000022711 - If an LDAP group contains more than 2000 users  a search for RSA ClearTrust group's member will fail

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000022711
Applies ToRSA ClearTrust 5.5.3 Entitlements Manager (Admin GUI)
eDirectory datastore
IssueIf an LDAP group contains more than 2000 users, a search for RSA ClearTrust group's member will fail
Error: "netscape.ldap.LDAPException: error result (80); NDS error: insufficient buffer (-649)" logged in RSA ClearTrust EServer logfile
ResolutionThis issue has been resolved in a hot fix for RSA ClearTrust 5.5.3. Contact RSA Security Customer Support to obtain hot fix 5.5.3.60, or request the latest fix level (which is cumulative, and contains fixes from previous fix levels).

An issue was noted with ClearTrust 5.5.3 when eDirectory is used as the datastore. If large (more than 2000 users) LDAP user groups are in use, the search for a user (within the group) through the Admin GUI will fail. The exception "NDS error: insufficient buffer" will be logged in the EServer logfile.
Legacy Article IDa29077

Attachments

    Outcomes