[Freeipa-users] ipa user-find

Rich Megginson rmeggins at redhat.com
Thu Oct 25 20:44:10 UTC 2012 

On 10/25/2012 02:37 PM, Steven Jones wrote:
> Hi,
>
> Ive tried,
>
> dn: cn=default instance config,cn=config,cn=plugins
>
> and,
>
> dn: cn=default instance config,cn=config,cn=plugins,cn=config
Try
dn: cn=config
>
> and get no such  object (32)
>
> regards
>
> Steven Jones
>
> Technical Specialist - Linux RHCE
>
> Victoria University, Wellington, NZ
>
> 0064 4 463 6272
>
> ________________________________________
> From: Rob Crittenden [rcritten at redhat.com]
> Sent: Thursday, 25 October 2012 4:16 p.m.
> To: Steven Jones
> Cc: freeipa-users at redhat.com
> Subject: Re: [Freeipa-users] ipa user-find
>
> Steven Jones wrote:
>> Hi,
>>
>> How do I bind as the directory manager?  Ive tried and I cant figure out how.
> Assuming you're running on the same host as IPA:
>
> $ ldapmodify -x -D 'cn=directory manager' -W
> dn: cn=default instance config,cn=chaining database,cn=plugins,cn=config
> changetype: modify
> replace: nsslapd-sizelimit
> nsslapd-sizelimit: 8000
>
> ^D
>
> And yes, that's an extra blank line after 8000.
>
>> and how do I get the web ui to return all users so I can see if the winsync is working , its a test bed so I need to do a side by side comparison....
> You'll need to modify the size limit in the IPA configuration screen.
> IPA Server ->  Configuration ->  Search size limit
>
> rob
>
>> regards
>>
>> Steven Jones
>>
>> Technical Specialist - Linux RHCE
>>
>> Victoria University, Wellington, NZ
>>
>> 0064 4 463 6272
>>
>> ________________________________________
>> From: Rob Crittenden [rcritten at redhat.com]
>> Sent: Thursday, 25 October 2012 3:40 p.m.
>> To: Steven Jones
>> Cc: freeipa-users at redhat.com
>> Subject: Re: [Freeipa-users] ipa user-find
>>
>> Steven Jones wrote:
>>> When doing the above it only returns 2000, I have 6000
>>>
>>> How to get it to return 6000+?
>> There are two size limits. One is a global limit in 389-ds-base,
>> nsslapd-sizelimit which defaults to 2000.
>>
>> IPA has its own search limit which you can also set globally, or
>> override it on the command line (which I'll do below).
>>
>> You'll need to bind as Directory Manager to change nsslapd-sizelimit
>> then you can run:
>>
>> ipa user-find --sizelimit=8000
>>
>> I don't believe any services need to be restarted for this to take effect.
>>
>> We generally discourage enumerating all entries for performance reasons
>> which is why by default the IPA size limit is 100.
>>
>> rob
>>
>>
>>
>
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users

More information about the Freeipa-users mailing list