PowerProtect Data Manager does not show all groups defined in Microsoft Active Directory when creating a New Map Group in Identity Sources

Summary: This KB article explains how to workaround a limitation related to Active Directory (AD) in PowerProtect Data Manager (PPDM) versions 19.1 and 19.2

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Symptoms



Affected products:  
  • PowerProtect Data Manager (PPDM) and x400 
  • Software versions 19.1 and 19.2 
Symptoms:  
Unable to find some Active Directory (AD) Groups when trying to map a particular AD group to a PPDM role under PPDM's identity sources.
 
The following line is seen in /var/log/brs/aaa/aaa.log (if aaa service is in debug mode):   
DEBUG [] [pool-84-thread-1] [][][][][] org.springframework.ldap.core.LdapTemplate - SizeLimitExceededException encountered and ignored
javax.naming.SizeLimitExceededException: [LDAP: error code 4 - Sizelimit Exceeded]
        at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3206)
        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3100)
        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2891)

Cause

Currently, PowerProtect Data Manager has not implemented LDAP/AD paging so it is only able to show the maximum number of objects that a LDAP/AD server can send in one call.

Resolution

Workaround:  
  • Increase the number of Objects AD/LDAP can serve in one call.
or
  • Use an AD/LDAP group visible by PPDM to map it to PPDM roles.

Note: This limitation is scheduled to be removed in an upcoming version of PPDM.

Affected Products

PowerProtect Data Manager

Products

PowerProtect Data Manager, PowerProtect X400 Appliance
Article Properties
Article Number: 000165264
Article Type: Solution
Last Modified: 20 May 2025
Version:  3
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.