Granfeldt PowerShell Ma & the $Searcher object - I'm getting only 750 users from ADDS with 85000 users.

  • Hi,

    The search is standard as you can read below. I added the SizeLimit to Ensure 100000 can be read.

    In a different environment with just a few accounts it works perfect. I tested it by the client against two ADDS instances:  production and Acceptance. I got the same strange behavior.


    I suspect I run into some kind of buffer overflow or limit. But where?

    $DeltaPropertiesToLoad = @( "o365License","samAccountName" )

    # the MASchemaProperties are the properties that this script will return to FIM on objects found
    $MASchemaProperties = @( "mail", "samaccountname", "userprincipalname","o365License","employeeNumber","i3-StudentNummer")

    $rootdse = [adsi] "LDAP://RootDSE"
    $searchroot = $rootdse.defaultnamingcontext
    $domain = new-object system.directoryservices.directoryentry "LDAP://$searchroot", $username, $password


    $Searcher = new-object System.DirectoryServices.DirectorySearcher $Domain, "(&(objectClass=user)(objectCategory=person))", $DeltaPropertiesToLoad, 2
    $searcher.tombstone = ($operationtype -match 'delta')
    $searcher.cacheresults = $false
    $Searcher.SizeLimit = 100000
    $Searcher | fl

    if ($OperationType -eq "Full" -or $RunStepCustomData -match '^$')
     # reset the directory synchronization cookie for full imports (or no watermark)
     $searcher.directorysynchronization = new-object system.directoryservices.directorysynchronization
     # grab the watermark from last run and pass that to the searcher
     $Cookie = [System.Convert]::FromBase64String($RunStepCustomData)
     $SyncCookie = ,$Cookie # forcing it to be of type byte[]
     $searcher.directorysynchronization = new-object system.directoryservices.directorysynchronization $synccookie

    $results = $searcher.findall()

    $nr = $results.count


    Tuesday, May 24, 2016 3:04 PM