Authentication

 
 
Picture of Eric Lopez
new users on ldap Sync
 
I have LDAP authentication setup, is working great. I have a few questions:

1. My user database has over 80K records, the ldapserver is setup to return 5k records at a time, is the auth_ldap_sync_users.php script getting all the users or stopping after the first 5k???

2. If there's a new record on the LDAP directory, is the auth_ldap_sync_users.php going to create that new record automatically on moodle's database?

I run the script already, it took a few hours and got no errors but after comparing the user list it wasn't up to date.
Thanks in advance,
eric.
 
Average of ratings: -
Picture of Eric Lopez
Re: new users on ldap Sync
 
It does get through all my records, that answers no.1.
About nubmer 2, It looks like it does a begin sql and holds all the transactions till the end and then it doesn't get done.
BTW, now I am getting "suspended user # id #" for every record when I run the script. why is it doing that, I check the records but is not deleting them....

 
Average of ratings: -
Picture of Eric Lopez
Re: new users on ldap Sync
 
ok, I got a littel bit further, Apparently the ldap server only returns 5000 records and the sync script assumes that's all the users we have ;(
...
+ 1 users
+ 1 users
Got 5000 records from LDAP
User entries to remove: 81331


I am sure there's someone who has already been through this, thanks in advance for your help!
eric.

 
Average of ratings: -
Picture of Iñaki Arenaza
Re: new users on ldap Sync
Group DevelopersGroup Documentation writersGroup Particularly helpful Moodlers

This is a know limitation of the PHP LDAP module: it can't use result pagination, so you need to retrieve the whole lot in a single query. Thus the Moodle LDAP code currently assumes that you get all the user list in your single query, and acts accordingly.

There is an open bug in the PHP bug tracker (even with a patch) to address this limitation, but it's still unfixed (after nearly nine moths). This is the URL of the bug: http://bugs.php.net/?id=42060

Until this is fixed, the only workaround for this is returning the 80,000 users at once if your server is able to cope with it.

Saludos. Iñaki.

 
Average of ratings: -
Picture of Eric Lopez
Re: new users on ldap Sync
 
Mil Gracias!
Good to know some one is reading my posts... My Apache server is running on a dedicated machine but it i am affraid is too old to execute a search this big. I did found your thread about adding the paged result functionality to PHP so that it could be used with M$AD. should it work with OpenLDAP?
Eric.
 
Average of ratings: -
Picture of Iñaki Arenaza
Re: new users on ldap Sync
Group DevelopersGroup Documentation writersGroup Particularly helpful Moodlers

That functionality is not dependant on the LDAP server version, as long as it supports the Paged Results extension (and OpenLDAP has supported it for a long time).

Saludos. Iñaki.

 
Average of ratings: -