[Date Prev][Date Next]
Re: OpenLDAP as an address book for MS Outlook
2012/12/6 Victor Sudakov <firstname.lastname@example.org>:
> Cl?ment OUDOT wrote:
>> > When I try to browse an addresslist from Outlook, the OpenLDAP server
>> > gives the following error:
>> > Lightweight Directory Access Protocol
>> > LDAPMessage searchResDone(11) inappropriateMatching (serverSort control: No ordering rule) [0 results]
>> > messageID: 11
>> > protocolOp: searchResDone (5)
>> > searchResDone
>> > resultCode: inappropriateMatching (18)
>> > matchedDN:
>> > errorMessage: serverSort control: No ordering rule
>> > [Response To: 6]
>> > [Time: 0.002066000 seconds]
>> > What is this error? Could someone please interpret it? I almost believe that if I can get rid of it, I
>> > will have a browseable addresslist in Outlook.
>> As I already replied :
>> the problem can be that Outlook use SSSVLV controls on attributes
>> without ordering rules in OpenLDAP. Unfortunately, the 'name'
>> attribute has no ordering rules, so you can't sort results on name
>> (this includes, cn, sn, gn attributes, because they inherit from
>> name). We do not have this limitation on AD (but it breaks LDAP
> I don't care about LDAP standard in this particular installation.
> I need an OpenLDAP server at this site only as a shared address book,
> it will perform no other function and will never interoperate with
> anything else.
>> You can't use server side sort control on cn or sn in OpenLDAP, this
>> will always return an error because there is no ordering rule for
>> these attributes.
> So if OpenLDAP can be tweaked to provide server side sort control on
> cn or sn, I would go for it. Can it be done by modifying the 'name'
> attribute in the core.schema? Or by a patch?
You can try to patch schema_prep.c in OpenLDAP source, find the 'name'
attribute definition and add caseIgnoreOrderingMatch ordering rule to
You then need to rebuild OpenLDAP from sources.