3.1.1.3.4.1.12 LDAP_SERVER_SEARCH_OPTIONS_OID

The LDAP_SERVER_SEARCH_OPTIONS_OID control is used with an LDAP Search request to control various behaviors.

When sending this control to the DC, the controlValue field is set to the BER encoding of the following ASN.1 structure.

 SearchOptionsRequestValue ::= SEQUENCE {
     Flags    INTEGER
 }

The Flags value has the following format presented in big-endian byte order. X denotes unused bits that SHOULD be set to 0 by the client and that MUST be ignored by the server.


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

S
S
F
P
R

S
S
F
D
S

The Flags value is a combination of zero or more bit flags from the following table.

Bit flag name and value

Description

SERVER_SEARCH_FLAG_DOMAIN_SCOPE (SSFDS)

1

Prevents continuation references from being generated when the search results are returned. This performs the same function as the LDAP_SERVER_DOMAIN_SCOPE_OID control.

SERVER_SEARCH_FLAG_PHANTOM_ROOT (SSFPR)

2

 For AD DS, instructs the server to search all NC replicas except application NC replicas that are subordinate to the search base, even if the search base is not instantiated on the server.  For AD LDS, the behavior is the same except that it also includes application NC replicas in the search.  For AD DS and AD LDS, this will cause the search to be executed over all NC replicas (except for application NCs on AD DS DCs) held on the DC that are subordinate to the search base. This enables search bases such as the empty string, which would cause the server to search all of the NC replicas (except for application NCs on AD DS DCs) that it holds.

Sending this control to the DC does not cause the server to include any controls in its response.