Question

LDAP Limit 1000 user

1

Hello, I’m using LDAP module and i have a problem that only 1000 users are imported although i have +1700 in the AD with the same search filter. So, I think it’s a limit set but i don’t know if the limit from the module itself or from the AD side. Thanks in advance

asked 2023-06-15

Mohamed ElNady

1 answers

Erwin 't Hoen · Accepted Answer · 2023-06-15

The issue is on the AD side:

There is a maxPageSize limit of 1000 in the windows AD which limits the LDAP query records to a max of 1000.

In simple words whenever an LDAP search or query is made to the AD, no more than 1000 records are returned from the directory. This limitation is actually a security design so as to prevent the AD from DOS attacks for LDAP queries. In case less than 1000 users are defined in the AD, no additional work is required but for a large setup this limit needs to be changed at the AD using the “ntdsutil” utility.