Page 1 of 1
Import a user not in list stops at 'M'
Posted: Fri Nov 02, 2018 3:31 pm
by tmattingly
Admin Screen->Manage Users->LDAP / Active Directory Import Users
I am trying to import a user (begins with 'R') into Nagios (using the above screens) and the AD OU where he is located only displays down to 'M'. How do I get 'N' to 'Z' to display? It appears too long for Nagios to handle because of the number of users in the OU.
Tom
Re: Import a user not in list stops at 'M'
Posted: Fri Nov 02, 2018 4:24 pm
by SteveBeauchemin
I have same problem. Mine stops in the S section. I have been looking into this too. The version of adLDAP2 in use does not have 'paging' available. So whatever your AD server has set as a maximum value sets the page size. And you get One page for display. I have more than 40,000 users and am unable to see a complete list. There is no way my Server Admins are going to set a page size larger that 10,000.
Basically, you just need to manually add the user without using the nice automation.
For the php programmers reading this...
The file adLDAPFolders.php lines 137 to 142 needs to be 'enhanced' to use some kind of paging. Something like what you can find at samjlevy.com/mydap/ He shows 2 ways to use paging. I have been unable to make it work in Nagios, but stand-alone it works great and shows me 40,000+ users. I hope some Nagios Dev will take this on as a side project. If ldap_control_paged_result and ldap_control_paged_result_response will not work, maybe use some kind of range to get results. Like ldap_search($mydap,$object_dn,'cn=*',array("member;range=$range_start-$range_end")).
I hope that there is a simple solution to this in the future. Just a couple lines of code to make us all happy.
That jomann guy is on top of all this. I bet he could whip something up easily. Challenge Accepted?
Thanks
Steve B
Re: Import a user not in list stops at 'M'
Posted: Fri Nov 02, 2018 5:17 pm
by tmattingly
I would also like to point out we are running the latest Nagios XI 5.5.6 and this problem has been around for at least the last couple of major releases.
Tom
Re: Import a user not in list stops at 'M'
Posted: Mon Nov 05, 2018 11:30 am
by cdienger
Thanks
@tmattingly and
@SteveBeauchemin
As was pointed out, this is a known limitation which we are aware of and have filed feature request for. The work around at this point would be to manually add users or increase the number of users that AD will return:
https://support.nagios.com/kb/article/a ... n-600.html
https://support.nagios.com/forum/viewto ... ilit=+ldap
5.5.x also has the ability to add AD users through the API which can help if there are a lot of users that need to be added:
https://support.nagios.com/forum/viewto ... t=ldap+API
Re: Import a user not in list stops at 'M'
Posted: Mon Nov 05, 2018 12:13 pm
by tmattingly
This appears to be code?
posting.php?mode=reply&f=16&t=51000
viewtopic.php?f=16&t=45588&hilit=+ldap
Where would we add /modify this? Sorry if this a stupid question I'm just not sure how to update it so we can import more users.
Tom
Re: Import a user not in list stops at 'M'
Posted: Mon Nov 05, 2018 12:19 pm
by cdienger
They're links the kb and forum posts with work aroudnds. The first was broken and is now corrected. The URLs are:
Code: Select all
https://support.nagios.com/kb/article/active-directory-ldap-troubleshooting-authentication-integration-600.html
https://support.nagios.com/forum/viewtopic.php?f=16&t=45588&hilit=+ldap
https://support.nagios.com/forum/viewtopic.php?f=6&t=50443&hilit=ldap+API