Security
Highlighted

LDAP with more then 1000 groups

Explorer

Hi,

I have a problem with a LDAP configuration I know there is a limit by 1000 users so I have change the following configuration

authentication.conf
sizelimit = 10000

limits.conf
[ldap]
maxusersto_precache = 10000

but it looks like this hasn´t impact of the max size of groups because it stops every time at 1000 groups.

Any ideas what to do?

Michel

Highlighted

Re: LDAP with more then 1000 groups

Path Finder

Have you tried

groupBaseFilter =

or in the GUI under Settings > Access Controls > Authentication method > LDAP settings > LDAP strategy name > Static group search filter

The LDAP search filter used to retrieve static groups. Highly recommended if you have a large amount of group entries under your group base DN. For example, '(department=IT)'

0 Karma
Highlighted

Re: LDAP with more then 1000 groups

Explorer

what is group itself is having 5000 users? Filters will not work

0 Karma
Highlighted

Re: LDAP with more then 1000 groups

New Member

Any news on this? I just ran into the same problem.

We have more than 1000 groups. The one I need to configure isn't in the first 1000 returned. Perhaps if the 'Map Group' page used the search term to filter the query it sent to ldap?

(the static group search term doesn't help, unless we go through and flag all the groups that might be used by Splunk with something, which isn't something I can manage soon.)

0 Karma