无法从389 Directory Server检索eduPerson属性

在当前设置下，我具有在其上手动添加了eduPerson模式的OpenLDAP服务器，并且可以从其中检索任何属性，如eduPersonPrincipalName，eduPersonPrimaryAffiliation等，而没有任何问题。>

现在，我想用389 Directory Server进行测试，据我所知，它已经预添加了eduPerson模式。问题在于，即使在创建具有eduPerson属性（例如eduPersonPrincipalName等）的用户后，我也无法检索eduPerson架构的任何属性值。我需要它，因为我们使用了SimpleSAMLphp SSO。以下是具有多个eduPerson属性的用户的搜索示例，没有显示任何属性：

ldapsearch -x -b "cn=John Doe,ou=people,dc=domain,dc=com" -H ldap://127.0.0.1:389

# extended LDIF
#
# LDAPv3
# base <cn=John Doe,ou=people,dc=domain,dc=com> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# John Doe, people, domain.com
dn: cn=John Doe,ou=people,dc=domain,dc=com
objectClass: eduPerson
objectClass: inetOrgPerson
objectClass: organizationcomPerson
objectClass: person
objectClass: posixAccount
objectClass: top
cn: John Doe
gidNumber: 10000
homeDirectory: /home/[email protected]
uid: [email protected]
uidNumber: 10055
description: Authenticated at 2020-04-28 12:27:08.657033
loginShell: /bin/bash
mail: [email protected]

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1
谢谢，

编辑：

version: 1

dn: cn=John Doe,ou=people,dc=domain,dc=com
objectClass: eduPerson
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: posixAccount
objectClass: top
cn: John Doe
gidNumber: 10000
homeDirectory: /home/[email protected]
sn: Doe
uid: [email protected]
uidNumber: 10057
carLicense: AA123BB
departmentNumber: IT
eduPersonPrimaryAffiliation: employee
eduPersonPrincipalName: [email protected]
eduPersonScopedAffiliation: [email protected]
employeeNumber: 1234567890
givenName: John
initials: JD
loginShell: /bin/bash
mail: [email protected]
title: Software Developer
userPassword:: e0NSWVBUfSQ2JG1LcDlHUmRUcENBRVZ1ZkUkc0djRkNsalcyWEVoby9FRlNGS
 jhLRXRYR1dmTGFUNXNYUk9BbHFRSHhoWXN4TWlZWEl6SEFCa0U1UzN3cm5uSktMSVAyTlg1d0V5
 YXN1U1laNXJocDA=
[当我尝试搜索此用户时，我仅获得以下属性：

ldapsearch -x -b "cn=John Doe,ou=people,dc=rash,dc=al" -H ldap://127.0.0.1:389
# extended LDIF
#
# LDAPv3
# base <cn=John Doe,ou=people,dc=rash,dc=al> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# John Doe, people, rash.al
dn: cn=John Doe,ou=people,dc=rash,dc=al
objectClass: eduPerson
objectClass: posixAccount
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
loginShell: /bin/bash
homeDirectory: /home/[email protected]
uid: [email protected]
cn: John Doe
uidNumber: 10057
gidNumber: 10000
mail: [email protected]

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

在当前设置下，我具有在其上手动添加了eduPerson模式的OpenLDAP服务器，我可以从中检索它而没有任何问题属性，例如eduPersonPrincipalName，...