docbkx/dev-guide/chap-getting-directory-info.xml

	chap-getting-directory-info.xml revision f537744cea5b0e4dcdf1786437346b5131272829
1965c5d21403c3d66eb1efa29c670378311b1077Paul Bryan<?xml version="1.0" encoding="UTF-8"?>
1965c5d21403c3d66eb1efa29c670378311b1077Paul Bryan<!--
1965c5d21403c3d66eb1efa29c670378311b1077Paul Bryan  ! CCPL HEADER START
1965c5d21403c3d66eb1efa29c670378311b1077Paul Bryan  !
1965c5d21403c3d66eb1efa29c670378311b1077Paul Bryan  ! This work is licensed under the Creative Commons
1965c5d21403c3d66eb1efa29c670378311b1077Paul Bryan  ! Attribution-NonCommercial-NoDerivs 3.0 Unported License.
1965c5d21403c3d66eb1efa29c670378311b1077Paul Bryan  ! To view a copy of this license, visit
1965c5d21403c3d66eb1efa29c670378311b1077Paul Bryan  ! http://creativecommons.org/licenses/by-nc-nd/3.0/
1965c5d21403c3d66eb1efa29c670378311b1077Paul Bryan  ! or send a letter to Creative Commons, 444 Castro Street,
1965c5d21403c3d66eb1efa29c670378311b1077Paul Bryan  ! Suite 900, Mountain View, California, 94041, USA.
1965c5d21403c3d66eb1efa29c670378311b1077Paul Bryan  !
1965c5d21403c3d66eb1efa29c670378311b1077Paul Bryan  ! You can also obtain a copy of the license at
1965c5d21403c3d66eb1efa29c670378311b1077Paul Bryan  ! trunk/opendj3/legal-notices/CC-BY-NC-ND.txt.
1965c5d21403c3d66eb1efa29c670378311b1077Paul Bryan  ! See the License for the specific language governing permissions
923784d59ac065eee98b208dfacda6fbc24c71d6Jake Feasel  ! and limitations under the License.
1965c5d21403c3d66eb1efa29c670378311b1077Paul Bryan  !
4eb529f0471672590d77cf89ef23987ba2c95ff4Laszlo Hordos  ! If applicable, add the following below this CCPL HEADER, with the fields
4eb529f0471672590d77cf89ef23987ba2c95ff4Laszlo Hordos  ! enclosed by brackets "[]" replaced with your own identifying information:
1965c5d21403c3d66eb1efa29c670378311b1077Paul Bryan  !      Portions Copyright [yyyy] [name of copyright owner]
1965c5d21403c3d66eb1efa29c670378311b1077Paul Bryan  !
1965c5d21403c3d66eb1efa29c670378311b1077Paul Bryan  ! CCPL HEADER END
1965c5d21403c3d66eb1efa29c670378311b1077Paul Bryan  !
1965c5d21403c3d66eb1efa29c670378311b1077Paul Bryan  !      Copyright 2011-2013 ForgeRock AS
1965c5d21403c3d66eb1efa29c670378311b1077Paul Bryan  !
7c64421614d420f1951773af3ce6a6111cef84b2Jake Feasel-->
7c64421614d420f1951773af3ce6a6111cef84b2Jake Feasel<chapter xml:id='chap-getting-directory-info'
7c64421614d420f1951773af3ce6a6111cef84b2Jake Feasel xmlns='http://docbook.org/ns/docbook' version='5.0' xml:lang='en'
7c64421614d420f1951773af3ce6a6111cef84b2Jake Feasel xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance'
7c64421614d420f1951773af3ce6a6111cef84b2Jake Feasel xsi:schemaLocation='http://docbook.org/ns/docbook http://docbook.org/xml/5.0/xsd/docbook.xsd'
1965c5d21403c3d66eb1efa29c670378311b1077Paul Bryan xmlns:xlink='http://www.w3.org/1999/xlink'
