Bug 768165 - [RFE] Support range retrievals
Summary: [RFE] Support range retrievals
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: sssd
Version: 6.0
Hardware: Unspecified
OS: Unspecified
high
unspecified
Target Milestone: rc
: ---
Assignee: Jakub Hrozek
QA Contact: Kaushik Banerjee
URL:
Whiteboard:
Depends On:
Blocks: 736854 998474
TreeView+ depends on / blocked
 
Reported: 2011-12-15 22:22 UTC by Dmitri Pal
Modified: 2020-05-02 16:18 UTC (History)
3 users (show)

Fixed In Version: sssd-1.9.1-1.el6
Doc Type: Enhancement
Doc Text:
Cause: Active Directory uses a nonstandard format when a large group that doesn't fit into a single "page" is returned. By default, the single page size was 1500 members, if the response exceeded the page size, the range extension is used Consequence: If a group was stored on an Active Directory server which contained more than 1500 members, the response from AD would contain the proprietary format which SSSD wouldn't be able to parse. Change: The SSSD was improved so that it is able to parse the range the extension. Result: The SSSD is able to process groups with more than 1500 group members coming from the Active Directory.
Clone Of:
Environment:
Last Closed: 2013-02-21 09:34:44 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


Links
System ID Private Priority Status Summary Last Updated
Github SSSD sssd issues 1825 0 None closed Support range retrievals 2020-05-02 16:18:06 UTC
Red Hat Product Errata RHSA-2013:0508 0 normal SHIPPED_LIVE Low: sssd security, bug fix and enhancement update 2013-02-20 21:30:10 UTC

Description Dmitri Pal 2011-12-15 22:22:32 UTC 
Similar to paging Active Directory use the range sub-attribute to split large multi-valued attribute lists ( http://msdn.microsoft.com/en-us/library/aa367017%28v=vs.85%29.aspx).

Since this affects groups with a large number of members SSSD should support range retrievals.

https://fedorahosted.org/sssd/ticket/783
Comment 2 RHEL Program Management 2012-07-10 07:07:07 UTC 
This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.
Comment 3 RHEL Program Management 2012-07-11 02:03:10 UTC 
This request was erroneously removed from consideration in Red Hat Enterprise Linux 6.4, which is currently under development.  This request will be evaluated for inclusion in Red Hat Enterprise Linux 6.4.
Comment 5 Kaushik Banerjee 2012-11-16 08:57:47 UTC 
Verified in version 1.9.2-13

Report from beaker automation run:
[   PASS   ]      rangeretreival_001 ldap provider - lookup group with large no. of users
[   FAIL   ]      rangeretreival_002 ad provider - search base with filter - bz 848031
[   PASS   ]      rangeretreival_003 ad provider - lookup user belonging to large no. of groups
[   PASS   ]      rangeretreival_004 ldap provider - ldap user search base with filter
Comment 6 errata-xmlrpc 2013-02-21 09:34:44 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-0508.html
Note You need to log in before you can comment on or make changes to this bug.