Even with that it only give me 1000. the recordcount seems to be always 1000 with any kind of filter I put. In my previous example I was expecting 1600+ users that have manager.
________________________________ From: Steven Manross <[email protected]> To: A F <[email protected]>; [email protected] Sent: Wed, March 16, 2011 11:34:17 PM Subject: RE: LDAP query limit in AD? Your code should pull all the users with a specified manager. While there is a limit of 1000 objects that AD will pull back in an AD query, we've written a paged query ( $Cmd->{Properties}->{"Page Size"} = 99), to get around that limitation so I would start by modifying your query to change: (&(objectclass=User)(manager=*)) To: (objectclass=User) And note the differences of results.. I am guessing that will show your missing 1000+ users. HTH Steven ________________________________ From: A F [mailto:[email protected]] Sent: Wednesday, March 16, 2011 11:09 PM To: Steven Manross; [email protected] Subject: LDAP query limit in AD? Is there a limit on the number of record when doing a AD query with LDAP? I am getting only 1000 records from this script. We have more than 2000+ users in our AD. Any idea how to increase the limit to get everything? use Win32::OLE; my $RootDSE = Win32::OLE->GetObject("LDAP://RootDSE"); $dc = $RootDSE->Get("DnsHostName"); print "$dc\n"; query_ldap("<LDAP://" . $dc . ">;(&(objectclass=User)(manager=*));displayname,distinguishedname;subtre e",$objects); print "recordcount = ".$objects->{RecordCount}."\n"; while (!$objects->{EOF}) { getattributes($dc,$objects->Fields("distinguishedname")->{Value}); $objects->MoveNext(); } sub query_ldap { my $ldap_query = $_[0]; my $error_num; my $error_name; my $RS; my $Conn = Win32::OLE->new("ADODB.Connection"); if (Win32::OLE->LastError() != 0) { print "Failed creating ADODB.Connection object (".Win32::OLE->LastError().")\n -> $ldap_query\n"; return 0; } $Conn->{'Provider'} = "ADsDSOObject"; if (Win32::OLE->LastError() != 0) { print "Failed setting ADODB.Command Provider (".Win32::OLE->LastError().")\n -> $ldap_query\n"; return 0; } $Conn->{Open} = "Perl Active Directory Query"; my $Cmd = Win32::OLE->new("ADODB.Command"); if (Win32::OLE->LastError() != 0) { print "Failed creating ADODB.Command object (".Win32::OLE->LastError().")\n -> $ldap_query\n"; return 0; } $Cmd->{CommandText} = $ldap_query; $Cmd->{Properties}->{"Page Size"} = 99; $Cmd->{ActiveConnection} = $Conn; $RS = $Cmd->Execute(); if (Win32::OLE->LastError() != 0) { print "Failed Executing ADODB Command object (".Win32::OLE->LastError().")\nExecuting ADODB Command -> $ldap_query\n"; return 0; } else { $_[1] = $RS; return 1; } } sub getattributes { my $dc = $_[0]; my $dn = $_[1]; my $adsuser = Win32::OLE->GetObject("LDAP://$dc/$dn") || die ("Can't find user: ".Win32::OLE->LastError()."\n"); print "$adsuser->{cn}\t"; print "$adsuser->{EmailAddress}\t"; print "$adsuser->{department}\t"; print "$adsuser->{PhysicalDeliveryOfficeName}\t"; print " Manager: $adsuser->{Manager}\n"; }
_______________________________________________ Perl-Win32-Admin mailing list [email protected] To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs
