How to get more search results than the server's sizelimit with Python LDAP?

Here are some links related to paging in python-ldap.

• Documentation: http://www.python-ldap.org/doc/html/ldap-controls.html#ldap.controls.SimplePagedResultsControl
• Example code using paging: http://www.novell.com/coolsolutions/tip/18274.html
• More example code: http://google-apps-for-your-domain-ldap-sync.googlecode.com/svn/trunk/ldap_ctxt.py

After some discussion on the python-ldap-dev mailing list, I can answer my own question.

Page controls ARE supported by the Python lDAP module, but the docs had not been updated for search_ext to show that. The example linked by Gorgapor shows how to use the ldap.controls.SimplePagedResultsControl to read the results in pages.

However there is a gotcha. This will work with Microsoft Active Directory servers, but not with OpenLDAP servers (and possibly others, such as Sun's). The LDAP controls RFC is ambiguous as to whether paged controls should be allowed to override the server's sizelimit setting. On ActiveDirectory servers they can by default while on OpenLDAP they cannot, but I think there is a server setting that will allow them to.

So even if you implement the paged control, there is still no guarantee that it will get all the objects that you want. Sigh

Also paged controls are only available with LDAP v3, but I doubt that there are many v2 servers in use.