diff --git a/lam/lib/account.inc b/lam/lib/account.inc
index b863c161..f8d37e71 100644
--- a/lam/lib/account.inc
+++ b/lam/lib/account.inc
@@ -310,7 +310,7 @@ function search_domains($server = null, $suffix = null) {
 	if ($server == null) {
 		$server = $_SESSION['ldap']->server();
 	}
-	$sr = @ldap_search($server, escapeDN($suffix), "objectClass=sambaDomain", $attr, 0, 0, 0, LDAP_DEREF_ALWAYS);
+	$sr = @ldap_search($server, escapeDN($suffix), "objectClass=sambaDomain", $attr, 0, 0, 0, LDAP_DEREF_NEVER);
 	if ($sr) {
 		$units = ldap_get_entries($server, $sr);
 		// delete count entry
diff --git a/lam/lib/cache.inc b/lam/lib/cache.inc
index dc559643..ea02fb6c 100644
--- a/lam/lib/cache.inc
+++ b/lam/lib/cache.inc
@@ -183,7 +183,7 @@ class cache {
 				// Get Data from ldap
 				$search = $this->attributes[$scope];
 				$search[] = 'objectClass';
-				$result = @ldap_search($_SESSION['ldap']->server(), escapeDN($suffix), 'objectClass=*', $search, 0, 0, 0, LDAP_DEREF_ALWAYS);
+				$result = @ldap_search($_SESSION['ldap']->server(), escapeDN($suffix), 'objectClass=*', $search, 0, 0, 0, LDAP_DEREF_NEVER);
 				if ($result) {
 					// Write search result in array
 					$entry = @ldap_first_entry($_SESSION['ldap']->server(), $result);
diff --git a/lam/lib/export.inc b/lam/lib/export.inc
index da707b8a..566b4326 100755
--- a/lam/lib/export.inc
+++ b/lam/lib/export.inc
@@ -285,7 +285,7 @@ class PlaLdapExporter extends PlaAbstractExporter{
     elseif( $this->scope == 'one' )
       $this->results = @ldap_list($this->ds, $this->base_dn, $this->queryFilter, $this->attributes);
     else // scope == 'sub'
-      $this->results = @ldap_search($this->ds, $this->base_dn, $this->queryFilter, $this->attributes, 0, 0, 0, LDAP_DEREF_ALWAYS);
+      $this->results = @ldap_search($this->ds, $this->base_dn, $this->queryFilter, $this->attributes, 0, 0, 0, LDAP_DEREF_NEVER);
     
     // if no result, there is a something wrong
     if( ! $this->results ) 
diff --git a/lam/lib/ldap.inc b/lam/lib/ldap.inc
index cd69bfb3..487ed12a 100644
--- a/lam/lib/ldap.inc
+++ b/lam/lib/ldap.inc
@@ -134,7 +134,7 @@ class Ldap{
 	*/
 	function search_units($suffix) {
 		$ret = array();
-		$sr = @ldap_search($this->server(), escapeDN($suffix), "objectClass=organizationalunit", array("DN"), 0, 0, 0, LDAP_DEREF_ALWAYS);
+		$sr = @ldap_search($this->server(), escapeDN($suffix), "objectClass=organizationalunit", array("DN"), 0, 0, 0, LDAP_DEREF_NEVER);
 		if ($sr) {
 			$units = ldap_get_entries($this->server, $sr);
 			unset($units['count']);
diff --git a/lam/lib/lists.inc b/lam/lib/lists.inc
index 5fc1b149..f9d2a509 100644
--- a/lam/lib/lists.inc
+++ b/lam/lib/lists.inc
@@ -828,7 +828,7 @@ class lamList {
 		$module_filter = get_ldap_filter($this->type);  // basic filter is provided by modules
 		$filter = "(&" . $module_filter  . ")";
 		$attrs = $this->attrArray;
-		$sr = @ldap_search($_SESSION["ldap"]->server(), escapeDN($this->suffix), $filter, $attrs, 0, 0, 0, LDAP_DEREF_ALWAYS);
+		$sr = @ldap_search($_SESSION["ldap"]->server(), escapeDN($this->suffix), $filter, $attrs, 0, 0, 0, LDAP_DEREF_NEVER);
 		if (ldap_errno($_SESSION["ldap"]->server()) == 4) {
 			StatusMessage("WARN", _("LDAP sizelimit exceeded, not all entries are shown."), _("See README.openldap.txt to solve this problem."));
 		}
diff --git a/lam/lib/modules.inc b/lam/lib/modules.inc
index 9fdfa6c9..30da59b1 100644
--- a/lam/lib/modules.inc
+++ b/lam/lib/modules.inc
@@ -1624,7 +1624,7 @@ class accountContainer {
 		$this->module = array();
