How much space (in bytes) is used by Password Manager in the comment attribute of a user account and is there a limit in Active Directory for the Comment attribute?
Comment Attribute limitations
The Comment attribute does not have an upper limit set in Active Directory (no size restriction) and therefore is a safe attribute to use for storing Q&A profile settings. From a technical perspective, the Comment attribute is tied into the schema attribute called User-Comment, which has no lower or upper limit values set, even though you may see an UpperLimit value set on Comment depending on the tool used to view it.
If you want to use your own custom attribute, ensure that the lower and upper limit values are not set, or if they are, ensure you take into account that Password Manager appends Q&A profile settings during each upgrade, as noted below.
Size of Comment attribute
By default Password Manager stores the Questions and Answers profile in the comment attribute of a user. How much space in Active Directory (AD) it takes up is dependent on the number of and length of questions and answers in a user's profile. The average size though usually varies from 800 to 3000 bytes.
Estimated average: 2.5KB for each question and answer provided.
Note that Password Manager will preserve old Q&A profiles when converting from legacy versions such as 4.7. and will append to the existing Q&A profiles thus increasing the size of the comment attribute.
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center