subschemaSubentry not working correctly

[smehrbrodt]

While trying to setup Synology with this LDAP wrapper, I got the hint that Synology can't connect to the LDAP server because the subschemaSubentry is not correctly set up.

This shows how to fetch schema information from an LDAP server: https://www.openldap.org/faq/data/cache/1366.html

The first command is ldapsearch -x -LLL -b dc=example,dc=com -s base subschemaSubentry

When I run this against my ctldap wrapper (ldapsearch -H ldap://<url>:389 -x -W -D cn=root,ou=users,o=<my_base_dn> -s base subschemaSubentry), I get the following output:

# extended LDIF
#
# LDAPv3
# base <> (default) with scope baseObject
# filter: (objectclass=*)
# requesting: subschemaSubentry 
#

#
dn:

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

According to the docs, the result should be something like:

  dn: dc=Example,dc=COM
  subschemaSubentry: cn=Subschema

In the ctldap server I see log ouput like this:

ctldap_1  | 2024-04-26T06:20:16.777Z [DEBUG] leuchtturm - Admin bind with DN "cn=root,ou=users,o=leuchtturm"
ctldap_1  | 2024-04-26T06:20:16.777Z [DEBUG] leuchtturm - Admin bind successful
ctldap_1  | 2024-04-26T06:20:16.796Z [DEBUG] undefined - Empty request, return directory information

[milux]

I've tried to connect with Synology long ago, goal was to use its Radius Server via ctldap as LDAP backend for WiFi Enterprise Auth. Never got it working, not even close. I bet 100 bucks that when you resolve that issue, you will encounter another one. And then another. But if you have a lot of time and think you can work this through - be my guest. :wink: