Hi, yes figured it....
even at 20000 Im still getting an administrative size limit exceeded (11) :( regards Steven Jones Technical Specialist - Linux RHCE Victoria University, Wellington, NZ 0064 4 463 6272 ________________________________________ From: Rich Megginson [[email protected]] Sent: Friday, 26 October 2012 9:44 a.m. To: Steven Jones Cc: [email protected] Subject: Re: [Freeipa-users] ipa user-find On 10/25/2012 02:37 PM, Steven Jones wrote: > Hi, > > Ive tried, > > dn: cn=default instance config,cn=config,cn=plugins > > and, > > dn: cn=default instance config,cn=config,cn=plugins,cn=config Try dn: cn=config > > and get no such object (32) > > regards > > Steven Jones > > Technical Specialist - Linux RHCE > > Victoria University, Wellington, NZ > > 0064 4 463 6272 > > ________________________________________ > From: Rob Crittenden [[email protected]] > Sent: Thursday, 25 October 2012 4:16 p.m. > To: Steven Jones > Cc: [email protected] > Subject: Re: [Freeipa-users] ipa user-find > > Steven Jones wrote: >> Hi, >> >> How do I bind as the directory manager? Ive tried and I cant figure out how. > Assuming you're running on the same host as IPA: > > $ ldapmodify -x -D 'cn=directory manager' -W > dn: cn=default instance config,cn=chaining database,cn=plugins,cn=config > changetype: modify > replace: nsslapd-sizelimit > nsslapd-sizelimit: 8000 > > ^D > > And yes, that's an extra blank line after 8000. > >> and how do I get the web ui to return all users so I can see if the winsync >> is working , its a test bed so I need to do a side by side comparison.... > You'll need to modify the size limit in the IPA configuration screen. > IPA Server -> Configuration -> Search size limit > > rob > >> regards >> >> Steven Jones >> >> Technical Specialist - Linux RHCE >> >> Victoria University, Wellington, NZ >> >> 0064 4 463 6272 >> >> ________________________________________ >> From: Rob Crittenden [[email protected]] >> Sent: Thursday, 25 October 2012 3:40 p.m. >> To: Steven Jones >> Cc: [email protected] >> Subject: Re: [Freeipa-users] ipa user-find >> >> Steven Jones wrote: >>> When doing the above it only returns 2000, I have 6000 >>> >>> How to get it to return 6000+? >> There are two size limits. One is a global limit in 389-ds-base, >> nsslapd-sizelimit which defaults to 2000. >> >> IPA has its own search limit which you can also set globally, or >> override it on the command line (which I'll do below). >> >> You'll need to bind as Directory Manager to change nsslapd-sizelimit >> then you can run: >> >> ipa user-find --sizelimit=8000 >> >> I don't believe any services need to be restarted for this to take effect. >> >> We generally discourage enumerating all entries for performance reasons >> which is why by default the IPA size limit is 100. >> >> rob >> >> >> > > > > _______________________________________________ > Freeipa-users mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/freeipa-users _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
