objectClass: organizationalUnit
ou: requests

dn: ou=keyRepository, ou=ranges,{rootSuffix}
objectClass: top
objectClass: organizationalUnit
ou: certificateRepository