• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 280
  • Last Modified:

AD user object restriction

Hey all --

How do stop the AD user restriction of only showing 1000 objects from the server?
0
nyceuser
Asked:
nyceuser
  • 3
  • 2
  • 2
  • +1
2 Solutions
 
Mike KlineCommented:
where in AD are you talking about
In AD users and computers you can to to view >> Filter options and set the maximum number of items displayed
 
Thanks
Mike
0
 
nyceuserAuthor Commented:
Ok here is my problem.   vendor is here and is using a 3rd party app that connects to AD to pull the users.  But it's only showing 1000 users for him.  Is this because of the restriction in AD?
0
 
Joseph DalyCommented:
More than likely this is due to the LDAP limit of 1000 entries.
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
Joseph DalyCommented:
The SizeLimit and PageSize properties both affect the number of items that are returned by a search. The SizeLimit property sets the maximum number of items that will be returned by a search, but there may be other search result limitations imposed by the underlying directory service. For example, Active Directory limits the maximum number of search results to 1000. In this case, setting the SizeLimit property to a value greater than 1000 has no effect.

The PageSize property sets the maximum number of items in each page of results that will be returned by a search. The page size is also affected by the underlying directory service. With Active Directory, the largest page size is 1000. Any value over 1000 will be ignored. If PageSize is set to its default value (zero), no paging will occur and the maximum number of items returned by the search will be the lesser of SizeLimit and 1000.

To retrieve a set of results that is larger than 1000 items, you must set SizeLimit to its default value (zero) and set PageSize to a value that is less than or equal to 1000. For example, if a search will result in 12,000 items being returned and SizeLimit is set to 500, a total of 500 items will be returned. If, however, SizeLimit is set to zero and PageSize is set to 500, the search will return all 12,000 results in pages of 500 items, with the last page containing only 200 items. The paging occurs transparently to the application and the application does not have to perform any special processing other than setting the PageSize property to the proper value.
0
 
nyceuserAuthor Commented:
is there a way to change this?
0
 
nyceuserAuthor Commented:
wow..thanks for that info xxdcmast...where do I go to set the PageSize and SizeLimit?
0
 
Mike KlineCommented:
http://www.experts-exchange.com/Database/LDAP/Q_24099175.html
Some more info, Chris Dent and I were involved in a thread about this topic last month.
 
Thanks
Mike
0
 
LauraEHunterMVPCommented:
> "vendor is here and is using a 3rd party app that connects to AD to pull the users.  But it's only showing 1000 users for him.  Is this because of the restriction in AD?"

Inform your vendor that their application needs to be configured to use paged LDAP queries. Modifying the default page size is not a recommended practice, as it can leave your domain controllers vulnerable to denial of service attacks by badly-formatted or inefficient queries.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

  • 3
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now