[PATCH] Implement Virtual List View (VLV) LDAP control (OID 2.16.840.1.113730.3.4.9)

Douglas Bagnall douglas.bagnall at catalyst.net.nz
Thu Mar 10 08:09:12 UTC 2016


hi Uri,

On 10/03/16 20:16, Uri Simchoni wrote:
> Hi Garming / Douglas,
> 
> That's truly great stuff!

Thanks!

> - Is there a way in Samba AD DC to disable support for VLV control?
> - (Windows has a way, probably because of the performance / resource
> - implications)

We haven't done anything special for this, though there might well be
a way of disabling ldb modules in general.

> - Have you been able to use cookies in searches against Windows DCs?
> - (e.g. pass the cookie tests) I've tried it with OpenLDAP in the
> - past and failed - whenever I place a cookie from last result in
> - next request it returns an error.

Yes, all the tests pass against Windows 2012R2, which is essentially
how we wrote them. Our encoding of VLV requests in ASN.1 has
historically differed from that expected by Windows (not that we ever
used it mind you). The RFCs are often too vague for the blame to be
pinned on either side -- so let's just say it is quite possible that
OpenLDAP and Windows have parallel and incompatible understandings of
VLV.

cheers,
Douglas



More information about the samba-technical mailing list