Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-14299

LDAP connector Admin UI should not force paged block searches


    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Won't Fix
    • Affects Version/s:
    • Fix Version/s: None
    • Component/s: UI
    • Labels:


      When the LDAP connector is configured and used to access the cn=config tree of ForgeRock DS, for example to manage DS password policies and password validators from the IDM admin UI, it's impossible to use the admin UI data view of the LDAP connector to view the objects such as the password validators: trying to do so issues a red popup error window.
      The reason for this error is that the admin UI forces the use of paged block searches, (using a specific LDAP control), while DS disallows such searches on the cn=config tree.
      This occurs even if paged block searches are disabled in the LDAP connector configuration. The relevant part of the LDAP connector code which confirms that behaviour is as follows:

      if ((null != options.getPageSize() && options.getPageSize() > 0) && conn.supportsControl(PagedResultsControl.OID))

      { strategy = new PagedSearchStrategy(options.getPageSize(), options.getPagedResultsCookie(), options.getPagedResultsOffset(), handler, sortKeys); logger.ok("Paged Search Strategy used for search operation"); }

      else if (useBlocks && !usePagedResultsControl && conn.supportsControl(VirtualListViewRequestControl.OID)) {
      String vlvSortAttr = conn.getConfiguration().getVlvSortAttribute();
      strategy = new VlvIndexSearchStrategy(vlvSortAttr, pageSize);




            • Assignee:
              brmiller Brendan Miller
              cgrosjean Cyril Grosjean
            • Votes:
              1 Vote for this issue
              4 Start watching this issue


              • Created: