On Fri, Mar 20, 2015 at 09:41:08AM -0400, Gould, Joshua wrote: > Updated: > libipa_hbac.x86_64 0:1.12.2-58.el7_1.6.1 > libipa_hbac-python.x86_64 0:1.12.2-58.el7_1.6.1 > libsss_idmap.x86_64 0:1.12.2-58.el7_1.6.1 > libsss_nss_idmap.x86_64 0:1.12.2-58.el7_1.6.1 > libsss_nss_idmap-python.x86_64 0:1.12.2-58.el7_1.6.1 > python-sssdconfig.noarch 0:1.12.2-58.el7_1.6.1 > sssd.x86_64 0:1.12.2-58.el7_1.6.1 > sssd-ad.x86_64 0:1.12.2-58.el7_1.6.1 > sssd-client.x86_64 0:1.12.2-58.el7_1.6.1 > sssd-common.x86_64 0:1.12.2-58.el7_1.6.1 > sssd-common-pac.x86_64 0:1.12.2-58.el7_1.6.1 > sssd-ipa.x86_64 0:1.12.2-58.el7_1.6.1 > sssd-krb5.x86_64 0:1.12.2-58.el7_1.6.1 > sssd-krb5-common.x86_64 0:1.12.2-58.el7_1.6.1 > sssd-ldap.x86_64 0:1.12.2-58.el7_1.6.1 > sssd-proxy.x86_64 0:1.12.2-58.el7_1.6.1 > sssd-tools.x86_64 0:1.12.2-58.el7_1.6.1 > > > It¹s dramatically faster. Thank you!
Thank Sumit who identified the issue and wrote the patch :-) btw if you have a RHEL subscription, it would be nice to open a customer case so that it's easier for us to include the patch in RHEL given customer testing experience. You can send the RHEL customer case number to me. > > Mar 20 09:38:46 mid-ipa-vp01 sshd[3081]: pam_unix(sshd:auth): > authentication failure; logname= uid=0 euid=0 tty=ssh ruser= > rhost=10.234.49.39 user=gould > Mar 20 09:38:46 mid-ipa-vp01 sshd[3081]: pam_sss(sshd:auth): > authentication success; logname= uid=0 euid=0 tty=ssh ruser= > rhost=10.234.49.39 user=gould > Mar 20 09:38:48 mid-ipa-vp01 sshd[3081]: Accepted password for gould from > 10.134.249.39 port 60170 ssh2 > Mar 20 09:38:48 mid-ipa-vp01 sshd[3081]: pam_unix(sshd:session): session > opened for user gould by (uid=0) > > > > On 3/20/15, 4:18 AM, "Jakub Hrozek" <[email protected]> wrote: > > >On Thu, Mar 19, 2015 at 05:29:39PM -0400, Gould, Joshua wrote: > >> Thank you! > > > >You're welcome, please try these builds: > >https://urldefense.proofpoint.com/v2/url?u=https-3A__jhrozek.fedorapeople. > >org_sssd-2Dtest-2Dbuilds_sssd-2D7.1-2Dgr-2Drequest_&d=AwIBAg&c=k9MF1d71ITt > >kuJx-PdWme51dKbmfPEvxwt8SFEkBfs4&r=C8H0y1Bn8C6Mf5i9qrqkUDy3xSk8zPbIs_SvJwo > >jC24&m=Q_JEJ-95yaJpaXtkuLwVxfpPN9Dm_PXXZhd4bG1d0ZY&s=6dKxT6QZrN5FoquwdwM62 > >Y4GJFQ6QqWn6Y6aGj4CXIc&e= > > > >But please note that when POSIX attributes are requested, the lookups > >will /always/ be slower. With ID mapping, we can do just a single > >base-scoped lookup to retrieve the multi-valued tokenGroups attribute > >and map the SIDs to IDs. With POSIX attributes, we must simply go to the > >server for each group and look up the GID.. > > -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
