Hi all I have reproduced the same behaviour with 2.4.28 on Linux and Solaris.
Any chance this is a recursion/bug? krgds /markus On 11/24/11 21:23, Markus Wernig wrote: > Hello all > > I do not seem to be able to get per-dn limits working ... > > openldap-2.4.25 on Solaris 11 x86 > > I have put the following in slapd.conf: > > limits dn.exact="cn=repl_ldap,dc=domain,dc=com" > size=unlimited > time=unlimited > > access to * > by dn="cn=repl_ldap,dc=domain,dc=com" read > ... > > (obviously the syncrepl user ;-) > > and also: > syncrepl rid=1 > ... > sizelimit="unlimited" > timelimit="unlimited" > searchbase="dc=domain,dc=com" > binddn="n=repl_ldap,dc=domain,dc=com" > > on the consumer side > > > But the DN always gets a maximum of 500 entries, whether using > ldapsearch or during replication: > > # ldapsearch -x -h localhost '(objectClass=*)' > -D"cn=repl_ldap,dc=domain,dc=com" -W -b "dc=domain,dc=com" > Enter LDAP Password:XXXX > > [...] > > # search result > search: 2 > result: 4 Size limit exceeded > > # numResponses: 501 > # numEntries: 500 > > While there are ~700 entries in the directory. > > > The same happens during replication, where only 500 entries are synced > to the consumer (eg. if I delete the local DB on the consumer and > restart slapd) > > Only if I set > ... > sizelimit unlimited > timelimit unlimited > ... > > globally in the provider's slapd.conf (i.e. before any database > definition), does repl_ldap receive all entries. > > Is there anything else I need to configure in order to allow the DN > access to all entries? > > thx /markus > > PS: I have also tried different variants of the following: > limits dn.exact="cn=repl_ldap,dc=domain,dc=com" time.soft=unlimited > time.hard=unlimited size.soft=unlimited size.hard=unlimited >
