Description
I'm querying what I understand to be a Tivoli server that has decided to limit the availability of paged results by some criteria. It thus advertises that it, as a server, supports paged results, but rejects searches with the error: (using ldapsearch -E pr=1...) "result: 11 Administrative limit exceeded... text: pagedResults control not allowed".
Is there a way this can be reported out? I had to write an instrumenter to find the resulting error string and realize that I can workaround by specifying a nonzero size option in my query, but this took me some time.
To reproduce, using 0.16.2, query directory.umd.edu with and without a size option:
#!/usr/bin/ruby
require 'net-ldap'
puts Net::LDAP::VERSION
class Insty
def self.instrument(event,payload = {})
if event == 'search.net_ldap_connection'
puts "searching with size #{payload[:size]}"
end
r = yield payload
if event == 'read.net_ldap_connection'
puts "read result: #{payload[:result]}"
end
if event == 'search.net_ldap_connection'
puts "search result: #{payload[:result].inspect}"
end
return r
end
end
ldap = Net::LDAP.new(host: 'directory.umd.edu',
port: 636,
# instrumentation_service: Insty,
encryption: { method: :simple_tls },
base: 'ou=people,dc=umd,dc=edu'
)
works = ldap.search(size: 3,
filter: Net::LDAP::Filter.eq('uid', 'nspring'),
attributes: %w[uid cn givenname])
raise 'that worked for me' unless works
should_work = ldap.search(filter: Net::LDAP::Filter.eq('uid', 'nspring'),
attributes: %w[uid cn givenname])
if should_work
puts 'fixed!'
else
puts 'still busted.'
end
I'm happy to help with a patch if someone can provide an outline of how it should work. Since I have a workaround, I'm submitting the issue mostly in case it can save someone else some time.