One more note, this only happens in 1.2.5 versions, not in 1.1.3 (we have servers with two different versions). El 1 de julio de 2010 15:00, Juan Asensio S?nchez <okelet at gmail.com>escribi?: > Hi > > We have just realized that our servers are ignoring the parameter > nsslapd-sizelimit. If we do a search of the entire directory (about 50000 > entries), we have a size limit exceeded: > > # ldapsearch -H ldaps://localhost -x -LLL -b "dc=XXXXX,dc=es" -D > "uid=XXXXX,ou=XXXXX,o=XXXX,dc=XXXX,dc=es" -W > [....] > Size limit exceeded (4) > > > These are the messages in the access log: > > [01/Jul/2010:14:53:35 +0200] conn=376 fd=78 slot=78 SSL connection from > 127.0.0.1 to 127.0.0.1 > [01/Jul/2010:14:53:35 +0200] conn=376 SSL 256-bit AES > [01/Jul/2010:14:53:35 +0200] conn=376 op=0 BIND > dn="uid=XXXX,ou=People,o=XXXX,dc=XXXX,dc=es" method=128 version=3 > [01/Jul/2010:14:53:35 +0200] conn=376 op=0 RESULT err=0 tag=97 nentries=0 > etime=0 dn="uid=XXXX,ou=XXXX,o=XXXX,dc=XXXX,dc=es" > [01/Jul/2010:14:53:35 +0200] conn=376 op=1 SRCH base="dc=XXXXX,dc=es" > scope=2 filter="(objectClass=*)" attrs=ALL > [01/Jul/2010:14:53:38 +0200] conn=376 op=1 RESULT err=4 tag=101 > nentries=2000 etime=3 > [01/Jul/2010:14:53:42 +0200] conn=376 op=2 UNBIND > [01/Jul/2010:14:53:42 +0200] conn=376 op=2 fd=78 closed - U1 > > > Although we have configured a size limit of 50000: > > # egrep > "(^nsslapd-sizelimit:|^nsslapd-idlistscanlimit:|^nsslapd-lookthroughlimit:)" > /etc/dirsrv/slapd-pruebas/dse.ldif > nsslapd-sizelimit: 50000 > nsslapd-lookthroughlimit: 50000 > nsslapd-idlistscanlimit: 50000 > > Any idea about what is happening? > > Regards. > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.fedoraproject.org/pipermail/389-users/attachments/20100701/c1a565dd/attachment.html
