[Freeipa-users] winsync agreement wipes IPA users
Steven Jones
Steven.Jones at vuw.ac.nz
Wed Sep 26 01:54:30 UTC 2012
Hi,
I dont have a ldapmodify command for changing something in AD.
I have increased the only scope I/we know about which is the return of objects from a search inside the AD gui but that might be specific to that view tool. That is 2000 by default, Ive set 40000, I am testing it now, if that doesn't work....
Our best AD person is currently researching to see if its even possible to alter that hard code in AD. The only way he can see is using a windows/ad specific command line command to modify the internals of AD but he's never seen or read about doing it for this attribute.
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
________________________________________
From: Rob Crittenden [rcritten at redhat.com]
Sent: Wednesday, 26 September 2012 1:31 p.m.
To: Rich Megginson
Cc: Steven Jones; freeipa-users at redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
Rich Megginson wrote:
> On 09/25/2012 03:34 PM, Steven Jones wrote:
>> Hi,
>>
>> I have set the filter size as 20000 for the user and it makes no
>> difference.
> Where did you set this? In IPA? In AD? If so, where? How?
> What does "filter size" mean? To me, it means "the size of an LDAP
> search filter in an LDAP search request" not "the maximum number of
> entries returned by a search".
The more details you can provide on what you did the better. This might
include the exact ldapmodify command, where you entered it in AD, the
attribute names, whichever is applicable.
regards
rob
More information about the Freeipa-users
mailing list