cancel
Showing results for 
Search instead for 
Did you mean: 

Alfresco Directory management console - is there any space limit on person query

SG
Champ in-the-making
Champ in-the-making

For the Alfresco Directory management user interface, is there any space limit (min aximum number of characters that can be typed) in personQuery and personDifferentialQuery?

When I go to:

https://myserver/alfresco/service/enterprise/admin/admin-directorymanagement

and then edit LDAP-AD Directory

I see entries for Person Query and Person Differential Query.

I try to enter (type) values in Person Query and Person Differential Query. It seems that after a certain number of characters, it does not allow me to type additional characters.

Question 1.

Is there any space (character) limit on the length that can be typed in Person Query and Person Differential Query?

I am typing as:

(&(objectCategory=person)(|(memberof

but it seems to not take the number of characters beyond a certain length

Question 2.

I would also like to understand the relationship between:

(i) values that I see (or manually type) in the admin-directorymanagement console

and

(ii) entries that I have typed in global properties on LDAP. In global properties, I also have entries and values for person query and [person differential query and the cron value synchronizes on the startup of the Alfresco service.

Do the values in the global properties override the values in admin-directorymanagement console?

I realized that the values in the global properties are different from the values in admin-directorymanagement console.

Ideally, they should be the same, I supppose, and I will type the same values.

But I am not able to type all the values in the admin-directorymanagement for person query as it seems to give me a limit on the number of characters that can be typed.

Question 3.

If I want to pull up all the users(person) for the groups defined, can I write like the one below?

(&(objectCategory=person))

The documentation says (objectclass=user)

Which one should I choose?

Although, ideally I would like to limit the user with member of and CN (if I can type all the members in personquery) instead of using something like person, or user.

1 REPLY 1

jpotts
World-Class Innovator
World-Class Innovator

1. I don't know of any limits, but you should not be relying on the admin console to make settings you actually want to keep. Making changes in the admin console should be considered temporary.

2. The values you change in the admin console are made via JMX. JMX settings override what is in the alfresco-global.properties file. At best, this can cause confusion. At worst, these settings sometimes get persisted to the database in strange ways that can be hard to detect and correct. That's why you should really avoid doing it and instead put the correct settings in your a-g.p file or in the subsystem LDAP config.

3. For question three, I can't tell you definitively because I don't know your LDAP schema. What you have specified are LDAP filters. You can and should be testing these against your own LDAP directory. From the command line on a Linux box you can use ldapsearch to do that. You can also use a tool like Apache Directory Studio to connect to your LDAP server, browse its structure, and test your queries.

Once you get your settings working, backfill those into your a-g.p file and subsystem config, then go into the admin console, go into the "JMX Settings" and "revert" every single one that is listed. That way, you can be sure that your server is using what's in your known-good file-based config.