Open LDAP users are not getting synchronized
Article ID: KB0076668
Updated On:
| Products | Versions |
|---|---|
| Spotfire Server | All |
Description
When using Open LDAP in server.log following message is encountered during the synchronization:
WARN 2019-10-09T16:55:36,068+0530 [*LdapSynchronizer.RestartRunnable*] server.ldap.LdapSearcher: Error performing an LDAP search, no more results will be retrieved javax.naming.SizeLimitExceededException: [LDAP: error code 4 - Sizelimit Exceeded] at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3206) ~[?:1.8.0_144] at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3100) ~[?:1.8.0_144] at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2891) ~[?:1.8.0_144] at com.sun.jndi.ldap.AbstractLdapNamingEnumeration.getNextBatch(AbstractLdapNamingEnumeration.java:148) ~[?:1.8.0_144] at com.sun.jndi.ldap.AbstractLdapNamingEnumeration.hasMoreImpl(AbstractLdapNamingEnumeration.java:217) ~[?:1.8.0_144] at com.sun.jndi.ldap.AbstractLdapNamingEnumeration.hasMore(AbstractLdapNamingEnumeration.java:189) ~[?:1.8.0_144] at com.spotfire.server.ldap.LdapSearcher.lookupUsingPagedResultsControl(LdapSearcher.java:93) ~[server.jar:?] at com.spotfire.server.userdir.ldap.LdapProvider.lookupPrincipals(LdapProvider.java:1106) ~[server.jar:?] at com.spotfire.server.userdir.ldap.LdapProvider.lookupPrincipals(LdapProvider.java:1052) ~[server.jar:?] at com.spotfire.server.userdir.ldap.LdapProvider.loadUsers(LdapProvider.java:347) ~[server.jar:?] at com.spotfire.server.userdir.ldap.LdapProvider.loadDirectory(LdapProvider.java:311) ~[server.jar:?] at com.spotfire.server.userdir.ldap.LdapSynchronizer.synchronize(LdapSynchronizer.java:226) ~[server.jar:?] at com.spotfire.server.userdir.ldap.LdapSynchronizer.lambda$new$0(LdapSynchronizer.java:126) ~[server.jar:?] at java.lang.Thread.run(Thread.java:748) [?:1.8.0_144]The users that should be found within the context name specified in the LDAP configuration will not be able to log in.
Issue/Introduction
Open LDAP users are not getting synchronized with the error message "Error performing an LDAP search, no more results will be retrieved .. javax.naming.SizeLimitExceededException: [LDAP: error code 4 - Sizelimit Exceeded]"
Resolution
Adjust the page size limits in Spotfire. The suggested solution depends on which of the two Open LDAP limits are reached.
Scenario 1
Your TIBCO Spotfire Server (TSS) settings are set to use a "user search filter" and get users from contexts so the total numbers of entries returned from Open LDAP is 1600 for example. You are using the default "page size" in your LDAP setting in TSS which is 1000.
This will fail with the "[LDAP: error code 4 - Sizelimit Exceeded]" error as the size.pr in Open LDAP is set to 500 while the equivalent setting in TSS is set to 1000
Solution
Set the page size in TSS to 500 or less. To set the page size open UI Configuration Tool, navigate to Configuration tab, select User Directory: LDAP from the left pane, on the right side in LDAP settings scroll down and expand Advanced settings. Modify field Page size, save the configuration and restart TSS.
Scenario 2
Your TSS settings are set to use a "user search filter" and get users from contexts so the total numbers of entries returned from Open LDAP is 2500 for example. You are using the default "page size" in your LDAP setting in TSS which is 1000.
This will initially fail with the "[LDAP: error code 4 - Sizelimit Exceeded]" error as the size.pr in Open LDAP is set to 500 while the equivalent setting in TSS is set to 1000. If/when you change the "Page size" in TSS to 500, you will still get the same Size limit error, since the search is returning more than 2000 entries.
Solution
Edit the size.prtotal in your Open LDAP settings to a higher number.
Scenario 1
Your TIBCO Spotfire Server (TSS) settings are set to use a "user search filter" and get users from contexts so the total numbers of entries returned from Open LDAP is 1600 for example. You are using the default "page size" in your LDAP setting in TSS which is 1000.
This will fail with the "[LDAP: error code 4 - Sizelimit Exceeded]" error as the size.pr in Open LDAP is set to 500 while the equivalent setting in TSS is set to 1000
Solution
Set the page size in TSS to 500 or less. To set the page size open UI Configuration Tool, navigate to Configuration tab, select User Directory: LDAP from the left pane, on the right side in LDAP settings scroll down and expand Advanced settings. Modify field Page size, save the configuration and restart TSS.
Scenario 2
Your TSS settings are set to use a "user search filter" and get users from contexts so the total numbers of entries returned from Open LDAP is 2500 for example. You are using the default "page size" in your LDAP setting in TSS which is 1000.
This will initially fail with the "[LDAP: error code 4 - Sizelimit Exceeded]" error as the size.pr in Open LDAP is set to 500 while the equivalent setting in TSS is set to 1000. If/when you change the "Page size" in TSS to 500, you will still get the same Size limit error, since the search is returning more than 2000 entries.
Solution
Edit the size.prtotal in your Open LDAP settings to a higher number.
Feedback
Yes
No
Powered by
