This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
TIFFANYIRELAND
Beginner
Beginner
‎2018-11-01 01:56 PM

LDAP Paging

Jump to solution

Hello!

 

Sorry if this is obvious, but I tried searching and couldn't find an exact answer. Does the identity source LDAP query support paging results? Or does a large AD query need to be broken down into smaller queries such as this old KB shows: 000034356 - How to write an LDAP query filter f... | RSA Link 

 

 

"If there are 1000 or more users in AD, break down your single query into multiple smaller queries, with query filters similar to one of the examples below.  Note that the following queries will retrieve users with names starting with H through M.   Note that you must overlap the letters.
 

"(&(objectclass=user)(sn>=a*)(sn<=h*))"

 

"(&(objectclass=user)(sn>=h*)(sn<=n*))"           

 

"(&(objectclass=user)(sn>=n*)(sn<=z*))" 
"
Labels (1)
0 Likes
Reply
1 Solution

Accepted Solutions
EdwardDavis
Employee
Employee
‎2018-11-01 02:41 PM

Jump to solution

In version 8.x we not longer need to write these type of filters to restrict the list, as we do not pull all users from ldap in one big batch.

View solution in original post

Reply
2 Replies
EdwardDavis
Employee
Employee
‎2018-11-01 02:41 PM

Jump to solution

In version 8.x we not longer need to write these type of filters to restrict the list, as we do not pull all users from ldap in one big batch.

Reply
JayGuillette
Apprised Contributor Apprised Contributor
Apprised Contributor
In response to EdwardDavis
‎2018-11-01 03:58 PM

Jump to solution

We had to do that in AM 6.1 and earlier, which was an LDAP synch to copy the users from LDAP into the internal database.  Since 7.1 the users no longer needed to be LDAPsynched, the internal database has a pointer to the ObjectGuid in LDAP, so its in real time.

Reply
© 2023 RSA Security LLC or its affiliates. All rights reserved.