Some supported directories make a distinction between operational and user attributes. Servers that draw such distinctions frequently specify special attribute names that mean “all user attributes” and “all operational attributes.” Common operational attributes may include creation and modification times.
Sun Java Directory server, Active Directory, ADAM, and AD LDS do not support special attribute names.
Other servers may allow the name “*” to mean “all user attributes” and “+” to mean “all operational attributes.”
When you use ldapsearch to examine an entire OpenLdap RootDSE object, you must use the following commands:
When run from this operating system | Use this command |
---|---|
Windows | ldapsearch -H ldap://host:port/ -b "" -s base * |
Linux | ldapsearch -H ldap://host:port/ -b "" -s base \* |