On Wed, Oct 22, 2008 at 11:17 PM, Karthik Dathathri karthikd@aol.in wrote:
Hi Buchan,
As you mentioned, I tested the configuration manually in the provider:
I removed all the earlier ACL settings in slapd.conf of provider and just added the global ACL below:
access to * by * read
When I ran ldapsearch query using -D "uid=syncrepl,ou=System,dc=example,dc=com" on the provider machine, I am getting the result as:
#ldapsearch2.4 -x -W -D "uid=syncrepl,ou=System,dc=example,dc=com" -b "dc=example,dc=com" mail uid givenName
<Entries Snipped> # search result search: 2 result: 4 Size limit exceeded
# numResponses: 501 # numEntries: 500
Why dont you try :
limits dn.exact="uid=syncrepl,ou=System,dc=example,dc=com" size=unlimited time=unlimited
As a test on the provider, maybe your group is not being expanded as you expect.
Group syntax seen elsewhere in this list have looked is more like :
limits group/groupOfUniqueNames/uniqueMember="cn=LDAPAdmins,ou=Groups,dc=example,dc=com" size=unlimited time=unlimited
I'd suggest trying the test again with the dn.exact one first, and if that works then try the other.
Cheers Brett