Publishing certificates with multiple OU values
Originally Published: 2003-01-07
Article Number
Applies To
Sun Solaris 2.8
Microsoft Windows 2000
Issue
confirmEntry: unable to locate or add entry [CN=John Doe, OU=IT Dept, OU=Security, OU=Acme Class3 CA, O=Acme Inc., dc=cert,dc=acme, dc=com]
Cause
dc=cert,dc=acme, dc=com
O=Acme Inc.
OU=Acme Class3 CA
The external publishing of Keon Certificate Authority has been configured as follows:
Base DN: dc=cert,dc=acme, dc=com
Certificate DN: CN,OU,O
A bug in version 6.0.2 allowed certificates with multiple OU values to be published to this point; the bug has now been corrected in KCA 6.5, and the same publishing scheme will value the given error.
Resolution
Base DN: OU=Acme Class3 CA,O=Acme Inc.,dc=cert,dc=acme, dc=com
Certificate DN: CN
This will now mean that only the CN value is used from the certificate and will publish to the OU=Acme Class3 CA part of your tree.
Workaround
Related Articles
How to publish CA certificate and user certificate under the same OU ? Number of Views Leaver Rule–Deprovision is not moving Disabled Accounts to the Disabled OU in RSA Governance & Lifecycle Number of Views How to Include or Exclude an Active Directory OU from the Microsoft LDAP directory on RSA Authentication Manager 8.x Number of Views Role Review Finish button is enabled for a reviewed deleted Role in RSA Governance & Lifecycle Number of Views Types of Session Lifetime Limits Number of Views
Trending Articles
Troubleshooting RSA SecurID Access Identity Router to RSA Authentication Manager test connection failures RSA SecurID Software Token 5.0.2 Downloads for Microsoft Windows RSA Authentication Manager 8.9 Release Notes (January 2026) Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory RSA Authentication Manager 8.8 Setup and Configuration Guide
Don't see what you're looking for?
