This question was originally posted on DCIM Support by Valentin Kozlov on 2019-10-17
As per documentation:
Active Directory has an LDAP query limit of 1000 objects, to prevent excessive load and Denial of Service attacks
- The default method to get around this limitation, is to break up the query to return at most 1000 objects at a time. For example, query only for objects starting with the letter a, then query for objects starting with the letter b and so forth.
- The more efficient method for large environments is to enable paging. Paging automatically splits the results into multiple result sets so the integration does not have to split up the query into multiple requests.
Could anyone share how to implement this workarounds on DCO side?
Now I have an "Check Search Base, serach filter and username settings" error and suppose that it's related to big number of returned items in query.
How I can limit query with some rule?
This answer was originally posted on DCIM Support by Greg Sterling on 2019-10-17
Hello Valentin. I think the general recommendation in this case is to create multiple authentication server entries in the dco web client using the same connection info for each entry but customizing the username or group name criteria to limit the output.
For one large customer we had to create several AD entries limiting group searches to groups starting with a to e for one set, f to o for set 2, p to s for the third and t to z for their last configuration.
These lists are combined when viewing them through the groups or users view.
This comment was originally posted on DCIM Support by Valentin Kozlov on 2019-10-18
Can you share with me how to configure search rules?
There is more than 1000 users in OU and I have no idea how to set search conditions in DCO settings.
Thanks in advance!
Discuss challenges in energy and automation with 30,000+ experts and peers.
Find answers in 10,000+ support articles to help solve your product and business challenges.
Find peer based solutions to your questions. Provide answers for fellow community members!