LDAP Group refresh (take 2)
Hi,
We used LDAP connection to link our AD's users and groups with dT. After configuration, I see all the groups in the 'Select LDAP Group' list but, when we add new groups in the active directory, we do not see it in the list. It seems like a refresh is needed. How can we do this refresh?
Thanks,
Laurence Cambron-L.
Hello - we are running into a similar issue. We've been able to eliminate a) and b) above as root causes, and there appears to be ~1000 objects in the 'Select LDAP Group' window (manually counted). Is the maximum number of objects returned in a single search configurable? If so - is this an AD property or a dynaTrace property?
Also what is the search method dynaTrace is using? Our AD groups start with 'APP-morestuffhere' and we are seeing AD groups that start with 'WTS-morestuffhere' which leads me to believe it's not alphabetical.
Thanks!
Tony
No refresh should be necessary: when reopening this "Select LDAP Group" dialog, the groups will be reloaded and any new group should be visible. Yet, there are reasons why a new group might not be listed:
a) The new group was added under a different "Base DN" (as configured on the "LDAP tab").
b) The configured LDAP account (Bind DN), which is used for browsing groups, is not allowed to browse or see this specific group.
c) You number of LDAP groups exceeds the maximum number of objects that are returned in a single search result (e.g. 1000 objects by default for AD) -- paging (or LDAP filtering) is currently not implemented in this dialog.
Best regards,
Bernhard
