One more note, this only happens in 1.2.5 versions, not in 1.1.3 (we have servers with two different versions).<br><br><br><div class="gmail_quote">El 1 de julio de 2010 15:00, Juan Asensio Sánchez <span dir="ltr"><<a href="mailto:okelet@gmail.com">okelet@gmail.com</a>></span> escribió:<br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">Hi<br><br>We have just realized that our servers are ignoring the parameter nsslapd-sizelimit. If we do a search of the entire directory (about 50000 entries), we have a size limit exceeded:<br>
<br># ldapsearch -H ldaps://localhost -x -LLL -b "dc=XXXXX,dc=es" -D "uid=XXXXX,ou=XXXXX,o=XXXX,dc=XXXX,dc=es" -W<br>
[....]<br>Size limit exceeded (4)<br>
<br><br>These are the messages in the access log:<br><br>[01/Jul/2010:14:53:35 +0200] conn=376 fd=78 slot=78 SSL connection from 127.0.0.1 to 127.0.0.1<br>[01/Jul/2010:14:53:35 +0200] conn=376 SSL 256-bit AES<br>[01/Jul/2010:14:53:35 +0200] conn=376 op=0 BIND dn="uid=XXXX,ou=People,o=XXXX,dc=XXXX,dc=es" method=128 version=3<br>
[01/Jul/2010:14:53:35 +0200] conn=376 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=XXXX,ou=XXXX,o=XXXX,dc=XXXX,dc=es"<br>[01/Jul/2010:14:53:35 +0200] conn=376 op=1 SRCH base="dc=XXXXX,dc=es" scope=2 filter="(objectClass=*)" attrs=ALL<br>
[01/Jul/2010:14:53:38 +0200] conn=376 op=1 RESULT err=4 tag=101 nentries=2000 etime=3<br>[01/Jul/2010:14:53:42 +0200] conn=376 op=2 UNBIND<br>[01/Jul/2010:14:53:42 +0200] conn=376 op=2 fd=78 closed - U1<br><br><br>Although we have configured a size limit of 50000:<br>
<br># egrep "(^nsslapd-sizelimit:|^nsslapd-idlistscanlimit:|^nsslapd-lookthroughlimit:)" /etc/dirsrv/slapd-pruebas/dse.ldif<br>nsslapd-sizelimit: 50000<br>nsslapd-lookthroughlimit: 50000<br>nsslapd-idlistscanlimit: 50000<br>
<br>Any idea about what is happening?<br><br>Regards.<br><br>
</blockquote></div><br>