LDAP Search Fails With Error "error code 4 - Sizelimit Exceeded"
Symptoms
There are two different cases where this issue can occur;
Symptom 1: Users aren't able to login.
When integrated with SunONE LDAP Server, the following error is logged in atlassian-crowd.log file;
org.codehaus.xfire.XFireRuntimeException: Could not invoke service..
Nested exception is org.codehaus.xfire.fault.XFireFault: [LDAP: error code 4 - Sizelimit Exceeded];
nested exception is javax.naming.SizeLimitExceededException: [LDAP: error code 4 - Sizelimit Exceeded]; remaining name 'ou=xxxxx,dc=xxxxx,dc=xxx,dc=xxxxxxx,dc=xxx'
Symptom 2: Testing a Directory Connector fails!
Performing a test search in the Directory Connector Configuration tab fails with similar error.
Cause
Cause for Symptom 1.
SunONE doesn't support data paging
Cause for Symptom 2.
This is a known bug which is fixed in Crowd 2.0.3. The fix works for Connector Directories only. The Delegated Directories may present the problem but it would not impact the normal directory functioning.
Resolution
Resolution for Cause 1.
Set LDAP property search-size-limit to a higher value.
The value (the default being 2000) depends on the maximum number of elements (users, groups and roles) your Crowd server will have to fetch at once from the LDAP server.
Resolution for Cause 2.
The bug is fixed in Crowd 2.0.3, if you are affected by this issue please upgrade to the latest Crowd version.
What if these don't work?
Please have a look over this KB Unable to Log In with Confluence 3.5 or Later Due to 'LDAP error code 4 - Sizelimit Exceeded' which involves turning off paged results.