LDAP Error in pdbedit

John H Terpstra jht at samba.org
Fri Sep 15 12:30:35 GMT 2006

On Friday 15 September 2006 00:05, you wrote:
> John H Terpstra wrote:
> > A rather large site has reported to me the following error info:
> >
> > server:/ # pdbedit -L -v
> > ldapsam_setsampwent: LDAP search failed: Size limit exceeded
> >
> >
> > The Samba code module that reports this is:
> > 	passdb/pdb_ldap.c line 1259
> >
> > The problem appears to be that when the returned data is larger than the
> > size of an int there is a problem. It seems we should be using
> > smbldap_search_paged() instead of smbldap_search().
> >
> > The site in question has over 4000 LDAP entries and the returned data is
> > much larger than 64KB.
> >
> > What is the best fix for this?
> For OpenLDAP add into slapd.conf:
> sizelimit -1
> timelimit -1
> Thanks!

The problem does not appear to be with OpenLDAP. For example, the following:

	getent passwd

returns all 4000+ entries.

With both the sizelimit and timelimit set to the infinite value (i.e.: -1 
in /etc/ldap.conf, and to 0 in /etc/openldap/ldap.conf) there is no change in 
the problem with pdbedit. The SIZELIMIT parameter was set to 20000 

I suspect that the problem is that the maximum size of the returned data from 
the smbldap_search() function is limited by the size of int. Since there is 
already an smbldap_search_paged() function in pdb_ldap.conf - I suspect that 
there must have been a reason that it was not used. Hence my asking the 

Thanks for helping.

John T.

More information about the samba-technical mailing list