Zentyal Forum, Linux Small Business Server
Zentyal Server => Installation and Upgrades => Topic started by: mgiammarco on October 30, 2012, 11:55:49 pm
-
Hello,
I am using zentyal 3.0 and bulk creating 1283 students with the perl script in your wiki.
After a bit the perl script starts giving this error: "Maximum number of users reached".
Why? Is there a user limit?
Please help me!
Mario
-
Nobody replies?
So I have to assume that community edition is "crippled"?
-
What if you try to add some more accounts manually ?
-
What if you try to add some more accounts manually ?
Just tried it does not work too. I get a blank page reply and the user is not added to zentyal.
-
Thank you.
1 - How many accounts have been successfully created so far?
2 - let's wait for Zentyal team to tell us whenever such limit exists or not. I really don't know :-[
-
As per:
http://forum.zentyal.org/index.php?topic=10230.0
There doesn't seem to be a limit.
-
I have created 472 users.
-
Have a look here: http://trac.zentyal.org/ticket/5141
On OpenLDAP default sizeLimit value is 500. If you need to modify this value use custom templates for that or change that directly on slapd config backend. You can find more information about this in the forum.
-
Have a look here: http://trac.zentyal.org/ticket/5141
On OpenLDAP default sizeLimit value is 500. If you need to modify this value use custom templates for that or change that directly on slapd config backend. You can find more information about this in the forum.
Great!
I am trying it now. Unfortunately I am not able to find the username and password for cn=config tree to add the sizelimit property.
Thanks again,
Mario
-
Great!
I am trying it now. Unfortunately I am not able to find the username and password for cn=config tree to add the sizelimit property.
Thanks again,
Mario
OK now I have put in my ldap on port 390 "olcSizeLimit" = 20000.
But I have the same result: Maximum number of users reached
May I ask you if someone has tested zentyal 3.0 with more than 500 users?
Can I try to reinstall some package?
-
I am debugging User.pm
It does:
1) tries to find the first freeuid in system (or ldap??) users
2) if it is greater than 65534 it complains that there are too many users
But:
1) In my ldap I see that most users have an uid very high: greater than 50000
2) in /etc/passwd I see that there is an user nobody with uid 65534
What's happened? Can I delete user nobody? What can I try?
Thanks again,
Mario
-
I have not yet finished the debugging.
Now I have found that I have several users with UID greater than 100000.
Please note that I have installed zentyal 3.0 from scratch, updated it, configured the domain and then immediately added users.
How is possible that I get this error?
-
I have started from scratch with a new installation of zentyal and I get the same problem.
Looking at the last inserted name I see that it has a space in the username.
Is possible that a space in username makes the uid greather than 65535 so next names cannot be inserted?
Mario
-
Although this is now widely supported (including Ubuntu), still some (old) Unix platform do not support login with space in the middle.
Use of RFC2307bis permits it ;)
This say, I don't know if it can generate any issue with [uidnumber] (BTW, [uid] is something else ;) ) but I believe that testing should be quite easy.
Can you try to import only users with not space in their [uid] (which is hat GUI call "user name")?
-
No, the problem is that the algorithm that finds the uid is very naive and cannot reuse holes in the assigned UIDs so theUID number used by the next user will be the maximum UID + 1. Can not change the UIDs of your users in the file your feed to the script?
-
Thank for replies.
I have just stripped spaces and unfortunately the result is the same :-(
I do not understand the algorithm. If it takes MAX+1 and not reuses ids anyway I start with an empty ldap and I mass insert 1000 users. Last id should around 1000-2000 not 65000, right?
Thanks for your interest.
Mario
-
yes and no. I mean that you can't (should not) start with first uidnumber = 1.
This aside, you're pretty right: importing 1000 accounts should not generate high uidnumbers if algorithm is "higher + 1"
-
Can not change the UIDs of your users in the file your feed to the script?
I do not send uid to zentyal, only name, login and few other things. I have tried to manipulate by hand with directorystudio the uid greater than 100000 but without luck. I modified ldap on port 390 it seems that I should also modify ldap on port 389. But I have no password for it.
-
Ok looking at source code I have found the way to pass user id when inserting users.
