[Date Prev][Date Next]
sizelimit doesn't seem to be reflected into "ldap" backends?
- To: email@example.com
- Subject: sizelimit doesn't seem to be reflected into "ldap" backends?
- From: Jason Haar <Jason.Haar@trimble.co.nz>
- Date: Sat, 06 Feb 2010 10:53:38 +1300
- Organization: Trimble Navigation Ltd
- User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:188.8.131.52) Gecko/20100120 Fedora/3.0.1-1.fc12 Lightning/1.0b2pre Thunderbird/3.0.1
I'm wanting to use slapd as a "LAF" - LDAP Application Firewall - to
filter and log calls to our backend Active Directory LDAP network.
I've just slapd doing the job just fine - except that it can't return
large LDAP data dumps... If I use "ldapsearch -E pr=900/noprompt"
directly against an AD LDAP server, I can get it to dump everything.
However, if I do the same command against a slapd proxy, I get the "size
exceeded" error message. It appears slapd doesn't understand this
extension, and isn't passing it on to the backend?
Any ideas how I could get around this, besides saying we need to touch
our AD to get rid of the size limit (I've already thought of that :-)
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1