Martin, 

After some tests, i found that  the value for  the nsslapd-sasl-max-buffer-size 
is reset to default (2097152) during installation. It is correct? 

ipa-server-install -d  --dirsrv-config-file=update.ldif

update.ldif

dn: cn=config
changetype: modify
replace: nsslapd-maxsasliosize
nsslapd-maxsasliosize: 10485760
-
replace: nsslapd-sasl-max-buffer-size
nsslapd-sasl-max-buffer-size: 10485760

or 

dn: cn=config
changetype: modify
replace: nsslapd-maxsasliosize
nsslapd-maxsasliosize: 10485760
dn: cn=config
changetype: modify
replace: nsslapd-sasl-max-buffer-size
nsslapd-sasl-max-buffer-size: 10485760

I've tried both.

Log files:

From ipaserver-install.log (Centos 7.4)
~
2018-02-12T16:52:38Z DEBUG nsslapd-sasl-max-buffer-size:
2018-02-12T16:52:38Z DEBUG      10485760
~
2018-02-12T16:52:38Z DEBUG only: set nsslapd-sasl-max-buffer-size to '2097152', 
current value [u'10485760']
2018-02-12T16:52:38Z DEBUG only: updated value [u'2097152']
2018-02-12T16:52:38Z DEBUG ---------------------------------------------
2018-02-12T16:52:38Z DEBUG Final value after applying updates
~
2018-02-12T16:52:38Z DEBUG nsslapd-sasl-max-buffer-size:
2018-02-12T16:52:38Z DEBUG      2097152
~
2018-02-12T16:52:38Z DEBUG [(2, u'nsslapd-sasl-max-buffer-size', [u'2097152'])]
2018-02-12T16:52:38Z DEBUG Updated 1
2018-02-12T16:52:38Z DEBUG Done
2018-02-12T16:52:38Z DEBUG Updating existing entry: cn=config
~
2018-02-12T16:52:38Z DEBUG nsslapd-sasl-max-buffer-size:
2018-02-12T16:52:38Z DEBUG      2097152

The same for the Fedora 27 ipaserver-nstall.log:
~
2018-02-13T10:45:57Z DEBUG nsslapd-sasl-max-buffer-size:
2018-02-13T10:45:57Z DEBUG      10485760
~
2018-02-13T10:45:57Z DEBUG      (targetattr != aci)(version 3.0; aci "cert 
manager read access"; allow (read, search, compare) userdn = 
"ldap:///uid=pkidbuser,ou=people,o=ipaca";;)
2018-02-13T10:45:57Z DEBUG only: set nsslapd-sasl-max-buffer-size to '2097152', 
current value ['10485760']
2018-02-13T10:45:57Z DEBUG only: updated value ['2097152']
~
2018-02-13T10:45:58Z DEBUG nsslapd-sasl-max-buffer-size:
2018-02-13T10:45:58Z DEBUG      2097152
~
2018-02-13T10:45:58Z DEBUG      (targetattr != aci)(version 3.0; aci "cert 
manager read access"; allow (read, search, compare) userdn = 
"ldap:///uid=pkidbuser,ou=people,o=ipaca";;)
2018-02-13T10:45:58Z DEBUG [(2, 'nsslapd-sasl-max-buffer-size', ['2097152'])]
2018-02-13T10:45:58Z DEBUG Updated 1
2018-02-13T10:45:58Z DEBUG Done
2018-02-13T10:45:58Z DEBUG Updating existing entry: cn=config
~
2018-02-13T10:45:58Z DEBUG nsslapd-sasl-max-buffer-size:
2018-02-13T10:45:58Z DEBUG      2097152
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to