Windows Application Event Log Shows Error Message: "LDAP Mirror Sync has truncated LDAP attribute values longer than 2000 characters to 2000 characters"

Article:TECH147361  |  Created: 2011-01-03  |  Updated: 2011-01-06  |  Article URL http://www.symantec.com/docs/TECH147361
NOTE: If you are experiencing this particular known issue, we recommend that you Subscribe to receive email notification each time this article is updated. Subscribers will be the first to learn about any releases, status changes, workarounds or decisions made.
Article Type
Technical Solution

Product(s)

Issue



The following event is in the Windows Application Event Log: 

Event Type: Warning
Event Source: LdapUpdateService
Event Category: None
Event ID: 114
Date:  12/29/2010
Time:  9:40:46 AM
User:  BLACKOPS-SIMM\IMService
Computer: JVD84
Description:
LDAP Mirror Sync has truncated LDAP attribute values longer than 2000 characters to 2000 characters. Attribute name: memberOf
 

 


Cause



An attribute synchronized from the LDAP source has a value that is greater then 2000 characters.  The LDAPUpdateService truncates the value to 2000 characters.  The warning is output to the Windows Application Event log.

Selecting the Active Directory attribute memberOf is a common situation where this occurs.


Solution



Symantec is aware of this limitation.  This article is updated as more information is available.  Subscribe to the article to receive updates.

Workaround

Do not synchronnize in the attribute causing the issue.  It will be necessary to use a different attribute to synchronize in.

Perform the following steps to remove the attribute 

  1. Open the IM Manager Administration Console.
  2. Click the Settings tab.
  3. Select the page LDAP Directory Integration > Field Selection.
  4. Click the hyperlink Add or Remove Fields From Directory.
  5. Uncheck the checkbox next to the appropriate field.
  6. Click Submit.

 

  1. Perform a successful Mirror Sync.
  2. Click on the page LDAP Directory Integration > Synchronization.
  3. Check the checkbox Perform a cache update at the next opportunity box.
  4. Click the Submit button.
  5. Click on the page LDAP Directory Integration > History.
  6. Look for an entry where the Job Type is Mirror Sync. Ensure it is successful. Check the Windows Application Event log for any errors.

 

 


Supplemental Materials

SourceEvent ID
Value114
Description

LDAP Mirror Sync has truncated LDAP attribute values longer than 2000 characters to 2000 characters. Attribute name


SourceETrack
Value1493958
Description

LDAP fails to update if user chooses add-all option


SourceETrack
Value1498037
Description

Feature Request: Ability to set up reviewer restrictions based on groups in IM Manager database




Article URL http://www.symantec.com/docs/TECH147361


Terms of use for this information are found in Legal Notices