My recollection is that finger used a terribly inefficient way of getting 
information, at least one time, and asked for information on every user despite 
the fact that it was only going to need one. I recall installing something 
called finger-ldap, because in the pre-SSSD days, finger could cause a lot of 
trouble on large LDAP directories because it would ask for the entire contents 
of the directory. I wouldn't be surprised if this was related. You might want 
to look into the same solution.
From: Joakim Tjernlund <>
Sent: Tuesday, September 6, 2016 1:36 PM
Subject: [SSSD-users] finger <user> cmd not working unless enumerate = true

I just get no such user unless I enumerate the domain, is that really needed ?

sssd-users mailing list
sssd-users mailing list

Reply via email to