The proprietary get effective rights request control may be included in a search request to indicate that matching entries should include one or more aclRights attributes with the access control permissions that a given user may have when interacting with the entry. The control has an OID of 1.3.6.1.4.1.42.2.27.9.5.2, and it takes a value. The following fields may be present in the value-json representation of the value:

The following sample shows the JSON encoding for the control:

{ 
    "oid":"1.3.6.1.4.1.42.2.27.9.5.2",
    "control-name":"Get Effective Rights Request Control",
    "criticality":false,
    "value-json":{ 
        "authorization-id":"dn:uid=jdoe,ou=People,dc=example,dc=com",
        "attributes":[ 
            "uid",
            "mail",
            "telephoneNumber",
            "userPassword" 
            ] 
    } 
}