Re: [CentOS] Slow authentication on C7

2016-04-13 Thread Marcin Trendota
W dniu 12.04.2016 o 18:56, David Nelson pisze: > On 04/12/2016 09:51 AM, James Hogarth wrote: >> To the OP enumerate is always painful, I'd remove that for a start. > This was my experience too, for what it's worth. When I first set up a > new system pointed at LDAP it was absurdly slow to

Re: [CentOS] Slow authentication on C7

2016-04-12 Thread Valeri Galtsev
On Tue, April 12, 2016 2:33 pm, James Hogarth wrote: > On 12 April 2016 at 18:03, Valeri Galtsev > wrote: > >> >> On Tue, April 12, 2016 11:57 am, m.r...@5-cent.us wrote: >> > James Hogarth wrote: >> >> On 12 Apr 2016 16:29, "Scott Robbins" wrote:

Re: [CentOS] Slow authentication on C7

2016-04-12 Thread James Hogarth
On 12 April 2016 at 18:03, Valeri Galtsev wrote: > > On Tue, April 12, 2016 11:57 am, m.r...@5-cent.us wrote: > > James Hogarth wrote: > >> On 12 Apr 2016 16:29, "Scott Robbins" wrote: > >>> On Tue, Apr 12, 2016 at 09:45:17AM +0200, Marcin

Re: [CentOS] Slow authentication on C7

2016-04-12 Thread David Nelson
On 4/12/16 12:15 PM, Todor Petkov wrote: On 4/12/2016 7:56 PM, David Nelson wrote: On 04/12/2016 09:51 AM, James Hogarth wrote: To the OP enumerate is always painful, I'd remove that for a start. This was my experience too, for what it's worth. When I first set up a new system pointed at

Re: [CentOS] Slow authentication on C7

2016-04-12 Thread Todor Petkov
On 4/12/2016 7:56 PM, David Nelson wrote: > On 04/12/2016 09:51 AM, James Hogarth wrote: >> To the OP enumerate is always painful, I'd remove that for a start. > > This was my experience too, for what it's worth. When I first set up a > new system pointed at LDAP it was absurdly slow to

Re: [CentOS] Slow authentication on C7

2016-04-12 Thread Valeri Galtsev
On Tue, April 12, 2016 11:57 am, m.r...@5-cent.us wrote: > James Hogarth wrote: >> On 12 Apr 2016 16:29, "Scott Robbins" wrote: >>> On Tue, Apr 12, 2016 at 09:45:17AM +0200, Marcin Trendota wrote: >>> > W dniu 11.04.2016 o 20:07, Scott Robbins pisze: > >> After various

Re: [CentOS] Slow authentication on C7

2016-04-12 Thread m . roth
James Hogarth wrote: > On 12 Apr 2016 16:29, "Scott Robbins" wrote: >> On Tue, Apr 12, 2016 at 09:45:17AM +0200, Marcin Trendota wrote: >> > W dniu 11.04.2016 o 20:07, Scott Robbins pisze: > After various testing I ended up going with the Apache LDAP cache module > and doing

Re: [CentOS] Slow authentication on C7

2016-04-12 Thread David Nelson
On 04/12/2016 09:51 AM, James Hogarth wrote: To the OP enumerate is always painful, I'd remove that for a start. This was my experience too, for what it's worth. When I first set up a new system pointed at LDAP it was absurdly slow to authenticate. Setting Enumerate to False in

Re: [CentOS] Slow authentication on C7

2016-04-12 Thread James Hogarth
On 12 Apr 2016 16:29, "Scott Robbins" wrote: > > On Tue, Apr 12, 2016 at 09:45:17AM +0200, Marcin Trendota wrote: > > W dniu 11.04.2016 o 20:07, Scott Robbins pisze: > > > > >>> Any ideas? > > >> DNS? > > > Is LDAP listed in the /etc/nsswitch.conf? > > > > In nsswitch.conf i

Re: [CentOS] Slow authentication on C7

2016-04-12 Thread Scott Robbins
On Tue, Apr 12, 2016 at 09:45:17AM +0200, Marcin Trendota wrote: > W dniu 11.04.2016 o 20:07, Scott Robbins pisze: > > >>> Any ideas? > >> DNS? > > Is LDAP listed in the /etc/nsswitch.conf? > > In nsswitch.conf i have: > passwd: files sss > shadow: files sss > group: files sss >

Re: [CentOS] Slow authentication on C7

2016-04-12 Thread Marcin Trendota
W dniu 12.04.2016 o 09:45, Marcin Trendota pisze: > DNS works fine. I think that sssd communicates with LDAP server with > every authentication - i have tons of following entries in log: > http://pastebin.com/rZVjk0gW > And it repeats for same user over and over again. Is this correct behavior?

Re: [CentOS] Slow authentication on C7

2016-04-12 Thread Marcin Trendota
W dniu 11.04.2016 o 20:07, Scott Robbins pisze: >>> Any ideas? >> DNS? > Is LDAP listed in the /etc/nsswitch.conf? In nsswitch.conf i have: passwd: files sss shadow: files sss group: files sss DNS works fine. I think that sssd communicates with LDAP server with every

Re: [CentOS] Slow authentication on C7

2016-04-11 Thread Scott Robbins
On Mon, Apr 11, 2016 at 05:22:43PM +0200, Leon Fauster wrote: > Am 11.04.2016 um 15:44 schrieb Marcin Trendota : > > > > Any ideas? > > > DNS? Is LDAP listed in the /etc/nsswitch.conf? -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6

Re: [CentOS] Slow authentication on C7

2016-04-11 Thread Leon Fauster
Am 11.04.2016 um 15:44 schrieb Marcin Trendota : > > Any ideas? DNS? -- LF ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos

[CentOS] Slow authentication on C7

2016-04-11 Thread Marcin Trendota
Recently i've migrated our SVN server (virtual machine) from C6 to C7 (more precisely - migrated data to freshly installed virtual machine). And we have problem with very slow authentication. Server is configured with SSSD, user data are fetching from our LDAP server. SVN is configured with apache