Cannot connect to EFT when using LDAPv2


THE INFORMATION IN THIS ARTICLE APPLIES TO:

  • EFT Server, version 6.x

SYMPTOM

Cannot connect to EFT using LDAPv2

RESOLUTION

Modify the default MaxPageSize in ADSIEDIT.MSC or GPO, and the advanced LDAP settings in EFT.

In ADSI EDIT:

ADSI Edit

In EFT (on the LDAP Site's General tab), edit the Override search page size setting:

MORE INFORMATION

If you try to log in using an AD account that doesn't show up in EFT, it denies the authentication. Increasing the search page size allows the accounts to appear.

From http://support.microsoft.com/kb/315071: MaxPageSize - This value controls the maximum number of objects that are returned in a single search result, independent of how large each returned object is. To perform a search where the result might exceed this number of objects, the client must specify the paged search control. This is to group the returned results in groups that are no larger than the MaxPageSize value. To summarize, MaxPageSize controls the number of objects that are returned in a single search result. The default value is 1,000.

For more information about MaxPageSize, refer to http://searchwindowsserver.techtarget.com/tip/Limiting-LDAP-searches-with-MaxPageSize.