Aria Orchestrator: Active Directory Plugin Browse/Search Returns Maximum 100 Group Objects
search cancel

Aria Orchestrator: Active Directory Plugin Browse/Search Returns Maximum 100 Group Objects

book

Article ID: 403105

calendar_today

Updated On:

Products

VCF Operations/Automation (formerly VMware Aria Suite)

Issue/Introduction

When attempting to browse or search for Active Directory groups using the vRealize Orchestrator (vRO) Active Directory Plugin or browsing through the vRO Inventory for groups within an Organizational Unit (OU) will only return a maximum of 100 group objects, even if more groups exist in the specified location.

Environment

Aria Orchestrator 8.18.1

Cause

This behavior is due to a known limitation within the vRO Active Directory Plugin's default browsing and searching functionalities. The plugin implicitly sets a size limit of 100 entries for certain queries, which affects the retrieval of large numbers of groups.

Resolution

To bypass this 100-object limitation, it is recommended to use the lower-level LDAP plugin's LdapClient#searchBySearchRequest or LdapClient#search methods directly. These methods allow for explicit control over the search parameters, including the ability to implement paged results, which is essential for retrieving more than 100 objects.

 Example workaround workflow code:

var client = host.getLdapClient();

var searchRequest = LdapSearchRequest.createRequest(
    "CN=Users,DC=test,DC=yourdomain,DC=com", // baseDN
    "(objectClass=user)", //"(CN=*)", //filter
    LdapSearchScope.SUB, // scope
    [], // attributes
    LdapDereferencePolicy.NEVER, // dereference policy
    -1, // sizeLimit
    -1, // timeLimit
    false //typesOnly    
);

searchRequest.addControl(new LdapSimplePagedResultsControl(100, null, false));

var result = client.searchBySearchRequest(searchRequest);

usersCount = 0;
usersCount = result.getEntryCount();

//System.log(result.getEntryCount());
//System.log(result.getSearchEntries()[0].getAttribute("cn"));

var nextPageControl = LdapSimplePagedResultsControl.get(result);
//System.log(nextPageControl);

while(nextPageControl.moreResultsToReturn()) {

    var bytes = nextPageControl.getCookieBytes();
 //   System.log(bytes);

 //   System.log("******** NEXT *********");
    searchRequest.clearControls();
    searchRequest.addControl(new LdapSimplePagedResultsControl(100, bytes, false));
    result = client.searchBySearchRequest(searchRequest);

    usersCount += result.getEntryCount();

//    System.log(result.getEntryCount());
//    System.log(result.getSearchEntries()[0].getAttribute("cn"));
    nextPageControl = LdapSimplePagedResultsControl.get(result);
}

System.log("Total number of entries: " + usersCount);
Powered by Wolken Software