grouper-users - Re: [grouper-users] LDAPPC logging level
Subject: Grouper Users - Open Discussion List
List archive
- From: Tom Zeller <>
- To: Tim Darby <>
- Cc: grouper-users <>
- Subject: Re: [grouper-users] LDAPPC logging level
- Date: Tue, 9 Feb 2010 11:11:19 -0600
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:cc:content-type :content-transfer-encoding; b=QivsifY/bYIDcBemxYtYl/xb5JbKAIiAghzMLqWa6C8X4hhMUMf272RFXgbKeHlr79 xHSiI6bFF+DoGQvlRz9vNviayyLXqB6Kd7YpHSVnIjFk3/LJVsokTUGKGiZDNeEujZpC coXt3aQJHCdW3DtzizTBcDPegj+QPBDVjcNno=
FWIW, in ldappc 1.5, there is a configuration option to not "bundle"
ldap operations - you'd have 62k ops instead of one. It might be nice
to make the "bundle size" configurable.
TomZ
On Mon, Feb 8, 2010 at 4:36 PM, Tim Darby
<>
wrote:
> Thanks, Paul, that worked!
>
> Tim
>
> On Mon, Feb 8, 2010 at 3:11 PM, Paul Engle
> <>
> wrote:
>>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>>
>> Tim,
>>
>> You're probably running afoul of a limit set in FDS. We're
>> still stuck on FDS1.0.4, but I don't think the basic config
>> attributes have changed much. Check the value of the attribute
>> nsslapd-maxbersize on the cn=config object. That's going to be
>> the maximum size, in bytes, of the LDAP message the server will
>> accept. Our largest group only has around 10k or so members, so
>> we haven't hit this (yet).
>>
>> -paul
>>
>> - --On Monday, February 08, 2010 2:37 PM -0700 Tim Darby
>> <>
>> wrote:
>>
>> > Thanks. this is what I needed. What's happening is that I'm
>> > trying to provision a group that has over 62,000 hasMember
>> > attributes using LDAPPC in 1.4.2 and I'm getting this error
>> > in Fedora Directory Server 1.2:
>> >
>> > conn=864146 op=-1 fd=64 closed error 90 (Message too long) -
>> > B2
>> >
>> > I can reproduce this using ldapmodify and I've determined
>> > that somewhere between 32,000 and 35,000 hasMember attributes
>> > is the maximum that I can send to FDS without error.
>> > Anything I can do with LDAPPC (or FDS) to get around this?
>> >
>> > Tim
>> >
>> >
>> > On Thu, Jan 28, 2010 at 2:04 PM, Tom Zeller
>> > <>
>> > wrote:
>> >
>> >
>> >> Is there a way to increase the amount of logging for LDAPPC
>> >> in Grouper 1.4.2?
>> >
>> > Short of modifying source code and recompiling, there's just
>> > log4j.properties
>> >
>> > log4j.logger.edu.internet2.middleware.ldappc = DEBUG
>> >
>> > which you likely tried already. Logging is improved in 1.5,
>> > including
>> > writing changes as LDIF.
>> >
>> > Are you confronting a particular issue ?
>> >
>> > TomZ
>> >
>> >
>> >
>>
>>
>>
>> - --
>> Paul D. Engle | Rice University
>> Sr. Systems Administrator | Information Technology - MS119
>> (713)348-4702 | PO Box 1892
>>
>> | Houston, TX 77252-1892
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.4.7 (MingW32)
>>
>> iD8DBQFLcIwmCpkISWtyHNsRAvYOAKDG4khJXoDcSOxWCGoXNMOgk9xQOgCgrjZ+
>> x1nHiP+xpTDOaTfUg+FfMYU=
>> =fyok
>> -----END PGP SIGNATURE-----
>>
>>
>
>
- Re: [grouper-users] LDAPPC logging level, Tim Darby, 02/08/2010
- Re: [grouper-users] LDAPPC logging level, Paul Engle, 02/08/2010
- Message not available
- Re: [grouper-users] LDAPPC logging level, Tim Darby, 02/08/2010
- Re: [grouper-users] LDAPPC logging level, Tom Zeller, 02/09/2010
- Re: [grouper-users] LDAPPC logging level, Tim Darby, 02/08/2010
Archive powered by MHonArc 2.6.16.