On Tuesday 2012-06-26 17:43, Stephen Gallagher wrote: > >Actually, it most certainly is cached locally. If it was going to LDAP >50,000 times, it would take you MUCH longer than 8.5s to get results >back. Naturally, looking up results in a local file is faster than >getting it out of the SSSD's cache database. However, we have sped this >up considerably in SSSD 1.9.0 (currently in beta). We now maintain a >second, in-memory cache for requests that is much faster than >communicating across the socket to the sssd_nss process and then reading >from the database (and processing group nested members). > >So if you wanted to test our latest nightlies with this program, I think >you'd find it responding much faster.
Yes, I do. But for a different reason: 1.8.93 does not retrive any groups whatsoever from LDAP anymore. What broke there? (`getent groups someldapgroup` yields no output anymore.) I skimmed over the changelog earlier and noticed that there was some change with respect to groups (ignored when no "name" attribute, was it?) The LDAP entry for (an empty group) looks like # clients, groups, woven dn: cn=clients,ou=groups,o=woven objectClass: groupOfNames objectClass: posixGroup cn: clients gidNumber: 100000 member: cn=clients,ou=groups,o=woven and was previously properly returned in sssd-1.8.3. _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel
