GitLab

Created by: kschoenf

Hi guys, I upgraded my GitLab installation from v7.3.2 to v7.4.3 and gitlab:ldap:check no longer shows the first 100 users of my AD. The authentication against the LDAP or AD works well, so that this is only a minor problem ;-)

The problem is not really the new version of the check rake task committed with the commit da21b9e7d045a1f9b044563b62f09992ac685065, it is more the new version of the lib/gitlab/ldap/adapter.rb file in the same commit and the "wrong" usage of the size parameter in the LDAP search for the purposed use case to show only the first number of users from the LDAP or AD defined by the limit parameter.

The size parameter for the LDAP search defines only the maximum number of search entries to return. The default is zero, which signifies no limit. If the LDAP search founds more entries than the defined size parameter, the LDAP search returns an error code 4 which means Size Limit Exceeded and no entries will be returned. That's the problem. To reproduce this problem decrease only the defined limit in the check rake task to a lower number, if you have no more than 100 users in our LDAP or AD.

For the purposed use case to show only the first number of users, the usage of the size parameter is no good idea in my opinion. The size parameter should be dropped, so that no limit is defined and the hard limit of the LDAP server will be used. This is mostly 1000 entries.

To implement the purposed use case the returned entries from the LDAP search should be simply counted.

Sorry, that I don't provide a patch for this issue because I'm not so familiar with Ruby :-( but I hope this helps.

BR, Knut