LDAP filtering limit

"I use a LDAP filter to manage only the objects i'd like to migrate from source to destination forest."

So it sounds like you are using a custom filter in the the directory synchronization agent to select objects that it will copy from source to target.

I'm not aware of a length limit on the LDAP filter however, I would like to suggest that you use migration sessions to create your objects instead.

The limitation of your approach is that you can only place those objects into a single target OU and you cannot make any changes to those objects as you copy them - for example, rename samaccount or populating additional attributes.

If I may suggest that you could still use your same LDAP filter, but instead use it in conjunction with a Powershell command to generate a tab-delimited input file for a migration session that you can then run to create your objects.  The output file must contain the samaccountnames of the objects so your Powershell command would look something like this:

get-aduser -ldap "(extensionattribute1=migrateme)" -properties samaccountname | select samaccountname | Export-Csv "objects_to_migrate.txt" -NoTypeInformation -Delimiter $([char]9)

Take the output file and process it with a migration session.  If you like, you can break it up into different lists so that you can place the objects into different target OUs.

Something to think about.

Basically i've a custom filter that works very well.

I need only to add another piece, but when i'm trying to paste my filter in the DSA custom filter i cannot paste all, as this is truncated.

Basically i've a custom filter that works very well.

I need only to add another piece, but when i'm trying to paste my filter in the DSA custom filter i cannot paste all, as this is truncated.