Hi,
I posted this question in the "Directory Services" forum but was told it was a wrong forum (http://social.technet.microsoft.com/Forums/en-CA/winserverDS/thread/478f03b8-9a15-44d9-81c3-c72ab786faf1), so if this is a wrong forum again, kindly direct me to the right one, thanks.
I was trying to create a general LDAP Search function not using the DirectorySearcher class, after running into issues with it (http://dunnry.com/blog/PagingInSystemDirectoryServicesProtocols.aspx). As suggested by several posts on the net, I'm using DirectoryServices.Protocols namespace to bypass the issues with the COM objects. However, I don't seem to get the paging part to work. The code only returns the first page of results. More precisely, the PageResultResponseControl does not return a cookie, although many more pages are expected.
Here is my code:
function LDAPPagedSearch ([string]$searchRoot = ([adsi]'LDAP://rootDSE').defaultNamingContext.value, [string]$filter = {throw 'filter is required'}, [String[]]$attributes = @('name'), [switch]$typesOnly, $dc = $script:domainController) { $resultSet = @() $connection = New-Object System.DirectoryServices.Protocols.LdapConnection($dc) $connection.Timeout = New-Object system.TimeSpan(3.8e10) $searchRequest = New-Object System.DirectoryServices.Protocols.SearchRequest($searchRoot,$filter,[System.DirectoryServices.Protocols.SearchScope]::Subtree,$attributes) $searchRequest.TimeLimit = New-Object system.TimeSpan(3e9) $searchRequest.SizeLimit = [int]::MaxValue $searchRequest.TypesOnly = $typesOnly $pageResultControl = New-Object System.DirectoryServices.Protocols.PageResultRequestControl(10) [Void]$searchRequest.Controls.Add($pageResultControl) do { $searchResponse = [System.DirectoryServices.Protocols.SearchResponse] $connection.SendRequest($searchRequest) $searchResponse.Controls | ? { $_ -is [System.DirectoryServices.Protocols.PageResultResponseControl] } | % { $pageResultControl.Cookie = ([System.DirectoryServices.Protocols.PageResultResponseControl]$_).Cookie } $resultSet += $searchResponse.Entries } while ($pageResultControl.Cookie.length -gt 0) return $resultSet } cls $script:domainController = ([ADSI]"LDAP://RootDSE").dnsHostName.value $searchRoot = ([adsi]'LDAP://rootDSE').defaultNamingContext.value $searchFilter = '(&(objectcategory=person)(objectclass=user))' $searchAttrib = @('name') $usersResult = @(LDAPPagedSearch -searchRoot $searchRoot -filter $searchFilter -attributes $searchAttrib -typesOnly)
So when the above code is run, I only get back 10 results (the first page), although there are 400,000 user objects in the domain. Is there anything I did wrong?
Thanks in advance.