LDP not displaying all schema objects

Question

Greetings,

When I run ldp.exe and view the Schema Tree, not all of the objects are displayed by default when the tree root is expanded.
I cant find which option allows you to see all Schema objects.

Thanks
David Z

Answer 1

found it. its the max children option.

Answer 2

Hi,

LDP can't return all the objects ,there is a limit by LDAP policy in Active Directory.(2003 or higher)
MaxPageSize - This value controls the maximum number of objects that are returned in a single search result, independent of how large each returned object is.
Default value: 1,000
MaxValRange - This value controls the number of values that are returned for an attribute of an object, independent of how many attributes that object has, or of how many objects were in the search result.
Default value: 1500
The value can be changed to:
MaxPageSize 20000
MaxValRange 5000

For more information you can refer to:
https://learn.microsoft.com/en-us/troubleshoot/windows-server/identity/view-set-ldap-policy-using-ntdsutil
https://learn.microsoft.com/en-us/troubleshoot/windows-server/identity/domain-controller-returns-500-values-ldap-response

Best Regards,

Answer 3

Thanks.
If I run the mmc schema snap-in tool I can see all classes and attributes. So one tool shows them all and another doesnt it seems.

Answer 4

Hello @David Zemdegs ,

As @Anonymous mentioned, the LDAP (Lightweight Directory Access Protocol) protocol/implementation limits the number of results returned in a single query, but provides mechanisms to view the complete result set. The two tools that you mention conceal/surface the steps necessary to view the complete result set to differing degrees. Both tools can view the complete set; one just needs to set the appropriate options and perform the appropriate steps.

Gary

Answer 5

I looked at the options in LDP and it is not obvious which one would allow retrieval of all schema classes and attributes when expanding the schema container in the left pane.