Re: sssd - ldap uid/gid does not match with uid/gids in the openLDAP DS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Wed, Oct 9, 2013 at 11:13 AM, Arun Khan <knura9@xxxxxxxxx> wrote:
> On Wed, Oct 9, 2013 at 2:29 AM, Paul Heinlein <heinlein@xxxxxxxxxx> wrote:
>> On Wed, 9 Oct 2013, Arun Khan wrote:
>>
>>> In order for jdoe to show up as member of 'project1' group, I have to
>>> restart sssd.
>>>
>>> In sssd.conf, in the domain section enumerate=FALSE.
>>>
>>> I would appreciate any pointers to shorten the client side updates
>>> regarding uid+gid association.
>>
>>
>> Th default entry_cache_timeout is 5400 seconds, an hour and a half, probably
>> well beyond the "> 5 mins" you waited.
>>
>> I set "entry_cache_timeout = 600" in the domain section section of the
>> standard sssd.conf for CentOS machines. You can set
>> entry_cache_group_timeout specifically if you need more frequent checks for
>> group entries.
>>
>
> Thanks very much for the pointer.  I will try it out.

SOLVED.  I set the timeouts to low values (10s), tested and the
settings work like a champ!

Thanks again for the pointer.

-- Arun Khan
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux