[
https://issues.apache.org/jira/browse/KNOX-644?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15415512#comment-15415512
]
Larry McCay commented on KNOX-644:
----------------------------------
Agreed, I would like to see the Hadoop Group Mappings used across all of the
components in the ecosystem.
This will require work in each project and I am going to try and contribute to
them in order t drive this consistency.
What we need to determine is where is best to invest our time for this release
in order to address the worst pain points.
If Knox 0.10.0 was able to leverage the same SSD/Centrify/etc mechanisms that
you have experience with, would it address the performance/limited group issues?
> Limit/page results of LDAP group membership search
> ---------------------------------------------------
>
> Key: KNOX-644
> URL: https://issues.apache.org/jira/browse/KNOX-644
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Affects Versions: 0.6.0
> Reporter: Kevin Minder
> Priority: Critical
> Fix For: 0.10.0
>
> Attachments: KNOX-644-paging.patch, KNOX-644.patch, ad_setup.ps1,
> create_groups_ldif.py, paging.patch
>
>
> Some users are finding that they have >1000 groups that would be returned
> given how Knox currently implements group lookup. ActiveDirectory currently
> limits search results to 1000 items and this causes failures that require
> workarounds at the client side. Ideally Knox's LDAP group search
> implementation would either limit/filter the results or page the result set
> that are unavoidably large.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
