Searching the root DSE
The root DSA-specific entry (DSE) is a special entry that resides at the root of the directory information tree (DIT). The entry holds operational information about the server and its supported controls.
About this task
Specifically, the root DSE entry provides information about the supported LDAP3 controls, Simple Authentication and Security Layer (SASL) mechanisms, password authentication schemes, supported LDAP protocols, additional features, naming contexts, extended operations, and server information.
The PingDirectory server provides an option to retrieve the Root DSE’s operational attributes and add them to the user attribute map of the generated entry. This feature allows client applications that have difficulty handling operational attributes to access the root DSE using the show-all-attributes configuration property. After you set this property, the associated attribute types are recreated and re-registered as user attributes in the schema (in memory, not on disk). After you set the property, you can use ldapsearch without "+" to view the root DSE.
Steps
-
To set the
show-all-attributesproperty to TRUE, run thedsconfigtool.Example:
$ bin/dsconfig set-root-dse-backend-prop --set show-all-attributes:true -
Run the
ldapsearchtool to view the root DSE entry on the PingDirectory server.To display the operational attributes in the entry, use
+.Example:
$ bin/ldapsearch --baseDN "" --searchScope base "(objectclass=*)" "+"