 		$modules = $_SESSION['config']->get_AccountModules($this->type);
 		$search = substr($dn, 0, strpos($dn, ','));
-		$result = @ldap_search($_SESSION['ldap']->server(), escapeDN($dn), escapeDN($search), array(), 0, 0, 0, LDAP_DEREF_ALWAYS); // TODO use ldap_read()
+		$result = @ldap_search($_SESSION['ldap']->server(), escapeDN($dn), escapeDN($search), array(), 0, 0, 0, LDAP_DEREF_NEVER); // TODO use ldap_read()
 		if (!$result) {
 			return array(array("ERROR", _("Unable to load LDAP entry:") . " " . $dn, ldap_error($_SESSION['ldap']->server())));
 		}
diff --git a/lam/lib/modules/ddns.inc b/lam/lib/modules/ddns.inc
index 59cc5a00..049603a9 100644
--- a/lam/lib/modules/ddns.inc
+++ b/lam/lib/modules/ddns.inc
@@ -187,7 +187,7 @@ class ddns extends baseModule {
 		$ldap = $_SESSION['ldap']->server();
 		$dn = $_SESSION['config']->get_suffix('dhcp');
 		
-		$search = @ldap_search($ldap,$dn,"dhcpStatements=ddns-update-style interim", array(), 0, 0, 0, LDAP_DEREF_ALWAYS);
+		$search = @ldap_search($ldap,$dn,"dhcpStatements=ddns-update-style interim", array(), 0, 0, 0, LDAP_DEREF_NEVER);
 		if ($search) {
 			$info = @ldap_get_entries($ldap,$search);
 			if ($info && ($info['count'] > 0)) {
diff --git a/lam/lib/modules/fixed_ip.inc b/lam/lib/modules/fixed_ip.inc
index c85039ca..1d169d4e 100644
--- a/lam/lib/modules/fixed_ip.inc
+++ b/lam/lib/modules/fixed_ip.inc
@@ -193,7 +193,7 @@ class fixed_ip extends baseModule {
 	    if ($_SESSION['account']->getAccountModule('dhcp_settings')->dn!=$_SESSION['config']->get_suffix('dhcp')) {
 	    
 		    $sr = @ldap_search($_SESSION['ldap']->server(),'cn='.$_SESSION['account']->getAccountModule('dhcp_settings')->attributes['cn'][0].','.$_SESSION['config']->get_suffix('dhcp'),
-		    		'(objectClass=dhcpHost)', array(), 0, 0, 0, LDAP_DEREF_ALWAYS);
+		    		'(objectClass=dhcpHost)', array(), 0, 0, 0, LDAP_DEREF_NEVER);
 		    if ($sr) {
 		        $entries = ldap_get_entries($_SESSION['ldap']->server(), $sr);
 				for ($i=0; $i < $entries["count"]; $i++) {
@@ -347,7 +347,7 @@ class fixed_ip extends baseModule {
 	        foreach($this->fixed_ip AS $id=>$arr) {
 				// pc name
 				$result = @ldap_search($_SESSION['ldap']->server(),"cn=".$_SESSION['account']->getAccountModule('dhcp_settings')->attributes['cn'][0].",".$_SESSION['config']->get_Suffix('dhcp'),
-							'(cn='.$_POST['pc_'.$id].')', array(), 0, 0, 0, LDAP_DEREF_ALWAYS);
+							'(cn='.$_POST['pc_'.$id].')', array(), 0, 0, 0, LDAP_DEREF_NEVER);
 	            $num = (@ldap_get_entries($_SESSION['ldap']->server(), $result)=="")?0:ldap_get_entries($_SESSION['ldap']->server(), $result);
 				$pcError = "";
 				if (!$this->processed) {
diff --git a/lam/lib/modules/kolabUser.inc b/lam/lib/modules/kolabUser.inc
index 06b705b2..be864912 100644
--- a/lam/lib/modules/kolabUser.inc
+++ b/lam/lib/modules/kolabUser.inc
@@ -824,7 +824,7 @@ class kolabUser extends baseModule {
 		// delegates
 		if (in_array('kolabDelegate', $fields)) {
 			$delegates = array();
-			$sr = @ldap_search($_SESSION['ldapHandle'], escapeDN($this->selfServiceSettings->LDAPSuffix), '(&(objectClass=inetOrgPerson)(mail=*))', array('mail'), 0, 0, 0, LDAP_DEREF_ALWAYS);
+			$sr = @ldap_search($_SESSION['ldapHandle'], escapeDN($this->selfServiceSettings->LDAPSuffix), '(&(objectClass=inetOrgPerson)(mail=*))', array('mail'), 0, 0, 0, LDAP_DEREF_NEVER);
 			if ($sr) {
 				$result = ldap_get_entries($_SESSION['ldapHandle'], $sr);
 				for ($i = 0; $i < $result['count']; $i++) {
