Re: ldapsearch fail with Active Directory...

[Patrick GELIN <patrick.gelin@free.fr>]

Le sam 18/10/2003 à 04:34, Kurt D. Zeilenga a écrit :
> At 05:11 AM 10/17/2003, Patrick Gelin wrote:
> >Hi,
> >
> >openldap: v 2.1.21-1 with RedHat 9.0
> >Active Directory: v 5.2.3790.0 (windows 2000)
> >
> >I'm using this command with an Active directory server (there is
> >approximately 40000 users):
> >
> >ldapsearch -W -x -z 10000 -b "dc=rpn,dc=ch" -D "cn=Utilisateur
> >LDAP,cn=Users,dc=rpn,dc=ch" -h rpndc1.rpn.ch -p 3268
> >
> >And the result finish with:
> >
> ># search result
> >search: 2
> >result: 4 Size limit exceeded
> > 
> ># numResponses: 1001
> ># numEntries: 1000
> 
> Since the number of entries is not greater than the client provided
> limit, a server limit must have been enforced a more restrictive
> limit.
> 
I'm not sure to understand...You think this is a server limit. So there
is more than one because I know the administrator, he explained me he
fixed the limit to 30000... So 30000 will be a total limit and 10000
will be a page limit? (I don't know haw Microsoft Active Directory
clients work but I used to get the full list of the AD content with more
than 30000 items...)

Is it possible to ask openldap get [0..500] then [501..600]... etc?

> BTW, limits in the client's ldap.conf are not used where explicit
> limits have been specified (as you did with -z).
> 
> >So why there is this limit? I know this Active Directory server limit is 30
> >000.
> 
> It's somewhere in your server.  Suggest you take follow-ups to an
> AD-specific forum. 
> 
> Kurt
> 
> 
> 
>