Error: 'I00326: Maximum number of LDAP search results (100000) is not in desired range. Using 5000.T (NETIQKB28081)

  • 7728081
  • 02-Feb-2007
  • 19-Jun-2007

Resolution

fact
Directory and Resource Administrator 6.50

fact
Directory and Resource Administrator 6.60

fact
Directory and Resource Administrator 7.x

symptom
Error: 'I00326: Maximum number of LDAP search results (100000) is not in desired range. Using 5000.The operation completed successfully.'

symptom
Event is recorded in the Application Event Log on the Directory and Resource Administrator (DRA) server.

cause
There is an LDAP search size parameter that is set on the Microsoft Exchange 5.5 server that Directory and Resource Administrator (DRA) uses in search processes.  This parameter defines the number of records returned in each page.  If this value is set above 5000, DRA will use the value of 5000 as a default.  The reason this is set to 5000 is, if the setting is set too high, it can have severe performance impacts to DRA.   

One user set the LDAP search parameter to 999,999,999.  This says that LDAP wants to get a billion records in each page of the returned search results.  This causes the LDAP search to never return.  The Directory and Resource Administrator (DRA) server would not initialize because the LDAP search did not complete.  So as a precaution, DRA uses 5000, and logs an event to indicate what it is doing.



fix
Reset the maximum number of LDAP search results to 5000.

Additional Information

Formerly known as NETIQKB28081