Hi folks,

I see a pretty large number of ldap requests sent by our git
server, asking for the same account info again and again.
Sometimes it asks 20 times per second for the same user info,
for example.

Obviously caching doesn't work. I remember some note in the
installation guide suggesting to turn of nscd and that sssd
takes over this job, so I wonder wth? A recent EMail in this
forum suggested to set selinux_provider = none, but this
didn't help.

Ipa server is Centos 7.3, client is on Jessie with sssd 1.13.4.


sssd.conf is attached, of course. Every helpful comment is highly
appreciated.

Harri
[domain/example.de]
debug_level = 0x0370
cache_credentials = True
krb5_store_password_if_offline = True
ipa_domain = example.de
id_provider = ipa
auth_provider = ipa
access_provider = ipa
ldap_tls_cacert = /etc/ipa/ca.crt
ipa_hostname = tisde8i005.ac.example.de
chpass_provider = ipa
ipa_server = _srv_, ipa1.example.de
dns_discovery_domain = example.de
selinux_provider = none

[sssd]
debug_level = 0x0370
services = nss, sudo, pam, ssh
config_file_version = 2
domains = example.de

[nss]
debug_level = 0x0370
homedir_substring = /home

[pam]
debug_level = 0x0370

[sudo]

[autofs]

[ssh]
debug_level = 0x0370

[pac]

[ifp]

Attachment: signature.asc
Description: OpenPGP digital signature

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to