It could be a limit on the sizes of groups, etc in Solaris. To check to see if it's LDAP related, look at the ldap access logs for queries related to that group or coming from that machine. Anyway, 2000 I believe is the default sizelimit for searches, so look for entries with 2000 results, if it's consistently failing at 2000 users. If it's just reading the group with 2000+ static members (1 entry), then maybe reading each user individually (1 entry/search), it shouldn't hit a resource limit. But... if it reads the group, then searches for all users with that group id, or something similar, it may hit the administrative limits. For a simple test, you could up the sizelimit (say to 10000 or -1) on the directory server and see if the problem goes away. If you find something like this, there are a couple ways to fix it: 1. Up your server administrative sizelimit (to a higher number, or -1 for unlimited). This should be a last resort, since it allows anyone (even anonymous) to make unlimited size searches against your directory. If your directory is large, that could cause problems. 2. If the solaris box is binding as a particular DN to search, you can add the nsSizeLimit to that entry, and set it to a higher value (or -1 for unlimited). 3. If it binds as the end user, you can add nsSizelimit to each user that can log in. This is a bit more of a pain to do since you have to do it for all users, but is better than increasing the limit for the entire server, in general. - Jeff basile au siris wrote: > hi > i have fds 7.1 on solaris 9 and users and group stored in the directory > all works fine except for a group of more than 2000 users > when i use id or getent system did not recognize the group > maybe it s not a fds problem but if someone can give me an idea > thanks > basile > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users
