The LDAP extended operation provides a degree of extensibility to the LDAP protocol by allowing clients to request operations not defined in the core protocol specification. 

A server should display the [supported Extension]s within the [rootDSE] as a [supportedExtension].

 Examples of LDAP extended operations include:

*[LDAP Cancel Extended Operation] -- This operation may be used to cancel a previously-requested operation.
*[Password Modify Extended Operation] -- This operation may be used to change a user password.
*[StartTLS] -- This operation may be used to initiate a secure communication channel over an existing connection.
*[Who Am I Extended Operation] -- This operation may be used to determine the authorization identity associated with the client connection.

The extended request protocol op is defined as follows:

{{{
ExtendedRequest ::= [APPLICATION 23] SEQUENCE {
    requestName      [0] LDAPOID,
    requestValue     [1] OCTET STRING OPTIONAL } 
}}}

The elements of the extended request include:

* [requestName] - The [OID] that is used to indicate the type of operation to perform.
* [requestValue] - An optional value containing additional information to use during the course of processing the request.

The response to an [Extended Request] is a [Extended Response]

!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]