The following event is in the Windows Application Event Log:
Event Type: Warning
Event Source: LdapUpdateService
Event Category: None
Event ID: 114
Time: 9:40:46 AM
LDAP Mirror Sync has truncated LDAP attribute values longer than 2000 characters to 2000 characters. Attribute name: memberOf
An attribute synchronized from the LDAP source has a value that is greater then 2000 characters. The LDAPUpdateService truncates the value to 2000 characters. The warning is output to the Windows Application Event log.
Selecting the Active Directory attribute memberOf is a common situation where this occurs.
Symantec is aware of this limitation. This article is updated as more information is available. Subscribe to the article to receive updates.
Do not synchronnize in the attribute causing the issue. It will be necessary to use a different attribute to synchronize in.
Perform the following steps to remove the attribute
- Open the IM Manager Administration Console.
- Click the Settings tab.
- Select the page LDAP Directory Integration > Field Selection.
- Click the hyperlink Add or Remove Fields From Directory.
- Uncheck the checkbox next to the appropriate field.
- Click Submit.
- Perform a successful Mirror Sync.
- Click on the page LDAP Directory Integration > Synchronization.
- Check the checkbox Perform a cache update at the next opportunity box.
- Click the Submit button.
- Click on the page LDAP Directory Integration > History.
- Look for an entry where the Job Type is Mirror Sync. Ensure it is successful. Check the Windows Application Event log for any errors.
LDAP Mirror Sync has truncated LDAP attribute values longer than 2000 characters to 2000 characters. Attribute name
LDAP fails to update if user chooses add-all option
Feature Request: Ability to set up reviewer restrictions based on groups in IM Manager database
Rate this Article