On 05/22/2013 04:26 PM, Joshua C. Endries wrote: > Hello, > > I'm trying to get sssd going here to hook up with AD/LDAP for user and group > lookup. I have it working, and it works great on RHEL5 (sssd v1.5.1). Running > 'id' on myself takes 3s when in foreground mode, and 0.014s in service mode > (service start...). Unfortunately, on RHEL6 (sssd v1.9.2), Running 'id' on > myself takes 3-4min in foreground and 1min in service mode. This is with the > same sssd.conf file. > > It looks like, when I look up my groups, it ends up looking up all the users > in those groups, which 1.5 doesn't seem to do. We have a huge directory and > caching all of this seems like a huge waste of resources... Is there a way to > turn this off or modify this behavior? I tried reducing > ldap_group_nesting_level but it didn't make a difference. Using ad instead of > rfc2307bis didn't either. I didn't see anything else that looked like it > would help... > > Thanks, > Josh > _______________________________________________ > sssd-users mailing list > sssd-users@lists.fedorahosted.org > https://lists.fedorahosted.org/mailman/listinfo/sssd-users
Can you post the sssd.conf file? -- Thank you, Dmitri Pal Sr. Engineering Manager for IdM portfolio Red Hat Inc. ------------------------------- Looking to carve out IT costs? www.redhat.com/carveoutcosts/ _______________________________________________ sssd-users mailing list sssd-users@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-users
