{"id":161,"date":"2010-03-29T20:35:49","date_gmt":"2010-03-30T03:35:49","guid":{"rendered":"http:\/\/www.analogrithems.com\/rant\/?p=161"},"modified":"2011-08-25T19:49:36","modified_gmt":"2011-08-26T02:49:36","slug":"find-the-schema-path-in-ldap","status":"publish","type":"post","link":"https:\/\/www.analogrithems.com\/rant\/find-the-schema-path-in-ldap\/","title":{"rendered":"Find the Schema Path In LDAP"},"content":{"rendered":"<p>So I&#8217;ve been trying to find a good way to discover the schema path in LDAP that would work across Netscape style ldap servers as well as Active Directory.\u00c2\u00a0 See the problem is each one hides their schema path in a different place.\u00c2\u00a0 Netscap style servers (Redhat-DS, Project 389, iPlanet, Sun One, etc) use &#8216;cn=schema&#8217;, while openldap has been known to use &#8216;cn=subschema&#8217; and Active Directory uses\u00c2\u00a0 <tt>'CN=Schema<\/tt>, <tt>CN= Configuration<\/tt>, <tt>DC=<em>forest_root_domain'<\/em><\/tt> this makes it really difficult to create a universal tool that can find any schema path.\u00c2\u00a0 In the past I would lift code from the PhpLDAPAdmin tool, but even they changed their methods.\u00c2\u00a0 Usually you get stuck using several case statements.\u00c2\u00a0 Recently I discovered a way to do a query to the Root DSE and have it just tell you where it has stored it&#8217;s schema data.\u00c2\u00a0\u00c2\u00a0 Use the <strong>subschemaSubentry <\/strong>to tell you exactly where the schema path is.<\/p>\n<p>Here is an example of how to get it in PHP<\/p>\n<p>$checkDN = @ldap_read($this-&gt;database, &#8221;, &#8216;objectClass=*&#8217;);<br \/>\n$schemaEntry = ldap_get_entries($this-&gt;database, $checkDN);<br \/>\n$SchemaDN = $schemaEntry[0][&#8216;subschemaSubentry&#8217;];<\/p>\n","protected":false},"excerpt":{"rendered":"<p>So I&#8217;ve been trying to find a good way to discover the schema path in LDAP that would work across Netscape style ldap servers as well as Active Directory.\u00c2\u00a0 See the problem is each one hides their schema path in a different place.\u00c2\u00a0 Netscap style servers (Redhat-DS, Project 389, iPlanet, Sun One, etc) use &#8216;cn=schema&#8217;, [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8,44,3],"tags":[],"class_list":["post-161","post","type-post","status-publish","format-standard","hentry","category-cakephp","category-featured","category-ldap"],"_links":{"self":[{"href":"https:\/\/www.analogrithems.com\/rant\/wp-json\/wp\/v2\/posts\/161","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.analogrithems.com\/rant\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.analogrithems.com\/rant\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.analogrithems.com\/rant\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.analogrithems.com\/rant\/wp-json\/wp\/v2\/comments?post=161"}],"version-history":[{"count":4,"href":"https:\/\/www.analogrithems.com\/rant\/wp-json\/wp\/v2\/posts\/161\/revisions"}],"predecessor-version":[{"id":164,"href":"https:\/\/www.analogrithems.com\/rant\/wp-json\/wp\/v2\/posts\/161\/revisions\/164"}],"wp:attachment":[{"href":"https:\/\/www.analogrithems.com\/rant\/wp-json\/wp\/v2\/media?parent=161"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.analogrithems.com\/rant\/wp-json\/wp\/v2\/categories?post=161"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.analogrithems.com\/rant\/wp-json\/wp\/v2\/tags?post=161"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}