Working With Controls

Working With Controls This chapter demonstrates how to use LDAP controls.

About LDAP Controls Controls provide a mechanism whereby the semantics and arguments of existing LDAP operations may be extended. One or more controls may be attached to a single LDAP message. A control only affects the semantics of the message it is attached to. Controls sent by clients are termed request controls, and those sent by servers are termed response controls.

Determining Supported Controls For OpenDJ, the controls supported are listed in the Administration Guide appendix, LDAP Controls. You can access the list of OIDs for supported LDAP controls by reading the supportedControl attribute of the root DSE. $ ldapsearch --baseDN "" --searchScope base --port 1389 "(objectclass=*)" supportedControl dn: supportedControl: 1.2.826.0.1.3344810.2.3 supportedControl: 1.2.840.113556.1.4.1413 supportedControl: 1.2.840.113556.1.4.319 supportedControl: 1.2.840.113556.1.4.473 supportedControl: 1.2.840.113556.1.4.805 supportedControl: 1.3.6.1.1.12 supportedControl: 1.3.6.1.1.13.1 supportedControl: 1.3.6.1.1.13.2 supportedControl: 1.3.6.1.4.1.26027.1.5.2 supportedControl: 1.3.6.1.4.1.42.2.27.8.5.1 supportedControl: 1.3.6.1.4.1.42.2.27.9.5.2 supportedControl: 1.3.6.1.4.1.42.2.27.9.5.8 supportedControl: 1.3.6.1.4.1.4203.1.10.1 supportedControl: 1.3.6.1.4.1.4203.1.10.2 supportedControl: 1.3.6.1.4.1.7628.5.101.1 supportedControl: 2.16.840.1.113730.3.4.12 supportedControl: 2.16.840.1.113730.3.4.16 supportedControl: 2.16.840.1.113730.3.4.17 supportedControl: 2.16.840.1.113730.3.4.18 supportedControl: 2.16.840.1.113730.3.4.19 supportedControl: 2.16.840.1.113730.3.4.2 supportedControl: 2.16.840.1.113730.3.4.3 supportedControl: 2.16.840.1.113730.3.4.4 supportedControl: 2.16.840.1.113730.3.4.5 supportedControl: 2.16.840.1.113730.3.4.9 The following excerpt shows the Java equivalent of the preceding command. final LDAPConnectionFactory factory = new LDAPConnectionFactory( host, port); Connection connection = null; try { connection = factory.getConnection(); connection.bind("", "".toCharArray()); final SearchResultEntry entry = connection.searchSingleEntry( "", // DN is "" for root DSE. SearchScope.BASE_OBJECT, // Read only the root DSE. "objectclass=*", // Every object matches this filter. "supportedControl"); // Check supported controls. final LDIFEntryWriter writer = new LDIFEntryWriter(System.out); writer.writeComment("Supported controls for server " + host + ":" + port); if (entry != null) writer.writeEntry(entry); writer.flush(); }

Assertion Request Control TODO

Authorization Identity Controls TODO

Entry Change Notification Response Controls TODO

Get Effective Rights Request Control TODO

Manage DSAIT Request Control TODO

Matched Values Request Control TODO

Password Expired Response Control TODO

Password Expiring Response Control TODO

Password Policy Controls TODO

Permissive Modify Request Control TODO

Persistent Search Request Control TODO

Post-Read Controls TODO

Pre-Read Controls TODO

Proxied Authorization Request Controls TODO

Server-Side Sort Controls TODO

Simple Paged Results Control TODO

Sub-entries Request Control TODO

Subtree Delete Request Control TODO

Virtual List View Controls TODO

Custom Controls TODO