On 08/30/2013 01:24 PM, Wick, Samson wrote:

Running 389-ds version 1.2.2-1 (according to the rpm)

rpm -q 389-ds-base

version of 389-ds is almost meaningless

 

In attempting to stand up a new consumer in our environment, the process of allowing the supplier to initialize the consumer directly would corrupt the consumer irrevocably.

 

I have ruled out firewalls, SSL issues etc.

 

When attempting to initialize via an ldif, I get errors on three user accounts more or less identical to this:

 

WARNING: skipping entry “uid=<etc…..>” ending line 296901 of file “<path to my ldif file>”

REASON: entry too large (15503712 bytes) for the buffer size (8388608 bytes)

 

When I examine the ldif file that the supplier created, the three user objects it’s complaining about all have +/- 100,000 entries like this:

 

userPassword;vucsn-520b35cb000000010000;deleted: {SSHA256}5WJ9hosO3JO9VLa32nqxmGjn3XoShD1c1g+abekZDCFTX1MM187Bjg==

 

Each line has a different hash.  But most of the other user objects only have a couple of these lines.

 

Clearly 100k+ password changes is a little excessive and it’s something I’ll need to look into, but in the meantime, can anyone help me figure out what has caused all of these to remain in the directory, and what can I do to clean them up?

 

 

 

Thanks,

Samson

 

 



--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users