Hi Tonni,

Could you give me an example of what you meant by putting a + at the end of the ldapsearch command? When I tried putting a plus at the end it didn't give me any found results so I must be doing something wrong with the syntax.

I used:

[root@alph bin]# ldapsearch -x -H ldaps://alph/ -D "cn=Manager,dc=dst,dc=boeing,dc=com" -W -b "ou=people,dc=dst,dc=boeing,dc=com" "(uid=darryl+)" Enter LDAP Password: xxxxxx # extended LDIF # # LDAPv3 # base <ou=people,dc=dst,dc=boeing,dc=com> with scope sub # filter: (uid=darryl+) # requesting: ALL #

# search result search: 2 result: 0 Success

# numResponses: 1

But if I leave off the + I do get the user fields so I know it has data.

Thanks,

Darryl

________________________________________________________________________ ___________

Ljunghammar, Darryl K skrev, on 23-01-2008 21:56: I would like to view the ppolicy schema attributes for a user when I do a "ldapsearch" but they don't show up. For example, I would like to see the "pwdHistory" attribute for a user. I know it is being updated because if I enter a previously used password it tells me it can't be reused.

I am using openldap 2.3.39-3 on a Redhat 5.1 system.

Put a '+' at the end of your ldapsearch string and you'll see only the operational attributes, *if* your ACLs permit this. You will not see empty attributes, only those with values.

Best, --Tonni -- Tony Earnshaw Email: tonni at hetnet dot nl