Policy Server: Unable to create Object with Names larger than 64 characters.

Document ID : KB000032463
Last Modified Date : 14/02/2018
Show Technical Document Details

Problem:

Using ADLDS as Policy Store, there is a limitation on the length of the object attributes that could not be more than 64 chars.  This can be verified when you create agent with a name of 66 characters.

Note: It works fine with other LDAP or ODBC as Policy Store.

 

Cause:

There is a limitation with ADLDS from Microsoft

https://technet.microsoft.com/en-us/library/active-directory-maximum-limits-scalability(WS.10).aspx

 

Solution:

Common names are limited to 64 characters. For more information, see Common-Name Attribute (http://go.microsoft.com/fwlink/?LinkId=153706).

You may want to Increase the rangeUpper attribute of the object Common-Name fix the problem.

Note: If you decide to do this you would need to test your complete solution as there could be some consequences of doing such as some tools or functionalities may not work as expected. Please check the following URL:

http://fault.itsprite.com/how-can-we-increase-common-name-attribute-maximum-length/