Subject: Grouper Users - Open Discussion List
- From: Tom Zeller <>
- To: Tim Darby <>
- Cc: grouper-users <>
- Subject: Re: [grouper-users] LDAPPC logging level
- Date: Tue, 9 Feb 2010 11:11:19 -0600
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:cc:content-type :content-transfer-encoding; b=QivsifY/bYIDcBemxYtYl/xb5JbKAIiAghzMLqWa6C8X4hhMUMf272RFXgbKeHlr79 xHSiI6bFF+DoGQvlRz9vNviayyLXqB6Kd7YpHSVnIjFk3/LJVsokTUGKGiZDNeEujZpC coXt3aQJHCdW3DtzizTBcDPegj+QPBDVjcNno=
FWIW, in ldappc 1.5, there is a configuration option to not "bundle"
ldap operations - you'd have 62k ops instead of one. It might be nice
to make the "bundle size" configurable.
On Mon, Feb 8, 2010 at 4:36 PM, Tim Darby
> Thanks, Paul, that worked!
> On Mon, Feb 8, 2010 at 3:11 PM, Paul Engle
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>> You're probably running afoul of a limit set in FDS. We're
>> still stuck on FDS1.0.4, but I don't think the basic config
>> attributes have changed much. Check the value of the attribute
>> nsslapd-maxbersize on the cn=config object. That's going to be
>> the maximum size, in bytes, of the LDAP message the server will
>> accept. Our largest group only has around 10k or so members, so
>> we haven't hit this (yet).
>> - --On Monday, February 08, 2010 2:37 PM -0700 Tim Darby
>> > Thanks. this is what I needed. What's happening is that I'm
>> > trying to provision a group that has over 62,000 hasMember
>> > attributes using LDAPPC in 1.4.2 and I'm getting this error
>> > in Fedora Directory Server 1.2:
>> > conn=864146 op=-1 fd=64 closed error 90 (Message too long) -
>> > B2
>> > I can reproduce this using ldapmodify and I've determined
>> > that somewhere between 32,000 and 35,000 hasMember attributes
>> > is the maximum that I can send to FDS without error.
>> > Anything I can do with LDAPPC (or FDS) to get around this?
>> > Tim
>> > On Thu, Jan 28, 2010 at 2:04 PM, Tom Zeller
>> > <>
>> > wrote:
>> >> Is there a way to increase the amount of logging for LDAPPC
>> >> in Grouper 1.4.2?
>> > Short of modifying source code and recompiling, there's just
>> > log4j.properties
>> > log4j.logger.edu.internet2.middleware.ldappc = DEBUG
>> > which you likely tried already. Logging is improved in 1.5,
>> > including
>> > writing changes as LDIF.
>> > Are you confronting a particular issue ?
>> > TomZ
>> - --
>> Paul D. Engle | Rice University
>> Sr. Systems Administrator | Information Technology - MS119
>> (713)348-4702 | PO Box 1892
>> | Houston, TX 77252-1892
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.4.7 (MingW32)
>> -----END PGP SIGNATURE-----
- Re: [grouper-users] LDAPPC logging level, Tim Darby, 02/08/2010
Archive powered by MHonArc 2.6.16.