Increase default limit on LDAP searches to 100k
    
    A similar change was attempted years ago in commit
    9724251292e4c0797367fcc351a9f16f30c6aefe but it was
    never applied because it used the wrong DN and because
    nsslapd-timelimit is already present in the entry
    the default keyword won't trigger.
    
    Use replace instead to increase the value to 100k from
    the default as originally intended.
    
    nsslapd-sizelimit can be changed only with a MOD_REPLACE
    otherwise a LDAP_NO_SUCH_ATTRIBUTE error is thrown. IPA
    only uses MOD_REPLACE for single-value attributes but
    nsslapd-sizelimit is not yet in schema. Add it to
    the known set of exceptions for single-value attributes.
    
    https://pagure.io/freeipa/issue/8962
    
    Signed-off-by: Rob Crittenden <rcritten@redhat.com>
    Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>