Hello,

 

I have been working on implementing OpenLDAP as an AD proxy. I now have a setup that I am happy with over all, except for one strange behaviour:

 

When browsing AD via the proxy, I do not get all the results in a given OU.

 

Notes:

 

• The OUs never contain more than 200-250 entries, well below both AD and OpenLDAP’s default limits?
• Different LDAP clients end up displaying different amounts of results, though the amount seems to be consistent within a given client. So for OU X ldp.exe shows Y results always, but Apache Directory Studio shows Z results, always.
• When doing a search, if I ask to return only specific attributes, the number of results returned shrinks. So when I search on objectClass=* on a given OU I get X results, if I request one attribute only, the list returned shrinks a little bit, if I add another attribute, the list shrinks again!
• If I use those exact same clients to connect to AD directly, with all other things being equal, there is no such issue, and all expected results are shown. I never configure any special client limits, paging, etc. on either connection (AD or OpenLDAP).
• I am using a binary build of 2.4.49 for Windows.
• Authentication is done via local database with a different DN, there is no rebind-as-user.
• There are ACLs on the proxy to restrict access to certain OUs.

 

It seems as if I am hitting some sort of limit, as suggest but the fact that when I make a more complex search, the number of results shrinks … but this does not appear to be a number of results or time limit, and either way I am well under 1000 results and under 60 seconds (The default limits I think?).

 

So … what’s going on? Anyone have any idea? I’m stumped …

 

Thanks!

 

Jean-François Doyon

 

Gestionnaire, Opérations et sécurité des T.I.

Commissariat aux langues officielles

jean-francois.doyon@clo-ocol.gc.ca / Tél. : 613-218-0547

 

Manager, I.T. Operations and security

Office of the Commissioner of Official Languages

jean-francois.doyon@ocol-clo.gc.ca / Tel: 613-218-0547