Bug 768165

Summary: [RFE] Support range retrievals
Product: Red Hat Enterprise Linux 6 Reporter: Dmitri Pal <dpal>
Component: sssdAssignee: Jakub Hrozek <jhrozek>
Status: CLOSED ERRATA QA Contact: Kaushik Banerjee <kbanerje>
Severity: unspecified Docs Contact:
Priority: high    
Version: 6.0CC: grajaiya, jgalipea, prc
Target Milestone: rcKeywords: FutureFeature
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: sssd-1.9.1-1.el6 Doc Type: Enhancement
Doc Text:
Cause: Active Directory uses a nonstandard format when a large group that doesn't fit into a single "page" is returned. By default, the single page size was 1500 members, if the response exceeded the page size, the range extension is used Consequence: If a group was stored on an Active Directory server which contained more than 1500 members, the response from AD would contain the proprietary format which SSSD wouldn't be able to parse. Change: The SSSD was improved so that it is able to parse the range the extension. Result: The SSSD is able to process groups with more than 1500 group members coming from the Active Directory.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2013-02-21 09:34:44 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 736854, 998474    

Description Dmitri Pal 2011-12-15 22:22:32 UTC 
Similar to paging Active Directory use the range sub-attribute to split large multi-valued attribute lists ( http://msdn.microsoft.com/en-us/library/aa367017%28v=vs.85%29.aspx).

Since this affects groups with a large number of members SSSD should support range retrievals.

https://fedorahosted.org/sssd/ticket/783
Comment 2 RHEL Program Management 2012-07-10 07:07:07 UTC 
This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.
Comment 3 RHEL Program Management 2012-07-11 02:03:10 UTC 
This request was erroneously removed from consideration in Red Hat Enterprise Linux 6.4, which is currently under development.  This request will be evaluated for inclusion in Red Hat Enterprise Linux 6.4.
Comment 5 Kaushik Banerjee 2012-11-16 08:57:47 UTC 
Verified in version 1.9.2-13

Report from beaker automation run:
[   PASS   ]      rangeretreival_001 ldap provider - lookup group with large no. of users
[   FAIL   ]      rangeretreival_002 ad provider - search base with filter - bz 848031
[   PASS   ]      rangeretreival_003 ad provider - lookup user belonging to large no. of groups
[   PASS   ]      rangeretreival_004 ldap provider - ldap user search base with filter
Comment 6 errata-xmlrpc 2013-02-21 09:34:44 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-0508.html