nslcd <passwd(all)> ldap_result() failed: Administrative limit exceeded
[Date Prev][
Date Next]
[Thread Prev][
Thread Next]
nslcd <passwd(all)> ldap_result() failed: Administrative limit exceeded
- From: Doug Niven <dniven [at] ucsc.edu>
- To: nss-pam-ldapd-users [at] lists.arthurdejong.org
- Subject: nslcd <passwd(all)> ldap_result() failed: Administrative limit exceeded
- Date: Wed, 2 Jan 2019 16:00:35 -0800
Hi Folks,
I’ve got an Ubuntu 18.04 machine doing anonymous lookups to a central LDAP
server but am experiencing intermittent authentication issues.
I’m pretty sure the following log item in /var/log/syslog explains the problem:
nslcd <passwd(all)> ldap_result() failed: Administrative limit exceeded
What I suspect is happening is that nslcd is asking for the entire list of all
our campus LDAP users (over 20k), and that LDAP server is not okay with this.
In fact, the LDAP client machine only has less than 5 users.
Please let me know if there are any ways to fix or rectify this issue.
Thanks in advance for any suggestions and/or ideas.
The two relevant files are below, with obfuscated LDAP name.
Cheers, Doug
% cat /etc/nslcd.conf
uid nslcd
gid nslcd
uri ldap://ldap.example.com
base dc=org,dc=edu
tls_cacertdir /etc/openldap/cacerts
map passwd homeDirectory "/home/$uid"
idle_timelimit 240
# automatically added on upgrade of nslcd package
tls_cacertfile /etc/ssl/certs/ca-certificates.crt
% cat /etc/ldap.conf
base dc=ucsc,dc=edu
uri ldap://ldap.example.com
ldap_version 3
pam_password md5
ssl start_tls
tls_cacertdir /etc/openldap/cacerts
SIZELIMIT 50
--
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
https://lists.arthurdejong.org/nss-pam-ldapd-users/
- nslcd <passwd(all)> ldap_result() failed: Administrative limit exceeded,
Doug Niven
