The problem is with LDAP, the selection is incomplete.
When I do the same with softterra ldap browser (same criteria) they are in the list.
I have looked at two different customers and both have more than 999 lines in the selection.
The problem is the [count] => 1000
This means that ONLY 1000 lines from the active directory are read and then it stops! This numer should be much bigger or endless.
Solution:
The limit of 1000 tems is a page size set by the LDAP server, but it can be changed with these commands on the LDAP server:
C:> ntdsutil
ntdsutil: ldap policies
ldap policy: connections
server connections: connect to server x.x.x.x ( here a few messages regarding connectivity are displayed)
server connections : q
ldap policy : show values ( here we will see all the values including MaxPageSize which is 1000 currently)
ldap policy : set maxpagesize to 5000
ldap policy : commit changes
ldap policy : q
ntdsutil : q
Today the active directory has been modified and your right is now does about 1200 lines, de scope is set to 5000.
Comments
0 comments
Please sign in to leave a comment.