-
Type:
Bug
-
Resolution: Fixed
-
Priority:
High
-
Affects Version/s: 5.14.1, 6.1.1
-
Component/s: User Management, Crowd & LDAP integration
-
Severity 1 - Critical
-
11
Summary
Bamboo does not display all users coming from LDAP if amount of users exceeds MaxPageSize defined in Active Directory.
Environment
- Bamboo v5.14.1
- Windows Active Directory
Steps to Reproduce
- create a new OU, adding 1501 users:
dn: CN=bamboo.user0000,OU=users,OU=ps8102,DC=atlassian,DC=local cn: bamboo.user0000 memberOf: CN=bamboo-win-ad,OU=groups,OU=ps8102,DC=atlassian,DC=local sAMAccountName: bamboo.user0000
dn: CN=bamboo.user1500,OU=users,OU=ps8102,DC=atlassian,DC=local cn: bamboo.user1500 memberOf: CN=bamboo-win-ad,OU=groups,OU=ps8102,DC=atlassian,DC=local sAMAccountName: bamboo.user1500
- connect Bamboo to the Windows AD:
<bamboo-home>/xml-data/configuration/atlassian-user.xml, atlassian-user-custom.xml
<atlassian-user> <repositories> <!-- LDAP repository --> <ldap key="ldapRepository" name="myLdapRepository" cache="true"> <host>thanos.atlassian.local</host> <port>636</port> <securityPrincipal>CN=admin.user,CN=Users,DC=atlassian,DC=local</securityPrincipal> <securityCredential>admin.password</securityCredential> <securityProtocol>ssl</securityProtocol> <securityAuthentication>simple</securityAuthentication> <baseContext>DC=atlassian,DC=local</baseContext> <baseUserNamespace>OU=users,OU=ps8102,DC=atlassian,DC=local</baseUserNamespace> <userSearchAllDepths>true</userSearchAllDepths> <userSearchFilter>(&(objectCategory=Person)(sAMAccountName=*))</userSearchFilter> <usernameAttribute>sAMAccountName</usernameAttribute> <firstnameAttribute>givenName</firstnameAttribute> <surnameAttribute>sn</surnameAttribute> <emailAttribute>mail</emailAttribute> <baseGroupNamespace>OU=groups,OU=ps8102,DC=atlassian,DC=local</baseGroupNamespace> <groupSearchAllDepths>true</groupSearchAllDepths> <groupSearchFilter>(objectClass=group)</groupSearchFilter> <groupnameAttribute>cn</groupnameAttribute> <membershipAttribute>member</membershipAttribute> </ldap> <!-- Default bamboo user repository --> <hibernate name="Hibernate Repository" key="hibernateRepository" description="Hibernate Repository" cache="true"/> </repositories> </atlassian-user>
- search for users by hitting http://localhost:8085/admin/user/viewUsers.action?usernameTerm=&fullnameTerm=&emailTerm=&startIndex=990 in the web browser.
As a result, Bamboo lists the users up until 1000.
Expected Results
- Bamboo should paginate results over MaxPageSize
Actual Results
- Bamboo displays only the amount records set up in MaxPageSize
Notes
| Property | Default | Description |
|---|---|---|
| MaxPageSize | 1000 | This value controls the maximum number of objects that are returned in a single search result, independent of how large each returned object is. To perform a search where the result might exceed this number of objects, the client must specify the paged search control. This is to group the returned results in groups that are no larger than the MaxPageSize value. To summarize, MaxPageSize controls the number of objects that are returned in a single search result. |
Extracted from https://support.microsoft.com/en-us/kb/315071
Workaround
- Increase MaxPageSize in Active Directory
- review and update the MaxPageSize in Windows AD. Followed this documentation (https://support.microsoft.com/en-us/kb/315071)
- reconnect Bamboo with LDAP by selecting Custom user repository under Bamboo administration >> Security >> User repositories
- search for users by hitting http://localhost:8085/admin/user/viewUsers.action?usernameTerm=&fullnameTerm=&emailTerm=&startIndex=1190 in the web browser.
As a result, Bamboo listed the users up until ~1200.
- review and update the MaxPageSize in Windows AD. Followed this documentation (https://support.microsoft.com/en-us/kb/315071)
- Connect LDAP to Crowd/JIRA and connect this with Bamboo instead
