Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
Celebrating as our community reaches 100,000 members! Thank you!
Solved Go to solution

LDAP: error code 4 - Sizelimit Exceeded - KNOX

Labels:
avatar
author-rank frank93
Super Collaborator

Created ‎06-02-2016 03:25 PM

Hi,

I got an error that sizelimit of my search base in Knox exceeded. Is there any possibility to expand the limit? I use the same LDAP searchbase for Ranger and everything is ok, so it is a Knox problem, not AD/LDAP (I read that I need to expand it in LDAP Admin).

Thank you in advance! 🙂

3,087 Views
1 ACCEPTED SOLUTION

avatar
author-rank jyadav
Super Guru

Created ‎06-02-2016 06:00 PM

@Edgar Daeds

This seems to be an issue with knox only if search query result goes over 1000 (can you check your search count?), I believe this is not yet fixed and only workaround is to narrow down the ldap base search query.

View solution in original post

2,713 Views
7 REPLIES 7

avatar
author-rank jyadav
Super Guru

Created ‎06-02-2016 03:35 PM

Hi @Edgar Daeds

It might be a limitation with Knox, can you share your Ambari & HDP version?

2,713 Views
0 Kudos

avatar
author-rank bhagan author-rank
Super Collaborator

Created ‎06-02-2016 04:26 PM

Your AD / LDAP server will have a limit set somewhere and when you're using the ldapsearch command, you can add a limit also. Curious to know the size of your result set using the given search base.

2,713 Views
0 Kudos

avatar
author-rank frank93
Super Collaborator

Created ‎06-02-2016 05:06 PM

@Jitendra Yadav

I am using HDP 2.3.2 with Ambari 2.1.1

@bhagan

But why this limit restricts to Knox only. I have the same search bases in beeline and Ranger and it works.

Thank you for answers

2,713 Views
0 Kudos

avatar
author-rank jyadav
Super Guru

Created ‎06-02-2016 06:00 PM

@Edgar Daeds

This seems to be an issue with knox only if search query result goes over 1000 (can you check your search count?), I believe this is not yet fixed and only workaround is to narrow down the ldap base search query.

2,714 Views

avatar
ceverett author-rank
Cloudera Employee

Created ‎06-02-2016 06:51 PM

I can confirm that. I had an issue similar to this recently. That was the only resolution. Knox currently does not have LDAP search filter functionality, so it requires you to narrow LDAP base.

2,713 Views

avatar
author-rank frank93
Super Collaborator

Created ‎06-03-2016 09:18 AM

Thank you guys! I have got the limit up to 1000.

2,713 Views
0 Kudos

avatar
author-rank frank93
Super Collaborator

Created ‎11-03-2016 11:24 AM

Is this fixed in HDP2.5? Knox 0.9.0

I mean is there a possibility in the new version to filter AD groups? I have over 1000 groups in AD and when Knox tries to authenticate me, AD returns an error "Size limit exceeded".

2,713 Views
0 Kudos
Announcements
Product Announcements
[ANNOUNCE] Cloudera on Public Cloud Runtime 7.2.18 is GA!
What's New @ Cloudera
Cloudera Operational Database (COD) supports enhancements to...
Community Announcements
March 2024 Community Highlights
Community Announcements
Celebrating 100,000 Members: A Journey of Growth and Connect...
Product Announcements
[ANNOUNCE] New Cloudera JDBC Connector for Apache Hive 2.6.2...
View More Announcements