diff options
author | Simo Sorce <ssorce@redhat.com> | 2011-09-27 14:59:21 -0400 |
---|---|---|
committer | Simo Sorce <ssorce@redhat.com> | 2011-10-12 16:46:36 -0400 |
commit | da3539c40ccbba23ce8d3aafa1dae655e891deab (patch) | |
tree | 73ebdea7ba7aba8af0acaa7a419056fae29fc17d /install | |
parent | 8b7eb0424217a7d272c426d82dfe4ee30ac2c096 (diff) | |
download | freeipa-da3539c40ccbba23ce8d3aafa1dae655e891deab.tar.gz freeipa-da3539c40ccbba23ce8d3aafa1dae655e891deab.tar.xz freeipa-da3539c40ccbba23ce8d3aafa1dae655e891deab.zip |
updates: Change default limits on ldap searches
Fixes: https://fedorahosted.org/freeipa/ticket/1867
Diffstat (limited to 'install')
-rw-r--r-- | install/updates/10-config.update | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/install/updates/10-config.update b/install/updates/10-config.update index 133ec6766..fe7a4bd06 100644 --- a/install/updates/10-config.update +++ b/install/updates/10-config.update @@ -12,3 +12,23 @@ remove: nsslapd-pluginPrecedence: 60 # plugins (the default is 50). dn: cn=IPA MODRDN,cn=plugins,cn=config only: nsslapd-pluginPrecedence: 60 + +# Set limits to suite better IPA deployment sizes, defaults are too +# conservative +dn: cn=config +default: nsslapd-sizelimit:100000 + +dn: cn=config,cn=ldbm database,cn=plugins,cn=config +replace: nsslapd-lookthroughlimit:5000::100000 +replace: nsslapd-idlistscanlimit:4000::100000 + +#Set much lower limits for anonymous searhes +dn: cn=anonymous-limits,cn=etc,$SUFFIX +default:objectclass:nsContainer +default:objectclass:top +default:cn: anonymous-limits +default:nsSizeLimit: 5000 +default:nsLookThroughLimit: 5000 + +dn: cn=config +add:nsslapd-anonlimitsdn:cn=anonymous-limits,cn=etc,$SUFFIX |