[TriLUG] OpenLDAP - Time limit exceeded
Kristopher Kane
kristopher.kane at gmail.com
Wed Jan 18 19:19:33 EST 2012
All,
Having trouble with openldap(2.3) on RHEL 5.
I am trying to do an ldapsearch on the entire suffix and return all entries.
Example:
> ldapsearch -x -H ldap://ldap1
This is an anonymous read as far as the slapd.conf acl goes. It gets
to around the 40th entry of over 300 and I get: result: 3 Time limit
exceeded.
I changed the timelimit in slapd.conf to unlimited and receive the
same result. I also have done:
> ldapsearch -x -H ldap://ldap1 -l 0
to set the client side time limit to unlimited.
If I specify the managing user in the query:
> ldapsearch -x -H ldap://ldap1 -D "cn=<managing account>,dc=<suffix>" -w <pass>
The search returns much faster (I get over 200 accounts) but still
reaches a time limit.
Google tells me that I have bad indexes. I'll be honest and say that
I simply copied the default DB_CONFIG from /etc/openldap/ to my LDAP
DB directory and ran slapindex with the default indexes in slapd.conf.
My questions are:
Is there another timelimit variable that I am missing?
Are the default indexes specified in the 'nilla openldap slapd.conf
not good enough for my database to return quickly? Note: I'm not
using a custom schema.
I appreciate any help you all can provide.
Thanks,
-Kris Kane
More information about the TriLUG
mailing list