[Date Prev][Date Next] [Chronological] [Thread] [Top]

Dumping the database as root

[i'm continuing this thread in openldap-devel]

In article <Pine.GSO.4.10.9905041921560.7643-100000@avarice.nepean.uws.edu.au> you write:
> > 				Since every object has to have an
> > objectclass, this essentially returns you the entire database that is
> > visible (based on your access rules) to an unauthenticated login.
> ...up to the search maxlimit defined in the server (by default, 500?).  :-)

This reminds me of a problem : when I have to dump a database, I first
considered using ldbmcat but this is not acceptable because it returns
the entries in a semi-random order, which makes it impossible to rebuild
the database (I can elaborate, but the problem seems to be that if you
do an ldif2ldbm on an unordered (ie not with parents before children),
the id2children index is not built correctly and I can't do 'sub' or
'one' searches).

So I use ldapsearch -D rootdn -w secret '(objectclass=*)' which returns
all the base, in correct order. Except that it returns only maxlimit

Would it make sense to ignore maxlimit when binding as root ?