search returns max 500 users

[jmcclane]

In LdapUtility.php:312

@ldap_control_paged_result( $this->connection, static::PAGE_SIZE, false, $this->paginationCookie );

returns true, but every time it runs into LdapUtility.php:377

// Should never happen unless pagination is not supported, for some odd reason if ($entries['count'] == static::MAX_ENTRIES) { break; }

So that means there is no paging, anyone any hint?

[janit42]

Does your LDAP server acutally support paging? Try something like this to check:

ldapsearch -LLL -x -H ldaps://ldap.yourdomain.xy -D "cn=binduser,dc=yourdomain,dc=xy," -b "" -W -s base '(supportedControl=1.2.840.113556.1.4.319)'

If you don't get a result, the LDAP server doesn't support it.

You can also request pagedResults explicitly and mark them es critical with the exclamation mark:

ldapsearch -LLL -x -H ldaps://ldap.yourdomain.xy -E '!pr=2/prompt' -D "cn=binduser,dc=yourdomain,dc=xy," -b "cn=something_existant" -W -s base

If the server doesn't support pagedResults, you'll get something like:

Critical extension is unavailable (12)

You can also use php to check, as shown here: https://www.php.net/manual/en/ldap.controls.php

The code in LdapUtility.php:

@ldap_control_paged_result( $this->connection, static::PAGE_SIZE, false, $this->paginationCookie )

doesn't seem to be a valid check for pagedResults support as the function even returned true in my tests, when pagination was marked as critical and the LDAP server didn't support pagedResults. To check for support it probably should be implemented like show'n in the php link I've pasted above.

#18 points to the same issue if I'm not mistaken.

[xperseguers]

This ticket is really old, there were many changes in master branch (upcoming v4.0.1) and possibly there is no more such bug...