hi,

using powershell with System.DirectoryServices.Protocols (S.DS.P) and
paged searching.

having a paged search (pagesize: 1000, results: 2000) but edirectory is
returning the first 1000 objects a second time instead of giving back
the next 1000 objects. edirectory seems to get it's a paged search
(compare OID in trace), anyhow .. i am not getting it.

thanks for any input, florian


Code-Snippet:

Code:
--------------------

$SearchRequest = New-Object System.DirectoryServices.Protocols.SearchRequest($ Base, $Filter, $Scope, $Attributes)

# set pagesize
$PageRequestControl = New-Object System.DirectoryServices.Protocols.PageResultReque stControl($PageSize)
$SearchRequest.Controls.Add($PageRequestControl) | Out-Null

# page if needed
Do
{
$SearchResponse = $LDAPConnection.SendRequest($SearchRequest)

ForEach ($Control in $SearchResponse.Controls)
{
If ($Control -is [System.DirectoryServices.Protocols.PageResultRespo nseControl])
{
If ($Control.Cookie.Length -gt 0)
{
# set/update cookie
$PageRequestControl.Cookie = $Control.Cookie
}
Else
{
# no more results
Break
}
}
}

# collect entries
# todo: arraylist ..
[Array] $ResultSet += $SearchResponse.Entries
}
While ($PageRequestControl.Cookie.Length -gt 0)
--------------------


TRACE:

17:18:08 1B60 LDAP: DoSearch on connection 0x280e2690
17:18:08 1B60 LDAP: Search request:
base: "o=myCorp"
scope:2 dereference:0 sizelimit:0 timelimit:0 attrsonly:0
filter:
"(&(objectclass=inetorgperson)(groupmembership=*)( myattrxyz=*))"
attribute: "myattrxyz"
attribute: "groupmembership"
17:18:08 1B60 LDAP: nds_back_search: Search Control OID
1.2.840.113556.1.4.319
17:18:08 1B60 LDAP: Sending search result entry "cn=user01,o=myCorp" to
connection 0x280e2690
17:18:08 1B60 LDAP: Sending search result entry "cn=user02,o=myCorp" to
connection 0x280e2690
17:18:08 1B60 LDAP: Sending search result entry "cn=user03,o=myCorp" to
connection 0x280e2690
....................
17:18:08 1B60 LDAP: Sending operation result 0:"":"" to connection
0x280e2690
17:18:08 1680 LDAP: DoSearch on connection 0x280e2690
17:18:08 1680 LDAP: Search request:
base: "o=myCorp"
scope:2 dereference:0 sizelimit:0 timelimit:0 attrsonly:0
filter:
"(&(objectclass=inetorgperson)(groupmembership=*)( myattrxyz=*))"
attribute: "myattrxyz"
attribute: "groupmembership"
17:18:08 1680 LDAP: nds_back_search: Search Control OID
1.2.840.113556.1.4.319
17:18:08 1680 LDAP: Sending search result entry "cn=user01,o=myCorp" to
connection 0x280e2690
17:18:08 1680 LDAP: Sending search result entry "cn=user02,o=myCorp" to
connection 0x280e2690
17:18:08 1680 LDAP: Sending search result entry "cn=user03,o=myCorp" to
connection 0x280e2690
....................


--
florianz
------------------------------------------------------------------------
florianz's Profile: https://forums.netiq.com/member.php?userid=309
View this thread: https://forums.netiq.com/showthread.php?t=55630