Hi,
Having just set up the AD integration, I tried to import to users.
But the groups are not listed when I drill down to the relevant OU.
There are some 3400 security groups in that OU, is there a limit of listing group and if there is any way to narrow the list down?
Tried in the Base DN field to list the complete path including security group name but just says no users to import (there are users in the group)
Regards,
Claus
AD integration groups missing
-
dwhitfield
- Former Nagios Staff
- Posts: 4583
- Joined: Wed Sep 21, 2016 10:29 am
- Location: NoLo, Minneapolis, MN
- Contact:
Re: AD integration groups missing
That's strange that there is nothing importing, but there is definitely a default of 1000 on the AD side.
http://windowsitpro.com/networking/conq ... ilt-limits
Under heading "LDAP Maximum Page Size" - you can set MaxPageSize which is default to 1000
Please let us know if that resolves your issue.
http://windowsitpro.com/networking/conq ... ilt-limits
Under heading "LDAP Maximum Page Size" - you can set MaxPageSize which is default to 1000
Please let us know if that resolves your issue.
Re: AD integration groups missing
Yes, we run at the default display view value, 2000 items and LDAP maximum page size 1000, but when I drill down from Nagios XI import users there are not 2000 or even 1000 groups.
But there are no limits in regards to Nagios XI, it should display all the groups located in the OU?
And should it be possibly to point directly to that CN/security group where users are located?
But there are no limits in regards to Nagios XI, it should display all the groups located in the OU?
And should it be possibly to point directly to that CN/security group where users are located?
Re: AD integration groups missing
Are you seeing any results at all, or is it just showing a blank result page? Could you show us a screenshot?
Yes, you may need to drill down further to that exact location.
Yes, you may need to drill down further to that exact location.
Former Nagios Employee
Re: AD integration groups missing
Yes I am seeing results, but it only list around 1000 so you proberly correct about the LDAP maximum page size.
But we have outsourched our infrastructure including the AD maintenance, changing this value on the DC is most likely not a options.
They mention in the article you referred to "You have two options for working around this limit. The first is to change the maximum page size from the client", do you know if this is possible?
If that is not possible how do I drill down further? If I drill down to the security group and try to import users I get "no users to import" and a blank page, and there are users in it.
But we have outsourched our infrastructure including the AD maintenance, changing this value on the DC is most likely not a options.
They mention in the article you referred to "You have two options for working around this limit. The first is to change the maximum page size from the client", do you know if this is possible?
If that is not possible how do I drill down further? If I drill down to the security group and try to import users I get "no users to import" and a blank page, and there are users in it.
-
avandemore
- Posts: 1597
- Joined: Tue Sep 27, 2016 4:57 pm
Re: AD integration groups missing
Please see this post. That information is still current.
Summary, you'll need to adjust this server side.
Supporting reference:
ldap_search
Summary, you'll need to adjust this server side.
Supporting reference:
ldap_search
Previous Nagios employee