-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi all,
I am the developer of "LDAP Account Manager". One of our users reported a strange problem, maybe you can help here.
The application runs the same LDAP search two times. But the second time OpenLDAP returns an error 4 - sizelimit exeeded. The user reported that he removed all sizelimits from slapd.conf and ldap.conf and still gets the error. The log files are attached. These are the two queries:
conn=3 op=3 SRCH base="ou=People,dc=example,dc=com" scope=2 deref=3 filter="(&(&(!(uid=*$))(|(objectClass=inetOrgPerson)(objectClass=posixAccount))))" conn=3 op=3 SRCH attr=uid givenname sn uidnumber gidnumber conn=3 op=3 SEARCH RESULT tag=101 err=0 nentries=15 text=
conn=4 op=1 SRCH base="ou=People,dc=example,dc=com" scope=2 deref=0 filter="(&(&(!(uid=*$))(|(objectClass=inetOrgPerson)(objectClass=posixAccount))))" conn=4 op=1 SRCH attr=uid givenname sn uidnumber gidnumber conn=4 op=1 SEARCH RESULT tag=101 err=4 nentries=12 text=
Any ideas?
Thanks a lot for your help.
Best regards
Roland
- -------- Original-Nachricht -------- Betreff: Re: [Lam-public] LDAP sizelimit exceeded, not all entries are shown. Datum: Mon, 12 Oct 2009 15:18:02 +0200 Von: Sou Smith smith.sou@gmail.com An: Roland Gruber post@rolandgruber.de Referenzen: b9082d9f0910070307q7f234632uee4ffa2836c15a04@mail.gmail.com 4ACCD310.50708@rolandgruber.de b9082d9f0910090227y6d1d0b61k996bbae626426fb3@mail.gmail.com 4ACF4E4B.3010202@rolandgruber.de
Hi Roland,
I have debugged slapd using loglevel 256. I send you two log files in the attachment. First, slapd.log contains starting slapd, logging in LAM and the first page that LAM shows (User list - showing 15 users). The second file, slapd2.log is extended slapd.log with my click on "Users" (shows only 12 users and the message about sizelimit exceeded) and click on "Groups" (same problem, same number of entries). I have looked into those files, but still don't know where is the problem.
Thank you for your time. Best regards,
Sou Smith
2009/10/9 Roland Gruber post@rolandgruber.de
Hi Sou,
Sou Smith schrieb:
I have tried to debug slapd, while I have tested LAM. I have clicked on "Users" link and after that I have looked into log file. I have tried to debug step by step 1- trace function calls, 2- debug packet handling, 4- heavy trace debugging, 8- connection management, 32- search filter processing, 64- configuration processing, 256- stats log connections/operations/results, 512- stats log entries sent, 1024- print communication with shell backends, 2048- print entry parsing debugging = 10 log files. But I couldn't locate that error
in
anyone of them. I have tried to debug everything (-d-1 parameter), but
the
log file was so large and blind, that I haven't found the problem (if
there
was any).
you can set slapd to debug mode:
In /etc/ldap/slapd.conf turn logging on with the line "loglevel 256". OpenLDAP uses /var/log/syslog for log output. slapd needs to be restarted.
This should give you all searches done by LAM and the return codes from slapd.
- --
Best regards
Roland Gruber
LDAP Account Manager http://www.ldap-account-manager.org/
Want more? Get LDAP Account Manager Pro! http://www.ldap-account-manager.org/lamcms/lamPro
--On Tuesday, October 13, 2009 8:16 PM +0200 Roland Gruber post@rolandgruber.de wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi all,
I am the developer of "LDAP Account Manager". One of our users reported a strange problem, maybe you can help here.
You should send this question to openldap-software@openldap.org, not openldap-bugs. I would note that if the user removed all sizelimit directives, then the default goes into effect.
--Quanah
--
Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration
Roland Gruber wrote:
I am the developer of "LDAP Account Manager". One of our users reported a strange problem, maybe you can help here.
The application runs the same LDAP search two times. But the second time OpenLDAP returns an error 4 - sizelimit exeeded. The user reported that he removed all sizelimits from slapd.conf and ldap.conf and still gets the error.
If you really believe it's a bug in OpenLDAP could you please try to reproduce the problem with OpenLDAP's ldapsearch command-line tool? Or first trace what LAM really does and try to demonstrate this with a very simple program?
Being a client developer myself I know that some surprising effects are often my own fault... ;-)
Ciao, Michael.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi all,
Roland Gruber schrieb:
The application runs the same LDAP search two times. But the second time OpenLDAP returns an error 4 - sizelimit exeeded. The user reported that he removed all sizelimits from slapd.conf and ldap.conf and still gets the error.
this problem is fixed now. It turned out that the user uses LDAP links. For some reason PHP changes its default dereferencing setting after the first query. So this could be fixed by specifying the dereferencing setting for each LDAP search.
Thanks a lot for your help and sorry for the noise.
- --
Best regards
Roland Gruber
LDAP Account Manager http://www.ldap-account-manager.org/
Want more? Get LDAP Account Manager Pro! http://www.ldap-account-manager.org/lamcms/lamPro
-
Michael Ströder -
Quanah Gibson-Mount -
Roland Gruber