[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapsearch against AD for large groups (>1000 members)

On Fri, 5 Jul 2002, Antti Tikkanen wrote:

> Hi,
> I am not sure if this is an OpenLDAP thing or an AD thing. When I use
> ldapsearch to get the members of an AD group with more than 1000 members,
> I only receive the first 1000:
>  # ldapsearch -LL '(cn=testgroup)'
>  --clip--
>   dn: CN=testgroup,<...>
>   member;range=0-999:CN=test999,<...>
>   member;range=0-999:CN=test998,<...>
>   member;range=0-999:CN=test997,<...>

Getting back to this, I think I know what the problem is. A different
thing is what to do about it. 

I gather that MS is using the Internet Draft:

"Incremental Retrieval of Multi-valued Properties"  
is the only link I found valid)

Probably no one else supports this? Nor ever will? At least not OpenLDAP? 
The draft has expired in May 2002, and is written by Microsoft people.. :)



Helsinki University of Technology 
Computing Centre