ODSEE - How to Secure Access to Root DSE Entry
(Doc ID 1605659.1)
Last updated on JANUARY 27, 2019
Applies to:Oracle Directory Server Enterprise Edition - Version 6.0 and later
- The RootDSE is a standard entry defined in the LDAP 3.0 specification.
- The RootDSE contains information about the directory server, including its capabilities and configuration.
- The search response will contain a standard set of information that is defined in the following RFC: RFC 2251 - Lightweight Directory Access Protocol (v3)
- The root DSE (DSA-specific Entry) data can be retrieved from an LDAPv3 server by doing a base-level search with a null BaseDN and with filter ObjectClass=*.
- The root DSE publishes information about the LDAP server including which LDAP versions it supports, any supported SASL mechanisms, supported controls as well as the DN for its subschemaSubentry.
- In addition to server information, operational attributes may be exposed that allow for extended administration functionality.
By Default when installing ODSEE the root dse can be retrieved anonymously using ldapsearch -
ldapsearch -h <ldap_host> -p <ldap_port> -s base -b "" "objectclass=*"
Example of RooDSE entry in ODSEE
ldapsearch -h Myldap.host.comp.com -p 389 -s base -b "" "objectclass=*"
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document