posts - 598 , comments - 849 , trackbacks - 247

My Links

News

qrcode

Lance Robinson

Create Your Badge

Lance Robinson is a software engineer in Durham, Chapel Hill, Raleigh, and surrounding areas. More about Lance.

 Subscribe

Tag Cloud

Archives

Post Categories

Image Galleries

Blogs

Miscellanous

Noteworthy Stuff

Popular Posts

LDAP Operational Attributes

In my experiences with AD, SunOne (iPlanet), Siemens, and Novell directory servers, root DSE searches turn up a full set of results. This search request is sent like so:

Dim ldap as new nsoftware.IPWorks.Ldap()
ldap.ServerName = SERVERNAME
ldap.DN = ""
ldap.SearchScope = ssBaseObject
ldap.Search "objectClass=*"

By default, when no attributes are provided in the search request itself, these directory servers will return all the attributes.

Today, someone pointed out to me that the OpenLDAP server behaves differently, and in fact strictly follows the LDAPv3 RFC, which states in section 4.5.1:

"...servers will not return operational attributes, such as objectClasses or attributeTypes, unless they are listed by name..."

Testing the above code with the server at www.openldap.com produces only two attributes. Instead, one must specifically ask for each attribute by name as described in the RFC. A full list of operational attribute types can be found in RFC 2252.

Print | posted on Monday, June 20, 2005 3:17 PM | Filed Under [ Programming ]

Feedback

No comments posted yet.
Post A Comment
Title:
Name:
Email:
Comment:
Verification:
 

Powered by: