blob: 5a5a7c10451eddab1c3fa15d36efd0e8a41ed972 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
Purpose
-------
These amendments cause all "getXXent" calls implemented by
NSS_LDAP to request paging of results in accordance with RFC
2696.
If you are using LDAP searches against a Microsoft Active
Directory database, you will find that search results are
divided into "chunks". A standard "ldap_search" against an
untweaked AD returns a maximum of 1000 entries. To get more than
that, you have to either use an extended search with paging, or
increase the query policy limits on your AD. If you have a
large number of users (we have over 30K) raising the policy
limits that high is worrying.
The page size requested is 1000 entries, and is not a config
file item. However, it should be OK with any Active Directory.
Because of the way the page control is used, any LDAPv3 server
that does not implement paging should simply ignore it and
return entries as normal; however, I haven't been able to test
this.
Installing
----------
The TAR file contains 3 context diff files and one extra C file
(pagectrl. c) that implements the standard API calls for paged
results controls. If your LDAP library supports these anyway,
you shouldn't need it, but I don't know of one that does. The
Sun library has the entry points, but I couldn't get them to
work.
1. Unpack the TAR file in your NSS LDAP directory.
2. Run "patch" to apply the 3 diff files. On my system that is:
patch ldap-nss.c < ldap-nss.c.diff
patch ldap-nss.h < ldap-nss.h.diff
patch Makefile.in < Makefile.in.diff
3. Run "configure" as specified in the NSS LDAP installation
instructions, to recreate the Makefile.
4. Run "make clean"
5. Run "make"
You should now have a new nss_ldap.so ready to copy to /lib.
Max Caines (max.caines@wlv.ac.uk)
16 April 2002
|