[Date Prev][Date Next]
Re: (ITS#8724) slapo-pcache truncates remote results
No, it's a pcache bug.
10.10.55.128(remote active directory) works
localhost(without pcache) works
localhost(with pcache) breaks.
Paging of the results *does* work with AD. And works with back-ldap,
pointed at AD. It's only when pcache is added that the paging options
On Wed, Sep 6, 2017 at 12:48 PM, Quanah Gibson-Mount <email@example.com> wrote:
> --On Wednesday, September 06, 2017 6:15 PM +0000 firstname.lastname@example.org wrote:
>> Full_Name: Adam Heath
>> Version: 2.4.44
>> OS: debian stretch
>> URL: ftp://ftp.openldap.org/incoming/
>> Submission from: (NULL) (22.214.171.124)
>> I have configured slapd to proxy to a remote server.
>> Using ldapsearch, I can talk directly to that remote server, and using the
>> pr=200/noprompt option, I get back 2900 results.
>> Pointing ldapsearch at localhost, *without* pcache, I get the same set of
>> results(pages, and the final count is correct).
>> When I enabled slapo-pcache, with *no* attribute sets, then the paging
>> options are removed, and I get only 2000 results(the max-size from the
>> remote server).
> Hi Adam,
> slapo-pcahce is acting in the correct fashion. It would appear that your
> remote system is Active Directory, which in typical Microsoft fashion,
> deliberately mis-implements paged results so that it incorrectly ignores the
> maxsize setting when paged results are in use (contrary to specifications).
> I would generally suggest talking to the AD administrator so that the bind
> identity of the pcache database is not subject to the maxsize limitation.
> This ITS will be closed.
> Quanah Gibson-Mount
> Product Architect
> Symas Corporation
> Packaged, certified, and supported LDAP solutions powered by OpenLDAP: