[Date Prev][Date Next] [Chronological] [Thread] [Top]

Remote access to the directory schema

To: OpenLDAP Forum <openldap-technical@openldap.org>
Subject: Remote access to the directory schema
From: "Rick van Rein (OpenFortress)" <rick@openfortress.nl>
Date: Mon, 8 Apr 2013 11:42:26 +0200

Hello,

Do I understand correctly, is the schema of a directory always accessible to its remote users?

Because when I request

| ldapsearch -x -h ldap.example.com -b dc=example,dc=com subschemaSubentry

I get entries like

| dn: dc=example,dc=com
| subschemaSubentry: cn=Subschema
|
| dn: cn=someone,dc=example,dc=com
| subschemaSubentry: cn=Subschema

but when I then try things like

| ldapsearch -x -h ldap.example.com -b dc=example,dc=com -E subentries=true cn=Subschema

I get no results.  How should this work?  Do schema entries have to be explicitly enabled in the ACL as though they were normal entries, or is the schema always visible?


Thanks,
 -Rick

Follow-Ups:
- Re: Remote access to the directory schema
  - From: Howard Chu <hyc@symas.com>

Prev by Date: Re: Loosing existing entries when implementing syncrepl N-Way Multi-Master Replication (openldap-2.4.32)
Next by Date: How to improve performance with MDB backend?
Index(es):
- Chronological
- Thread