Hi Florence, Thanks for the reply! So, I've been looking at those and I currently, don't have any limit that I can find configured to 2,000 entries.
Current setup: https://paste.fedoraproject.org/paste/75jhSM1qonlQB-Uqtgug-Q However, with those set, and after restarting ipa (to make sure any setting that requires a restart is in-place), we still see this: # ipa cert-find --hosts=testhost-abc-notreal-1.ops.example.com ---------------------- 0 certificates matched ---------------------- ---------------------------- Number of entries returned 0 ---------------------------- # /var/log/pki/pki-tomcat/ca/debug [20/Dec/2018:17:19:59][ajp-bio-127.0.0.1-8009-exec-3]: DBVirtualList.getEntries() [20/Dec/2018:17:20:00][ajp-bio-127.0.0.1-8009-exec-3]: getEntries: exception java.lang.ClassCastException: netscape.ldap.LDAPException cannot be cast to netscape.ldap.LDAPEntry [20/Dec/2018:17:20:00][ajp-bio-127.0.0.1-8009-exec-3]: DBVirtualList: entries: 2000 [20/Dec/2018:17:20:00][ajp-bio-127.0.0.1-8009-exec-3]: DBVirtualList.getPage(5998) [20/Dec/2018:17:20:00][ajp-bio-127.0.0.1-8009-exec-3]: DBVirtualList.getEntries() [20/Dec/2018:17:20:00][ajp-bio-127.0.0.1-8009-exec-3]: getEntries: exception java.lang.ClassCastException: netscape.ldap.LDAPException cannot be cast to netscape.ldap.LDAPEntry [20/Dec/2018:17:20:00][ajp-bio-127.0.0.1-8009-exec-3]: DBVirtualList: entries: 2000 [20/Dec/2018:17:20:00][ajp-bio-127.0.0.1-8009-exec-3]: DBVirtualList.getPage(7997) [20/Dec/2018:17:20:00][ajp-bio-127.0.0.1-8009-exec-3]: DBVirtualList.getEntries() [20/Dec/2018:17:20:00][ajp-bio-127.0.0.1-8009-exec-3]: DBVirtualList: entries: 1842 Any other ideas on what is causing these entries to be paginated at 2,000 entries? As I mentioned on https://bugzilla.redhat.com/show_bug.cgi?id=1658280 as well, sizeLimit and timeLimit in the LDAP request being sent to 389-ds as 0/unset (it's not clear if wireshark is changing that to 0). Thanks, Jared _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
