Re: DSE Root/first entry

[Konstantin Chuguev <Konstantin.Chuguev@dante.org.uk>]

"Kurt D. Zeilenga" wrote:

> Note that root DSE is technically in the a different plane than
> than object DSEs.   In a server which holds the root naming context,
> there no object DSE named with an empty DN.  When you do a search
> upon an empty DN, the handling is dependent upon the scope.  If
> you request scope base, you get the root DSE.  If request scope
> one-level, you get all the top level objects.  If you request
> scope subtree, you get all object entries but NOT the root DSE.
>
> See a good LDAP and/or X.500 for details....
>

I could not find anything about root naming context implementation in LDAP. Nor in OpenLDAP.
Is there any documentation?

>
> You cannot directly specify the contents of the Root DSE.  The
> Root DSE is not part of any naming context.
>
> A more appropriate is "how to I configure the LDBM backend to
> hold the root naming context?"
>
> You *should* be able to add top-level entries.  However,
> IIRC, there is a bug which prevents you from doing such.  A
> workaround would be to list each top-level DN as a suffix.
>

I have got a dozen of first level suffixes in my server ldap.nameflow.net. ldapserarch -s
{one|sub} -b "" does not work. It returns:
tor:/opt/OpenLDAP/web2ldap# lsearchl one '' 'objectClass=*'
version: 2

#
# filter: objectClass=*
# requesting: ALL
#

# search result
search: 2
result: 32 No such object

# numResponses: 1

You say that with OpenLDAP we should be able to manage suffix "" and first level entries, only
a bug prevents it. I would like to help to find the bug. Can I know the details please.

Thanks,
    Konstantin.


--
          * *        Konstantin Chuguev - Application Engineer
       *      *              Francis House, 112 Hills Road
     *                       Cambridge CB2 1PQ, United Kingdom
 D  A  N  T  E       WWW:    http://www.dante.net