This content has been marked as final. Show 1 reply
I think there are a couple of ways to go about this.
IIRC the VLV control ought to exist under your config suffix as a "feature". If you look at the documentation for setting up a VLV index, you should see where the VLV configuration objects exist. One common problem users run into with the VLV objects is that they are governed by access control. That is, the bound user has to have permissions to the VLV config object in order to use the control. So - assuming you are using a version of the server that still uses this design - you should be able to disallow VLV control use by any user other than the rootdn (Directory Manager).
If your application is querying the root dse and checking whether the VLV control is supported (and then obeying what it sees there) you might be able to change the list of supported controls being returned on the root dse. I'm not sure exactly how to do this since I don't recall seeing the supported control attributes in dse.ldif, but my memory is spotty on that. In any case this solution would rely on the good behavior of your clients.
Actually, if the bound user does not have permission to use the control, there might be an argument to make that the server shouldn't return the control as supported when the root dse is queried by that user.
The best solution is probably a combination of the two complemented (ideally) with modification to the client that prevents it from sending the VLV control. Since presumably the client is sending the VLV in order to accomplish a client side task, simply causing the VLV to fail may not produce the best results from the end user's perspective.