Written by
  • email
  • twitter
  • linkedin
  • linkedin

Asking for a large set of results via ldapsearch to an Active Directory (AD) you will get a "size limit exceeded" error message. Searches of Active Directory performed without paging are limited to returning a maximum of the first 1000 records.

If you ask for a large set of results to an Active Directory (AD) you will get a "size limit exceeded" error message: searches of Active Directory performed without paging are limited to returning a maximum of the first 1000 records.

A way to get around this search size limit is getting "pages" of results, via ldapsearch as well.

 

Ldapsearch provides '-E' option that allows to perform paged searches.

We can ask for all items of a large result set simply by providing the right paging policy.

For example, we can use -E and provide a value of pr=1000/noprompt in order to return all pages, with 1000 result items per page, without further user interaction (noprompt).

              ldapsearch -E pr=1000/noprompt -x
              -h adhost.domain.com
              -p 389
              -D  cn=administrator,cn=users,dc=domain,dc=com
              -w password
              -s sub -b  "OU=Users,DC=domain,DC=com"
              "(objectClass=user)" dn
50 VOTIGoodGood
Ti è stato utile questo articolo?
From Tirasa's Blog
The place where we share what we do, learn and discover day by day.
Go to blog >