[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP Server configuration for controls and extends HOWTO

Naresh Verma wrote:
> Thanks Michael for help,
>
> Please see the inline answers to your queries -
>
>>> I have spent about 2 weeks searching the web, looking for OpenLDAP
>>> server configurations for supporting the *Controls & extends*.
>>
>>
>> Can you please elaborate which controls and extended
>> operations you're after?
>
> NKV> I am looking for -
> 2.16.840.1.113730.3.4.2
> 2.16.840.1.113730.3.4.18
> 1.3.6.1.4.1.4203.666.5.6
> 1.3.6.1.4.1.4203.1.10.2
> 1.3.6.1.4.1.4203.1.10.1
> 1.2.840.113556.1.4.1413
> 1.2.840.113556.1.4.1339
> 1.2.840.113556.1.4.319
> 1.2.826.0.1.334810.2.3

If you grabbed these OIDs from rootDSE on ldap://ldap.openldap.org/ you
can also nicely display the OIDs and their meaning with this tool:

http://mstroeder.homeip.net:1760/web2ldap?ldap://ldap.openldap.org/

>> Which version of OpenLDAP are you using?
>
> openldap Version     : 2.2.13

That's a pretty old version. I guess many of the controls, ext. ops. and
features are not implemented in this old release.

See below what my local build of OpenLDAP 2.3.7 lists (web2ldap's output).

Ciao, Michael.

-- 
Michael Ströder
E-Mail: michael@stroeder.com
http://www.stroeder.com

-------------------------------- snip --------------------------------

supportedControl >>
    Proxied Authorization (version 2) (2.16.840.1.113730.3.4.18):
    For assuming the identity of another entry for the duration of a
    request. (see draft-weltman-ldapv3-proxy-06.txt)
    ManageDsaIT (2.16.840.1.113730.3.4.2):
    (see RFC 3296)
    Subentries (1.3.6.1.4.1.4203.1.10.1):
    (see RFC 3672)
    LDAP_SERVER_SEARCH_OPTIONS_OID (1.2.840.113556.1.4.1340):
    Search options control (Stateless) (see Platform SDK: DSML
    Services for Windows)
    LDAP_SERVER_PERMISSIVE_MODIFY_OID (1.2.840.113556.1.4.1413):
    Permissive modify control (Stateless) (see Platform SDK: DSML
    Services for Windows)
    LDAP_SERVER_DOMAIN_SCOPE_OID (1.2.840.113556.1.4.1339):
    Domain scope control (Stateless) (see Platform SDK: DSML Services
    for Windows)
    paged Results (1.2.840.113556.1.4.319):
    (see RFC2696)
    valuesReturnFilter (1.2.826.0.1.334810.2.3):
    (see RFC3876)
    LDAP Post-read Control (1.3.6.1.1.13.2):
    (see draft-zeilenga-ldap-readentry-04.txt)
    LDAP Pre-read Control (1.3.6.1.1.13.1):
    (see draft-zeilenga-ldap-readentry-04.txt)
    Assertion Control (1.3.6.1.1.12):
    (see draft-zeilenga-ldap-assert-05.txt)

supportedExtension >>
    Start TLS (1.3.6.1.4.1.1466.20037):
    (see RFC 2830)
    Modify Password (1.3.6.1.4.1.4203.1.11.1):
    modification of user passwords (see RFC 3062)
    Who am I? (1.3.6.1.4.1.4203.1.11.3):
    (see draft-zeilenga-ldap-authzid-10.txt)

supportedFeatures >>
    Modify-Increment (1.3.6.1.1.14):
    (see draft-zeilenga-ldap-incr-01.txt)
    All Operational Attributes (1.3.6.1.4.1.4203.1.5.1):
    Provide a simple mechanism which clients may use to request the
    return of all operational attributes. (see RFC 3673)
    OC AD Lists (1.3.6.1.4.1.4203.1.5.2):
    Return of all attributes of an object class (see
    draft-zeilenga-ldap-adlist-11.txt)
    True/False filters (1.3.6.1.4.1.4203.1.5.3):
    absolute True (&) and False (|) filters (see
    draft-zeilenga-ldap-t-f-10.txt)
    Language Tag Options (1.3.6.1.4.1.4203.1.5.4):
    storing attributes with language tag options in the DIT (see RFC
    3866)
    Language Range Options (1.3.6.1.4.1.4203.1.5.5):
    language range matching of attributes with language tag options
    stored in the DIT (see RFC 3866)