summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/man/sssd-ldap.5.xml19
-rw-r--r--src/providers/ldap/ldap_common.c10
2 files changed, 28 insertions, 1 deletions
diff --git a/src/man/sssd-ldap.5.xml b/src/man/sssd-ldap.5.xml
index 2123ffd1..416cd778 100644
--- a/src/man/sssd-ldap.5.xml
+++ b/src/man/sssd-ldap.5.xml
@@ -458,6 +458,25 @@
</varlistentry>
<varlistentry>
+ <term>ldap_purge_cache_timeout</term>
+ <listitem>
+ <para>
+ Determine how often to check the cache for
+ inactive entries (such as groups with no
+ members and users who have never logged in) and
+ remove them to save space.
+ </para>
+ <para>
+ Setting this option to zero will disable the
+ cache cleanup operation.
+ </para>
+ <para>
+ Default: 10800 (12 hours)
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
<term>ldap_user_fullname (string)</term>
<listitem>
<para>
diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c
index 16693a4e..5de3d554 100644
--- a/src/providers/ldap/ldap_common.c
+++ b/src/providers/ldap/ldap_common.c
@@ -398,6 +398,7 @@ int sdap_id_setup_tasks(struct sdap_id_ctx *ctx)
{
struct timeval tv;
int ret = EOK;
+ int delay;
/* set up enumeration task */
if (ctx->be->domain->enumerate) {
@@ -407,7 +408,14 @@ int sdap_id_setup_tasks(struct sdap_id_ctx *ctx)
ret = ldap_id_enumerate_set_timer(ctx, tv);
} else {
/* the enumeration task, runs the cleanup process by itself,
- * but if enumeration is not runnig we need to schedule it */
+ * but if enumeration is not running we need to schedule it */
+ delay = dp_opt_get_int(ctx->opts->basic, SDAP_CACHE_PURGE_TIMEOUT);
+ if (delay == 0) {
+ /* Cleanup has been explicitly disabled, so we won't
+ * schedule any cleanup tasks.
+ */
+ return EOK;
+ }
/* run the first one in a couple of seconds so that we have time to
* finish initializations first*/