[Freeipa-devel] [PATCH] 984 fix anonlimits dn
Martin Kosek
mkosek at redhat.com
Tue Mar 13 07:35:50 UTC 2012
On Mon, 2012-03-12 at 17:58 -0400, Rob Crittenden wrote:
> Martin Kosek wrote:
> > On Wed, 2012-03-07 at 18:02 -0500, Rob Crittenden wrote:
> >> The value of nsslapd-anonlimitsdn wasn't being set properly because it
> >> wasn't quoted. This will fix it, replacing whatever is there with a
> >> correct value.
> >>
> >> rob
> >
> > The IPA anonlimits DN is now set correctly. However anonlimits in
> > cn=anonymous-limits,cn=etc,SUFFIX are still empty (nsSizeLimit and
> > nsLookThroughLimit values defined in 10-config.update are not set).
> >
> > Martin
> >
>
> These are operational attributes, did you have them in the attribute
> list of your query?
>
> $ ldapsearch -LLL -x -b cn=anonymous-limits,cn=etc,dc=example,dc=com
> nssizelimit nslookthroughlimit
> dn: cn=anonymous-limits,cn=etc,dc=example,dc=com
> nssizelimit: 5000
> nslookthroughlimit: 5000
>
> rob
Ah, thanks for explanation. These are indeed operational attributes and
need to be queried explicitly.
Works for me, ACK. Pushed to master, ipa-2-2.
Martin
More information about the Freeipa-devel
mailing list