[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: draft admin guide

To: openldap-devel@OpenLDAP.org
Subject: Re: draft admin guide
From: Jason Townsend <jtownsend@apple.com>
Date: Sun, 21 Sep 2003 13:10:58 -0700
In-reply-to: <242223358.1063785015@cadabra-dsl.stanford.edu>
References: <OF315415AD.0BE6C6E4-ON85256DA4.004A0EE1-85256DA4.004AB534@us.ib m.com> <242223358.1063785015@cadabra-dsl.stanford.edu>

On Sep 17, 2003, at 7:50 AM, Quanah Gibson-Mount wrote:

I've verified that ldap/ldap-dev2 has full read access into the master.

What I see is (a little edited) on the master:

ACCEPT
BIND
SEARCH
BIND authcid="ldap/ldap-dev2.stanford.edu@stanford.edu"
SRCH BASE="dc=stanford,dc=edu"
SRCH attr="objectClass structuralObjectClass entryCSN"
SEARCH RESULT tag=101 err=4 nentries=500 text=


It seems that the search is subject to the sizelimit.
add
        sizelimit -1            (or appropriate number)
to the slapd.conf of the provider.

I think we should make sure this is noted in the Admin Guide then. ;)

It would be very useful to allow the sizelimit to vary based on the DN/group which is doing the search... then you could limit the ordinary users from loading all the records, but allow the LDAP Sync replicas or administrators to do this sort of thing.

-Jason

Follow-Ups:
- RE: draft admin guide
  - From: "Howard Chu" <hyc@highlandsun.com>

References:
- Re: draft admin guide
  - From: Quanah Gibson-Mount <quanah@stanford.edu>

Prev by Date: BDB index keys
Next by Date: RE: draft admin guide
Index(es):
- Chronological
- Thread