Hello,

I've scoured the web for a solution to this to no avail, so I'm bringing my issue here.

If I do something to the effect of this:
ldapsearch -b "dc=example,dc=com" -x -z 3000

I'll get this back at the end of the result set:
# search result
search: 2
result: 4 Size limit exceeded

# numResponses: 501
# numEntries: 500


The thing is is that I have way more (thousands) than what's being displayed here. And I've tried to mess around with /etc/ldap.conf, changing the SIZELIMIT directive to something else, 10000, let's say, and restarting the server, but the same goddamn thing happens.

I've been messing around with this for quite some time now, hopefully someone will be able to shed some light on this so that I can learn my way out of this mess that is LDAP. Also in a related matter, I'm running Mint (based off of Ubuntu), and all the documentation that I've seen (probably read a good 100+ pages in a few days now on this) keeps telling me to make changes to my slapd.conf file. What slapd.conf file? It doesn't exist, I can't find it at least. find / -name slapd.conf turns up nothing.

This is a server side setting, and you've not said anything at all about what server this is, merely the client you're using. You can't make the client override a security setting on the server if the server doesn't want to. Added to that, slapd.conf is the config file for the openldap server, again suggesting you don't have any control of the server..?

I guess the openldap server uses the new config style (cn=config) and not /etc/ldap/slapd.conf.
If that's the case you should use an ldif file to change the default sizelimit (500) to what you want (3000):
Read this for more info

Well I thought the number of results displayed could be both a server side problem and a client side problem. ldapsearch has a -z switch that lets you specify the number of results displayed. The SIZELIMIT statement in ldap.conf would be the server side. Unless I'm mistaken on those points.

I think that since I'm using the -z 3000 switch on ldapsearch, it'd let me display 3000 entries unless the SIZELIMIT was limiting it, but no, I've changed that as well, to no avail.

And I'm using openldap, so slapd would be the ldap daemon.

no, you aren't going to mix server and client configs in one place. As bathory said, apply that ldif to the server and check again.

Okay so I did as requested, and here's the output from the ldapsearch -b "cn=config,dc=example,dc=com" -x :

# extended LDIF
#
# LDAPv3
# base <cn=config,dc=example,dc=com> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# config, example.com
dn: cn=config,dc=example,dc=com
objectClass: olcGlobal
cn: config
olcSizeLimit: 10000

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1




Alright, so I did that with ldapadd -x -D "cn=admin,cn=config" -f changesize.ldif -x -w mypassword . However, the same problem is cropping up once again, in that when I try to do ldapsearch -b "cn=config,dc=example,dc=com" -x, it keeps saying that the size limit is exceeded.

My knowledge of ldap and openldap is rudimentary, so it is possible that I've screwed up somewhere, and I'd be willing to check out any decent tutorials that involve working with cn=config (i.e. that explain them well). I've dealt with a variety of tutorials that don't even touch on them.

This dn is wrong. It should be just dn: cn=config. Anyway I've tested on my slapd and it looks like you cannot change configuration parameters, like SizeLimit, with an ldif file if they do not already exist. So I've found out that you can edit the file: slapd.d/cn\=config.ldif and add:
Of course you have to restart slapd. After that you can use ldif to modify it on the fly:
To verify the changes run:
Regards

Thank you for the help thusfar, but the problem still exists.

Here's the output from the grep you mentioned:

And here's the tail end of the search I did:

That output was generated with

Which has a good 1000 entries in it at the present.

Dunno what the problem is.
The fact is that it works fine here either limiting the results number or not:

Just trying to close the knowledge gap on this, since this came up first on my google search.

Resolution I used was this:
-E pr=1000/noprompt
As per this page:
NOTAURL://jurjenbokma.com/ApprenticesNotes/ldapsearch_ad_query.html
Which states:

I get a size limit exceeded message from ldapsearch.

That's a client side problem, not server side. The client should simply accept multiple pages of output, and ldapclient takes the -E option to make it do just that, as shown in the examples.

It would see the size limit exceeded is the size of the result returned per page, the -E pr=1000/noprompt breaks the return into pages of 1000, and with no prompt continues operation.
[!]pr=<size>[/prompt|noprompt] (paged results/prompt)

Hope that helps someone down the road.