[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP Server configuration for controls and extends HOWTO

To: Michael Ströder <michael@stroeder.com>
Subject: Re: OpenLDAP Server configuration for controls and extends HOWTO
From: "Naresh Verma" <ixnaresh@gmail.com>
Date: Sat, 24 Sep 2005 14:03:03 +0530
Cc: <OpenLDAP-software@OpenLDAP.org>
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:from:to:cc:references:subject:date:mime-version:content-type:content-transfer-encoding:x-priority:x-msmail-priority:x-mailer:x-mimeole; b=cAPDDJHwMno75eaofkYwXOxSnFOy9RKBs66Y5KLPb2OjffvQpc90WGCriqk7qnSz04+L4JEy4HavRTVFtoXrhj639ykvLVHn1d5PkunUV/U0OrS0Bg+58ui0ek9YW6rZGl+SMfqdUzFhDdvEF/6t2+MHRTVjEIuVR4tgV48g/Nk=
References: <004701c5bf5c$aff91400$fafa12c6@ixiacom.com> <4333B4E5.2000407@stroeder.com> <000401c5c023$4fc44ba0$fa0012c6@ixiacom.com> <4333DA66.70606@stroeder.com>

Hi Michael,

You got me right, I took those OIDs from the openLDAP site (and thanks for the URL)...

I have installed the $OpenLDAP: slapd 2.3.7 on my system; but I still can not see the supported Controls on the server. I am trying to test the controls functionality of my LDAP client for the controls and am not able to get those on my server.

Please hint me as for a newbie as to how can I get these available on my openLDAP server.

Thanks a lot for your help...
Naresh

----- Original Message ----- From: "Michael Ströder" <michael@stroeder.com> To: "Naresh Verma" <ixnaresh@gmail.com> Cc: <OpenLDAP-software@OpenLDAP.org> Sent: Friday, September 23, 2005 4:05 PM Subject: Re: OpenLDAP Server configuration for controls and extends HOWTO

Naresh Verma wrote:

Thanks Michael for help,

Please see the inline answers to your queries -

I have spent about 2 weeks searching the web, looking for OpenLDAP
server configurations for supporting the *Controls & extends*.

Can you please elaborate which controls and extended
operations you're after?


NKV> I am looking for -
2.16.840.1.113730.3.4.2
2.16.840.1.113730.3.4.18
1.3.6.1.4.1.4203.666.5.6
1.3.6.1.4.1.4203.1.10.2
1.3.6.1.4.1.4203.1.10.1
1.2.840.113556.1.4.1413
1.2.840.113556.1.4.1339
1.2.840.113556.1.4.319
1.2.826.0.1.334810.2.3


If you grabbed these OIDs from rootDSE on ldap://ldap.openldap.org/ you
can also nicely display the OIDs and their meaning with this tool:

http://mstroeder.homeip.net:1760/web2ldap?ldap://ldap.openldap.org/

Which version of OpenLDAP are you using?
openldap Version : 2.2.13


That's a pretty old version. I guess many of the controls, ext. ops. and
features are not implemented in this old release.

See below what my local build of OpenLDAP 2.3.7 lists (web2ldap's output).

Ciao, Michael.

--
Michael Ströder
E-Mail: michael@stroeder.com
http://www.stroeder.com

-------------------------------- snip --------------------------------

supportedControl >>
   Proxied Authorization (version 2) (2.16.840.1.113730.3.4.18):
   For assuming the identity of another entry for the duration of a
   request. (see draft-weltman-ldapv3-proxy-06.txt)
   ManageDsaIT (2.16.840.1.113730.3.4.2):
   (see RFC 3296)
   Subentries (1.3.6.1.4.1.4203.1.10.1):
   (see RFC 3672)
   LDAP_SERVER_SEARCH_OPTIONS_OID (1.2.840.113556.1.4.1340):
   Search options control (Stateless) (see Platform SDK: DSML
   Services for Windows)
   LDAP_SERVER_PERMISSIVE_MODIFY_OID (1.2.840.113556.1.4.1413):
   Permissive modify control (Stateless) (see Platform SDK: DSML
   Services for Windows)
   LDAP_SERVER_DOMAIN_SCOPE_OID (1.2.840.113556.1.4.1339):
   Domain scope control (Stateless) (see Platform SDK: DSML Services
   for Windows)
   paged Results (1.2.840.113556.1.4.319):
   (see RFC2696)
   valuesReturnFilter (1.2.826.0.1.334810.2.3):
   (see RFC3876)
   LDAP Post-read Control (1.3.6.1.1.13.2):
   (see draft-zeilenga-ldap-readentry-04.txt)
   LDAP Pre-read Control (1.3.6.1.1.13.1):
   (see draft-zeilenga-ldap-readentry-04.txt)
   Assertion Control (1.3.6.1.1.12):
   (see draft-zeilenga-ldap-assert-05.txt)

supportedExtension >>
   Start TLS (1.3.6.1.4.1.1466.20037):
   (see RFC 2830)
   Modify Password (1.3.6.1.4.1.4203.1.11.1):
   modification of user passwords (see RFC 3062)
   Who am I? (1.3.6.1.4.1.4203.1.11.3):
   (see draft-zeilenga-ldap-authzid-10.txt)

supportedFeatures >>
   Modify-Increment (1.3.6.1.1.14):
   (see draft-zeilenga-ldap-incr-01.txt)
   All Operational Attributes (1.3.6.1.4.1.4203.1.5.1):
   Provide a simple mechanism which clients may use to request the
   return of all operational attributes. (see RFC 3673)
   OC AD Lists (1.3.6.1.4.1.4203.1.5.2):
   Return of all attributes of an object class (see
   draft-zeilenga-ldap-adlist-11.txt)
   True/False filters (1.3.6.1.4.1.4203.1.5.3):
   absolute True (&) and False (|) filters (see
   draft-zeilenga-ldap-t-f-10.txt)
   Language Tag Options (1.3.6.1.4.1.4203.1.5.4):
   storing attributes with language tag options in the DIT (see RFC
   3866)
   Language Range Options (1.3.6.1.4.1.4203.1.5.5):
   language range matching of attributes with language tag options
   stored in the DIT (see RFC 3866)

Follow-Ups:
- Re: OpenLDAP Server configuration for controls and extends HOWTO
  - From: Michael Ströder <michael@stroeder.com>

References:
- OpenLDAP Server configuration for controls and extends HOWTO
  - From: "Naresh Verma" <ixnaresh@gmail.com>
- Re: OpenLDAP Server configuration for controls and extends HOWTO
  - From: Michael Ströder <michael@stroeder.com>
- Re: OpenLDAP Server configuration for controls and extends HOWTO
  - From: "Naresh Verma" <ixnaresh@gmail.com>
- Re: OpenLDAP Server configuration for controls and extends HOWTO
  - From: Michael Ströder <michael@stroeder.com>

Prev by Date: Re: OpenLDAP Server configuration for controls and extends HOWTO
Next by Date: ldap acl question
Index(es):
- Chronological
- Thread