Searching AD with LDAP (disconnection issues)

M

mcuk_storm

Anyone have any ideas why when i try to search from the base dn of
dc=testsite,dc=test,dc=com (the root of the AD) for objectClass=User and
tell it to search all subtrees AD disconnects me (most of the time,
not all the time) from the server. I have tried binding as a normal user
and admin. Same result for both. If i specify the base dn as
dc=Users,dc=testsite,dc=test,dc=com it works flawlessly every time, only
problem is it doesnt get the users in OU's.

Any help much appreciated,

Thanks
 
J

Joe Richards [MVP]

What tool are you using? And what do you mean disconnects you? What error do you
see?

More than likely if you are doing objectclass=user as the entirety of your
search filter and if you have a large AD, you are timing out. To search for
users you should be using a filter something like

(&(objectcategory=person)(objectclass=user))

objectclass is not indexed by default in AD. So doing an objectclass=something
search causes AD to look at every single object.

joe
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

How-To create a referall object in Active Directory 1
Add members to group with ldifde 0
LDIFDE - Export 2
LDAP Query in AD 4
Slow Logons and Can't open files 0
HELP DISTINGUISHED NAME DN IN AD (WIN2000 SERVER) 1
questions about DN struture 1
LDIFDE import error 2

Top