Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

list of DN elements is truncated when using search method on JndiService #176

Open
asouppart opened this issue Oct 22, 2021 · 5 comments · May be fixed by #299
Open

list of DN elements is truncated when using search method on JndiService #176

asouppart opened this issue Oct 22, 2021 · 5 comments · May be fixed by #299
Assignees
@abpai94
Labels
bug
Milestone
2.2

Comments

@asouppart
Copy link

The number of elements returned by the search method is limited by MaxPageSize configuration of the ldap server.
Even if the PageSize configuration is populated with a positive number.
@coudot coudot added the bug label Oct 22, 2021
@coudot coudot added this to the 2.1.7 milestone Oct 22, 2021
@coudot coudot modified the milestones: 2.1.7, 2.2 Oct 12, 2023
@coudot
Copy link
Member

coudot commented Oct 12, 2023

Seems the issue is in the scripting engine (ldap.search())

abpai94 added a commit to Worteks/lsc that referenced this issue Jul 26, 2024
@abpai94
lsc-project#176: Fixed bug override globally configured pageSize vari…
1d09c13 
…able in the middle of the code.
@abpai94 abpai94 linked a pull request Jul 26, 2024 that will close this issue
Open
abpai94 added a commit to Worteks/lsc that referenced this issue Jul 26, 2024
@abpai94
lsc-project#176: Minor changes for pagesize setting.
bea2639
@abpai94 abpai94 assigned abpai94 and unassigned soisik Jul 30, 2024
@coudot
Copy link
Member

coudot commented Aug 27, 2024

@soisik @davidcoutadeur @rouazana we would like a review on #299

@davidcoutadeur davidcoutadeur linked a pull request Aug 27, 2024 that will close this issue
Fixed bug override globally configured pageSize variable in the middle of the code #299
Open
@coudot
Copy link
Member

coudot commented Sep 2, 2024

Global OpenLDAP setting to get a soft limit of 100 entries and hard limit unlimited:

dn: cn=cconfig
olcSizeLimit: size.soft=100 size.hard=unlimited

We can test the pagedResult control with ldapsearch like this:

ldapsearch -x -H ldap://localhost -D uid=coudot,ou=users,dc=example,dc=com -w secret -b dc=example,dc=com -E pr=100/noprompt

abpai94 added a commit to Worteks/lsc that referenced this issue Sep 2, 2024
@abpai94
lsc-project#176: Pagination fix for jScript.
8f16d5a 
- Reverted changes to re-introduce functionality for sortedBy and pagination.
- Created a method to retrieve pagination cookie.
- Fixed pagination when searching via jScript.
abpai94 added a commit to Worteks/lsc that referenced this issue Sep 2, 2024
@abpai94
lsc-project#176: Restoring lsc.episode.
e0a7266
abpai94 added a commit to Worteks/lsc that referenced this issue Sep 2, 2024
@abpai94
lsc-project#176: Readded sortedBy controls for ldap context.
ff9a586
abpai94 added a commit to Worteks/lsc that referenced this issue Sep 2, 2024
@abpai94
lsc-project#176: Minor changes to formatting.
7539691
abpai94 added a commit to Worteks/lsc that referenced this issue Sep 3, 2024
@abpai94
lsc-project#176: Creating function to apply request controls. Fixes b…
7b8f695 
…ug with outdated paging cookie.
@davidcoutadeur
Copy link
Contributor

I have reviewed part of the code, and done some tests about this issue.

Here is the status:

  • first, it must be noted that the hard size limit cannot be exceeded. OpenLDAP documentation states:
If the LDAP client adds the pagedResultsControl to the search operation, the hard size limit is used by default, because the request for a specific page size is considered an explicit request for a limitation on the number of entries to be returned. However, the size limit applies to the total count of entries returned within the search, and not to a single page.

Additional size limits may be enforced for paged searches.

  • we must check that the AD limitation can also be bypassed by the paged control.

  • when running LSC with a paged search of 3 entries, and OpenLDAP configured with: olcLimits: {1}group/groupOfNames/member="cn=adminlimit,ou=groups,dc=my-domain,dc=com" size.soft=3 size.hard=unlimited time=unlimited, LSC can indeed get all entries (5 entries) when doing a srcLdap.search, but I get some errors, maybe not linked to this issue:

sept. 25 18:50:38 - ERROR - Error while modifying entry uid=test,ou=people2,dc=my-domain,dc=com in directory :javax.naming.OperationNotSupportedException: [LDAP: error code 12 - critical extension is unavailable]; remaining name 'uid=test,ou=people2'
sept. 25 18:50:38 - ERROR - Error while synchronizing ID uid=test,ou=people2,dc=my-domain,dc=com: java.lang.Exception: Technical problem while applying modifications to the destination

at OpenLDAP side:

2024-09-25T18:50:38.249275+02:00 parmenide slapd[47974]: conn=1009 op=6 RESULT tag=103 err=12 qtime=0.000008 etime=0.000034 text=critical extension is unavailable
2024-09-25T18:50:38.249364+02:00 parmenide slapd[47974]: conn=1009 op=6 do_modify: get_ctrls failed

extensions sent seem to be managed by OpenLDAP : 1.2.840.113556.1.4.319 and 2.16.840.1.113730.3.4.2
Need more investigation about this.

@davidcoutadeur
Copy link
Contributor

Finally I found what was wrong about the errors I previously mentioned.

The problem is the paged control is applied also to the modification, which is not permitted by the protocol. Paged control must be applied only to search requests.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@abpai94 abpai94

Labels
bug
Projects
None yet
Milestone
2.2
Development

Successfully merging a pull request may close this issue.

Fixed bug override globally configured pageSize variable in the middle of the code Worteks/lsc
5 participants
@coudot @davidcoutadeur @abpai94 @soisik @asouppart