ADSIDStringFromLDAPEntry extracts the objectSid attribute from an ldap.Entry and returns its string representation.

CertKeyPEM returns certificate and private key bytes encoded in PEM format for use with `kinit`.

CombineLDAPFilters joins the slice of filters.

GenerateWindowsDesktopCredentials generates a private key / certificate pair for the given Windows username.

NewCertificateStoreClient returns a new structure for modifying windows certificates in a Windows CA.

SubjectAltNameExtension fills in the SAN for a Windows certificate.

AccountTypeUser is the SAM account type for user accounts.

AttrCommonName is the common name of an LDAP object, or "CN".

AttrDistinguishedName is the distinguished name of an LDAP object, or "DN".

unusual capitalization is correct.

AttrName is the name of an LDAP object.

AttrObjectCategory is the object category of an LDAP object.

AttrObjectClass is the object class of an LDAP object.

AttrObjectGUID is the globally unique identifier for an LDAP object.

AttrObjectSid is the Security Identifier of an LDAP object.

AttrOS is the operating system of a computer object.

AttrOSVersion is the operating system version of a computer object.

AttrPrimaryGroupID is the primary group id of an LDAP object.

AttrSAMAccountName is the SAM Account name of an LDAP object.

AttrSAMAccountType is the SAM Account type for an LDAP object.

CertTTL is the TTL for Teleport-issued Windows Certificates.

ClassComputer is the object class for computers in Active Directory.

ClassContainer is the object class for containers in Active Directory.

ClassGMSA is the object class for group managed service accounts in Active Directory.

ReadOnlyDomainControllerGroupID is the windows security identifier for read only dcs.

WritableDomainControllerGroupID is the windows security identifier for dcs with write permissions.

ADUserMappingExtensionOID is the Active Directory SID extension for mapping certificates to their user's Active Directory SID.

ADUserMappingInternalOID is the OID that's sent as part of the Other Name section of the Active Directory SID extension.

ClientAuthenticationOID is the object idnetifier that is used to include client SSL authentication in a certificate's enhanced key usage.

EnhancedKeyUsageExtension is a set of required extended key fields specific for Microsoft certificates.

EnhancedKeyUsageExtensionOID is the object identifier for a certificate's enhanced key usage extension.

SmartcardLogonOID is the object identifier that is used to include smartcard login in a certificate's enhanced key usage.

SubjectAltNameExtensionOID is the object identifier for a certificate's subject alternative name extension.

UPNOtherNameOID is the object identifier that is used to include the user principal name in a certificate's subject alternative name.

CertificateStoreClient implements access to a Windows Certificate Authority.

CertificateStoreConfig is a config structure for a Windows Certificate Authority.

GenerateCredentialsRequest are the request parameters for generating a windows cert/key pair.

LDAPClient is a windows LDAP client.

LDAPConfig contains parameters for connecting to an LDAP server.

SubjectAltName is a struct that can be marshaled as ASN.1 into the SAN field in an x.509 certificate.

AuthInterface is a subset of auth.ClientI.