Hi folks, I see a pretty large number of ldap requests sent by our git server, asking for the same account info again and again. Sometimes it asks 20 times per second for the same user info, for example.
Obviously caching doesn't work. I remember some note in the installation guide suggesting to turn of nscd and that sssd takes over this job, so I wonder wth? A recent EMail in this forum suggested to set selinux_provider = none, but this didn't help. Ipa server is Centos 7.3, client is on Jessie with sssd 1.13.4. sssd.conf is attached, of course. Every helpful comment is highly appreciated. Harri
[domain/example.de] debug_level = 0x0370 cache_credentials = True krb5_store_password_if_offline = True ipa_domain = example.de id_provider = ipa auth_provider = ipa access_provider = ipa ldap_tls_cacert = /etc/ipa/ca.crt ipa_hostname = tisde8i005.ac.example.de chpass_provider = ipa ipa_server = _srv_, ipa1.example.de dns_discovery_domain = example.de selinux_provider = none [sssd] debug_level = 0x0370 services = nss, sudo, pam, ssh config_file_version = 2 domains = example.de [nss] debug_level = 0x0370 homedir_substring = /home [pam] debug_level = 0x0370 [sudo] [autofs] [ssh] debug_level = 0x0370 [pac] [ifp]
Description: OpenPGP digital signature
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project