[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: requirements for accessing schema in DIT
At 03:31 PM 2/6/2006, Howard Chu wrote:
>Brandon McCombs wrote:
>>What is required to get openldap to allow the schema to be viewed as part of the DIT?
>
>Viewing the schema has been supported since OpenLDAP 2.0. Just look for the subschemasubentry in the rootDSE, same as for any LDAPv3 compliant server.
s/rootDSE/target entry/
The subschemaSubentry of an entry (including the root DSE) provides
the name of subschema subentry controlling that entry. Though
only a single subschema is allowed in slapd(8), this is a current
slapd(8) specific limitation. In the X.500/LDAP model, different
entries (even within a naming context) can be controlled by different
subschemas and hence have different subschemaSubentry values.
That is, a client should not rely on values of subschemaSubentry
being the same for all entries (including the root DSE) held by
a server.
This is discussed in Section 4 of draft-ietf-ldapbis-models-xx.txt,
a copy of which is provided in doc/drafts. (Note that this
document has been approved for publication as a Standards Track
RFC.)
Kurt