The get user resource limits control

The get user resource limits request control can be included in a bind request to indicate that the server should return information about resource limits that aree enforced for the user in the response to the successful bind. The information returned can include:

  • The maximum size limit that the server imposes for the user
  • The maximum time limit that the server imposes for the user
  • The maximum idle time limit that the server imposes for the user
  • The maximum lookthrough limit that the server imposes for the user
  • The name of the client connection policy that has been selected for the connection
  • The DNs of the groups in which the user is a member
  • The names of the privileges that have been assigned to the user
  • The DN of a user with roughly equivalent authorization characteristics that can be used for operations as the user in entry-balancing backend sets that do not contain that user

The permit and reject unindexed search controls

The permit unindexed search request control can be included in a search request to indicate that the server should process the requested search operation even if it is unindexed. This control is only honored if the requester has the unindexed-search-with-control privilege. For applications that have a legitimate need to issue unindexed search requests, this control and privilege combination can provide a better alternative than granting the requester the unindexed-search privilege because that privilege can allow the client to inadvertently issue unindexed search requests.

On the other hand, the reject unindexed search request control can be included in a search request to indicate that the server should reject the operation if the search is not at least partially indexed and therefore cannot be processed efficiently. This might help clients with the unindexed-search privilege avoid unintentionally requesting expensive searches.