Error# '4' during search: 'error: Sizelimit exceeded'

book

Article ID: 195910

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) SITEMINDER

Issue/Introduction

We observed below errors in policy servers. Could you please check on the limits/config at policy server end which we can increase/tune to avoid this error. 

Policy Server:

  • [4332/139870634764032][Tue Jul 14 2020 03:27:17][SmDsLdapConnMgr.cpp:1201][ERROR][sm-Ldap-02230] Error# '4' during search: 'error: Sizelimit exceeded' Search Query = '(objectclass=group)' for server '<LDAPSERVER>:<PORT>'

Environment

Release : 12.8.03 (SP3), 12.8.04 (SP4)

Component : SITEMINDER - POLICY SERVER, SITEMINDER ADMINUI, SITEMINDER - FEDERATION

Resolution

"error: Sizelimit exceeded" means that the AD server is configured to return a certain number of results (with the MaxPageSize parameter), and the query should returns more than this value.

See:

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/identity-management-and-governance-connectors/1-0/connectors/microsoft-connectors/microsoft-active-directory-exchange-and-skpye-for-business(lync)/Managing-the-Connection-to-Active-Directory/active-directory-customizations/change-the-active-directory-search-limit.html

See the following non-Broadcom link for an explanation of how to increase MaxPageSize on the active directory:

https://angry-admin.blogspot.com/2017/07/view-and-change-AD-MaxPageSize.html

You should discuss the suitability of doing this with your AD admin first.