Rébeli-Szabó Tamás wrote:
Hi all,
is there a limit for the number of attributes for entries?
No.
Specifically, I
want to have 500,000 uniqueMembers for a group entry, but I cannot add more
than 359,000. When I try to add 360,000 or more, I get:
"ldapadd: update failed ... ldap_add: Can't contact LDAP server (-1)"
There is a limit on how much data you can send in a single LDAP request. Read
the slapd-config(5) or slapd.conf(5) manpage, SockbufMaxIncoming
The group entry look like this:
dn: cn=biggroup,ou=groups,dc=test,dc=com
objectClass:top
objectClass: groupOfUniqueNames
cn: Ah, big group
uniqueMember: uid=user1,ou=users,dc=test,dc=com
uniqueMember: uid=user2,ou=users,dc=test,dc=com
...
uniqueMember: uid=user359000,ou=users,dc=test,dc=com
I have 1 million users in ou=users,dc=test,dc=com (so I haven't run into a
limit here).
I am on 2.4.41, LMDB with 4G maxsize (RHEL 5.10; 2.6.39). I have no limits set
in slapd.conf.
Another, related issue:
If I add 359k members to a group, and then I try to modify the group to add
another member, ldapadd hangs. When I trace it, all I can see is continual
ldap_result calls, that is, the client is waiting for the update operation to
end on the server, and slapd is using nearly 100% of CPU.
Read the slapd.conf(5) manpage, sortvals.
If I restart the server, I can add one member, but I cannot add say a hundred
thousand more.
Any hint is appreciated.
Regards,
tamas
<tel:+36%2030%202100%20873>
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
