ArubaOS and Controllers

Reply
Contributor I

LDAP Filter character limit

There seems to be a limit to the number of characters one can enter in the filter field for an LDAP server. What is that limit?
Guru Elite

Filter Length




Webmarin,

What version of code are you using and are you using the GUI? I just entered this via the GUI and the commandline using ArubaOS 3.4.1;

(Aruba800-4) (LDAP Server "test") #show aaa authentication-server ldap test

LDAP Server "test"
------------------
Parameter Value
--------- -----
Host N/A
Admin-DN N/A
Admin-Passwd ********
Allow Clear-Text Disabled
Auth Port 389
Base-DN N/A
Filter asdfadskfhasdfjhaslkdfhaksjdfhlkajhsdflkjhasdflkjhasdlfkjhasdklfhaslkdjfhasdfhaflkjhasdlkfjhasldkfjhaslkdjfhalksjdhflkajhsdflkjhasdfhjasdflkajshdflkjashdf
Key Attribute sAMAccountName
Timeout 20 sec
Mode Enabled
Preferred Connection Type ldap-s



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I

3.4.0.5 currently

They are having me attempt to stuff this in:

(&(objectclass=inetorgperson)(|(memberOf=cn=WirelessAccess,OU=Security,OU=Groups,DC=ad-test,DC=sfsu,DC=edu)(memberOf=cn=WirelessAccessCustom,OU=Security,OU=Groups,DC=ad-test,DC=sfsu,DC=edu))(!(memberOf=cn=WirelessAccessDenied,OU=Security,OU=Groups,DC=ad-test,DC=sfsu,DC=edu))) ---one line of course...

Both gui and cli reject it. cli sticks a carrot somewhere in the middle. Gui reverts to short entry previously in the field.
Guru Elite

Hmm...


They are having me attempt to stuff this in:

(&(objectclass=inetorgperson)(|(memberOf=cn=WirelessAccess,OU=Security,OU=Groups,DC=ad-test,DC=sfsu,DC=edu)(memberOf=cn=WirelessAccessCustom,OU=Security,OU=Groups,DC=ad-test,DC=sfsu,DC=edu))(!(memberOf=cn=WirelessAccessDenied,OU=Security,OU=Groups,DC=ad-test,DC=sfsu,DC=edu))) ---one line of course...

Both gui and cli reject it. cli sticks a carrot somewhere in the middle. Gui reverts to short entry previously in the field.




Webmin,

I don't know what the limit is, support might have that answer. Question is, can we handle what you are trying to accomplish in another way?


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I

Re: LDAP Filter character limit

I am meeting with the LDAP consultant on Monday. I've asked that question. Thanks! I'll also open a support ticket since I know one of the bosses will probably ask it.
Contributor I

Re: LDAP Filter character limit

For reference:
LDAP filter is limited to 256 characters.
Guru Elite

How many characters is yours?


For reference:
LDAP filter is limited to 256 characters.




So how many characters is yours?


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I

Re: LDAP Filter character limit

The original was 277! They gave me a revised one that was 231. The Exchange guy is attempting to set-up the Radius demon on the exchange server to feed the same data as the LDAP connection from an Oracle instance. We'll see. Still waiting word.

We like things difficult. That's why so much dead wood makes so much money in government...
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: