Directory Services


The ldap_search_ext_s function searches the LDAP directory and returns a requested set of attributes for each entry matched.

ULONG ldap_search_ext_s(
  LDAP* ld,
  PCHAR base,
  ULONG scope,
  PCHAR filter,
  PCHAR attrs[],
  ULONG attrsonly,
  PLDAPControl* ServerControls,
  PLDAPControl* ClientControls,
  struct l_timeval* timeout,
  ULONG SizeLimit,
  LDAPMessage** res


[in] Session handle.
[in] Pointer to a null-terminated string that contains the distinguished name of the entry at which to start the search.
[in] Specifies one of the following values to indicate the search scope.
Value Meaning
LDAP_SCOPE_BASE Search the base entry only.
LDAP_SCOPE_ONELEVEL Search all entries in the first level below the base entry, excluding the base entry.
LDAP_SCOPE_SUBTREE Search the base entry and all entries in the tree below the base.
[in] Pointer to a null-terminated string that specifies the search filter. For more information, see Search Filter Syntax.
[in] A null-terminated array of pointers to null-terminated strings indicating which attributes to return for each matching entry. Pass NULL to retrieve all available attributes.
[in] Boolean value that should be zero if both attribute types and values are to be returned, nonzero if only types are required.
[in] A list of LDAP server controls.
[in] A list of client controls.
[in] Specifies both the local search time-out value in seconds and the operation time limit that is sent to the server within the search request.
[in] A limit on the number of entries to return from the search. A value of zero means no limit.
[out] Contains the results of the search upon completion of the call. Can also contain partial results or extended information when the function call fails with an error code. Any results returned should be freed with a call to ldap_msgfree once they are no longer required by the program.

Return Values

If the function succeeds, the return value is LDAP_SUCCESS.

If the function fails, it returns an error code, however ldap_search_ext_s can fail and can still allocate pMsg. For example, both LDAP_PARTIAL_RESULTS and LDAP_REFERRAL error code will allocate pMsg. For more information, see the code example below. For more information, see Return Values.


The ldap_search_ext_s function initiates a synchronous search operation. The parameters and effects of ldap_search_ext_s subsume those of ldap_search_s. The extended routine includes additional parameters to support client and server controls, and to specify size and time limits for each search operation.

Use the ldap_set_option function with the ld session handle to set the LDAP_OPT_DEREF option that determine how the search is performed. For more information, see Session Options. Two other search options, LDAP_OPT_SIZELIMIT and LDAP_OPT_TIMELIMIT, are ignored in favor of the SizeLimit and TimeLimit option parameters in this function.

Upon completion of the search operation, ldap_search_ext_s returns to the caller. Use ldap_search_ext to have the operation performed asynchronously.

Multithreading: Calls to ldap_search_ext_s are thread-safe.

The following code example shows how to free pMsg in the event ldap_search_ext_s fails.

// Initialize return value to NULL.
LDAPMessage *pMsg = NULL;

// Perform the search request.
dwErr = ldap_search_ext_s (i_pldap,

// Cleanup calling parameters.
if (lpszAttributes != NULL)
	delete [] lpszAttributes;

// Convert error code and cleanup pMsg if necessary.
if (dwErr != LDAP_SUCCESS)
	DebugOutLDAPError(i_pldap, dwErr, _T("ldap_search_ext_s"));
	hr = HRESULT_FROM_WIN32(dwErr);

	// Be aware that pMsg can contain valid data, even if the
	// call to ldap_search_ext_s returned an error code.
	// This can be caused by the server returning codes
	// such as LDAP_RESULTS_TOO_LARGE or other codes
	// that indicate that the search returned partial
	// results. The user code can handle these cases
	// if required, this example just frees pMsg on any 
	// error code.

	if (pMsg != NULL) ldap_msgfree(pMsg);

	// Process the search results.
	// Free the results when done
	if (pMsg != NULL) ldap_msgfree(pMsg);



Client: Included in Windows XP and Windows 2000 Professional.
Server: Included in Windows Server 2003 and Windows 2000 Server.
Redistributable: Requires Active Directory Client Extension on Windows NT 4.0 SP6a and Windows 95/98/Me.
Unicode: Implemented as Unicode and ANSI versions on all platforms.
Header: Declared in Winldap.h.
Library: Use Wldap32.lib.

See Also

Extended Controls, Using Controls, Functions, LDAP, ldap_msgfree, ldap_search, ldap_search_s, ldap_search_st, ldap_search_ext, Return Values, Session Options