0

I am using Netscape library for performing search operation on microsoft ADS/ADAM Ldap server Following is the snippet I am using:

LDAPConnection connection=new LDAPConnection();
connection.connect("xx.xx.xx.xx", 389);
connection.authenticate( "CN=xx,CN=xx,DC=xx,DC=xx,DC=xx", "xxxx");
String[] attr= { "member;range=0-*" };
        
LDAPSearchResults resultSet = connection.search("CN=UsersGroup,CN=Builtin,DC=xx,DC=xx,DC=xx", 2, "(&(objectclass=group))", attr,false);

API is returning only 10000 records for "member" multivalued attribute.

MaxValRange value is set to 50000 on server.

Is there any way I can get more than 10K records in single search?

Swap
  • 5
  • 4

1 Answers1

0

AFIK, besides modifying the MaxValRange, you need to override the upper-limits introduced in Windows Server 2008/R2 and restore the old-style (no upper limit enforced behavior for LDAP Query Policy in Windows Server 2003), modify the dSHeuristic attribute in Active Directory.

And of course you could use the Ranging OID.

We did, sometime ago, create some Example Java code to make the process easier.

jwilleke
  • 10,467
  • 1
  • 30
  • 51
  • Hi jwilleke, I am using Windows Server 2012 R2. Same is applicable for Windows Server 2012 R2? – Swap Dec 21 '20 at 13:48
  • AFIK, for any Windows server after Windows Server 2008/R2. – jwilleke Dec 22 '20 at 10:21
  • I added some links to sample code to implement ranging options. – jwilleke Dec 22 '20 at 10:25
  • I don't see option "dSHeuristic" in attribute list on Windows server 2012 R2. – Swap Dec 23 '20 at 05:47
  • 1
    Hi jwilleke, Your suggestion helped solving my problem. I have added "dSHeuristic" attribute to the list and now i am able to fetch records more than 10K. Thanks for your help. – Swap Dec 23 '20 at 08:04