Menu
▾
▴
Re: Getting * from a directory.
|
From: Chris R. <chr...@me...> - 2001-02-14 08:08:07
|
Pete <pl...@oz...> wrote: > Hi everyone, > > Every now and then I have a need to delete all entries from a > directory. The problem is though that the directory server is set to > a maximum number of entries to return. Setting the server to a > larger number isn't the answer. > > What I need to do is search on sn=*, which returns an error, > something like too many entries to return, I need this to do this to > get the DN value to delete all the entries > > Reading through the doco it doesn't appear there is an inbuilt > capability to do this. I'm sure this could be another exercise in > programing to do the task, but not re-inventing the wheel is prefered > lately. > > Thanks in advance, > > > Pete. When you get an error of LDAP_SIZELIMIT_EXCEEDED, you *also* get back some of the entries that the directory could return. This probably isn't obvious from the documentation. (The LDAP_TIMELIMIT_EXCEEDED error has the same feature, which is similarly not obvious from the documentation.) So what you could try is a loop which repeatedly did a search of (sn=*) (or whatever matched your entries) and removed any it did found. Terminate the loop when 0 entries are returned. For efficiency in your searches, don't instruct the server to return all user attributes (which is the default), ask it for a single attribute instead. This will make the results come back just that little bit quicker, as less data needs to be transferred across the network. Cheers, Chris |
