The root DSA-specific entry (DSE) is a special entry that resides at the root of the directory information tree (DIT). The entry holds operational information about the server and its supported controls.
Specifically, the root DSE entry provides information about the supported LDAP3 controls, Simple Authentication and Security Layer (SASL) mechanisms, password authentication schemes, supported LDAP protocols, additional features, naming contexts, extended operations, and server information.
The PingDirectory server provides an option to retrieve
the Root DSE’s operational attributes and add them to the user attribute map of the
generated entry. This feature allows client applications that have difficulty handling
operational attributes to access the root DSE using the
show-all-attributes configuration property. After you set this
property, the associated attribute types are recreated and re-registered as user
attributes in the schema (in memory, not on disk). After you set the property, you can
use ldapsearch without "+" to view the root DSE.
To set the
show-all-attributesproperty to TRUE, run the dsconfig tool.
$ bin/dsconfig set-root-dse-backend-prop --set show-all-attributes:true
Run the ldapsearch tool to view the root DSE entry on the
To display the operational attributes in the entry, use +.
$ bin/ldapsearch --baseDN "" --searchScope base "(objectclass=*)" "+"