RE: LDAP query limit in AD?

Steven Manross Wed, 16 Mar 2011 23:35:29 -0700

Your code should pull all the users with a specified manager.
 
While there is a limit of 1000 objects that AD will pull back in an AD
query, we've written a paged query (  $Cmd->{Properties}->{"Page Size"}
= 99), to get around that limitation so I would start by modifying your
query to change:


(&(objectclass=User)(manager=*))

To:

(objectclass=User)

And note the differences of results..  I am guessing that will show your
missing 1000+ users.

HTH
Steven
________________________________

        From: A F [mailto:perl95...@yahoo.com] 
        Sent: Wednesday, March 16, 2011 11:09 PM
        To: Steven Manross; perl-win32-admin@listserv.ActiveState.com
        Subject: LDAP query limit in AD?
        
        
        Is there a limit on the number of record when doing a AD query
with LDAP?
        I am getting only 1000 records from this script. We have more
than 2000+ users in our AD.
        Any idea how to increase the limit to get everything?
         
         
        use Win32::OLE;
        my $RootDSE = Win32::OLE->GetObject("LDAP://RootDSE");
         
        
        $dc = $RootDSE->Get("DnsHostName");
        print "$dc\n";
        query_ldap("<LDAP://" . $dc .
">;(&(objectclass=User)(manager=*));displayname,distinguishedname;subtre
e",$objects);
         
        print "recordcount = ".$objects->{RecordCount}."\n";
        while (!$objects->{EOF}) {
        
getattributes($dc,$objects->Fields("distinguishedname")->{Value});
          $objects->MoveNext();
        }
        sub query_ldap {
          my $ldap_query = $_[0];
          my $error_num;
          my $error_name;
          my $RS;
          my $Conn = Win32::OLE->new("ADODB.Connection");
          if (Win32::OLE->LastError() != 0) {
            print "Failed creating ADODB.Connection object
(".Win32::OLE->LastError().")\n   -> $ldap_query\n";
            return 0;
          }
          $Conn->{'Provider'} = "ADsDSOObject";
          if (Win32::OLE->LastError() != 0) {
            print "Failed setting ADODB.Command Provider
(".Win32::OLE->LastError().")\n   -> $ldap_query\n";
            return 0;
          }
          $Conn->{Open} = "Perl Active Directory Query";
          my $Cmd = Win32::OLE->new("ADODB.Command");
          if (Win32::OLE->LastError() != 0) {
            print "Failed creating ADODB.Command object
(".Win32::OLE->LastError().")\n   -> $ldap_query\n";
            return 0;
          }
          $Cmd->{CommandText} = $ldap_query;
          $Cmd->{Properties}->{"Page Size"} = 99;
          $Cmd->{ActiveConnection} = $Conn;
          $RS = $Cmd->Execute();
          if (Win32::OLE->LastError() != 0) {
            print "Failed Executing ADODB Command object
(".Win32::OLE->LastError().")\nExecuting ADODB Command ->
$ldap_query\n";
            return 0;
          } else {
            $_[1] = $RS;
            return 1;
          }
        }
        sub getattributes  {
          my $dc = $_[0];
          my $dn = $_[1];
          my $adsuser = Win32::OLE->GetObject("LDAP://$dc/$dn") || die
("Can't find user: ".Win32::OLE->LastError()."\n");
          print "$adsuser->{cn}\t"; 
          print "$adsuser->{EmailAddress}\t";
          print "$adsuser->{department}\t";
          print "$adsuser->{PhysicalDeliveryOfficeName}\t";
          print "  Manager: $adsuser->{Manager}\n";
        }
        

         


_______________________________________________
Perl-Win32-Admin mailing list
Perl-Win32-Admin@listserv.ActiveState.com
To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs

RE: LDAP query limit in AD?

Reply via email to