Sorry for the blind email, but we are hitting a wall. We currently
use
ODSEE LDAP for OS auth services. With the migration to sssd we are
noticing that connection time takes an unacceptable amount of time. We
have done some debugging and notice that SSSD pulls all of the users
POSIX object class attributes from LDAP. We use host attributes to
granularly regulated who can log in where. With some users having 10K
host attributes, it takes a while for sssd to import and cache all
that information. If there anyway to stop SSSD from caching all the
users info? Maybe just the uid, passwd and shadow?