[Samba] LDAP search failed: Size limit exceeded
Eric A. Hall
ehall at ehsco.com
Thu Sep 15 18:35:07 GMT 2005
On 9/15/2005 12:49 PM, Michael Christian wrote:
> Hi list. I've decided to try and tackle this one piece at a time.
>
> Does anyone know why I would get the following error:
> [root at primary ~]# net groupmap list
> [2005/09/15 12:44:08, 0] passdb/pdb_ldap.c:ldapsam_setsamgrent(2458)
> ldapsam_setsamgrent: LDAP search failed: Size limit exceeded
> [2005/09/15 12:44:08, 0] passdb/pdb_ldap.c:ldapsam_enum_group_mapping(2523)
> ldapsam_enum_group_mapping: Unable to open passdb
>
> I seem to have some size related issue concerning Groups...
I don't know what the problem is but I can give some pointers.
Queries that return ~everything can overwhelm participants, so LDAP has
the ability to limit the amount of data returned, either with "paged"
answer sets, or size limits, or both. "Size limit exceeded" is a typical
LDAP error when the size limit has been exceeded.
I'm pretty sure that Samba's LDAP interface understands paged results (my
server is down for maintenance right now or I'd check), but maybe your
LDAP server doesn't. Are you using a fairly recent OpenLDAP RPM package or
something else?
Actually my guess/assumption is that your queries are poorly formed and
poorly rooted, and as a result your searches are matching everything in
the directory. Make sure you set the proper suffixes in smb.conf so that
searches are constrained to the correct search base.
Weren't you reporting similar problems with PAM? Frankly I'd start there
if I were you, since it seems to be a problem with all of your LDAP
searches everywhere. Find the support list for your server and start with
them is best advice I can give.
--
Eric A. Hall http://www.ehsco.com/
Internet Core Protocols http://www.oreilly.com/catalog/coreprot/
More information about the samba
mailing list