1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
# File: ~/.config/read-cert-template.conf
# If you know the whole oid, chop off the M$ part, and the first number (awk $10) is this identifier. Technically it is not enough to identify the exact PKI instance, but it is good enough for this!
# You can just use RCT_ALIAS= if you do not want to define per-domain settings.
RCT_ALIAS_1234567=""
RCT_LDAPSERVER_1234567=ldaps://locale1.example.corp
# the "CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration," will be added to this:
RCT_LDAPBASE_1234567="DC=example,DC=corp"
# because i struggled with escaped spaces around this stuff
RCT_LDAPAUTH1_1234567="-x -w $( printf '%s' 'base64dPwHere' | base64 -d )"
RCT_LDAPAUTH2_1234567="-D CN=Service Account 23498,OU=Accounts,DC=locale2,DC=example,DC=corp"
RCT_ALIAS_4928234="DEV"
RCT_LDAPSERVER_4928234=ldaps://locale2.example.corp
# the "CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration," will be added to this:
RCT_LDAPBASE_4928234="DC=locale2,DC=example,DC=corp"
# because i struggled with escaped spaces around this stuff
RCT_LDAPAUTH1_4928234="-x -w $( printf '%s' 'SecurityHatesMe' | base64 -d )"
RCT_LDAPAUTH2_4928234="-D CN=Service Account 5822,OU=Accounts,DC=locale2,DC=example,DC=corp"
|
