There's no such possibility, since it makes little sense. The only solution I see, since limits are per-database, consists in putting that subtree into a separate database, and glue it together to the rest using the "subordinate" directive. As an alternative, I suggest you use the limits as defined in slapd.conf(5); in that case, your application needs to bind. If your concern is about security, then don't give other privileges to that identity except the possibility to overcome the default limits.Sure, I can use that to set a limit for a user but this application needs
to bind anonymously (or the equivalent of anonymous, since the
credentials would have to be public).
I couldn't find anything in the limits directive that would let me specify a part of the directory to set the limit on. Something like: When searching the directory, return only 1 result. Unless searching ou=people, then return all results.
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.n.c. Via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ------------------------------------------ Office: +39.02.23998309 Mobile: +39.333.4963172 Email: pierangelo.masarati@sys-net.it ------------------------------------------