[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: LDAP entry metadata
Rob Shepherd writes:
> Is it possible to make queries to internal data, as well as directory
> entry attributes?
Yes.
If you want a search to return internal data for an entry, aka
operational attributes, you must explicitly ask for them.
As an OpenLDAP extension, asking for "+" requests all operational
attributes. And remember that asking for any attribute cancels the
default "*", so if you want both all operational and user attributes,
ask for both "*" and "+".
> I want to query when an attribute was added to the directory, without
> having to make an external repository for this info, in another
> database or file, or supplementary descriptive
$ ldapsearch -xLLLh ldap.uio.no -b dc=uio,dc=no "(uid=hbf)" modifyTimestamp
dn: uid=hbf,cn=people,dc=uio,dc=no
modifyTimestamp: 20070329084312Z
> Is there a backend way to make attributes expire?
man slapo-dds and (for passwords) slapo-ppolicy.
--
Regards,
Hallvard