diff --git a/lib/github/ldap.rb b/lib/github/ldap.rb
index 0396293..1a77cc0 100644
--- a/lib/github/ldap.rb
+++ b/lib/github/ldap.rb
@@ -95,14 +95,15 @@ def load_group(group_entry)
     # Public - Search entries in the ldap server.
     #
     # options: is a hash with the same options that Net::LDAP::Connection#search supports.
+    # block: is an optional block to pass to the search.
     #
     # Returns an Array of Net::LDAP::Entry.
-    def search(options)
+    def search(options, &block)
       result = if options[:base]
-        @connection.search(options)
+        @connection.search(options, &block)
       else
         search_domains.each_with_object([]) do |base, result|
-          rs = @connection.search(options.merge(:base => base))
+          rs = @connection.search(options.merge(:base => base), &block)
           result.concat Array(rs) unless rs == false
         end
       end
diff --git a/lib/github/ldap/domain.rb b/lib/github/ldap/domain.rb
index 06681ff..c54218a 100644
--- a/lib/github/ldap/domain.rb
+++ b/lib/github/ldap/domain.rb
@@ -27,9 +27,13 @@ def all_groups
 
       # List all groups under this tree that match the query.
       #
+      # query: is the partial name to filter for.
+      # opts: additional options to filter with. It's specially recommended to restrict this search by size.
+      # block: is an optional block to pass to the search.
+      #
       # Returns a list of ldap entries.
-      def filter_groups(query)
-        search(filter: group_contains_filter(query))
+      def filter_groups(query, opts = {}, &block)
+        search(opts.merge(filter: group_contains_filter(query)), &block)
       end
 
       # List the groups in the ldap server that match the configured ones.
@@ -97,7 +101,7 @@ def valid_login?(login, password)
       # Returns the user if the login matches any `uid`.
       # Returns nil if there are no matches.
       def user?(login)
-        search(filter: login_filter(@uid, login), limit: 1).first
+        search(filter: login_filter(@uid, login), size: 1).first
       end
 
       # Check if a user can be bound with a password.
@@ -127,16 +131,16 @@ def authenticate!(login, password, group_names = nil)
 
       # Search entries using this domain as base.
       #
-      # options: is a Hash with the options for the search.
-      # The base option is always overriden.
+      # options: is a Hash with the options for the search. The base option is always overriden.
+      # block: is an optional block to pass to the search.
       #
       # Returns an array with the entries found.
-      def search(options)
+      def search(options, &block)
         options[:base] = @base_name
         options[:attributes] ||= []
         options[:paged_searches_supported] = true
 
-        @ldap.search(options)
+        @ldap.search(options, &block)
       end
 
       # Provide a meaningful result after a protocol operation (for example,
diff --git a/test/group_test.rb b/test/group_test.rb
index 70dc059..092a9f5 100644
--- a/test/group_test.rb
+++ b/test/group_test.rb
@@ -32,6 +32,19 @@ def test_filter_domain_groups
     assert_equal 1, groups.size
   end
 
+  def test_filter_domain_groups_limited
+    groups = []
+    groups_domain.filter_groups('enter', size: 1) do |entry|
+      groups << entry
+    end
+    assert_equal 1, groups.size
+  end
+
+  def test_filter_domain_groups_unlimited
+    groups = groups_domain.filter_groups('ent')
+    assert_equal 3, groups.size
+  end
+
   def test_unknown_group
     refute @ldap.group("cn=foobar,ou=groups,dc=github,dc=com"),
       "Expected to not bind any group"