diff options
| author | Simo Sorce <ssorce@redhat.com> | 2011-09-27 14:59:21 -0400 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2011-10-12 22:42:03 -0400 |
| commit | 9724251292e4c0797367fcc351a9f16f30c6aefe (patch) | |
| tree | 8f606512b9ef090a1247e67e2d4cefc1733ae0cd | |
| parent | 197b1acfe4ca40fe9570231d4c74db2ce1048ca6 (diff) | |
| download | freeipa-9724251292e4c0797367fcc351a9f16f30c6aefe.tar.gz freeipa-9724251292e4c0797367fcc351a9f16f30c6aefe.tar.xz freeipa-9724251292e4c0797367fcc351a9f16f30c6aefe.zip | |
updates: Change default limits on ldap searches
Fixes: https://fedorahosted.org/freeipa/ticket/1867
https://fedorahosted.org/freeipa/ticket/1888
| -rw-r--r-- | install/updates/10-config.update | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/install/updates/10-config.update b/install/updates/10-config.update index 133ec6766..fe7a4bd06 100644 --- a/install/updates/10-config.update +++ b/install/updates/10-config.update @@ -12,3 +12,23 @@ remove: nsslapd-pluginPrecedence: 60 # plugins (the default is 50). dn: cn=IPA MODRDN,cn=plugins,cn=config only: nsslapd-pluginPrecedence: 60 + +# Set limits to suite better IPA deployment sizes, defaults are too +# conservative +dn: cn=config +default: nsslapd-sizelimit:100000 + +dn: cn=config,cn=ldbm database,cn=plugins,cn=config +replace: nsslapd-lookthroughlimit:5000::100000 +replace: nsslapd-idlistscanlimit:4000::100000 + +#Set much lower limits for anonymous searhes +dn: cn=anonymous-limits,cn=etc,$SUFFIX +default:objectclass:nsContainer +default:objectclass:top +default:cn: anonymous-limits +default:nsSizeLimit: 5000 +default:nsLookThroughLimit: 5000 + +dn: cn=config +add:nsslapd-anonlimitsdn:cn=anonymous-limits,cn=etc,$SUFFIX |