Solved

"Unavailable critical extension" error in Outlook when accessing an Windows 2003 LDAP directory

Posted on 2004-10-12
4
6,533 Views
Last Modified: 2012-08-14
When I trying to access our LDAP directory using MS Outlook 2002 or 2003 I recieve the following error:  "Unavailable critical extension" and then "the action could not be completed".  After these errors it allow me to search the LDAP directory.

The problem does not happen with Outlook Express, Netscape or any other client to my knowledge, only Outlook.  We are using ADAM (active directory in application mode) as our ldap server.  The problem is not machine specific as it appears to occur on any machine running Outlook.

On a side note:  Our ldap directory contains approx. 15,000 names.  I believe the problem begain occuring sometime after 10,069 names.  I'm not sure if it's some kind of limitation or if there is a configuration problem on the ldap server.  As I said before it only occurs using outlook.
 
Any thoughts on what is causing the problem and how to fix it?
0
Comment
Question by:sethmiller75
  • 3
4 Comments
 
LVL 11

Accepted Solution

by:
acseven earned 500 total points
ID: 12293610
Hi,

  though I don't know about the issue, here's some reading at the openldap site (keep going through the follow-ups):

http://www.openldap.org/lists/openldap-software/200408/msg00293.html

hope this helps
0
 

Author Comment

by:sethmiller75
ID: 12298266
Thanks for the link (already been there though).  That was about the closest thing I could find on Google but, I don't know that it specifically applies to ADAM Ldap.  They mention turning off "pagedresults" but,  Is there such a setting in ADAM?  If so could somebody tell me where to find it?  Working with ADSI edit is about 20 times worse than editing the registry.

Thanks
0
 

Author Comment

by:sethmiller75
ID: 12307594
Does anyone have an idea as to what may be causing this?
0
 

Author Comment

by:sethmiller75
ID: 12370238
I guess I'll answer My own question.  Do I get my points back?  Anyhoo...

The problem was caused by the fact that later versions of Outlook try to enumerate the entire directory on connection.  The default setting on the ADAM  LDAP server limits the search query to a maximum of 10,000 names.  If number of LDAP entries exceeds that, Outlook will generate an error.

There are two fixes-

One is to make a registry change on the client machine which will remove the error:
Open regedit and and browse to: HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Outlook\
(if you've got office 2002 it will be (10.0) not (11.0)
Add new key, name it "LDAP"
Next add a Dword, name it "DisableVLVBrowsing" and set the value to "1" (don't actually add the quotes on either).
So what you have is [HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Outlook\LDAP]"DisableVLVBrowsing"=dword:00000001
Now reboot (or it wont work).

The second solution (probably the better of the 2 depending on your directory size) is to change the maximum number of results ADAM will desplay AKA "MaxTempTableSize".  The default is 10,000.
On the LDAP server open "ADAM tools" and at the command prompt type "dsmgmt" (use /? to show the commands and quit to back up)
at  dsmgmt: type "ldap pol"
at ldap policy: type "connections"
at connections: type "connect to server servername:389" (where servername is the name of your ldap server)
it should say binding to server etc...
at connections: type "quit"
at ldap policy: type "list" (you should see MaxTempTableSize listed.  type "show value" to see the current value)
at ldap policy: type "Set MaxTempTableSixe to 20000" (or whatever value you want).
at ldap policy type "commit changes"
That's it type quit several times or do a "show value" to take a look at the new value.
(Here's what it looks like)

C:\WINDOWS\ADAM>dsmgmt
dsmgmt: ldap pol
ldap policy: connections
server connections: connect to server avsmtp1:389
Binding to avsmtp1:389 ...
Connected to avsmtp1:389 using credentials of locally logged on user.
server connections: quit
ldap policy: list
Supported Policies:
        MaxPoolThreads
        MaxDatagramRecv
        MaxReceiveBuffer
        InitRecvTimeout
        MaxConnections
        MaxConnIdleTime
        MaxPageSize
        MaxQueryDuration
        MaxTempTableSize
        MaxResultSetSize
        MaxNotificationPerConn
        MaxValRange
ldap policy: set MaxTempTableSize to 20000
ldap policy: commit changes

 Hope this helps somebody out. I've been searching for an answer to this for a long time...

0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

This article will show you how to use shortcut menus in the Access run-time environment.
In this article we discuss how to recover the missing Outlook 2011 for Mac data like Emails and Contacts manually.
This video walks the viewer through the process of creating envelopes and labels, with multiple names and addresses. Navigate to the “Start Mail Merge” button in the Mailings tab: Follow the step-by-step process until asked to find the address doc…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now