I wanted to share a small tip if you need to log all LDAP’s query sent to your ADDS’s server.
You can easilly find the correct registry to change there:
You need to set at 5 the key Field Engineering there: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Diagnostics
and you need to set to 1 those two keys:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Expensive Search Results Threshold
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Inefficient Search Results Threshold
For more detail you can find it some documentations there, Creating More Efficient Microsoft Active Directory-Enabled Applications