Snipe-it: LDAP Sync time out with HTTP error 500

Created on 4 Mar 2017  路  8Comments  路  Source: snipe/snipe-it

Expected Behavior (or desired behavior if a feature request)

LDAP User Sync imports all users after clicking "Synchronize" successfully

Actual Behavior

After clicking synchronize, HTTP Error 500 is returned after few seconds. No users were imported from AD server. There are around 1500 users in multiple OU's.
Base DN configured with OU containing few users are imported successfully. But import fails when I try to import large number of users. Also tried increasing php memory and solutions mentioned in similar issues posted earlier but not successful. Log is attached.
laravel.txt

Please confirm you have done the following before posting your bug report:

Snipe-IT 3.6.4 build 12 (gf7e4fca)
Ubuntu 14.04.5 LTS, NGINX 1.4.6
Snipe-IT manual installation

  • WITH DEBUG TURNED ON
  • Import LDAP User Sync page. Error occurs after clicking "synchronize"
picture sydit

Most helpful comment

Resolved by changing LDAP filter.

picture sydit on 3 Apr 2017
👍2

All 8 comments

Still waiting for help :(

sydit picture sydit on 22 Mar 2017

Resolved by changing LDAP filter.

sydit picture sydit on 3 Apr 2017
👍2

sydit,

currently I'm facing the same issue, could you share your LDAP filter?

Thanks

dvogelho picture dvogelho on 31 Jan 2018

capture

sydit picture sydit on 1 Feb 2018
👍1

Thanks, unfortunately your ldap filter is also not working. Still get a HTTP Error 500

[Thu Feb 01 12:09:58.239040 2018] [:error] [pid 2242] [client 10.17.228.203:53146] PHP Fatal error: Allowed memory size of 524288000 bytes exhausted (tried to allocate 20480 bytes) in /var/www/html/snipeit/vendor/laravel/framework/src/Illuminate/Foundation/Bootstrap/HandleExceptions.php on line 122, referer: https:/myhost/users/ldap

dvogelho picture dvogelho on 1 Feb 2018

When you're running into memory issues with PHP, you need to either allocate more memory to the PHP process, or further restrict your LDAP filter. That LDAP import is trying to do a LOT of things, and if you have an OU that has thousands and thousands of entries, it can run out of memory to perform those actions. Handling them in smaller chunks or increasing PHP's allocated memory is the only solution.

snipe picture snipe on 1 Feb 2018

That's true we have around 42 OUs, about 40k - 50k AD user objects.
I have also add the LDAP search path to the location, but the settings seems to be ignored, because the TCP dump shows the bind request and is starting at the root domain instead of the defined search path set for this location. We also tried to increase the PHP memory limit to 512M, but it's still failing.
I have set the LDAP filter to "&(objectCategory=user)(objectClass=user)(memberOf=CN=EMEA-G-ORG-SnipeIT\20Users,OU=Organizational,OU=Groups,DC=emea,DC=tpg,DC=ads)" to get the users from this single group and this is working fine.

dvogelho picture dvogelho on 2 Feb 2018

Dear @dvogelho ,

where I can find the below details.could you please tell me about the fields and values.
"&(objectCategory=user)(objectClass=user)(memberOf=CN=EMEA-G-ORG-SnipeIT\20Users,OU=Organizational,OU=Groups,DC=emea,DC=tpg,DC=ads)"

ziyaul121 picture ziyaul121 on 20 Mar 2018
Was this page helpful?
0 / 5 - 0 ratings

Related issues

Rungea96 picture Rungea96  路  4Comments
anilp78 picture anilp78  路  4Comments
snipe picture snipe  路  3Comments
alextheberge picture alextheberge  路  4Comments
Neor5804 picture Neor5804  路  3Comments