Your code should pull all the users with a specified manager.
While there is a limit of 1000 objects that AD will pull back in an AD
query, we've written a paged query ( $Cmd->{Properties}->{"Page Size"}
= 99), to get around that limitation so I would start by modifying your
query to change:
(&(objectclass=User)(manager=*))
To:
(objectclass=User)
And note the differences of results.. I am guessing that will show your
missing 1000+ users.
HTH
Steven
________________________________
From: A F [mailto:[email protected]]
Sent: Wednesday, March 16, 2011 11:09 PM
To: Steven Manross; [email protected]
Subject: LDAP query limit in AD?
Is there a limit on the number of record when doing a AD query
with LDAP?
I am getting only 1000 records from this script. We have more
than 2000+ users in our AD.
Any idea how to increase the limit to get everything?
use Win32::OLE;
my $RootDSE = Win32::OLE->GetObject("LDAP://RootDSE");
$dc = $RootDSE->Get("DnsHostName");
print "$dc\n";
query_ldap("<LDAP://" . $dc .
">;(&(objectclass=User)(manager=*));displayname,distinguishedname;subtre
e",$objects);
print "recordcount = ".$objects->{RecordCount}."\n";
while (!$objects->{EOF}) {
getattributes($dc,$objects->Fields("distinguishedname")->{Value});
$objects->MoveNext();
}
sub query_ldap {
my $ldap_query = $_[0];
my $error_num;
my $error_name;
my $RS;
my $Conn = Win32::OLE->new("ADODB.Connection");
if (Win32::OLE->LastError() != 0) {
print "Failed creating ADODB.Connection object
(".Win32::OLE->LastError().")\n -> $ldap_query\n";
return 0;
}
$Conn->{'Provider'} = "ADsDSOObject";
if (Win32::OLE->LastError() != 0) {
print "Failed setting ADODB.Command Provider
(".Win32::OLE->LastError().")\n -> $ldap_query\n";
return 0;
}
$Conn->{Open} = "Perl Active Directory Query";
my $Cmd = Win32::OLE->new("ADODB.Command");
if (Win32::OLE->LastError() != 0) {
print "Failed creating ADODB.Command object
(".Win32::OLE->LastError().")\n -> $ldap_query\n";
return 0;
}
$Cmd->{CommandText} = $ldap_query;
$Cmd->{Properties}->{"Page Size"} = 99;
$Cmd->{ActiveConnection} = $Conn;
$RS = $Cmd->Execute();
if (Win32::OLE->LastError() != 0) {
print "Failed Executing ADODB Command object
(".Win32::OLE->LastError().")\nExecuting ADODB Command ->
$ldap_query\n";
return 0;
} else {
$_[1] = $RS;
return 1;
}
}
sub getattributes {
my $dc = $_[0];
my $dn = $_[1];
my $adsuser = Win32::OLE->GetObject("LDAP://$dc/$dn") || die
("Can't find user: ".Win32::OLE->LastError()."\n");
print "$adsuser->{cn}\t";
print "$adsuser->{EmailAddress}\t";
print "$adsuser->{department}\t";
print "$adsuser->{PhysicalDeliveryOfficeName}\t";
print " Manager: $adsuser->{Manager}\n";
}
_______________________________________________
Perl-Win32-Admin mailing list
[email protected]
To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs
