RE: Supported RFC's and "features"

["Clowser, Jeff (Contractor)" <jeff_clowser@fanniemae.com>]

>> Unknown features:
>> - Per user resource limits (sizelimit, timelimit, idletimeout, etc).
I
>> think Howard Chu said OpenLDAP has some of this, but I haven't seen
any
>> reference to it or how to use it in the docs (does this functionality
>> exist, and if so, is there any documentation?)
>
>man slapd.conf, see the "limits" command

Doh (smacks head).  That was too obvious, so of course I missed it... :)

OK, Sun allows you to set the following per user limit:
- Time limit (how much time an operation can take)
- Size limit (max # of entries a search can return)
- Lookthru limit (max number of entries that will be looked at in a 
	search, even if max # entries have not been found)
- Idle timeout (max time a connection bound as this user can be idle
before closing)

Looks like OpenLDAP can do the time limit, size limit
(size.soft/size.hard) and the lookthru limit (size.unchecked), but can't
do idle timeout (which of course is the one I use... :-/ )


>> The ones that are really problematic are the lack of:
>
>> - RFC 2891 (server side sorting)
>
>Why is this problematic?  Server side sorting is a horrible waste of
server 
>CPU that's better served by the client doing sorting how it wants.
>
>--Quanah

Because of existing usage.  Unfortunately, we have applications that use
and depend on it (and I think the VLV mechanism depends on it as well -
it requires that the result set be sorted, in any case).  Breaking all
those apps would be a hard sell.

Also, if you are doing simple paged results (which OpenLDAP does
support), the point is that the client may not have the resources to
handle all matching results at one time, so getting them back in (some
form of) sorted order is useful.


 - Jeff