[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: per-dn limits
> Hi all
>
> I have reproduced the same behaviour with 2.4.28 on Linux and Solaris.
>
> Any chance this is a recursion/bug?
The "limits" statement is database-specific; where did you put it in
slapd.conf? It must be within the database it applies to.
p.
> krgds /markus
>
> On 11/24/11 21:23, Markus Wernig wrote:
>> Hello all
>>
>> I do not seem to be able to get per-dn limits working ...
>>
>> openldap-2.4.25 on Solaris 11 x86
>>
>> I have put the following in slapd.conf:
>>
>> limits dn.exact="cn=repl_ldap,dc=domain,dc=com"
>> size=unlimited
>> time=unlimited
>>
>> access to *
>> by dn="cn=repl_ldap,dc=domain,dc=com" read
>> ...
>>
>> (obviously the syncrepl user ;-)
>>
>> and also:
>> syncrepl rid=1
>> ...
>> sizelimit="unlimited"
>> timelimit="unlimited"
>> searchbase="dc=domain,dc=com"
>> binddn="n=repl_ldap,dc=domain,dc=com"
>>
>> on the consumer side
>>
>>
>> But the DN always gets a maximum of 500 entries, whether using
>> ldapsearch or during replication:
>>
>> # ldapsearch -x -h localhost '(objectClass=*)'
>> -D"cn=repl_ldap,dc=domain,dc=com" -W -b "dc=domain,dc=com"
>> Enter LDAP Password:XXXX
>>
>> [...]
>>
>> # search result
>> search: 2
>> result: 4 Size limit exceeded
>>
>> # numResponses: 501
>> # numEntries: 500
>>
>> While there are ~700 entries in the directory.
>>
>>
>> The same happens during replication, where only 500 entries are synced
>> to the consumer (eg. if I delete the local DB on the consumer and
>> restart slapd)
>>
>> Only if I set
>> ...
>> sizelimit unlimited
>> timelimit unlimited
>> ...
>>
>> globally in the provider's slapd.conf (i.e. before any database
>> definition), does repl_ldap receive all entries.
>>
>> Is there anything else I need to configure in order to allow the DN
>> access to all entries?
>>
>> thx /markus
>>
>> PS: I have also tried different variants of the following:
>> limits dn.exact="cn=repl_ldap,dc=domain,dc=com" time.soft=unlimited
>> time.hard=unlimited size.soft=unlimited size.hard=unlimited
>>
>
>
>