[389-users] bypassing limits for persistent search and specific user
Petr Spacek
pspacek at redhat.com
Wed Mar 14 13:42:49 UTC 2012
Hello,
On 03/14/2012 12:16 AM, Nathan Kinder wrote:
> On 03/13/2012 04:09 PM, Petr Spacek wrote:
>> Hello list,
>>
>> I'm looking for way how to bypass nsslapd-sizelimit and
>> nsslapd-timelimit for persistent search made by specific user (or
>> anything made by that user).
... snip ...
On 03/14/2012 12:16 AM, Nathan Kinder wrote:
> On 03/13/2012 04:09 PM, Petr Spacek wrote:
>> It's possible to bypass limits for this connection/user
> I think setting the limits based on your bind DN should work.
I did some testing and converged to this setting:
nsIdleTimeout, nsLookThroughLimit, nsSizeLimit, nsTimeLimit set to -1,
so limits are disabled for specific user.
Is there any potential problem with this, if user is trusted? (It's LDAP
server <-> DNS server "pipe".)
Are there some limits which should not be bypassed? :-)
Expected use case has 1 LDAP to 1 DNS ratio.
Thanks for your time.
Petr^2 Spacek
More information about the 389-users
mailing list