RAIMBAULT Alain - Contractor wrote:
> Thanks for pointing at this element.
> I modified my ldif in consequence
>
> # cat sizelimit.ldif
> dn: cn=config
> changetype: modify
> replace: olcSizeLimit
> olcSizeLimit: unlimited
>
> root@ccase03 # grep olcRoot olcDatabase={1}mdb.ldif
> olcRootDN: cn=Manager,dc=tosa,dc=thales
> olcRootPW:: e1NTSEF9QTVnK3BPV2dWM2p6V29DZkRrSjVZZ1YwUDROS2RDTWg=
> ^ strange ! two semicolons in a row
>
> root@laselainfldap01p:/etc/openldap/slapd.d/cn=config# ldapmodify -v -h
> 10.136.16.197 -D
> "cn=Manager,dc=tosa,dc=thales" -w tco_tosa_thales -f sizelimit.ldif
> ldap_initialize( ldap://10.136.16.197 )
> replace olcSizeLimit:
> unlimited
> modifying entry "cn=config"
> ldap_modify: Insufficient access (50)
AFAIK you have to use "cn=config" as username (-D parameter) to modify the
configuration. Additionly you will have to use the -x parameter for simple auth.
IMHO you will need a olcAuthzRegexp like
gidNumber=0\+uidNumber=0,cn=peercred,cn=external,cn=auth dn:cn=config to use
SASL mech EXTERNAL to modyfy your configuration.
>
> root@laselainfldap01p:/etc/openldap/slapd.d/cn=config#
>
> Kind regards,
> Alain
>
> -----Message d'origine-----
> De : Ulrich Windl <Ulrich.Windl(a)rz.uni-regensburg.de>
> Envoyé : mardi 7 juin 2022 07:48
> À : RAIMBAULT Alain - Contractor
> <alain.raimbault(a)external.thalesgroup.com>;
> openldap-technical(a)openldap.org
> Objet : Antw: [EXT] Failing to modify olcSizeLimit
>
> > >> RAIMBAULT Alain - Contractor
> > >> <alain.raimbault(a)external.thalesgroup.com>
> > schrieb
> am 03.06.2022 um 14:51 in Nachricht
> <bf0f0f6351b94d74b437c24db1da4817(a)external.thalesgroup.com>:
> ...
> > # cat sizelimit.ldif
> > dn: cn=config
> > changetype: modify
> > replace: olcSizeLimit
> > olcSizeLimit: ‑1
> >
> Despite of the rest we use a large positive number here, and the docs here
> mention
> "unlimited", but not -1.
>
> ...
>
> Regards,
> Ulrich
