LDAP Search Fails With Error "error code 4 - Sizelimit Exceeded"
Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.
Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Symptoms
There are two different cases where this issue can occur;
Symptom 1: Users aren't able to login.
When integrated with SunONE LDAP Server, the following error is logged in atlassian-crowd.log file;
1
2
3
org.codehaus.xfire.XFireRuntimeException: Could not invoke service..
Nested exception is org.codehaus.xfire.fault.XFireFault: [LDAP: error code 4 - Sizelimit Exceeded];
nested exception is javax.naming.SizeLimitExceededException: [LDAP: error code 4 - Sizelimit Exceeded]; remaining name 'ou=xxxxx,dc=xxxxx,dc=xxx,dc=xxxxxxx,dc=xxx'
Symptom 2: Testing a Directory Connector fails!
Performing a test search in the Directory Connector Configuration tab fails with similar error.
Cause
Cause forSymptom 1.
SunONE doesn't support data paging
Cause forSymptom 2.
This is a known bug which is fixed in Crowd 2.0.3. The fix works for Connector Directories only. The Delegated Directories may present the problem but it would not impact the normal directory functioning.
Resolution
Resolution forCause 1.
Set LDAP property search-size-limit to a higher value.
The value (the default being 2000) depends on the maximum number of elements (users, groups and roles) your Crowd server will have to fetch at once from the LDAP server.
Resolution forCause 2.
The bug is fixed in Crowd 2.0.3, if you are affected by this issue please upgrade to the latest Crowd version.
What if these don't work?
Please have a look over this KB Unable to Log In with Confluence 3.5 or Later Due to 'LDAP error code 4 - Sizelimit Exceeded' which involves turning off paged results.
Was this helpful?