diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2010-05-19 09:33:47 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-05-20 14:09:56 -0400 |
commit | 9e9f8f0765b2e5b7e8701773599109220a85d442 (patch) | |
tree | b5593321e49ab7a32d2c54a2069b7a8b2ddba8c3 | |
parent | 2faf73eef14d66aeb345ffa38d0f53670fa8a9a1 (diff) | |
download | sssd-9e9f8f0765b2e5b7e8701773599109220a85d442.tar.gz sssd-9e9f8f0765b2e5b7e8701773599109220a85d442.tar.xz sssd-9e9f8f0765b2e5b7e8701773599109220a85d442.zip |
Add enumerate details to the manpage and examples
-rw-r--r-- | src/examples/sssd.conf | 4 | ||||
-rw-r--r-- | src/man/sssd.conf.5.xml | 20 |
2 files changed, 21 insertions, 3 deletions
diff --git a/src/examples/sssd.conf b/src/examples/sssd.conf index 3b67daeaf..e93cf51bc 100644 --- a/src/examples/sssd.conf +++ b/src/examples/sssd.conf @@ -55,10 +55,10 @@ reconnection_retries = 3 ; auth_provider = ldap ; ldap_schema = rfc2307 ; ldap_uri = ldap://ldap.mydomain.org -; ldap_user_search_base = dc=mydomain,dc=org +; ldap_search_base = dc=mydomain,dc=org ; ldap_tls_reqcert = demand ; cache_credentials = true -; enumerate = true +; enumerate = False # Example LDAP domain where the LDAP server is an Active Directory server. diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml index c7071ab6c..0e7c5723e 100644 --- a/src/man/sssd.conf.5.xml +++ b/src/man/sssd.conf.5.xml @@ -435,6 +435,24 @@ <para> Default: FALSE </para> + <para> + Note: Enabling enumeration has a moderate + performance impact on SSSD while enumeration + is running. It may take up to several minutes + after SSSD startup to fully complete enumerations. + During this time, individual requests for + information will go directly to LDAP, though it + may be slow, due to the heavy enumeration + processing. + </para> + <para> + Further, enabling enumeration may increase the time + necessary to detect network disconnection, as + longer timeouts are required to ensure that + enumeration lookups are completed successfully. + For more information, refer to the man pages for + the specific id_provider in use. + </para> </listitem> </varlistentry> @@ -848,7 +866,7 @@ cache_credentials = true min_id = 10000 max_id = 20000 -enumerate = true +enumerate = False </programlisting> </para> </refsect1> |