Getting users from a large group

[bisk]

I seem to be having an issue when I query an AD group with more than 1500 users as only the first 1500 are returned.

Here's my code:
Domain = "Maple"
GroupName = "wts SSL VPN"

' Connection to AD
Set objCommand = CreateObject("ADODB.Command")
Set objConnection = CreateObject("ADODB.Connection")
objConnection.provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
objCommand.ActiveConnection = objConnection

strBase = "DC=" & Domain & ",DC=FG,DC=RBC,DC=COM"

objCommand.CommandText = _
"<GC://" & strBase & ">;" & _
"(&(objectCategory=group)" & _
"(sAMAccountName=" & GroupName & "));" & _
"DistinguishedName;subtree"

'On Error Resume Next
Err.Clear
Set objRecordSet = objCommand.Execute
If Err.Number Then
quit
End if

If objRecordSet.RecordCount = 0 Then
quit
Else
' Account found in AD, check attributes
strDN = objRecordSet.Fields("DistinguishedName")
set objGRoup = GetObject("LDAP://" & strDN)
objGroup.GetInfo

arrMemberOf = objGroup.GetEx("member")
For Each strMember in arrMemberOf
set Objuser = GetObject("LDAP://" & strMember)
Wscript.echo objuser.displayname & vbtab & strMember
Next

Set obGroup = nothing

End If
On Error Goto 0
Set objRecordSet = nothing

' Clear
objConnection.close
Set objConnection = nothing
Set objCommand = nothing
set objRecordSet = nothing

 

[dm4ever]

this issue is discussed here very well:

http://www.scriptinganswers.com/forum/forum_posts.asp?TID=262

--------------------------------------------------------------------------------
dm4ever
My philosophy: K.I.S.S - Keep It Simple Stupid