I've got a script here at our site to sync user data in our OpenLDAP
server with a number of data sources. I've recently run across a
problem when trying to add some UUID data to certain groups on our LDAP
server.
We have 3 groups with >550 members in them (2 of the 3 are over 1000
members). I'm trying to populate that group with memberUid and
apple-group-memberguid data for each member of the group. The smaller
group of the three results in an LDIF file 1198 lines long.
The script is written in perl and attempts to modify group data using
Net::LDAP connecting via a secure ldap (ldaps, port 636) connection
using kerberos GSSAPI authentication.
The bug I've run across: when I try to add the apple-group-memberguid
data (done by generating a perl array with all the UUID strings, then
trying to replace the apple-group-memberguid field of the group entry
with the generated array via Net::LDAP->replace() ), the operation will
hang with no sign of a connection on the LDAP server.
Updates of smaller groups (1-200 members) in this fashion work fine.
Updates done connecting via the rootdn of the LDAP server succeed fine,
even for the larger groups. I can generate an LDIF file and use ldapadd
to add the data via a GSSAPI-authenticated connection with no trouble.
Trying to do this add from within perl and Net::LDAP will hang, though.
I have attempted to set the sizelimit to "unlimited" on the LDAP server
with no effect.
Has anyone else seen such a problem before? Any suggestions for where
to go from here?
--
=========================================================================
John Perkins | University of Wisconsin-Madison
Researcher | Department of Computer Science
j...@cs.wisc.edu | 1210 W. Dayton St.
608-262-0438/608-262-6626 FAX | Madison, WI 53706-1685
=========================================================================
