archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
 
 
 
 
 
 
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/ds/security/services/ca/ocmsetup/ansrfile/policy.inf

220 lines
7.4 KiB
Raw Blame History

[Version]
Signature= "$Windows NT$"
; ===========================================================
; Request Attributes
; top level section
; ===========================================================
[RequestAttributes]
AttributeName1 = AttributeValue1
AttributeName2 = AttributeValue2
; ===========================================================
; NameConstraintsExcluded Name Constraints Extension
; szOID_NAME_CONSTRAINTS 2.5.29.30
; top level section
; ===========================================================
[NameConstraintsExtension]
Include = NameConstraintsPermitted
Exclude = NameConstraintsExcluded
Critical = FaLse
[NameConstraintsPermitted]
; list of user defined permitted DNS names
; the numeric second and third arguments are optional
; when present, the second argument is the minimum depth
; when present, the third argument is the maximum depth
; NOTE: Crypto APIs fail to process cert chains when the minimum or maximum
; depth is specified!
DNS = [email protected]
DNS = domain1.domain.com
email=[email protected]
UPN=[email protected]
; the first is an IP address, the second is an IP address mask
IPADDRESS=255.255.18.172,255.255.255.0
ipaddress=::255.255.18.172,::255.255.255.0
ipaddress=1234:5678:9abc:def0:3210:7654:ba98:fedc,1234:5678:9abc:def0:3210:7654:ba98:fedc
ipaddress=::5678:9abc:def0:3210:7654:ba98:fedc,1234:5678:9abc:def0:3210:7654:ba98:fedc
ipaddress=1234::def0:3210:7654:ba98:fedc,1234:5678:9abc:def0:3210:7654:ba98:fedc
ipaddress=1234:5678:9abc:def0:3210:7654:ba98::,1234:5678:9abc:def0:3210:7654:ba98:fedc
ipaddress=1234:5678:9abc:def0:3210:7654::,1234:5678:9abc:def0:3210:7654:ba98:fedc
OtherName=1.2.3.4.99.100,{utf8}ssss
OtherName=1.2.3.4.99.101,{octet}ABCD
OtherName=1.2.3.4.99.102,"{asn}BAgAAQIDBAUGBw=="
OtherName=1.2.3.4.99.108
RegisteredId=1.2.3.4.5.6.7.8.999
url=http://localhost/certsrv/default.html
url=file://\\localhost\certsrv\default.html
DIRECTORYNAME = "cn=mycn,ou=myou,s=mystate,c=us"
[NameConstraintsExcluded]
; list of user defined excluded DNS names
DNS = domain.com
IPADDRESS=255.255.18.172,255.255.255.0
IPADDRESS=1.2.3.4,255.254.253.0
; ===========================================================
; Policy (CPS) Extension
; szOID_CERT_POLICIES 2.5.29.32
; top level section
; ===========================================================
[PolicyStatementExtension]
; list of user defined policies
Policies = LegalPolicy, LimitedUsePolicy, ExtraPolicy, OIDPolicy
CRITICAL = FALSE
[LegalPolicy]
; each policy has one OID, and zero or more Notice and URL keys
OID = 1.3.6.1.4.1.311.21.43
; Stay away from the maximum line length of about 512 characters,
; including the "Notice = "
; Notice text may be continued as needed:
Notice = "Legal"
_continue_ = " policy"
_continue_ = " statement"
_continue_ = " text."
[LimitedUsePolicy]
OID = 1.3.6.1.4.1.311.21.47
URL = "http://http.site.com/some where/default.asp"
URL = "ftp://ftp.site.com/some where else/default.asp"
Notice = "Limited use policy statement text."
URL = "ldap://ldap.site.com/some where else again/default.asp"
[ExtraPolicy]
OID = 1.3.6.1.4.1.311.21.53
URL = http://extra.site.com/Extra Policy/default.asp
[oidpolicy]
OID = 1.3.6.1.4.1.311.21.55
; ===========================================================
; Policy Mapping Extension
; szOID_POLICY_MAPPINGS 2.5.29.33
; top level section
; ===========================================================
[PolicyMappingsExtension]
; list of user defined policy mappings
; first OID is Issuer Domain Policy OID, second is Subject Domain Policy OID
; each entry maps one foreign policy OID to local
