[Date Prev][Date Next]
Re: requirements for accessing schema in DIT
At 03:31 PM 2/6/2006, Howard Chu wrote:
>Brandon McCombs wrote:
>>What is required to get openldap to allow the schema to be viewed as part of the DIT?
>Viewing the schema has been supported since OpenLDAP 2.0. Just look for the subschemasubentry in the rootDSE, same as for any LDAPv3 compliant server.
The subschemaSubentry of an entry (including the root DSE) provides
the name of subschema subentry controlling that entry. Though
only a single subschema is allowed in slapd(8), this is a current
slapd(8) specific limitation. In the X.500/LDAP model, different
entries (even within a naming context) can be controlled by different
subschemas and hence have different subschemaSubentry values.
That is, a client should not rely on values of subschemaSubentry
being the same for all entries (including the root DSE) held by
This is discussed in Section 4 of draft-ietf-ldapbis-models-xx.txt,
a copy of which is provided in doc/drafts. (Note that this
document has been approved for publication as a Standards Track