[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapsearch fail with Active Directory...

At 11:34 PM 10/17/2003, Patrick GELIN wrote:
>Le sam 18/10/2003 à 04:34, Kurt D. Zeilenga a écrit :
>> At 05:11 AM 10/17/2003, Patrick Gelin wrote:
>> >Hi,
>> >
>> >openldap: v 2.1.21-1 with RedHat 9.0
>> >Active Directory: v 5.2.3790.0 (windows 2000)
>> >
>> >I'm using this command with an Active directory server (there is
>> >approximately 40000 users):
>> >
>> >ldapsearch -W -x -z 10000 -b "dc=rpn,dc=ch" -D "cn=Utilisateur
>> >LDAP,cn=Users,dc=rpn,dc=ch" -h rpndc1.rpn.ch -p 3268
>> >
>> >And the result finish with:
>> >
>> ># search result
>> >search: 2
>> >result: 4 Size limit exceeded
>> > 
>> ># numResponses: 1001
>> ># numEntries: 1000
>> 
>> Since the number of entries is not greater than the client provided
>> limit, a server limit must have been enforced a more restrictive
>> limit.
>> 
>I'm not sure to understand...You think this is a server limit. So there
>is more than one because I know the administrator, he explained me he
>fixed the limit to 30000... So 30000 will be a total limit and 10000
>will be a page limit?

I have no clue as to how many knobs AD might allow administrator
to turn or wether it has any hard-coded limits,  I simply assert
that the server enforced a limit lower than that which the client
asked for.

>(I don't know haw Microsoft Active Directory
>clients work but I used to get the full list of the AD content with more
>than 30000 items...)
>
>Is it possible to ask openldap get [0..500] then [501..600]... etc?

If you want to toy with paged results (elective) extension to LDAP,
you might try 2.2 (currently in beta).