54f30b716553d88ea9ebb010037f4c74eb1d69acPaul Bryan xmlns:xinclude='http://www.w3.org/2001/XInclude'>
1965c5d21403c3d66eb1efa29c670378311b1077Paul Bryan <title>Getting Information About the Directory Service</title>
e5c203467ee4398ae81a6adb63da7477451b2e77Laszlo Hordos
e5c203467ee4398ae81a6adb63da7477451b2e77Laszlo Hordos <para>LDAP directories expose what their capabilities through the root
8166b048bd3e2106dbdeaa1a2b8a728952d788f4Laszlo Hordos DSE. They also expose their schema definitions, which define the sort of
8166b048bd3e2106dbdeaa1a2b8a728952d788f4Laszlo Hordos entries and attributes can be stored in a directory, over protocol. OpenDJ
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo Hordos SDK allows you to look up that information in your client application.</para>
e5c203467ee4398ae81a6adb63da7477451b2e77Laszlo Hordos
e5c203467ee4398ae81a6adb63da7477451b2e77Laszlo Hordos <section xml:id="read-root-dse">
e5c203467ee4398ae81a6adb63da7477451b2e77Laszlo Hordos  <title>Reading Root DSEs</title>
e5c203467ee4398ae81a6adb63da7477451b2e77Laszlo Hordos  <indexterm>
e5c203467ee4398ae81a6adb63da7477451b2e77Laszlo Hordos   <primary>LDAP</primary>
e5c203467ee4398ae81a6adb63da7477451b2e77Laszlo Hordos   <secondary>Root DSE</secondary>
e5c203467ee4398ae81a6adb63da7477451b2e77Laszlo Hordos  </indexterm>
e5c203467ee4398ae81a6adb63da7477451b2e77Laszlo Hordos  <indexterm>
8166b048bd3e2106dbdeaa1a2b8a728952d788f4Laszlo Hordos   <primary>LDAP</primary>
e5c203467ee4398ae81a6adb63da7477451b2e77Laszlo Hordos   <secondary>Checking supported features</secondary>
8166b048bd3e2106dbdeaa1a2b8a728952d788f4Laszlo Hordos  </indexterm>
8166b048bd3e2106dbdeaa1a2b8a728952d788f4Laszlo Hordos
8166b048bd3e2106dbdeaa1a2b8a728952d788f4Laszlo Hordos  <para>The directory entry with distinguished name <literal>""</literal> (empty
8166b048bd3e2106dbdeaa1a2b8a728952d788f4Laszlo Hordos  string) is called the <firstterm>root DSE</firstterm>. DSE stands for
8166b048bd3e2106dbdeaa1a2b8a728952d788f4Laszlo Hordos  DSA-Specific Entry. DSA stands for Directory Server Agent, a single
8166b048bd3e2106dbdeaa1a2b8a728952d788f4Laszlo Hordos  directory server.</para>
8166b048bd3e2106dbdeaa1a2b8a728952d788f4Laszlo Hordos
8166b048bd3e2106dbdeaa1a2b8a728952d788f4Laszlo Hordos  <para>The root DSE serves to expose information over LDAP about what the
8166b048bd3e2106dbdeaa1a2b8a728952d788f4Laszlo Hordos  directory server supports in terms of LDAP controls, auth password schemes,
8166b048bd3e2106dbdeaa1a2b8a728952d788f4Laszlo Hordos  SASL mechanisms, LDAP protocol versions, naming contexts, features, LDAP
8166b048bd3e2106dbdeaa1a2b8a728952d788f4Laszlo Hordos  extended operations, and so forth. The root DSE holds all the information
1965c5d21403c3d66eb1efa29c670378311b1077Paul Bryan  as values of LDAP attributes. OpenDJ defines these attributes as operational.
