[Date Prev][Date Next]
Re: LDAP entry metadata
Rob Shepherd writes:
> Is it possible to make queries to internal data, as well as directory
> entry attributes?
If you want a search to return internal data for an entry, aka
operational attributes, you must explicitly ask for them.
As an OpenLDAP extension, asking for "+" requests all operational
attributes. And remember that asking for any attribute cancels the
default "*", so if you want both all operational and user attributes,
ask for both "*" and "+".
> I want to query when an attribute was added to the directory, without
> having to make an external repository for this info, in another
> database or file, or supplementary descriptive
$ ldapsearch -xLLLh ldap.uio.no -b dc=uio,dc=no "(uid=hbf)" modifyTimestamp
> Is there a backend way to make attributes expire?
man slapo-dds and (for passwords) slapo-ppolicy.