[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: namingContexts
At 04:36 PM 6/11/99 +0100, Eithne Holmes wrote:
>Hi,
>NamingContexts (top level) attribute is defined as follows :
>5.2.1 namingContexts
> The values of this attribute correspond to naming contexts which
>this server masters or shadows. If the server does not master any
>information (e.g. it is an LDAP gateway to a public X.500 directory) this
>attribute will be absent. If the server believes it contains the entire
>directory, the attribute will have a single value, and that value will be
>the empty string (indicating the null DN of the root). This attribute will
>allow a client to choose suitable base objects for searching when it has
>contacted a server.
>
>I can't figure in what case there's likely to be only a single empty string
>value.
If the server believes it contains the entire
directory, the attribute will have a single value, and that value will be
the empty string (indicating the null DN of the root).
If the server is all knowning within a global context, then it
would have a single namingContexts attribute with an empty string.
Such a server would, to use DNS terminology, would be a "root"
directory server.
>as the current domain name at least seems to always be returned. If
>the empty string (null DN) were returned would it suffice as the base object
>parameter in the search function ?
Yes, you could do:
ldapsearch -b '' '(objectclass=*)'
Of course, the server might refuse such a search request.
>Searching on the null DN only returns
>server attribute info and no children in any scenario I've come across
>(talking to Netscape Directory server).
The ROOT_DSE attributes should only be provided when doing:
ldapsearch -b '' -s base '(objectclass=*)'