archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/ds/security/services/ca/ocmsetup/ansrfile/policy.inf

220 lines
7.4 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. [Version]
  2. Signature= "$Windows NT$"
  4. ; ===========================================================
  5. ; Request Attributes
  6. ; top level section
  7. ; ===========================================================
  9. [RequestAttributes]
  10. AttributeName1 = AttributeValue1
  11. AttributeName2 = AttributeValue2
  13. ; ===========================================================
  14. ; NameConstraintsExcluded Name Constraints Extension
  15. ; szOID_NAME_CONSTRAINTS 2.5.29.30
  16. ; top level section
  17. ; ===========================================================
  19. [NameConstraintsExtension]
  20. Include = NameConstraintsPermitted
  21. Exclude = NameConstraintsExcluded
  22. Critical = FaLse
  24. [NameConstraintsPermitted]
  25. ; list of user defined permitted DNS names
  26. ; the numeric second and third arguments are optional
  27. ; when present, the second argument is the minimum depth
  28. ; when present, the third argument is the maximum depth
  29. ; NOTE: Crypto APIs fail to process cert chains when the minimum or maximum
  30. ; depth is specified!
  32. DNS = [email protected]
  33. DNS = domain1.domain.com
  35. email=[email protected]
  37. UPN=[email protected]
  39. ; the first is an IP address, the second is an IP address mask
  41. IPADDRESS=255.255.18.172,255.255.255.0
  42. ipaddress=::255.255.18.172,::255.255.255.0
  43. ipaddress=1234:5678:9abc:def0:3210:7654:ba98:fedc,1234:5678:9abc:def0:3210:7654:ba98:fedc
  44. ipaddress=::5678:9abc:def0:3210:7654:ba98:fedc,1234:5678:9abc:def0:3210:7654:ba98:fedc
  45. ipaddress=1234::def0:3210:7654:ba98:fedc,1234:5678:9abc:def0:3210:7654:ba98:fedc
  46. ipaddress=1234:5678:9abc:def0:3210:7654:ba98::,1234:5678:9abc:def0:3210:7654:ba98:fedc
  47. ipaddress=1234:5678:9abc:def0:3210:7654::,1234:5678:9abc:def0:3210:7654:ba98:fedc
  49. OtherName=1.2.3.4.99.100,{utf8}ssss
  50. OtherName=1.2.3.4.99.101,{octet}ABCD
  51. OtherName=1.2.3.4.99.102,"{asn}BAgAAQIDBAUGBw=="
  52. OtherName=1.2.3.4.99.108
  54. RegisteredId=1.2.3.4.5.6.7.8.999
  56. url=http://localhost/certsrv/default.html
  57. url=file://\\localhost\certsrv\default.html
  58. DIRECTORYNAME = "cn=mycn,ou=myou,s=mystate,c=us"
  60. [NameConstraintsExcluded]
  61. ; list of user defined excluded DNS names
  62. DNS = domain.com
  63. IPADDRESS=255.255.18.172,255.255.255.0
  64. IPADDRESS=1.2.3.4,255.254.253.0
  66. ; ===========================================================
  67. ; Policy (CPS) Extension
  68. ; szOID_CERT_POLICIES 2.5.29.32
  69. ; top level section
  70. ; ===========================================================
  72. [PolicyStatementExtension]
  73. ; list of user defined policies
  74. Policies = LegalPolicy, LimitedUsePolicy, ExtraPolicy, OIDPolicy
  75. CRITICAL = FALSE
  77. [LegalPolicy]
  78. ; each policy has one OID, and zero or more Notice and URL keys
  79. OID = 1.3.6.1.4.1.311.21.43
  81. ; Stay away from the maximum line length of about 512 characters,
  82. ; including the "Notice = "
  83. ; Notice text may be continued as needed:
  84. Notice = "Legal"
  85. _continue_ = " policy"
  86. _continue_ = " statement"
  87. _continue_ = " text."
  89. [LimitedUsePolicy]
