Am Tue, 25 May 2010 16:16:52 +0200 hi Hartmut,
schrieb "Lehnert, Hartmut" Hartmut.Lehnert@secunet.com:
Hi Dieter! We tried Sizelimit unlimited
Limits have to be defined on both sides server side and client side.
In slapd.conf, but the effect is the same, slapd answers "size limit exceeded". The search request command is
/home/openldap/openldap-2.4.21-install/bin/ldapsearch -h localhost -p 9389 -D cn=openldapadmin -w welcome -b o=CustomerCA,c=de -s children -E!sss="sncertnr:2.5.13.3" -E!vlv="0/9/0/1:objectclass=SN-ISIS-MTT-MainCert" "objectclass=*" sncertnr
Is the ordering matching rule caseIgnoreOrderingMatch (oid 2.5.13.3) correct for sncertnr attribute type? Why are you adding objectclass0* to your search string?
Besides this effect we only have 10 records stored in the LDAP database ;-)
OK, then something weird is happening, could you run slapd in debugging mode?
For the supported features see the following list:
openldap@ocsp-openldap24:~/openldap-snacc-2.3.6/c-lib> /home/openldap/openldap-2.4.21-install/bin/ldapsearch -h localhost -p 9389 -D cn=openldapadmin -w welcome -b "" -s base +
[...]
The OID 1.3.6.1.4.1.4203.666.8.1 is missing here but this OID is marked as kind of experimental. Why do I need this feature and how can I enable this?
Your search scope is defined as '-s children', the oid of this feature is the above mentioned oid. Your compiled slapd version does not understand -s children, thus applying default setting of -s sub, you probably should apply -s one.
-Dieter