Apr 10, 2012 at 07:10 AM
Microsoft AD: Reading member attribute of large group
Hi everybody,
I'm currently facing a problem reading group membership (attribute member) of large AD groups using the "From LDAP directory" pass. I know that there is a limitation on AD (maxValRange property in AD) which controls how many values are returned for one attribute when querying one entry. I also know, that it is possible to overcome this issue using SearchControls (e.g. ({"member;Range=1499-*"}) and increase this value in a loop).
Please be aware that this is NOT the "directory page size" in the pass configuraton, which has impact on the number of search results returned on one query.oes the default "From LDAP directory" pass support this kind of iteration?
Regards
Matthias Bartel