JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle Directory Server Enterprise Edition Administration Guide 11g Release 1 (11.1.1.5.0)
Oracle Technology Network
Library
PDF
Print View
Feedback
search filter icon
search icon

Document Information

Preface

Part I Directory Server Administration

1.  Directory Server Tools

2.  Directory Server Instances and Suffixes

3.  Directory Server Configuration

Displaying the Configuration of Directory Server Instance

Modifying the Configuration Using DSCC

Modifying the Configuration From the Command Line

Modifying the dse.ldif File

Configuring Administration Users

To Create an Administration User with Root Access

To Configure the Directory Manager

Protecting Configuration Information

Changing Directory Server Port Numbers

To Modify a Port Number, Enable a Port, and Disable a Port

Configuring DSML

To Enable the DSML-over-HTTP Service

To Disable the DSML-over-HTTP Service

To Configure DSML Security

DSML Identity Mapping

To Define a New Identity Mapping for HTTP Headers

Setting the Server as Read-Only

To Enable or Disable the Server Read-Only Mode

Configuring Memory

Priming Caches

To Modify Database Cache

To Monitor Database Cache

To Monitor Entry Cache

To Modify Entry Cache

To Configure Heap Memory Threshold

Setting Resource Limits For Each Client Account

To Configure Search Limit

4.  Directory Server Entries

5.  Directory Server Security

6.  Directory Server Access Control

7.  Directory Server Password Policy

8.  Directory Server Backup and Restore

9.  Directory Server Groups, Roles, and CoS

10.  Directory Server Replication

11.  Directory Server Schema

12.  Directory Server Indexing

13.  Directory Server Attribute Value Uniqueness

14.  Directory Server Logging

15.  Directory Server Monitoring

Part II Directory Proxy Server Administration

16.  Directory Proxy Server Tools

17.  Directory Proxy Server Instances

18.  LDAP Data Views

19.  Directory Proxy Server Certificates

20.  Directory Proxy Server Load Balancing and Client Affinity

21.  Directory Proxy Server Distribution

22.  Directory Proxy Server Virtualization

23.  Virtual Data Transformations

24.  Connections Between Directory Proxy Server and Back-End LDAP Servers

25.  Connections Between Clients and Directory Proxy Server

26.  Directory Proxy Server Client Authentication

27.  Directory Proxy Server Logging

28.  Directory Proxy Server Monitoring and Alerts

Part III Directory Service Control Center Administration

29.  Directory Service Control Center Configuration

Index

Setting Resource Limits For Each Client Account

You can control search operation resource limits on the server for each client account. You set such limits in operational attributes on an account, and Directory Server then enforces them based on the account a client uses to bind to the directory.

The following limits can be set:

Note - The Directory Manager can use unlimited resources by default.

The resource limits that you set on specific user accounts take precedence over the resource limits set in the server-wide configuration. This section provides information about setting resource limits for each account.

The examples given in this section set resource limits directly in the attributes of the entry. You can also set resource limits on account using the Class of Service (CoS) mechanism. The CoS mechanism generates computed attributes as an entry is retrieved for a client application. For more information about defining CoS, see Class of Service.

To Configure Search Limit

If you want to define the search limit that is used by the nsslapd process, refer to the following procedure:

You can use DSCC to perform this task. For information, see Directory Service Control Center Interface and the DSCC online help.

  1. Use the dsconf get-server-prop command to read the resource limit server properties.
    $ dsconf get-server-prop -h host -p port look-through-limit search-size-limit \
 search-time-limit idle-timeout
look-through-limit  :  5000  
search-size-limit   :  2000  
search-time-limit   :  3600
idle-timeout        :  none

    The output shows that searches look through a maximum of 5000 entries, return a maximum of 2000 entries, and use a maximum of one hour (3600 seconds) of server time to process the search.

  2. Change the look-through limit.
    $ dsconf set-server-prop -h host -p port look-through-limit:integer

    where integer is the maximum number of entries examined for a search operation.

  3. Change the search size limit.
    $ dsconf set-server-prop -h host -p port search-size-limit:integer

    where integer is the maximum number of entries returned by a search operation.

  4. Change the search time limit.
    $ dsconf set-server-prop -h host -p port search-time-limit:integer

    where integer is the maximum time spent processing a search operation.

  5. Change the idle timeout.
    $ dsconf set-server-prop -h host -p port idle-timeout:integer

    where integer is the maximum time a client connection can remain idle before the connection is dropped.

Copyright © 2011, Oracle and/or its affiliates. All rights reserved. Legal Notices
Previous Next