Thanks for getting back to me. Firstly, sorry for using the wrong terminology
Really grateful for your clarification.
So if I understand correctly, when it shows “1000 users” in the user tab. That is just the number from the current “filter” results and not the actual number of users the system has tokens for. If so, is there a way to show the number of users that have tokens enrolled?
Thank you so much
From: Cornelius Kölbel [mailto:email@example.com]
Sent: 14 December 2015 09:27
To: Williams Mark (EAST KENT HOSPITALS UNIVERSITY NHS FOUNDATION TRUST)
Subject: Re: Privacyidea and Active Directory limit of 1000 users
the users are not imported into privacyIDEA.
privacyIDEA performs a live query on the user store.
In the test example, privacyIDEA tries to fetch all users.
In any other case, it will try to fetch a user with sAMAccountName=mark.williams or with the DN=CN=user,CN=users,DC=nhs,DC=net.
I.e. if you see only 1000 users at this point, this does not matter. You do not want to see more than 20 or 50 users at once, anyway.
So you may simply ignore this.
If you go to the users tab, the users tab will display all users it finds, per default with the searchpattern username=* => 1000 users.
The last username to be found might be “koelbel”. No users with a letter after “k”.
If you search in the user tab and enter “will”, it will find all users with the search pattern = “will”.
Thus you will see the user “williams” and the user “godwill”.
The 1000 is no limitation by privacyidea.
Rather active directory limits the result size in certain cases by itself. You may see this in the microsoft management console ADUC snapin, which tells you: “more than 2000 users found… go on with bugging my CPU…”.
So not finding all 8721 users with the “test button” has no impact on privacyIDEA’s functionality. It rather would have an impact on privacyIDEA’s performance, if you would find all these users…
If you have any further question, please do not hesitate to drop it!
Am Montag, den 14.12.2015, 00:01 -0800 schrieb Mark Williams:
I have tried every option, but can only get 1000 users to import onto
privacyidea from active directory. It just says “found 1000” users
even though there are more users than that. I have tried with simple
and NTLM and get the same results. I have also tried changing the
size limit but again no change.
Anyone know the answer?
You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to firstname.lastname@example.org:email@example.com.
To post to this group, send email to firstname.lastname@example.org:email@example.com.
To view this discussion on the web visit
For more options, visit https://groups.google.com/d/optout.
+49 151 2960 1417
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
This message may contain confidential information. If you are not the intended recipient please inform the
sender that you have received the message in error before deleting it.
Please do not disclose, copy or distribute information in this e-mail or take any action in reliance on its contents:
to do so is strictly prohibited and may be unlawful.
Thank you for your co-operation.
NHSmail is the secure email and directory service available for all NHS staff in England and Scotland
NHSmail is approved for exchanging patient data and other sensitive information with NHSmail and GSi recipients
NHSmail provides an email address for your career in the NHS and can be accessed anywhere