The root DSE provides general information about the LDAP server. DSE stands for DSA-Specific Entry, where DSA is Directory System Agent, which is the element of a X.500 directory service that provides User Agents with access to a portion of the directory. The DN of the root DSE is comprised of zero RDNs and represented by an empty string (the null DN).
Some interesting attributes:
namingContexts: A top level base DNs. Each
is a complete subtree that resides entirely on a single server.
Could be used as the starting point of a search. Suitable as
the argument to the -b option of the
ldapsearch command or as the value of the
BASE setting of the
$HOME/.ldaprc
subschemaSubentry: DN of the primary schema
for the server.
supportedLDAPVersion: One or more entries
indicating supported LDAP versions.
supportedControl: One or more entries each
with an OID of a supported request control. E.g.,
1.2.840.113556.1.4.473 is the OID for
“Server Side Sorting of Search Results”, described
in RFC
2891.
supportedExtension: One or more entries
each with an OID of a supported extended request type. E.g.,
1.3.6.1.4.1.4203.1.11.3 is the OID for the
“‘Who am I?’ Operation”, described
in RFC
4532.
ldapsearch \
-b '' \
-s base \
'*' +Depending on the server, the results may look something like those given below.
dn: currentTime: 20190113181342.0Z subschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=example,DC=com dsServiceName: CN=NTDS Settings,CN=SERVER1,CN=Servers,CN=Sites,CN=Configuration,DC=example,DC=com namingContexts: CN=Configuration,DC=example,DC=com namingContexts: CN=Schema,CN=Configuration,DC=example,DC=com namingContexts: DC=foo,DC=example,DC=com defaultNamingContext: DC=foo,DC=example,DC=com schemaNamingContext: CN=Schema,CN=Configuration,DC=example,DC=com configurationNamingContext: CN=Configuration,DC=example,DC=com rootDomainNamingContext: DC=example,DC=com supportedControl: 1.2.840.113556.1.4.319 ... supportedControl: 1.2.840.113556.1.4.2256 supportedLDAPVersion: 3 supportedLDAPVersion: 2 supportedLDAPPolicies: MaxPoolThreads ... supportedLDAPPolicies: SystemMemoryLimitPercent highestCommittedUSN: 1322528598 supportedSASLMechanisms: GSSAPI ... supportedSASLMechanisms: DIGEST-MD5 dnsHostName: SERVER1.foo.example.com ldapServiceName: example.com:server1$@FOO.EXAMPLE.COM serverName: CN=SERVER1,CN=Servers,CN=Sites,CN=Configuration,DC=example,DC=com supportedCapabilities: 1.2.840.113556.1.4.800 ... supportedCapabilities: 1.2.840.113556.1.4.2237 isSynchronized: TRUE isGlobalCatalogReady: TRUE domainFunctionality: 6 forestFunctionality: 6 domainControllerFunctionality: 6