On 13.10.22 11:34, Kamil Sakhabutdinov via FreeIPA-users wrote:
Hi, everybody.
I'm using FreeIPA, version: 4.6.8.
I get an error 'Size limit exceeded' when I query elements in accounts catalog
using ldapsearch or maybe some ldap client, and it shows max 2000 records.
The ipaSearchRecordsLimit in etc\ipaconfig is set to -1.
There is now nsslapd-sizelimit attribute in scheme.
Attributes nsSizeLimit, nsLookThroughLimit, nsPagedLookThroughLimit and
nsPagedSizeLimit don't have value for any user in cn=users,cn=accounts,$BASEDN.
Can you please help where more I can find attributes or any reason that can
cause this limit?
You can find the nsslapd-sizelimit in DN: cn-config. (389DS does hide
cn=config by default)
Microsoft AD seems to limit returned records to 1000 by default.
IIRC if you are using ldapsearch you can use "-E pr=5000/noprompt" if
you want to fetch 5000 entries.
In IPA there is a sizelimit parameter that can be used like this:
ipa host-find --sizelimit=5000 | grep "Host name" | cut -f2 -d":"
Cheers,
Ronald
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
