Visitor Stats


Visits today:1
Visits yesterday:46
Visits in this month:707
Visits total:106869
Bots today:5


sas package

SAS.

The SAS package has four checks:

"SAS service versus Server"
"Server versus SAS Service"
"SAS service versus Key Material" *1
"Key Material versus SAS service" *1

*1 For this check the links between SAS service and Server need to be correct!

Relationship between SAS service, Server and Key Material

At the moment there is no check for missing SAS-service object and or Key-Material.

Image

Sas service versus Server
The program reads the Host Server attribute, and checks at the Server object the SAS:Serivce DN. The SAS:Service DN should point back to the SAS Service object.

Server versus Sas service
The program reads the SAS:Service DN attribute, and checks at the SAS Service object the Host Server attribute. The Host Server should point back to the Server object.

SAS service versus Key Material.
The program reads the NDSPKI:Key Material DN attribute (multi value) and for all "key material" objects, it gets the Host Server attribute, then it reads the SAS:Service DN attribute of the Server object. Then it checks if this points to the original SAS service object. So the SAS Service and Server object links should be checked (and repaired first).

Key Material versus SAS service.
The program reads the Host Server attribute, then it reads the SAS:Service attribute of the given server object. At the SAS:Service Object it reads the NDSPKI:Key Material DN and checks if the original Key Material object is in the list.

Possible Future extentions.
- Checks for missing SAS-objects.
- Checks for missing default Key Material (DNS and IP certifcate).
- Checks for expire dates of key material.