diff --git a/lib/net/ldap.rb b/lib/net/ldap.rb index 0c79b92..d9ad70c 100644 --- a/lib/net/ldap.rb +++ b/lib/net/ldap.rb @@ -308,6 +308,7 @@ class Net::LDAP DefaultPort = 389 DefaultAuth = { :method => :anonymous } DefaultTreebase = "dc=com" + DefaultForceNoPage = false StartTlsOid = "1.3.6.1.4.1.1466.20037" @@ -370,6 +371,8 @@ class Net::LDAP # specifying the Hash {:method => :simple_tls}. There is a fairly large # range of potential values that may be given for this parameter. See # #encryption for details. + # * :force_no_page => Set to true to prevent paged results even if your + # server says it supports them. This is a fix for MS Active Directory # # Instantiating a Net::LDAP object does not result in network # traffic to the LDAP server. It simply stores the connection and binding @@ -380,6 +383,7 @@ class Net::LDAP @verbose = false # Make this configurable with a switch on the class. @auth = args[:auth] || DefaultAuth @base = args[:base] || DefaultTreebase + @force_no_page = args[:force_no_page] || DefaultForceNoPage encryption args[:encryption] # may be nil if pr = @auth[:password] and pr.respond_to?(:call) @@ -1092,6 +1096,10 @@ class Net::LDAP # MUST refactor the root_dse call out. #++ def paged_searches_supported? + # active directory returns that it supports paged results. However + # it returns binary data in the rfc2696_cookie which throws an + # encoding exception breaking searching. + return false if @force_no_page @server_caps ||= search_root_dse @server_caps[:supportedcontrol].include?(Net::LDAP::LdapControls::PagedResults) end @@ -1387,6 +1395,10 @@ class Net::LDAP::Connection #:nodoc: search_attributes.to_ber_sequence ].to_ber_appsequence(3) + # rfc2696_cookie sometimes contains binary data from Microsoft Active Directory + # this breaks when calling to_ber. (Can't force binary data to UTF-8) + # we have to disable paging (even though server supports it) to get around this... + controls = [] controls << [