Red Hat Directory Server 8.0 Configuration, Command, and File Reference
This section covers global configuration attributes common to all instances are stored in the
cn=config, cn=ldbm database, cn=plugins, cn=config tree node.
4.1.1. nsLookthroughLimit
This performance-related attribute specifies the maximum number of entries that the Directory
Server will check when examining candidate entries in response to a search request. The
Directory Manager DN, however, is, by default, unlimited and overrides any other settings
specified here. It is worth noting that binder-based resource limits work for this limit, which
means that if a value for the operational attribute nsLookThroughlimit is present in the entry
as which a user binds, the default limit will be overridden. Attempting to set a value that is not a
number or is too big for a 32-bit signed integer returns an LDAP_UNWILLING_TO_PERFORM error
message with additional error information explaining the problem.
Parameter Description
Entry DN cn=config, cn=ldbm database, cn=plugins,
cn=config
Valid Range -1 to maximum 32-bit integer in entries (where
-1 is unlimited)
Default Value 5000
Syntax Integer
Example nsLookthroughLimit: 5000
4.1.2. nsslapd-idlistscanlimit
This performance-related attribute, present by default, specifies the number of entry IDs that are
searched during a search operation. Attempting to set a value that is not a number or is too big
for a 32-bit signed integer returns an LDAP_UNWILLING_TO_PERFORM error message, with
additional error information explaining the problem.
It is advisable to keep the default value to improve search performance. For a more detailed
explanation of the effect of ID lists on search performance, refer to the "Managing Indexes"
chapter in the Directory Server Administrator's Guide.
The server has to be restarted for changes to this attribute to go into effect.
Parameter Description
Entry DN cn=config, cn=ldbm database, cn=plugins,
cn=config
Valid Range 100 to the maximum 32-bit integer value
(2147483647) entry IDs
Default Value 4000
Syntax Integer
Example nsslapd-idlistscanlimit: 4000
Chapter 3. Plug-in Implemented Server Functionality Reference
132