Unable to scroll beyond a letter in AD/LDAP

This support forum board is for questions relating to Nagios Fusion.
apteancloud
Posts: 47
Joined: Wed Sep 09, 2020 4:05 am

Unable to scroll beyond a letter in AD/LDAP

Post by apteancloud »

Hello,

I have been playing around with Nagios Fusion free version and was trying to setup AD/LDAP to import users, however, I cant scroll beyond N-letter. There are no further scroll down or 'Next' option to select the next set of users. I have tried multiple browsers, still the same. However, the functionality seems to work smoothly for our production NagiosXI where I can see upto Z-letter users from AD/LDAP.
Fusion.JPG
I am not sure what is the issue here.
You do not have the required permissions to view the files attached to this post.
ssax
Dreams In Code
Posts: 7682
Joined: Wed Feb 11, 2015 12:54 pm

Re: Unable to scroll beyond a letter in AD/LDAP

Post by ssax »

Is it a Windows domain controller or a LDAP server?

Are both XI systems using the same domain controller/LDAP server?

Make sure your /etc/php.ini has these set (or higher):

Code: Select all

max_execution_time = 300
max_input_vars = 50000
memory_limit = 1024M
Then restart httpd:

Code: Select all

systemctl restart httpd
apteancloud
Posts: 47
Joined: Wed Sep 09, 2020 4:05 am

Re: Unable to scroll beyond a letter in AD/LDAP

Post by apteancloud »

Is it a Windows domain controller or a LDAP server?
- Windows AD
Are both XI systems using the same domain controller/LDAP server?
- Yes
Make sure your /etc/php.ini has these set (or higher)
- Set the values and restarted httpd, still same issue
ssax
Dreams In Code
Posts: 7682
Joined: Wed Feb 11, 2015 12:54 pm

Re: Unable to scroll beyond a letter in AD/LDAP

Post by ssax »

If you run this command as root or sudo on your Fusion server and leave it running:

Code: Select all

tail -Fn0 /var/log/httpd/error_log /var/log/httpd/ssl_error_log
Then replicate the issue in the Fusion interface again, do you see any errors output? If so, please post them.
apteancloud
Posts: 47
Joined: Wed Sep 09, 2020 4:05 am

Re: Unable to scroll beyond a letter in AD/LDAP

Post by apteancloud »

Output

Code: Select all

[nagiosadmin@dnagfs01 ~]$ sudo tail -Fn0 /var/log/httpd/error_log /var/log/httpd/ssl_error_log
==> /var/log/httpd/error_log <==

==> /var/log/httpd/ssl_error_log <==
[Tue Nov 23 11:46:45.187575 2021] [:error] [pid 1467] [client XX.XX.XX.XX:22093] PHP Warning:  ldap_list(): Partial search results returned: Sizelimit exceeded in /usr/local/nagiosfusion/html/includes/components/ldap_ad_integration/adLDAP/src/classes/adLDAPFolders.php on line 139, referer: https://MYURL/nagiosfusion/includes/components/ldap_ad_integration/
[Tue Nov 23 11:46:45.908800 2021] [:error] [pid 1467] [client XX.XX.XX.XX:22093] PHP Warning:  ldap_list(): Partial search results returned: Sizelimit exceeded in /usr/local/nagiosfusion/html/includes/components/ldap_ad_integration/adLDAP/src/classes/adLDAPFolders.php on line 139, referer: https://MYURL/nagiosfusion/includes/components/ldap_ad_integration/
I have replaced the URL and IP Address.
benjaminsmith
Posts: 5324
Joined: Wed Aug 22, 2018 4:39 pm
Location: saint paul

Re: Unable to scroll beyond a letter in AD/LDAP

Post by benjaminsmith »

Hi apteancloud,

Based on the error output, I believe you are hitting the limits imposed by the AD/LDAP server on the number of objects that can be returned.
PHP Warning: ldap_list(): Partial search results returned: Sizelimit exceeded in /usr/local/nagiosfusion/html/includes/components/ldap_ad_integration/adLDAP/src/classes/adLDAPFolders.php on line 139, referer: https://MYURL/nagiosfusion/includes/com ... tegration/
Let us know how many users are you trying to return from this query? Also, please attach or PM the php.ini file, so we can review the settings there as well.

Thanks,
Benjamin
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.

Be sure to check out our Knowledgebase for helpful articles and solutions!
apteancloud
Posts: 47
Joined: Wed Sep 09, 2020 4:05 am

Re: Unable to scroll beyond a letter in AD/LDAP

Post by apteancloud »

The same option works fine on our NagiosXI Server (v5.8.6) and you can see I can scroll till 'Z'
NagiosXI.JPG
This is from NagiosFusion Server (v4.1.9)
NagFS.JPG
You can observe from above screenshots, the search bar on NagiosFusion Server isnt present as is the case with NagiosXI, so that I can easily search a user with his/her name if needed. And ofcourse, it wont let me scroll till the end.

I will PM you the php.ini and the user count.
You do not have the required permissions to view the files attached to this post.
benjaminsmith
Posts: 5324
Joined: Wed Aug 22, 2018 4:39 pm
Location: saint paul

Re: Unable to scroll beyond a letter in AD/LDAP

Post by benjaminsmith »

Hi,

Thanks for sending that over. Normally AD has a limit of 1000 users but if both these systems are polling the same AD/LDAP server, that doesn't look like the issue here.

The bottom of the the knowledgebase article below covers this type of error and there is another adjustment that can be made to the php.ini file.

Open the php.ini file in vi and make the change:

Code: Select all

suhosin.post.max_vars = 5000
suhosin.request.max_vars = 5000
Then restart the Apache server.

See: Active Directory / LDAP - Troubleshooting Authentication Integration, Section: Not All Active Directory Users Are Listed

Let me know if that resolves this issue.

--Benjamin
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.

Be sure to check out our Knowledgebase for helpful articles and solutions!
apteancloud
Posts: 47
Joined: Wed Sep 09, 2020 4:05 am

Re: Unable to scroll beyond a letter in AD/LDAP

Post by apteancloud »

Hi,

It is still the same.
I added the section as asked and restarted httpd. Logged to Fusion and tried to scroll till the last, I cant see beyond 'M'. And there are no search option unlike in NagiosXI (please refer to my previous reply screenshot), which would allow me to search users irrespective of what GUI shows.
benjaminsmith
Posts: 5324
Joined: Wed Aug 22, 2018 4:39 pm
Location: saint paul

Re: Unable to scroll beyond a letter in AD/LDAP

Post by benjaminsmith »

Hi,

Thanks for testing that out. I've reached out to the other teams here, and based on the error output, we still feel this is an issue with either the PHP settings or the remote AD/LDAP server settings.

It wouldn't hurt to double the recommendations on the PHP settings to rule that out.

Then, let's move this over to a support ticket. We'll likely need to set up a live debugging session to troubleshoot this further.

To open a support ticket, please go to:

https://support.nagios.com/tickets/

.. and reference this forum post in the ticket.

Regards,
Benjamin
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.

Be sure to check out our Knowledgebase for helpful articles and solutions!
Locked