Using PHP to search a LDAP base with pagination

Question

I need to iterate through all entries on a LDAP base. Actually the LDAP server is limited to 500 entries for each search. I am working with PHP 5.6.

I found the possible solution using ldap_control_paged_result and ldap_control_paged_result_response and just implemented one simple test script:

 (...)
 ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION, 3);

 $pageSize = 100;
 $cookie = '';
 $count = 0;
 do {
     ldap_control_paged_result($conn, $pageSize, true, $cookie);

     $result  = ldap_search($conn, 'ou=people,dc=ufsf,dc=br', 'uid=*', ['uid', 'name']);
     $entries = ldap_get_entries($conn, $result);

     foreach ($entries as $entry) {
        $count++;
        echo $count . ' - ' . $entry['name'][0] . PHP_EOL;
     }

     ldap_control_paged_result_response($conn, $result, $cookie);

 } while($cookie !== null && $cookie != '');

But I still can't retrieve more than 500 entries, This is the output:

(...)
498  -  NAME SUPRESSED
499  -  NAME SUPRESSED
500  -  NAME SUPRESSED
WARNING: ldap_control_paged_result_response(): Result is: Size limit exceeded (4)
WARNING: ldap_control_paged_result_response(): Result is: Size limit exceeded (4)
WARNING: ldap_control_paged_result_response(): Result is: Size limit exceeded (4)   
(...)

Am I missing something?

Possible duplicate of [Enumerate all users in LDAP with PHP](http://stackoverflow.com/questions/1473075/enumerate-all-users-in-ldap-with-php) — rkosegi, Apr 13 '16 at 12:51
Is that `ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION, 3);` call really taking place directly before the search? If so, that needs to be called after `ldap_connect()`, but before `ldap_bind()`. That might explain it because paging is a LDAP v3 feature, and if it isn't setting the protocol version in the right spot it might not take effect. — ChadSikorra, Apr 13 '16 at 14:49
@rkosegi That was a pretty complete and somehow complex solution to something that could IMO be much simpler. At the very end the problem was solved extending the server limit. Not the best solution but it is working (for now). — marcellorvalle, Apr 14 '16 at 12:49

score -2 · Answer 1 · edited May 23 '17 at 11:45

-2

There you should find answer for how to retrieve more than 500 entries: How can I send whole array from php cycle?. For pagination you can use for example DataTables.

edited May 23 '17 at 11:45

Community

1
1

answered Apr 13 '16 at 12:44

Mardzis

760
1
8
21

This does not apply to OPs problem. Issue is LDAP server size result limit. – rkosegi Apr 13 '16 at 12:45
I also have same problem and this answer help to me. Of course for you is the best answer: **Set limit for your LDAP server higher than 500**. That's why you are just downvoting without any relevant feedback. _Btw. it's not the correct way because you'll have the same problem after some time again._ – Mardzis Apr 13 '16 at 12:51
I would downvote again if I could. Setting server size limit is not a solution (nor your answer).You need to use correct API to retrieve paged results.I did that few times. Just use RFC 2696 compliant API. You are refering to answer about merging result into one array. – rkosegi Apr 13 '16 at 12:54

Using PHP to search a LDAP base with pagination

1 Answers1