Chapter 5. Root DSE attributes
The attributes in this section are used to define the root directory server entry (DSE) for the server instance. The information defined in the DSE relates to the actual configuration of the server instance, such as the controls, mechanisms, or features supported in that version of the server software. It also contains information specific to the instance, like its build number and installation date.
The DSE is a special entry, outside the normal DIT, and can be returned by searching with a null search base. For example:
# ldapsearch -D "cn=Directory Manager" -W -p 389 -h server.example.com -x -s base -b "" "objectclass=*"
5.1. dataversion
This attribute contains a timestamp which shows the most recent edit time for any data in the directory.
dataversion: 020090923175302020090923175302
OID | |
Syntax | GeneralizedTime |
Multi- or Single-Valued | Single-valued |
Defined in | Directory Server |
5.2. defaultNamingContext
Corresponds to the naming context, out of all configured naming contexts, which clients should use by default.
OID | |
Syntax | DN |
Multi- or Single-Valued | Single-valued |
Defined in | Directory Server |
5.3. lastusn
The USN Plug-in assigns a sequence number to every entry whenever a write operation — add, modify, delete, and modrdn — is performed for that entry. The USN is assigned in the entryUSN
operational attribute for the entry.
The USN Plug-in has two modes: local and global.
In local mode, each database maintained for a server instance has its own instance of the USN Plug-in with a separate USN counter per back end database. The most recent USN assigned for any entry in the database is displayed in the lastusn
attribute. When the USN Plug-in is set to local mode, the lastUSN
attribute shows both the database which assigned the USN and the USN:
lastusn;pass:quotes[database_name]:pass:quotes[USN]
For example:
lastusn;example1: 213 lastusn;example2: 207
In global mode, when the database uses a shared USN counter, the lastUSN
value shows the latest USN assigned by any database:
lastusn: 420
5.4. namingContexts
Corresponds to a naming context the server is controlling or shadowing. When Directory Server does not control any information (such as when it is an LDAP gateway to a public X.500 directory), this attribute is absent. When Directory Server believes it contains the entire directory, the attribute has a single value, and that value is the empty string (indicating the null DN of the root).This attribute permits a client contacting a server to choose suitable base objects for searching.
OID | 1.3.6.1.4.1.1466.101.120.5 |
Syntax | DN |
Multi- or Single-Valued | Multi-valued |
Defined in |
5.5. netscapemdsuffix
This attribute contains the DN for the top suffix of the directory tree for machine data maintained in the server. The DN itself points to an LDAP URL. For example:
cn=ldap://dc=pass:quotes[server_name],dc=example,dc=com:389
OID | 2.16.840.1.113730.3.1.212 |
Syntax | DN |
Multi- or Single-Valued | Single-valued |
Defined in | Directory Server |
5.6. supportedControl
The values of this attribute are the object identifiers (OIDs) that identify the controls supported by the server. When the server does not support controls, this attribute is absent.
OID | 1.3.6.1.4.1.1466.101.120.13 |
Syntax | DirectoryString |
Multi- or Single-Valued | Multi-valued |
Defined in |
5.7. supportedExtension
The values of this attribute are the object identifiers (OIDs) that identify the extended operations supported by the server. When the server does not support extended operations, this attribute is absent.
OID | 1.3.6.1.4.1.1466.101.120.7 |
Syntax | DirectoryString |
Multi- or Single-Valued | Multi-valued |
Defined in |
5.8. supportedFeatures
This attribute contains features supported by the current version of {PRODUCT}.
OID | 1.3.6.1.4.1.4203.1.3.5 |
Syntax | OID |
Multi- or Single-Valued | Multi-valued |
Defined in |
5.9. supportedLDAPVersion
This attribute identifies the versions of the LDAP protocol implemented by the server.
OID | 1.3.6.1.4.1.1466.101.120.15 |
Syntax | Integer |
Multi- or Single-Valued | Multi-valued |
Defined in |
5.10. supportedSASLMechanisms
This attribute identifies the names of the SASL mechanisms supported by the server. When the server does not support SASL attributes, this attribute is absent.
OID | 1.3.6.1.4.1.1466.101.120.14 |
Syntax | DirectoryString |
Multi- or Single-Valued | Multi-valued |
Defined in |
5.11. vendorName
This attribute contains the name of the server vendor.
OID | 1.3.6.1.1.4 |
Syntax | DirectoryString |
Multi- or Single-Valued | Single-valued |
Defined in |
5.12. vendorVersion
This attribute shows the vendor’s version number for the server.
OID | 1.3.6.1.1.5 |
Syntax | DirectoryString |
Multi- or Single-Valued | Single-valued |
Defined in |
config-schema-reference-title