I am trying to return all the users in active directory from a remote computer. I am using the Quest AD Cmdlets. The search finds 300 users and then hangs and the message I get back is this:
The operation was aborted because the client side timeout limit was exceeded.
+ CategoryInfo : NotSpecified: (:) [Get-QADUser], LdapException
+ FullyQualifiedErrorId : System.DirectoryServices.Protocols.LdapException,Quest.ActiveRoles.ArsPowerShellSnapIn.Powershell.Cmdlets.GetUserCmdlet.
I am guessing there is a faster way, what is the best practice for extracting this data? the end result is to import the data into sql.
That's a built-in defense mechanism in AD. You're asking for, potentially, a LOT of data, and it costs the DC a lot to produce it, transmit it, and so on. Your client then has a lot of resources in holding the information.
I'm less familiar with the Quest cmdlets, but looking at http://wiki.powergui.org/index.php/Get-QADUser, there's a -pagesize parameter which probably lets you modify the size of the result page that's sent over. Also a -SizeLimit parameter you might look at.
Usually, I suggest that folks query on an OU-by-OU basis, or query everyone whose names start with A, then B, and so on – just to break the operational down into more manageable chunks. But you should be able to use -PageSize. For example, if you set -PageSize to 100, you get back 100 objects. If you execute the command again, you get the NEXT 100 objects. And so on.
Thanks for the fast and great reply. You always seem to make everything sound so simple 😀 Is there a way to cycle through letters like numbers in a foreach loop for(a-z)? Otherwise would I just loop until it returns null if I want to use pagesize?