[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: base search with objectClass=* does not work properly...

To: "Sukanta Ganguly" <groundl@hotmail.com>
Subject: Re: base search with objectClass=* does not work properly...
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Tue, 16 Jan 2001 13:54:55 -0800
Cc: jajati@datalinx.net, openldap-software@OpenLDAP.org
In-reply-to: <F256pGM3KPqw8wcftXE0000003f@hotmail.com>

At 09:19 PM 1/16/01 +0000, Sukanta Ganguly wrote:
>Hi,
> In RFC 2251 it is mentioned very clearly that a search command like a base search with NULL RD (implies root dse) will return all the object classes supported by the LDAP server.

RFC 2251 does not say the root DSE contains subschema attributes.
RFC 2251 says that the root DSE, as well as all objects, should
have a subschemaSubentry attribute whose value refers to the
controlling subschema entry (or subentry).

I note that one should whenever possible ready the subschemaSubentry
from the object they wish to modify (or from its parent if adding
a new entry) as different entries may be controlled by different
subschemas.

I also note that LDAPv3 schema discovery, in particular the semantics
of the subschemaSubentry attribute of the Root DSE, will likely
be updated by the IETF as the defined mechanism is known to be
flawed in numerous ways [see IETF LDAPext and LDAPbis WG mailing lists
<http://www.ietf.org/>).

>So if that is the case then
>
>ldapsearch -b "" -s base "(objectClass=*)" should return all the object classes within the LDAP server.
>Correct?

No.  It should return all non-operational attributes of the root DSE.

Please see the archives for further details on how to read the
controlling subschema of an object.

References:
- Re: base search with objectClass=* does not work properly...
  - From: "Sukanta Ganguly" <groundl@hotmail.com>

Prev by Date: Re: inetOrgPerson (was RE: )
Next by Date: Re: base search with objectClass=* does not work properly...
Index(es):
- Chronological
- Thread