Overview#
The virtual list view (VLV) is a supportedControl that can be attached to a searchRequest to use a server-side sorting control.Virtual List View Control may be combined with the simple paged results control the search Request also include the server-side sort control to ensure that the results are consistently sorted across requests.
The VLV control is defined in draft-ietf-ldapext-ldapv3-vlv.
As far as we can determine this is NOT an approved standard.
The request control has an OID of 2.16.840.1.113730.3.4.9 and the value is encoded as follows:
VirtualListViewRequest ::= SEQUENCE { beforeCount INTEGER (0..maxInt), afterCount INTEGER (0..maxInt), target CHOICE { byOffset [0] SEQUENCE { offset INTEGER (1 .. maxInt), contentCount INTEGER (0 .. maxInt) }, greaterThanOrEqual [1] AssertionValue }, contextID OCTET STRING OPTIONAL }
The response control has an OID of 2.16.840.1.113730.3.4.10 and the value is encoded as:
VirtualListViewResponse ::= SEQUENCE { targetPosition INTEGER (0 .. maxInt), contentCount INTEGER (0 .. maxInt), virtualListViewResult ENUMERATED { success (0), operationsError (1), protocolError (3), unwillingToPerform (53), insufficientAccessRights (50), timeLimitExceeded (3), adminLimitExceeded (11), innapropriateMatching (18), sortControlMissing (60), offsetRangeError (61), other(80), ... }, contextID OCTET STRING OPTIONAL }
Virtual List View Control Example#
To Search Using the Virtual List View Control The sort order option (-S) must be used with the Virtual List View control. This example uses the Virtual List View Control options to specify the following:- Before=0*. Specifies that 0 entries before the target should be displayed.
- After=2*. Specifies that 2 entries after the target should be displayed.
- Index=1*. Specifies that the offset of the target entry within the result set be returned.
- Count=0*. Specifies that target entry at the index position be returned, which is the first entry.
This example is from the OpenDS LDAPSEARCH utility (Other LDAP vendors tools may vary)
ldapsearch -h localhost -p 1389 -D "cn=Directory Manager" -w bindPassword -b dc=example,dc=com --searchScope sub --sortOrder givenName --virtualListView "0:2:1:0" "(objectclass=*)"
The same only for OpenLDAP (at least used to work)
ldapsearch -h localhost -p 1389 -D "cn=Directory Manager" -w bindPassword -b dc=example,dc=com --searchScope sub -S givenName -x -G "0:2:1:0" "(objectclass=*) givenName"
To find the first two entries where givenName starts with "j" (OpenLDAP)
- Before=0*. Specifies that 0 entries before the target should be displayed.
- After=2*. Specifies that 2 entries after the target should be displayed.
- "j" for entries where givenName begins with "j"
ldapsearch -h localhost -p 1389 -D "cn=Directory Manager" -w bindPassword -b dc=example,dc=com --searchScope sub -S givenName -x -G "0:4:j" "(objectclass=*) givenName"
Virtual List View Control and eDirectory#
eDirectory LDAP Virtual List View And Server Side Sort ControlsVirtual List View Control Microsoft Active Directory#
Virtual List View Control seems to have an issue when MaxTempTableSize is smaller than the total number of Objects. The Virtual List View Control may fail with a LDAP Result Codes of Unavailable Critical Extension similar to:LdapException: (12) Unavailable Critical Extension LdapException: Server Message: 000020EF: SvcErr: DSID-03140552, problem 5010 (UNAVAIL_EXTENSION), data 0 Error code: 53
More Information#
There might be more information for this subject on one of the following:- 2.16.840.1.113730.3.4.9
- EDirectoryLDAPVirtualListViewAndServerSideSortControls
- Glossary Of LDAP And Directory Terminology
- LDAP Extensions and Controls Listing
- LDAPControlsList
- MaxTempTableSize
- Search Using the Virtual List View Control
- SupportedControl
- VLV
- X-SEARCH-FLAGS
- [#1] - Virtual List View Active Directory search LdapException: Unavailable Critical Extension
- based on information obtained 2020-03-17