Support Questions
Find answers, ask questions, and share your expertise

LDAP: error code 4 - Sizelimit Exceeded - KNOX

Solved Go to solution

LDAP: error code 4 - Sizelimit Exceeded - KNOX

Expert Contributor

Hi,

I got an error that sizelimit of my search base in Knox exceeded. Is there any possibility to expand the limit? I use the same LDAP searchbase for Ranger and everything is ok, so it is a Knox problem, not AD/LDAP (I read that I need to expand it in LDAP Admin).

Thank you in advance! :)

1 ACCEPTED SOLUTION

Accepted Solutions

Re: LDAP: error code 4 - Sizelimit Exceeded - KNOX

@Edgar Daeds

This seems to be an issue with knox only if search query result goes over 1000 (can you check your search count?), I believe this is not yet fixed and only workaround is to narrow down the ldap base search query.

View solution in original post

7 REPLIES 7

Re: LDAP: error code 4 - Sizelimit Exceeded - KNOX

Hi @Edgar Daeds

It might be a limitation with Knox, can you share your Ambari & HDP version?

Re: LDAP: error code 4 - Sizelimit Exceeded - KNOX

Expert Contributor

Your AD / LDAP server will have a limit set somewhere and when you're using the ldapsearch command, you can add a limit also. Curious to know the size of your result set using the given search base.

Re: LDAP: error code 4 - Sizelimit Exceeded - KNOX

Expert Contributor
@Jitendra Yadav

I am using HDP 2.3.2 with Ambari 2.1.1

@bhagan

But why this limit restricts to Knox only. I have the same search bases in beeline and Ranger and it works.

Thank you for answers

Re: LDAP: error code 4 - Sizelimit Exceeded - KNOX

@Edgar Daeds

This seems to be an issue with knox only if search query result goes over 1000 (can you check your search count?), I believe this is not yet fixed and only workaround is to narrow down the ldap base search query.

View solution in original post

Re: LDAP: error code 4 - Sizelimit Exceeded - KNOX

Cloudera Employee

I can confirm that. I had an issue similar to this recently. That was the only resolution. Knox currently does not have LDAP search filter functionality, so it requires you to narrow LDAP base.

Re: LDAP: error code 4 - Sizelimit Exceeded - KNOX

Expert Contributor

Thank you guys! I have got the limit up to 1000.

Re: LDAP: error code 4 - Sizelimit Exceeded - KNOX

Expert Contributor

Is this fixed in HDP2.5? Knox 0.9.0

I mean is there a possibility in the new version to filter AD groups? I have over 1000 groups in AD and when Knox tries to authenticate me, AD returns an error "Size limit exceeded".