Previous to 389-ds-base-1.3.1 the server had a fixed size buffer for receiving SASL operations. This may not be sufficient for all cases.
Products like IPA, that work with AD trust stores, can exceed the previous SASL buffer(2048 bytes).
The default buffer size has been increased from 2k to 64k. The buffer can also be increased if 64k is not enough - by setting a new configuration attribute under cn=config:
nsslapd-sasl-max-buffer-size: <value in bytes>
No additional requirements.
Currently only CLI tools can be used to set this option.
Ldapmodify can be used to set the value. There is no need to restart the server after setting the value.
No impact on replication.
No impact on updates and upgrades.
No package and library dependencies.
No external impact.
Mark Reynolds mreynolds@redhat.com