Directory Server and LDAP Paged Results

Usually, the Directory Serer imposes constraints on a LDAP search as to “how many maximum entries” can be returned to the client for a search filter. This is called the “sizelimit”. Upon reaching this limit server will stop sending the results back with LDAP error code 4 (Size Limit Exceeded.).

In case an application which is a LDAP clients needs more than the configured number of entries, the client can “request” for paged results. Meaning, get results page wise where each page is equal to or less than the “Size Limit” number. One of the popular examples is address book application which contains a huge number of entries and an application that queries the Directory server that would receive large amount of entries.

In order to address such a scenario, the LDAP provides two controls.

One is Simple Pages Results defined in RFC 2696 (http://www.ietf.org/rfc/rfc2696). As the name suggests it is a very simple paged results control which informs server to send results sequentially in pages. This is an informational RFC, meaning it is not part of the standard LDAPv3 specification.

Another LDAP control which is more advanced than the one defined in RFC 2696 is VLV Control. VLV stands for Virtual List Control. VLV provides more advanced paged search results than Simple Paged Results control and has been standardized at IETF which potentially become a standard for paged results. The VLV control is defined in the internet-draft “LDAP Extensions for Scrolling View Browsing of Search Results” (http://www.ietf.org/proceedings/01mar/I-D/ldapext-ldapv3-vlv-04.txt)

Both, Directory Server 6.3 and OpenDS support VLV control while OpenDS supports both Simple Paged Results as well as VLV.

Comments:

I have implemented Simple Paged Results but find that it works well with one Active Directory but not with another. Interfacing to one AD I can only receive one page no matter what the Page size. Whereas I have no such limitation interfacing to another AD. Both directories show support for LDAP_PAGED_RESULT_OID_STRING "1.2.840.113556.1.4.319"

Posted by David McCaffree on February 12, 2009 at 09:25 AM PST #

I too, like David, only get one page worth of results and the AD server never returns a cookie to me which I should be able to use to get the next iteration of my result set. Any suggestions on what to do?

Posted by Pulkit Singhal on July 27, 2009 at 05:01 AM PDT #

Post a Comment:
  • HTML Syntax: NOT allowed
About

Srikanth Konjarla

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today