[NTSysADM] RE: LDAP lookups

[Joseph L. Casale]

Cute, if paging confused your developers, wait'll they encounter range 
retrieval.
I can only imagine the protest then:)

heh,
jlc

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of David Lum
Sent: Wednesday, July 31, 2013 2:41 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: LDAP lookups

I got lucky - under protest I made a change "only to troubleshoot then we flip 
it back". The change eliminated that error message but did NOT fix their 
underlying problem, so I was able to flip it back...

I saw an objection from Desmond on blog about it, as well as  link:
http://jeftek.com/219/avoid-changing-the-maxpagesize-ldap-query-policy

So I was pretty set against it.

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Free, Bob
Sent: Wednesday, July 31, 2013 12:05 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] RE: LDAP lookups

NO NO NO

Just say NO

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David Lum
Sent: Wednesday, July 31, 2013 11:24 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] RE: LDAP lookups

Thanks everyone! That was my assumption after looking at _ldap records in DNS 
as well.

I've been asked to change the Sizelimit and PageSize attributes because our 
developers are getting this error
https://confluence.atlassian.com/display/FISHKB/LDAP%3A+error+code+4+-+Sizelimit+Exceeded

Dave

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Ken Cornetet
Sent: Wednesday, July 31, 2013 11:16 AM
To: 'ntsysadm@lists.myitforum.com'
Subject: [NTSysADM] RE: LDAP lookups

When the DNS server (assuming windows DNS) resolves "mydomain.com", it will 
find 3 address (A) records. If the client is on the same subnet as one of the A 
records, the DNS server will do "subnet sorting" which means it will put that A 
record first in the list of 3 records that it returns to the client. Otherwise 
it will round-robin the order of the  3 records returned.

So, if the LDAP client is on the same subnet as one of the DCs, it will hit 
that DC (because that DC's IP address will be first in the list returned by the 
DNS server). Otherwise, it will be random.

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David Lum
Sent: Wednesday, July 31, 2013 1:43 PM
To: NTSysADM@lists.myITforum.com<mailto:NTSysADM@lists.myITforum.com>
Subject: [NTSysADM] LDAP lookups

In a domain with 3 DC's, which one handles LDAP requests? If the LDAP is set to 
query mydomaion.com.com ,what determines which DC processes the query?
David Lum
Sr. Systems Engineer // NWEATM
Office 503.548.5229 // Cell (voice/text) 503.267.9764


________________________________
PG&E is committed to protecting our customers' privacy.
To learn more, please visit http://www.pge.com/about/company/privacy/customer/
________________________________