diff --git a/ldapserver/entries.py b/ldapserver/entries.py
index 999897b932925df44eb6021ee7c096adc2c7c277..9bd34b7ee00eead7be101b43ebc58bb28f169d91 100644
--- a/ldapserver/entries.py
+++ b/ldapserver/entries.py
@@ -255,6 +255,8 @@ class Entry(AttributeDict):
 		for selector in attributes or ['*']:
 			if selector == '*':
 				selected_attributes |= self.schema.user_attribute_types
+			elif selector == '+':
+				selected_attributes |= self.schema.operational_attribute_types
 			elif selector == '1.1':
 				continue
 			elif selector in self.schema.attribute_types:
diff --git a/ldapserver/ldap.py b/ldapserver/ldap.py
index 1c04d8b816e3d347f933df0199d2718b906c57d7..7386131042545837c61860012d9c2a783294cc45 100644
--- a/ldapserver/ldap.py
+++ b/ldapserver/ldap.py
@@ -727,5 +727,8 @@ class PagedResultsValue(asn1.Sequence):
 	size: int
 	cookie: bytes
 
+# LDAP All Operational Attributes (RFC3673)
+ALL_OPERATIONAL_ATTRS_OID = '1.3.6.1.4.1.4203.1.5.1'
+
 # LDAP Absolute True and False Filters (RFC4526)
 ABSOLUTE_TRUE_FALSE_OID = '1.3.6.1.4.1.4203.1.5.3'
diff --git a/ldapserver/schema/types.py b/ldapserver/schema/types.py
index 8eeac167eedf6a33cfd03b9a97de3243412d4e7c..4f3dcee37ec08019e363c7b0384727a03bf667d2 100644
--- a/ldapserver/schema/types.py
+++ b/ldapserver/schema/types.py
@@ -205,7 +205,9 @@ class AttributeType:
 		self.is_operational = (definition.usage != AttributeTypeUsage.userApplications)
 		schema._register(self, self.oid, self.ref, *self.names)
 		schema.attribute_types._register(self, self.oid, self.ref, *self.names)
-		if not self.is_operational:
+		if self.is_operational:
+			schema.operational_attribute_types.add(self)
+		else:
 			schema.user_attribute_types.add(self)
 		#: Set of all matching rules in schema that can be applied to values of the attribute type
 		self.compatible_matching_rules = self.syntax.compatible_matching_rules
@@ -462,7 +464,10 @@ class Schema(OIDDict):
 		                              for item in attribute_type_definitions or []]
 		#: Mapping of attribute type OIDs and short descriptive names to :any:`AttributeType` objects
 		self.attribute_types = OIDDict()
+		#: Set of user (non-operational) attribute types
 		self.user_attribute_types = set()
+		#: Set of operational (non-user) attribute types
+		self.operational_attribute_types = set()
 		# Attribute types may refer to other (superior) attribute types. To resolve
 		# these dependencies we cycle through the definitions, each time adding
 		# those not added yet with fulfilled dependencies. Finally we add all the
diff --git a/ldapserver/server.py b/ldapserver/server.py
index cdf2729102ee905fd2b8d35392a3fc53a9753de2..03789fc7bbb5d26dd26a680de2c59621dbbbe80e 100644
--- a/ldapserver/server.py
+++ b/ldapserver/server.py
@@ -198,6 +198,7 @@ class LDAPRequestHandler(BaseLDAPRequestHandler):
 			self.rootdse['supportedSASLMechanisms'].append('PLAIN')
 		if self.supports_sasl_external:
 			self.rootdse['supportedSASLMechanisms'].append('EXTERNAL')
+		self.rootdse['supportedFeatures'].append(ldap.ALL_OPERATIONAL_ATTRS_OID)
 		self.rootdse['supportedFeatures'].append(ldap.ABSOLUTE_TRUE_FALSE_OID)
 		self.rootdse['supportedLDAPVersion'] = ['3']
 		self.bind_object = None
diff --git a/tests/test_entries.py b/tests/test_entries.py
index 20c9e2d72cacd735890e8107d4bc89c18fe0bb69..1947dc64f82de3f1e302e21cba1467e57669bfff 100644
--- a/tests/test_entries.py
+++ b/tests/test_entries.py
@@ -365,6 +365,11 @@ class TestObjectEntry(unittest.TestCase):
 		self.assertEqual(len(result.attributes), 2)
 		self.assertEqual({item.type: item.vals for item in result.attributes},
 		                 {'cn': [b'foo', b'bar'], 'objectClass': [b'top']})
+		result = obj.search('cn=foo,dc=example,dc=com', ldap.SearchScope.baseObject, ldap.FilterPresent('objectclass'), ['+'], False)
+		self.assertEqual(result.objectName, 'cn=foo,dc=example,dc=com')
+		self.assertEqual(len(result.attributes), 1)
+		self.assertEqual({item.type: item.vals for item in result.attributes},
+		                 {'subschemaSubentry': [b'cn=subschema']})
 		result = obj.search('cn=foo,dc=example,dc=com', ldap.SearchScope.baseObject, ldap.FilterPresent('objectclass'), ['1.1'], False)
 		self.assertEqual(result.objectName, 'cn=foo,dc=example,dc=com')
 		self.assertEqual(len(result.attributes), 0)