ODSEE - Search Results in err=11 (Administrative Limit Exceeded) When Binding Anonymously
(Doc ID 1322157.1)
Last updated on JULY 26, 2023
Applies to:
Oracle Directory Server Enterprise Edition - Version 5.1 and laterInformation in this document applies to any platform.
Symptoms
1) Entries with an anonymous bind can not be returned because the search results in err=11.
From the access log -
[27/Apr/2011:16:07:37 -0400] conn=1531486 op=-1 msgId=-1 - fd=165 slot=165 LDAP connection from <IP> to <IP>
[27/Apr/2011:16:07:37 -0400] conn=1531486 op=0 msgId=1 - SRCH base="ou=people,ou=intranet,dc=SUFFIX_DN" scope=2 filter="(uid=*345*)" attrs="dn"
[27/Apr/2011:16:07:37 -0400] conn=1531486 op=0 msgId=1 - RESULT err=11 tag=101 nentries=7 etime=0
[27/Apr/2011:16:07:37 -0400] conn=1531486 op=1 msgId=2 - UNBIND
[27/Apr/2011:16:07:37 -0400] conn=1531486 op=1 msgId=-1 - closing - U1
[27/Apr/2011:16:07:37 -0400] conn=1531486 op=-1 msgId=-1 - closed.
2) The nsslapd-allidsthreshold (allids) is greater than the total number of entries in the database.
In this example, the allids is 300k, and the total number of entries is 239529.
nsslapd-allidsthreshold: 300000
The total number of entries can be found in the errors log.
For example -
[26/Apr/2011:19:43:49 -0400] - INFO: 239529 entries in the directory database.
By default, the allids configuration is 4000.
3) There is no index configured for the attribute used in the search filter.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Cause |
| Solution |
| References |