Maybe. But depending on the Directory back end you pick for SSSD will determine how much work you have to do, OpenLDAP, SAMBA-AD, FreeIPA...etc.
Don't get bent out of shape about it, its simply a comment. On Thu, Jul 24, 2025 at 6:50 AM Christopher Paul < chris.p...@rexconsulting.net> wrote: > On 7/23/2025 10:12 PM, Gregory Carter wrote: > > The RFC doesn't define how only what. > > Maybe the SSSD maintainers can describe their approach to whether or not > SSSD looks for memberOf in a CN or if it automatically switches to search > mode to any groups in that CN context that it can find with a matching uid. > > I suppose the White Elephant in this thread is why should we continue to > use OpenLDAP when Samba-AD is available now and it works? > > Hi Gregory, > > I really don't get why you would ask this question. But my answer is: One, > OpenLDAP provides rock-solid, appliance-like reliability. Two, it has a > proven track record for delivering excellent performance > (~2500/searches/CPU core/second). The developer team very actively > maintains OpenLDAP. This problem with SSSD performance has nothing to do > with OpenLDAP, except that the rate limiting built into the product > prevented an unintentional friendly denial of service. > > I understand everyone likes and is more effective with the tools that they > are familiar with, but wonder if there is another reason that you're > implying people discontinue use of OpenLDAP? > > And, doesn't SambaAD not use OpenLDAP under the hood for its directory > server? > > And, apologies to the list. I think we're off topic now. Does this even > relate to the SSSD issues as discussed? > > -- > Chris Paul | Rex Consulting | https://www.rexconsulting.net > > >
-- _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
