|
Yes, you have to page the results.You could always (not
recommended) change the query response limit in
ntdsutil. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Harding, Devon Sent: Wednesday, May 10, 2006 2:35 PM To: [email protected] Subject: RE: [ActiveDir] LDAP queries Is there a search limit
on Global Catalogs? The problem I could be having is that this Symantec
appliance is limited to a 10,000 object search. When I use LDAP
Browser/editor, it returns only 1000 entries. From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of joe I am not
familiar with the device, does it pull the objects locally and keep in some sort
of cache or ??? Note that
you will need to be searching the GC port to find anything since you have stuff
across multiple domains. So find the way to specify port and say 3268 (or 3269
if you want SSL but lets get it working first. :o) Now as for
the queries.... A query to
find all users (i.e. not contacts) who are exchange enabled (both mail and
mailbox enabled) you would do something like (&(sAMAccountType=805306368)(proxyaddresses=*)) or (&(sAMAccountType=805306368)(mailnickname=*)) either
should perform about the same. For
non-Exchange enabled groups which is what *I think* you are looking for in the
second query (&(grouptype=*)(!(proxyaddresses=*))) or (&(grouptype=*)(!(mailnickname=*))) ...should
be similar perf. For
exchange enabled groups (&(grouptype=*)(proxyaddresses=*)) or (&(grouptype=*)(mailnickname=*)) Again,
should be comparable...
joe -- O'Reilly
Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of I’m using a Symantec Mail Security
8260 appliance that used LDAP to prevent Directory Harvest attacks. The
problem is, the built in queries is causing an issue with adding the LDAP
server. We have an empty root with several child domains. Here are
the queries: Query start (Sync base
DN):
DC=domain,DC=com User query:
(|(mail=*)(proxyAddresses=*)) Group query:
(&(!(mail=*))(!(proxyAddresses=*))) Distribution list
query:
(|(mail=*)(proxyAddresses=*)) My question is, what other LDAP
filters can I use instead of these to accomplish the result of querying for user
SMTP addresses & distribution groups? Windows
Systems Engineer Southern Wine
& Spirits - BSG 954-602-2469 ---------------------------------------------------------------------------
This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication. Thank you. |
- RE: [ActiveDir] LDAP queries Harding, Devon
- RE: [ActiveDir] LDAP queries joe
- Re: [ActiveDir] LDAP queries Al Mulnick
- RE: [ActiveDir] LDAP queries Hutchins, Mike
- RE: [ActiveDir] LDAP queries Harding, Devon