a14db14686bf9f6817c47e5c14e887d74dd615f0Laszlo Hordos  In other words, OpenDJ only returns the attributes if you either request
13ec3d949d0a30c6d8fa0b899f583d64164f37f3Chris Drake  them specifically, or request all operational attributes.</para>
f85a185a657def022f6d8896cc755403f7d40694Andi Egloff
a14db14686bf9f6817c47e5c14e887d74dd615f0Laszlo Hordos  <para>To access the list of what an OpenDJ server supports, for example,
2d7019e19039fd083850f76e54b6b26a7b06a8f2yaromin  get all operational attributes from the root DSE entry as in the following
2d7019e19039fd083850f76e54b6b26a7b06a8f2yaromin  excerpt.</para>
2d7019e19039fd083850f76e54b6b26a7b06a8f2yaromin
2d7019e19039fd083850f76e54b6b26a7b06a8f2yaromin  <programlisting language="java"
00689490237ac7e37aa116d443e4e5882c5552dcMatthias Tristl  >[jcp:org.forgerock.opendj.examples.GetInfo:--- JCite ---]</programlisting>
00689490237ac7e37aa116d443e4e5882c5552dcMatthias Tristl
2d7019e19039fd083850f76e54b6b26a7b06a8f2yaromin  <para>For a complete example in context, see <link
2d7019e19039fd083850f76e54b6b26a7b06a8f2yaromin  xlink:href="http://opendj.forgerock.org/opendj-ldap-sdk-examples/xref/org/forgerock/opendj/examples/GetInfo.html"
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo Hordos  xlink:show="new">GetInfo.java</link>, one of the <link
00689490237ac7e37aa116d443e4e5882c5552dcMatthias Tristl  xlink:href="http://opendj.forgerock.org/opendj-ldap-sdk-examples/"
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo Hordos  xlink:show="new">OpenDJ LDAP SDK examples</link>.</para>
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo Hordos
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo Hordos  <para>Notice that by default you can access the root DSE after authenticating
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo Hordos  anonymously. When you look at the entry in LDIF, you see that supported
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo Hordos  capabilities are generally identified by object identifier (OID).</para>
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo Hordos
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl  <screen># Root DSE for LDAP server at localhost:1389
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo Hordosdn:
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo HordossupportedControl: 1.2.826.0.1.3344810.2.3
00689490237ac7e37aa116d443e4e5882c5552dcMatthias TristlsupportedControl: 1.2.840.113556.1.4.1413
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo HordossupportedControl: 1.2.840.113556.1.4.319
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo HordossupportedControl: 1.2.840.113556.1.4.473
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo HordossupportedControl: 1.2.840.113556.1.4.805
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo HordossupportedControl: 1.3.6.1.1.12
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo HordossupportedControl: 1.3.6.1.1.13.1
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo HordossupportedControl: 1.3.6.1.1.13.2
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo HordossupportedControl: 1.3.6.1.4.1.26027.1.5.2
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo HordossupportedControl: 1.3.6.1.4.1.42.2.27.8.5.1
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo HordossupportedControl: 1.3.6.1.4.1.42.2.27.9.5.2
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo HordossupportedControl: 1.3.6.1.4.1.42.2.27.9.5.8
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo HordossupportedControl: 1.3.6.1.4.1.4203.1.10.1
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo HordossupportedControl: 1.3.6.1.4.1.4203.1.10.2
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo HordossupportedControl: 1.3.6.1.4.1.7628.5.101.1
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo HordossupportedControl: 2.16.840.1.113730.3.4.12
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo HordossupportedControl: 2.16.840.1.113730.3.4.16
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo HordossupportedControl: 2.16.840.1.113730.3.4.17
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo HordossupportedControl: 2.16.840.1.113730.3.4.18
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo HordossupportedControl: 2.16.840.1.113730.3.4.19
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo HordossupportedControl: 2.16.840.1.113730.3.4.2
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo HordossupportedControl: 2.16.840.1.113730.3.4.3
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo HordossupportedControl: 2.16.840.1.113730.3.4.4
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo HordossupportedControl: 2.16.840.1.113730.3.4.5
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedControl: 2.16.840.1.113730.3.4.9
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedAuthPasswordSchemes: MD5
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedAuthPasswordSchemes: SHA1
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedAuthPasswordSchemes: SHA256
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo HordossupportedAuthPasswordSchemes: SHA512
660a40ad15749d74efa0dd4ef12cb8781c570e22Laszlo HordossupportedAuthPasswordSchemes: SHA384
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedSASLMechanisms: PLAIN
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedSASLMechanisms: EXTERNAL
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedSASLMechanisms: DIGEST-MD5
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedSASLMechanisms: CRAM-MD5
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedLDAPVersion: 2
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedLDAPVersion: 3
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristletag: 00000000e9155ba0
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlpwdPolicySubentry: cn=Default Password Policy,cn=Password Policies,cn=config
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedFeatures: 1.3.6.1.1.14
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedFeatures: 1.3.6.1.4.1.4203.1.5.1
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedFeatures: 1.3.6.1.4.1.4203.1.5.2
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedFeatures: 1.3.6.1.4.1.4203.1.5.3
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsubschemaSubentry: cn=schema
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristlchangelog: cn=changelog
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSCiphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSCiphers: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSCiphers: TLS_RSA_WITH_AES_128_CBC_SHA256
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSCiphers: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSCiphers: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSCiphers: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSCiphers: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSCiphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSCiphers: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSCiphers: TLS_RSA_WITH_AES_128_CBC_SHA
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSCiphers: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSCiphers: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSCiphers: TLS_DHE_RSA_WITH_AES_128_CBC_SHA
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSCiphers: TLS_DHE_DSS_WITH_AES_128_CBC_SHA
