OpenAM query of larger than 1000 objects results in ldap errorcode=95

Tagged: ,

This topic has 1 reply, 2 voices, and was last updated 4 years, 1 month ago by Bill Nelson.

  • Author
  • #22307

    – OpenAM 13.5.1
    – OpenDJ 3.5.2

    In OpenAM, I’ve configured Realms to allow more than 1000 search results to return.
    The application returns: {“code”:500,”reason”:”Internal Server Error”,”message”:”Plug-in org.forgerock.openam.idrepo.ldap.DJLDAPv3Repo encountered a ldap exceptio
    n. ldap errorcode=95″}.

    Error Code 95 is essentially “More results to return”

    When I run ldapsearch for the identical query, it does not give the same error.

    The main difference in the logging that I see is that OpenAM appears to run the primary query, then run individual queries against each returned DN.

    I’ve even gone so far as to set the Global Configuration size-limit to 3000, but to no avail.

     Bill Nelson

    OpenAM limits the number of return results as it is not meant to act in the role of an identity management or database type product. If you are performing your search using REST, then you should point to OpenDJ for this data, instead. If you are performing your search using OpenAM’s Admin Console, then, well, you should just pick a better tool for that.

    Even if you perform the search as Directory Manager (which is not subject to search limits in OpenDJ), you are still limited. OpenAM is the culprit (but there are good reasons for that).

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?