Export (0) Print
Expand All
4 out of 13 rated this helpful - Rate this topic

RootDSE

In LDAP 3.0, rootDSE is defined as the root of the directory data tree on a directory server. The rootDSE is not part of any namespace. The purpose of the rootDSE is to provide data about the directory server. For more information about rootDSE, see Serverless Binding and RootDSE in the Active Directory SDK documentation.

rootDSE contains the following attributes. All attributes are single-valued unless otherwise noted.

AttributeSyntaxDescription

configurationNamingContext

String(Teletex)

Contains the distinguished name for the configuration container.

currentTime

String(Teletex)

Contains the current time set on this directory server in Coordinated Universal Time format.

defaultNamingContext

String(Teletex)

Contains the distinguished name for the domain of which this directory server is a member.

dnsHostName

String(Teletex)

Contains the DNS address for this directory server.

domainControllerFunctionality

String(Teletex)

Indicates the functional level of the domain controller. This can be one of the following values.

"0" - Windows 2000 Mode

"2" - Windows Server 2003 Mode

"3" - Windows Server 2008 Mode

domainFunctionality

String(Teletex)

Indicates the functional level of the domain. This can be one of the following values.

"0" - Windows 2000 Domain Mode

"1" - Windows Server 2003 Interim Domain Mode

"2" - Windows Server 2003 Domain Mode

"3" - Windows Server 2008 Domain Mode

"4" - Windows Server 2008 R2 Domain Mode

dsServiceName

String(Teletex)

Contains the distinguished name of the NTDS settings object for this directory server.

forestFunctionality

String(Teletex)

Indicates the functional level of the forest. This can be one of the following values.

"0" - Windows 2000 Forest Mode

"1" - Windows Server 2003 Interim Forest Mode

"2" - Windows Server 2003 Forest Mode

"3" - Windows Server 2008 Forest Mode

"4" - Windows Server 2008 R2 Forest Mode

highestCommittedUSN

String(Teletex)

Contains the highest update sequence number (USN) on this directory server. Used by directory replication.

isGlobalCatalogReady

String(Teletex)

Indicates if the global catalog is fully operational. Contains either "TRUE" or "FALSE".

isSynchronized

String(Teletex)

Indicates if the directory server is fully synchronized. Contains either "TRUE" or "FALSE".

ldapServiceName

String(Teletex)

Contains the Service Principal Name (SPN) for the LDAP server. Used for mutual authentication.

namingContexts

String(Teletex)

A multiple-valued attribute that contains the distinguished names for all naming contexts stored on this directory server. By default, a Windows 2000 domain controller contains at least three naming contexts: Schema, Configuration, and one for the domain of which the server is a member.

rootDomainNamingContext

String(Teletex)

Contains the distinguished name for the first domain in the forest that contains the domain of which this directory server is a member.

schemaNamingContext

String(Teletex)

Contains the distinguished name for the schema container.

serverName

String(Teletex)

Contains the distinguished name for the server object for this directory server in the configuration container.

subschemaSubentry

String(Teletex)

Contains the distinguished name for the subSchema object. The subSchema object contains properties that expose the supported attributes (in the attributeTypes property) and classes (in the objectClasses property).

The subschemaSubentry property and subschema are defined in LDAP 3.0 (see RFC 2251).

supportedCapabilities

String(Teletex)

A multiple-valued attribute that contains the capabilities supported by this directory server.

supportedControl

String(Teletex)

A multiple-valued attribute that contains the OIDs for extension controls supported by this directory server. See the table below for a list of the possible control OIDs.

supportedLDAPPolicies

String(Teletex)

A multiple-valued attribute that contains the names of the supported LDAP management policies.

supportedLDAPVersion

String(Teletex)

A multiple-valued attribute that contains the LDAP versions (specified by major version number) supported by this directory server.

supportedSASLMechanisms

String(Teletex)

Contains the security mechanisms supported for SASL negotiation (see LDAP RFCs). By default, GSSAPI is supported.

 

Active Directory supports the following control OIDs in the supportedControl attribute. For more information, see LDAPControl and ldap_search_init_page.

Control OIDString constant

1.2.840.113556.1.4.319

LDAP_PAGED_RESULT_OID_STRING

1.2.840.113556.1.4.473

LDAP_SERVER_SORT_OID

1.2.840.113556.1.4.474

LDAP_SERVER_RESP_SORT_OID

1.2.840.113556.1.4.801

LDAP_SERVER_SD_FLAGS_OID

1.2.840.113556.1.4.528

LDAP_SERVER_NOTIFICATION_OID

1.2.840.113556.1.4.417

LDAP_SERVER_SHOW_DELETED_OID

1.2.840.113556.1.4.619

LDAP_SERVER_LAZY_COMMIT_OID

1.2.840.113556.1.4.841

LDAP_SERVER_DIRSYNC_OID

1.2.840.113556.1.4.529

LDAP_SERVER_EXTENDED_DN_OID

1.2.840.113556.1.4.805

LDAP_SERVER_TREE_DELETE_OID

1.2.840.113556.1.4.521

LDAP_SERVER_CROSSDOM_MOVE_TARGET_OID

1.2.840.113556.1.4.1338

LDAP_SERVER_VERIFY_NAME_OID

1.2.840.113556.1.4.1339

LDAP_SERVER_DOMAIN_SCOPE_OID

1.2.840.113556.1.4.1340

LDAP_SERVER_SEARCH_OPTIONS_OID

1.2.840.113556.1.4.1413

LDAP_SERVER_PERMISSIVE_MODIFY_OID

 

 

 

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft. All rights reserved.