Manualshelf

System information

ManualsBrandsRed Hat ManualsComputer equipmentNETSCAPE DIRECTORY SERVER 7.0 - PLUG-IN
21222324252627282930
Known Issues and Limitations
Part Number 817-5216 Page 23 of 32
Previously the LDAPv2 protocol specified that the attribute should be xxxxx (where xxxxx is one of:
UserCertificate, CACertificate, CertificateRevocationList,
AuthorityRevocationList, or CrossCertificatePair.) whereas the LDAPv3 protocol
specifies that the attribute should be xxxxx;binary. Directory Server considered the values associated
with xxxxx;binary and xxxxx as two different values. In practice, this was not always what was
required.
The new configuration attribute
nsslapd-binary-mode
has been created to change this behavior and can
have one of the following three values:
compat51 is the default value and provides the original behavior. xxxxx and xxxxx;binary refer to distinct
values (where xxxxx is one of: UserCertificate, CACertificate,
CertificateRevocationList, AuthorityRevocationList, or CrossCertificatePair.)
auto implies that the server considers xxxxx and xxxxx;binary as the same attribute. Searches return
either the attribute specifically requested or xxxxx in LDAPv2 and xxxxx;binary in LDAPv3.
strict is the same as auto except that requests that do not conform are rejected with an INVALID
PROTOCOL error (reject ;binary subtype in an LDAPv2 request or without subtype in an LDAPv3
request.)
DN normalization puts everything in lower case, by not taking attribute syntax and the associated
matching rule into account, thus restricting user entry possibilities (#4933500)
When the nsslapd-rewrite-rfc1274 attribute is turned on, the translation of userCertificate;binary and
caCertificate;binary attributes is done from LDAP v2 to LDAP v3 instead of from v3 to v2 (#4861499)
Directory Server Console
The console does not support passwords containing a colon (#4535932)
The console does not support passwords containing a colon (:).
Workaround
Do not use colons in passwords.
The console and external security devices (#4795512)
The console does not support the management of external security devices, such as Sun Crypto
Accelerator 1000 Board.
Workaround
External security devices must be managed via the command line.