Re: OpenLDAP 2.4 syncrepl - Size limit exceeded error in consumer end

Wed, 29 Oct 2008 08:25:42 -0700 

Hi Brett,
I was on a vacation for past few days. That's why I couldn't check my e-mails.Thanks for your tips. Somehow, your e-mail didn't got delivered to my AOL mail Inbox :-( 


I checked your mail from openldap-software mailing list archives after 
seeing reply from Howard.



Both the limits configuration(dn.exact, 
group/groupOfUniqueNames/uniqueMember) you suggested worked for me like 
a charm. That was really helpful.


Howard,

I tried the following syntaxes


limits group/groupOfNames/member = 
"cn=LDAPAdmins,ou=Groups,dc=example,dc=com" size=unlimited 
time=unlimited


and


limits 
group/groupOfNames/member.exact="cn=LDAPAdmins,ou=Groups,dc=example,dc=co

m" size=unlimited time=unlimited


But, it didn't worked. I was still getting the same "Limit exceeded" 
error when I tried ldapsearch with

-D "uid=synscrepl,ou=System,dc=example,dc=com".

However, the one suggested by Brett


limits 
group/groupOfUniqueNames/uniqueMember="cn=LDAPAdmins,ou=Groups,dc=example

,dc=com" size=unlimited time=unlimited

worked without any issues.

Thanks & Regards,
Karthik Dathathri

-----Original Message-----
From: Howard Chu <[EMAIL PROTECTED]>
To: Brett @Google <[EMAIL PROTECTED]>
Cc: openldap-software@openldap.org
Sent: Thu, 23 Oct 2008 5:17 am

Subject: Re: OpenLDAP 2.4 syncrepl - Size limit exceeded error in 
consumer end


Brett @Google wrote:

Why dont you try :

limits dn.exact="uid=syncrepl,ou=System,dc=example,dc=com"
size=unlimited time=unlimited


As a test on the provider, maybe your group is not being expanded as 

you

expect.

Group syntax seen elsewhere in this list have looked is more like :



The group syntax is already documented in slapd.conf(5). No need to 
tell what

it's "sort of like as seen on this list" - tell precisely what it is.


limits


group/groupOfUniqueNames/uniqueMember="cn=LDAPAdmins,ou=Groups,dc=example
,dc=com"

size=unlimited time=unlimited


As noted in slapd.conf(5) the default objectclass and attribute are

groupOfNames and member, respectively. groupOfUniqueNames and 
uniqueMember are

totally bogus in LDAP.


I'd suggest trying the test again with the dn.exact one first, and if
that works then try the other.


--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/



________________________________________________________________________
You are invited to Get a Free AOL Email ID. - http://webmail.aol.in























					Reply via email to