From 2a0b3a4f1d16ad0afa36cf62ddce4f8eb44f287c Mon Sep 17 00:00:00 2001
From: Timothy Pearson <kb9vqf@pearsoncomputing.net>
Date: Mon, 1 Jul 2013 19:05:32 +0000
Subject: Add initial support for realm-wide certificate authority certificates

---
 confskel/openldap/ldif/tde-core.ldif | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'confskel')

diff --git a/confskel/openldap/ldif/tde-core.ldif b/confskel/openldap/ldif/tde-core.ldif
index a823c46..75be21f 100644
--- a/confskel/openldap/ldif/tde-core.ldif
+++ b/confskel/openldap/ldif/tde-core.ldif
@@ -24,8 +24,10 @@ olcAttributeTypes: {15} ( 1.3.6.1.4.1.40364.1.1.16 NAME 'builtinRealmAdminAccoun
 olcAttributeTypes: {16} ( 1.3.6.1.4.1.40364.1.1.17 NAME 'builtinRealmAdminGroup' DESC 'Built-in realm administrative group distinguished name' SUP name )
 olcAttributeTypes: {17} ( 1.3.6.1.4.1.40364.1.1.18 NAME 'builtinMachineAdminGroup' DESC 'Built-in local machine administrative group distinguished name' SUP name )
 olcAttributeTypes: {18} ( 1.3.6.1.4.1.40364.1.1.19 NAME 'builtinStandardUserGroup' DESC 'Built-in standard user group distinguished name' SUP name )
+# Used for storing certificate management settings
+olcAttributeTypes: {19} ( 1.3.6.1.4.1.40364.1.1.20 NAME 'publicRootCertificateOriginServer' DESC 'Certificate authority root certificate origin server' SUP name )
 olcObjectClasses: {0} ( 1.3.6.1.4.1.40364.1.2.1 NAME 'tdeExtendedUserData' SUP top AUXILIARY MAY ( website
  URL $ managerName $ secretaryName $ teletexId $ preferredDelivery $ locallyUniqueID $ notes $ pwdLastSet $ badPwdCount $ badPasswordTime $ lastLogon $ lastLogoff ) )
 olcObjectClasses: {1} ( 1.3.6.1.4.1.40364.1.2.2 NAME 'tdeAccountObject' SUP top AUXILIARY MAY tdeBuiltinAccount )
-olcObjectClasses: {2} ( 1.3.6.1.4.1.40364.1.2.3 NAME 'tdeCertificateStore' SUP top AUXILIARY MAY ( tdeBuiltinAccount $ publicRootCertificate $ privateRootCertificateKey ) )
+olcObjectClasses: {2} ( 1.3.6.1.4.1.40364.1.2.3 NAME 'tdeCertificateStore' SUP top AUXILIARY MAY ( tdeBuiltinAccount $ publicRootCertificate $ privateRootCertificateKey $ publicRootCertificateOriginServer ) )
 olcObjectClasses: {3} ( 1.3.6.1.4.1.40364.1.2.4 NAME 'tdeBuiltinStore' SUP top AUXILIARY MAY ( tdeBuiltinAccount $ builtinRealmAdminAccount $ builtinRealmAdminGroup $ builtinMachineAdminGroup $ builtinStandardUserGroup ) )
\ No newline at end of file
-- 
cgit v1.2.3