Re: [389-users] bypassing limits for persistent search and specific user

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 03/13/2012 05:09 PM, Petr Spacek wrote:

Hello list,
I'm looking for way how to bypass nsslapd-sizelimit and nsslapd-timelimit for persistent search made by specific user (or anything made by that user).
Please, can you point me to right place in documentation about persistent search/user specific settings in 389? I googled for a while, but I can't find exact way how to accomplish this.
I found attributes nsSizeLimit and nsTimeLimit in http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/9.0/html-single/Schema_Reference/index.html#nsPagedSizeLimit , but I'm not sure how to deploy them. 


If bypassing is not possible in 389:
Is there any way how to enumerate all records from given subtree part-by-part? (My guess: VLV or something similar.)
I know only basics about persistent search and next to nothing about VLV, so sorry if I'm completely wrong. 


--- Background / why I needed this / long story ---
FreeIPA project has LDAP plugin for BIND. This plugin pulls DNS records from LDAP database and populates BIND's internal memory with them. (Homepage: https://fedorahosted.org/bind-dyndb-ldap/)
This plugin can use persistent search, which enables reflecting changes in LDAP inside BIND immediately.
At this moment, plugin after start do persistent search for all DNS records. This single query can lead to tens of thousands records - and of course fails, because nssldapd-sizelimit stops that.
Another problem arises with databases smaller than sizelimit - query is ended after timelimit and has to be re-established. It leads to periodical re-downloading whole DNS DB. 

Question is:
 It's possible to bypass limits for this connection/user
OR
 plugin is completely broken by design?
Not specifically for persistent search - see http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/User_Account_Management-Setting_Resource_Limits_Based_on_the_Bind_DN.html 


Thanks for you time.

Petr^2 Spacek  @  Red Hat  @  Brno office
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users


--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux