Don't send HTML emails to the ITS.Apologies.
I'm unable to reproduce the error you're talking about. Please provide a config that demonstrates the error, and the complete ldapsearch command invocation.
The original submission contained the ldapsearch command: ldapsearch -h localhost -x -b "..........." -D ".........." -w .... -E !sss=mail:caseIgnoreIA5Match -E !vlv=0/10/0/10
(I just suppressed the bind dn, base dn and password) The important aspect of the search command is that it is doing a server-sidesort on the mail attribute, is asking for a virtual list view, but is letting the size default to zero (which should mean unlimited).
Your patch cannot be correct since limits_check() is already called by the frontend at the beginning of every search operation.
Not in my experience. As far as I can see limits_check() is called only in fe_op_search() in search.c, and when debugging I found that fe_op_search() was being called from overlay_op_walk() in backover.c.
When the ldapsearch command is run, it sends a search request to slapd, which returns the first 11 records found, in order of the mail attribute. Then ldapsearch prompts Press [before/after(/offset/count|:value)] Enter for the next window. and on hitting enter ldapsearch sends the next request to slapd. This time the request gets handled by sssvlv_op_search() before fe_op_search() is called, because there is an active session. int overlay_op_walk( Operation *op, SlapReply *rs, slap_operation_t which, slap_overinfo *oi, slap_overinst *on){ BI_op_bind **func; int rc = SLAP_CB_CONTINUE; for (; on; on=on->on_next ) { func = &on->on_bi.bi_op_bind; if ( func[which] ) { op->o_bd->bd_info = (BackendInfo *)on; rc = func[which]( op, rs ); /* <--- sssvlv_op_search() called here */ if ( rc != SLAP_CB_CONTINUE ) break; } } if ( rc == SLAP_CB_BYPASS ) rc = SLAP_CB_CONTINUE; func = &oi->oi_orig->bi_op_bind; if ( func[which] && rc == SLAP_CB_CONTINUE ) { op->o_bd->bd_info = oi->oi_orig; rc = func[which]( op, rs ); /* <--- fe_op_search() called here */ } Chris