How to fix SearchLimitException for Corp LDAP sync AdminDomain?
Article ID: KB0086164
Updated On:
| Products | Versions |
|---|---|
| TIBCO Administrator | - |
| Not Applicable | - |
Description
Resolution:
Description:
============
SearchLimitException for Administrator.log of Corp LDAP sync Admin Domain
com.tibco.pof.entity.SearchLimitException: Number of matching entries exceeds the Limit for searching from Domain. Please specify a more restrictive search pattern.
Environment:
===========
TIBCO Runtime Agent(TRA) 5.x.x ,
TIBCO Administrator 5.x.x ,
CORP LDAP
Symptoms:
========
Tibco Admin GUI --> User Management -- > Users ---> Search All Users ---> Will Throw SearchLimitException if Total No of Users in Corp LDAP is greater than search limit.
Seeing Error in Administrator.log
com.tibco.pof.entity.SearchLimitException: Number of matching entries exceeds the Limit for searching from Domain. Please specify a more restrictive search pattern.
Cause:
=====
Setting too low of a search limit value in LDAP, e.g., sizelimit in Sun One Directory Server OR MaxPageSize in Active Directory.
The exception is thrown because the pattern specified in searchUserNames() method retrieved results greater than the default value set for Domain Search Limit (10,000).
Resolution:
==========
You can override the default value by specifying "DomainUsersSearchLimit" property in AuthorizationDomain.properties i.e., is
* Edit <TRA_Home>/domain/<Domain_Name>/AuthorizationDomain.properties
* Add property
DomainUsersSearchLimit=<n> [Note: When <n> is set to 0 (zero), it means unlimited)]
As mentioned in the product documentation TIBCO Administrator Users Guide, Chapter3, Section: Setting the maximum LDAP objects to return after a search, client-side search limit is overridden by the LDAP server search limit. Therefore, you have to also make a corresponding setting on the LDAP server (e.g., sizelimit in Sun One Directory Server OR MaxPageSize in Active Directory).
The other option is to specify a more restrictive pattern in searchUserNames() that would ensure the number of entries retrieved never exceeds the default Domain Search limit.
Description:
============
SearchLimitException for Administrator.log of Corp LDAP sync Admin Domain
com.tibco.pof.entity.SearchLimitException: Number of matching entries exceeds the Limit for searching from Domain. Please specify a more restrictive search pattern.
Environment:
===========
TIBCO Runtime Agent(TRA) 5.x.x ,
TIBCO Administrator 5.x.x ,
CORP LDAP
Symptoms:
========
Tibco Admin GUI --> User Management -- > Users ---> Search All Users ---> Will Throw SearchLimitException if Total No of Users in Corp LDAP is greater than search limit.
Seeing Error in Administrator.log
com.tibco.pof.entity.SearchLimitException: Number of matching entries exceeds the Limit for searching from Domain. Please specify a more restrictive search pattern.
Cause:
=====
Setting too low of a search limit value in LDAP, e.g., sizelimit in Sun One Directory Server OR MaxPageSize in Active Directory.
The exception is thrown because the pattern specified in searchUserNames() method retrieved results greater than the default value set for Domain Search Limit (10,000).
Resolution:
==========
You can override the default value by specifying "DomainUsersSearchLimit" property in AuthorizationDomain.properties i.e., is
* Edit <TRA_Home>/domain/<Domain_Name>/AuthorizationDomain.properties
* Add property
DomainUsersSearchLimit=<n> [Note: When <n> is set to 0 (zero), it means unlimited)]
As mentioned in the product documentation TIBCO Administrator Users Guide, Chapter3, Section: Setting the maximum LDAP objects to return after a search, client-side search limit is overridden by the LDAP server search limit. Therefore, you have to also make a corresponding setting on the LDAP server (e.g., sizelimit in Sun One Directory Server OR MaxPageSize in Active Directory).
The other option is to specify a more restrictive pattern in searchUserNames() that would ensure the number of entries retrieved never exceeds the default Domain Search limit.
Issue/Introduction
How to fix SearchLimitException for Corp LDAP sync AdminDomain?
Feedback
Yes
No
Powered by
