On Nov 9, 2005, at 8:39 AM, John Anthony Grigutis wrote:
My understanding was that "all" items means that DS will only
return objects in that search base (cn= certificateauthorities,…)
that have all those items as objectClasses. If there is an object
with only a class of organizationalUnit it won't return it,
likewise if there is an object that only has a class of
certificationAuthority it won't return it. But as long as the
object has both classes, it'll be returned by DS. This is what I
have and it works for me in dscl without having to modify the
mappings or the default container. It just doesn't appear in
Keychain Access.
I might submit this question to Developer Technical Support and see
if they know how to get Keychain Access to see it.
I think the two are unrelated.
When you turn on DS debugging and see what KCA is doing it's looking
for dsRecTypeStandard:Users and dsRecTypeStandard:People
I think its looking for personal x509 certs. Probably the
UserCertificate/userCertificate (Standard / Native) attrib.
-mb _______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden
