Synchronizing groups with more than 1500 members
I have configured RTC for authentication against Active Directory.
The authentication works fine, but there's a problem with users synchronization.
In fact, I mapped a Jazz role (JazzUsers) to an AD group which has almost 5000 members.
These users are not synchronized by the nightly task.
Instead, users belonging to a group who has 900 members are correctly synchronized.
Is this issue related to this known AD limit: the maximum number of users returned by a ldapsearch is 1500?
Is there a workaround to this issue?
The authentication works fine, but there's a problem with users synchronization.
In fact, I mapped a Jazz role (JazzUsers) to an AD group which has almost 5000 members.
These users are not synchronized by the nightly task.
Instead, users belonging to a group who has 900 members are correctly synchronized.
Is this issue related to this known AD limit: the maximum number of users returned by a ldapsearch is 1500?
Is there a workaround to this issue?
Accepted answer
We ran into a simliar issue. I'm not able to remote to my work PC right now to pull up the exact setting but there is an option to configure the LDAP query to use smaller batches at a time. I believe it's called something like "Ranged Retrieval", there's a setting to enable (true/false) and a setting for how many users to pull back in a group. Enabling this set to 50 seemed to have fixed our issues. Note, it's not clear in the save message but if I remember correctly we had to bounce after making the change.
Hope this helps.
Hope this helps.
2 other answers
I have configured RTC for authentication against Active Directory.
The authentication works fine, but there's a problem with users synchronization.
In fact, I mapped a Jazz role (JazzUsers) to an AD group which has almost 5000 members.
These users are not synchronized by the nightly task.
Instead, users belonging to a group who has 900 members are correctly synchronized.
Is this issue related to this known AD limit: the maximum number of users returned by a ldapsearch is 1500?
Is there a workaround to this issue?
This particular issue has been resolved in the past I believe - which version are you using ?
I have configured RTC for authentication against Active Directory.
The authentication works fine, but there's a problem with users synchronization.
In fact, I mapped a Jazz role (JazzUsers) to an AD group which has almost 5000 members.
These users are not synchronized by the nightly task.
Instead, users belonging to a group who has 900 members are correctly synchronized.
Is this issue related to this known AD limit: the maximum number of users returned by a ldapsearch is 1500?
Is there a workaround to this issue?
This particular issue has been resolved in the past I believe - which version are you using ?
I am using version 3.0.1