diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2010-05-18 10:17:44 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-05-18 13:08:37 -0400 |
commit | db534f6eb40f083860756afe3b2d0589f271dec0 (patch) | |
tree | d7b1b63933164bf83d1d3b0b414fa26239296d9b /src/providers/ipa | |
parent | 6663abdda9ce55aace1b19c4170b1153d39136e0 (diff) | |
download | sssd-db534f6eb40f083860756afe3b2d0589f271dec0.tar.gz sssd-db534f6eb40f083860756afe3b2d0589f271dec0.tar.xz sssd-db534f6eb40f083860756afe3b2d0589f271dec0.zip |
Set ldap_search_timeout default to 5 seconds
The manpages had five seconds listed, but the source disagreed (it
was set to 60 seconds).
This resulted in long wait times when unlocking the screen after
network disconnection, for example.
If enumerate=True, we will set this value to a minimum of 30s
Diffstat (limited to 'src/providers/ipa')
-rw-r--r-- | src/providers/ipa/ipa_common.c | 2 | ||||
-rw-r--r-- | src/providers/ipa/ipa_init.c | 10 |
2 files changed, 11 insertions, 1 deletions
diff --git a/src/providers/ipa/ipa_common.c b/src/providers/ipa/ipa_common.c index 4bcd534c8..76ac02e16 100644 --- a/src/providers/ipa/ipa_common.c +++ b/src/providers/ipa/ipa_common.c @@ -42,7 +42,7 @@ struct dp_option ipa_def_ldap_opts[] = { { "ldap_default_bind_dn", DP_OPT_STRING, NULL_STRING, NULL_STRING }, { "ldap_default_authtok_type", DP_OPT_STRING, NULL_STRING, NULL_STRING}, { "ldap_default_authtok", DP_OPT_BLOB, NULL_BLOB, NULL_BLOB }, - { "ldap_search_timeout", DP_OPT_NUMBER, { .number = 60 }, NULL_NUMBER }, + { "ldap_search_timeout", DP_OPT_NUMBER, { .number = 5 }, NULL_NUMBER }, { "ldap_network_timeout", DP_OPT_NUMBER, { .number = 6 }, NULL_NUMBER }, { "ldap_opt_timeout", DP_OPT_NUMBER, { .number = 6 }, NULL_NUMBER }, { "ldap_tls_reqcert", DP_OPT_STRING, { "hard" }, NULL_STRING }, diff --git a/src/providers/ipa/ipa_init.c b/src/providers/ipa/ipa_init.c index f3fa610e5..eeecc371f 100644 --- a/src/providers/ipa/ipa_init.c +++ b/src/providers/ipa/ipa_init.c @@ -130,6 +130,16 @@ int sssm_ipa_id_init(struct be_ctx *bectx, goto done; } + /* FIXME: This is a workaround for 1.2.0. In the future, we need to have + * separate timeouts for enumeration operations + * If enumeration is enabled and the search timeout is less + * than 30s, force it to a minimum of 30s. + */ + if(bectx->domain->enumerate && + dp_opt_get_int(ctx->opts->basic, SDAP_SEARCH_TIMEOUT) < 30) { + dp_opt_set_int(ctx->opts->basic, SDAP_SEARCH_TIMEOUT, 30); + } + if(dp_opt_get_bool(ipa_options->basic, IPA_DYNDNS_UPDATE)) { /* Perform automatic DNS updates when the * IP address changes. |