summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorStephen Gallagher <sgallagh@redhat.com>2010-05-19 09:33:47 -0400
committerStephen Gallagher <sgallagh@redhat.com>2010-05-20 14:09:56 -0400
commit9e9f8f0765b2e5b7e8701773599109220a85d442 (patch)
treeb5593321e49ab7a32d2c54a2069b7a8b2ddba8c3
parent2faf73eef14d66aeb345ffa38d0f53670fa8a9a1 (diff)
downloadsssd-9e9f8f0765b2e5b7e8701773599109220a85d442.tar.gz
sssd-9e9f8f0765b2e5b7e8701773599109220a85d442.tar.xz
sssd-9e9f8f0765b2e5b7e8701773599109220a85d442.zip
Add enumerate details to the manpage and examples
-rw-r--r--src/examples/sssd.conf4
-rw-r--r--src/man/sssd.conf.5.xml20
2 files changed, 21 insertions, 3 deletions
diff --git a/src/examples/sssd.conf b/src/examples/sssd.conf
index 3b67daeaf..e93cf51bc 100644
--- a/src/examples/sssd.conf
+++ b/src/examples/sssd.conf
@@ -55,10 +55,10 @@ reconnection_retries = 3
; auth_provider = ldap
; ldap_schema = rfc2307
; ldap_uri = ldap://ldap.mydomain.org
-; ldap_user_search_base = dc=mydomain,dc=org
+; ldap_search_base = dc=mydomain,dc=org
; ldap_tls_reqcert = demand
; cache_credentials = true
-; enumerate = true
+; enumerate = False
# Example LDAP domain where the LDAP server is an Active Directory server.
diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml
index c7071ab6c..0e7c5723e 100644
--- a/src/man/sssd.conf.5.xml
+++ b/src/man/sssd.conf.5.xml
@@ -435,6 +435,24 @@
<para>
Default: FALSE
</para>
+ <para>
+ Note: Enabling enumeration has a moderate
+ performance impact on SSSD while enumeration
+ is running. It may take up to several minutes
+ after SSSD startup to fully complete enumerations.
+ During this time, individual requests for
+ information will go directly to LDAP, though it
+ may be slow, due to the heavy enumeration
+ processing.
+ </para>
+ <para>
+ Further, enabling enumeration may increase the time
+ necessary to detect network disconnection, as
+ longer timeouts are required to ensure that
+ enumeration lookups are completed successfully.
+ For more information, refer to the man pages for
+ the specific id_provider in use.
+ </para>
</listitem>
</varlistentry>
@@ -848,7 +866,7 @@ cache_credentials = true
min_id = 10000
max_id = 20000
-enumerate = true
+enumerate = False
</programlisting>
</para>
</refsect1>