问题
I have created 2400 security groups and made a user member of all these security groups. Now I am trying to fetch all the security groups the user is member of using the DirectoryEntry.RefreshCache method. The method returns only 2050 groups.
$searcher = New-Object System.DirectoryServices.DirectorySearcher($null)
$searcher.SearchRoot = [ADSI]("LDAP://" + $gcName)
$searcher.Filter = "((msOnline-WindowsLiveNetId=XXXXXXXX))"
$searcher.PropertiesToLoad.AddRange(@("msOnline-UserPrincipalName"))
$sr = $searcher.FindOne()
$de= $sr.GetDirectoryEntry()
$de.RefreshCache(@("tokenGroups"))
$de.Properties["tokenGroups"].Count
I tried the range retrieval. Something like below. It still doesn't work.
$de.RefreshCache(@("tokenGroups"))
$count = $de.Properties["tokenGroups"].Count
$count
$de.RefreshCache(@("tokenGroups;range=$count-*"))
$de.Properties["tokenGroups"].Count
What's the best way to retrieve all the security groups of a user using the RefreshCache method?
来源:https://stackoverflow.com/questions/62142852/the-refreshcache-method-not-returning-the-complete-list-of-tokengroups