Written by fabio
If you ask for a large set of results to an Active Directory (AD) you will get a "size limit exceeded" error message: searches of Active Directory performed without paging are limited to returning a maximum of the first 1000 records.
A way to get around this search size limit is getting "pages" of results, via ldapsearch as well.
Ldapsearch provides '-E' option that allows to perform paged searches.
We can ask for all items of a large result set simply by providing the right paging policy.
For example, we can use -E and provide a value of pr=1000/noprompt in order to return all pages, with 1000 result items per page, without further user interaction (noprompt).
ldapsearch -E pr=1000/noprompt -x -h adhost.domain.com -p 389 -D cn=administrator,cn=users,dc=domain,dc=com -w password -s sub -b "OU=Users,DC=domain,DC=com" "(objectClass=user)" dn