On 11/30/22 21:46, Christian, Mark wrote:
Are there other options I should consider in order to get sssd-ldap to
perform similarily to nss_ldap?
NSS_LDAP
/etc/ldap.conf
It seems you're using PADL's classic nss_ldap. If yes, then you've also
enabled nscd I guess. While I dislike nscd for historic reasons its NSS
map query performance is the maximum you can expect.
(I took this as reference when benchmarking my custom NSS/PAM demon for
Æ-DIR.)
IIRC it's not supported to cache passwd and group maps served by
libnss_sss with nscd.
The first thing I'd try is to enable full enumeration of the maps in
sssd.conf. IIRC this can lead to other problems if you have several ten
thousands of users and groups. YMMV.
Ciao, Michael.
_______________________________________________
sssd-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
