新しい仕様のディレクトリ構築を、手動にて行いました。以下に手順を載せます。
1.エントリー追加のLDIFデータ作成
$ vi testdata.ldif
****************************************************************************************************************
dn: O=CACAnet Fukuoka,C=JP
objectClass: top
objectClass: organization
o: CACAnet Fukuoka
dn: O=Members RAA,O=CACAnet Fukuoka,C=JP
objectClass: top
objectClass: organization
o: CACAnet Fukuoka
o: Members RAA
dn: OU=admin,O=Members RAA,O=CACAnet Fukuoka,C=JP
objectClass: top
objectClass: organizationalUnit
ou: admin
dn: Email=yamamie@cacanet.org,OU=admin,O=Members RAA,O=CACAnet Fukuoka,C=JP
objectClass: top
objectClass: inetOrgPerson
sn: YAMAMURA
cn: YAMAMURA Tomohiro
mail: yamamie@cacanet.org
dn: CN=YAMAMURA Tomohiro,Email=yamamie@cacanet.org,OU=admin,O=Members RAA,O=CACA
net Fukuoka,C=JP
objectClass: top
objectClass: inetOrgPerson
sn: YAMAMURA
cn: YAMAMURA Tomohiro
mail: yamamie@cacanet.org
****************************************************************************************************************
2.上記エントリーをディレクトリサーバに追加。
$ /CACAnet/app/openldap/bin/ldapadd -H 'ldap://ldap.cacanet.org/' -W -D 'cn=Manager,o=CACAnet Fukuoka,c=JP' -f testdata.ldif
Password:********
3.DER形式の証明書データを準備し、上記ディレクトリエントリーのuserCertificate;binary属性に追加するLDIFデータを作成。
$ vi cert.ldif
****************************************************************************************************************
dn: CN=YAMAMURA Tomohiro,Email=yamamie@cacanet.org,OU=admin,O=Members RAA,O=CACAnet Fukuoka,C=JP
objectClass: top
objectClass: inetOrgPerson
sn: YAMAMURA
cn: YAMAMURA Tomohiro
mail: yamamie@cacanet.org
userCertificate;binary:< file:///home/tashiro/temp/yamasaki_raa.der
****************************************************************************************************************
3.DER形式の証明書データを準備し、上記のディレクトリエントリーの属性に追加。
$ /CACAnet/app/openldap/bin/ldapmodify -H 'ldap://ldap.cacanet.org/' -W -D 'cn=M
anager,o=CACAnet Fukuoka,c=JP' -f cert.ldif
4.メールアドレスにて検索を実行。
$ /CACAnet/app/openldap/bin/ldapsearch -H 'ldap://ldap.cacanet.org/' -b 'o=CACAnet Fukuoka, c=JP' '(mail=yamamie@cacanet.org)' 'userCertificate;binary'
dn: Email=yamamie@cacanet.org,OU=admin,O=Members RAA,O=CACAnet Fukuoka,C=JP
dn: CN=YAMAMURA Tomohiro,Email=yamamie@cacanet.org,OU=admin,O=Members RAA,O=CA
CAnet Fukuoka,C=JP
