Timeout because of large result set

[JoernHe]

I encountered timeout errors several times in a really large environment when cn=aa* was not enough. Hence the pull request, which always checks for each cn whether the threshold size has been exceeded. If so, a char is appended to the request.
So the program dynamically goes deeper if the result set is too large. (=> cn=aaa*, cn=aaaa* ...)

[0xFF-NK]

Thanks for the PR, the recursive split is a great idea. However, you might end-up missing objects containing non alphanumerical characters. For example, let's say you have "adcs", "adfs" and "ad-connect" and you hit the threshold on "ad". When you recurse to the 3rd depth level, you will miss the "ad-connect" object. A workaround could be to add special characters in the alphabet of your recursive queries, but this needs more testing. We will merge the PR once we have properly evaluated this.

[symmetrisch]

For some environments (consider cn=MyUser-001, ...) a "reverse" filtering might be a better approach: (cn=my*) would still result in all users - but (cn=*1), ... not. Still testing this but at least statistics show a more "uniform distribution" of mappings in this case...