Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

LDAP query timeout when using .Net

170 views
Skip to first unread message

Irene

unread,
Nov 25, 2003, 10:07:22 AM11/25/03
to
Hi,

I got the following error message when I was using LDAP
to query Active Directory:System.web.httpexception
request.timeout

I increase timeout value in IIS, LDAP policy and
server.scripttimeout. But I still got that error. If I
specify OU and limit my query within 2 minutes, my code
worked fine. But I really need to search the whole
directory. Any other way to increase timeout value?

I just found out .NET DirectorySearcher (I used it in my
VB.NET code) has a property:servertimelimit, the property
has a 'MaxValue'=120. Do you think it is the reason I
keep getting timeout error? Is there anyway to increase
that value?

Thanks in advance

Irene

Max L. Vaughn [MSFT]

unread,
Nov 25, 2003, 10:32:18 AM11/25/03
to
Its a server side setting, we do not recommend changing the server side.

The value on the DirectorySearcher is a client side setting. At 120
seconds, the server is going to give you what it has.

DirectorySearcher has a know problem when you do a paged query that takes
longer that 120 seconds to complete on the server side, it does not
followup the timeout error with the appropriate test of the extended LDAP
error, See the following KB:
325189 INFO: Truncated Results When Calling IDirectorySearch::GetNextRow
http://support.microsoft.com/?id=325189

If you do the same queryin VBS using ADO, do you get the entire result set?
ADO properly handles the Timeout error. If so, then you are running into
the problem described above. If this is the case, create a support
incident with MS and we will help you address the problem.


Sincerely,
Max Vaughn [MS]
Microsoft Developer Support


Disclaimer: This posting is provided "AS IS" with no warranties, and
confers no rights. You assume all risk for your use.

Joe Kaplan (MVP - ADSI)

unread,
Nov 25, 2003, 10:35:09 AM11/25/03
to
What does your LDAP filter look like? It sounds to me like you query is
extremely slow and might not be appropriate for a web application. Perhaps
you might consider executing the query asynchronously and having the user
check back for the result or something?

It sounds like the timeout you are receiving is from ASP.NET, not from
DirectoryServices as that would almost certainly result in a COMException.

Joe K.

"Irene" <sw...@risi.com> wrote in message
news:11cc01c3b365$d3ee1450$a301...@phx.gbl...

Irene

unread,
Nov 25, 2003, 3:08:53 PM11/25/03
to
Hi,

Thanks for your quick reply. How can I use "the same
query in VBS using ADO"? The code I am currently using
right now is the following:

Dim obEntry as new DirectoryEntry("LDAP://.....",uid,pwd)
Dim mySearcher As New DirectorySearcher(obEntry)
mySearcher.SearchScope = SearchScope.Subtree
mySearcher.Filter = "(&(objectCategory=Person)
(objectClass=user))"
For Each oResult In mySearcher.FindAll
...
Next

Thanks

Irene

>.
>

Irene

unread,
Nov 25, 2003, 3:13:23 PM11/25/03
to
Hi,

My code is the following:

Dim obEntry as new DirectoryEntry("LDAP://.....",uid,pwd)
Dim mySearcher As New DirectorySearcher(obEntry)
mySearcher.SearchScope = SearchScope.Subtree
mySearcher.Filter = "(&(objectCategory=Person)
(objectClass=user))"

I am not sure how to execute the query asynchronously and
have the user check back for the result. Is there any
good article on the web that I can take a look?

Thanks

Irene

>.
>

Joe Kaplan (MVP - ADSI)

unread,
Nov 25, 2003, 6:38:40 PM11/25/03
to
The basis of my suggestion was that if your query takes more than 2 minutes
to execute, then the user experience of your website is likely to be quite
bad. I don't think the best approach is to try to lengthen the http
timeouts in ASP.NET as the website will likely just become more slow.

Instead of returning all users in your query, would it be possible to allow
the users to find specific ones by doing a search by name or something? You
can use an ANR query for that and generally will get pretty good
performance.

something like:
(&(objectCategory=person)(anr=xxxx))

where xxxx is the criteria the user entered.

You could also make the search faster by setting a relatively low size limit
on the returned result.

I don't know exactly why your query for all users takes so long to execute,
but if you domain is large, I could see that happening.

Another thought might be to set the client timeout on the searcher so that
you stop searching after a specified length of time that is more reasonable
(like 30 seconds or something).

Another way you might approach this would be to load the full user list into
the ASP.NET cache object on Application start and then retrieve your query
from the cache exclusively. You could hook up the cache to expire
periodically and have a callback that rebuilds the list when it expires.
The users won't always have the latest data, but should get decent response
time.

I hope that gives you some ideas.

Joe K.

"Irene" <anon...@discussions.microsoft.com> wrote in message
news:04ac01c3b390$93c6aec0$a301...@phx.gbl...

0 new messages