How to disable Server Side Sort option for directory searches (Directory Search Parameters)
search cancel

How to disable Server Side Sort option for directory searches (Directory Search Parameters)

book

Article ID: 261564

calendar_today

Updated On:

Products

CA Identity Manager

Issue/Introduction

How can I disable the server side sort (SSS) option for directory searches? Our LDAP DBAs have found that the server side sort control is showing up in directory searches for one of our environments and we need to turn it off. "No results" when searching on last name. Full results found as expected when searching for unique OID.

 

 

Environment

Release : 14.3, 14.4

 

 

Resolution

Edit the directory.xml

Old:

<DirectorySearch maxrows="1000"/>

 

New:

<DirectorySearch/>

 

maxrows

Specifies the maximum number of objects that 
Identity Manager

can return when searching a user directory. When the number of objects exceeds the limit, an error is displayed.

By setting a value for the maxrows parameter, you can override the settings in the LDAP directory that limit search results. When conflicting settings apply, the LDAP server uses the lowest setting.

Additional Information

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/identity-manager/14-4/configuring/ldap-user-store-management/directory-search-parameters.html

LDAP log entries:

Old:

[2023-03-08T10:57:32.249-05:00] [pmi-xxxx] [TRACE] [OUD-24641551] [PROTOCOL] [host: xxxxxxxxx.xxxx.com] [nwaddr: xxx.xx.xx.xx] [tid: 176] [userId: oracle] [ecid: 0000Oxxxxxxxxxxxxxxxxx,0:1] [category: REQ] [conn: 1231749] [op: 4] [msgID: 5] [base: ou=Internal,ou=Users,o=xxxx.com] [scope: one] [filter: (&(&(&(objectclass=person)(objectclass=organizationalperson)(objectclass=inetorgperson)(objectclass=bcbsperson))(sn=xxxx))(&(objectclass=person)(objectclass=organizationalperson)(objectclass=inetorgperson)(objectclass=bcbsperson)))] [attrs: uid,audio,givenName,sn,cn] [controls: (oid=x.x.xxxx.xxxxxxx)] SEARCH

 

New:

[2023-03-08T11:13:33.797-05:00] [pmi-xxxxxx] [TRACE] [OUD-24641551] [PROTOCOL] [host: xxxxxxx.xxxxx.com] [nwaddr: xxx.xx.xx.xx] [tid: 248] [userId: oracle] [ecid: 0000OR1xxxxxxxxxxxxx,0:1] [category: REQ] [conn: 1692382] [op: 68] [msgID: 69] [base: ou=Internal,ou=Users,o=xxxxxx.com] [scope: one] [filter: (&(&(&(objectclass=person)(objectclass=organizationalperson)(objectclass=inetorgperson)(objectclass=bcbsperson))(sn=weston))(&(objectclass=person)(objectclass=organizationalperson)(objectclass=inetorgperson)(objectclass=bcbsperson)))] [attrs: uid,audio,givenName,sn,cn] [controls: ] SEARCH

Powered by Wolken Software