[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: 8 principal limitation in openldap

I could be corrected if I'm wrong, but this problem is not related to OpenLDAP. It's a nss_ldap problem.
nss_ldap is a client library that's used by linux vendors to achieves seamless integration of users against *a* LDAP server.

I had a similar problem with a complex configuration and bypassed (not solved) the problem by modifying my client configuration.

I reduced the number of ldap server configured to be accessed: from 4 to 3.
I reduced the number of users defined in nss_initgroups_ignoreusers directive: i had about 40 listed in it...


Make some tries and tell me if you can solve it.


On Thu, Mar 24, 2011 at 9:25 PM, Srivatsav M <srivatsav.mudumba@gmail.com> wrote:

We are using OpenLDAP for authenticating users registered in a LDAP server (Open LDAP, Active Directory). After adding 8 principals (/etc/ldap.conf), none of the users registered in the /etc/ldap.conf file are able to login.

nss_base_passwd OU=engg,DC=mycompany,DC=region,DC=someplace,DC=myarea,DC=compname,DC=parentcompname
nss_base_shadow OU=engg,DC=mycompany,DC=region,DC=someplace,DC=myarea,DC=compname,DC=parentcompname

Can you please share the reason for this 7 limitation in the open ldap library. or how I can fix this issue. I am looking i for the header file in the source files whhich has this constant or limitation defined.

 Tried googling, but it appears that no one has encountered this issue. Some customers are running into this issue and it has become a severity 1 issue to fix.


Non è forte chi non cade, ma chi cadendo ha la forza di rialzarsi.
                    Jim Morrison