>> On Mon, Sep 29, 2008 at 04:30:17PM -0400, HUGE | Rob Terhaar wrote: >> Hello all, >> >> Appologies if this has been discussed already, but we're having problems >> doing ldap lookups via ldap client to a group in AD with a lot of members. >> We're seeing the following error message in the logs: >> >> Sep 29 16:11:37 nynas1 idmap[320]: [ID 869372 daemon.warning] >> ns_lookup_byname: getgrnam_r(huge-group) failed (Result too large). >> Sep 29 16:11:37 nynas1 smbd[492]: [ID 118120 daemon.error] smb_token_create: >> idmap failed >> >> Is there a way to push this limit up, or increase the cache size?
> On 9/29/08 5:22 PM, "Nicolas Williams" <[EMAIL PROTECTED]> wrote: > Another question for Doug :) Doug? > > Doug, > > idmapd is using getgrnam_r() here as part of name-based ID mapping. > It's looking up the GID of a Unix group that's actually an AD group > being access via nss_ldap w/ schema mapping to the AD SFU schema. > > Evidently the number of members in that group is... too large for > nss_ldap. Is there a workaround? > > Nico > -- Hi All, Does anyone out there know what the limit is for members in an LDAP group with solaris nss_ldap? Is there even a limit? Are we running into another problem? (like ad does not allow queries with x number of responses) We have not been able to figure out how to increase the soft limit/cache. _______________________________________________ cifs-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/cifs-discuss
