[EMAIL PROTECTED] wrote: > hihi > I use ldapsearch to get the root information > > This is my statement: > > ldapsearch -h ServerLocation -p 1717 -s base -b '' -L -D > 'cn=manager,o=xxx,c=ca' -w password 'objectclass=*' > > Return : > dn: > createTimeStamp: 20010814201244Z > modifyTimeStamp: 20020115171820Z > modifiersName: cn=manager, o=xxx, c=CA > > The directory is third party directory service which is in UNIX system. > Why doesnt return any DN ?
You didn't ask for a DN - you queried the root DSE, the DN of which is the empty string ''. > am I getting the root of the information? You are getting the root DSE. > What is the problem that I cannot get the root information such as > schema address? Many of the root DSE attributes are operational - you must ask for them by name e.g. namingcontext subschemasubentry. > Is it something wrong when i set up the directory directory? > > If the directory is Active Directory in MS, I don't need to put any > authorization info (login and password), I can get the root information > such as contextname, schema Context Naming and default Context Naming > etc. Some directory servers (such as AD) do not adhere closely to the LDAP standards - AD breaks from the LDAP standards in many ways. This is just one of them. The correct way to do it is to explicitly ask for the attributes you are interested in - this will work regardless of the directory server. This is also the correct way to run any search - searches in general will run much faster if you specify only the attributes you are interested in.
