My Oracle Support Banner

ODI LDAP Driver Does Not Bring All Members of a Microsoft AD Group into the GROUP_MEMBEROF Table (Doc ID 2785409.1)

Last updated on JULY 14, 2021

Applies to:

Oracle Data Integrator - Version 12.2.1.3.0 and later
Information in this document applies to any platform.

Symptoms

The Oracle Data Integrator (ODI) LDAP driver does not retrieve all the members of a Microsoft Active Directory (MSAD) group to insert them into the GROUP_MEMBEROF table if the group contains over 1500 members. In addition, instead of using the table GROUP_MEMBEROF for the members of the big group, it creates table GROUP_MEMBEROF_RANGE_0_1499, containing just the first 1500 members from the LDAP search.

As per the ODI documentation, the LDAP driver should bring in each of the results when page_size is used with a positive value, and this value is set to the LDAP limit size. However, in practice it makes no difference which value is used, as it does not bring all of the members.

The issue can be reproduced with the following steps:

  1. Create over 2000 users on the LDAP server, ie Active Directory.
  2. Add these users within a single LDAP group.
  3. Log in to ODI Studio and go to the Topologies tab.
  4. Create a new Data Server for the LDAP Technology.
  5. Create a new Data Server for Oracle Technology.
  6. Create models for both technologies.
  7. Create a mapping using GROUP_MEMBEROF from the LDAP model and to a table on the database side.
  8. Execute the mapping.
  9. Observe that the data in the GROUP_MEMBEROF table only contains a subset of the members of groups.

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Cause
Solution
 Further Information
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.