  90. OID = 1.3.6.1.4.1.311.21.47
  91. URL = "http://http.site.com/some where/default.asp"
  92. URL = "ftp://ftp.site.com/some where else/default.asp"
  93. Notice = "Limited use policy statement text."
  94. URL = "ldap://ldap.site.com/some where else again/default.asp"
  96. [ExtraPolicy]
  97. OID = 1.3.6.1.4.1.311.21.53
  98. URL = http://extra.site.com/Extra Policy/default.asp
  100. [oidpolicy]
  101. OID = 1.3.6.1.4.1.311.21.55
  103. ; ===========================================================
  104. ; Policy Mapping Extension
  105. ; szOID_POLICY_MAPPINGS 2.5.29.33
  106. ; top level section
  107. ; ===========================================================
  109. [PolicyMappingsExtension]
  110. ; list of user defined policy mappings
  111. ; first OID is Issuer Domain Policy OID, second is Subject Domain Policy OID
  112. ; each entry maps one foreign policy OID to local
  113. 1.3.6.1.4.1.311.21.53 = 1.2.3.4.87
  114. 1.3.6.1.4.1.311.21.54 = 1.2.3.4.89
  115. critical = nO
  117. ; ===========================================================
  118. ; Policy Constraints Extension
  119. ; szOID_POLICY_CONSTRAINTS 2.5.29.36
  120. ; top level section
  121. ; ===========================================================
  123. [PolicyConstraintsExtension]
  124. ; consists of two optional DWORDs
  125. ; They refer to the depth of the CA hierarchy that requires explicit policy
  126. ; and inhibits Policy Mapping
  127. RequireExplicitPolicy = 3
  128. InhibitPolicyMapping = 5
  130. ; ===========================================================
  131. ; Application Policy (CPS) Extension
  132. ; szOID_APPLICATION_CERT_POLICIES 1.3.6.1.4.1.311.21.10
  133. ; top level section
  134. ; ===========================================================
  136. [ApplicationPolicyStatementExtension]
  137. ; list of user defined policies
  138. Policies = AppLegalPolicy, AppLimitedUsePolicy, AppExtraPolicy, AppOIDPolicy
  139. CRITICAL = FALSE
  141. [AppLegalPolicy]
  142. ; each policy has one OID, and zero or more Notice and URL keys
  143. OID = 1.3.6.1.4.1.311.21.54
  144. Notice = "Application Legal policy statement text"
  146. [AppLimitedUsePolicy]
  147. OID = 1.3.6.1.4.1.311.21.58
  148. URL = "http://http.site.com/application some where/default.asp"
  149. URL = "ftp://ftp.site.com/application some where else/default.asp"
  150. Notice = "Application Limited use policy statement text."
  151. URL = "ldap://ldap.site.com/application some where else again/default.asp"
  153. [AppExtraPolicy]
  154. OID = 1.3.6.1.4.1.311.21.64
  155. URL = http://extra.site.com/Application Extra Policy/default.asp
  157. [Appoidpolicy]
  158. OID = 1.3.6.1.4.1.311.21.66
  160. ; ===========================================================
  161. ; Application Policy Mapping Extension
  162. ; szOID_APPLICATION_POLICY_MAPPINGS 1.3.6.1.4.1.311.21.11
  163. ; top level section
  164. ; ===========================================================
  166. [ApplicationPolicyMappingsExtension]
  167. ; list of user defined application policy mappings
  168. ; first OID is Issuer Domain Policy OID, second is Subject Domain Policy OID
  169. ; each entry maps one foreign policy OID to local
  170. 1.3.6.1.4.1.311.21.64 = 1.2.3.4.98
  171. 1.3.6.1.4.1.311.21.65 = 1.2.3.4.100
  172. critical = 0
  174. ; ===========================================================
  175. ; Application Policy Constraints Extension
  176. ; szOID_APPLICATION_POLICY_CONSTRAINTS 1.3.6.1.4.1.311.21.12
  177. ; top level section
  178. ; ===========================================================
  180. [ApplicationPolicyConstraintsExtension]
  181. ; consists of two optional DWORDs
  182. ; They refer to the depth of the CA hierarchy that requires explicit policy
  183. ; and inhibits Policy Mapping
  184. RequireExplicitPolicy = 6
  185. InhibitPolicyMapping = 10
  187. ; ===========================================================
  188. ; Basic Constraints Extension
  189. ; szOID_BASIC_CONSTRAINTS2 2.5.29.19
  190. ; top level section
  191. ; ===========================================================
  193. [BasicConstraintsExtension]
  194. ; Subject Type is not supported always set to CA
  195. ; maximum subordinate CA path length
  196. PathLength = 3
  198. [EnhancedKeyUsageExtension]
  199. ;OID = 1.3.6.1.4.1.311.21.6 ; szOID_KP_KEY_RECOVERY_AGENT
  200. ;OID = 1.3.6.1.4.1.311.10.3.9 ; szOID_ROOT_LIST_SIGNER
  201. ;OID = 1.3.6.1.4.1.311.10.3.1 ; szOID_KP_CTL_USAGE_SIGNING
  202. ; The following match the [ApplicationPolicyStatementExtension] section:
  203. OID = 1.3.6.1.4.1.311.21.54
  204. OID = 1.3.6.1.4.1.311.21.58
  205. OID = 1.3.6.1.4.1.311.21.64
  206. OID = 1.3.6.1.4.1.311.21.66
  207. CriticAL = faLSe
  209. ; ===========================================================
  210. ; Cross Certificate Distribution Points Extension
  211. ; szOID_CROSS_CERT_DIST_POINTS 1.3.6.1.4.1.311.10.9.1
  212. ; top level section
  213. ; ===========================================================
  215. [CrossCertificateDistributionPointsExtension]
  216. SyncDeltaTime = 24
  217. URL = http://%1/Public/My CA.crt
  218. URL = ftp://foo.com/Public/MyCA.crt
  219. URL = file://\\%1\Public\My CA.crt
  220. CriticAL = falSe