1.3.6.1.4.1.311.21.53 = 1.2.3.4.87
1.3.6.1.4.1.311.21.54 = 1.2.3.4.89
critical = nO
; ===========================================================
; Policy Constraints Extension
; szOID_POLICY_CONSTRAINTS 2.5.29.36
; top level section
; ===========================================================
[PolicyConstraintsExtension]
; consists of two optional DWORDs
; They refer to the depth of the CA hierarchy that requires explicit policy
; and inhibits Policy Mapping
RequireExplicitPolicy = 3
InhibitPolicyMapping = 5
; ===========================================================
; Application Policy (CPS) Extension
; szOID_APPLICATION_CERT_POLICIES 1.3.6.1.4.1.311.21.10
; top level section
; ===========================================================
[ApplicationPolicyStatementExtension]
; list of user defined policies
Policies = AppLegalPolicy, AppLimitedUsePolicy, AppExtraPolicy, AppOIDPolicy
CRITICAL = FALSE
[AppLegalPolicy]
; each policy has one OID, and zero or more Notice and URL keys
OID = 1.3.6.1.4.1.311.21.54
Notice = "Application Legal policy statement text"
[AppLimitedUsePolicy]
OID = 1.3.6.1.4.1.311.21.58
URL = "http://http.site.com/application some where/default.asp"
URL = "ftp://ftp.site.com/application some where else/default.asp"
Notice = "Application Limited use policy statement text."
URL = "ldap://ldap.site.com/application some where else again/default.asp"
[AppExtraPolicy]
OID = 1.3.6.1.4.1.311.21.64
URL = http://extra.site.com/Application Extra Policy/default.asp
[Appoidpolicy]
OID = 1.3.6.1.4.1.311.21.66
; ===========================================================
; Application Policy Mapping Extension
; szOID_APPLICATION_POLICY_MAPPINGS 1.3.6.1.4.1.311.21.11
; top level section
; ===========================================================
[ApplicationPolicyMappingsExtension]
; list of user defined application policy mappings
; first OID is Issuer Domain Policy OID, second is Subject Domain Policy OID
; each entry maps one foreign policy OID to local
1.3.6.1.4.1.311.21.64 = 1.2.3.4.98
1.3.6.1.4.1.311.21.65 = 1.2.3.4.100
critical = 0
; ===========================================================
; Application Policy Constraints Extension
; szOID_APPLICATION_POLICY_CONSTRAINTS 1.3.6.1.4.1.311.21.12
; top level section
; ===========================================================
[ApplicationPolicyConstraintsExtension]
; consists of two optional DWORDs
; They refer to the depth of the CA hierarchy that requires explicit policy
; and inhibits Policy Mapping
RequireExplicitPolicy = 6
InhibitPolicyMapping = 10
; ===========================================================
; Basic Constraints Extension
; szOID_BASIC_CONSTRAINTS2 2.5.29.19
; top level section
; ===========================================================
[BasicConstraintsExtension]
; Subject Type is not supported always set to CA
; maximum subordinate CA path length
PathLength = 3
[EnhancedKeyUsageExtension]
;OID = 1.3.6.1.4.1.311.21.6 ; szOID_KP_KEY_RECOVERY_AGENT
;OID = 1.3.6.1.4.1.311.10.3.9 ; szOID_ROOT_LIST_SIGNER
;OID = 1.3.6.1.4.1.311.10.3.1 ; szOID_KP_CTL_USAGE_SIGNING
; The following match the [ApplicationPolicyStatementExtension] section:
OID = 1.3.6.1.4.1.311.21.54
OID = 1.3.6.1.4.1.311.21.58
OID = 1.3.6.1.4.1.311.21.64
OID = 1.3.6.1.4.1.311.21.66
CriticAL = faLSe
; ===========================================================
; Cross Certificate Distribution Points Extension
; szOID_CROSS_CERT_DIST_POINTS 1.3.6.1.4.1.311.10.9.1
; top level section
; ===========================================================
[CrossCertificateDistributionPointsExtension]
SyncDeltaTime = 24
URL = http://%1/Public/My CA.crt
URL = ftp://foo.com/Public/MyCA.crt
URL = file://\\%1\Public\My CA.crt
CriticAL = falSe