Am Sat, 29 Oct 2016 13:16:03 -0600 schrieb Joshua Schaeffer jschaeffer0922@gmail.com:
On 10/29/2016 03:45 AM, Dieter Klünter wrote:
Note that there is a hard coded limit to 500 operations. If you have more than 500 entries, syncrepl only recieves a limited set of entries. Read slapd-config(5) on limits.
-Dieter
I feel this is somewhat contradictory with the admin guide:
"The content of the syncrepl replica is defined using a search specification as its result set. The consumer slapd will send search requests to the provider slapd according to the search specification. The search specification includessearchbase,scope,filter,attrs,attrsonly,sizelimit, andtimelimitparameters as in the normal search specification. Thesearchbaseparameter has no default value and must always be specified. Thescopedefaults tosub, thefilterdefaults to(objectclass=*),attrsdefaults to"*,+"to replicate all user and operational attributes, andattrsonlyis unset by default. Bothsizelimitandtimelimitdefault to "unlimited", and only positive integers or "unlimited" may be specified."
It specifies that the sizelimit and timelimit defaults to unlimited. I understand that you are pointing out a hard limit on the provider side so it doesn't matter that the search is unlimited from the consumer's side, it's just a first glance it seems that the search will be unlimited.
Either way, I change both provider and consumer databases to unlimited and I'm still not getting all the database entries from my provider.
[...] It is a bit more complicated than that. syncrepl is a client operation, which requires ldap client configuration, specified in ldap.conf(5). The sizelimit and timelimit, configuration parts defined in slapd.conf(5), are global configuration parameters. There is a database specific 'limits' parameter, which binds the defined operation limitation to a Distinguished Name. You realy should read that manual pages slapd.conf(5) and slapd-config(5) on databasse limits and syncrepl limits.
-Dieter