thanks for the info stephen
Le 15/06/2010 15:50, Stephen Gallagher a écrit :
> On 06/15/2010 09:03 AM, Eric Doutreleau wrote:
>> ok thanks for the precision stephen
>> do you know when enumeration took place?
>> Is there a way to have only groups cache for a long time
>>
>
> When enumerate=True, w
On 06/15/2010 09:03 AM, Eric Doutreleau wrote:
> ok thanks for the precision stephen
> do you know when enumeration took place?
> Is there a way to have only groups cache for a long time
>
When enumerate=True, we behave in the following way (by default):
At the startup of the SSSD, we connect to
ok thanks for the precision stephen
do you know when enumeration took place?
Is there a way to have only groups cache for a long time
Le 15/06/2010 14:27, Stephen Gallagher a écrit :
> On 06/15/2010 08:15 AM, Eric Doutreleau wrote:
>> Hi
>>
>> I have some news about that problems
>> i though it wa
On 06/15/2010 08:15 AM, Eric Doutreleau wrote:
> Hi
>
> I have some news about that problems
> i though it was solved because i configured the groups to follow an
> empty part of my ldap server.
> I have configured the groups to read in the good part of my ldap server
> and the slow performance is
Hi
I have some news about that problems
i though it was solved because i configured the groups to follow an
empty part of my ldap server.
I have configured the groups to read in the good part of my ldap server
and the slow performance is back again.
There s someting strang by the way
on my mach
On 06/11/2010 12:41 PM, Gowrishankar Rajaiyan wrote:
> On 06/10/2010 05:09 PM, Eric Doutreleau wrote:
>> thanks for your answer
>> well i have the problem when i don't set up
>> ldap_user_search_base and
>> ldap_group_search_base
>> but i discovered that ou=Groups,dc=int-evry,dc=fr contains nothing
On 06/10/2010 05:09 PM, Eric Doutreleau wrote:
> thanks for your answer
> well i have the problem when i don't set up
> ldap_user_search_base and
> ldap_group_search_base
> but i discovered that ou=Groups,dc=int-evry,dc=fr contains nothing
> our posix group are elsewhere
> and when i put ldap_group
On 06/10/2010 07:39 AM, Eric Doutreleau wrote:
> thanks for your answer
> well i have the problem when i don't set up
> ldap_user_search_base and
> ldap_group_search_base
> but i discovered that ou=Groups,dc=int-evry,dc=fr contains nothing
> our posix group are elsewhere
> and when i put ldap_group
thanks for your answer
well i have the problem when i don't set up
ldap_user_search_base and
ldap_group_search_base
but i discovered that ou=Groups,dc=int-evry,dc=fr contains nothing
our posix group are elsewhere
and when i put ldap_group_search_base with the good value i have the
problem again
i
On 06/10/2010 05:50 AM, Eric Doutreleau wrote:
> ahhh i took a day to write the mail and i found the solution 5 minutes
> just after write the mail
>
> i add
> ldap_group_search_base = ou=Groups,dc=int-evry,dc=fr
> and it s far faster
>
> sorry to have disturbed
>
Hmm, this shouldn't have had a di
ahhh i took a day to write the mail and i found the solution 5 minutes
just after write the mail
i add
ldap_group_search_base = ou=Groups,dc=int-evry,dc=fr
and it s far faster
sorry to have disturbed
Le 10/06/2010 11:39, Eric Doutreleau a écrit :
> i m trying to make sssd working with ldap serv
i m trying to make sssd working with ldap server on my fedora 13 machine.
it works but the login is very very slow ( several minutes )
during this interval the process sssd_be is at 100% cpu time
here is my sssd.conf
[sssd]
config_file_version = 2
reconnection_retries = 3
services = nss, pam
d
Stephen Gallagher wrote:
> try ldap_tls_reqcert = never
>
> (or better yet, get a CA cert)
Hm. 389 doesn't really care, so I've been lazy and gone without it.
> In this case, you probably want to set min_id=500.
>
> Also, as previously stated, primary GID can also cause this (e.g. a user
> with U
On 06/09/2010 12:58 PM, Michael Cronenworth wrote:
> Stephen Gallagher wrote:
>> Michael, please post your [sanitized] sssd.conf somewhere. Right now, my
>> best guess would be that you are using LDAPS or LDAP+TLS and are having
>> a certificate error.
>
> Yes, I don't have a CA cert, so it will no
Stephen Gallagher wrote:
> Michael, please post your [sanitized] sssd.conf somewhere. Right now, my
> best guess would be that you are using LDAPS or LDAP+TLS and are having
> a certificate error.
Yes, I don't have a CA cert, so it will not pass a cert test. I have
"tls_checkpeer no" in my /etc/l
On 06/09/2010 11:48 AM, Michael Cronenworth wrote:
> Nalin Dahyabhai wrote:
>> Setting nsswitch.conf to "ldap" doesn't test sssd -- the source for that
>> information should be listed as "sss" if you want to use sssd.
>
> A fresh F13 install defaults to "files sss", so it is implied I was
> using i
Nalin Dahyabhai wrote:
> Setting nsswitch.conf to "ldap" doesn't test sssd -- the source for that
> information should be listed as "sss" if you want to use sssd.
A fresh F13 install defaults to "files sss", so it is implied I was
using it.
> The example sssd.conf doesn't look right to me -- the
On Wed, Jun 09, 2010 at 09:34:34AM -0500, Michael Cronenworth wrote:
> I have attempted to enable SSSD for my work LDAP server, which I also
> administer, on a fresh F13 install. Once I check the boxes in the
> Authentication app, hit apply, and reboot, I cannot login with any LDAP
> user. Under
I have attempted to enable SSSD for my work LDAP server, which I also
administer, on a fresh F13 install. Once I check the boxes in the
Authentication app, hit apply, and reboot, I cannot login with any LDAP
user. Under the local user, I cannot perform getent on any LDAP user. I
can, however, s
19 matches
Mail list logo
