Previous Topic: Example 1

Next Topic: Example 3

Example 2

The custom mapping syntax also handles more complex mappings, as illustrated in the example:

If the user's certificate contains:

Subject DN: CN=John Smith + UID=jsmith +EMAIL=jsmith@companyA.com, ou=development, o=companyA

You can specify the following custom mapping:

CN=%{CN.CN}+UID=%{CN.UID}, OU=%{O}

The resulting UserDN is:

CN=John Smith+UID=JSMITH, OU=companyA

In the above example, the CN contained multiple attributes. The syntax indicated which components of the CN to take and apply to the UserDN's CN. This was done by specifying "CN.CN or CN.UID" This syntax indicates that the custom expression uses both the CN and UID parts of the CN.

Note: You cannot use the "+" operator to disambiguate multiple attributes in a user directory. The "+" operator is used like any other character in the user DN for a user that is present in the user directory.


Copyright © 2010 CA. All rights reserved. Email CA about this topic