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSCiphers: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSCiphers: TLS_ECDHE_RSA_WITH_RC4_128_SHA
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSCiphers: SSL_RSA_WITH_RC4_128_SHA
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSCiphers: TLS_ECDH_ECDSA_WITH_RC4_128_SHA
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSCiphers: TLS_ECDH_RSA_WITH_RC4_128_SHA
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSCiphers: TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSCiphers: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSCiphers: SSL_RSA_WITH_3DES_EDE_CBC_SHA
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSCiphers: TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSCiphers: TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSCiphers: SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSCiphers: SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSCiphers: SSL_RSA_WITH_RC4_128_MD5
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSCiphers: TLS_EMPTY_RENEGOTIATION_INFO_SCSV
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristlds-private-naming-contexts: cn=admin data
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristlds-private-naming-contexts: cn=ads-truststore
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristlds-private-naming-contexts: cn=backups
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristlds-private-naming-contexts: cn=config
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristlds-private-naming-contexts: cn=monitor
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristlds-private-naming-contexts: cn=schema
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristlds-private-naming-contexts: cn=tasks
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristlds-private-naming-contexts: dc=replicationChanges
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSProtocols: SSLv2Hello
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSProtocols: SSLv3
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSProtocols: TLSv1
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSProtocols: TLSv1.1
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedTLSProtocols: TLSv1.2
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlnumSubordinates: 1
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlnamingContexts: dc=example,dc=com
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlstructuralObjectClass: ds-root-dse
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristllastExternalChangelogCookie:
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristllastChangeNumber: 0
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlfirstChangeNumber: 0
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedExtension: 1.3.6.1.1.8
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedExtension: 1.3.6.1.4.1.26027.1.6.1
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedExtension: 1.3.6.1.4.1.26027.1.6.2
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedExtension: 1.3.6.1.4.1.26027.1.6.3
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedExtension: 1.3.6.1.4.1.4203.1.11.1
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedExtension: 1.3.6.1.4.1.1466.20037
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlsupportedExtension: 1.3.6.1.4.1.4203.1.11.3
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlvendorName: ForgeRock AS.
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlvendorVersion: OpenDJ 2.5.0
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlhasSubordinates: true
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlentryDN:
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias TristlentryUUID: d41d8cd9-8f00-3204-a980-0998ecf8427e
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl</screen>
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl  <para>Three key pieces of information in the entry shown above are attribute
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl  values for <literal>namingContexts</literal> (showing the base DNs under
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl  which your application can look for user data),
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl  <literal>subschemaSubentry</literal> (indicating where the LDAP schema are
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl  stored), and <literal>supportedLDAPVersion</literal> (with OpenDJ seen to
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl  support both LDAPv2 and LDAPv3).</para>
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl </section>
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl <section xml:id="check-ldapv3-support">
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl  <title>Checking For LDAPv3 Support</title>
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl  <para>As shown in the previous section, you can check that the root DSE
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl  attribute <literal>supportedLDAPVersion</literal> has a value of 3.</para>
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl  <para>LDAPv3 has been available since 1997. Client applications built with
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl  OpenDJ SDK use LDAPv3.</para>
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl </section>
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl <section xml:id="get-schema-information">
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl  <title>Getting Schema Information</title>
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl  <indexterm>
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl   <primary>LDAP</primary>
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl   <secondary>Schema</secondary>
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl  </indexterm>
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl  <para>The root DSE attribute <literal>subschemaSubentry</literal> shows
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl  the DN of the entry holding LDAP schema definitions. LDAP schema defines the
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl  object classes, attributes types, attribute value syntaxes, matching rules
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl  and so on that constrain entries held by the LDAP server.</para>
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl  <para>The <literal>org.forgerock.opendj.ldap.schema</literal> package
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl  is devoted to constructing and querying LDAP schemas. The
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl  <literal>Schema</literal> class for example lets you
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl  <literal>readSchemaForEntry()</literal> to get the relevant schema from the
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl  subschema subentry, and then <literal>validateEntry()</literal> to check
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl  an entry your application has constructed before sending the entry to the
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl  server.</para>
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl </section>
8698e80519313c98c8d5c6de06ae04cdfc816cafMatthias Tristl</chapter>