Policy Server: Unable to create Object with Names larger than 64 characters.

book

Article ID: 32463

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Problem:

Using ADLDS as Policy Store, there is a limitation on the length of the object attributes that could not be more than 64 chars.  This can be verified when you create agent with a name of 66 characters.

Note: It works fine with other LDAP or ODBC as Policy Store.

 

Cause:

There is a limitation with ADLDS from Microsoft

https://technet.microsoft.com/en-us/library/active-directory-maximum-limits-scalability(WS.10).aspx

 

Solution:

Common names are limited to 64 characters. For more information, see Common-Name Attribute (http://go.microsoft.com/fwlink/?LinkId=153706).

You may want to Increase the rangeUpper attribute of the object Common-Name fix the problem.

Note: If you decide to do this you would need to test your complete solution as there could be some consequences of doing such as some tools or functionalities may not work as expected. Please check the following URL:

http://fault.itsprite.com/how-can-we-increase-common-name-attribute-maximum-length/

Environment

Release:
Component: SMPLC