I am using Spring LDAP and have entries (person) with a multivalued attribute named Department. i.e each person can have zero or more Department attributes. I am trying to make a search (filter) and return those entries that have only a specified value in one of their Department Values. However when I add the filter on the multivalued attribute I am getting the following error
LDAP: error code 11 - Administrative Limit Exceeded
This is the query code I am using.
LdapQuery query = query().base("ou=People").attributes("uid").where("objectclass").is("person").and("department").is("Marketing");
Has anyone encountered this situation or can it even be done to filter on a multivalued attribute?
Thanks
LDAP servers implement resources limits, to reduce the impact of client queries. OpenLDAP support to two limits; size (no of entries returned) and time (no of seconds an operation takes). LDAP servers such as Fedora 389/RedHat Directory Server have more granular limits. How to count large number of attribute entries using an anonymous bind
Had the same error on 389/RedHat Directory Server. The searchable field (in your case "department") was not indexed and it was hitting the Look-through limit. Fixed the issue by adding attribute nsLookThroughLimit with value of -1 for the bind dn user to disable the check. Improving Search Performance through Resource Limits Afterwards the query worked fine.