Powershell script - LDAP - PageSize Function

Posted on 2014-08-18
Last Modified: 2014-08-23

I'm running a script that browse my LDAP. It has worked fine for a long time but yesterday I've been faced to a strange issue.

Some objects were not fetch by the query.
To correct this I was forced to change the PageSize from 1000 to 500.

I don't know why and send a request here if someone could explain me why this pagesize stop to work as requested ?

Thx in advance.
Question by:Sybux
    LVL 25

    Expert Comment

    by:Dan McFadden
    A little more info about the script would be helpful.  Are you using the "System.DirectoryServices.DirectorySearcher" class?  If so, are you using the defaults for the properties on the object you created?

    Some possibly useful links:!msg/microsoft.public.adsi.general/b2vv_bSGDvk/xi_h-sPeXGEJ

    This blog has a lot of useful examples:


    Author Comment

    woops, sorry I missed the code :)

    $query = New-Object System.DirectoryServices.DirectorySearcher($edir)
    $query.PageSize = 500
    $objClass = $query.findall()

    Open in new window

    Thx for the link but I've already read them via google but it doesn't help me to understand why with pagesize of 1000 not all records are fetched.
    LVL 25

    Accepted Solution

    It would appear that you were trying to return more than the server-side limit of objects.  That implies that you directory object count is above 1000.  By lowering the PageSize you allowed the scripting to grab 500 objects (which is less than the default server-side limit of 1000) then to go back and get the next 500, and so on.  Allowing your script to grab more than the server limit.

    This is in the MSDN docs at: ... check the Remarks near the bottom of the page.


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Find Ransomware Secrets With All-Source Analysis

    Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

    Why would I want to create a function for tracking messages? I am glad you asked. As with most monotonous/routine tasks, human error tends to creep in after doing the same task over and over again. By creating a function, you load the function once…
    Introduction You may have a need to setup a group of users to allow local administrative access on workstations.  In a domain environment this can easily be achieved with Restricted Groups and Group Policies. This article will demonstrate how to…
    This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now