LDAP search returning too many results

[John Gordon]

I'm writing an application that queries an LDAP and creates a list of
people. The problem is that the LDAP is returning too many entries, and
I'm getting a SizeLimitExceededException.

I considered breaking my search up into 26 different searches, one for
each letter of the alphabet as the first letter of people's last names,
but I'm not sure that would work. I'm at a very large organization, so
it's possible that even a single letter could cause the same exception.
(And even if it doesn't today, it might tomorrow.) And 26 letters probably
isn't enough anyway, as there is the possibility of last names that start
with wide-ASCII characters.

Any suggestions? Is there a way to instruct the LDAP server to return
the search results in many separate chunks?

Here's the relevant code:

loadContext.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
loadContext.put(Context.PROVIDER_URL,
"ldaps://xxx.yyy.zzz:636/ou=aaa,dc=bbb,dc=ccc");
loadContext.put(Context.SECURITY_PRINCIPAL, "username,dc=bbb,dc=ccc");
loadContext.put(Context.SECURITY_CREDENTIALS, "myPassword");
DirContext context = new InitialDirContext(loadContext);
SearchControls ctrl = new SearchControls();
ctrl.setSearchScope(SearchControls.SUBTREE_SCOPE);
NamingEnumeration<SearchResult> request =
context.search("", "objectClass=person", ctrl); // too many persons!

Thanks in advance.

 

[Thor]

I'm writing an application that queries an LDAP and creates a list of
people. The problem is that the LDAP is returning too many entries, and
I'm getting a SizeLimitExceededException.
[...]

Any suggestions? Is there a way to instruct the LDAP server to return
the search results in many separate chunks?

Well.... yes, but that may not solve your problem. The LDAP result
code
(that get translated into a SizeLimitExceededException) may be returned
by the server because the server is configured not to allow as large a
result
set as you specified.

This error (LDAP_SIZELIMIT_EXCEEDED) can be generated by exceeding
either client or server size limits.

Anyway, if it helps, and if your LDAP server supports the paging and
sorting control - check out rfc 2696 - you can get the results in
chunks
as you asked.

This is not really a Java question - I don't know the appopriate
newsgroup,
comp.protocols.tcp-ip or comp.protocols.misc I guess. There are mailing
lists and other LDAP resources at openldap.org.

-- Thor

 

[Thor]

An example of using paging within JNDI is here:
http://forum.java.sun.com/thread.jspa?threadID=578347&tstart=0

-- Thor

 

[John Gordon]

An example of using paging within JNDI is here:
http://forum.java.sun.com/thread.jspa?threadID=578347&tstart=0

Thanks!

 

[Brandon McCombs]

Thanks!

You don't mention which directory server you are using but I know that
by default ADS limits you to 1000 results. However when this occurs no
exception is generated by the server so it makes everything look just fine.

 

[John Gordon]

You don't mention which directory server you are using but I know that
by default ADS limits you to 1000 results. However when this occurs no
exception is generated by the server so it makes everything look just fine.

I'm using a Sun ONE LDAP server, which apparently doesn't support the
PagedResultsControl class... Doh!

It *does* suport VirtualListView, which is another way to do the same
thing, apparently. But I'm having a tough time getting it to work. Does
anyone have some good examples using VirtualListView?

Thanks!