LDAP: size limit and time limit in search


Some important LDAP result codes that could result from issuing a search to the directory server. The non-zero result codes except for 10 refer to either an error, or some limit being exceeded. The result codes that are not errors are prophylactic in nature: they prevent LDAP clients from monopolizing Directory Server resources. Administrators must never allow clients to request large numbers of entries or use unlimited amounts of server time processing a request without the client having made special arrangements before the fact. Modern professional-quality directory servers like the UnboundID Directory Server support assigning connection and request resource limits on a per-client and per distinguished name basis.

Click here to access the full article.

About Terry Gardner

Terry Gardner was a leading directory services architect with experience with many large scale directory services installations and messaging server installations, and was a Subject Matter Expert in the field of Directory Services and Solaris (operating system) performance. Mr. Gardner also participated in the open-source software community. Mr. Gardner passed away in December, 2013.
This entry was posted in computing, LDAP and tagged , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s