.TH LCMAPS_BAN_DN.MOD 8 "February 9, 2015" "Stichting FOM/Nikhef" "Site Access Control"
.SH NAME
lcmaps_ban_dn.mod \- LCMAPS plugin to ban a user based on the Subject DN
.SH SYNOPSIS
.B lcmaps_ban_dn.mod
.RB [ \-banmapfile
.IR banning\ file ]
.RB [ \-no_wildcard | \-disablewildcard ]
.SH DESCRIPTION
This plugin is a banning plugin and will provide the LCMAPS system with a
credential banning feature based on the Distinguished Name (DN).
It will read a grid-mapfile and check whether the DN
appears on it. If that is the case, the plug-in will fail with a
.BR LCMAPS_MOD_FAIL.
If the plugin succeeds and DN does not appear in the banning file the plugin will
finish with a
.BR LCMAPS_MOD_SUCCESS

.SH OPTIONS
.TP
.BI "\-banmapfile " ban-mapfile
This option sets the path to the banning file which contains the list of DNs
which must be banned by the plugin.
It is strongly advised to set an absolute path to the ban-mapfile to avoid usage
of the wrong file(path). In a (setuid-)root application, relative paths are
taken with respect to \fI/etc/grid-security/\fR.

.TP
.BI "\-no_wildcard\fR,\fB \-disablewildcard"
When this option is set the plug-in will only match exact DNs,
i.e. /DC=org/DC=terena/DC=tcs/C=NL/* will not match.

.SH RETURN VALUES
.TP
.B LCMAPS_MOD_SUCCESS
Success.
.TP
.B LCMAPS_MOD_FAIL
Failure or banned.
.SH BUGS
Please report any errors to the Nikhef Grid Middleware Security Team
<grid-mw-security-support@nikhef.nl>.
.SH SEE ALSO
.BR lcmaps.db (5), 
.BR lcmaps (3).
.SH AUTHORS
LCMAPS and the LCMAPS plug-ins were written by the Grid Middleware Security Team
<grid-mw-security@nikhef.nl>.