When there are over a million LDAP records, ldap_get_next_page() error: (Timeout) when searching for LDAP users. If we select File -> New contact from LDAP and use % in the Last Name field and hit search sometimes it results in a CGI Timeout

Document ID : KB000050322
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

When there are over a million LDAP records, ldap_get_next_page() error: (Timeout) (userid LIKE 'XYZ%') when searching for LDAP users. If we select File -> New contact from LDAP and use % in the Last Name field and hit search sometimes it results in CGI Timeout Error and at times it lists all the LDAP records.

Solution:

This may happen when using Active Directory.

In which case, the following steps may resolve the issue.

By Default the ldap.maj file contains the lines below:

OBJECT ldap LDAP {
    ATTRIBUTES LDAP_Entry{
                 userid          uid,sAMAccountName,pzUserName STRING ;
 
Create a ldap.mod file under $NX_ROOT\site\mods\majic folder
OBJECT ldap LDAP {
    ATTRIBUTES LDAP_Entry{
                MODIFY ldap userid  sAMAccountName;   //taking only SAM Account Name
                                     }
                         }

Recycle the Service Desk Services and retest the LDAP search or import.