On 09/21/2012 05:21 AM, Martin Kosek wrote:
When using bare ldapsearch, you are hitting 389-ds limits - in your case
nsslapd-sizelimit. This can be increased either globally or (this seems as a
more secure solution) for a user you bind as:
https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/User_Account_Management-Setting_Resource_Limits_Based_on_the_Bind_DN.html
Steven, are you saying that winsync only pulled over 2000 out of 5700
users from AD into IPA? If so, then that's a limit on the winsync user
that must be increased in AD.
Martin
On 09/21/2012 04:43 AM, Steven Jones wrote:
Hi,
It seems IPA has some sort of limit of searching it will only show the first 2k
of user entries?
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
-------------------------------------------------------------------------------
*From:* Rich Megginson [rmegg...@redhat.com]
*Sent:* Friday, 21 September 2012 11:38 a.m.
*To:* Steven Jones
*Cc:* freeipa-users@redhat.com
*Subject:* Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/20/2012 03:52 PM, Steven Jones wrote:
Hi,
I have imported users, but there are 5700 of them but I only have 2000 which
corresponds to the view that AD gives you by default. This makes me think
that that limit is all the AD is allowing the query to see?
You can use https://github.com/richm/scripts/blob/master/dirsyncctrl.py to test
what winsync sees when it searches.
Is there a way to expand it?
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
-------------------------------------------------------------------------------
*From:* freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com]
on behalf of Steven Jones [steven.jo...@vuw.ac.nz]
*Sent:* Friday, 21 September 2012 8:44 a.m.
*Cc:* freeipa-users@redhat.com
*Subject:* Re: [Freeipa-users] winsync agreement wipes IPA users
I have hundreds of disable users in IPA now transferred from AD, is there a
quick/clean way to purge them from IPA?
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users