diff --git a/lam/lib/types/dhcp.inc b/lam/lib/types/dhcp.inc
index d7909c5d..78324fd3 100644
--- a/lam/lib/types/dhcp.inc
+++ b/lam/lib/types/dhcp.inc
@@ -140,7 +140,7 @@ class lamDHCPList extends lamList {
         	$ldap = $_SESSION['ldap'];
         	$suffix = $_SESSION['config']->get_Suffix('dhcp');
         	
-        	$sr = @ldap_search($ldap->server(),"cn=".$entry['cn'][0].",".$suffix,"objectClass=dhcpHost", array(), 0, 0, 0, LDAP_DEREF_ALWAYS);
+        	$sr = @ldap_search($ldap->server(),"cn=".$entry['cn'][0].",".$suffix,"objectClass=dhcpHost", array(), 0, 0, 0, LDAP_DEREF_NEVER);
         	if ($sr) {
 	        	$get = ldap_get_entries($ldap->server(),$sr);
 	        	
diff --git a/lam/lib/types/group.inc b/lam/lib/types/group.inc
index 80636700..b6c43f16 100644
--- a/lam/lib/types/group.inc
+++ b/lam/lib/types/group.inc
@@ -242,7 +242,7 @@ class lamGroupList extends lamList {
 		for ($i = 0; $i < sizeof($this->entries); $i++) {
 			$gid = $this->entries[$i]['gidnumber'][0];
 			$filter = "(&(&" . $module_filter  . ")(gidNumber=" . $gid . "))";
-			$sr = @ldap_search($_SESSION["ldap"]->server(), escapeDN($module_suffix), $filter, $attrs, 0, 0, 0, LDAP_DEREF_ALWAYS);
+			$sr = @ldap_search($_SESSION["ldap"]->server(), escapeDN($module_suffix), $filter, $attrs, 0, 0, 0, LDAP_DEREF_NEVER);
 			if (ldap_errno($_SESSION["ldap"]->server()) == 4) {
 				StatusMessage("WARN", _("LDAP sizelimit exceeded, not all entries are shown."), _("See README.openldap.txt to solve this problem."));
 				$this->refresh_primary = true;
diff --git a/lam/lib/types/user.inc b/lam/lib/types/user.inc
index 531d23d6..ced8ed44 100644
--- a/lam/lib/types/user.inc
+++ b/lam/lib/types/user.inc
@@ -167,7 +167,7 @@ class lamUserList extends lamList {
 		$grp_suffix = $_SESSION['config']->get_Suffix('group');
 		$filter = "objectClass=posixGroup";
 		$attrs = array("cn", "gidNumber");
-		$sr = @ldap_search($_SESSION["ldap"]->server(), escapeDN($grp_suffix), $filter, $attrs, 0, 0, 0, LDAP_DEREF_ALWAYS);
+		$sr = @ldap_search($_SESSION["ldap"]->server(), escapeDN($grp_suffix), $filter, $attrs, 0, 0, 0, LDAP_DEREF_NEVER);
 		if ($sr) {
 			$info = @ldap_get_entries($_SESSION["ldap"]->server(), $sr);
 			unset($info['count']); // delete count entry
@@ -200,7 +200,7 @@ class lamUserList extends lamList {
 		elseif ($attribute == "jpegphoto") {
 			if (sizeof($entry[$attribute][0]) < 100) {
 				// looks like we have read broken binary data, reread photo
-				$result = @ldap_search($_SESSION['ldap']->server(), escapeDN($entry['dn']), $attribute . "=*", array($attribute), 0, 0, 0, LDAP_DEREF_ALWAYS);
+				$result = @ldap_search($_SESSION['ldap']->server(), escapeDN($entry['dn']), $attribute . "=*", array($attribute), 0, 0, 0, LDAP_DEREF_NEVER);
 				if ($result) {
 					$tempEntry = @ldap_first_entry($_SESSION['ldap']->server(), $result);
 					if ($tempEntry) {
diff --git a/lam/templates/delete.php b/lam/templates/delete.php
index a03f0c1c..b9b62ac5 100644
--- a/lam/templates/delete.php
+++ b/lam/templates/delete.php
@@ -254,7 +254,7 @@ if ($_POST['delete']) {
 */
 function getChildCount($dn) {
 	$return = 0;
-	$sr = @ldap_search($_SESSION['ldap']->server(), escapeDN($dn), 'objectClass=*', array('dn'), 0, 0, 0, LDAP_DEREF_ALWAYS);
+	$sr = @ldap_search($_SESSION['ldap']->server(), escapeDN($dn), 'objectClass=*', array('dn'), 0, 0, 0, LDAP_DEREF_NEVER);
 	if ($sr) {
 		$entries = ldap_get_entries($_SESSION['ldap']->server(), $sr);
 		$return = $entries['count'] - 1;
diff --git a/lam/templates/initsuff.php b/lam/templates/initsuff.php
