Environment
Novell eDirectory 8.8 for All Platforms
Situation
Application requires the ability to use distinguishedName as a searchable attribute for eDirectory/NLDAP
When running a test search no entries are returned:
Example:
ldapsearch -D cn=admin,o=novell -w novell -h 192.168.0.1 -p 389 -b o=novell distinguishedName=cn=user.o=novell dn
or
ldapsearch -D cn=admin,o=novell -w novell -h 192.168.0.1 -p 389 -b o=novell distinguishedName=* dn
When running a test search no entries are returned:
Example:
ldapsearch -D cn=admin,o=novell -w novell -h 192.168.0.1 -p 389 -b o=novell distinguishedName=cn=user.o=novell dn
or
ldapsearch -D cn=admin,o=novell -w novell -h 192.168.0.1 -p 389 -b o=novell distinguishedName=* dn
Resolution
In eDirectory dn or distinguishedName is not an attribute with the DN of the object. The name of the object isn't stored separately in eDirectory.
Workaround:
Schema can be extended to create an attribute = distinguishedName which can be added to the objects that you need to search with this attribute.
Example:
Create an AUX Class to contain the attribute distinguishedName.
iManager
Roles/ Tasks
Schema
Create Attribute | Attribute name: distinguishedName | next
Syntax | Distinguished Name | next
Set Attribute flags | Single Valued | next | finished
Create Class | Class name: AddDn | next
Choose Auxiliary Class | next
Select classes the new class will inherit from | no need to select anything | next
Select the mandatory attributes | do not select anything at this point or you'll get a -609 missing mandatory when you add the objectclass to the user/object | next
Select the optional attributes | select the distinguishedName attribute created above. | next | Finished
Modify the user or object where you would like the distinguishedName attribute and add the aux class and attribute.
iManager
Roles & Tasks
Directory Administration
Modify object
Select an object to add the distinguishedName
Under General | Other
Choose Object Class | Edit | + | Type in the name of the aux class, in this case it would be addDN | OK
Modify the object again
Under General | Other
distinguishedName should now be an unvalued attribute | <- to move the attribute to valued attribute | Add Attribute | Browse to the name of the object | OK
Modify the object using an ldif:
dn: cn=user.o=context
changetype: modify
add: objectclass
objectclass: addDN
-
add: distinguishedName
distinguishedName: cn=user.o=context
Workaround:
Schema can be extended to create an attribute = distinguishedName which can be added to the objects that you need to search with this attribute.
Example:
Create an AUX Class to contain the attribute distinguishedName.
iManager
Roles/ Tasks
Schema
Create Attribute | Attribute name: distinguishedName | next
Syntax | Distinguished Name | next
Set Attribute flags | Single Valued | next | finished
Create Class | Class name: AddDn | next
Choose Auxiliary Class | next
Select classes the new class will inherit from | no need to select anything | next
Select the mandatory attributes | do not select anything at this point or you'll get a -609 missing mandatory when you add the objectclass to the user/object | next
Select the optional attributes | select the distinguishedName attribute created above. | next | Finished
Modify the user or object where you would like the distinguishedName attribute and add the aux class and attribute.
iManager
Roles & Tasks
Directory Administration
Modify object
Select an object to add the distinguishedName
Under General | Other
Choose Object Class | Edit | + | Type in the name of the aux class, in this case it would be addDN | OK
Modify the object again
Under General | Other
distinguishedName should now be an unvalued attribute | <- to move the attribute to valued attribute | Add Attribute | Browse to the name of the object | OK
Modify the object using an ldif:
dn: cn=user.o=context
changetype: modify
add: objectclass
objectclass: addDN
-
add: distinguishedName
distinguishedName: cn=user.o=context
Additional Information
NOTE: The value of this distinguishedName attribute will be updated when the object is moved or renamed