question

DavidZemdegs avatar image
0 Votes"
DavidZemdegs asked DavidZemdegs answered

LDP not displaying all schema objects

Greetings,

When I run ldp.exe and view the Schema Tree, not all of the objects are displayed by default when the tree root is expanded.
I cant find which option allows you to see all Schema objects.

Thanks
David Z

windows-active-directory
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DavidZemdegs avatar image
0 Votes"
DavidZemdegs answered

found it. its the max children option.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

FanFan-MSFT avatar image
0 Votes"
FanFan-MSFT answered

Hi,

LDP can't return all the objects ,there is a limit by LDAP policy in Active Directory.(2003 or higher)
MaxPageSize - This value controls the maximum number of objects that are returned in a single search result, independent of how large each returned object is.
Default value: 1,000
MaxValRange - This value controls the number of values that are returned for an attribute of an object, independent of how many attributes that object has, or of how many objects were in the search result.
Default value: 1500
The value can be changed to:
MaxPageSize 20000
MaxValRange 5000

For more information you can refer to:
https://docs.microsoft.com/en-us/troubleshoot/windows-server/identity/view-set-ldap-policy-using-ntdsutil
https://docs.microsoft.com/en-us/troubleshoot/windows-server/identity/domain-controller-returns-500-values-ldap-response

Best Regards,

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DavidZemdegs avatar image
0 Votes"
DavidZemdegs answered

Thanks.
If I run the mmc schema snap-in tool I can see all classes and attributes. So one tool shows them all and another doesnt it seems.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

GaryNebbett avatar image
0 Votes"
GaryNebbett answered

Hello @DavidZemdegs,

As @FanFan-MSFT mentioned, the LDAP (Lightweight Directory Access Protocol) protocol/implementation limits the number of results returned in a single query, but provides mechanisms to view the complete result set. The two tools that you mention conceal/surface the steps necessary to view the complete result set to differing degrees. Both tools can view the complete set; one just needs to set the appropriate options and perform the appropriate steps.

Gary

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DavidZemdegs avatar image
0 Votes"
DavidZemdegs answered

I looked at the options in LDP and it is not obvious which one would allow retrieval of all schema classes and attributes when expanding the schema container in the left pane.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.