Red Hat Summit Red Hat SummitSupportKonsoleEntwicklerDemo startenKontakt

Dieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.

Chapter 11. Chaining LDAP controls

LDAP operations can contains some data (named control and specified in the ldap protocol) that change their behavior. You can specify which LDAP controls to forward to the remote server.

11.1. About chaining LDAP controls
Link kopieren

The database link forwards requests containing the following controls to the remote server for chaining LDAP controls:

  • The Virtual List View (VLV) control provides lists of certain entries.
  • The Server-side sorting control categorizes entries according to their attribute values, usually by using a specific matching rule.
  • The Dereferencing control pulls specified attribute information from the referenced entry and returns this information with the rest of the search results.
  • The Managed DSA controls returns smart referrals as entries, rather than following these referrals. Therefore, a smart referral itself can be changed or deleted.
  • The Loop detection control tracks how many times a server chains with another server. When the count reaches the configured number, Loop detection detects a loop and notifies the client application.
Note

Database links cannot support Server-side sorting and VLV controls when a client application makes a request to multiple databases.

The following are some of the LDAP controls that are allowed to chain and their object identifiers (OID):

Expand
Control NameOID

Virtual list view (VLV)

2.16.840.1.113730.3.4.9

Server-side sorting

1.2.840.113556.1.4.473

Managed DSA

2.16.840.1.113730.3.4.2

Loop detection

1.3.6.1.4.1.1466.29539.12

Dereferencing searches

1.3.6.1.4.1.4203.666.5.16

11.2. Chaining LDAP controls using the command line
Link kopieren

You can chain LDAP controls by using dsconf chaining config-set --add-control in the command line.

Procedure

  1. Chain LDAP controls: 

    # dsconf -D "cn=Directory Manager" ldap://server.example.com chaining \ config-set --add-control="2.16.840.1.113730.3.4.9"
    Copy to Clipboard Toggle word wrap

    Add the object identifier (OID) of the custom control if clients of Directory Server create their own controls and chain there operations to remote servers.

11.3. Chaining LDAP controls using the web console
Link kopieren

You can chain LDAP controls by using the web console.

Prerequisites

  • You have opened the Directory Server user interface in the web console and selected the instance.

Procedure

  1. Open the Database menu.
  2. Select the Chaining Configuration entry.
  3. Click Add button below the Forwarded LDAP Controls field.

  4. Select the LDAP control and click Add & Save New Controls button.

    Add the object identifier (OID) of the custom control if clients of Directory Server create their own controls and chain there operations to remote servers.

  5. Click Save button.

Verification

  • Click the Database menu and ensure that the selected LDAP control is chained.
Nach oben
Red Hat logoGithubredditYoutubeTwitter

Lernen

Testen, kaufen und verkaufen

Communitys

Über Red Hat Dokumentation

Wir helfen Red Hat Benutzern, mit unseren Produkten und Diensten innovativ zu sein und ihre Ziele zu erreichen – mit Inhalten, denen sie vertrauen können. Entdecken Sie unsere neuesten Updates.

Mehr Inklusion in Open Source

Red Hat hat sich verpflichtet, problematische Sprache in unserem Code, unserer Dokumentation und unseren Web-Eigenschaften zu ersetzen. Weitere Einzelheiten finden Sie in Red Hat Blog.

Über Red Hat

Wir liefern gehärtete Lösungen, die es Unternehmen leichter machen, plattform- und umgebungsübergreifend zu arbeiten, vom zentralen Rechenzentrum bis zum Netzwerkrand.

Theme

© 2025 Red Hat