summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/examples/sssd.conf4
-rw-r--r--src/man/sssd.conf.5.xml20
2 files changed, 21 insertions, 3 deletions
diff --git a/src/examples/sssd.conf b/src/examples/sssd.conf
index 3b67daea..e93cf51b 100644
--- a/src/examples/sssd.conf
+++ b/src/examples/sssd.conf
@@ -55,10 +55,10 @@ reconnection_retries = 3
; auth_provider = ldap
; ldap_schema = rfc2307
; ldap_uri = ldap://ldap.mydomain.org
-; ldap_user_search_base = dc=mydomain,dc=org
+; ldap_search_base = dc=mydomain,dc=org
; ldap_tls_reqcert = demand
; cache_credentials = true
-; enumerate = true
+; enumerate = False
# Example LDAP domain where the LDAP server is an Active Directory server.
diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml
index c7071ab6..0e7c5723 100644
--- a/src/man/sssd.conf.5.xml
+++ b/src/man/sssd.conf.5.xml
@@ -435,6 +435,24 @@
<para>
Default: FALSE
</para>
+ <para>
+ Note: Enabling enumeration has a moderate
+ performance impact on SSSD while enumeration
+ is running. It may take up to several minutes
+ after SSSD startup to fully complete enumerations.
+ During this time, individual requests for
+ information will go directly to LDAP, though it
+ may be slow, due to the heavy enumeration
+ processing.
+ </para>
+ <para>
+ Further, enabling enumeration may increase the time
+ necessary to detect network disconnection, as
+ longer timeouts are required to ensure that
+ enumeration lookups are completed successfully.
+ For more information, refer to the man pages for
+ the specific id_provider in use.
+ </para>
</listitem>
</varlistentry>
@@ -848,7 +866,7 @@ cache_credentials = true
min_id = 10000
max_id = 20000
-enumerate = true
+enumerate = False
</programlisting>
</para>
</refsect1>