Avatar of mmb1
mmb1
 asked on

cfldap

I'm using CF 9.0 and when I query the ldap server, I'm only getting 1000 rows returned.

Here's my query:

<cfldap
        server="my.ldap.server"
        action="query"
        name="lookupUsers"
        start="DC=MY,DC=LDAP,DC=SERVER"
        scope="subtree"
        filter="(&(cn=*#pusername#*))"
   delimiter=";"
   separator="<br>"  
  attributes="distinguishedName,givenName,sAMAccountName,memberOf,description"
   maxrows=32000
   timeout="0"
   sort="sn"
   sortcontrol="asc"
   username="user@my.domain"
   password="xyz"
    >

#lookupUsers.RecordCount# is always 1000.

Thanks!!
ColdFusion Language

Avatar of undefined
Last Comment
mmb1

8/22/2022 - Mon
dgrafx

maybe that's how many rows there are that match that filter.
try modifying your filter.
(&(objectClass=user)(sAMAccountName=SOMEUSERNAME)) for example
mmb1

ASKER
I wish that were true.  However, I have 32000 users in our AD.  I've tried every solution Google has offered up and nothing gets me more than 1000 users.  

Any other suggestions?
mmb1

ASKER
I should clarify, that if I perform the following (changing the filter), only 1000 records come back:

<cfldap
        server="my.ldap.server"
        action="query"
        name="lookupUsers"
        start="DC=MY,DC=LDAP,DC=SERVER"
        scope="subtree"
        filter="(&(cn=*))"
   delimiter=";"
   separator="<br>"  
  attributes="distinguishedName,givenName,sAMAccountName,memberOf,description"
   maxrows=32000
   timeout="0"
   sort="sn"
   sortcontrol="asc"
   username="user@my.domain"
   password="xyz"
    >
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
dgrafx

try with quotes around your maxrows="32000"

In my example filter earlier - where i wanted you to query for an example sAMAccountName - you should just get one record (or zero if it didn't exist) - did that happen or did you get 1000 records for that as well?
mmb1

ASKER
I put in the quotes, and got the same results.  Still just received 1000 rows back.  

On the earlier query, I got one record back.  To further check, I entered a value that shouldn't return a record and it worked correctly.
dgrafx

well - maybe you really only have 1000 records that MATCH the filter you are using.
modify the filter and you should get different results.
try matching something other than cn
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
mmb1

ASKER
I have already tried that too.  I tried a filter of sn=* and sAMAccountName=* and still only get back 1000 records.  I have a total of 32,000+ users in my AD.

Acitve Directory Explorer asks me if I want it to continue searching after returning 1000 records.
dgrafx

i guess i don't have any other suggestions - sorry ...
ASKER CERTIFIED SOLUTION
mmb1

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
dgrafx

ok - cool - I will remember this if I ever encounter ...

glad you got it!
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
mmb1

ASKER
The LDAP/AD configuration has configuration parameters set to guard against  malice, and pagesize is one of them.