Searching AD with LDAP (disconnection issues)

  • Thread starter Thread starter mcuk_storm
  • Start date Start date
M

mcuk_storm

Anyone have any ideas why when i try to search from the base dn of
dc=testsite,dc=test,dc=com (the root of the AD) for objectClass=User and
tell it to search all subtrees AD disconnects me (most of the time,
not all the time) from the server. I have tried binding as a normal user
and admin. Same result for both. If i specify the base dn as
dc=Users,dc=testsite,dc=test,dc=com it works flawlessly every time, only
problem is it doesnt get the users in OU's.

Any help much appreciated,

Thanks
 
What tool are you using? And what do you mean disconnects you? What error do you
see?

More than likely if you are doing objectclass=user as the entirety of your
search filter and if you have a large AD, you are timing out. To search for
users you should be using a filter something like

(&(objectcategory=person)(objectclass=user))

objectclass is not indexed by default in AD. So doing an objectclass=something
search causes AD to look at every single object.

joe
 
Back
Top