Solved

"Unavailable critical extension" error in Outlook when accessing an Windows 2003 LDAP directory

Posted on 2004-10-12
4
6,587 Views
Last Modified: 2012-08-14
When I trying to access our LDAP directory using MS Outlook 2002 or 2003 I recieve the following error:  "Unavailable critical extension" and then "the action could not be completed".  After these errors it allow me to search the LDAP directory.

The problem does not happen with Outlook Express, Netscape or any other client to my knowledge, only Outlook.  We are using ADAM (active directory in application mode) as our ldap server.  The problem is not machine specific as it appears to occur on any machine running Outlook.

On a side note:  Our ldap directory contains approx. 15,000 names.  I believe the problem begain occuring sometime after 10,069 names.  I'm not sure if it's some kind of limitation or if there is a configuration problem on the ldap server.  As I said before it only occurs using outlook.
 
Any thoughts on what is causing the problem and how to fix it?
0
Comment
Question by:sethmiller75
  • 3
4 Comments
 
LVL 11

Accepted Solution

by:
acseven earned 500 total points
ID: 12293610
Hi,

  though I don't know about the issue, here's some reading at the openldap site (keep going through the follow-ups):

http://www.openldap.org/lists/openldap-software/200408/msg00293.html

hope this helps
0
 

Author Comment

by:sethmiller75
ID: 12298266
Thanks for the link (already been there though).  That was about the closest thing I could find on Google but, I don't know that it specifically applies to ADAM Ldap.  They mention turning off "pagedresults" but,  Is there such a setting in ADAM?  If so could somebody tell me where to find it?  Working with ADSI edit is about 20 times worse than editing the registry.

Thanks
0
 

Author Comment

by:sethmiller75
ID: 12307594
Does anyone have an idea as to what may be causing this?
0
 

Author Comment

by:sethmiller75
ID: 12370238
I guess I'll answer My own question.  Do I get my points back?  Anyhoo...

The problem was caused by the fact that later versions of Outlook try to enumerate the entire directory on connection.  The default setting on the ADAM  LDAP server limits the search query to a maximum of 10,000 names.  If number of LDAP entries exceeds that, Outlook will generate an error.

There are two fixes-

One is to make a registry change on the client machine which will remove the error:
Open regedit and and browse to: HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Outlook\
(if you've got office 2002 it will be (10.0) not (11.0)
Add new key, name it "LDAP"
Next add a Dword, name it "DisableVLVBrowsing" and set the value to "1" (don't actually add the quotes on either).
So what you have is [HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Outlook\LDAP]"DisableVLVBrowsing"=dword:00000001
Now reboot (or it wont work).

The second solution (probably the better of the 2 depending on your directory size) is to change the maximum number of results ADAM will desplay AKA "MaxTempTableSize".  The default is 10,000.
On the LDAP server open "ADAM tools" and at the command prompt type "dsmgmt" (use /? to show the commands and quit to back up)
at  dsmgmt: type "ldap pol"
at ldap policy: type "connections"
at connections: type "connect to server servername:389" (where servername is the name of your ldap server)
it should say binding to server etc...
at connections: type "quit"
at ldap policy: type "list" (you should see MaxTempTableSize listed.  type "show value" to see the current value)
at ldap policy: type "Set MaxTempTableSixe to 20000" (or whatever value you want).
at ldap policy type "commit changes"
That's it type quit several times or do a "show value" to take a look at the new value.
(Here's what it looks like)

C:\WINDOWS\ADAM>dsmgmt
dsmgmt: ldap pol
ldap policy: connections
server connections: connect to server avsmtp1:389
Binding to avsmtp1:389 ...
Connected to avsmtp1:389 using credentials of locally logged on user.
server connections: quit
ldap policy: list
Supported Policies:
        MaxPoolThreads
        MaxDatagramRecv
        MaxReceiveBuffer
        InitRecvTimeout
        MaxConnections
        MaxConnIdleTime
        MaxPageSize
        MaxQueryDuration
        MaxTempTableSize
        MaxResultSetSize
        MaxNotificationPerConn
        MaxValRange
ldap policy: set MaxTempTableSize to 20000
ldap policy: commit changes

 Hope this helps somebody out. I've been searching for an answer to this for a long time...

0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction It seems that at least a couple of times per month, I answer a question that requires automating Outlook from another Microsoft Office application, usually (although not always) to send one or more email messages.  For example: …
Entering a date in Microsoft Access can be tricky. A typo can cause month and day to be shuffled, entering the day only causes an error, as does entering, say, day 31 in June. This article shows how an inputmask supported by code can help the user a…
This video walks the viewer through the process of creating envelopes and labels, with multiple names and addresses. Navigate to the “Start Mail Merge” button in the Mailings tab: Follow the step-by-step process until asked to find the address doc…
The viewer will learn how to simulate a series of coin tosses with the rand() function and learn how to make these “tosses” depend on a predetermined probability. Flipping Coins in Excel: Enter =RAND() into cell A2: Recalculate the random variable…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question