[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP V3 - read schema from server (ITS#498)

paulcun@sco.com wrote:
> If I try to read the schema from the LDAP V3 server using:
>         ldapsearch -h scofix -b "cn=schema" -s base "objectclass=*"
> it only returns the following:
>         CN=SCHEMA
>         cn=SCHEMA
>         objectclass=top
>         objectclass=LDAPsubentry
>         objectclass=subschema
>         objectclass=extensibleObject
> shouldn't it return the full schema definition (netscapeDS & IBMSecureWay
> do).

Why do you set -b to "cn=schema" ? Why not -b "" ?

Beside in the RFC :
   Clients MUST only retrieve attributes from a subschema entry by
   requesting a base object search of the entry, where the search filter
   is "(objectClass=subschema)". (This will allow LDAPv3 servers which
   gateway to X.500(93) to detect that subentry information is being

So your "(objectClass=*)" must be "(objectClass=subschema)".

Yohann F.