Hi, we have no problem using outlook to browse LDAP as you describe it. We have approximately 10000 entries in our LDAP. The only additional tuning we have made is the optimisation by VLV index and a little change in the ACI for the VLV Request Control: # Replace ldap:///all (authentified users) by ldap:///anyone (everyone, including anonymous) # old aci: (targetattr != "aci")(version 3.0; acl "VLV Request Control"; allow(read ,search, compare) userdn = "ldap:///all";) dn: oid=2.16.840.1.113730.3.4.9,cn=features,cn=config changetype: modify replace: aci aci: (targetattr != "aci")(version 3.0; acl "VLV Request Control"; allow(read,search,compare) userdn = "ldap:///anyone";) # Add a special index for Outlook VLV dn: cn=Outlook Browse,cn=userRoot,cn=ldbm database,cn=plugins,cn=config changetype: add cn: Outlook Browse objectClass: top objectClass: vlvsearch aci: (targetattr != "aci")(version 3.0; acl "VLV Request Control"; allow(read,search,compare) userdn = "ldap:///anyone";) vlvBase: ou=Users,dc=example,dc=com vlvFilter: (&(mail=*)(cn=*)) vlvScope: 2 dn: cn=Outlook Browse Index,cn=Outlook Browse,cn=userRoot,cn=ldbm database,cn=plugins,cn=config changetype: add cn: Outlook Browse Index objectClass: top objectClass: vlvindex aci: (targetattr != "aci")(version 3.0; acl "VLV Request Control"; allow(read,search,compare) userdn = "ldap:///anyone";) vlvEnabled: 1 vlvSort: cn @+ <div class="gmail_quote">2009/11/5 Chris Bryant <<a href="mailto:cbryant-ical@corp.usa.net">cbryant-ical@corp.usa.net</a>> <blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"> <div bgcolor="#ffffff"> <div> <div> <div> <div> When configuring Microsoft Outlook (not Outlook Express) to access an LDAP directory, there is an option to 'Enable Browsing (requires server support)'. If this option is chosen and the directory server supports it, then you should be able to open the LDAP address book and page up and down through the results. I have been unable to get this working properly with 389 DS. When I try to browse from Outlook against the 389 DS directory, I am able to see the first page of results perfectly. However, if I move to the next page, only the first object returned will have any attributes included, and all of the rest of the objects in the page will have no attributes. I have a test perl script that duplicates this functionality as well. I can get this to work properly with an older version of Netscape Directory Server, and I can get it working with OpenDS. Since 389 DS advertises support for the controls that are required for this to work, just like the other two servers, then I would expect it to work there also. Has anyone out there gotten this to work with 389 DS? If so, can you share if there was anything special that you needed to do to get this to work? I'm trying to determine if this is a bug in the server, or if I'm just missing something in the configuration. Thanks, Chris</div></div></div></div> USA.NET You Run Your Business. We'll Run Your Email.Ž This message is for the sole use of the intended recipient(s) and may contain confidential and/or privileged information of <a href="http://www.usa.net/" target="_blank">USA.NET</a>, Inc. Any unauthorized review, use, copying, disclosure, or distribution is prohibited. If you are not the intended recipient, please immediately contact the sender by reply email and delete all copies of the original message. </div> -- 389 users mailing list <a href="mailto:389-users@redhat.com">389-users@redhat.com</a> <a href="https://www.redhat.com/mailman/listinfo/fedora-directory-users" target="_blank">https://www.redhat.com/mailman/listinfo/fedora-directory-users</a> </blockquote></div>