On Wed, Jul 19, 2006 at 03:36:43PM -0700, Quanah Gibson-Mount wrote: > > > --On Wednesday, July 19, 2006 9:14 PM +0200 Matthijs Mohlmann > <[EMAIL PROTECTED]> wrote: > > > > >I've tried this example on a freshly install of slapd but I still can't > >get that to work. Do you have some pointers to get some more information > >about the parameter. > > > >I tried this: > >limits users time.soft=unlimited time.hard=unlimited size.soft=1 > >size.hard=1 limits anonymous time.soft=unlimited time.hard=unlimited > >size.soft=1 size.hard=1 > >limits dn.exact="cn=test,dc=cacholong,dc=nl" time.soft=unlimited > >time.hard=unlimited size.soft=1 size.hard=1 > > Okay, I just tried: > > limits dn.exact="uid=cadabra,cn=accounts,dc=stanford,dc=edu" > time.soft=unlimited time.hard=unlimited size.soft=10 size.hard=10
This is what i have just tried --slapd.conf -- sizelimit 1000 limits dn.exact="cn=Global Address Book Admin,ou=Roles,dc=samad,dc=com,dc=au" time.soft=unlimited time.hard=unlimited size.soft=10 size.hard=10 [EMAIL PROTECTED]:~/documents/Contacts$ ldapsearch -v -x -D "cn=Global Address Book Admin,ou=Roles,dc=samad,dc=com,dc=au" -w xxxxx -b "ou=Global Address Book,dc=samad,dc=com,dc=au" dn | tail ldap_initialize( <DEFAULT> ) filter: (objectclass=*) requesting: dn # search result search: 2 result: 0 Success # numResponses: 690 # numEntries: 689 and this --slapd.conf -- limits dn.exact="cn=Global Address Book Admin,ou=Roles,dc=samad,dc=com,dc=au" time.soft=unlimited time.hard=unlimited size.soft=10 size.hard=10 [EMAIL PROTECTED]:~/documents/Contacts$ ldapsearch -v -x -D "cn=Global Address Book Admin,ou=Roles,dc=samad,dc=com,dc=au" -w xxxxx -b "ou=Global Address Book,dc=samad,dc=com,dc=au" dn | tail ldap_initialize( <DEFAULT> ) filter: (objectclass=*) requesting: dn # search result search: 2 result: 4 Size limit exceeded > > where "cadabra" is a test account of mine, and I hit the sizelimit > restriction immediately: > > # search result > search: 5 > result: 4 Size limit exceeded > > # numResponses: 11 > # numEntries: 10 > > So it stopped after returning 10 entries, just like it should. > > I then changed the line to: > > limits users time.soft=unlimited time.hard=unlimited size.soft=10 > size.hard=10 > > restarted slapd, and again, hit the same limit: > > # search result > search: 5 > result: 4 Size limit exceeded > > # numResponses: 11 > # numEntries: 10 > > So again, the line worked. > > Then, I tried: > > limits users time.soft=unlimited time.hard=unlimited size.soft=1 size.hard=1 > > stopped slapd, restarted, and again, I hit the correct limit: > > # search result > search: 5 > result: 4 Size limit exceeded > > # numResponses: 2 > # numEntries: 1 > > > > Then, I tried: > > limits users time.soft=unlimited time.hard=unlimited size=1 > > restarted slapd, and again I hit the correct limit: > > # search result > search: 5 > result: 4 Size limit exceeded > > # numResponses: 2 > # numEntries: 1 > > > So using OpenLDAP 2.3.24 (not from debian, however), it all works correctly > for me. Do debian patch before packaging ? > > --Quanah > > -- > Quanah Gibson-Mount > Principal Software Developer > ITS/Shared Application Services > Stanford University > GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html >
signature.asc
Description: Digital signature
