This little chestnut just caught me out. I’m trying to test some theories with maximum users and groups etc on linux using a ldap backend for authentication. I’ve run a little script which happily created me 65536 groups and 65536 users but when I use ‘getent group’ or ‘getent password’ it only seems to return 500 ldap entries.

It turns out the problem lies not with getent but with slapd limiting the returned results for any given query, the default is 500 (man 5 slapd.conf). The solution is to add ‘sizelimit -1’ to slapd.conf, restart and now getent should return the correct answer.