On Thu, Dec 04, 2014 at 09:05:55PM +0000, PATRICK wrote:
> Sorry for the blind email, but we are hitting a wall. We
> ODSEE LDAP for OS auth services. With the migration to sssd we are
> noticing that connection time takes an unacceptable amount of time. We
> have done some debugging and notice that SSSD pulls all of the users
> POSIX object class attributes from LDAP. We use host attributes to
> granularly regulated who can log in where. With some users having 10K
> host attributes, it takes a while for sssd to import and cache all
> that information. If there anyway to stop SSSD from caching all the
> users info? Maybe just the uid, passwd and shadow?
Can you paste your (sanitized) sssd.conf ?
do you use enumerate=true ?