Novell TIDs

2007, 2024 Oskar Wagner

| Start | Information | TIDs | Novell

CRL Configuration Object

LDAP Mapping

The standard LDAP type for Certificate Revocation Lists limits the size of the CRL to 64 KB. To change this limitation, you must create the CRL directory entries with Novell-defined types. In order for the LDAP distribution points to be found, you must map the standard LDAP types to the Novell LDAP types by doing the following:

  1. Launch Novell iManager.
  2. Log in to the eDirectory as an administrator with the appropriate rights.
  3. From the Roles and Tasks menu, select LDAP > LDAP Options.
  4. Click the View LDAP Groups tab, then select the LDAP group that needs to be mapped.
  5. Click the General tab, then select the Attribute Map page.
  6. Edit authorityRevocationList and set the Primary LDAP Attribute to ndspkiauthorityRevocationList.
  7. Edit certificateRevocationList and set the Primary LDAP Attribute to ndspkicertificateRevocationList.
  8. Edit deltaRevocationList and set the Primary LDAP Attribute to ndspkideltaRevocationList.
  9. Click OK.
  10. From the Roles and Tasks menu, select LDAP > LDAP Options.
  11. Click the View LDAP Servers tab, then select the server that hosts the LDAP distribution point.
  12. Click the General tab, then select the Information page.
  13. Click the refresh button.
    This will restart the LDAP service and it will begin using the correct mapping for the CRL attributes.

For more information on LDAP management, see Configuring LDAP Services for Novell eDirectory (http://www.novell.com/documentation/edir88/edir88/data/ahlmb7h.html) in the eDirectory Administration Guide.