Sun Java System Directory Server Enterprise Edition 6.1 Reference

Managing Large Entries

Before adding or modifying entries with very large attribute values, you may need to configure the server to accept them. To protect against overloading the server, clients are limited to sending data no larger than 2 MB by default.

If you add an entry larger than this, or modify an attribute to a value which is larger, the server will refuse to perform the operation and immediately close the connection. For example, binary data such as multi-media contents in one or more attributes of an entry may exceed this limit.

Also, the entry defining a large static group may contain so many members that their representation exceeds the limit. However, such groups are not recommended for performance reasons, and you should consider redesigning your directory structure.

ProcedureTo Modify the Size Limit Enforced by the Server on Data Sent by Clients

  1. Set a new value for the nsslapd-maxbersize attribute of the cn=config entry.

    • To do this from the command line, use the following command:

      ldapmodify -h host -p port -D cn=admin,cn=Administrators,cn=config -w -
      dn: cn=config
      changetype: modify
      replace: nsslapd-maxbersize
      nsslapd-maxbersize: sizeLimitInBytes

      For more information, see “nsslapd-maxbersize” in the Sun Java System Directory Server Enterprise Edition 6.1 Reference.

  2. Restart the server.