Enumerating Indexed Attributes in Windows 2000 Active Directory (230662)


The information in this article applies to:

  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Datacenter Server
This article was previously published under Q230662

SUMMARY

To achieve the best performance when querying against the Active Directory, you should query indexed attributes. Indexed attributes are configured with the searchFlags bit set of 0x00000001.

To enumerate all indexed attributes, bind to the schema container and use the following LDAP filter: 
(&(objectCategory=attributeSchema)(searchFlags:1.2.840.113556.1.4.803:=1))

MORE INFORMATION

To use the Ldp.exe program to query the active directory enumerating attributes that are indexed for quick searches:
  1. Start the Ldp.exe program, and then increase the text buffer size to 9999.
  2. Bind to a Windows 2000-based domain, and then determine the schema's distinguished name by observing the output of LDP 
    schemaNamingContext: CN=Schema,CN=Configuration,DC=domainName,DC=com
  3. On the Browse menu, click Search, and then type the schemNamingContext value into the Base DN box.
  4. Type the following filter into the Filter Box: 
    (&(objectCategory=attributeSchema)(searchFlags:1.2.840.113556.1.4.803:=1))
  5. Click Subtree for the Scope, and then click Options.
  6. Enter the attributes you want to be returned: 
    objectClass;name;cn;distinguishedName;
  7. In the Search Options box, click OK, and then click Run to execute the query.
For additional related information, please see the following article in the Microsoft Knowledge Base:

224543 Using Ldp.exe to Find Data in the Active Directory

Modification Type:MajorLast Reviewed:11/13/2003
Keywords:kbhowto kbnetwork KB230662
©2003 Microsoft Corporation. All rights reserved.