使用Net :: LDAP :: Control :: Paged超出了SizeLimit

时间:2012-09-06 22:47:07

标签: perl active-directory ldap

根据我读过的所有文档,查询Ac​​tive Directory时结果集的最大大小为1000条记录。如果您需要超过1000,您将被告知使用Net :: LDAP :: Control :: Paged来浏览并获取超过1000条记录,我试图这样做。出于某种原因,尽管使用了分页控件,我仍然只能获得1000条记录。我正在使用与其他人声称成功使用的相同代码而没有任何运气。我在这里错过了什么吗?请注意,我没有AD服务器的管理访问权限,因此更改配置对我来说不是一个选项。我已粘贴下面的相关代码,因此您可以指出我可能做错的任何事情。

#!perl -w

use strict;
use Net::LDAP;
use Net::LDAP::Control::Paged;
use Net::LDAP::Constant qw( LDAP_CONTROL_PAGED );

my $LDAPServer      = "<LDAP SERVER ADDRESS>";
my $base        = "<BASE DN>";
my $user                = "<LDAP USER>";
my $pass                = "<PASSWORD>";
my $page                = Net::LDAP::Control::Paged->new(size => 1000) or die $!;
my $errorConnectionStr  = "";
my $ldap;
my $mesg;
my $cookie;

$ldap = Net::LDAP->new($LDAPServer);
$mesg = $ldap->bind($user, password => $pass, version => 3);

open(OUT,">users.csv");
print OUT "sAMAccountName,sn,givenName\n";

my $filter = "(&(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(!(objectClass=computer)))";
my @attribs = ("sn", "givenName", "sAMAccountName", "distinguishedName");

my @args = (
        base    => $base,
        scope   => 'sub',
        filter  => $filter,
        attrs   => @attribs,
        pagesize => 1000,
        control => [$page]
);

while(1) {
    $mesg = $ldap->search(@args) or die $!;

    while (my $entry = $mesg->pop_entry()) {
        my $print = 1;

        my $dn = $entry->dn();
        my $uid = $entry->get_value('sAMAccountName');
        my $ln = $entry->get_value('sn');
        my $fn = $entry->get_value('givenName');

        if($dn =~ m/.*Resources.*/) {
            $print = 0;
        }

        if(defined($uid) && defined($ln) && defined($fn)) {
            if($print == 1) {
                print OUT "$uid,$ln,$fn\n";
            }
        }
    }

    my ($resp) = $mesg->control(LDAP_CONTROL_PAGED) or last;
    $cookie = $resp->cookie or last;
    $page->cookie($cookie);
}

if($cookie) {
    print "Abnormal exit\n";
    $page->cookie($cookie);
    $page->size(0);
    $ldap->search(@args);
}

close(OUT);
$ldap->unbind;

3 个答案:

答案 0 :(得分:1)

attrs => \@attrs,中需要@args。如果没有反斜杠,您将插入奇数个元素('attrs'加上数组的四个元素),搜索方法看不到pagesize参数。

答案 1 :(得分:0)

我第一次使用它,它在这里工作。我的搜索非常简单(显示容器中的所有对象)。我通过在800组页面中抓取它们来列出11.5k组。我的代码几乎与你的代码相同(它是Net :: LDAP :: Control :: Paged手册页和你的代码的混合),除了我没有在搜索中指定页面大小:

while (1) {
   my $mesg = $x->{ldap}->search(base => $x->{config}->{gbase},
                                scope => 'sub',
                              control => [$page],
                               filter => 'cn=*',
                                attrs => \@attrs,
   );
   die "LDAP error: server says ",$mesg->error,"\n" if $mesg->code;

   foreach my $entry ( $mesg->entries ) {
      my $cn   = $entry->get_value('cn');
      my $desc = $entry->get_value('description');
      print "$cn - $desc\n";
   }

   # Get cookie from paged control
   my($resp)  = $mesg->control( LDAP_CONTROL_PAGED )  or last;
   $cookie    = $resp->cookie or last;

   # Set cookie in paged control
   $page->cookie($cookie);
}

答案 2 :(得分:-1)

您不能使用大小1000,因为它是广告限制,因此不会分页。需要比这少的东西。尝试999并开心。

相关问题
最新问题