map CN


map CN=yes|no


yes|no If this is set to yes, the value of the CN is submitted to the External Security Facility's name mapping procedure, as if it were a "long name", to be converted to an Enterprise Server user ID. The effect of name mapping depends on the security configuration.


Default: no
Values: yes, no


This setting only affects Format 1 requests, and only if userid source is set to cn or cn fallback.

If it is enabled, then after the CN value has been extracted from the certificate, it undergoes long-to-short name mapping. The default mapper truncates names to 8 characters and removes characters not permitted in Enterprise Server user IDs, but another mapper can be enabled by the security configuration.

This setting can be useful if you wish to use the certificate as the user ID source, but have certificates with CNs that cannot be used directly as Enterprise Server user IDs.