diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/examples/sssd.conf | 4 | ||||
-rw-r--r-- | src/man/sssd.conf.5.xml | 20 |
2 files changed, 21 insertions, 3 deletions
diff --git a/src/examples/sssd.conf b/src/examples/sssd.conf index 3b67daea..e93cf51b 100644 --- a/src/examples/sssd.conf +++ b/src/examples/sssd.conf @@ -55,10 +55,10 @@ reconnection_retries = 3 ; auth_provider = ldap ; ldap_schema = rfc2307 ; ldap_uri = ldap://ldap.mydomain.org -; ldap_user_search_base = dc=mydomain,dc=org +; ldap_search_base = dc=mydomain,dc=org ; ldap_tls_reqcert = demand ; cache_credentials = true -; enumerate = true +; enumerate = False # Example LDAP domain where the LDAP server is an Active Directory server. diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml index c7071ab6..0e7c5723 100644 --- a/src/man/sssd.conf.5.xml +++ b/src/man/sssd.conf.5.xml @@ -435,6 +435,24 @@ <para> Default: FALSE </para> + <para> + Note: Enabling enumeration has a moderate + performance impact on SSSD while enumeration + is running. It may take up to several minutes + after SSSD startup to fully complete enumerations. + During this time, individual requests for + information will go directly to LDAP, though it + may be slow, due to the heavy enumeration + processing. + </para> + <para> + Further, enabling enumeration may increase the time + necessary to detect network disconnection, as + longer timeouts are required to ensure that + enumeration lookups are completed successfully. + For more information, refer to the man pages for + the specific id_provider in use. + </para> </listitem> </varlistentry> @@ -848,7 +866,7 @@ cache_credentials = true min_id = 10000 max_id = 20000 -enumerate = true +enumerate = False </programlisting> </para> </refsect1> |