Specify max results with Com4j when querying LDAP

StackOverflow https://stackoverflow.com/questions/15495179

Question

I'm trying to query ldap with Com4j to retrieve all internal employees. The code below works, but always returns 960 results while there should be thousands. It there a way to specifiy the maximum results size or should I do things a bit different?

public class SearchInternalPersons {

private static final Logger LOGGER = LoggerFactory.getLogger(SearchInternalPersons.class);

private static final String DEFAULT_FIELDS = "sAMAccountName,givenName,sn,employeeType";

public static void main(final String[] args) throws Exception {
    final Map<String, String> AD2attribute = Maps.newHashMap();
    final StringTokenizer tokenizer = new StringTokenizer(DEFAULT_FIELDS, ",");
    while (tokenizer.hasMoreTokens()) {
        final String token = tokenizer.nextToken();
        AD2attribute.put(token, token);
    }
    final _Connection con = ClassFactory.createConnection();
    con.provider("ADsDSOObject");
    con.open("Active Directory Provider", StringUtils.EMPTY, StringUtils.EMPTY, -1);
    final _Command cmd = ClassFactory.createCommand();
    cmd.activeConnection(con);
    String command = createCommand();
    LOGGER.debug("Command=" + command);
    cmd.commandText(command);
    _Recordset rs = cmd.execute(null, Variant.getMissing(), -1);
    if (rs.eof()) {
        LOGGER.error("no users not found.");
    } else {
        System.out.println(rs.pageCount()); // prints 96
        System.out.println(rs.pageSize()); // prints 10
        System.out.println(rs.recordCount()); // prints 960
        for (int i=0;i<63;i++) {
            System.out.println(rs.properties(i).name() + ":" + rs.properties(i).value());
        }
        for (int i = 0; i < rs.recordCount(); i++) {
            final Fields userData = rs.fields();
            final Map<String, String> userDataAttributes = new HashMap<String, String>();
            for (int j = 0; j < userData.count(); j++) {
                final Field field = userData.item(j);
                final String attribute = AD2attribute.get(field.name());
                if (attribute != null && !attribute.isEmpty()) {
                    final Object value = field.value();
                    final String textValue = (value == null) ? StringUtils.EMPTY : value.toString();
                    LOGGER.debug(field.name() + "=" + textValue);
                    userDataAttributes.put(attribute, textValue);
                }
            }
            rs.moveNext();
        }
    }
    rs.close();
    con.close();
}

private static String createCommand() {
    final StringBuilder commandBuilder = new StringBuilder("<LDAP://");
    commandBuilder.append((String) COM4J.getObject(IADs.class, "LDAP://RootDSE", null).get("defaultNamingContext"));
    commandBuilder.append(">;(employeeType=employee);");
    commandBuilder.append(DEFAULT_FIELDS);
    commandBuilder.append(";subTree");
    return commandBuilder.toString();
}

}

The ResultSet properties are as follows:

IAccessor:true
IColumnsInfo:true
IColumnsInfo2:true
IConvertType:true
IGetSession:true
IRow:false
IGetRow:true
IRowset:true
IRowsetIdentity:true
IRowsetInfo:true
IRowsetLocate:true
IRowsetScroll:true
Preserve on Abort:false
Blocking Storage Objects:true
Use Bookmarks:true
Skip Deleted Bookmarks:false
Bookmark Type:1
Fetch Backwards:true
Hold Rows:true
Scroll Backwards:true
Column Privileges:true
Preserve on Commit:false
Immobile Rows:true
Literal Bookmarks:false
Literal Row Identity:true
Maximum Open Rows:0
Maximum Pending Rows:0
Maximum Rows:0
Notification Phases:0
Column Set Notification:0
Row Delete Notification:0
Row First Change Notification:0
Row Insert Notification:0
Row Resynchronization Notification:0
Rowset Release Notification:0
Rowset Fetch Position Change Notification:0
Row Undo Change Notification:0
Row Undo Delete Notification:0
Row Undo Insert Notification:0
Row Update Notification:0
Bookmarks Ordered:true
Own Inserts Visible:false
Own Changes Visible:false
Quick Restart:true
Reentrant Events:true
Remove Deleted Rows:false
Report Multiple Changes:false
Row Privileges:false
Row Threading Model:1
Strong Row Identity:false
Asynchronous:false
Deref Aliases:0
Size Limit:0
Server Time Limit:0
Column Names only:false
SearchScope:2
Timeout:0
Page size:0
Time limit:0
Chase referrals:0
Sort On:null
Cache Results:true
Bookmarkable:true
Was it helpful?

Solution

I was able to solve this by changing the property "Page Size" as follows:

cmd.properties("Page Size").value(50);

Other values than 50 are valid as well of course.

OTHER TIPS

Even though your parameters include such resource limits as time limit and size limit, these values (known as client-requested resource limits) cannot override the server's limits. This is because the server retains the ability (specified by the LDAP standards) to override the client-requested resources limits. In other others words, client-requested resource limits can never override the server's limits, unless the server supports the concept of a root DN which is not subject to any resource limits or access controls and the LDAP client authenticates its connection to the server using that root DN.

Another possibility is that the search request parameters filter out some of the entries you expect. Try using a known good command line tool like ldapsearch to query the server and count the number of entries returned.

see also

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top