Something I've been wondering about: It seems like nsslapd-lookthroughlimit and nsslapd-sizelimit effectively do the same thing, but just return a different error code. If nsslapd-lookthroughlimit is lower, the error code is 11 and the error message is: ldap_search: Administrative limit exceeded If nsslapd-sizelimit is lower, the error code is 4 and the error message is: ldap_search: Sizelimit exceeded I've read the description of both of these variables many times in the documentation, and I think I understand the theoretical difference. But in practical terms, it still seems like whichever has the higher value will never have an effect, since the lower limit on the other is always hit first. Can anyone describe a practical situation where both the lookthrough and size limits would come into play? Is there any particular reason to prefer one or the other to enforce maximum search result limits? Thank you! -- George