ActiveDirectory, respective LDAP, has a result limit setting, MaxPageSize. Those are set by default to 1000 rows per query.
This is primarily important if you use some kind of programming language to get results from LDAP, this code must compensate those limits and engage paging.
Your LDAP query does not need to provide the limit, only the code needs to do the paging as you always just get the max. amount of results set in the current settings.
In order to check your settings do the following commands in a command prompt / cmd window:
1 2 3 4 5 6 | ntdsutil ldap policies connections connect to domain YOURDOMAIN.LOCAL quit show values |
In theory you could set different values now as well, assuming you have the permission level to do so. But this is not recommended and you should engage paging instead, as you otherwise risk to overload your DCs – even if your commands won’t cause it, a possibly DoS attack could happen – malicious or not, so leave the limits, but be aware of them.