[AMBARI-10513] ambari-server sync-ldap fails if there are too many users in the LDAP server (more than 1000?) - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 2.0.0
Fix Version/s: 2.1.0
Component/s: ambari-server
Labels:
None

Description

ambari-server setup-ldap was performed against QE AD server, which has more than 2000 users.

[root@c6401 ~]# ambari-server sync-ldap --all
Using python  /usr/bin/python2.6
Syncing with LDAP...
Enter Ambari Admin login: admin
Enter Ambari Admin password:
Syncing all.......ERROR: Exiting with exit code 1.
REASON: Caught exception running LDAP sync. [LDAP: error code 4 - Sizelimit Exceeded]; nested exception is javax.naming.SizeLimitExceededException: [LDAP: error code 4 - Sizelimit Exceeded]; remaining name 'CN=Users,DC=scl42,DC=hortonworks,DC=com'

Dilli Arumugam told me that Ranger (formerly known as XASecure) also hit a similar issue

Problem: If your directory contains > 1000 users, attempts to sync-ldap users and groups to Ambari will fail. There is a limit of 1000 to the number of entities Ambari can process.
Solution: Perform the sync-ldap using the --users and --groups option to limit the amount of entities to be under 1000 and perform the sync in batches.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

AMBARI-10513_01.patch
17/Apr/15 11:25
8 kB
Emil Anca

Issue Links

links to

Review Board

Activity

People

Assignee:: Emil Anca

Reporter:: Emil Anca

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 16/Apr/15 08:47

Updated:: 21/Apr/15 03:25

Resolved:: 21/Apr/15 01:56