I am still having a lot of problems with group resolution in sssd. User logins can take anything up to two minutes, or longer.
When I time the command groups username for a selected username thish can take two or more minutes to return. I have this set: ldap_schema = ad ldap_group_nesting_level = 0 ldap_groups_use_matching_rule_in_chain = True ldap_initgroups_use_matching_rule_in_chain = True How can one tell what the appropriate ldap_schema is for our AD controllers? Also the information is not cached for long enough. I set enum_cache_timeout = 1200 entry_cache_timeout = 5400 entry_cache_user_timeout = 5400 entry_cache_group_timeput = 5400 I really do not see groups information being cached for 90 minutes
_______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected]/message/A6DDF2LU75ERIB7JIETCQ23IJLZM7RQN/
