Overview#NDSPKISDKeyServerDN is a multi-valued attribute contains the list of Security Domain Infrastructure key servers in the tree.
There must be at least one server in this list.
NDSPKISDKeyServerDN must be at least one NcpServer DN value.
Then, NICISDI or NICIEXT connects to each server in NDSPKISDKeyServerDN, and requests any new security domain keys from each server in this list. Existing security keys are also checked for Key Revocation. However, deletion of a security domain key is not automatically done.
In the case of a tree merge, add the name of the new SDI key server's name to this list after trees are merged, and reboot all the servers in the tree unless periodic synchronization is enabled. The final list MUST contain the names of SDI Key servers in all trees.