Purpose ------- These amendments cause all "getXXent" calls implemented by NSS_LDAP to request paging of results in accordance with RFC 2696. If you are using LDAP searches against a Microsoft Active Directory database, you will find that search results are divided into "chunks". A standard "ldap_search" against an untweaked AD returns a maximum of 1000 entries. To get more than that, you have to either use an extended search with paging, or increase the query policy limits on your AD. If you have a large number of users (we have over 30K) raising the policy limits that high is worrying. The page size requested is 1000 entries, and is not a config file item. However, it should be OK with any Active Directory. Because of the way the page control is used, any LDAPv3 server that does not implement paging should simply ignore it and return entries as normal; however, I haven't been able to test this. Installing ---------- The TAR file contains 3 context diff files and one extra C file (pagectrl. c) that implements the standard API calls for paged results controls. If your LDAP library supports these anyway, you shouldn't need it, but I don't know of one that does. The Sun library has the entry points, but I couldn't get them to work. 1. Unpack the TAR file in your NSS LDAP directory. 2. Run "patch" to apply the 3 diff files. On my system that is: patch ldap-nss.c < ldap-nss.c.diff patch ldap-nss.h < ldap-nss.h.diff patch Makefile.in < Makefile.in.diff 3. Run "configure" as specified in the NSS LDAP installation instructions, to recreate the Makefile. 4. Run "make clean" 5. Run "make" You should now have a new nss_ldap.so ready to copy to /lib. Max Caines (max.caines@wlv.ac.uk) 16 April 2002