Symantec IGA

  • Private Community

  • 1.  Unable to provision title with length > 64 to AD

    Posted Jul 18, 2016 11:46 AM


    I'm unable to push a title with # of chars > 64 down to AD.  The error i get is 'The length for attribute 'eTADStitle' is greater than the maximum of 64'.

    However:

    1. The restriction is not on AD endpoint.  I can set a user's title to something longer than 64 chars directly in AD.

    2. In the user_store.xml and prov_store.xml files, the maxlength is set to 100 chars.

    3. I'm able to set a user's title directly in the provisioning store to something longer than 64 chars as well.

    4. I'm using the out of box AD connector.

    Where is this limit of 64 characters coming from?



  • 2.  Re: Unable to provision title with length > 64 to AD
    Best Answer

    Posted Jul 19, 2016 05:56 PM

    Hi,

     

    There is a 64 char limit on eTADSTitle.

    This is set in connector. If you bypass the Provisioning server and set the value in provisioning store directly, there is no restrictions there.

    In the provisioning manager, if you click the HELP button on the Organization tab, you will see the description for each attribute on that tab. Here is the one for title attribute in the ADS account Organization tab:

     

    Title

    Specifies the job title of the person who owns the account.

    Rule String: %UT%

    Size/Type: 64 numeric characters

     

    This kind of restriction cannot be changed. However, you can try to map a different custom attribute for it in the endpoint mappings.

     

    Thanks,

    Marline