You should use EXTERNAL sasl auth when trying to modify base config, with a command such as this:

ldapmodify -Q -Y EXTERNAL -H ldapi:/// -f changefile.ldif

Then your ldif file, with the value you chose, would be:

dn: cn=config
changetype: modify
replace: olcSizeLimit
olcSizeLimit: -1

That should work, it's what I use for making any changes to cn=config.

On Fri, Dec 13, 2013 at 12:00 PM, Clint Petty <cpetty@luthresearch.com> wrote:

I know you are suppose to make changes through the command line, when using cn=config.  I tried changing it through ldapmodify, however wasn't able to get it to work.  So changed it in the file and it did work.  We are transitioning away from cn=config, so this is just a short term solution.


-----Original Message-----
From: Howard Chu [mailto:hyc@symas.com]
Sent: Thursday, December 12, 2013 7:15 PM
To: Clint Petty; Jason Brandt
Cc: openldap-technical@openldap.org
Subject: Re: ldapsearch limit of 500 entries

Clint Petty wrote:
> Thanks Jason,
>
> I resolved this issue by adding:
>
> olcSizeLimit: -1
>
> to the etc/ldap/slapd.d/cn=config.ldif file.

You are not supposed to manually edit the config database files. You should
have fed your change in to the running slapd using ldapmodify.

cn=config is a slapd database. It will very likely migrate to an LMDB backend
in the future. Don't get the notion of manually editing it into your head,
because it won't be possible.

> and then restarting slapd.

There is no need to restart slapd to make configuration changes, if you do
them correctly - i.e., using ldapmodify.

> Now works!
>
> *From:*Jason Brandt [mailto:jbrandt@fsmail.bradley.edu]
> *Sent:* Thursday, December 12, 2013 11:25 AM
> *To:* Clint Petty
> *Cc:* openldap-technical@openldap.org
> *Subject:* Re: ldapsearch limit of 500 entries
>
> Note that this will replace any existing limits you have set.
>
> On Thu, Dec 12, 2013 at 1:24 PM, Jason Brandt <jbrandt@fsmail.bradley.edu
> <mailto:jbrandt@fsmail.bradley.edu>> wrote:
>
> Global size limit modification ldif file (using cn=config):
>
> dn: cn=config
>
> changetype: modify
>
> replace: olcSizeLimit
>
> olcSizeLimit: size.soft=100 size.hard=500
>
> Per user size limit changes:
>
> dn: olcDatabase={1}hdb,cn=config
>
> changetype: modify
>
> replace: olcLimits
>
> olcLimits: dn.exact="uid=user,ou=people,dc=example,dc=com" size=unlimited
>
> On Thu, Dec 12, 2013 at 1:16 PM, Clint Petty <cpetty@luthresearch.com
> <mailto:cpetty@luthresearch.com>> wrote:
>
> My ldapsearch command is only returning a max of 500 entries, while I know I
> have over 9,000 entries in the database.  If I do not have a slapd.conf file,
> how can I increase the sizelimit, to display all my entries?
>
>
>
>
> --
>
> Jason K. Brandt
>
> Systems Administrator
>
> Bradley University
> (309) 677-2958 <tel:%28309%29%20677-2958>
>
>
>
> --
>
> Jason K. Brandt
>
> Systems Administrator
>
> Bradley University
> (309) 677-2958
>


--
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/

Jason K. Brandt

Systems Administrator

Bradley University
(309) 677-2958