[closed] LDAP synchronization query
I have configured RTC for authentication against LDAP (Windows AD).
I am using range retrieval because one of the LDAP groups I mapped to JazzUsers has more than 1500 members (in fact, about 5000).
After a successful synchronization performed last week, this week I noticed that the nightly task is missing all users from the "large" group.
In jts.log I found the lines containing the queries RTC performs on LDAP in order to retrieve the groups properties (including groups members).
The log of theunsuccessful synchronization contains a line like the following:
2012-05-16 12:55:53,744 DEBUG ce.jts.internal.userregistry.ldap.LDAPUserRegistry - Query to find all the groups - ldapsearch -h ldap://********.9:389 -b "*******************" "(| (cn=YASZFMGr)(cn=YASZAMGr)(cn=YA3Z01Gr))"
That is, one query to retrieve the properties of all the 3 groups.
Instead , the log of thesuccessful synchronization contains many lines like the following:
2012-05-11 11:04:34,767 DEBUG ce.jts.internal.userregistry.ldap.LDAPUserRegistry - Query to find all the groups - ldapsearch -h ldap://********:389 -b "*********" "(cn=YASZFMGr)"
2012-05-11 11:04:34,800 DEBUG ce.jts.internal.userregistry.ldap.LDAPUserRegistry - Query to find all the groups - ldapsearch -h ldap://*********:389 -b "*********" "(cn=YASZFMGr)"
2012-05-11 11:04:34,902 DEBUG ce.jts.internal.userregistry.ldap.LDAPUserRegistry - Query to find all the groups - ldapsearch -h ldap://*********:389 -b "*********" "(cn=YA3Z01Gr)"
That is, a distinct query for each group.
Actually, for each group it performs as many queries as needed, according to the range retrieval size and the number of users in the group.
So, for group YASZFMGr, the query is performed twice, for YASAFMGr, 11 times, for YA3Z01Gr only once.
This is the expected behavior when range retrieval is active.
My problem is that range retrieval is still active: I never disabled it.
So, I am trying to figure out why RTC no longer considers it.
Any suggestion?
RTC version is 3.0.1; RTC is running on Linux RedHat 5.
I am using range retrieval because one of the LDAP groups I mapped to JazzUsers has more than 1500 members (in fact, about 5000).
After a successful synchronization performed last week, this week I noticed that the nightly task is missing all users from the "large" group.
In jts.log I found the lines containing the queries RTC performs on LDAP in order to retrieve the groups properties (including groups members).
The log of the
That is, one query to retrieve the properties of all the 3 groups.
Instead , the log of the
2012-05-11 11:04:34,767 DEBUG ce.jts.internal.userregistry.ldap.LDAPUserRegistry - Query to find all the groups - ldapsearch -h ldap://********:389 -b "*********" "(cn=YASZFMGr)"
2012-05-11 11:04:34,800 DEBUG ce.jts.internal.userregistry.ldap.LDAPUserRegistry - Query to find all the groups - ldapsearch -h ldap://*********:389 -b "*********" "(cn=YASZFMGr)"
2012-05-11 11:04:34,902 DEBUG ce.jts.internal.userregistry.ldap.LDAPUserRegistry - Query to find all the groups - ldapsearch -h ldap://*********:389 -b "*********" "(cn=YA3Z01Gr)"
That is, a distinct query for each group.
Actually, for each group it performs as many queries as needed, according to the range retrieval size and the number of users in the group.
So, for group YASZFMGr, the query is performed twice, for YASAFMGr, 11 times, for YA3Z01Gr only once.
This is the expected behavior when range retrieval is active.
My problem is that range retrieval is still active: I never disabled it.
So, I am trying to figure out why RTC no longer considers it.
Any suggestion?
RTC version is 3.0.1; RTC is running on Linux RedHat 5.
The question has been closed for the following reason: "Problem is not reproducible or outdated" by lumar Jul 08 '18, 8:37 a.m.
Comments
Bo Chulindra
JAZZ DEVELOPER Sep 26 '12, 7:43 p.m.@lumar: did you ever resolve this problem?