[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: requirements for accessing schema in DIT

On Tuesday 07 February 2006 07:06, Brandon McCombs wrote:

> This is great and all but it doesn't answer my question.

It does answer your original question. It may not answer what you wanted to 
know (so, maybe your question needs refinement).

> How do I list 
> all object classes and attributes in one big list without doing a
> piecemeal schema search on every attribute that may be listed as an
> attribute within a specific object (which wouldn't give me all the
> possible object classes and attributes anyway).

This is a different question. I'll assume some specifics in answering.

Assuming you mean with OpenLDAP's ldapsearch, and assuming your LDAP server is 
configured to allow anonymous access to the subschemaentry  attribute on the 
empty suffix (""), find out the location of the schema entry:

$ ldapsearch -LLL -x -b '' -s base subschemaSubentry
subschemaSubentry: cn=Subschema

Assuming anonymous access to this entry (and its attributetypes and 
objectclasses attributes) is allowed by your configuration, request that dn's 
attributetypes and objectclasses attributes (by doing a scope base search on 
the dn):

$ ldapsearch -LLL -x -b 'cn=Subschema' -s base attributetypes objectclasses

The example configurations in the admin guide should work fine for this ...


Buchan Milne
ISP Systems Specialist

Attachment: pgpvj3eOCaKG8.pgp
Description: PGP signature