Tomas already replied to you, copying here as archives are currently offline to prevent spam



you seem to be hitting the size limit on LDAP side. To verify, check

ldapsearch -D 'cn=directory manager' -W -b cn=config cn=config | grep nsslapd-sizelimit

If you really need to increase this size limit, you will have to modify the nsslapd-sizelimit in cn=config.



On 13.12.2016 17:06, Mike Driscoll wrote:
Any thoughts about this sizelimit bug?


On Nov 28, 2016, at 14:44, Mike Driscoll <> wrote:

I'm running:
# rpm -qa | grep ipa-server

Searching DNS for all hostnames containing "qa" times out in the GUI.  Setting 
aside the option to change server defaults, this cli command isn't giving me the content 
I need:

# ipa dnsrecord-find --sizelimit=10000 --timelimit=20 | grep qa
ipa: WARNING: Search result has been truncated: Configured size limit exceeded

It seems like the sizelimit parameter greater than two thousand is being 

# ipa dnsrecord-find --sizelimit=1900 --timelimit=20
Number of entries returned 1900

# ipa dnsrecord-find --sizelimit=2100 --timelimit=20
Number of entries returned 2000

Any suggestions?


Manage your subscription for the Freeipa-users mailing list:
Go to for more info on the project

Reply via email to