-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi all,
I am the developer of "LDAP Account Manager". One of our users reported a strange problem, maybe you can help here.
The application runs the same LDAP search two times. But the second time OpenLDAP returns an error 4 - sizelimit exeeded. The user reported that he removed all sizelimits from slapd.conf and ldap.conf and still gets the error. The log files are attached. These are the two queries:
conn=3 op=3 SRCH base="ou=People,dc=example,dc=com" scope=2 deref=3 filter="(&(&(!(uid=*$))(|(objectClass=inetOrgPerson)(objectClass=posixAccount))))" conn=3 op=3 SRCH attr=uid givenname sn uidnumber gidnumber conn=3 op=3 SEARCH RESULT tag=101 err=0 nentries=15 text=
conn=4 op=1 SRCH base="ou=People,dc=example,dc=com" scope=2 deref=0 filter="(&(&(!(uid=*$))(|(objectClass=inetOrgPerson)(objectClass=posixAccount))))" conn=4 op=1 SRCH attr=uid givenname sn uidnumber gidnumber conn=4 op=1 SEARCH RESULT tag=101 err=4 nentries=12 text=
Any ideas?
Thanks a lot for your help.
Best regards
Roland
- -------- Original-Nachricht -------- Betreff: Re: [Lam-public] LDAP sizelimit exceeded, not all entries are shown. Datum: Mon, 12 Oct 2009 15:18:02 +0200 Von: Sou Smith smith.sou@gmail.com An: Roland Gruber post@rolandgruber.de Referenzen: b9082d9f0910070307q7f234632uee4ffa2836c15a04@mail.gmail.com 4ACCD310.50708@rolandgruber.de b9082d9f0910090227y6d1d0b61k996bbae626426fb3@mail.gmail.com 4ACF4E4B.3010202@rolandgruber.de
Hi Roland,
I have debugged slapd using loglevel 256. I send you two log files in the attachment. First, slapd.log contains starting slapd, logging in LAM and the first page that LAM shows (User list - showing 15 users). The second file, slapd2.log is extended slapd.log with my click on "Users" (shows only 12 users and the message about sizelimit exceeded) and click on "Groups" (same problem, same number of entries). I have looked into those files, but still don't know where is the problem.
Thank you for your time. Best regards,
Sou Smith
2009/10/9 Roland Gruber post@rolandgruber.de
Hi Sou,
Sou Smith schrieb:
I have tried to debug slapd, while I have tested LAM. I have clicked on "Users" link and after that I have looked into log file. I have tried to debug step by step 1- trace function calls, 2- debug packet handling, 4- heavy trace debugging, 8- connection management, 32- search filter processing, 64- configuration processing, 256- stats log connections/operations/results, 512- stats log entries sent, 1024- print communication with shell backends, 2048- print entry parsing debugging = 10 log files. But I couldn't locate that error
in
anyone of them. I have tried to debug everything (-d-1 parameter), but
the
log file was so large and blind, that I haven't found the problem (if
there
was any).
you can set slapd to debug mode:
In /etc/ldap/slapd.conf turn logging on with the line "loglevel 256". OpenLDAP uses /var/log/syslog for log output. slapd needs to be restarted.
This should give you all searches done by LAM and the return codes from slapd.
- --
Best regards
Roland Gruber
LDAP Account Manager http://www.ldap-account-manager.org/
Want more? Get LDAP Account Manager Pro! http://www.ldap-account-manager.org/lamcms/lamPro