[SSSD] Ldap question: How to quickly see changes to a user's group list.

Hi - We are running an LDAP server on a Windows box. We have a need for our Linux clients to be able to quickly see modifications we make to a user's account, i.e. adding a group to an account. The only way that I've found to be able to do this, is to set ldap_enumeration_refresh_timeout to a sm

[SSSD] authentication problem causes log to fill up disk.

Hi - I'm using SSSD 1.8.93 on redhat, which has worked great for many many months. Recently, the certificate for our ldap server expired, and then an incorrect one was installed. This is has caused SSSD authentications to intermittently fail, and the SSSD log files start to fill up with const

Re: [SSSD] Default LDAP/SSSD timeouts are too slow if primary DNS is down. (Mark London)

Jakub Hrozek wrote On Mon, Aug 13, 2012 at 10:16:49PM -0400, Mark London wrote: Mark London wrote: Hi - When our primary DNS is unreachable, SSSD with LDAP breaks, or is incredibly slow. I've traced it to the fact that several of the LDAP timeout values are 6 seconds. This i

Re: [SSSD] Default LDAP/SSSD timeouts are too slow if primary DNS is down.

Mark London wrote: Hi - When our primary DNS is unreachable, SSSD with LDAP breaks, or is incredibly slow. I've traced it to the fact that several of the LDAP timeout values are 6 seconds. This is not long enough, because the default DNS timeout failover is 5 seconds. Incomin

[SSSD] Default LDAP/SSSD timeouts are too slow if primary DNS is down.

Hi - When our primary DNS is unreachable, SSSD with LDAP breaks, or is incredibly slow. I've traced it to the fact that several of the LDAP timeout values are 6 seconds. This is not long enough, because the default DNS timeout failover is 5 seconds. Incoming SSH connections are impossible wi

[SSSD] why is the sssd_be process killed by the error "The Monitor returned an error [org.freedesktop.DBus.Error.NoReply]"

Hi - We use SSSD with LDAP, and this morning we are having network problems, and for some reason, this was causing the sssd_be process to be killed. From the log file I see: (Fri Aug 3 11:31:34 2012) [sssd[be[PSFC]]] [id_callback] (0x0010): The Monitor returned an error [org.freedesktop.DBus

[SSSD] Memory leak with LDAP and frequent enumeration refreshes?

sgall...@redhat.com wrote: Here is my solution to have a persistant uptodate local cache of all ldap entries, so as to avoid very long delays when a user issues a command that causes a large number of LDAP lookups, i.e. by doing a "ls -l /home": enumerate = true enum_cache_timeout = 86400 (e

[SSSD] My solution to keep an update cache of all LDAP entries. Is there a better way?

cal database? Just curious. :) Thanks. Mark London ___ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel

Re: [SSSD] Very slow listing of files owned by many different, users. Any solution?

sgall...@redhat.com wrote: On Wed, 2012-06-27 at 13:18 -0400, Mark London wrote: Hi - We are running SSSD with LDAP at our site, where we have several hundred users. LDAP is being served by our Windows domain server. With entry_cache_timeout set to a short value, when someone does an

[SSSD] Very slow listing of files owned by many different users. Any solution?

Hi - We are running SSSD with LDAP at our site, where we have several hundred users. LDAP is being served by our Windows domain server. With entry_cache_timeout set to a short value, when someone does an operation that requires information for multiple users, i.e. listing the owners of all of

[SSSD] Problem with LDAPS+TLS.

Hi - We're using SSSD with LDAPS and TLS on redhat, and it's working fine. I just tried to make it work for unbuntu, but I can't get TLS to work. I get the following errors: (Mon Jan 30 14:36:09 2012) [sssd[be[PSFC]]] [sss_ldap_init_sys_connect_done] (1): ldap_install_tls failed: Connect err

Re: [SSSD] sss_debuglevel doesn't work for LDAP logs?

I'm not sure why, but completely restarting SSSD, has fixed the problem with sss_debuglevel. Now it seems to be working ok with. Strange. - Mark Mark London wrote: > Hi - Is the sss_debuglevel command supposed to work with the sssd_be > logs? I'm using LDAP, and while the co

[SSSD] sss_debuglevel doesn't work for LDAP logs?

Hi - Is the sss_debuglevel command supposed to work with the sssd_be logs? I'm using LDAP, and while the command change the debugging level for the PAM and NSS logs, it didn't change the debug level for the my sssd_be LDAP log (or at least it couldn't change it from 0). I also tried to specif

Re: [SSSD] [PATCH] Plug memory leaks in sysdb_ops. LOOKS FIXED.

Thanks for the patches. It seems fixed now! Much appreciated. - Mark Jan Zelený wrote: Jakub - I figured out why my debug log file was empty. I only had debugging enabled for nss and pam! In any event, yes, I now see the memory leaks. My valgrind summary for sssd_be, after running it for a

Re: [SSSD] [PATCH] Plug memory leaks in sysdb_ops (Jakub Hrozek)

Jakub - I figured out why my debug log file was empty. I only had debugging enabled for nss and pam! In any event, yes, I now see the memory leaks. My valgrind summary for sssd_be, after running it for a while, is: ==31457== LEAK SUMMARY: ==31457==definitely lost: 128,911 bytes in 1,312 b

Re: [SSSD] SSSD + CYRUS/IMAP + LDAP + NSS caching = constantly growing sssd_be memory usage?

in is PSFC, yet the sssd_PSFC.log file is empty. Is that normal to be empty, even with debug set to 10? I believe that's the log file that the sssd_be process logs to. - Mark d...@redhat.com wrote: On 10/21/2011 03:09 PM, Mark London wrote: Hi - I've compiled and installed the late

[SSSD] SSSD + CYRUS/IMAP + LDAP + NSS caching = constantly growing sssd_be memory usage?

Hi - I've compiled and installed the latest version of SSSD (1.6.1), with caching enabled, for a Redhat 6 computer running CYRUS IMAP mail server software (with SASL). Users are authenticated via LDAP, and the LDAP server is running as part of a Windows domain server. Mail is sent using sendm