The root DSA-specific entry (DSE) is a special entry that resides at the root of the directory information tree (DIT). The entry holds operational information about the server and its supported controls.
Specifically, the root DSE entry provides information about the supported LDAP3 controls, Simple Authentication and Security Layer (SASL) mechanisms, password authentication schemes, supported LDAP protocols, additional features, naming contexts, extended operations, and server information.
The Directory Server provides an option to retrieve the Root DSE’s
operational attributes and add them to the user attribute map of the generated entry.
This feature allows client applications that have difficulty handling operational
attributes to access the root DSE using the
configuration property. After you set this property, the associated attribute types are
recreated and re-registered as user attributes in the schema (in memory, not on disk).
After you set the property, you can use ldapsearch without "+" to
view the root DSE.
To set the
show-all-attributesproperty to TRUE, run the dsconfig tool.
$ bin/dsconfig set-root-dse-backend-prop --set show-all-attributes:true
Run the ldapsearch tool to view the root DSE entry on the
To display the operational attributes in the entry, use +.
$ bin/ldapsearch --baseDN "" --searchScope base "(objectclass=*)" "+"