[imp] ldap_search_s Sizelimit exceeded
Patrick Timmons
ptimmons@courriel.polymtl.ca
Mon, 20 Nov 2000 15:35:34 -0500
One way to know is to check the slapd log.
Look at the lines preceeded by '*' in the following example:
* Nov 20 15:15:34 c2 slapd[138]: conn=184608 fd=28 connection from sg-lgauthier.admpoly.polymtl.ca (132.207.113.65) accepted.
Nov 20 15:15:34 c2 slapd[138]: conn=184608 op=0 BIND dn="" method=128
Nov 20 15:15:34 c2 slapd[138]: conn=184608 op=0 RESULT err=0 tag=97 nentries=0
* Nov 20 15:15:34 c2 slapd[138]: conn=184608 op=1 SRCH base="O=POLYMTL.CA" scope=2 filter="(|(cn=SI*)(mail=SI*)(sn=SI*))"
* Nov 20 15:15:36 c2 slapd[138]: conn=184608 op=1 RESULT err=4 tag=101 nentries=20
Nov 20 15:15:38 c2 slapd[138]: conn=184608 op=-1 fd=28 closed errno=104
Of particular interest is the filter= and the nentries= parts.
In this example, the number of entries returned is my maximum of 20 and there is an error code of 4 which
is LDAP_SIZELIMIT_EXCEEDED.
The filter= is what your PAM_LDAP asks and the nentries= is the number of records matching in the DB. (In my example,
the user is using outlook or outlook express.)
If nentries is consistent with what is in your ldap db then it must be an error in the 'PAM' part.
You can ask for help at openldap-software@openldap.org. Make sure you get on the list
before you ask a question so you can see the answers.
Shain Miley wrote:
>
> Patrick,
> Yes it is OpenLDAP version 1.211. It is the one listed as stable on the
> openldap web site.
> Shain
> Patrick Timmons wrote:
> >
> > Is it OpenLDAP and if so what version ?
> >
> > Shain Miley wrote:
> > >
> > > Well,
> > > I am not sure that it does have to do with the number of records. The
> > > reason I believe that it is not the number of records is as this is a
> > > test machine and there are only 6 records in the ldap directory. When I
> > > set up a user with 10 letters in the user name I get the error. When I
> > > switched to a username with 2 letters I was able to login just fine.
> > > This error has to do with the number of letters in the username I
> > > use...I was able to get that far. Any ideas? Thanks.
> > > Shain
> > >
> > > Patrick Timmons wrote:
> > > >
> > > > Hi.
> > > >
> > > > Just in case no body has answered. This means there were too many records
> > > > matching the search you were doing. I've set my ldap server to answer at most 20
> > > > entries. In OpenLDAP, I think the default is 500 records.
> > > >
> > > > Shain Miley wrote:
> > > > >
> > > > > Hi,
> > > > > I am trying to log in to IMP useing PAM and LDAP, however I cannot and
> > > > > when I look at the log I see the following error:pam_ldap: ldap_search_s
> > > > > Sizelimit exceeded. Does anyone know what might be causeing this?
> > > > > Thanks.
> > > > > Shain
> > > > >
> > > > > --
> > > > > IMP mailing list: http://horde.org/imp/
> > > > > Frequently Asked Questions: http://horde.org/faq/
> > > > > To unsubscribe, mail: imp-unsubscribe@lists.horde.org
> > > >
> > > > --
> > > > Patrick Timmons, service informatique
> > > >
> > > > --
> > > > IMP mailing list: http://horde.org/imp/
> > > > Frequently Asked Questions: http://horde.org/faq/
> > > > To unsubscribe, mail: imp-unsubscribe@lists.horde.org
> > >
> > > --
> > > IMP mailing list: http://horde.org/imp/
> > > Frequently Asked Questions: http://horde.org/faq/
> > > To unsubscribe, mail: imp-unsubscribe@lists.horde.org
> >
> > --
> > Patrick Timmons, service informatique
> >
> > --
> > IMP mailing list: http://horde.org/imp/
> > Frequently Asked Questions: http://horde.org/faq/
> > To unsubscribe, mail: imp-unsubscribe@lists.horde.org
>
> --
> IMP mailing list: http://horde.org/imp/
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: imp-unsubscribe@lists.horde.org
--
Patrick Timmons, service informatique