最近在研究用php ldap连接active directory(主要是使用adLDAP类),在使用folder_list()方法递归OU的时候发现报错,即ldap_search(): Partial search results returned: Sizelimit exceeded——只能查询1000个对象,google了一下,发现ad ldap默认的策略是有限制的(估计是考虑到性能的因素),将默认的MaxPageSize参数修改为一个较大的值即可(例如3000,我的测试环境里2000就够用了),修改方法如下。
Viewing current policy settings
- At the Ntdsutil.exe command prompt, type LDAP policies, and then press ENTER.
- At the LDAP policy command prompt, type connections, and then press ENTER.
- At the server connection command prompt, type connect to server <DNS name of server>, and then press ENTER. You want to connect to the server that your are currently working with.
- At the server connection command prompt, type q, and then press ENTER to return to the previous menu.
- At the LDAP policy command prompt, type Show Values, and then press ENTER.
A display of the policies as they exist appears.
Comments