Which LDAP servers support the “Who am I?” extended operation?

The extended “Who am I?” operation, defined in RFC 4532, allows an LDAP client to retrieve the bind DN associated with the current connection.

This ext. op. can be useful in situations where an authenticated (via bind) LDAP connection is shared by several clients: the client that issued the authentication request would certainly know the bind DN, but the other clients may not – the “Who am I?” mechanism provides them with a mean to find out the user’s identity.

The “Who am I?” RFC was published in June 2006. As of 2010 the following popular LDAP v3 compatible servers claim support for it:

  • Active Directory from Microsoft, starting from Windows Server 2008, in the format DOMAIN/user
  • Novell eDirectory
  • OpenDS
  • OpenLDAP
  • Sun Directory Server