Steven Jones wrote:
When doing the above it only returns 2000, I have 6000

How to get it to return 6000+?

There are two size limits. One is a global limit in 389-ds-base, nsslapd-sizelimit which defaults to 2000.

IPA has its own search limit which you can also set globally, or override it on the command line (which I'll do below).

You'll need to bind as Directory Manager to change nsslapd-sizelimit then you can run:

ipa user-find --sizelimit=8000

I don't believe any services need to be restarted for this to take effect.

We generally discourage enumerating all entries for performance reasons which is why by default the IPA size limit is 100.


Freeipa-users mailing list

Reply via email to