Edit report at http://bugs.php.net/bug.php?id=52266&edit=1
ID: 52266
Updated by: patrickalla...@php.net
Reported by: ceo at l-i-e dot com
Summary: ldap_search Operations error for SizeLimit >
$results['count']
Status: Bogus
Type: Bug
Package: LDAP related
Operating System: Mac OS X
PHP Version: 5.3.2
New Comment:
Use ldap_set_option($ldapConn, LDAP_OPT_REFERRALS, 0); when connecting
to AD server 2003 and searching in the whole AD schema.
By the way, '2' is not a valid value for LDAP_OPT_REFERRALS which expect
a value of 0 or 1.
Previous Comments:
------------------------------------------------------------------------
[2010-07-08 12:26:51] patrickalla...@php.net
Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php
Use ldap_set_option($ldapConn, LDAP_OPT_REFERRALS, 0); when connecting
to AD server 2003 and searching in the whole AD schema.
By the way, '2' is not a valid value for LDAP_OPT_REFERRALS which expect
a value of 0 or 1.
------------------------------------------------------------------------
[2010-07-08 10:19:13] gra...@php.net
According to the contributed notes in
http://www.php.net/manual/en/function.ldap-
search.php, LDAP_OPT_REFERRALS should be set to 0 and not 2 as you have
in your test case. When set to 0 I don't see the "Operations Error"
message. I also
have it set this way to enable search in AD for a rudimentary phonebook.
------------------------------------------------------------------------
[2010-07-06 18:57:49] ceo at l-i-e dot com
The AD version has been confirmed to be 2003.
------------------------------------------------------------------------
[2010-07-06 17:52:44] ceo at l-i-e dot com
PS
The same searches work fine from ldapsearch command line tool provided
by OpenLDAP.
Thus, logically, the error must reside in PHP's extension...
------------------------------------------------------------------------
[2010-07-06 17:51:19] ceo at l-i-e dot com
Description:
------------
NOTE:
***
It's actually PHP 5.3.1, from mac ports. Sorry.
But I don't find anything related in bug searching, nor in the ChangeLog
for 5.3.2, so pretty sure it's still active bug.
***
Attempting to work with Active Directory via OpenLDAP/PHP.
Search for '(cn=*)' works fine.
Search for '(cn=*ynch)' fails with ldap_search: Search: Operations
error
Further analysis reveals that providing the fourth parameter, SizeLimit,
which is equal to or less than the number of results, works fine.
Larger numbers fail, in the same way as no limit.
Of course, one doesn't generally know how many results are in there, so
this is not really a good work-around...
I believe the AD server is 2003 version, but it could be newer.
The AD server is reputed to have 50,000 entries in it, which may be
relevant.
Test script:
---------------
http://6112northwolcott.com/ldap/ldap.phps
Expected result:
----------------
I expect it to give me 16 results, no matter what number I put for the
fourth parameter, or for none at all.
Actual result:
--------------
http://6112northwolcott.com/ldap/ldap.txt
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/bug.php?id=52266&edit=1