userCertificate;binary:: MIIGlDCCBXygAwIBAgIQVrmhowWHM8JSaCB2a5383DANBgkqhkiG9
w0BAQUFADBbMQswCQYDVQQGEwJKUDEYMBYGA1UEChMPQ0FDQW5ldCBGdWt1b2thMQswCQYDVQQLEw
JDQTElMCMGA1UEAxMcQ0FDQW5ldCBGdWt1b2thIENvbW11bml0eSBDQTAeFw0wNDAxMTAwODMxNDZ
aFw0wNTAxMDkwODMxNDZaMIGqMQswCQYDVQQGEwJKUDEYMBYGA1UEChMPQ0FDQW5ldCBGdWt1b2th
MRQwEgYDVQQKEwtNZW1iZXJzIFJBQTEMMAoGA1UECxMDUkFBMQowCAYDVQQLEwEwMQ8wDQYDVQQLE
wZwZXJzb24xHTAbBgNVBAMTFFlBTUFTQUtJIFNoaWdlaWNoaXJvMSEwHwYJKoZIhvcNAQkBFhJ0b2
50b25AY2FjYW5ldC5vcmcwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMUPRhicle6yJgmetoL
SuqIE5Cfi3j2+DAjvhvQxERmkaaXzsiACYj9t1H0XXzrTTmCU7WBs8YOdQ4tZAanBIuyDk0KvMVqT
Wt62kqncuBtRyPO5fMNLlXmSAyMDj1LHC414g/bCHZgmP7gQ14CwGMUpHNociSMxg5+JCJowyXDrA
gMBAAGjggOGMIIDgjAdBgNVHQ4EFgQUYcGu6Wl2MlpyO0V12mzt4CnHLyMwgYMGA1UdIwR8MHqAFC
hGpymnO6zDaARmetOMUKPHdijjoV+kXTBbMQswCQYDVQQGEwJKUDEYMBYGA1UEChMPQ0FDQW5ldCB
GdWt1b2thMQswCQYDVQQLEwJDQTElMCMGA1UEAxMcQ0FDQW5ldCBGdWt1b2thIENvbW11bml0eSBD
QYIBADAOBgNVHQ8BAf8EBAMCA/gwMQYDVR0lBCowKAYIKwYBBQUHAwIGCCsGAQUFBwMDBggrBgEFB
QcDBAYIKwYBBQUHAwgwHQYDVR0RBBYwFIESdG9udG9uQGNhY2FuZXQub3JnMIGBBgNVHR8EejB4MD
qgOKA2hjRodHRwOi8vd3d3LmNhY2FuZXQub3JnL0NvbW11bml0eUNBL01lbWJlcnNSQUEtdjEuY3J
sMDqgOKA2hjRodHRwOi8vd3d3LmNhY2FuZXQub3JnL0NvbW11bml0eUNBL01lbWJlcnNSQUEtdjIu
Y3JsMIIB8wYDVR0gBIIB6jCCAeYwgesGCgKDOIybHAAAAAAwgdwwNwYIKwYBBQUHAgEWK2h0dHA6L
y93d3cuY2FjYW5ldC5vcmcvQ29tbXVuaXR5Q0EvQ1BTLmh0bWwwgaAGCCsGAQUFBwICMIGTMEgWQU
NpdGl6ZW4ncyBBc3NvY2lhdGlvbiBmb3IgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgTmV0d29yayB
GdWt1b2thMAMCAQEaR1RoaXMgY2VydGlmaWNhdGUgaXMgaXNzdWVkIGZvciB5b3VyIFBLSSBhcyBh
IG5vbi1wcm9maXQgcHVibGljIHNlcnZpY2UuMIH1BgoCgziMmxwAAAEAMIHmMEEGCCsGAQUFBwIBF
jVodHRwOi8vd3d3LmNhY2FuZXQub3JnL0NvbW11bml0eUNBL01lbWJlcnNSQUFDUFMuaHRtbDCBoA
YIKwYBBQUHAgIwgZMwSBZBQ2l0aXplbidzIEFzc29jaWF0aW9uIGZvciBDZXJ0aWZpY2F0aW9uIEF
1dGhvcml0eSBOZXR3b3JrIEZ1a3Vva2EwAwIBARpHVGhpcyBjZXJ0aWZpY2F0ZSBpcyBpc3N1ZWQg
Zm9yIHlvdXIgUEtJIGFzIGEgbm9uLXByb2ZpdCBwdWJsaWMgc2VydmljZS4wDQYJKoZIhvcNAQEFB
QADggEBAMIGxzxMMbgBL/DqfMPnGYMGSHh4wLumuVfE/gxXH/OX2Bvv2Uec/Ov6vSywU/BnC170Ox
7T33LTZ3fnthyE6GC3Q5cYxdQhahPl6i0Ghk0tC2a6NqB0Bjfvxd1patILXy9mmRb6VHeCEx4qfQo
MKsEN97YnweafR459feR+QdQ5qEBsAtspP8OfAdLPMSiz3dZX4inFA8/QyBCazdfXdqnvIo3xL+sa
RiuY4uA3Z402n6GwbPczjFHcTsFS51oHmHXkc255eocICPcBXIkMySw5btfcQcuhEep2p0BGv0Oq3
cdGJPDcUSo5GNKeRrSZbN2WM3HMVzPnQ5JgoXdCTwg=