I am currently working on a project that uses OpenAM 12.0.2 with OpenDJ 2.6
We had a requirement to make the username editable. So, we ended up creating a custom ldap attribute called loginId and updating OpenAM config to use this attribute instead of uid.
When I import less than 4000 users, login works fine. When I import 4000+ users login doesn't work for any user, even 1 of the first 4000 users in the directory.
I can manually ldapsearch for the users and they exist in the directory, but I can't login with any of them.
We get an "Authorization failed!!" error, which is different to the usual username/password doesn't match error.
If anyone could shed any light on this, I would appreciate it.
Thanks
Edit Here is the attribute definition I am now using.
attributeTypes: ( 1.3.6.1.4.1.37238.2.9 NAME 'loginId' DESC 'username (that can be updated)' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'project schema')
I have rebuilt the indices and still having the same problem :(
That is probably because your instance of OpenDJ is configured to reject unindexed search request and you haven't defined and built an index for the loginID attribute.