Tuesday, June 08, 2010

how to get LDAP query output of more than 1000 objects

You can always change the LDAP query output from 1000 to the number of your choice on AD using ntdsutil.exe feature. - Caution - this is not the recommended option as this will increase the maxpagefilesize on your server which can be a server performance overload.
===============================

C:\WINDOWS\system32\ntdsutil.exe: ldap policies
ldap policy: connections
server connections: connect to server lab15cust5
Binding to lab15cust5 ...
Connected to lab15cust5 using credentials of locally logged on user.
server connections: q
ldap policy: show values
MaxPageSize 2000
ldap policy: set maxpagesize to 3000
ldap policy: show values
Policy Current(New)
MaxPageSize 2000(3000)
ldap policy: commit changes
ldap policy: show values
Policy Current(New)
MaxPageSize 3000
ldap policy: q

=====================================
Other way of getting more than 1000 results without modifying the maxpagefilesize is by using -E option along with Paged Results option.
ldapsearch -E pr=100/noprompt -H ldap://xxx.xxx.xxx.xxx -x -b "dc=doman,dc=com" -D "domain\username" -W
This will show all the ldap search results even if there is max of 1000 search output results.

No comments: