OpenAM query of larger than 1000 objects results in ldap errorcode=95

Tagged: ,

This topic contains 1 reply, has 2 voices, and was last updated by  Bill Nelson 6 days, 16 hours ago.

  • Author
    Posts
  • #22307
     cwojtyna 
    Participant

    Environment:
    – OpenAM 13.5.1
    – OpenDJ 3.5.2

    In OpenAM, I’ve configured Realms to allow more than 1000 search results to return.
    The application returns: {“code”:500,”reason”:”Internal Server Error”,”message”:”Plug-in org.forgerock.openam.idrepo.ldap.DJLDAPv3Repo encountered a ldap exceptio
    n. ldap errorcode=95″}.

    Error Code 95 is essentially “More results to return”

    When I run ldapsearch for the identical query, it does not give the same error.

    The main difference in the logging that I see is that OpenAM appears to run the primary query, then run individual queries against each returned DN.

    I’ve even gone so far as to set the Global Configuration size-limit to 3000, but to no avail.

    #22308
     Bill Nelson 
    Participant

    OpenAM limits the number of return results as it is not meant to act in the role of an identity management or database type product. If you are performing your search using REST, then you should point to OpenDJ for this data, instead. If you are performing your search using OpenAM’s Admin Console, then, well, you should just pick a better tool for that.

    Even if you perform the search as Directory Manager (which is not subject to search limits in OpenDJ), you are still limited. OpenAM is the culprit (but there are good reasons for that).

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

©2018 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?