[Freeipa-users] ipa user-find
Petr Spacek
pspacek at redhat.com
Thu Oct 25 13:43:43 UTC 2012
On 10/25/2012 03:23 PM, Rob Crittenden wrote:
> Rich Megginson wrote:
>> On 10/24/2012 09:16 PM, Rob Crittenden wrote:
>>> Steven Jones wrote:
>>>> Hi,
>>>>
>>>> How do I bind as the directory manager? Ive tried and I cant figure
>>>> out how.
>>>
>>> Assuming you're running on the same host as IPA:
>>>
>>> $ ldapmodify -x -D 'cn=directory manager' -W
>>> dn: cn=default instance config,cn=chaining database,cn=plugins,cn=config
>>> changetype: modify
>>> replace: nsslapd-sizelimit
>>> nsslapd-sizelimit: 8000
>>>
>>> ^D
I would recommend to modify user-specific settings rather that global settings.
E.g. for admin you can set "unlimited" size with following LDIF snippet:
dn: uid=admin,cn=users,cn=accounts,dc=e,dc=test
changetype: modify
add: nsSizeLimit
nsSizeLimit: -1
Also other limits are enforced by 389 DS. All of them can be disabled with
"-1" value:
nsIdleTimeout: -1
nsLookThroughLimit: -1
nsSizeLimit: -1
nsTimeLimit: -1
Please note different attribute names for user-specific and global-setting
attributes.
Whole procedure and attribute meaning is described in
https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Directory_Server/8.1/html/Administration_Guide/User_Account_Management-Setting_Resource_Limits_Based_on_the_Bind_DN.html
--
Petr^2 Spacek
>>>
>>> And yes, that's an extra blank line after 8000.
>>
>> ? chaining database? Does IPA use this?
>>
>> Don't you mean dn: cn=config ?
>
> Yes, of course I did. Sorry, this is what I get for responding too quickly.
>
> rob
More information about the Freeipa-users
mailing list