[Freeipa-users] DNS search timeouts and incomplete results
Martin Basti
mbasti at redhat.com
Tue Dec 13 16:17:23 UTC 2016
Tomas already replied to you, copying here as archives are currently
offline to prevent spam
"""
Hi,
you seem to be hitting the size limit on LDAP side. To verify, check
ldapsearch -D 'cn=directory manager' -W -b cn=config cn=config | grep
nsslapd-sizelimit
If you really need to increase this size limit, you will have to modify
the nsslapd-sizelimit in cn=config.
"""
Martin
On 13.12.2016 17:06, Mike Driscoll wrote:
> Any thoughts about this sizelimit bug?
>
> Mike
>
>
>
>> On Nov 28, 2016, at 14:44, Mike Driscoll <mike.driscoll at oracle.com> wrote:
>>
>> I'm running:
>> # rpm -qa | grep ipa-server
>> ipa-server-4.4.0-12.0.1.el7.x86_64
>> ipa-server-dns-4.4.0-12.0.1.el7.noarch
>> ipa-server-common-4.4.0-12.0.1.el7.noarch
>>
>> Searching DNS for all hostnames containing "qa" times out in the GUI. Setting aside the option to change server defaults, this cli command isn't giving me the content I need:
>>
>> # ipa dnsrecord-find mydomain.com --sizelimit=10000 --timelimit=20 | grep qa
>> ipa: WARNING: Search result has been truncated: Configured size limit exceeded
>>
>> It seems like the sizelimit parameter greater than two thousand is being ignored:
>>
>> # ipa dnsrecord-find mydomain.com --sizelimit=1900 --timelimit=20
>> ...
>> -------------------------------
>> Number of entries returned 1900
>> -------------------------------
>>
>> # ipa dnsrecord-find mydomain.com --sizelimit=2100 --timelimit=20
>> ...
>> -------------------------------
>> Number of entries returned 2000
>> -------------------------------
>>
>> Any suggestions?
>>
>> Mike
>
More information about the Freeipa-users
mailing list