Full_Name: J
Version: 2.4.20
OS: Debian-Lenny/amd64
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (68.15.14.98)
Certain clients (for example, a Solaris 10 host) need to query the rootDSE of
our OpenLDAP server. Unfortunately, due to the way their client software is
written, the Solaris 10 client will only be able to attempt to view the rootDSE
using a scope of ONELEVEL or SUBTREE - it does not support BASELEVEL searches of
the rootDSE.
Solaris 10's 'ldapsearch' allows manual querying of our rootDSE for
testing-purposes, so I know otherwise things should work (ACL-wise, etc). It
just seems to be a problem in the system-config, as the man page clearly states
that only the two aforementioned scopes are allowed.
Options? Is there a way I can alias a DN-less object? If so, is this even
advisable?
Or, perhaps is there a way to store an alternate copy of the rootDSE somewhere
that is more "conventionally" accessible?
At this point, I'll consider any alternative. I reviewed the manpage for
slapd.conf, however the rootDSE parameter in slapd.conf seems to be only used
for "additions" or supplemental changes to an existing rootDSE.
Since you quoted the ldapclient docs, I have to ask what exactly you're trying
to accomplish. Solaris ldapclient is only used to configure NSS, and there are
no NSS tables that serve anything that could be extracted from an LDAP
server's rootDSE. What are you really trying to do?
--
-- Howard Chu
CTO, Symas Corp.
http://www.symas.com
Director, Highland Sun
http://highlandsun.com/hyc/
Chief Architect, OpenLDAP
http://www.openldap.org/project/