Avoiding Buffer Overruns With Oracle Directory Server Enterprise Edition - Working With Oracle® Solaris 11.2 Directory and Naming Services: LDAP

Working With Oracle^® Solaris 11.2 Directory and Naming Services: LDAP

Exit Print View

» ...Documentation Home » Oracle Solaris 11.2 Information Library » Working With Oracle^® Solaris ... » Transitioning From NIS to LDAP » NIS-to-LDAP Best Practices With Oracle ... » Avoiding Buffer Overruns With Oracle Directory ...

Updated: July 2014

Working With Oracle^® Solaris 11.2 Directory and Naming Services: LDAP

Document Information

Using This Documentation

Chapter 1 Introduction to the LDAP Naming Service

Chapter 2 LDAP and Authentication Service

Chapter 3 Planning Requirements for LDAP Naming Services

Chapter 4 Setting Up Oracle Directory Server Enterprise Edition With LDAP Clients

Chapter 5 Setting Up LDAP Clients

Chapter 6 Troubleshooting LDAP

Chapter 7 LDAP Naming Service (Reference)

Chapter 8 Transitioning From NIS to LDAP

NIS-to-LDAP Service Overview

NIS-to-LDAP Tools and the Service Management Facility

NIS-to-LDAP Audience Assumptions

When Not to Use the NIS-to-LDAP Service

Effects of the NIS-to-LDAP Service on Users

NIS-to-LDAP Transition Terminology

NIS-to-LDAP Commands, Files, and Maps

Supported Standard Mappings

Transitioning From NIS to LDAP (Task Map)

Prerequisites for the NIS-to-LDAP Transition

Setting Up the NIS-to-LDAP Service

How to Set Up the N2L Service With Standard Mappings

How to Set Up the N2L Service With Custom or Nonstandard Mappings

Examples of Custom Maps

NIS-to-LDAP Best Practices With Oracle Directory Server Enterprise Edition

Creating Virtual List View Indexes With Oracle Directory Server Enterprise Edition

Avoiding Server Timeouts With Oracle Directory Server Enterprise Edition

Avoiding Buffer Overruns With Oracle Directory Server Enterprise Edition

NIS-to-LDAP Restrictions

NIS-to-LDAP Troubleshooting

Common LDAP Error Messages

NIS-to-LDAP Issues

Reverting to NIS

How to Revert to Maps Based on Old Source Files

How to Revert to Maps Based on Current DIT Contents

Language:

Avoiding Buffer Overruns With Oracle Directory Server Enterprise Edition

To avoid buffer overruns, modify the Oracle Directory Server Enterprise Edition attributes manually or by running the idsconfig command.

For example, to increase the maximum number of entries that are returned for a client search query, modify these attributes:
```
dn: cn=config
nsslapd-sizelimit: -1
```
To increase the maximum number of entries that are verified for a client search query, modify these attributes:
```
dn: cn=config, cn=ldbm database, cn=plugins, cn=config
nsslapd-lookthroughlimit: -1
```

For testing purposes, you can use an attribute value of –1, which indicates no limit. When you have determined the optimum limit value, change the attribute value. Do not maintain any attribute settings at –1 on a production server. With no limits, the server might be vulnerable to Denial of Service attacks.

If VLVs are being used, the sizelimit attribute values should be set as defined in Creating Virtual List View Indexes With Oracle Directory Server Enterprise Edition. If VLVs are not being used, the size limit should be set large enough to accommodate the largest container.

For more information about configuring Oracle Directory Server Enterprise Edition with LDAP, see Chapter 4, Setting Up Oracle Directory Server Enterprise Edition With LDAP Clients.

Copyright © 2002, 2014, Oracle and/or its affiliates. All rights reserved. Legal Notices