Monday, May 22, 2006

Accessing and LDAP directory using Outlook


This is an issue that a friend of mine raised recently and its fix:

I go into Outlook 2003 and configure and ldap settings using the default.
When I click on to it opens up a display box to type in a name to search on. I type a new and it returns nothing. I click on advanced and find to open up a search box. I type in a last name and the attached document will show the two dialog boxes I have gotten after I tried a few settings.

I can setup the same ldap directory ,, in
outlook express. I go to send a new message, click on to, type in a
name to find, and it searches the ldap directory fine.

He was getting the following error messages:

If I take the default settings and leave Seach Base blank:


After I enter in dc=iup, dc=edu

It turns out the fix was available on Experts Exchange and went as below:

The problem was caused by the fact that later versions of Outlook try to enumerate the entire directory on connection. The default setting on the ADAM LDAP server limits the search query to a maximum of 10,000 names. If number of LDAP entries exceeds that, Outlook will generate an error.

There are two fixes; One is to make a registry change on the client machine which will remove the error:

Open regedit and and browse to: HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Outlook\(if you've got office 2002 it will be (10.0) not (11.0)

Add new key, name it "LDAP"

Next add a Dword, name it "DisableVLVBrowsing" and set the value to "1" (don't actually add the quotes on either).

So what you have is [HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Outlook\LDAP]"DisableVLVBrowsing"=dword:00000001

Now reboot (or it wont work).

The second solution (probably the better of the 2 depending on your directory size) is to change the maximum number of results ADAM will desplay AKA "MaxTempTableSize". The default is 10,000.On the LDAP server open "ADAM tools" and at the command prompt type "dsmgmt" (use /? to show the commands and quit to back up)

at dsmgmt: type "ldap pol"
at ldap policy: type "connections"
at connections: type "connect to server servername:389" (where servername is the name of your ldap server)
it should say binding to server etc...
at connections: type "quit"
at ldap policy: type "list" (you should see MaxTempTableSize listed. type "show value" to see the current value)
at ldap policy: type "Set MaxTempTableSixe to 20000" (or whatever value you want).
at ldap policy type "commit changes"

That's it type quit several times or do a "show value" to take a look at the new value. (Here's what it looks like)

dsmgmt: ldap pol
ldap policy: connections
server connections: connect to server avsmtp1:389
Binding to avsmtp1:389 ...
Connected to avsmtp1:389 using credentials of locally logged on user.
server connections: quit
ldap policy: list
Supported Policies:

policy: set MaxTempTableSize to 20000
ldap policy: commit changes

Hope this helps somebody else out.



Post a Comment

Links to this post:

Create a Link

<< Home