Problem:
Doing a standard ldapsearch for users against an Active Directory domain will by default return a "Size limit exceeded" error assuming your AD search result limit was left at the default setting and your search query has more than 1000 results to be returned.
ldapsearch -LLL -H YourActiveDirectoryHostName:3268 -b 'CN=Users,DC=YourActiveDirectoryDomainName,DC=TLD' -D ADUsername@yourDomainName - w ADUserPWD objectclass=user -E pr=2147483647/noprompt
The Solution:
Found this solution at the source link at the bottom of this post. I've only modified the port name to query AD's Global Catalog port 3268 instead of 389 and the base for search to be my AD Users' OU in the -b parameter (CN=Users, DC=etc...)
Also, click here for more ldapseach search operators
0 comments:
Post a Comment