SSS Response Control

Subject: SSS Response Control
Author: SteveHB
In response to: SSS Request Control
Posted on: 01/06/2009 08:10:41 PM

This control is included in the searchResultDone message as part of the controls field of the LDAPMessage, as defined in Section 4.1.12 of [LDAPv3].

The controlType is set to "1.2.840.113556.1.4.474". The criticality is FALSE (MAY be absent). The controlValue is an OCTET STRING, whose value is the BER encoding of a value of the following SEQUENCE:

      SortResult ::= SEQUENCE {
         sortResult  ENUMERATED {
             success                   (0), -- results are sorted
             operationsError           (1), -- server internal failure
             timeLimitExceeded         (3), -- timelimit reached before
                                            -- sorting was completed
             strongAuthRequired        (8), -- refused to return sorted
                                            -- results via insecure
                                            -- protocol
             adminLimitExceeded       (11), -- too many matching entries
                                            -- for the server to sort
             noSuchAttribute          (16), -- unrecognized attribute
                                            -- type in sort key
             inappropriateMatching    (18), -- unrecognized or
                                            -- inappropriate matching
                                            -- rule in sort key
             insufficientAccessRights (50), -- refused to return sorted
                                            -- results to this client
             busy                     (51), -- too busy to process
             unwillingToPerform       (53), -- unable to sort
             other                    (80)
         },
         attributeType [0] AttributeDescription OPTIONAL 
     }

>
> On 01/06/2009 08:04:29 PM SteveHB wrote:

This control is included in the searchRequest message as part of the controls field of the LDAPMessage, as defined in Section 4.1.12 of [LDAPv3].

The controlType is set to "1.2.840.113556.1.4.473". The criticality MAY be either TRUE or FALSE (where absent is also equivalent to FALSE) at the client's option. The controlValue is an OCTET STRING, whose value is the BER encoding of a value of the following SEQUENCE:
SortKeyList ::= SEQUENCE OF SEQUENCE { attributeType AttributeDescription, orderingRule [0] MatchingRuleId OPTIONAL, reverseOrder [1] BOOLEAN DEFAULT FALSE }

The SortKeyList sequence is in order of highest to lowest sort key precedence.

The MatchingRuleId, as defined in section 4.1.9 of [LDAPv3], SHOULD be one that is valid for the attribute type it applies to. If it is not, the server will return inappropriateMatching.

Each attributeType should only occur in the SortKeyList once. If an attributeType is included in the sort key list multiple times, the server should return an error in the sortResult of unwillingToPerform.

If the orderingRule is omitted, the ordering MatchingRule defined for use with this attribute MUST be used.

Any conformant implementation of this control MUST allow a sort key list with at least one key.

References:

Next Post: Client-Server Interaction SteveHB 01/06/2009 08:28:53 PM
Previous Post: SSS Request Control SteveHB 01/06/2009 08:04:29 PM
Next Topic: You cannot reach Active Directory (AD) on port 636 with the IP Address using LDP.exe authen 01/13/2009 09:41:55 PM
Previous Topic: Please help me about password policy control ml002 07/16/2007 05:50:18 AM
Index: by Date
Index: by Topic