- REASON: Caught exception running LDAP sync.
- [LDAP: error code 2 - paged results cookie is invalid];
- nested exception is javax.naming.CommunicationException:
- [LDAP: error code 2 - paged results cookie is invalid];
- remaining name 'dc=example,dc=com'
谷歌搜索该错误引发了对LDAP分页和相关限制的讨论.该文档在OpenLDAP limits中提到了olcSizeLimit和size.pr.
我可以使用这个ldif将我的olcSizeLimit从500改为-1:
- dn: cn=config
- changetype: modify
- replace: olcSizeLimit
- olcSizeLimit: -1
不幸的是,我的客户仍然看到它的分页问题.
size.pr是slapd.conf设置,而我的OpenLDAP使用slapd.d.在LDAP模式中浏览后,我发现olcDbClientPr被描述为’PagedResults handling’.此外,这是在OpenLDAP source code中描述的方式:
假设olcDbClientPr与size.pr相同,我该如何设置它?
我试过这个:
- dn: cn=config
- changetype: modify
- replace: olcDbClientPr
- olcDbClientPr: -1
它抛出此错误:
- modifying entry "cn=config"
- ldap_modify: Object class violation (65)
- additional info: attribute 'olcDbClientPr' not allowed
如果它是相关的,这里是我的cn = config目录的内容:
- # ls /etc/openldap/slapd.d/cn=config/
- cn=module{0}.ldif olcDatabase={0}config.ldif olcDatabase={1}hdb.ldif
- cn=schema olcDatabase={-1}frontend.ldif olcDatabase={1}monitor.ldif
- cn=schema.ldif olcDatabase={1}hdb
来自slapd-config(5):
olcSizeLimit: size[.{soft|hard|unchecked}]= […]
Specify the maximum number of entries to return from a search operation. The default size limit is 500. Use unlimited to specify no limits. The second format allows a fine grain setting of the size limits. Extra args can be added in the same value or as additional values. See olcLimits for an explanation of the different flags.
olcDbClientPr与size.pr不同.