Problem

When setting up Confluence with External Directory, it is expected to have all users meeting the filter to be synchronized into Confluence completely.

However, the successful directory synchronization only synced a certain portion of users into Confluence instead.

Diagnosis

Environment

 External Directories below are known to have a limitation of search limit:

• Oracle Sun ONE Directory
• OpenLDAP
• Jump Cloud LDAP-as-a-Service

Diagnostic Steps

• Synchronization log looks fine in the atlassian-confluence.log with no failure log

• However, the synchronization log appears to found a hard limit for the number of users to be synced (eg: 500, 2000, 10000, etc..) like the examples below:

  Sun ONE Directory

  2018-04-02 21:33:40,707 Caesium-2-4 INFO [directory.ldap.cache.RemoteDirectoryCacheRefresher] found [ 2000 ] remote users in [ 2284 ms ]

  Or
  
  

  Open LDAP

  2017-11-13 06:45:45 ... [c.a.c.d.ldap.cache.RemoteDirectoryCacheRefresher] found [ 500 ] remote users in [ 41 ms ]

  Or
  
  

  Jump Cloud

  2018-07-25 18:53:37,120 INFO [Caesium-1-3] [directory.ldap.cache.RemoteDirectoryCacheRefresher] findAllRemoteUsers found [ 10000 ] remote users in [ 16444 ms ]

Cause

There is some limitation from the LDAP that limits the number of users to be searched thus not all users within the filter will be synchronized to Confluence.

Resolution

Depends which LDAP you are using, look for the limitation that is applied and make the adjustment accordingly.