好的,我已经在服务器上建立了与Active Directory的连接。我知道查询活动目录是有效的。我想要做的是查询活动目录中的所有ou和/或组,并且还能够找到属于这些组/ ous的用户。
这是当前查询,它只提取用户信息(或设置为拉动所有用户的存储过程的一部分):
SELECT
userAccountControl,
DisplayName AS [NAME],
givenName AS FIRSTNAME,
middleName,
sn AS LASTNAME,
employeeID AS EMPID,
telephoneNumber AS EXT,
Title,
Department AS DEPT,
Division,
sAMAccountName AS UserName,
mail AS Email,
homeDirectory AS HomeDir,
userPrincipalName AS LOGON,
manager
FROM OPENQUERY(ADSI,
'
select
userAccountControl,
DisplayName,
givenName,
middleName,
sn,
employeeID,
telephoneNumber,
Title,
Department,
Division,
sAMAccountName,
mail,
homeDirectory,
userPrincipalName,
manager
from ''LDAP://name''
where sn > ''a''
and sn <''h''
order by DisplayName
')
AS derivedtbl_1
答案 0 :(得分:1)
您是否意识到您无法查询比AD服务器愿意在一个回复中返回的更多对象?
ADSI SQL提供程序不支持对结果进行分页。 AD服务器通常配置为仅返回前1000个结果。
如果您一次查询几乎所有AD对象,则很可能达到该限制。
你能澄清一下你想要达到的目标吗?