4
These amendments cause all "getXXent" calls implemented by
5
NSS_LDAP to request paging of results in accordance with RFC
8
If you are using LDAP searches against a Microsoft Active
9
Directory database, you will find that search results are
10
divided into "chunks". A standard "ldap_search" against an
11
untweaked AD returns a maximum of 1000 entries. To get more than
12
that, you have to either use an extended search with paging, or
13
increase the query policy limits on your AD. If you have a
14
large number of users (we have over 30K) raising the policy
15
limits that high is worrying.
17
The page size requested is 1000 entries, and is not a config
18
file item. However, it should be OK with any Active Directory.
20
Because of the way the page control is used, any LDAPv3 server
21
that does not implement paging should simply ignore it and
22
return entries as normal; however, I haven't been able to test
28
The TAR file contains 3 context diff files and one extra C file
29
(pagectrl. c) that implements the standard API calls for paged
30
results controls. If your LDAP library supports these anyway,
31
you shouldn't need it, but I don't know of one that does. The
32
Sun library has the entry points, but I couldn't get them to
35
1. Unpack the TAR file in your NSS LDAP directory.
37
2. Run "patch" to apply the 3 diff files. On my system that is:
39
patch ldap-nss.c < ldap-nss.c.diff
40
patch ldap-nss.h < ldap-nss.h.diff
41
patch Makefile.in < Makefile.in.diff
43
3. Run "configure" as specified in the NSS LDAP installation
44
instructions, to recreate the Makefile.
50
You should now have a new nss_ldap.so ready to copy to /lib.
52
Max Caines (max.caines@wlv.ac.uk)