Hello, Do I understand correctly, is the schema of a directory always accessible to its remote users?
Because when I request | ldapsearch -x -h ldap.example.com -b dc=example,dc=com subschemaSubentry I get entries like | dn: dc=example,dc=com | subschemaSubentry: cn=Subschema | | dn: cn=someone,dc=example,dc=com | subschemaSubentry: cn=Subschema but when I then try things like | ldapsearch -x -h ldap.example.com -b dc=example,dc=com -E subentries=true cn=Subschema I get no results. How should this work? Do schema entries have to be explicitly enabled in the ACL as though they were normal entries, or is the schema always visible? Thanks, -Rick
