Hi, AFAIK the patch won't be included in 0.9.10 Cheers. H.
On Tue, Sep 13, 2016 at 8:53 PM, Peter Burdine <[email protected]> wrote: > I thought that was the case. That just means worst case, I have to create > the user in the DB manually (with the correct matching user name), then > assign the connections until 0.9.10 comes out and the limit is increased. > > Thanks for the clarification! > > On Tue, Sep 13, 2016 at 12:18 AM, Mike Jumper <[email protected]> > wrote: > >> The issue should only affect the ability to see the LDAP users in the >> admin pages. That's the only place that a query retrieving all users >> is attempted. >> >> The authentication process involves either (1) binding using a DN >> derived directly from the username provided or (2) binding using a >> dedicated search DN for the sake of querying the DN of the user having >> the username provided, and then binding as THAT user. At most, >> authentication will involve retrieving a single entry; nothing near >> the default limit of 1000 entries. >> >> - Mike >> >> >> On Mon, Sep 12, 2016 at 5:34 PM, Peter Burdine <[email protected]> >> wrote: >> > Sorry to bring this up again. I am looking to use this to setup a >> system >> > that has just over 1000 users. I am planning on using LDAP for auth, >> but >> > MySQL for connectivity data. Does this issue affect the ability for >> some >> > users to login, or does it just affect the ability to see all of the >> LDAP >> > users in the admin pages? I don't see this info in the Jira ticket or >> PR >> > discussion. >> > >> > Thanks, >> > Peter >> > >> > On Sun, Aug 14, 2016 at 7:17 PM, James Muehlner >> > <[email protected]> wrote: >> >> >> >> Hey Herve, >> >> >> >> I see that you created the pull request and associated ticket. Great! >> >> Let's move the discussion over to Github at this point. >> >> >> >> James >> >> >> >> >> >> >> >> On Sun, Aug 14, 2016 at 8:05 AM, Herve Guehl <[email protected]> >> >> wrote: >> >>> >> >>> Hi James, >> >>> did my homework (though this was my first time with git :p ). >> >>> The code in itself is not dirty (I hope ;), I just meant that it would >> >>> better to get the results from ldap as mentionned by RFC 2696. But >> IMHO >> >>> nowadays we can get more than 1000 results using a search in a ldap >> >>> directory... >> >>> >> >>> Hervé >> >>> >> >>> >> >>> >> >>> On Sun, Aug 14, 2016 at 2:54 AM, James Muehlner >> >>> <[email protected]> wrote: >> >>>> >> >>>> Greetings Herve, >> >>>> >> >>>> In order to accept code changes into the project, we'll need a pull >> >>>> request on GitHub, and a corresponding JIRA issue in the Apache >> JIRA. See >> >>>> our contribution guidelines for more information. >> >>>> >> >>>> As a side note, we're always happy to accept code contributions from >> the >> >>>> community, but we do try to make sure that the contributions are >> always up >> >>>> to our code quality standards. If you feel that your patch is a bit >> dirty, >> >>>> it may have to be cleaned up a bit before we're ready to accept it >> upstream. >> >>>> >> >>>> James >> >>>> >> >>>> On Fri, Aug 5, 2016 at 12:45 PM, Herve Guehl <[email protected]> >> >>>> wrote: >> >>>>> >> >>>>> Hi, >> >>>>> If your active directory contains more than 1000 users in the search >> >>>>> OU, you'll need to : >> >>>>> - Configure your active directory to extend the MaxPageSize limit >> >>>>> (default 1000) >> >>>>> https://technet.microsoft.com/en-us/library/cc770976%28v=ws. >> 11%29.aspx >> >>>>> - Use the included patch (a bit dirty, as it would be better to >> fetch >> >>>>> results according to the max page size, but works for me) : >> >>>>> - it enable the possibility to get more than 1000 results for a >> ldap >> >>>>> request for the guacamole-client. You will have to add >> ldap-maxresults: 2000 >> >>>>> (or the value you need) in your guacamole.properties file. >> >>>>> >> >>>>> Have fun. >> >>>>> Hervé >> >>>> >> >>>> >> >>> >> >> >> > >> > >
