On 8/29/06, Pierangelo Masarati <[EMAIL PROTECTED]> wrote:
> ldapsearch -x -b cn=Subschema -D cn=rootdn -w secretpassword -h > localhost -p 389 -L objectclass=* objectclass attributetype > > Doesn't give any results. Am I missing something easy? You need to add "-s base" as per RFC4512 Section 4.4.
Thanks, I got it working by adding the acl, -s base, and + to my query. In summary: To expose your schema to ldap queries, add the following acl: access to dn.base="" by * read access to dn.base="cn=subschema" by * read -- Then use a search like: ldapsearch -x -s base -b cn=subschema -D cn=rootdn -w secretpassword -h localhost -p 389 -LLL objectclass=* attributetype objectclass +
