Dears,
Openldap version : 2.5.7
env 2 MMR 2 Replicas (test env)
I've set and olclimit for one user (dn.base) on my DB and it works fine but in order to move it on my production env, I decided to modify my olclimit by using (group/groupOfNames/member) and place this user as member of the group. This is also works fine on my test env.
I did the same config on my production env which is 4 MMR 4 Replicas and it didn't work :-(
I did a lot of checks to see if there was any difference but it was exactly the same configuration.
I did some other test on replicas first by adding a new olclimit for the concerned user ( dn.base) which solved the issue.
I decided to remove this newly user olclimit, the olclimit (group/groupOfNames/member) was still there, and was not my surprise, the limitation for my user was still set to unlimited as expected.
I did the same on all replicas, adding concerned user, remove it and limits were OK .... very strange.
As it was working on replicas, I did try the same on master but no luck, my user stay still limited to 500 entries.
Questions :
Is there an order to respect in olclimit type ?
why the config is working on test env and not on production one ?
Thx to advice,
Jean-Luc