AD does not give all users of the group, what could be the problem?

M

mr.bob2021-11-17 14:20:09

Active Directory

mr.bob, 2021-11-17 14:20:09

We have Bitrix24 in which AD / Ldap is configured.
During authorization, it finds the user using AD and adds it to Bitrix24.
The problem is in the import now, it is when requesting from the Bitrix24 server to ad that the request (&(objectClass=user)(objectCategory=PERSON)) gives an empty response.
If you do a pointwise search, then the search returns the result with the query.
In powershell, when requesting to get all users, it gives all the data, i.e. the result is not empty.
I understand that the problem is in the rights settings or the rights policy? Where can I set this up?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

M

mr.bob, 2021-11-20
@kzk8888

Answer
The problem was still with AD, or rather, in the number of elements on the page and the requested fields from AD.
The number of elements on the page was reduced to 10 and the fields were limited to 5-6 necessary ones, the photo field was removed from the request, the data went. Also memory_limit had to be increased. 256MB was not enough for the process.
To import photos, I wrote a separate handler, which for each user, if there is no photo, goes to AD and imports the photo.