1. CA Directory doesn't store the parent DN or full DN with the entry (aka entryDN).
2. The only way to do this would be to create a new attribute for this purpose and maintain it via an LDAP client
3. LDAP search requests typically contain 3 pieces of information, search base, scope & filter.
- search base: where in the directory information tree (DIT) to begin searching from
- scope: whether to return all entries under the base, the entries one level under the base or just the entry specifed by the base
- filter: matching rules when evaluating entries to return
For example, if you wished return all the users for the DN in your example, you could:
ldapsearch -h hostname:port -b "ou=users,ou=carlstadt,ou=idm,ou=nj-test,ou=carlstadt,ou=corporate,dc=coach,dc=com" -s sub "(uid=*)"