Jeronimo Zucco wrote:
I've found what happened here: 1 - I put limits and sizelimit in the end of slapd.conf. You have to
put it in the global section, after schemas and before ACL's;
No. First of all, the placement requirements did not change between OpenLDAP 2.3 and 2.4. Secondly, the "limits" directive is clearly documented (see slapd.conf(5)) as being a database setting, not a global setting.
When you originally posted, you implied that you simply updated to 2.4 from an existing 2.3 installation. It seems that in fact, you installed 2.4 and also modified your slapd.conf at the same time. When you fail to post relevant details about what you're working with, it uses up a lot more of everyone else's time to understand what you're doing and how to help you.
I'm glad you have this working now, but you still need to go back and reread slapd.conf(5). Your assumptions and understanding of how things work is still wrong, and if you need to make additional changes in the future you will probably run into other problems until you understand how it really works.
2 - I've tried to use this rules:
limits anonymous size.soft=50 size.hard=50 limits dn.exact="cn=replicator_user,dc=domain,dc=com" size.soft=unlimited size.hard=unlimited size.unchecked=unlimited time.soft=unlimited time.hard=unlimited limits dn.exact="cn=user1,dc=domain,dc=com" size.soft=50 size.hard=100 time.soft=15 time.hard=60 limits users size.soft=50 size.hard=100 size.unchecked=32767 time.soft=15 time.hard=60 sizelimit unlimited
The "limits users" and limits dn.exact are compatibles ? I guess not.
Finally, this rules works for me:
limits anonymous size.soft=50 size.hard=50 limits dn.exact="cn=user1,dc=domain,dc=com" size.soft=50 size.hard=100 time.soft=15 time.hard=60 sizelimit unlimited
And I've removed the "limits user" of my configuration.
Thanks for help.