diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2010-05-19 09:33:47 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-05-20 14:04:56 -0400 |
commit | 6ca05926bbe52b69078fa1dda7678094184619c1 (patch) | |
tree | ca3318177231db86e92fb2585115c6a2e4a36b1d | |
parent | 918c5863cf6f8e7b43c643dd623263df865cc109 (diff) | |
download | sssd-6ca05926bbe52b69078fa1dda7678094184619c1.tar.gz sssd-6ca05926bbe52b69078fa1dda7678094184619c1.tar.xz sssd-6ca05926bbe52b69078fa1dda7678094184619c1.zip |
Add enumerate details to the manpage and examples
-rw-r--r-- | src/examples/sssd.conf | 4 | ||||
-rw-r--r-- | src/man/sssd.conf.5.xml | 20 |
2 files changed, 21 insertions, 3 deletions
diff --git a/src/examples/sssd.conf b/src/examples/sssd.conf index 3b67daeaf..e93cf51bc 100644 --- a/src/examples/sssd.conf +++ b/src/examples/sssd.conf @@ -55,10 +55,10 @@ reconnection_retries = 3 ; auth_provider = ldap ; ldap_schema = rfc2307 ; ldap_uri = ldap://ldap.mydomain.org -; ldap_user_search_base = dc=mydomain,dc=org +; ldap_search_base = dc=mydomain,dc=org ; ldap_tls_reqcert = demand ; cache_credentials = true -; enumerate = true +; enumerate = False # Example LDAP domain where the LDAP server is an Active Directory server. diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml index c7071ab6c..0e7c5723e 100644 --- a/src/man/sssd.conf.5.xml +++ b/src/man/sssd.conf.5.xml @@ -435,6 +435,24 @@ <para> Default: FALSE </para> + <para> + Note: Enabling enumeration has a moderate + performance impact on SSSD while enumeration + is running. It may take up to several minutes + after SSSD startup to fully complete enumerations. + During this time, individual requests for + information will go directly to LDAP, though it + may be slow, due to the heavy enumeration + processing. + </para> + <para> + Further, enabling enumeration may increase the time + necessary to detect network disconnection, as + longer timeouts are required to ensure that + enumeration lookups are completed successfully. + For more information, refer to the man pages for + the specific id_provider in use. + </para> </listitem> </varlistentry> @@ -848,7 +866,7 @@ cache_credentials = true min_id = 10000 max_id = 20000 -enumerate = true +enumerate = False </programlisting> </para> </refsect1> |