Hi Everyone, I am building a new LDAP v 2.4 cluster. We do not allow anonymous binds and set "sizelimit 1" for all users except our service account used for binding.
limits dn.exact="uid=important,ou=sa,dc=blah" size=unlimited time=unlimited provides the bind account unlimited results. However, for group members, I am still hitting the "sizelimit 1" when trying: limits group/posixGroup/memberUid="cn=admins,dc=blah" size=unlimited time=unlimited Our group entry in LDAP: # admins, group, ldap.server dn: cn=admins,dc=blah objectClass: posixGroup objectClass: top cn: admins memberUid: admin1 memberUid: admin2 >From reading the slapd.conf man page, it seems we're not using the default objectclass "groupOfNames," or attribute "member," however when I use the defaults, or the above which exist in our directory, I still hit "sizelimit 1." Of course using dn.exact for our individual accounts works, though I don't want to touch slapd.conf every time we hire someone. Do you have any insight into what could be causing this behavior? I have not found the answer yet through extensive searching of the internets. Thanks, Douglas Duckworth, MSc, LFCS HPC System Administrator Scientific Computing Unit Physiology and Biophysics Weill Cornell Medicine E: [email protected] O: 212-746-6305 F: 212-746-8690
