Enumerating ACLs stalls OS #7
Comments
|
That module has been on my todo list for refactor for a while :( Go for it |
|
I haven't had time to update this into the PR, but I think a quick optimization is to distribute the file writes within a single module. Currently it appears all writes are held in memory until a single write operation at the conclusion of the module. Here is an example Gist using a subset of the DACL module that iterates over DN Bases and does appending writes. This may not be efficient from a disk IO perspective and may be better to modulo the write frequency. |
prashant3535
added a commit
that referenced
this issue
Mar 26, 2022
Added base DN filtering - Issue #7
|
I've merged the pull request. Will have a look through the gist and merge the changes when possible. Thank @Snozzberries :) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Enumerating ACLs in large environments can cause system resource exhaustion in large environments.
I have been able to update the
Function Get-ADRACLto include-SearchBase $DnBaseand$objSearcherPath.SearchRoot = "LDAP://$DnBase"using an additional property, but that isn't ideal.The property could be brought into the helper
Function Invoke-ADReconor could be used to iterate through the subtrees as smaller chunks.Let me know if you want me to merge the
-SearchBaseandSearchRootas an example to test with.The text was updated successfully, but these errors were encountered: