Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

LDAP: error code 4 - Sizelimit Exceeded - KNOX

Labels:
avatar
author-rank frank93
Super Collaborator

Created ‎06-02-2016 03:25 PM

Hi,

I got an error that sizelimit of my search base in Knox exceeded. Is there any possibility to expand the limit? I use the same LDAP searchbase for Ranger and everything is ok, so it is a Knox problem, not AD/LDAP (I read that I need to expand it in LDAP Admin).

Thank you in advance! 🙂

3,936 Views
1 ACCEPTED SOLUTION

avatar
author-rank jyadav
Super Guru

Created ‎06-02-2016 06:00 PM

@Edgar Daeds

This seems to be an issue with knox only if search query result goes over 1000 (can you check your search count?), I believe this is not yet fixed and only workaround is to narrow down the ldap base search query.

View solution in original post

3,562 Views
7 REPLIES 7

avatar
author-rank jyadav
Super Guru

Created ‎06-02-2016 03:35 PM

Hi @Edgar Daeds

It might be a limitation with Knox, can you share your Ambari & HDP version?

3,562 Views
0 Kudos

avatar
author-rank bhagan author-rank
Super Collaborator

Created ‎06-02-2016 04:26 PM

Your AD / LDAP server will have a limit set somewhere and when you're using the ldapsearch command, you can add a limit also. Curious to know the size of your result set using the given search base.

3,562 Views
0 Kudos

avatar
author-rank frank93
Super Collaborator

Created ‎06-02-2016 05:06 PM

@Jitendra Yadav

I am using HDP 2.3.2 with Ambari 2.1.1

@bhagan

But why this limit restricts to Knox only. I have the same search bases in beeline and Ranger and it works.

Thank you for answers

3,562 Views
0 Kudos

avatar
author-rank jyadav
Super Guru

Created ‎06-02-2016 06:00 PM

@Edgar Daeds

This seems to be an issue with knox only if search query result goes over 1000 (can you check your search count?), I believe this is not yet fixed and only workaround is to narrow down the ldap base search query.

3,563 Views

avatar
ceverett author-rank
Cloudera Employee

Created ‎06-02-2016 06:51 PM

I can confirm that. I had an issue similar to this recently. That was the only resolution. Knox currently does not have LDAP search filter functionality, so it requires you to narrow LDAP base.

3,562 Views

avatar
author-rank frank93
Super Collaborator

Created ‎06-03-2016 09:18 AM

Thank you guys! I have got the limit up to 1000.

3,562 Views
0 Kudos

avatar
author-rank frank93
Super Collaborator

Created ‎11-03-2016 11:24 AM

Is this fixed in HDP2.5? Knox 0.9.0

I mean is there a possibility in the new version to filter AD groups? I have over 1000 groups in AD and when Knox tries to authenticate me, AD returns an error "Size limit exceeded".

3,562 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera DataFlow 2.9 now supports building GenAI pipelines ...
What's New @ Cloudera
Accelerate Data Scientist Productivity with Cloudera Copilot...
What's New @ Cloudera
[RELEASED] Cloudera Streaming Analytics - Kubernetes Operato...
Community Announcements
October 2024 Community Highlights
What's New @ Cloudera
Accelerate Your AI with the Cloudera AI Inference Service wi...
View More Announcements