index 676212ef..664f3ec7 100644
--- a/lam/templates/initsuff.php
+++ b/lam/templates/initsuff.php
@@ -58,7 +58,7 @@ if ($_POST['add_suff'] || $_POST['cancel']) {
 		// add entries
 		for ($i = 0; $i < sizeof($new_suff); $i++) {
 			// check if entry is already present
-			$info = @ldap_search($_SESSION['ldap']->server(), escapeDN($new_suff[$i]), "", array(), 0, 0, 0, LDAP_DEREF_ALWAYS);
+			$info = @ldap_search($_SESSION['ldap']->server(), escapeDN($new_suff[$i]), "", array(), 0, 0, 0, LDAP_DEREF_NEVER);
 			$res = @ldap_get_entries($_SESSION['ldap']->server(), $info);
 			if ($res) continue;
 			$suff = $new_suff[$i];
@@ -100,7 +100,7 @@ if ($_POST['add_suff'] || $_POST['cancel']) {
 						// create missing entries
 						for ($k = sizeof($subsuffs) - 1; $k >= 0; $k--) {
 							// check if subsuffix is present
-							$info = @ldap_search($_SESSION['ldap']->server(), escapeDN($subsuffs[$k]), "", array(), 0, 0, 0, LDAP_DEREF_ALWAYS);
+							$info = @ldap_search($_SESSION['ldap']->server(), escapeDN($subsuffs[$k]), "", array(), 0, 0, 0, LDAP_DEREF_NEVER);
 							$res = @ldap_get_entries($_SESSION['ldap']->server(), $info);
 							if (!$res) {
 								$suffarray = explode(",", $subsuffs[$k]);
diff --git a/lam/templates/lists/userlink.php b/lam/templates/lists/userlink.php
index dd653ad4..55424279 100644
--- a/lam/templates/lists/userlink.php
+++ b/lam/templates/lists/userlink.php
@@ -77,7 +77,7 @@ else {
 function search_username($name) {
 	$filter = "(uid=$name)";
 	$attrs = array();
-	$sr = @ldap_search($_SESSION['ldap']->server(), escapeDN($_SESSION['config']->get_Suffix('user')), $filter, $attrs, 0, 0, 0, LDAP_DEREF_ALWAYS);
+	$sr = @ldap_search($_SESSION['ldap']->server(), escapeDN($_SESSION['config']->get_Suffix('user')), $filter, $attrs, 0, 0, 0, LDAP_DEREF_NEVER);
 	if ($sr) {
 		$info = ldap_get_entries($_SESSION['ldap']->server(), $sr);
 		// return only first DN entry
diff --git a/lam/templates/login.php b/lam/templates/login.php
index 440adb88..d2d2968c 100644
--- a/lam/templates/login.php
+++ b/lam/templates/login.php
@@ -437,7 +437,7 @@ if(!empty($_POST['checklogin'])) {
 			$searchFilter = str_replace('%USER%', $username ,$searchFilter);
 			$searchSuccess = true;
 			$searchError = '';
-			$searchResult = @ldap_search($searchLDAP->server(), $_SESSION['config']->getLoginSearchSuffix(), $searchFilter, array('dn'), 0, 0, 0, LDAP_DEREF_ALWAYS);
+			$searchResult = @ldap_search($searchLDAP->server(), $_SESSION['config']->getLoginSearchSuffix(), $searchFilter, array('dn'), 0, 0, 0, LDAP_DEREF_NEVER);
 			if ($searchResult) {
 				$searchInfo = @ldap_get_entries($searchLDAP->server(), $searchResult);
 				if ($searchInfo) {
diff --git a/lam/templates/main.php b/lam/templates/main.php
index abb0a4d5..d608e921 100644
--- a/lam/templates/main.php
+++ b/lam/templates/main.php
@@ -49,7 +49,7 @@ $new_suffs = array();
 // get list of active types
 $types = $_SESSION['config']->get_ActiveTypes();
 for ($i = 0; $i < sizeof($types); $i++) {
-	$info = @ldap_search($_SESSION['ldap']->server(), escapeDN($conf->get_Suffix($types[$i])), "(objectClass=*)", array('objectClass'), 0, 0, 0, LDAP_DEREF_ALWAYS);
+	$info = @ldap_search($_SESSION['ldap']->server(), escapeDN($conf->get_Suffix($types[$i])), "(objectClass=*)", array('objectClass'), 0, 0, 0, LDAP_DEREF_NEVER);
 	$res = @ldap_get_entries($_SESSION['ldap']->server(), $info);
 	if (!$res && !in_array($conf->get_Suffix($types[$i]), $new_suffs)) $new_suffs[] = $conf->get_Suffix($types[$i]);
 }