Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LDAP pagination support (for very large user databases) #1825

Closed
richardhofman opened this issue Mar 8, 2016 · 5 comments
Closed

LDAP pagination support (for very large user databases) #1825

richardhofman opened this issue Mar 8, 2016 · 5 comments
Labels
❤️ feature request ldap
Milestone
v3.0

Comments

@richardhofman
Copy link

Expected Behavior (or desired behavior if a feature request)

LDAP user import imports the ~1700 in my organisation's Active Directory database.

Actual Behavior

Only the first 1000 users are imported (and if the import is re-run, it simply re-imports the same 1000 and flags them as "exists").

I've resolved this issue already on my local installation by modifying the postLDAP() function in UsersController.php, but would like to see similar functionality implemented in the official version (happy to work on this).
@snipe
Copy link
Owner

snipe commented Mar 8, 2016

What exactly did you do to resolve the issue? We do not impose any limits on the number of users to import, and that is typically a restriction on the LDAP server itself.

@snipe
Copy link
Owner

snipe commented Mar 8, 2016

(Also, if you want to see similar functionality, and have already addressed the issue locally, a pull request is always appreciated.)

@snipe
Copy link
Owner

snipe commented Mar 8, 2016

Looks like later versions of PHP have a paging option, but it is only supported by LDAP v3. http://php.net/manual/en/function.ldap-control-paged-result.php

I know at least a few users are not able to use v3, so we'd have to make sure we check for those or invoke the critical flag.

@richardhofman
Copy link
Author

The LDAP query size limit is server-side, but for LDAP versions >= 3 pagination allows you to make repeated smaller queries that enumerate much larger result sets.

I implemented a do...while structure very similar to the one in example 2 on this page: https://secure.php.net/manual/en/function.ldap-control-paged-result.php

My current solution is somewhat clunky because it iterates over all of the result pages, until it has a massive $results array with every user entry, and then uses the existing code to insert that into the database, which seems to result in very high memory usage (not sure if the array or something DB related). I had to increase the memory limit on my server to avoid exhausting available memory, but obviously something nicer would be preferable before I made a pull request - I'm happy to look into it.

@snipe
Copy link
Owner

snipe commented Mar 8, 2016

Sure, I'd love to take a look at what you have. Making changes to the core code is always risky, since updates will blow out those changes, and we have a very large update coming soon (big enough that almost every file in the app has been touched.)

@richardhofman richardhofman mentioned this issue Mar 8, 2016
Merged
@richardhofman richardhofman changed the title LDAP paging support (for very large user databases) LDAP pagination support (for very large user databases) Mar 10, 2016
@snipe snipe added this to the v3.0 milestone Apr 19, 2016
@snipe snipe closed this as completed Apr 19, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
❤️ feature request ldap
Projects
None yet
Milestone
v3.0
Development

No branches or pull requests
2 participants
@snipe @richardhofman