Retrieve LDAP Controls using ldapsearch
807573Nov 19 2009 — edited Nov 20 2009I am looking for some advice on retrieving LDAP controls using the ldapsearch tool provided with the DSRK distributed with DSEE 6.3. I am using the below string, it returns my result but not the control.
/app/dsee6/dsrk6/bin/ldapsearch -h myhost -Z -P cert8.db -D "cn=directory manager" -w - -J 1.3.6.1.4.1.42.2.27.9.5.8:true -b ou=people,dc=local uid=user123 dn
1.3.6.1.4.1.42.2.27.9.5.8 is the account usability control, it shows as being a supported control.
Result
-----------------
bash-2.05# /app/dsee6/dsrk6/bin/ldapsearch -h myhost -p 636 -Z -P cert8.db -D "cn=directory manager" -w - -b ou=people,dc=local -J 1.3.6.1.4.1.42.2.27.9.5.8:true uid=user123 dn
Enter bind password:
version: 1
dn: uid=user123,ou=people,dc=local
Result with critical marked false
----------------
bash-2.05# /app/dsee6/dsrk6/bin/ldapsearch -h myhost -p 636 -Z -P cert8.db -D "cn=directory manager" -w - -b ou=people,dc=local -J 1.3.6.1.4.1.42.2.27.9.5.8:false uid=user123 dn
Enter bind password:
ldap_search: Protocol error
ldap_search: additional info: Protocol error, Account Usable control MUST be marked critical
Edited by: nick50119 on Nov 19, 2009 7:40 PM