So I have added about 1300 users from 2000 to around 3300.
But guess what? From web interface I cannot add users anymore because I have again maximum numbers of users reached.
So the situation is this:
1) I install zentyal, and configure default user
2) I add 1300 users
3) I try to add a windows client to domain and I discover that default user has disappeared. I mean that it can be used only to login in zentyal and not as a domain admin. It also does not appear anymore in the users list.
4) I have to add another domain user to add windows client. I have to add it via perl script specyfying an id because adding via web interface does not work anymore.
May I ask you if anyone is using zentyal with more than.... 100 users?
Thanks,
Mario
-
What is "default user" ?
Zentyal admin account you created during installation process?
-
What is "default user" ?
Zentyal admin account you created during installation process?
Yes
-
I'm surprised because I don't think (I might be wrong however) that such account ever appeared in user list.
This is a local account (at OS level) not LDAP account.
It aims at managing Zentyal.
This is perhaps different with Zentyal 3.0 but I doubt: local account is required in order to access Zentyal before you start configuring accounts.
-
I'm surprised because I don't think (I might be wrong however) that such account ever appeared in user list.
Ok if this is a chosen behaviour all is fine.
Anyway the crazy uid number problem persists.
I do not understand the algorithm.
I supposed that, if my last user inserted was 2300, the web interface will insert new user as 2301.
-
I never looked at the algorithm use to generate "uidnumber" and would not care that much until this is proven that issue you face with account limitation is due to this algorithm.
Problem, unless I misunderstand your explanations, is that your are testing in different direction which makes, at least form my side, things a bit confused.
What I would like to understand is whenever there is any limitation when you create accounts, either manually or using script.
When I say account, I mean Zentyal basic account.
If "file sharing" module is installed, this should also create accounts in the "Samba LDAP" repository.
Then "adding account" to Zentyal "domain" (Samba DC) which is in fact also having new workstation joining this domain, is another topic.
-
How can I reply.
Use case: use zentyal as windows domain controller. Too many users to add one by one.
Solution: install zentyal with file sharing module. Use the perl script in zentyal web site to mass add users.
Result: it does not work: error "maximum number of users reached". Cannot add other users with script or web interface.
Debug: some users get a crazy uid greater than 100000.
Tried work around: modify script to force uid (after reinstalling from scratch).
Debug: insert users with web interface still not working.
Mario
-
Your explanation is clear and it looks like a bug.
Why not, if not already done, creating ticket where you can explain the very detail of what you did as workaround ?
-
Usually before opening a bug I ask the forum.
Now I go and open it.
Thanks,
Mario
-
As I told in the ticket I was under the false impression that only around 100 users were added so I thinked it was a uid problem. But if they are 500 users or so ther is the LDAP max search default value. The ticket URL: http://trac.zentyal.org/ticket/5665#comment:1
-
Sure but sizelimit is now supposed to be 20000 according to previous post in this thread ;)
Is this sizelimit value something you may erase and replace when Zentyal restarts (which mean something slightly more complex than changing cn=config) ???
-
In any case, why you do not try to insert 1000 users in zentyal?
Use the perl code in the wiki and try yourself.
Thank you very much again.
Mario
-
I am deeply debugging this thing.
I have written a perl script that writes usernames and uidnumbers of the users I have inserted in the ldap port 390.
Now I have inserted them starting from uid 2000.
Now I see that their uids are magically changed and now they are in the range of 50000-300000.
How can happen this thing? Maybe it is a problem in the synchronization between ldap on 390 and ldap on 389?
Please help me, this thing is not correlated to sizelimit.
Mario
-
The question is: how is possible that an user, inserted with uid 1300 now has magically uid 250000?
-
I need to continue this thread even if the bug has closed.
Now I can add as many users I need. But the permissions of their homes are wrong.
Infact if I log with an user (student) he cannot see his home.
To make a quick workaround I add all users in a group "studenti" and then I gave the group studenti read/write access to "/home". Please note that I used gui, not "chmod" or "setfacl" tools.
Now each student can r/w his home, but unfortunately can r/w other homes too.
What can I do?
Please help me,
Mario