[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Can I read the schema using LDAP?

<quote who="Thomas Gagné">
> Out of curiosity, will that command work with other non-OpenLDAP
> directories?

No. According to some RFC (don't recall which, too lazy to search), each
entery in an LDAP directory must specify an attribute named
subschemaSubEntry. This attribute's value is the DN where the schema is
housed. In the case of default OpenLDAP installs, each entry in the
directory has a subschemaSubEntry with a value of "cn=subschema". In
Novell eDirectory, this value is generally "cn=schema". To make your
application nice and generic, it should read the subschemaSubEntry for the
DN of interest, and search for the schema there. Note that if you don't
have a DN to search from, you can just use the RootDSE entry by specifying
an empty DN ("") and searching with a scope of "base". RootDSE behavior is
also described in some RFC (again, too lazy, yadda yadda).

The phpLDAPadmin code below (in the URL) supports a mountain of different
LDAP servers soley with this method, and even works with "broken" servers
by searching some of the common schema locations. See the function called
_get_raw_schema() toward the bottom. There are lots of comments to guide
you along.

Good luck!


> David Smith wrote:
>> <snip>