But we can not get VLV to work.
- The OID for the VLV control, 2.16.840.1.113722.214.171.124, is not listed.
- The OID for the SSS control, 1.2.840.1135126.96.36.1993, is also not present.
We were originally told there was a defect initiated to have the OIDs added to the rootDSE. (October of 2008)
Controls are listed in the rootDSE#For 8.8 (on SP1) The following controls are listed in the rootDSE
|2.16.840.1.1137188.8.131.52||Persistent search Request|
|2.16.840.1.1137184.108.40.206||Persistent search Response|
|2.16.840.1.1137220.127.116.11.7||LDAP transaction support supportedGroupingTypes|
Controls that may work but with Limitations#
|1.2.840.113518.104.22.1683||Sever-side sort control request|
|1.2.840.113522.214.171.1244||Server-side sort control response|
|2.16.840.1.1137126.96.36.199||Virtual list view request|
|2.16.840.1.1137188.8.131.52||Virtual list view response|
Even though the VLV and SSS controls are not supported and not present in the Root DSE, the LDAP Server MAY respond to VLV and SSS requests. Novell chose to retain the functionality, as some developers were willing to work within the confines of the limitations and defects.
Novell is investigating the addition of support for VLV and SSS to a future version of Novell eDirectory.
eDirectory 8.8.3#When we programmaticlly check the controls on 8.8.3 we see:
- the Paged Results Control in the RootDSE and it operates as expected.
- the Server Side Sort Control is NOT in the RootDSE but it operates as expected.
- the Virtual List View Control NOT in the RootDSE and it returns as: Other (80) Other, Server Message: NDS error: not implemented (-714)
VLV Control is NOT in rootDSE! Calling Asynchronous Search... Search stopped with exception LDAPException: Other (80) Other LDAPException: Server Message: NDS error: not implemented (-714) LDAPException: Matched DN: Other Received LDAP Sort Control from Server Error code: 80 No offending attribute returned Received VLV Response Control from Server... Result Code => 0 First Position => 1 Content Count => 383 Context String => ??a
Limitations of Virtual List View Control#The known limitations of VLV are listed below. Novell recommends that the VLV control not be used.
- The LDAP Server must have a copy of all objects within the search scope, in order for the VLV control to work. For example, the server would need a copy of every replica, if the search scope started at the top of the tree. If the LDAP Server doesn't have a copy of all objects in the search scope, it will return error 53 when the VLV control is used in a search request.
- The VLV control does not work with filtered replicas, even if the LDAP Server is configured to use them in a search. The LDAP Server will return error 53.
- The VLV control might not work correctly when the search filter contains multiple parts, e.g. (&(cn=*)(givenname=*)). The LDAP Server will return error 53. Simple filters, containing only one search element, should be used with the VLV control.
- The VLV control will return the same entry multiple times when the attribute being searched on has multiple values. If a user entry has three CN attributes and the search filter is (cn=*), that user entry will appear three different times.
- The attribute being searched on must have a value index.
This list should not be viewed as exhaustive. Other defects and limitations could be added in the future.
You might want to use the Simple Paged ResultsControl that is in eDirectory