Forum Problems Installing LAMS: Re: Re: Re: Problem with LDAP (Active Directory) in big organization


 
Search: 

5: Re: Re: Re: Problem with LDAP (Active Directory) in big organization
In response to 4 07/14/09 08:08 PM
[ Reply | Forward ]
When logging in, the initial search for your user object should only return one object because usernames should be unique. What's your search filter? It should only need to be something like (sAMAccountName={0}). If you don't pass in the username with the {0}, then Active Directory may be returning more objects than it needs to.

Synchronising shouldn't give a SizeLimitExceededException, as far as I know Active Directory supports paging. Could it have been disabled somehow?

Posted by Jun-Dir Liew

6: Re: Re: Re: Re: Problem with LDAP (Active Directory) in big organization
In response to 5 07/15/09 04:49 AM
[ Reply | Forward ]
I had set Search Filter (objectCategory=user)

Now set to Search Filter (sAMAccountName={0})
and:
LDAP server received 104,572 members showed
Number of established users in the system: 4351
Number of existing members and altered: 48089
Number of members who have been Excludes: 0
and a lot of errors like:
Error processing context result number 31397: null

How to set Search Filter (&(objectCategory=user)(sAMAccountName={0}))
LDAP server to get 52,599 members showed
Number of users created in the system: 0
Number of existing members and altered: 52440
Number of members who have been excluded: 0
and some type of error:
Error processing context result number 31397: null

Synchronization works for DC=xxx, DC=yy without a OU=[city]
It's OK.

Posted by Mariusz Górski

7: Re: Re: Re: Re: Re: Problem with LDAP (Active Directory) in big organization
In response to 6 07/15/09 05:44 PM
[ Reply | Forward ]
Great, so all is working! The error during processing is not specific in the web interface, but you can generally see why in the lams logs (/path/to/jboss/server/default/log/lams.log). One reason is that AD contains users with whitespace in the username.

Posted by Jun-Dir Liew

Reply to first post on this page
Back to Problems Installing LAMS
.LRN Home